Demostracion de como recuperan el block key material para descifrar el Disco Duro
func main() {
scmKey := decode(scmKey)
salt := decode(salt)
maskkey
:= pbkdf2
.Key([]byte("password"), salt, rounds,
32, sha1
.New)
// AES-ECB-256_decrypt(k=maskkey, scm_key) = scr_key
a, err := aes.NewCipher(maskkey)
if err != nil {
log.Fatal(err)
}
for i := 0; i < len(scmKey); i += a.BlockSize() {
a.Decrypt(scmKey[i:i+a.BlockSize()], scmKey[i:i+a.BlockSize()])
}
// HMAC-SHA1(k=maskkey, scm_key) == sch_mac
h := sha1.Sum(maskkey)
mac
:= hmac
.New(sha1
.New, h
[:]) mac.Write(scmKey)
expectedMAC := mac.Sum(nil)
fmt.Print(hex.Dump(expectedMAC))
}
El link con la lectura completa en Ingles:
https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/