def test_DPAPIHmac_sha1(self):
pwdhash = "3fe9c8cffc26443a41ec4a54daf11be86bec0ecb".decode("hex")
hmacSalt = "adc26f78a93e28e2b37bac0b4719011a".decode("hex")
value = ("ba03b9f6bbdad54015d16009ff29d7be"
"d19b821cdb735236feeb4be82b4e8a3d"
"211cc28cd79c56f1846afd85fe2c040e"
"aa0b997aaec19b88efd945b3303ca1e5").decode("hex")
result = "8bcd1e26420dca0ffb36d78387bb7ac755591c36".decode("hex")
self.assertEquals(crypto.DPAPIHmac(crypto.CryptoAlgo(0x8009), pwdhash, hmacSalt, value), result)
self.assertEquals(crypto.DPAPIHmac(crypto.CryptoAlgo(0x8004), pwdhash, hmacSalt, value), result)
def decryptWithKey(self, pwdhash):
"""Decrypts the masterkey with the given encryption key. This function
also extracts the HMAC part of the decrypted stuff and compare it with
the computed one.
Note that, once successfully decrypted, the masterkey will not be
decrypted anymore; this function will simply return.
"""
if self.decrypted:
return
if not self.ciphertext:
return
# Compute encryption key
cleartxt = crypto.dataDecrypt(self.cipherAlgo, self.hashAlgo,
self.ciphertext, pwdhash, self.iv,
self.rounds)
self.key = cleartxt[-64:]
self.hmacSalt = cleartxt[:16]
self.hmac = cleartxt[16:16 + self.hashAlgo.digestLength]
self.hmacComputed = crypto.DPAPIHmac(self.hashAlgo, pwdhash,
self.hmacSalt, self.key)
self.decrypted = self.hmac == self.hmacComputed
if self.decrypted:
self.key_hash = hashlib.sha1(self.key).digest()
def test_DPAPIHmac_sha512(self):
pwdhash = "84e40ab5bab2c5a2965fd185d60cf92fe2c1c9d2".decode("hex")
hmacSalt = "d23ad4bb1e254c67e2ff2902de8683b3".decode("hex")
value = ("63dd99a8e4dc85330db0996aedd2a270"
"6405201ed74831e084f3b18fc5fdd209"
"497a2f95c2a4004e54ec731e045d9d38"
"1861c37760c9d9581662adb67f85255e").decode("hex")
result = ("c5214e216690a6faec7da6e8e04a2d5d"
"1dabc1a20796811e7bc6f8146893166c"
"1cc9715bf0021c300cf616fa5a763a55"
"42a93ac3c58c42c5c54ab94d9186864f").decode("hex")
self.assertEquals(crypto.DPAPIHmac(crypto.CryptoAlgo(0x800e), pwdhash, hmacSalt, value), result)