Skip to content

Instantly share code, notes, and snippets.

@flatz
Last active December 14, 2024 04:51
Show Gist options
  • Save flatz/3f242ab3c550d361f8c6d031b07fb6b1 to your computer and use it in GitHub Desktop.
Save flatz/3f242ab3c550d361f8c6d031b07fb6b1 to your computer and use it in GitHub Desktop.
Gets decrypted key from latest Signal desktop app to use with sigtop
#!/usr/bin/env python3
import os
import json
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import SHA1
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
def aes_decrypt_cbc(key, iv, data):
cipher = AES.new(key, AES.MODE_CBC, iv)
return cipher.decrypt(data)
password = <PUT HERE YOUR PASSWORD FROM KEYCHAIN>
prefix = b'v10'
salt = 'saltysalt'
derived_key_len = 128 // 8
num_iterations = 1003
iv = b' ' * 16
config_file_path = '~/Library/Application Support/Signal/config.json'
with open(os.path.expanduser(config_file_path), 'r') as f:
config = json.loads(f.read())
encrypted_key = bytes.fromhex(config['encryptedKey'])
assert encrypted_key.startswith(prefix)
encrypted_key = encrypted_key[len(prefix):]
kek = PBKDF2(password, salt, dkLen = derived_key_len, count = num_iterations, hmac_hash_module = SHA1)
decrypted_key = unpad(aes_decrypt_cbc(kek, iv, encrypted_key), block_size = 16).decode('ascii')
print('0x' + decrypted_key)
@direc85
Copy link

direc85 commented Sep 7, 2024

The current version unfortunately only with v10 encrypted key, not with v11 which at least Signal Desktop for Linux uses.

@flatz
Copy link
Author

flatz commented Sep 9, 2024

@direc85 It was just a PoC I made for sigtop to show how this stuff works. You should check the named repository for new versions.

@caprinux
Copy link

im getting this error ValueError: Data must be padded to 16 byte boundary in CBC mode

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment