def decrypt_with_key(self, enckey):
"""
Decrypts this credhist entry using the given encryption key.
"""
cleartxt = crypto.dataDecrypt(self.credhist.cipherAlgo, self.credhist.hashAlgo, self.credhist.encrypted, enckey,
self.credhist.iv, self.credhist.rounds)
self.pwdhash = cleartxt[:self.credhist.shaHashLen]
self.ntlm = cleartxt[self.credhist.shaHashLen:self.credhist.shaHashLen + self.credhist.ntHashLen].rstrip("\x00")
if len(self.ntlm) != 16:
self.ntlm = None
def decrypt_with_key(self, pwdhash): """ Decrypts the masterkey with the given encryption key. This function also extracts the HMAC part of the decrypted stuff and compare it with the computed one. Note that, once successfully decrypted, the masterkey will not be decrypted anymore; this function will simply return. """ if self.decrypted or not self.mk.ciphertext: return # Compute encryption key cleartxt = crypto.dataDecrypt(self.mk.cipherAlgo, self.mk.hashAlgo, self.mk.ciphertext, pwdhash, self.mk.iv, self.mk.rounds) self.key = cleartxt[-64:] hmacSalt = cleartxt[:16] hmac = cleartxt[16:16 + self.mk.hashAlgo.digestLength] hmacComputed = crypto.DPAPIHmac(self.mk.hashAlgo, pwdhash, hmacSalt, self.key) self.decrypted = hmac == hmacComputed if self.decrypted: self.key_hash = hashlib.sha1(self.key).digest()