mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
slimwang
c3d30b9e8a
* build(abe): add zig-cc payload build system + C reflective loader * feat(abe): add reflective injector and Go ABE key-retriever primitives * feat(abe): wire ABERetriever into DefaultRetriever chain + --abe-key CLI * feat(abe): route Chromium v20 ciphertext through AES-GCM with ABE key
30 lines
859 B
Go
30 lines
859 B
Go
package chromium
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/moond4rk/hackbrowserdata/crypto"
|
|
)
|
|
|
|
// decryptValue decrypts a Chromium-encrypted value using the master key.
|
|
// It detects the cipher version from the ciphertext prefix and routes
|
|
// to the appropriate decryption function.
|
|
func decryptValue(masterKey, ciphertext []byte) ([]byte, error) {
|
|
if len(ciphertext) == 0 {
|
|
return nil, nil
|
|
}
|
|
|
|
version := crypto.DetectVersion(ciphertext)
|
|
switch version {
|
|
case crypto.CipherV10, crypto.CipherV11:
|
|
// v11 is Linux-only and shares v10's AES-CBC path; only the key source differs.
|
|
return crypto.DecryptChromium(masterKey, ciphertext)
|
|
case crypto.CipherV20:
|
|
return crypto.DecryptChromium(masterKey, ciphertext)
|
|
case crypto.CipherDPAPI:
|
|
return crypto.DecryptDPAPI(ciphertext)
|
|
default:
|
|
return nil, fmt.Errorf("unsupported cipher version: %s", version)
|
|
}
|
|
}
|