The encryption key is stored within a profile's security database files. I guess you will need to use the NSS library to access the key.
Mozilla calls functions PK11SDR_Encrypt and PK11SDR_Decrypt to access the data.
Re the algorithm, a comment in the implementation of PK11SDR_Encrypt says:
/* Use triple-DES */
type = CKM_DES3_CBC;
To find more information, use lxr.mozilla.org and search for nsISecretDecoderRing, PK11SDR_Encrypt, etc.
Kai
TGOS wrote:
I asked the question before, but never got any reply. What encryption does Mozilla use to store passwords in the Password Manager file if you select encryption and enter a Master Password?I'd like to write a program that can manipulate the password file of Mozilla (add, remove and edit stored passwords). Therefor the user will have to enter the Master Password. Now once he entered the Master Password, how do I get the encryption key of it? (SHA1 or MD5 checksum of the password?) And what algorithm is used to encrypt the encrypted data? (RC4, Tripple-DES or maybe IDEA?)
