1Password - Local Vaults
To conclude (for now) this extensive look at 1Password, we’ll go back a little to see how local private vaults work. Initially, local vaults were all you had (though they could be synced over Dropbox and other methods). These are documented separately from the cloud based “Teams” system. Now, local vaults are basically being discouraged in favor of the cloud system.
But you can still have a mix of local and loud vaults. So it’s worth seeing how those affect the way data is stored in 1Password.
In previous installments, we looked at the Two-Secret Key Derivation (2SKD) process, Encrypted Master Keys, and shared vaults.
Unlocking 1Password
When you have multiple cloud-based accounts set up on a client, the first account is designated as “primary.” That account’s master password is used to unlock all the other accounts on the client. On macOS, this makes use of the 2SKD system, while on Windows systems, it’s EMK. However, if your client includes local vaults, this changes a little.
As you may recall, the user’s master password is used to decrypt (eventually) the “enc_login” field in the client’s “accounts” table. On macOS, we use the 2SKD process to decrypt the first keyset, which then decrypts this item. In Windows, it’s the EMK which provides the decryption key. With private vaults, it’s yet another system, a bit closer to the Windows approach.
First, we now have (at least on macOS) two databases to look at: B5.sqlite (the cloud-based database), and OnePassword.sqlite (local vaults). In the OnePassword database is a “profiles” table with some important information for each locally configured account:
"master_key_data": "b3BkYXRhMDEAAQAAAAAAAJrZ9cB1XuVW3WQnyIT1PpUtFXItUzA3QdZZz7hM0ZXQbTn-Z640H7_A3ScP3Xic3xmqfBSnqm1Qd7BXTFttv6VUgcAakdIZ-9vvubj27qPY9vgMegjIB6S1jWGzd6gVk0NaaFu9DBcqrCW5BCJBA2T27hsQWIn6iQYvWRslBYRoZ095XNyDOasqa45Z0sM3dYoXOQiRQ5ZoI6RnIH-mzSjhXrjBnh3U3ebkoEkGxjmZI5zgSn8TbFOInxQXI3HwC_wxgj6PQGqUIG06ThU_KmRxtxAhv7-xcyXVOLpgtwBBAsNy1k0Kv2O8H9gkSl3t-8jhZPCPXUvSXDpTyWyEmIYo1XDoHWSDIbDYGxuh9x5iutDg7WnrQhOXGqt9a-oFjdkxtoFAkXhZJDfxjUcyDhUFBMs3yPTFTmlbkLlx8EDc"
"salt": "AXJZTNToCfbWGM61D5fg3w=="
"overview_key_data": "b3BkYXRhMDFAAAAAAAAAAJzboCGXnL8Llq53Jm8uFe89hyboywL-FboHXcXOiJDCLRQBKsA1sAxbZEkV57VbI3MLQ2cfYS9oA1grouKGlUWSlkCuZaW8vXRDnQXu1iHRD4C9ISYp6RgQwtauH_lMyil5iWMBH3JkTr5Wfb0aT0hLUVCIciE18erkCKEmQYO5"
"iterations": 100000
This data is combined with the user’s Master Password to decrypt an opdata-structured enc_login field, back in the B5 (cloud) database:
"enc_login": "b3BkYXRhMDHJAQAAAAAAAMPjUUROLiKTN4C0bBYXL1N2vkCAq3wmkID7pf_4MWOlTtHS8P5eYQOqn9AZ9GIxGq8cngOhTRQVXinCssNoZTw-bhtE8TSVX32ZW5vUpvZH18O_j36xHuGJe_ylP2IeNdT_bGp1w9d_QF04pDXRN79YNq7rc_26trLel16VSTE6qfeS0y6Ve9l6ngjeSFeh20xgz_aUSZ8MEGzlIjimZCcvs9bn0HxE_ZCwdBvNe9-UNnSstwUoFPRGy1Sy8pYK9RgDQyEUTmPT2ir0SK0Ov3zopx5qITZoucWPCmI-EDxdF4mA7-lpEVaQiVlDqVZqkk92DGdLZZEAZzdgm67eQHnU1b_K-YZWZ_zKHdpTrbLPgNhVaH6RJyboNFidAQvKtpOSnQBS23Xks6NwUKRCg2fE2LuZ-zTvmBL0jvabsJhgVjIQHXIZtAgXYxJXW9xkFNuOS5yb40wTfuYUSesK2MWvOgcv8FGP7iFnYwBtpbD0_SN5-5gd4qiGrETVJkfpalKKdnvOFPUMKpvvXkHwWwu1mKxJiLTRbSbhqq9fm0Rq4Dn-EMg7JmqtAMg2pYxgkEItS3-pwiJmLT4BSHdUyl5bS0l7PoiWQVG5V6NPIXVREwT_RV4kgjGZzu4AT4wmYRVLCDs58SXuZUJG0rZi6q4TEDB4bPWz7pK30GguKUDs"
Decrypting Key Data
First, we need to generate a key based on the Master Password. This is much simpler than the 2SKD process, and involves only the PBKDF2 function:
keys = PBKDF2('sha512', password, salt, iterations, 64)
The password is what the user enters, the salt and iterations count come from the profiles table, the hash function used is SHA-512, and a total of 64 bytes are generated. This generates a pair of keys: a 256-bit AES key, and a 256-bit HMAC key.
