-
Notifications
You must be signed in to change notification settings - Fork 0
/
windows_cryptography.py
33 lines (27 loc) · 1.22 KB
/
windows_cryptography.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
from ctypes import windll, Structure, c_int, c_char_p, byref
crypt_unprotect_data = windll.crypt32.CryptUnprotectData
"""
crypt_unprotect_data(
pDataIn, # A pointer to the DataBlob holding the encrypted data.
ppszDataDescr, # Set to None
pOptionalEntropy, # Set to None
pvReserved, # Set to None
pPromptStruct, # Set to None
dwFlags, # Set to None
pDataOut) # A pointer to an empty DataBlob where the output will be stored.
For more information on the function CryptUnprotectData, visit:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa380882.aspx
"""
# The DataBlob definition is a translation from the C++ code located here:
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa381414.aspx
class DataBlob(Structure):
_fields_ = [("cbData", c_int), ("pbData", c_char_p)]
# :cBData: A variable representing the length of the encrypted data.
# :pbData: A pointer to the encrypted data.
def decrypt(binary_encryption):
data_in = DataBlob(len(binary_encryption), c_char_p(binary_encryption))
data_out = DataBlob()
if crypt_unprotect_data(byref(data_in), None, None, None, None, None, byref(data_out)):
return data_out.pbData, data_out.cbData
else:
return ""