plivox · November 19, 2019 11:35
diff --git a/mod_session_crypto.go b/mod_session_crypto.go
 package main

 import (
 	"crypto/sha1"
 	"encoding/base64"
 	"fmt"
 	"log"

 	"github.com/spacemonkeygo/openssl"
 	"golang.org/x/crypto/pbkdf2"
 )

 const (
 	// hardcoded in mod_session_crypto.c
 	iter = 4096

 	// for SipHash-2-4
 	macLen = 8

 	// 32 bytes for AES
 	keyLen = 32

 	// 16 bytes for AES
 	blockSize = 16

 	// sizeof apr_uuid_t=unsigned char data[16] (in apr_uuid.h)
 	saltLen = 16
 )

 func decrypt(secret, input string) (decrypted string, err error) {
 	data, err := base64.StdEncoding.DecodeString(input)
 	if err != nil {
 		return
 	}

 	var (
 		// mac      = binary.LittleEndian.Uint64(data) // for verify password ??
 		saltIvCt = data[macLen:]
 		salt     = saltIvCt[:saltLen]
 		iv       = saltIvCt[blockSize:keyLen]
 		ct       = saltIvCt[keyLen:]
 	)

 	cipher, err := openssl.GetCipherByName("aes-256-cbc")
 	if err != nil {
 		return
 	}

 	key := pbkdf2.Key([]byte(secret), salt, iter, keyLen, sha1.New)

 	ctx, err := openssl.NewDecryptionCipherCtx(cipher, nil, key, iv)
 	if err != nil {
 		return
 	}

 	cipherbytes, err := ctx.DecryptUpdate(ct)
 	if err != nil {
 		return
 	}

 	finalbytes, err := ctx.DecryptFinal()
 	if err != nil {
 		return
 	}

 	cipherbytes = append(cipherbytes, finalbytes...)
 	decrypted = string(cipherbytes)
 	return
 }

 func main() {
 	cookie := "Fb49quJppaGLG+WaLSNB35DeT9QIYV793gig5aiW1Nz0uEhZIvMspdtmPYTprMjEa7pCNtM/XHNW0qHN8k80l6luQk3P8KOY"
 	secret := "secret"

 	decrypted, err := decrypt(secret, cookie)
 	if err != nil {
 		log.Fatal(err)
 		return
 	}
 	fmt.Println(decrypted)
 }
	package main

	import (
	"crypto/sha1"
	"encoding/base64"
	"fmt"
	"log"

	"github.com/spacemonkeygo/openssl"
	"golang.org/x/crypto/pbkdf2"
	)

	const (
	// hardcoded in mod_session_crypto.c
	iter = 4096

	// for SipHash-2-4
	macLen = 8

	// 32 bytes for AES
	keyLen = 32

	// 16 bytes for AES
	blockSize = 16

	// sizeof apr_uuid_t=unsigned char data[16] (in apr_uuid.h)
	saltLen = 16
	)

	func decrypt(secret, input string) (decrypted string, err error) {
	data, err := base64.StdEncoding.DecodeString(input)
	if err != nil {
	return
	}

	var (
	// mac = binary.LittleEndian.Uint64(data) // for verify password ??
	saltIvCt = data[macLen:]
	salt = saltIvCt[:saltLen]
	iv = saltIvCt[blockSize:keyLen]
	ct = saltIvCt[keyLen:]
	)

	cipher, err := openssl.GetCipherByName("aes-256-cbc")
	if err != nil {
	return
	}

	key := pbkdf2.Key([]byte(secret), salt, iter, keyLen, sha1.New)

	ctx, err := openssl.NewDecryptionCipherCtx(cipher, nil, key, iv)
	if err != nil {
	return
	}

	cipherbytes, err := ctx.DecryptUpdate(ct)
	if err != nil {
	return
	}

	finalbytes, err := ctx.DecryptFinal()
	if err != nil {
	return
	}

	cipherbytes = append(cipherbytes, finalbytes...)
	decrypted = string(cipherbytes)
	return
	}

	func main() {
	cookie := "Fb49quJppaGLG+WaLSNB35DeT9QIYV793gig5aiW1Nz0uEhZIvMspdtmPYTprMjEa7pCNtM/XHNW0qHN8k80l6luQk3P8KOY"
	secret := "secret"

	decrypted, err := decrypt(secret, cookie)
	if err != nil {
	log.Fatal(err)
	return
	}
	fmt.Println(decrypted)
	}