These keys are then used to decrypt the “master_key_data” and “overview_key_data” items, which are both opdata formatted structures. Once you look at the decrypted output, though, you may be confused – they really look like random bytes. Which is because that’s precisely what they are. The master key data is 256 bytes of random data, and the overview key, 64 bytes.
That data is then used as the input to another SHA-512 operation, which then produces the actual master and overview keys (each being, again, an AES key plus HMAC key, for 512 bits of actual generated key data).
So the overall function looks like this:
# derive key-encrypting-key from Master Password
#
derived_keys = PBKDF2('sha512', password, salt, iterations, 64)
derived_aes = derived_keys[0:32]
derived_hmac = derived_keys[32:64]
# decrypt key data for Master Key and generate AES+HMAC keys using SHA-512
#
m_data = opdata_decrypt(master_key_data, derived_aes, derived_hmac)
m_keys = SHA512(m_data)
m_aes = m_keys[0:32]
m_hmac = m_keys[32:64]
# do the same for the overview key
#
o_data = opdata_decrypt(overview_key_data, derived_aes, derived_hmac)
o_keys = SHA512(o_data)
o_aes = o_keys[0:32]
o_hmac = o_keys[32:64]
These two keys are used to decrypt the private vault data. The “overview” key is used for item metadata (name, etc.) while the “master key” decrypts the data itself. We’ll see those in a moment.
The master key also decrypts the “enc_login” data from the accounts table. So let’s see a full example of the key derivation and account data decryption (with some debug data cut out…it was getting a little long).
First, get all the data:
$ python local_keys.py
Enter data from the 'profiles' table
Enter the iterations parameter: 100000
Enter the salt (hex or base64 encoded): AXJZTNToCfbWGM61D5fg3w==
Enter the master password:
Password: [update-clown-squid-bedpost]
Enter master_key_data (hex or base64): b3BkYXRhMDEAAQAAAAAAAJrZ9cB1XuVW3WQnyIT1PpUtFXItUzA3QdZZz7hM0ZXQbTn-Z640H7_A3ScP3Xic3xmqfBSnqm1Qd7BXTFttv6VUgcAakdIZ-9vvubj27qPY9vgMegjIB6S1jWGzd6gVk0NaaFu9DBcqrCW5BCJBA2T27hsQWIn6iQYvWRslBYRoZ095XNyDOasqa45Z0sM3dYoXOQiRQ5ZoI6RnIH-mzSjhXrjBnh3U3ebkoEkGxjmZI5zgSn8TbFOInxQXI3HwC_wxgj6PQGqUIG06ThU_KmRxtxAhv7-xcyXVOLpgtwBBAsNy1k0Kv2O8H9gkSl3t-8jhZPCPXUvSXDpTyWyEmIYo1XDoHWSDIbDYGxuh9x5iutDg7WnrQhOXGqt9a-oFjdkxtoFAkXhZJDfxjUcyDhUFBMs3yPTFTmlbkLlx8EDc
