\Xc@sRdZddlmZmZddlmZmZddlZeje Z ddl m Z ddl mZmZddlmZmZmZmZddlmZddljjZd d d d d dgZdejejejejfdYZ dde dZ"e"ddddedZ#e"dddZ$e"dddZ%ej&de#ddde'Z(ej&d e$d!d"de'Z)ej&d#e%d$d%de'Z*d&Z+d ejejejejfd'YZ,d ejej-ejfd(YZ.d)ejejejfd*YZ/dejejejejfd+YZ0dS(,s,passlib.handlers.pbkdf - PBKDF2 based hashesi(thexlifyt unhexlify(t b64encodet b64decodeN(t to_unicode(t ab64_decodet ab64_encode(t str_to_basciitut uascii_to_strtunicode(t pbkdf2_hmact pbkdf2_sha1t pbkdf2_sha256t pbkdf2_sha512tcta_pbkdf2_sha1tdlitz_pbkdf2_sha1tgrub_pbkdf2_sha512tPbkdf2DigestHandlercBsheZdZd ZejZdZdZd Z dZ dZ dZ d Zed Zd Zd ZRS(s1base class for various pbkdf2_{digest} algorithmstsaltt salt_sizetroundsiiiItlinearcCsptj||jd|\}}}t|jd}|rWt|jd}n|d|d|d|S(NthandlertasciiRRtchecksum(tuht parse_mc3tidentRtencode(tclsthashRRtchk((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt from_string?s $cCsLt|jjd}t|jjd}tj|j|j||S(NR(RRtdecodeRRt render_mc3RR(tselfRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt to_stringGscCs"t|j||j|j|jS(N(R t_digestRRt checksum_size(R$tsecret((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt_calc_checksumLs(ssaltRsroundsN(t__name__t __module__t__doc__t setting_kwdsRt HASH64_CHARStchecksum_charstdefault_salt_sizet max_salt_sizetNonetdefault_roundst min_roundst max_roundst rounds_costR&t classmethodR!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRs   i.cCsd|}|dkr,td|f}nt}t||ftd|d|d|d|d|d|d |d d d d dtd|jd|jd|S(s;create new Pbkdf2DigestHandler subclass for a specific hashtpbkdf2_s $pbkdf2-%s$R+tnameRR&R3R'tencoded_checksum_sizeiiiR,s$This class implements a generic ``PBKDF2-HMAC-%(digest)s``-based password hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be between 0-1024 bytes. If not specified, a %(dsc)d byte salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to %(dsc)d bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to %(dr)d, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 tdigesttdsctdrN(R2RRttypetdicttupperR0(t hash_namet digest_sizeRRtmoduleR9tbase((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pytcreate_pbkdf2_hashPs   tsha1iiRs$pbkdf2$tsha256i iHqtsha512i@iatldap_pbkdf2_sha1s{PBKDF2}tldap_pbkdf2_sha256s{PBKDF2-SHA256}s$pbkdf2-sha256$tldap_pbkdf2_sha512s{PBKDF2-SHA512}s$pbkdf2-sha512$s-_cBsteZdZdZdZedZdZdZdZ e j Z d Z d Z d Zed Zd ZdZRS(sThis class implements Cryptacular's PBKDF2-based crypt algorithm, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, it may be any length. If not specified, a one will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 16 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 60000, must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRs$p5k2$iiiiIRcCs|tj||jddd|\}}}t|jdt}|rct|jdt}n|d|d|d|S(Nt rounds_baseiRRRRR(RRRRRt CTA_ALTCHARS(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!s *cCsXt|jtjd}t|jtjd}tj|j|j||ddS(NRRLi( RRRMR"RRR#RR(R$RR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%scCstd||j|jdS(NRFi(R RR(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)s(ssalts salt_sizesrounds(R*R+R,R9R-RRR'R0R1R R3R4R5R6R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRs     cBseZdZdZdZedZedddZd Zd Z e j Z e jZd Zd Zd ZedZdZdZdZRS(sCThis class implements Dwayne Litzenberger's PBKDF2-based crypt algorithm, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If specified, it may be any length, but must use the characters in the regexp range ``[./0-9A-Za-z]``. If not specified, a 16 character salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 16 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 60000, must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRs$p5k2$t0i0t=iiiIRc CsItj||jddddd|\}}}|d|d|d|S( NRLiR3iRRRR(RRR(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!9scCsC|j}|dkrd}ntj|j||j|jddS(NiRLi(RR2RR#RRR(R$R((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%?s   cCs@|j}|dkrd}ntj|j||jdddS(NiRLi(RR2RR#RR(R$R((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt _get_configEs   cCs:|j}td|||jd}t|jdS(NRFiR(RPR RRR"(R$R(Rtresult((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)Ns (ssalts salt_sizesrounds(R*R+R,R9R-RRt_stub_checksumR0R1RR.t salt_charsR R3R4R5R6R7R!R%RPR)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRs        tatlassian_pbkdf2_sha1cBsWeZdZdZd ZedZdZdZZ e dZ dZ dZ RS( sBThis class implements the PBKDF2 hash used by Atlassian. It supports a fixed-length salt, and a fixed number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be exactly 16 bytes. If not specified, a salt will be autogenerated (this is recommended). :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 RTRs {PKCS5S2}i icCst|dd}|j}|j|s?tjj|nt|t|jd}|d |d}}|d|d|S(NRRiRR( RRt startswithRtexctInvalidHashErrorRtlenR(RRRtdataRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!{s cCs6|j|j}|jt|jd}t|S(NR(RRRRR"R (R$RYR((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%scCstd||jddS(NRFi'i (R R(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)s(ssalt(R*R+R,R9R-RRR't min_salt_sizeR1R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRT[s   cBsteZdZdZdZedZdZdZdZ e j Z dZ d Z d Zed Zd Zd ZRS(sThis class implements Grub's pbkdf2-hmac-sha512 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be between 0-1024 bytes. If not specified, a 64 byte salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 64 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 19000, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRsgrub.pbkdf2.sha512.i@iiIRcCs|tj||jdtdd|\}}}t|jd}|rct|jd}n|d|d|d|S(Ntsept.RRRRR(RRRRRR(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!s cCsdt|jjdj}t|jjdj}tj|j|j||dt dS(NRR[R\( RRR"R@RRR#RRR(R$RR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%scCstd||j|jdS(NRHi@(R RR(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)s(ssalts salt_sizesrounds(R*R+R,R9R-RRR'R0R1RR3R4R5R6R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRs    (1R,tbinasciiRRtbase64RRtloggingt getLoggerR*tlogt passlib.utilsRtpasslib.utils.binaryRRtpasslib.utils.compatRRR R tpasslib.crypto.digestR tpasslib.utils.handlerstutilsthandlersRt__all__t HasRoundst HasRawSalttHasRawChecksumtGenericHandlerRR2RER R Rt PrefixWrappertTrueRIRJRKRMRtHasSaltRRTR(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyts8 " +33+`%i%8