dissect.target.helpers.keychain

Module Contents

Classes

KeyType

Valid key types.

Key

Functions

register_key

get_all_keys

get_keys_for_provider

get_keys_without_provider

parse_key_type

register_wildcard_value

register_keychain_file

Register all keys from provided keychain file.

Attributes

log

KEYCHAIN

dissect.target.helpers.keychain.log
class dissect.target.helpers.keychain.KeyType

Bases: enum.Enum

Valid key types.

RAW = 'raw'
PASSPHRASE = 'passphrase'
RECOVERY_KEY = 'recovery_key'
FILE = 'file'
class dissect.target.helpers.keychain.Key

Bases: NamedTuple

key_type: KeyType
value: str | bytes
provider: str | None = None
identifier: str | None = None
is_wildcard: bool = False
dissect.target.helpers.keychain.KEYCHAIN: list[Key] = []
dissect.target.helpers.keychain.register_key(key_type: KeyType, value: str, identifier: str | None = None, provider: str | None = None, is_wildcard: bool = False) None
dissect.target.helpers.keychain.get_all_keys() list[Key]
dissect.target.helpers.keychain.get_keys_for_provider(provider: str) list[Key]
dissect.target.helpers.keychain.get_keys_without_provider() list[Key]
dissect.target.helpers.keychain.parse_key_type(key_type_name: str) KeyType
dissect.target.helpers.keychain.register_wildcard_value(value: str) None
dissect.target.helpers.keychain.register_keychain_file(keychain_path: pathlib.Path) None

Register all keys from provided keychain file.

The keychain file is a CSV file in “excel” dialect with the columns:

provider,key_type,identifier,value

Values in columns key_type and value are required, provider and identifier are optional. Example of the CSV-serialised data:

bitlocker,recovery_key,,312268-409816-583517-486695-627121-599511-664389-145640 bitlocker,passphrase,,Password1234 ,passphrase,,AnotherTestPassword bitlocker,passphrase,b6ad258a-2725-4a42-93c6-844478bf7a90,Password1234 bitlocker,passphrase,,”Password with comma, space and quotes ‘ and “” inside”