:py:mod:`dissect.target.plugins.os.windows.dpapi.blob`
======================================================

.. py:module:: dissect.target.plugins.os.windows.dpapi.blob




Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.windows.dpapi.blob.Blob




Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.windows.dpapi.blob.blob_def
   dissect.target.plugins.os.windows.dpapi.blob.c_blob


.. py:data:: blob_def
   :value: Multiline-String

   .. raw:: html

      <details><summary>Show Value</summary>

   .. code-block:: python

      """
      struct DPAPIBlob {
          DWORD   dwVersion;
          char    provider[16];
          DWORD   mkVersion;
          char    guid[16];
          DWORD   flags;
          DWORD   descriptionLength;
          char    description[descriptionLength];
          DWORD   CipherAlgId;
          DWORD   keyLen;
          DWORD   saltLength;
          char    salt[saltLength];
          DWORD   strongLength;
          char    strong[strongLength];
          DWORD   CryptAlgId;
          DWORD   hashLen;
          DWORD   hmacLength;
          char    hmac[hmacLength];
          DWORD   cipherTextLength;
          char    cipherText[cipherTextLength];
          DWORD   signLength;
          char    sign[signLength];
      };
      """

   .. raw:: html

      </details>



.. py:data:: c_blob

.. py:class:: Blob(data: bytes)

   Represents a DPAPI blob.


   .. py:attribute:: version


   .. py:attribute:: provider
      :value: ''



   .. py:attribute:: mkversion


   .. py:attribute:: guid
      :value: ''



   .. py:attribute:: flags


   .. py:attribute:: description


   .. py:attribute:: cipher_algorithm


   .. py:attribute:: key_len


   .. py:attribute:: salt


   .. py:attribute:: strong


   .. py:attribute:: hash_algorithm


   .. py:attribute:: hash_len


   .. py:attribute:: hmac


   .. py:attribute:: cipher_text


   .. py:attribute:: blob


   .. py:attribute:: sign


   .. py:attribute:: clear_text
      :value: None



   .. py:attribute:: decrypted
      :value: False



   .. py:attribute:: sign_computed
      :value: None



   .. py:method:: decrypt(master_key: bytes, entropy: bytes | None = None, strong_password: str | None = None, smart_card_secret: bytes | None = None) -> bool

      Try to decrypt the blob with the given master key.

      :param master_key: Decrypted master key value.
      :param entropy: Optional entropy for decrypting the blob.
      :param strong_password: Optional password for decrypting the blob.
      :param smart_card_secret: MS Next Gen Crypto secret (e.g. from PIN code).

      :returns: True if decryption is succesful, False otherwise.



   .. py:method:: __repr__() -> str