Enter overview_key_data (hex or base64): b3BkYXRhMDFAAAAAAAAAAJzboCGXnL8Llq53Jm8uFe89hyboywL-FboHXcXOiJDCLRQBKsA1sAxbZEkV57VbI3MLQ2cfYS9oA1grouKGlUWSlkCuZaW8vXRDnQXu1iHRD4C9ISYp6RgQwtauH_lMyil5iWMBH3JkTr5Wfb0aT0hLUVCIciE18erkCKEmQYO5
Enter encrypted login data (from accounts table) (hex / base64): b3BkYXRhMDHJAQAAAAAAAMPjUUROLiKTN4C0bBYXL1N2vkCAq3wmkID7pf_4MWOlTtHS8P5eYQOqn9AZ9GIxGq8cngOhTRQVXinCssNoZTw-bhtE8TSVX32ZW5vUpvZH18O_j36xHuGJe_ylP2IeNdT_bGp1w9d_QF04pDXRN79YNq7rc_26trLel16VSTE6qfeS0y6Ve9l6ngjeSFeh20xgz_aUSZ8MEGzlIjimZCcvs9bn0HxE_ZCwdBvNe9-UNnSstwUoFPRGy1Sy8pYK9RgDQyEUTmPT2ir0SK0Ov3zopx5qITZoucWPCmI-EDxdF4mA7-lpEVaQiVlDqVZqkk92DGdLZZEAZzdgm67eQHnU1b_K-YZWZ_zKHdpTrbLPgNhVaH6RJyboNFidAQvKtpOSnQBS23Xks6NwUKRCg2fE2LuZ-zTvmBL0jvabsJhgVjIQHXIZtAgXYxJXW9xkFNuOS5yb40wTfuYUSesK2MWvOgcv8FGP7iFnYwBtpbD0_SN5-5gd4qiGrETVJkfpalKKdnvOFPUMKpvvXkHwWwu1mKxJiLTRbSbhqq9fm0Rq4Dn-EMg7JmqtAMg2pYxgkEItS3-pwiJmLT4BSHdUyl5bS0l7PoiWQVG5V6NPIXVREwT_RV4kgjGZzu4AT4wmYRVLCDs58SXuZUJG0rZi6q4TEDB4bPWz7pK30GguKUDs
Now, derive the key to decrypt the random key data, using PBKDF2, salt, password, and 100,000 iterations:
Salt 0172 594c d4e8 09f6 d618 ceb5 0f97 e0df
Derived key 3288 3880 c6fe fc8f 5bf1 83a8 ed02 b80e
9076 1b6e 44ae 7a62 2e92 a049 1ca6 6ff9
Derived HMAC key 52cc c9f8 f8e5 34f3 1abb f64e 2135 75a5
bb81 9bd1 4511 b7f9 fe68 c888 0644 8e24
Next, we decrypt the master_key_data field:
** Decrypting OPDATA structure
Header 6f70 6461 7461 3031
PT length 0001 0000 0000 0000
IV 9ad9 f5c0 755e e556 dd64 27c8 84f5 3e95
CT 2d15 722d 5330 3741 d659 cfb8 4cd1 95d0
6d39 fe67 ae34 1fbf c0dd 270f dd78 9cdf
19aa 7c14 a7aa 6d50 77b0 574c 5b6d bfa5
5481 c01a 91d2 19fb dbef b9b8 f6ee a3d8
f6f8 0c7a 08c8 07a4 b58d 61b3 77a8 1593
435a 685b bd0c 172a ac25 b904 2241 0364
f6ee 1b10 5889 fa89 062f 591b 2505 8468
674f 795c dc83 39ab 2a6b 8e59 d2c3 3775
8a17 3908 9143 9668 23a4 6720 7fa6 cd28
e15e b8c1 9e1d d4dd e6e4 a049 06c6 3999
239c e04a 7f13 6c53 889f 1417 2371 f00b
fc31 823e 8f40 6a94 206d 3a4e 153f 2a64
71b7 1021 bfbf b173 25d5 38ba 60b7 0041
02c3 72d6 4d0a bf63 bc1f d824 4a5d edfb
c8e1 64f0 8f5d 4bd2 5c3a 53c9 6c84 9886
28d5 70e8 1d64 8321 b0d8 1b1b a1f7 1e62
bad0 e0ed 69eb 4213 971a ab7d 6bea 058d
HMAC digest d931 b681 4091 7859 2437 f18d 4732 0e15
0504 cb37 c8f4 c54e 695b 90b9 71f0 40dc
*** decrypted opdata
Plaintext 1dd6 41be aec2 1fa7 146a ed6a b438 60a9
0a89 4567 8e7d c07a a253 22e8 51cc ca88
c50e 350a 5718 f76d 2812 c318 dbdd 4035
23d3 dd5d 4c37 1c8d d2b5 03ef 197b eb41
4021 e458 0067 ad5f 313a be41 e276 1032
9b09 0fbd eb2d cd47 a6ec 2e8e dcad 1579
5ed3 92a7 d66b fd68 733c 0d60 273e b43b
a761 a49f 3f36 6610 7ba3 b962 02c0 7551
a3ad 26c7 7fa8 3d9a 273f 3dee cfe6 a619
209a dd94 9d47 8dc7 b8e5 650d e92b 7bb2
d443 8200 de09 7e37 f1bf c852 bcdf b131
0145 597e fa05 9d43 88ad 89fe c699 dc0c
7475 693c 374b c7ab ab35 2285 4016 d05d
0c57 43b8 07d4 dc20 aac5 d31e 2743 78a7
a0ea a68d f7d6 b28a e062 b8ea 9c63 45f5
c9e9 87ce e300 b8dd 6bc5 ab9b 5560 742c
Then pass that data through SHA-512 to get the master AES and HMAC keys:
Priv vault MK 89f4 e31e 16c2 6e0a 0a94 d384 6e98 b990
9d54 0f53 a8a9 16c8 104d 41fe bbdd f7b4
Priv vault MK HMAC d1c2 eaef 22e7 c7be 5b6c 8b00 633d 0b89
b6cf d6a9 bff4 d306 d90e f74d ca5d 0ec2
Now, we do it again, with the overview_key_data:
raw opdata 6f70 6461 7461 3031 4000 0000 0000 0000
9cdb a021 979c bf0b 96ae 7726 6f2e 15ef
3d87 26e8 cb02 fe15 ba07 5dc5 ce88 90c2
2d14 012a c035 b00c 5b64 4915 e7b5 5b23
730b 4367 1f61 2f68 0358 2ba2 e286 9545
9296 40ae 65a5 bcbd 7443 9d05 eed6 21d1
0f80 bd21 2629 e918 10c2 d6ae 1ff9 4cca
2979 8963 011f 7264 4ebe 567d bd1a 4f48
4b51 5088 7221 35f1 eae4 08a1 2641 83b9
*** decrypted opdata
Plaintext f5ac e064 9c41 2807 9077 1754 de08 d4e9
c33b 2cfd 8ac7 f0a1 f4fc 1fab 8d51 c6b7
b227 05ef f36d 2807 9963 1653 3512 fbd8
d924 9fc1 df81 fc98 22d3 b693 4a93 b0ed
Priv vault OK c1b2 2cef 7d57 9e4f 74c0 b5bb 4ab3 cb54
1464 e06b daf0 369e 1bd4 945c 1253 e513
Priv vault OK HMAC 8d6e d2c4 17e2 5549 eb80 95db 3150 86c7
9c52 402a 3c41 da44 0ef4 2ffd c575 b703
And finally, use the master key to decrypt enc_login:
Header 6f70 6461 7461 3031
PT length c901 0000 0000 0000
IV c3e3 5144 4e2e 2293 3780 b46c 1617 2f53
CT 76be 4080 ab7c 2690 80fb a5ff f831 63a5
4ed1 d2f0 fe5e 6103 aa9f d019 f462 311a
af1c 9e03 a14d 1415 5e29 c2b2 c368 653c
3e6e 1b44 f134 955f 7d99 5b9b d4a6 f647
d7c3 bf8f 7eb1 1ee1 897b fca5 3f62 1e35
d4ff 6c6a 75c3 d77f 405d 38a4 35d1 37bf
