Functions, demo tools, and example data, for decrypting elements of 1Password for Teams ("Cloud 1Password") B5 database structure.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
2skd.py
CHANGELOG.md
LICENSE.md
README.md
do_emk.py
gcm_decrypt.py
local_item.py
local_keys.py
make_test_data.py
opdata.py
optestlib.py
rsa_decrypt.py
test_data.txt

README.md

1Password Vault / Data ...Tools? Toys?

This is a set of simple scripts and one ugly function library that supports an "Inside 1Password" talk and associated series of blog posts.

The posts (with a link to the talk slides) can be found at darthnull.org.

Begin with "make_test_data" to generate test data as examples for all of the critical encrypted data types within the 1Password 6/7 "Cloud-based" B5 database format.

It can also generate keys and test data for the older OPVault (local private vault) format.

Then, following along with the blog posts, use the other scripts to decrypt the various examples generated by the test script.

A set of already-generated test data is included that matches the examples used in the talk / blog.

Usefuleness

None of this is useful for anything productive.

Its primary purpose is to illustrate how 1Password works internally, by letting you process test data, then, if you're feeling confident, find the equivalent data structures in a real 1Password database and decrypt them too.

By doing this, you'll gain confidence that 1Password really is working the way that the documentation says (or at least, that it's working the way that I think the documentation explains).

Danger

If you do use this with your own password data...I'd strongly recommend taking steps to make sure you don't leak information (like your password) to history files, saved output, etc.

The scripts don't take steps to hide things like Secret Keys or Master Passwords. If you use this with your own data, remember that SECRETS MAY GET SAVED IN PLAINTEXT TO YOUR DISK as a result.

(this is the primary reason for the test data script -- I was getting sick of setting up test accounts and such).

Use your best judgement.

But definitely, please, explore! Verify for yourself that 1Password is doing what you expect, so that you can feel confident in how it works and make well-informed risk decisions.

And have fun!