Bug 1613337 Comment 3 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1)
> must retrieve the master key from the user's profile then unprotect the data in there

Looks like we can get the key with something like…
```
(new OSCrypto()).decryptData(
  atob(
    (await ChromeMigrationUtils.getLocalState()).
      os_crypt.encrypted_key))
```

> then use this as a key to decrypt each item using aead AES256

But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM?

I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1)
> must retrieve the master key from the user's profile then unprotect the data in there

Looks like we can get the key with something like…
```
await new OSCrypto().decryptData(                                                                  
  ChromeUtils.base64URLDecode(                                                                     
    (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key,                           
    { padding: "reject" }
  ).slice("DPAPI".length),
  null
);        

```

> then use this as a key to decrypt each item using aead AES256

But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM?

I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1)
> must retrieve the master key from the user's profile then unprotect the data in there

Looks like we can get the key with something like…
```
await new OSCrypto().decryptData(                                                                  
  ChromeUtils.base64URLDecode(                                                                     
    (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key,                           
    { padding: "reject" }
  ).slice("DPAPI".length),
  null
);        
```

> then use this as a key to decrypt each item using aead AES256

But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM?

I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1)
> must retrieve the master key from the user's profile then unprotect the data in there

Looks like we can get the key with something like…
```
await new OSCrypto().decryptData(
  atob(
    (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key
  ).slice("DPAPI".length)
);
```

> then use this as a key to decrypt each item using aead AES256

But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM?

I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??

Back to Bug 1613337 Comment 3