author Ryan C. Gordon <>
Fri, 23 Jun 2017 17:28:03 -0400
changeset 58 1390348facc7
parent 53 ea43dbad123b
permissions -rw-r--r--
Command line tool that decrypts an OPVault keychain and dumps it to stdout.

To compile: gcc -o opvault opvault.c cJSON.c -lcrypto

Usage: ./opvault </path/to/mykeychain.opvault> <password>

This is just a proof of concept; I'll be recycling this into proper OPVault
support in 1pass later and deleting this tool.

This uses OpenSSL's libcrypto for the math instead of all the homegrown
crypto this project is otherwise using. I'll probably migrate the rest in
this direction, too, since this wasn't as bad as I expected to use and
gets you all the package-manager mojo of automatic bug fixes and security
patches and shared code, etc.

cJSON parses JSON in C. That is from

An example OPVault keychain from AgileBits is available here:
/*	$OpenBSD: sha1.h,v 1.5 2007/09/10 22:19:42 henric Exp $	*/

 * SHA-1 in C
 * By Steve Reid <>
 * 100% Public Domain

#ifndef _SHA1_H_
#define _SHA1_H_

#define	SHA1_BLOCK_LENGTH		64
#define	SHA1_DIGEST_LENGTH		20

#include <stdint.h>

typedef struct {
	uint32_t	state[5];
	uint64_t	count;
	uint8_t	buffer[SHA1_BLOCK_LENGTH];
void SHA1Init(SHA1_CTX * context);
void SHA1Transform(uint32_t state[5], const uint8_t buffer[SHA1_BLOCK_LENGTH]);
void SHA1Update(SHA1_CTX *context, const uint8_t *data, const uint32_t len);
void SHA1Final(uint8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context);

void SHA1Hmac(const uint8_t *key, const uint32_t keylen, const uint8_t *msg, const uint32_t msglen, uint8_t digest[SHA1_DIGEST_LENGTH]);

#endif /* _SHA1_H_ */