5836 aeeb 73fd bab6 b2de 975e 9549 313a
a9f7 92d3 2e95 7bd9 7a9e 08de 4857 a1db
4c60 cff6 9449 9f0c 106c e522 38a6 6427
2fb3 d6e7 d07c 44fd 90b0 741b cd7b df94
3674 acb7 0528 14f4 46cb 54b2 f296 0af5
1803 4321 144e 63d3 da2a f448 ad0e bf7c
e8a7 1e6a 2136 68b9 c58f 0a62 3e10 3c5d
1789 80ef e969 1156 9089 5943 a956 6a92
4f76 0c67 4b65 9100 6737 609b aede 4079
d4d5 bfca f986 5667 fcca 1dda 53ad b2cf
80d8 5568 7e91 2726 e834 589d 010b cab6
9392 9d00 52db 75e4 b3a3 7050 a442 8367
c4d8 bb99 fb34 ef98 12f4 8ef6 9bb0 9860
5632 101d 7219 b408 1763 1257 5bdc 6414
db8e 4b9c 9be3 4c13 7ee6 1449 eb0a d8c5
af3a 072f f051 8fee 2167 6300 6da5 b0f4
fd23 79fb 981d e2a8 86ac 44d5 2647 e96a
528a 767b ce14 f50c 2a9b ef5e 41f0 5b0b
b598 ac49 88b4 d16d 26e1 aaaf 5f9b 446a
e039 fe10 c83b 266a ad00 c836 a58c 6090
422d 4b7f a9c2 2266 2d3e 0148 7754 ca5e
5b4b 497b 3e88 9641 51b9 57a3 4f21 7551
1304 ff45 5e24 8231 99ce ee00 4f8c 2661
CT length (padded): 464
HMAC digest 154b 083b 39f1 25ee 6542 46d2 b662 eaae
1310 3078 6cf5 b3ee 92b7 d068 2e29 40ec
*** decrypted opdata
{
"SRPComputedXDictionary": {
"hexX": "QGvcdHIg4TifTEkps07s8wtbahetgMe2SkChdtfTaKA=",
"params": {
"alg": "PBES2g-HS256",
"iterations": 100000,
"method": "SRPg-4096",
"salt": "OtQiDn4YnrTMoYXponFtfA=="
}
},
"email": "nobody@example.com",
"masterUnlockKey": {
"alg": "A256GCM",
"ext": true,
"k": "6VIFjzKXaHctk44NXr8hOenpgwxWgZebtOlGkPwGK-Y=",
"key": "oct",
"key_ops": [
"encrypt",
"decrypt"
],
"kid": "mp"
},
"personalKey": "A3-ASWWYB-798JRY-LJVD4-23DC2-86TVM-H43EB"
}
This looks very similar to what’s stored here for cloud-based accounts – for the primary account, we have the SRP-X password and salt, the master unlock key, and the Secret Key (here called “Personal Key”). The MUK then unlocks the AES key for the first keyset, which can then unlock other accounts' keysets, and so forth.
Local Vault Storage
So now that we’ve unlocked the client, and have Master and Overview keys, we can also decrypt items stored in local vaults.
Each item has two parts: the overview (stored in the “items” table), and the actual data (in “item_details”.) The overview is encrypted with (surprise!) the overview key, while the data is encrypted with a random key, different for each item.
