ó ö 5Xc @s¶dZddlmZddlmZddlmZmZmZddl Z e j e ƒZ ddl mZddlmZmZmZmZddlmZmZmZdd lmZdd lmZmZmZmZdd lm Z ddl!j"j#Z$d d ddddddgZ%da'd„Z(dZ)de$j*e$j+fd„ƒYZ,de$j-e,fd„ƒYZ.d e,fd„ƒYZ/d e,fd„ƒYZ0e$j1dededƒdedƒdd ƒZ2d!e2_3e2j4d,7_4d#efd$„ƒYZ5de.fd%„ƒYZ6de6fd&„ƒYZ7e$j1deded'ƒded(ƒdd)ƒZ8d'e8_3e8j4d-7_4de$j9e$j*e$j+fd*„ƒYZ:de$j;j<e$j=fd+„ƒYZ>dS(.s5passlib.handlers.django- Django password hash supportiÿÿÿÿ(t b64encode(thexlify(tmd5tsha1tsha256N(t_wrapped_bcrypt(targon2tbcryptt pbkdf2_sha1t pbkdf2_sha256(t to_unicodetrngt getrandstr(t BASE64_CHARS(t str_to_uasciit uascii_to_strtunicodetu(t pbkdf2_hmactdjango_salted_sha1tdjango_salted_md5t django_bcrypttdjango_pbkdf2_sha1tdjango_pbkdf2_sha256t django_argon2tdjango_des_crypttdjango_disabledcCs#tdkrddlmantS(Niÿÿÿÿ(t des_crypt(RtNonet passlib.hash(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyt_import_des_crypt&s t>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789tDjangoSaltedHashcBsGeZdZdZdZdZeZe j Z e d„ƒZ d„ZRS(s2base class providing common code for django hashestsaltt salt_sizei cCs4tj||jd|ƒ\}}|d|d|ƒS(NthandlerR!tchecksum(tuht parse_mc2tident(tclsthashR!tchk((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyt from_stringBs!cCstj|j|j|jƒS(N(R%t render_mc2R'R!R$(tself((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyt to_stringGs(ssaltR"N(t__name__t __module__t__doc__t setting_kwdstdefault_salt_sizeRt max_salt_sizet SALT_CHARSt salt_charsR%tLOWER_HEX_CHARStchecksum_charst classmethodR+R.(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR 2s tDjangoVariableHashcBs9eZdZejdZdZed„ƒZd„ZRS(sEbase class providing common code for django hashes w/ variable roundstroundsicCs=tj||jd|ƒ\}}}|d|d|d|ƒS(NR#R;R!R$(R%t parse_mc3R'(R(R)R;R!R*((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR+Qs$cCs"tj|j|j|j|jƒS(N(R%t render_mc3R'R;R!R$(R-((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR.Vs(srounds( R/R0R1R R2t min_roundsR9R+R.(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR:Ks  cBs5eZdZdZdZedƒZdZd„ZRS(sÉThis class implements Django's Salted SHA1 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and uses a single round of SHA1. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, a 12 character one will be autogenerated (this is recommended). If specified, may be any series of characters drawn from the regexp range ``[0-9a-zA-Z]``. :type salt_size: int :param salt_size: Optional number of characters to use when autogenerating new salts. Defaults to 12, but can be any positive value. This should be compatible with Django 1.4's :class:`!SHA1PasswordHasher` class. .. versionchanged: 1.6 This class now generates 12-character salts instead of 5, and generated salts uses the character range ``[0-9a-zA-Z]`` instead of the ``[0-9a-f]``. This is to be compatible with how Django >= 1.4 generates these hashes; but hashes generated in this manner will still be correctly interpreted by earlier versions of Django. RRssha1$i(cCsGt|tƒr!|jdƒ}ntt|jjdƒ|ƒjƒƒS(Nsutf-8tascii(t isinstanceRtencodeRRR!t hexdigest(R-tsecret((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyt_calc_checksumys( R/R0R1tnamet django_nameRR't checksum_sizeRD(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRYs  cBs5eZdZdZdZedƒZdZd„ZRS(sâThis class implements Django's Salted MD5 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and uses a single round of MD5. