def test_dataDecrypt_3des_sha1(self): r = ("95bb351da2ee8c4463c5092a931feba5" "613f7bbf1570ecdefd887d5bae9dc18f" "a95724c1976c22012fae9cdbf6f70c4a" "aab721b9a87e17d725d9dd110f933977" "7df1b807c90af31a").decode("hex") e = "3fe9c8cffc26443a41ec4a54daf11be86bec0ecb".decode("hex") iv = "d43b01cc0590035e567e07b44b6ccead".decode("hex") c = ("a2dec8f74d35c7c8de819041309ea0da" "720868aa714d72ea94dbb8449b6aec31" "58af336a27e482ee14fc79af2de4c98b" "fd0d1114168c6d1b54deb513cc7e5bd6" "aa7871e9f7b46965").decode("hex") self.assertEquals(crypto.dataDecrypt(crypto.CryptoAlgo(0x6603), crypto.CryptoAlgo(0x8009), r, e, iv, 1), c) self.assertEquals(crypto.dataDecrypt(crypto.CryptoAlgo(0x6603), crypto.CryptoAlgo(0x8004), r, e, iv, 1), c)
def decryptWithKey(self, pwdhash): """Decrypts the masterkey with the given encryption key. This function also extracts the HMAC part of the decrypted stuff and compare it with the computed one. Note that, once successfully decrypted, the masterkey will not be decrypted anymore; this function will simply return. """ if self.decrypted: return if not self.ciphertext: return # Compute encryption key cleartxt = crypto.dataDecrypt(self.cipherAlgo, self.hashAlgo, self.ciphertext, pwdhash, self.iv, self.rounds) self.key = cleartxt[-64:] self.hmacSalt = cleartxt[:16] self.hmac = cleartxt[16:16 + self.hashAlgo.digestLength] self.hmacComputed = crypto.DPAPIHmac(self.hashAlgo, pwdhash, self.hmacSalt, self.key) self.decrypted = self.hmac == self.hmacComputed if self.decrypted: self.key_hash = hashlib.sha1(self.key).digest()
def test_dataDecrypt_aes256_sha512(self): r = ("ac23e4d5efcb8979f05fbcb275832a8d" "ee9576fbaae76a4de7ead2f313e84bf7" "e4be7940b49319463c8cd25a1b4a67c1" "5adfbb02e2bbe42c24cd44bec3b9740b" "45ebcce3a2ef2788867c28168bf93ea0" "48844897f2854df5ac4eb000f72c3a6f" "25c65d5347e73c77120cfc3150c87e57" "52a017510c1486e71a9d0c32b79f333f" "2d0cda0ecc20774cbed8ca071aab9768").decode("hex") e = "84e40ab5bab2c5a2965fd185d60cf92fe2c1c9d2".decode("hex") iv = "1f63ff38751365ec54748b13d962698e".decode("hex") c = ("d23ad4bb1e254c67e2ff2902de8683b3" "ca5dc108b821333e2d5059ac6f26db1a" "7826abdc93feadcf76aa4db9c0ce32ed" "0b261f95f6960a81195231b91a9dd20b" "d6a6c5fb8aa6a008b11992d5c191d0b0" "63dd99a8e4dc85330db0996aedd2a270" "6405201ed74831e084f3b18fc5fdd209" "497a2f95c2a4004e54ec731e045d9d38" "1861c37760c9d9581662adb67f85255e").decode("hex") self.assertEquals( crypto.dataDecrypt(crypto.CryptoAlgo(0x6610), crypto.CryptoAlgo(0x800e), r, e, iv, 5600), c)
def decryptWithKey(self, enckey): """Decrypts this credhist entry using the given encryption key.""" cleartxt = crypto.dataDecrypt(self.cipherAlgo, self.hashAlgo, self.encrypted, enckey, self.iv, self.rounds) self.pwdhash = cleartxt[:self.shaHashLen] self.ntlm = cleartxt[self.shaHashLen:self.shaHashLen + self.ntHashLen].rstrip("\x00") if len(self.ntlm) != 16: self.ntlm = None
def decryptWithKey(self, enckey): """Decrypts this credhist entry using the given encryption key.""" cleartxt = crypto.dataDecrypt(self.cipherAlgo, self.hashAlgo, self.encrypted, enckey, self.iv, self.rounds) self.pwdhash = cleartxt[:self.shaHashLen] self.ntlm = cleartxt[self.shaHashLen:self.shaHashLen + self.ntHashLen].rstrip(b"\x00") if len(self.ntlm) != 16: self.ntlm = None
def test_dataDecrypt_aes256_sha512(self): r = ("ac23e4d5efcb8979f05fbcb275832a8d" "ee9576fbaae76a4de7ead2f313e84bf7" "e4be7940b49319463c8cd25a1b4a67c1" "5adfbb02e2bbe42c24cd44bec3b9740b" "45ebcce3a2ef2788867c28168bf93ea0" "48844897f2854df5ac4eb000f72c3a6f" "25c65d5347e73c77120cfc3150c87e57" "52a017510c1486e71a9d0c32b79f333f" "2d0cda0ecc20774cbed8ca071aab9768").decode("hex") e = "84e40ab5bab2c5a2965fd185d60cf92fe2c1c9d2".decode("hex") iv = "1f63ff38751365ec54748b13d962698e".decode("hex") c = ("d23ad4bb1e254c67e2ff2902de8683b3" "ca5dc108b821333e2d5059ac6f26db1a" "7826abdc93feadcf76aa4db9c0ce32ed" "0b261f95f6960a81195231b91a9dd20b" "d6a6c5fb8aa6a008b11992d5c191d0b0" "63dd99a8e4dc85330db0996aedd2a270" "6405201ed74831e084f3b18fc5fdd209" "497a2f95c2a4004e54ec731e045d9d38" "1861c37760c9d9581662adb67f85255e").decode("hex") self.assertEquals(crypto.dataDecrypt(crypto.CryptoAlgo(0x6610), crypto.CryptoAlgo(0x800e), r, e, iv, 5600), c)
def decryptWithKey(self, pwdhash): """Decrypts the masterkey with the given encryption key. This function also extracts the HMAC part of the decrypted stuff and compare it with the computed one. Note that, once successfully decrypted, the masterkey will not be decrypted anymore; this function will simply return. """ if self.decrypted: return if not self.ciphertext: return ## Compute encryption key cleartxt = crypto.dataDecrypt(self.cipherAlgo, self.hashAlgo, self.ciphertext, pwdhash, self.iv, self.rounds) self.key = cleartxt[-64:] self.hmacSalt = cleartxt[:16] self.hmac = cleartxt[16:16 + self.hashAlgo.digestLength] self.hmacComputed = crypto.DPAPIHmac(self.hashAlgo, pwdhash, self.hmacSalt, self.key) self.decrypted = self.hmac == self.hmacComputed if self.decrypted: self.key_hash = hashlib.sha1(self.key).digest()