[docs]@staticmethoddefverifypw(password,salt,keySize,encryptedVerifier,encryptedVerifierHash,algId=0x00006801,block=0):r""" Return True if the given password is valid. """# TODO: For consistency with others, rename method to verify_password or the like# https://msdn.microsoft.com/en-us/library/dd953617(v=office.12).aspxkey=_makekey(password,salt,keySize,block)cipher=Cipher(algorithms.ARC4(key),mode=None,backend=default_backend())decryptor=cipher.decryptor()verifier=decryptor.update(encryptedVerifier)verfiferHash=decryptor.update(encryptedVerifierHash)hash=sha1(verifier).digest()logging.debug([verfiferHash,hash])returnhash==verfiferHash
[docs]@staticmethoddefdecrypt(password,salt,keySize,ibuf,blocksize=0x200,block=0):r""" Return decrypted data. """obuf=io.BytesIO()key=_makekey(password,salt,keySize,block)forc,bufinenumerate(iter(functools.partial(ibuf.read,blocksize),b"")):cipher=Cipher(algorithms.ARC4(key),mode=None,backend=default_backend())decryptor=cipher.decryptor()dec=decryptor.update(buf)+decryptor.finalize()obuf.write(dec)# From wvDecrypt:# at this stage we need to rekey the rc4 algorithm# Dieter Spaar <spaar@mirider.augusta.de> figured out# this rekeying, big kudos to himblock+=1key=_makekey(password,salt,keySize,block)obuf.seek(0)returnobuf