crypto

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 27, 2026 License: MIT Imports: 11 Imported by: 41

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AESCBCDecrypt added in v0.5.0 

func AESCBCDecrypt(key, iv, ciphertext []byte) ([]byte, error)

AESCBCDecrypt decrypts data using AES-CBC mode with PKCS5 unpadding. Supports all AES key sizes: 16 bytes (AES-128), 24 bytes (AES-192), or 32 bytes (AES-256).

func AESCBCEncrypt added in v0.5.0 

func AESCBCEncrypt(key, iv, plaintext []byte) ([]byte, error)

AESCBCEncrypt encrypts data using AES-CBC mode with PKCS5 padding. Supports all AES key sizes: 16 bytes (AES-128), 24 bytes (AES-192), or 32 bytes (AES-256).

func AESGCMDecrypt added in v0.4.6 

func AESGCMDecrypt(key, nonce, ciphertext []byte) ([]byte, error)

AESGCMDecrypt decrypts data using AES-GCM mode.

func AESGCMDecryptBlob added in v0.5.0 

func AESGCMDecryptBlob(key, blob, aad []byte) ([]byte, error)

AESGCMDecryptBlob decrypts a blob shaped as [12B nonce][ciphertext+16B GCM tag] with caller-supplied AAD. Used by protocols that wrap AES-GCM output with a fixed-length nonce prefix (Yandex passwords/cards).

func AESGCMEncrypt added in v0.4.6 

func AESGCMEncrypt(key, nonce, plaintext []byte) ([]byte, error)

AESGCMEncrypt encrypts data using AES-GCM mode.

func DES3Decrypt added in v0.4.6 

func DES3Decrypt(key, iv, ciphertext []byte) ([]byte, error)

DES3Decrypt decrypts data using 3DES-CBC mode with PKCS5 unpadding.

func DES3Encrypt added in v0.4.6 

func DES3Encrypt(key, iv, plaintext []byte) ([]byte, error)

DES3Encrypt encrypts data using 3DES-CBC mode with PKCS5 padding.

func DecryptChromium added in v0.5.0 

func DecryptChromium(key, ciphertext []byte) ([]byte, error)

func DecryptChromiumV20 added in v0.5.0 

func DecryptChromiumV20(key, ciphertext []byte) ([]byte, error)

DecryptChromiumV20 decrypts a Chromium v20 (App-Bound Encryption) ciphertext. Format: "v20" prefix (3B) + nonce (12B) + AES-GCM(payload + 16B tag).

Cross-platform: v20 is only produced by Chrome on Windows today, but the decryption math is platform-neutral. Keeping it here rather than in crypto_windows.go ensures the routing in browser/chromium/decrypt.go stays testable on Linux/macOS CI.

func DecryptDPAPI added in v0.5.0 

func DecryptDPAPI(_ []byte) ([]byte, error)

func DecryptYandexIntermediateKey added in v0.5.0 

func DecryptYandexIntermediateKey(masterKey, blob []byte) ([]byte, error)

DecryptYandexIntermediateKey unwraps the per-DB data key from meta.local_encryptor_data. See RFC-012 §4.2.

func PBKDF2Key added in v0.4.6 

func PBKDF2Key(password, salt []byte, iterations, keyLen int, h func() hash.Hash) []byte

PBKDF2Key derives a key from the password, salt and iteration count, returning a []byte of length keylen that can be used as cryptographic key. The key is derived based on the method described as PBKDF2 with the HMAC variant using the supplied hash function.

For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you can get a derived key for e.g. AES-256 (which needs a 32-byte key) by doing: 

dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)

Remember to get a good random salt. At least 8 bytes is recommended by the RFC.

Using a higher iteration count will increase the cost of an exhaustive search but will also make derivation proportionally slower. Copy from https://golang.org/x/crypto/pbkdf2

Types

type ASN1PBE 

type ASN1PBE interface {
	Decrypt(key []byte) ([]byte, error)
	Encrypt(key, plaintext []byte) ([]byte, error)
}

ASN1PBE represents a Password-Based Encryption structure from Firefox's NSS. The key parameter semantics vary by implementation:

  • privateKeyPBE / passwordCheckPBE: key is the global salt used for key derivation
  • credentialPBE: key is the already-derived master key

func NewASN1PBE 

func NewASN1PBE(b []byte) (pbe ASN1PBE, err error)

type CipherVersion added in v0.5.0 

type CipherVersion string

CipherVersion represents the encryption version used by Chromium browsers. 

const (
	// CipherV10 is Chrome 80+ encryption (AES-GCM on Windows, AES-CBC on macOS/Linux).
	CipherV10 CipherVersion = "v10"

	// CipherV11 is the Linux-only AES-CBC variant where the key comes from
	// libsecret / kwallet. Same algorithm as CipherV10; only the key source differs.
	CipherV11 CipherVersion = "v11"

	// CipherV20 is Chrome 127+ App-Bound Encryption.
	CipherV20 CipherVersion = "v20"

	// CipherV12 is Chromium's SecretPortalKeyProvider (Flatpak / xdg-desktop-portal) tier —
	// HKDF-SHA256 + AES-256-GCM with a secret retrieved via org.freedesktop.portal.Desktop.
	// Recognized by DetectVersion so decryptValue can emit a known-gap error rather than a
	// generic "unsupported cipher version" message; not yet implemented.
	CipherV12 CipherVersion = "v12"

	// CipherDPAPI is pre-Chrome 80 raw DPAPI encryption (no version prefix).
	CipherDPAPI CipherVersion = "dpapi"
)

func DetectVersion added in v0.5.0 

func DetectVersion(ciphertext []byte) CipherVersion

DetectVersion identifies the encryption version from a ciphertext prefix.

Source Files

View all Source files

Directories

Path Synopsis
Package keyretriever owns the master-key acquisition chain shared by all Chromium variants (Chrome, Edge, Brave, Arc, Opera, Vivaldi, Yandex, …).
 Package keyretriever owns the master-key acquisition chain shared by all Chromium variants (Chrome, Edge, Brave, Arc, Opera, Vivaldi, Yandex, …).
windows
abe_native/bootstrap
payload

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.