"data": "b3BkYXRhMDHwAAAAAAAAAEyyVSCt9Dxc6XbLgvoHxU-8cptUB4VIH0ga-YA89_lrY_Rb4vxuZoWnIuLfBm-9zPtOk7A4xuW6Mlim6__VEm2Fi1kprKQLo0lvQhic6fSX2wW_nQIMbkO62haPlcrI6bvq0RQwOCB3bTSoCNIMA_wEDIfY4HTGxkGiZR3HIZmkRHzYiDw62puOmNZabOWc6q7KCE0cKpI_UHCND32WdfdJNHkDApm_7y2d5SMRTUjgpZC5985hSvqVcjFmWDNguoU_Udy9it_WCdjCufvWX-p4C1pLnP4uxDXcgCKGHDAcByLwSONUaPT8v7PsUX-LDJzWPJzow9Kb6PXPiYiiaS7oOMQXZP1NR2wqaHVbEfUxsfX4BWXhkUqFui0F6TBo55pUH0eVdtR7Y8BXvW6EwDA="
"key_data": "TLJVIK30PFzpdsuC-gfFTwTov28jiL5IoV5kIP1HmEBxyoIRb4iy_nd6vRSr-1CU0SCrQt5TO62adCqBh91NSrsNxmqhYwKSSShesTEP3RiBN-KtH6pQGQIPGSQNfSDLVCa5uqbb8l4rmgFa02ikuw=="
"overview_data": "b3BkYXRhMDFcAAAAAAAAAD9fCPZ7qzQ9T3-BOK2RSe8RY0kVouZEADL1OPAUiZu9xDZigzMBtLXg90Gr3-4cc2szZCXLFo7Zch39xcHctWF_-v75bFCtoSnRs8j61zigRn00XLT-1mA72YeTYgYVxcKIGOlQfTXv86Y5FF1dQH6J0AlXJtX9F1Z9Pjb5IzbfCSO_wDHkukvXhZTUiom9zw=="
The key_data structure includes four components:
- Initialization Vector (IV) (16 bytes)
- Item Encryption Key (32 bytes)
- Item HMAC Key (32 bytes)
- HMAC Tag (32 bytes)
First, compute the HMAC tag using the encrypted item keys (encryption + HMAC) as the message, and the Master HMAC Key as key. If that matches the the HMAC tag found in the structure, then we know it hasn’t been altered. Now, use the Master AES key to decrypt the item keys, and those keys (AES + HMAC) to decrypt the actual vault item.
Here’s the entire process, starting with generating the master and overview keys:
$ python local_item.py
Enter master encryption key (base-64 or hex encoded): ifTjHhbCbgoKlNOEbpi5kJ1UD1OoqRbIEE1B_rvd97Q
Enter master HMAC key (base-64 or hex encoded): 0cLq7yLnx75bbIsAYz0LibbP1qm_9NMG2Q73TcpdDsI
Enter overview encryption key (base-64 or hex encoded): wbIs731Xnk90wLW7SrPLVBRk4Gva8DaeG9SUXBJT5RM
Enter master HMAC key (base-64 or hex encoded): jW7SxBfiVUnrgJXbMVCGx5xSQCo8QdpEDvQv_cV1twM
Enter overview data (base-64 or hex): b3BkYXRhMDFcAAAAAAAAAD9fCPZ7qzQ9T3-BOK2RSe8RY0kVouZEADL1OPAUiZu9xDZigzMBtLXg90Gr3-4cc2szZCXLFo7Zch39xcHctWF_-v75bFCtoSnRs8j61zigRn00XLT-1mA72YeTYgYVxcKIGOlQfTXv86Y5FF1dQH6J0AlXJtX9F1Z9Pjb5IzbfCSO_wDHkukvXhZTUiom9zw==
Enter item key data (base-64 or hex): TLJVIK30PFzpdsuC-gfFTwTov28jiL5IoV5kIP1HmEBxyoIRb4iy_nd6vRSr-1CU0SCrQt5TO62adCqBh91NSrsNxmqhYwKSSShesTEP3RiBN-KtH6pQGQIPGSQNfSDLVCa5uqbb8l4rmgFa02ikuw==
Enter item detail data (base-64 or hex): b3BkYXRhMDHwAAAAAAAAAEyyVSCt9Dxc6XbLgvoHxU-8cptUB4VIH0ga-YA89_lrY_Rb4vxuZoWnIuLfBm-9zPtOk7A4xuW6Mlim6__VEm2Fi1kprKQLo0lvQhic6fSX2wW_nQIMbkO62haPlcrI6bvq0RQwOCB3bTSoCNIMA_wEDIfY4HTGxkGiZR3HIZmkRHzYiDw62puOmNZabOWc6q7KCE0cKpI_UHCND32WdfdJNHkDApm_7y2d5SMRTUjgpZC5985hSvqVcjFmWDNguoU_Udy9it_WCdjCufvWX-p4C1pLnP4uxDXcgCKGHDAcByLwSONUaPT8v7PsUX-LDJzWPJzow9Kb6PXPiYiiaS7oOMQXZP1NR2wqaHVbEfUxsfX4BWXhkUqFui0F6TBo55pUH0eVdtR7Y8BXvW6EwDA=
