def decrypt(self, masterkey, entropy=None, strongPassword=None):
"""Try to decrypt the blob. Returns True/False
:rtype : bool
:param masterkey: decrypted masterkey value
:param entropy: optional entropy for decrypting the blob
:param strongPassword: optional password for decrypting the blob
"""
for algo in [crypto.CryptSessionKeyXP, crypto.CryptSessionKeyWin7]:
sessionkey = algo(masterkey,
self.salt,
self.hashAlgo,
entropy=entropy,
strongPassword=strongPassword)
key = crypto.CryptDeriveKey(sessionkey, self.cipherAlgo,
self.hashAlgo)
cipher = self.cipherAlgo.module.new(
key[:self.cipherAlgo.keyLength],
mode=self.cipherAlgo.module.MODE_CBC,
IV="\x00" * self.cipherAlgo.ivLength)
self.cleartext = cipher.decrypt(self.cipherText)
padding = ord(self.cleartext[-1])
if padding <= self.cipherAlgo.blockSize:
self.cleartext = self.cleartext[:-padding]
# check against provided HMAC
self.signComputed = algo(masterkey,
self.hmac,
self.hashAlgo,
entropy=entropy,
verifBlob=self.blob)
self.decrypted = self.signComputed == self.sign
if self.decrypted:
return True
self.decrypted = False
return self.decrypted
def decrypt(self, masterkey, entropy=None, strongPassword=None):
"""Try to decrypt the blob. Returns True/False
:rtype : bool
:param masterkey: decrypted masterkey value
:param entropy: optional entropy for decrypting the blob
:param strongPassword: optional password for decrypting the blob
"""
for algo in [crypto.CryptSessionKeyXP, crypto.CryptSessionKeyWin7]:
try:
sessionkey = algo(masterkey,
self.salt,
self.hashAlgo,
entropy=entropy,
strongPassword=strongPassword)
key = crypto.CryptDeriveKey(sessionkey, self.cipherAlgo,
self.hashAlgo)
cipher = M2Crypto.EVP.Cipher(
self.cipherAlgo.m2name, key[:self.cipherAlgo.keyLength],
b"\x00" * self.cipherAlgo.ivLength, M2Crypto.decrypt, 0)
cipher.set_padding(1)
self.cleartext = cipher.update(
self.cipherText) + cipher.final()
# check against provided HMAC
self.signComputed = algo(masterkey,
self.hmac,
self.hashAlgo,
entropy=entropy,
strongPassword=self.blob)
self.decrypted = self.signComputed == self.sign
if self.decrypted:
return True
except M2Crypto.EVP.EVPError:
pass
self.decrypted = False
return self.decrypted
def test_CryptDeriveKeyWin8(self):
h = ("d9a268bcc45620cd4602f17e7b1c0b28"
"671a34f34ffb09c752f822c11464bea3"
"4d3090ba78ece4703f190d4a0f22cd1b"
"4cf224685eb317c6617f12368fd5197e").decode("hex")
c = crypto.CryptoAlgo(0x6610)
algo = crypto.CryptoAlgo(0x800e)
self.assertEquals(crypto.CryptDeriveKey(h, c, algo), h)
def test_CryptDeriveKeyXP(self):
h = "9e0ee9a096bcd43c315a211dc7fdb1fd1a01cbec".decode("hex")
c = crypto.CryptoAlgo(0x6610)
r = ("e41a0d8b93243370b3722699588a83b2"
"28b533d82e609a6932bb2f9899be9a4a"
"f06a5a420963de45").decode("hex")
algo = crypto.CryptoAlgo(0x8004)
self.assertEquals(crypto.CryptDeriveKey(h, c, algo), r)