| 300 | return keyMaterial[:keylen] |
| 301 | |
| 302 | def decrypt(self, key): |
| 303 | if self['HashAlgo'] == ALGORITHMS.CALG_HMAC.value: |
| 304 | hashModule = SHA1 |
| 305 | else: |
| 306 | hashModule = ALGORITHMS_DATA[self['HashAlgo']][1] |
| 307 | |
| 308 | prf = lambda p, s: HMAC.new(p, s, hashModule).digest() |
| 309 | derivedBlob = self.deriveKey(key, self['Salt'], |
| 310 | ALGORITHMS_DATA[self['CryptAlgo']][0] + ALGORITHMS_DATA[self['CryptAlgo']][3], |
| 311 | count=self['MasterKeyIterationCount'], hashFunction=prf) |
| 312 | |
| 313 | cryptKey = derivedBlob[:ALGORITHMS_DATA[self['CryptAlgo']][0]] |
| 314 | iv = derivedBlob[ALGORITHMS_DATA[self['CryptAlgo']][0]:][:ALGORITHMS_DATA[self['CryptAlgo']][3]] |
| 315 | |
| 316 | cipher = ALGORITHMS_DATA[self['CryptAlgo']][1].new(cryptKey, mode = ALGORITHMS_DATA[self['CryptAlgo']][2], iv = iv) |
| 317 | cleartext = cipher.decrypt(self['data']) |
| 318 | |
| 319 | decryptedKey = cleartext[-64:] |
| 320 | hmacSalt = cleartext[:16] |
| 321 | hmac = cleartext[16:][:ALGORITHMS_DATA[self['HashAlgo']][0]] |
| 322 | |
| 323 | hmacKey = HMAC.new(key, hmacSalt, hashModule).digest() |
| 324 | |
| 325 | hmacCalculated = HMAC.new(hmacKey, decryptedKey, hashModule ).digest() |
| 326 | |
| 327 | if hmacCalculated[:ALGORITHMS_DATA[self['HashAlgo']][0]] == hmac: |
| 328 | self.decryptedKey = decryptedKey |
| 329 | return decryptedKey |
| 330 | else: |
| 331 | return None |
| 332 | |
| 333 | class CredHist(Structure): |
| 334 | structure = ( |