def decryptWithHash(self, pwdhash):
"""Decrypts this credhist entry with the given user's password hash.
Simply computes the encryption key with the given hash then calls
self.decryptWithKey() to finish the decryption.
"""
self.decryptWithKey(crypto.derivePwdHash(pwdhash, str(self.userSID)))
def decryptWithHash(self, pwdhash):
"""Decrypts this credhist entry with the given user's password hash.
Simply computes the encryption key with the given hash then calls
self.decryptWithKey() to finish the decryption.
"""
self.decryptWithKey(crypto.derivePwdHash(pwdhash, str(self.userSID)))
def decryptWithHash(self, userSID, pwdhash):
"""Decrypts the masterkey with the given user's hash and SID.
Simply computes the corresponding key then calls self.decryptWithKey()
"""
#print "Debug: Inside decryptwithhash. userSID: "+userSID
self.decryptWithKey(crypto.derivePwdHash(pwdhash, userSID))
def decryptWithPassword(self, userSID, pwd):
"""Decrypts the masterkey with the given user's password and SID.
Simply computes the corresponding key, then calls self.decryptWithKey()
"""
for algo in ["sha1", "md4"]:
self.decryptWithKey(crypto.derivePwdHash(hashlib.new(algo, pwd.encode("UTF-16LE")).digest(), userSID))
if self.decrypted:
break
def test_decrypt_with_key(self):
self.assertFalse(self.mk.decrypted)
self.mk.decryptWithKey(crypto.derivePwdHash(self.pwdhash, self.sid))
self.assertTrue(self.mk.masterkey.decrypted)
self.assertTrue(self.mk.decrypted)
self.assertEqual(self.mk.masterkey.hmac, self.mk.masterkey.hmacComputed)
self.assertEqual(len(self.mk.masterkey.iv), 16)
self.assertEqual(len(self.mk.masterkey.key), 64)
self.assertEqual(len(self.mk.masterkey.hmacSalt), 16)
def test_decrypt_with_key(self):
self.assertFalse(self.mk.decrypted)
self.mk.decryptWithKey(crypto.derivePwdHash(self.pwdhash, self.sid))
self.assertTrue(self.mk.masterkey.decrypted)
self.assertTrue(self.mk.decrypted)
self.assertEqual(self.mk.masterkey.hmac, self.mk.masterkey.hmacComputed)
self.assertEqual(len(self.mk.masterkey.iv), 16)
self.assertEqual(len(self.mk.masterkey.key), 64)
self.assertEqual(len(self.mk.masterkey.hmacSalt), 16)
def decryptWithPassword(self, userSID, pwd):
"""Decrypts the masterkey with the given user's password and SID.
Simply computes the corresponding key, then calls self.decryptWithKey()
"""
for algo in ["sha1", "md4"]:
self.decryptWithKey(
crypto.derivePwdHash(
hashlib.new(algo, pwd.encode("UTF-16LE")).digest(),
userSID))
if self.decrypted:
break
def decryptWithHash10(self, userSID, pwdhash):
"""Decrypts the masterkey with the given user's hash and SID.
Simply computes the corresponding key then calls self.decryptWithKey()
"""
#print "Debug: Inside decryptwithhash10. userSID: "+userSID
#print "Debug: Inside decryptwithhash. pwdhash: "+binascii.hexlify(pwdhash)
pwdhash1 = hashlib.pbkdf2_hmac('sha256', pwdhash,
userSID.encode("UTF-16LE"), 10000)
#print "Debug: Inside decryptwithhash. pwdhash1:"+binascii.hexlify(pwdhash1)
pwdhash2 = hashlib.pbkdf2_hmac('sha256', pwdhash1,
userSID.encode("UTF-16LE"), 1)[0:16]
#print "Debug: Inside decryptwithhash. pwdhash2:"+binascii.hexlify(pwdhash2)
#print "Debug: Inside decryptwithhash. Derived hash:" + binascii.hexlify(derivedkey)
self.decryptWithKey(crypto.derivePwdHash(pwdhash2, userSID))
def test_derivePwdHash(self):
self.assertEquals(crypto.derivePwdHash(self.hashpwd, self.sid), self.expected)
def test_derivePwdHash(self):
self.assertEquals(crypto.derivePwdHash(self.hashpwd, self.sid),
self.expected)
def decryptWithHash(self, userSID, pwdhash):
"""Decrypts the masterkey with the given user's hash and SID.
Simply computes the corresponding key then calls self.decryptWithKey()
"""
self.decryptWithKey(crypto.derivePwdHash(pwdhash, userSID))
