calvin.erfmann/WhatsApp-Chat-Exporter
1
0
Fork 0
mirror of https://github.com/KnugiHK/WhatsApp-Chat-Exporter.git synced 2026-04-24 23:11:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement early key validation via authenticated decryption (#190)

Browse Source 
Utilize `decrypt_and_verify` to immediately identify incorrect user-provided keys via GCM tag validation.
This commit is contained in:
KnugiHK
2026-01-08 23:57:02 +08:00
parent 9cedcf1767
commit 647e406ac0
1 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Whatsapp_Chat_Exporter/android_crypt.py
View File

@@ -112,8 +112,20 @@ def _decrypt_database(db_ciphertext: bytes, main_key: bytes, iv: bytes) -> bytes
zlib.error: If decompression fails. zlib.error: If decompression fails.
ValueError: if the plaintext is not a SQLite database. ValueError: if the plaintext is not a SQLite database.
""" """
FOOTER_SIZE = 32
if len(db_ciphertext) <= FOOTER_SIZE:
raise ValueError("Input data too short to contain a valid GCM tag.")
actual_ciphertext = db_ciphertext[:-FOOTER_SIZE]
tag = db_ciphertext[-FOOTER_SIZE: -FOOTER_SIZE + 16]
cipher = AES.new(main_key, AES.MODE_GCM, iv) cipher = AES.new(main_key, AES.MODE_GCM, iv)
db_compressed = cipher.decrypt(db_ciphertext) try:
db_compressed = cipher.decrypt_and_verify(actual_ciphertext, tag)
except ValueError:
# This could be key, IV, or tag is wrong, but likely the key is wrong.
raise ValueError("Decryption/Authentication failed. Ensure you are using the correct key.")
db = zlib.decompress(db_compressed) db = zlib.decompress(db_compressed)
if db[0:6].upper() != b"SQLITE": if db[0:6].upper() != b"SQLITE":
raise ValueError( raise ValueError(