[guardian-dev] Exploring an IOCipher container from ChatSecure
Nathan of Guardian
nathan at guardianproject.info
Mon Mar 14 16:28:01 EDT 2016
On Mon, Mar 14, 2016, at 03:26 PM, Jabber Wocky wrote:
> I'm trying to poke at how IOCipher works within ChatSecure's iOS app and
> could use some help!
>
> My goal is to mount and/or explore an IOCipher container file (of which I
> know the password) from the ChatSecure iOS app. I've followed your
> instructions from the guardian wiki (
> https://dev.guardianproject.info/projects/iocipher/wiki). The IOCipher
> tools seem to be running properly; however, I'm not getting expected
> results.
>
> Steps I've taken:
> * Installed necessary dependencies
> * Copied the IOCipher container file to /tmp/fsdata
> * Attempted to run fuse_sqlfs (w/correct password)
> * Attempted to run sqlfsls on the container file (w/correct password)
>
> I always get the same result:
>
> file is encrypted or is not a database
> file is encrypted or is not a database
> file is encrypted or is not a database
> Failed to open: /tmp/fsdata
>
>
> I'm providing the correct password to the libsqlfs tools. Does anyone
> know
> if ChatSecure iOS is doing anything funky with its IOCipher
> implementation?
You have the password, not the key. The password should be used to
protect access to the key, not to actually encrypt the whole database.
On Android, the key is stored separately using our CacheWord system. On
iOS, I think the key is stored in the iOS keychain. I am not sure how
you can extract it if so.
+n
More information about the guardian-dev
mailing list