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, a 12 character one will be autogenerated (this is recommended). If specified, may be any series of characters drawn from the regexp range ``[0-9a-zA-Z]``. :type salt_size: int :param salt_size: Optional number of characters to use when autogenerating new salts. Defaults to 12, but can be any positive value. This should be compatible with the hashes generated by Django 1.4's :class:`!MD5PasswordHasher` class. .. versionchanged: 1.6 This class now generates 12-character salts instead of 5, and generated salts uses the character range ``[0-9a-zA-Z]`` instead of the ``[0-9a-f]``. This is to be compatible with how Django >= 1.4 generates these hashes; but hashes generated in this manner will still be correctly interpreted by earlier versions of Django. RRsmd5$i cCsGt|tƒr!|jdƒ}ntt|jjdƒ|ƒjƒƒS(Nsutf-8R?(R@RRARRR!RB(R-RC((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRDŸs( R/R0R1RERFRR'RGRD(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR~s  tprefixsbcrypt$R'tdocsÇThis class implements Django 1.4's BCrypt wrapper, and follows the :ref:`password-hash-api`. This is identical to :class:`!bcrypt` itself, but with the Django-specific prefix ``"bcrypt$"`` prepended. See :doc:`/lib/passlib.hash.bcrypt` for more details, the usage and behavior is identical. This should be compatible with the hashes generated by Django 1.4's :class:`!BCryptPasswordHasher` class. .. versionadded:: 1.6 RRFtdjango_bcrypt_sha256cBs\eZdZdZdZeZedƒZe d„ƒZ e d„ƒZ d„Z d„Z RS(sšThis class implements Django 1.6's Bcrypt+SHA256 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. While the algorithm and format is somewhat different, the api and options for this hash are identical to :class:`!bcrypt` itself, see :doc:`bcrypt ` for more details. .. versionadded:: 1.6.2 RJt bcrypt_sha256sbcrypt_sha256$cCs)tj|ƒ}|stS|j|jƒS(N(R%tto_unicode_for_identifytFalset startswitht django_prefix(R(R)((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pytidentifyÖscCs†t|ddƒ}|j|jƒs9tjj|ƒ‚n|t|jƒ}|jdƒsptjj|ƒ‚ntt |ƒj |ƒS(NR?R)s$2( R RNROR%texctInvalidHashErrortlentMalformedHashErrortsuperRJR+(R(R)tbhash((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR+ÝscCs&tt|ƒjƒ}t|jƒ|S(N(RURJR.RRO(R-RV((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR.çscCsRt|tƒr!|jdƒ}nt|j|ƒjƒƒ}tt|ƒj|ƒS(Nsutf-8( R@RRARt_digesttdigestRURJRD(R-RC((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRDës(R/R0R1RERFRRWRROR9RPR+R.RD(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRJÀs   cBsYeZdZdZdZedƒZdZdZe j Z dZ e jZdZd„ZRS( sŒThis class implements Django's PBKDF2-HMAC-SHA256 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, a 12 character one will be autogenerated (this is recommended). If specified, may be any series of characters drawn from the regexp range ``[0-9a-zA-Z]``. :type salt_size: int :param salt_size: Optional number of characters to use when autogenerating new salts. Defaults to 12, but can be any positive value. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 29000, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. This should be compatible with the hashes generated by Django 1.4's :class:`!PBKDF2PasswordHasher` class. .. versionadded:: 1.6 RR spbkdf2_sha256$iIÿÿÿÿi,RcCs7t|j||j|jƒ}t|ƒjƒjdƒS(NR?(RRWR!R;Rtrstriptdecode(R-RCR)((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRD#s(R/R0R1RERFRR't min_salt_sizet max_roundsR%tPADDED_BASE64_CHARSR8RGR tdefault_roundsRWRD(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRõs#   cBs;eZdZdZdZedƒZdZej Z dZ RS(sThis class implements Django's PBKDF2-HMAC-SHA1 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, a 12 character one will be autogenerated (this is recommended). If specified, may be any series of characters drawn from the regexp range ``[0-9a-zA-Z]``. :type salt_size: int :param salt_size: Optional number of characters to use when autogenerating new salts. Defaults to 12, but can be any positive value. