def decrypt(input): """Decrypts the given hexadecimally-encoded string in conformity with CryptUnprotectData. Arguments: input -- the encrypted input string in hexadecimal format. Returns: output -- string containing the output of decryption. """ # de-hex the input: rawinput = decode(input, "hex") data = create_string_buffer(rawinput, len(rawinput)) # create out various Blobs: input_blob = Blob(len(rawinput), data) output_blob = Blob() dwflags = 0x01 # call CryptUnprotectData: res = unprotect_data(byref(input_blob), u"", byref(Blob()), None, None, dwflags, byref(output_blob)) input_blob.free_blob() # check return code: if res == 0: output_blob.free_blob() raise Exception("Failed to decrypt: %s" + input) else: raw = output_blob.get_data() output_blob.free_blob() # decode the resulting data from UTF-16: return decode(raw, "utf-16")
def encrypt(input): """Encrypts the given string following the same syscalls as done by ConvertFrom-SecureString. Arguments: input -- an input string. Returns: output -- string containing the output of the encryption in hexadecimal. """ # CryptProtectData takes UTF-16; so we must convert the data here: encoded = input.encode("utf-16") data = create_string_buffer(encoded, len(encoded)) # create our various Blobs: input_blob = Blob(len(encoded), data) output_blob = Blob() flag = 0x01 # call CryptProtectData: res = protect_data(byref(input_blob), u"", byref(Blob()), None, None, flag, byref(output_blob)) input_blob.free_blob() # check return code: if res == 0: output_blob.free_blob() raise Exception("Failed to encrypt: %s" % input) else: raw = output_blob.get_data() output_blob.free_blob() # encode the resulting bytes into hexadecimal before returning: hex = encode(raw, "hex") return decode(hex, "utf-8").upper()