I am trying to write my own utility for manual decryption of Electrum and Bitcoin Core wallet.dat files.
Do note that wallet.dat files are not encrypted
at the file level... When you enable encryption, certain data records within the database file (what a wallet.dat actually is) are encrypted.
But you can parse/read the file with the appropriate database "viewer" (like dbdump)... you'll just get encrypted bytes for some of the records.
Have a read of this topic:
recover keys from wallet.dat without using pywalletAnd if you understand python... you'll find my "core decryptor" python script in one of the posts in that thread as a working example:
https://bitcointalk.org/index.php?topic=5333765.msg57036972#msg57036972
Electrum is a slightly different beast... it has
three "encryption states" for the wallet file:
1- Unencrypted plaintext (No password set)
2- Plaintext but with 'sensitive data' (ie. private keys/seeds etc) encrypted (Password only set)
3- Fully encrypted file (password set + encrypt file option selected)
As suggested, you can probably get a feel for how the decryption of either the individual fields (#2) or full file (#3) is done by looking at the source code for Electrum.
I haven't actually tried decrypting Electrum wallet files manually.
Also, I don't have any experience with golang, so can't really assist with porting the core decryptor code