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 131000, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. This should be compatible with the hashes generated by Django 1.4's :class:`!PBKDF2SHA1PasswordHasher` class. .. versionadded:: 1.6 RRs pbkdf2_sha1$iR( R/R0R1RERFRR'RGRR^RW(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR(s#  Rsargon2$argon2i$sÒThis class implements Django 1.10's Argon2 wrapper, and follows the :ref:`password-hash-api`. This is identical to :class:`!argon2` itself, but with the Django-specific prefix ``"argon2$"`` prepended. See :doc:`argon2 ` for more details, the usage and behavior is identical. This should be compatible with the hashes generated by Django 1.10's :class:`!Argon2PasswordHasher` class. .. versionadded:: 1.7 cBsveZdZdZdZd ZedƒZej Z Z dZ dZ Zd ZeZed „ƒZd „Zd „ZRS(sßThis class implements Django's :class:`des_crypt` wrapper, and follows the :ref:`password-hash-api`. It supports a fixed-length salt. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :param bool truncate_error: By default, django_des_crypt will silently truncate passwords larger than 8 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 This should be compatible with the hashes generated by Django 1.4's :class:`!CryptPasswordHasher` class. Note that Django only supports this hash on Unix systems (though :class:`!django_des_crypt` is available cross-platform under Passlib). .. versionchanged:: 1.6 This class will now accept hashes with empty salt strings, since Django 1.4 generates them this way. RtcryptR!R"ttruncate_errorscrypt$i iicCs†tj||jd|ƒ\}}|rs|s:|d }n,|d |d krftjj|dƒ‚n|d}n|d|d|ƒS(NR#is0first two digits of salt and checksum must matchR!R$(R%R&R'RQRT(R(R)R!R*((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR+¤s!    cCsS|j}|d |j}|jr9tj|j||ƒStj|jd|ƒSdS(Nit(R!R$tuse_duplicate_saltR%R,R'(R-R!R*((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyR.·s   cCsLtdkrtƒn|jr/|j|ƒntd|jd ƒj|ƒS(NR!i(RRRt use_defaultst_check_truncate_policyR!RD(R-RC((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRDÁs    (ssalts salt_sizeR`(R/R0R1RERFR2RR'R%t HASH64_CHARSR8R6RGR[R3t truncate_sizetTrueRbR9R+R.RD(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRns    cBsMeZdZdZedƒZdZed„ƒZd„Z ed„ƒZ RS(sFThis class provides disabled password behavior for Django, and follows the :ref:`password-hash-api`. This class does not implement a hash, but instead claims the special hash string ``"!"`` which Django uses to indicate an account's password has been disabled. * newly encrypted passwords will hash to ``"!"``. * it rejects all passwords. .. note:: Django 1.6 prepends a randomly generated 40-char alphanumeric string to each unusuable password. This class recognizes such strings, but for backwards compatibility, still returns ``"!"``. See ``_ for why Django appends an alphanumeric string. .. versionchanged:: 1.6.2 added Django 1.6 support .. versionchanged:: 1.7 started appending an alphanumeric string. Rt!i(cCstj|ƒ}|j|jƒS(N(R%RLRNt _hash_prefix(R(R)((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRPèscCstttd |jƒS(Niþÿÿÿ(R R R t suffix_length(R-RC((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRDíscCs5tj|ƒ|j|ƒs1tjj|ƒ‚ntS(N(R%tvalidate_secretRPRQRRRM(R(RCR)((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pytverifyñs ( R/R0R1RERRiRjR9RPRDRl(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pyRÌs  (s django_name(s django_name(?R1tbase64RtbinasciiRthashlibRRRtloggingt getLoggerR/tlogtpasslib.handlers.bcryptRRRRRR t passlib.utilsR R R tpasslib.utils.binaryR tpasslib.utils.compatRRRRtpasslib.crypto.digestRtpasslib.utils.handlerstutilsthandlersR%t__all__RRRR5tHasSalttGenericHandlerR t HasRoundsR:RRt PrefixWrapperRRFt_using_clone_attrsRJRRRt TruncateMixinRtifct DisabledHasht StaticHandlerR(((s;/usr/lib/python2.7/site-packages/passlib/handlers/django.pytsT ""  %*  53/  %^