
Module Contents




Implementation of PBKDF2 that allows specifying digest algorithm.


Internal function used to compute HMACs of DPAPI structures.


Computes the decryption key for Type1 DPAPI blob, given the master key and optional information.


Computes the decryption key for Type2 DPAPI blob, given the masterkey and optional information.


Internal use. Computes the encryption key from a user's password hash.


dissect.target.plugins.os.windows.dpapi.crypto.HAS_CRYPTO = True
dissect.target.plugins.os.windows.dpapi.crypto.CIPHER_ALGORITHMS: dict[int | str, CipherAlgorithm]
dissect.target.plugins.os.windows.dpapi.crypto.HASH_ALGORITHMS: dict[int | str, HashAlgorithm]
class dissect.target.plugins.os.windows.dpapi.crypto.CipherAlgorithm
id: int
name: str
key_length: int
iv_length: int
block_length: int
classmethod __init_subclass__()
classmethod from_id(id: int) CipherAlgorithm
classmethod from_name(name: str) CipherAlgorithm
derive_key(key: bytes, hash_algorithm: HashAlgorithm) bytes

Mimics the corresponding native Microsoft function.

decrypt_with_hmac(data: bytes, key: bytes, iv: bytes, hash_algorithm: HashAlgorithm, rounds: int) bytes
abstract decrypt(data: bytes, key: bytes, iv: bytes | None = None) bytes
class dissect.target.plugins.os.windows.dpapi.crypto.HashAlgorithm
id: int
name: str
digest_length: int
block_length: int
classmethod __init_subclass__()
classmethod from_id(id: int) HashAlgorithm
classmethod from_name(name: str) HashAlgorithm | None
dissect.target.plugins.os.windows.dpapi.crypto.pbkdf2(passphrase: bytes, salt: bytes, key_len: int, iterations: int, digest: str = 'sha1') bytes

Implementation of PBKDF2 that allows specifying digest algorithm.

Returns the corresponding expanded key which is key_len long.

dissect.target.plugins.os.windows.dpapi.crypto.dpapi_hmac(pwd_hash: bytes, hmac_salt: bytes, value: bytes, hash_algorithm: HashAlgorithm) bytes

Internal function used to compute HMACs of DPAPI structures.

dissect.target.plugins.os.windows.dpapi.crypto.crypt_session_key_type1(master_key: bytes, nonce: bytes | None, hash_algorithm: HashAlgorithm, entropy: bytes | None = None, strong_password: str | None = None, smart_card_secret: bytes | None = None, verify_blob: bytes | None = None) bytes

Computes the decryption key for Type1 DPAPI blob, given the master key and optional information.

This implementation relies on a faulty implementation from Microsoft that does not respect the HMAC RFC. Instead of updating the inner pad, we update the outer pad. This algorithm is also used when checking the HMAC for integrity after decryption.

  • master_key – Decrypted master key (should be 64 bytes long).

  • nonce – This is the nonce contained in the blob or the HMAC in the blob (integrity check).

  • hash_algorithm – A HashAlgorithm to use for calculating block sizes.

  • entropy – This is the optional entropy from CryptProtectData() API.

  • strong_password – Optional password used for decryption or the blob itself.

  • smart_card_secret – Optional MS Next Gen Crypto secret (e.g. from PIN code).

  • verify_blob – Optional encrypted blob used for integrity check.


decryption key

dissect.target.plugins.os.windows.dpapi.crypto.crypt_session_key_type2(masterkey: bytes, nonce: bytes, hash_algorithm: HashAlgorithm, entropy: bytes | None = None, strong_password: str | None = None, smart_card_secret: bytes | None = None, verify_blob: bytes | None = None) bytes

Computes the decryption key for Type2 DPAPI blob, given the masterkey and optional information.

This implementation relies on an RFC compliant HMAC implementation. This algorithm is also used when checking the HMAC for integrity after decryption.

  • master_key – Decrypted master key (should be 64 bytes long).

  • nonce – This is the nonce contained in the blob or the HMAC in the blob (integrity check).

  • hash_algo – A HashAlgorithm to use for calculating block sizes.

  • entropy – This is the optional entropy from CryptProtectData() API.

  • strong_password – Optional password used for decryption or the blob itself.

  • smart_card_secret – Optional MS Next Gen Crypto secret (e.g. from PIN code). Only for API compatibility.

  • verify_blob – Optional encrypted blob used for integrity check.


decryption key

dissect.target.plugins.os.windows.dpapi.crypto.derive_password_hash(password_hash: bytes, user_sid: str, digest: str = 'sha1') bytes

Internal use. Computes the encryption key from a user’s password hash.