Decrypt the overview data field, using the overview key:
Header 6f70 6461 7461 3031
PT length 5c00 0000 0000 0000
IV 3f5f 08f6 7bab 343d 4f7f 8138 ad91 49ef
CT 1163 4915 a2e6 4400 32f5 38f0 1489 9bbd
c436 6283 3301 b4b5 e0f7 41ab dfee 1c73
6b33 6425 cb16 8ed9 721d fdc5 c1dc b561
7ffa fef9 6c50 ada1 29d1 b3c8 fad7 38a0
467d 345c b4fe d660 3bd9 8793 6206 15c5
c288 18e9 507d 35ef f3a6 3914 5d5d 407e
CT length (padded): 96
HMAC digest 89d0 0957 26d5 fd17 567d 3e36 f923 36df
0923 bfc0 31e4 ba4b d785 94d4 8a89 bdcf
{
"ainfo": "-",
"ps": 75,
"title": "Vault entry for local private vaults",
"url": "www.example.com"
}
Decrypt the item encryption and HMAC keys, using master key:
Item Key cd60 d734 ebdf 17d5 d9e7 4264 efbd d0ff
cc83 3bf3 7080 22e8 12f3 4b86 ac89 59f7
Item HMAC 25f8 dcc4 3fc1 35ff 7773 905a 52d3 7464
2b22 1a6f 1d90 865a 20a7 ba3c 9f17 4c9c
Finally, decrypt the item details using the item key:
Header 6f70 6461 7461 3031
PT length f000 0000 0000 0000
IV 4cb2 5520 adf4 3c5c e976 cb82 fa07 c54f
CT bc72 9b54 0785 481f 481a f980 3cf7 f96b
63f4 5be2 fc6e 6685 a722 e2df 066f bdcc
fb4e 93b0 38c6 e5ba 3258 a6eb ffd5 126d
858b 5929 aca4 0ba3 496f 4218 9ce9 f497
db05 bf9d 020c 6e43 bada 168f 95ca c8e9
bbea d114 3038 2077 6d34 a808 d20c 03fc
040c 87d8 e074 c6c6 41a2 651d c721 99a4
447c d888 3c3a da9b 8e98 d65a 6ce5 9cea
aeca 084d 1c2a 923f 5070 8d0f 7d96 75f7
4934 7903 0299 bfef 2d9d e523 114d 48e0
a590 b9f7 ce61 4afa 9572 3166 5833 60ba
853f 51dc bd8a dfd6 09d8 c2b9 fbd6 5fea
780b 5a4b 9cfe 2ec4 35dc 8022 861c 301c
0722 f048 e354 68f4 fcbf b3ec 517f 8b0c
9cd6 3c9c e8c3 d29b e8f5 cf89 88a2 692e
e838 c417 64fd 4d47 6c2a 6875 5b11 f531
CT length (padded): 256
HMAC digest b1f5 f805 65e1 914a 85ba 2d05 e930 68e7
9a54 1f47 9576 d47b 63c0 57bd 6e84 c030
{
"fields": [
{
"id": "OldPassword;opid=__2",
"name": "OldPassword",
"type": "P",
"value": "notagoodpassword"
},
{
"designation": "password",
"id": "NewPassword;opid=__3",
"name": "NewPassword",
"type": "P",
"value": "OldSk00lRulzFTW!"
}
]
}
Is that it?
That’s it. I kind of sped over this part, because I was more interested in how local copies of the cloud vaults were encrypted, and because we’re kind of (eventually) moving away from using this older vault format. Also it’s been worked with before – there are several projects on GitHub which read and write these vaults.
Next time, I’ll wrap up the entire series (mostly, I’ll just list all the things I didn’t talk about, which is actually a fair bit).