Given that there is no replacement for the Password Export extension (apparently because extensions cannot yet get at passwords in 57) I want to write a standalone program to export and import passwords.
Apparently the master password is in key3.db and the saved passwords are in logins.json. It appears that if you do not set a master password, a blank password is used to encrypt the logins.json user name and password fields
The format of the logins.json file is quite simple but I need to know the encryption method used to retrieve the user name and password and the format and encryption used in the key3.db file.
Does anyone know what encryption method is used and, perhaps, can point me at code that would decrypt the fields?
I also need the format of the date fields in the logoins.json file - how are they formatted? Here's an example: 1466569273228
FYI - here's the format of an entry in the logins.json file, the encrypted fields have been mangled:
Code: Select all
"id":1,
"hostname":"http://www.example.com/",
"httpRealm":null,
"formSubmitURL":"http://downloads.example.com/",
"usernameField":"userName",
"passwordField":"password",
"encryptedUsername":"MDoEEPgAA98utyfAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECAcg3+WDArAeBBCukYFxEhYj3iE8UUV1LN+/",
"encryptedPassword":"MEIEEPgAAAtfiojljAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECFaqHMkFMc8YBBi2Ay0JInEnnVkmw10auloMCk6s/WbOtEQ=",
"guid":"{8be5cdad-b01d-490f-b003-c7fcdedd1e0b}",
"encType":1,
"timeCreated":1466569273228,
"timeLastUsed":1466569273228,
"timePasswordChanged":1466569273228,
"timesUsed":1