5Xc @sQdZddlmZddlZejeZddlmZddl m Z m Z ddl m Z ddlmZedjZddljjZd d d d d gZd ejejejfdYZd ejfdYZejd eddddddZd ejejfdYZd ejejfdYZ dS(s;passlib.handlers.nthash - Microsoft Windows -related hashesi(thexlifyN(twarn(t to_unicodetright_pad_string(tunicode(t lookup_hashtmd4tlmhashtnthasht bsd_nthashtmsdcctmsdcc2cBseeZdZdZd ZejZdZdZ dZ e dZ dZ dZe d d ZRS( sThis class implements the Lan Manager Password hash, and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.using` method accepts a single optional keyword: :param bool truncate_error: By default, this will silently truncate passwords larger than 14 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.verify` methods accept a single optional keyword: :type encoding: str :param encoding: This specifies what character encoding LMHASH should use when calculating digest. It defaults to ``cp437``, the most common encoding encountered. Note that while this class outputs digests in lower-case hexadecimal, it will accept upper-case as well. Rttruncate_errori itcp437cCs |jS(N(tlower(tclsthash((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt _norm_hashUscCs;|jr|j|nt|j||jjdS(Ntascii(t use_defaultst_check_truncate_policyRtrawtencodingtdecode(tselftsecret((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt_calc_checksumYs sKGS!@#$%cCs|s|j}nddlm}|j}t|trR|jj|}n*t|trp|j}n t dt |d}||dd!|||dd!|S(sencode password using LANMAN hash algorithm. :type secret: unicode or utf-8 encoded bytes :arg secret: secret to hash :type encoding: str :arg encoding: optional encoding to use for unicode inputs. this defaults to ``cp437``, which is the common case for most situations. :returns: returns string of raw bytes i(tdes_encrypt_blockssecret must be unicode or bytesiii( tdefault_encodingtpasslib.crypto.desRt_magict isinstanceRtuppertencodetbytest TypeErrorR(RRRRtMAGIC((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRcs   (R N(t__name__t __module__t__doc__tnamet setting_kwdstuht HEX_CHARStchecksum_charst checksum_sizet truncate_sizeRt classmethodRRRtNoneR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRs  cBs\eZdZdZejZdZedZ dZ edZ ee dZ RS(sThis class implements the NT Password hash, and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept no optional keywords. Note that while this class outputs lower-case hexadecimal digests, it will accept upper-case digests as well. Ri cCs |jS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRscCst|j|jdS(NR(RRR(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRscCs.t|ddd}t|jdjS(sencode password using MD4-based NTHASH algorithm :arg secret: secret as unicode or utf-8 encoded bytes :returns: returns string of raw bytes sutf-8tparamRs utf-16-le(RRR!tdigest(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRscCs9tdttj|}|r5t|jdS|S(Nsfnthash.raw_nthash() is deprecated, and will be removed in Passlib 1.8, please use nthash.raw() insteadR(RtDeprecationWarningRRRR(RRthextret((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt raw_nthashs(R%R&R'R(R*R+R,R-R/RRRtFalseR6(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRs    tprefixs$3$$tidenttdocsZThe class support FreeBSD's representation of NTHASH (which is compatible with the :ref:`modular-crypt-format`), and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept no optional keywords. cBsJeZdZdZejZdZedZ dZ edZ RS(sKThis class implements Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following optional keywords: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). Note that while this class outputs lower-case hexadecimal digests, it will accept upper-case digests as well. R i cCs |jS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRscCs"t|j||jjdS(NR(RRtuserR(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR scCsbt|dddjd}t|dddjjd}tt|j|jS(sencode password using mscash v1 algorithm :arg secret: secret as unicode or utf-8 encoded bytes :arg user: username to use as salt :returns: returns string of raw bytes sutf-8R1Rs utf-16-leR;(RR!RRR2(RRR;((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR s $( R%R&R'R(R*R+R,R-R/RRR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR s  cBsJeZdZdZejZdZedZ dZ edZ RS(sThis class implements version 2 of Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following extra keyword: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). R i cCs |jS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR3scCs"t|j||jjdS(NR(RRR;R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR7scCsddlm}t|dddjd}t|dddjjd}tt|j|j}|d||d d S( sencode password using msdcc v2 algorithm :type secret: unicode or utf-8 bytes :arg secret: secret :type user: str :arg user: username to use as salt :returns: returns string of raw bytes i(t pbkdf2_hmacsutf-8R1Rs utf-16-leR;tsha1i(i(tpasslib.crypto.digestR<RR!RRR2(RRR;R<ttmp((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR:s $"( R%R&R'R(R*R+R,R-R/RRR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR s  (!R'tbinasciiRtloggingt getLoggerR%tlogtwarningsRt passlib.utilsRRtpasslib.utils.compatRR>RtconstRtpasslib.utils.handlerstutilsthandlersR*t__all__t TruncateMixintHasEncodingContextt StaticHandlerRRt PrefixWrapperR tHasUserContextR R (((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyts(  %t3 "0