(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1) > must retrieve the master key from the user's profile then unprotect the data in there Looks like we can get the key with something like… ``` (new OSCrypto()).decryptData( atob( (await ChromeMigrationUtils.getLocalState()). os_crypt.encrypted_key)) ``` > then use this as a key to decrypt each item using aead AES256 But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM? I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
Bug 1613337 Comment 3 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1) > must retrieve the master key from the user's profile then unprotect the data in there Looks like we can get the key with something like… ``` await new OSCrypto().decryptData( ChromeUtils.base64URLDecode( (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key, { padding: "reject" } ).slice("DPAPI".length), null ); ``` > then use this as a key to decrypt each item using aead AES256 But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM? I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1) > must retrieve the master key from the user's profile then unprotect the data in there Looks like we can get the key with something like… ``` await new OSCrypto().decryptData( ChromeUtils.base64URLDecode( (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key, { padding: "reject" } ).slice("DPAPI".length), null ); ``` > then use this as a key to decrypt each item using aead AES256 But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM? I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??
(In reply to Matthew N. [:MattN] (PM me if request are blocking you) from comment #1) > must retrieve the master key from the user's profile then unprotect the data in there Looks like we can get the key with something like… ``` await new OSCrypto().decryptData( atob( (await ChromeMigrationUtils.getLocalState()).os_crypt.encrypted_key ).slice("DPAPI".length) ); ``` > then use this as a key to decrypt each item using aead AES256 But do we have something to aead.open/decrypt the ciphertext (after splitting out "v10" prefix and 12 bytes of nonce) with Aead::AES_256_GCM? I see PushCrypto.jsm has something related from bug 1345665 maybe that could be called or copied? ??