Which way data is encrypted in *.networkConnect files in Mac OS X

I need to find an easy way (few clicks solution) for Mac OS X users to import VPN IPSec connection. I found out that there is a way in Mac OS X to export network connection settings in "System Preferences" -> "Network".

During export of network connection .networkConnect file is creating which contains sensitive data such as ExportedSharedSecret and ExportedPassword encrypted by some algorythm and after this encoded with base46.

I wonder what algorythms are used in order to encrypt this sensitive data and how can i create such .networkConnect files under linux, so users can download generated .networkConnect files from my server and import VPN settings to theis Mac OS X?

Here is an example .networkConnect file

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>L2TP</key>
    <dict>
        <key>UserConfigs</key>
        <array>
            <dict>
                <key>EAP</key>
                <dict/>
                <key>IPSec</key>
                <dict>
                    <key>AuthenticationMethod</key>
                    <string>SharedSecret</string>
                    <key>ExportedSharedSecret</key>
                    <data>
                    EPANULrdr4/H5mwY6iBGprwzIYfWG4Ep
                    </data>
                </dict>
                <key>PPP</key>
                <dict>
                    <key>AuthName</key>
                    <string>my_account</string>
                    <key>AuthPasswordEncryption</key>
                    <string>Keychain</string>
                    <key>CommRemoteAddress</key>
                    <string>192.168.1.8</string>
                    <key>ExportedPassword</key>
                    <data>
                    EPANVaLSgprCymwK5iBH0l/KJ1C3wBkh
                    </data>
                    <key>UserDefinedName</key>
                    <string>my_configuration</string>
                </dict>
            </dict>
        </array>
    </dict>
</dict>
</plist>

How do you decrypt files on a Mac?

1- Using Finder Here are the steps: Step 1: Start with connecting the external hard drive with the Mac device or select the internal encoded volume. Step 2: Now launch finder and look for the destined drive in the list. Step 3: Click the storage drove and select the option of Decrypt Drive Name.

It uses XOR with hard-coded key. Below is a simple Python demo.

import base64

cryptotext = base64.b64decode("EPANULrdr4/H5mwY6iBGprwzIYfWG4Ep")

decryption_key = [0x7d, 0x89, 0x52, 0x23, 0xd2, 0xbc, 0xdd, 0xea, 0xa3, 0xb9, 0x1f]

i = 0
cleartext = ""

for ch in cryptotext:
    cleartext += chr(ord(ch) ^ decryption_key[i])
    i += 1
    i = i % len(decryption_key)

print("%s" %(cleartext))

Which way data is encrypted in *.networkConnect files in Mac OS X

Tags:

macos

encryption

settings

vpn

Dmitry Shumilin

People also ask

1 Answers

jimmers

Recent Activity

Donate For Us

Which way data is encrypted in *.networkConnect files in Mac OS X

Tags:

macos

encryption

settings

vpn

Dmitry Shumilin

People also ask

1 Answers

jimmers

Related questions

Recent Activity

Donate For Us