Hi, Sorry for the late reply, last months have been tough. I'm still not sure why I couldn't decrypt the values but https://github.com/lclevy/firepwd provides a really easy to read implementation which totally answers all my questions! Thank you for your help.
Best, Louis Le lun. 30 mars 2020 à 18:28, Robert Relyea <rrel...@redhat.com> a écrit : > On 03/27/2020 12:21 PM, Louis Abraham wrote: > > Hi Matthew, > > Awesome, thanks and sorry for contacting the wrong list! > > Since then, I found the answer to the 14 bytes question: > https://hg.mozilla.org/projects/nss/rev/fc636973ad06392d11597620b602779b4af312f6#l6.49 > Basically the DER encoding is used instead for compatibility with a bugged > implementation. > > I tried prepending b'\x04\x0e' to DER-encode the IV. However, the value I > get makes no sense (and even has an incorrect padding according to pkcs7 > <https://tools.ietf.org/html/rfc2315>). > > > Best, > > Louis > > The IV length is still 16 bytes, but only 14 are randomly generated. It's > because the decoding code had a bug in it that requires the IV to look like > der encoded data, so the header needed to be added, but the whole IV was > used (including the 2 byte header) when encrypting/decrypting. > > The goal of the AES-256 bit code was to encode AES-256 while allowing > older versions of NSS to still decrypt the new keys, since versions of NSS > may share their databases with other NSS applications running on other > machines. > > bob > > > Le ven. 27 mars 2020 à 19:57, Matthew N. <ma...@mozilla.com> a écrit : > >> Hi Louis, >> >> The dev-tech-crypto mailing list I'm redirecting this to should be able >> to get you an answer. >> >> Thanks, >> MattN >> >> >> On Fri, Mar 27, 2020 at 8:51 AM Louis Abraham <louis.abra...@yahoo.fr> >> wrote: >> >>> Hi, >>> >>> I'm the main developer of https://github.com/louisabraham/ffpass >>> We are currently trying to accommodate the (not so) recent cryptographic >>> changes in key4.db. >>> >>> If I understand correctly, key4.db contains a table metadata. The value >>> item2 defines a cryptographic algorithm in the DER format. >>> >>> In the latest version of Firefox, this algorithm is PBES2, using >>> aes256-CBC as the encryption algorithm. >>> >>> I'm facing a little problem when trying to execute aes256-CBC because >>> the IV size is only 14 bytes (56 bits) instead of the 64 bits defined in >>> the spec. >>> >>> Could you please help me to understand? >>> >>> Best, >>> Louis >>> >> > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
