ó \ùXc@sRdZddlmZmZddlmZmZddlZeje ƒZ ddl m Z ddl mZmZddlmZmZmZmZddlmZddljjZd d d d d dgZdejejejejfd„ƒYZ dde d„Z"e"ddddedƒƒZ#e"dddƒZ$e"dddƒZ%ej&de#ddde'ƒZ(ej&d e$d!d"de'ƒZ)ej&d#e%d$d%de'ƒZ*d&Z+d ejejejejfd'„ƒYZ,d ejej-ejfd(„ƒYZ.d)ejejejfd*„ƒYZ/dejejejejfd+„ƒYZ0dS(,s,passlib.handlers.pbkdf - PBKDF2 based hashesiÿÿÿÿ(thexlifyt unhexlify(t b64encodet b64decodeN(t to_unicode(t ab64_decodet ab64_encode(t str_to_basciitut uascii_to_strtunicode(t pbkdf2_hmact pbkdf2_sha1t pbkdf2_sha256t pbkdf2_sha512tcta_pbkdf2_sha1tdlitz_pbkdf2_sha1tgrub_pbkdf2_sha512tPbkdf2DigestHandlercBsheZdZd ZejZdZdZd Z dZ dZ dZ d Zed „ƒZd „Zd „ZRS(s1base class for various pbkdf2_{digest} algorithmstsaltt salt_sizetroundsiiiIÿÿÿÿtlinearcCsptj||jd|ƒ\}}}t|jdƒƒ}|rWt|jdƒƒ}n|d|d|d|ƒS(NthandlertasciiRRtchecksum(tuht parse_mc3tidentRtencode(tclsthashRRtchk((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt from_string?s $cCsLt|jƒjdƒ}t|jƒjdƒ}tj|j|j||ƒS(NR(RRtdecodeRRt render_mc3RR(tselfRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt to_stringGscCs"t|j||j|j|jƒS(N(R t_digestRRt checksum_size(R$tsecret((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt_calc_checksumLs(ssaltRsroundsN(t__name__t __module__t__doc__t setting_kwdsRt HASH64_CHARStchecksum_charstdefault_salt_sizet max_salt_sizetNonetdefault_roundst min_roundst max_roundst rounds_costR&t classmethodR!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRs   ià.cCs¦d|}|dkr,tdƒ|f}nt}t||ftd|d|d|d|d|d|d |d d d d dtd|jƒd|jd|ƒƒƒS(s;create new Pbkdf2DigestHandler subclass for a specific hashtpbkdf2_s $pbkdf2-%s$R+tnameRR&R3R'tencoded_checksum_sizeiiiR,s$This class implements a generic ``PBKDF2-HMAC-%(digest)s``-based password hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be between 0-1024 bytes. If not specified, a %(dsc)d byte salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to %(dsc)d bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to %(dr)d, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 tdigesttdsctdrN(R2RRttypetdicttupperR0(t hash_namet digest_sizeRRtmoduleR9tbase((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pytcreate_pbkdf2_hashPs   tsha1ii¸ÿRs$pbkdf2$tsha256i iHqtsha512i@i¨atldap_pbkdf2_sha1s{PBKDF2}tldap_pbkdf2_sha256s{PBKDF2-SHA256}s$pbkdf2-sha256$tldap_pbkdf2_sha512s{PBKDF2-SHA512}s$pbkdf2-sha512$s-_cBsteZdZdZdZedƒZdZdZdZ e j Z d Z d Z d Zed „ƒZd „Zd„ZRS(sëThis class implements Cryptacular's PBKDF2-based crypt algorithm, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, it may be any length. If not specified, a one will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 16 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 60000, must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRs$p5k2$iiiiIÿÿÿÿRcCs|tj||jddd|ƒ\}}}t|jdƒtƒ}|rct|jdƒtƒ}n|d|d|d|ƒS(Nt rounds_baseiRRRRR(RRRRRt CTA_ALTCHARS(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!Ös *cCsXt|jtƒjdƒ}t|jtƒjdƒ}tj|j|j||ddƒS(NRRLi( RRRMR"RRR#RR(R$RR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%ßscCstd||j|jdƒS(NRFi(R RR(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)çs(ssalts salt_sizesrounds(R*R+R,R9R-RRR'R0R1R R3R4R5R6R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR’s     cBs”eZdZdZdZedƒZedddƒZd Zd Z e j Z e jZd Zd Zd Zed„ƒZd„Zd„Zd„ZRS(sCThis class implements Dwayne Litzenberger's PBKDF2-based crypt algorithm, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If specified, it may be any length, but must use the characters in the regexp range ``[./0-9A-Za-z]``. If not specified, a 16 character salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 16 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 60000, must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRs$p5k2$t0i0t=iiiIÿÿÿÿRc CsItj||jddddd|ƒ\}}}|d|d|d|ƒS( NRLiR3iRRRR(RRR(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!9scCsC|j}|dkrd}ntj|j||j|jddƒS(NiRLi(RR2RR#RRR(R$R((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%?s   cCs@|j}|dkrd}ntj|j||jdddƒS(NiRLi(RR2RR#RR(R$R((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyt _get_configEs   cCs:|jƒ}td|||jdƒ}t|ƒjdƒS(NRFiR(RPR RRR"(R$R(Rtresult((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)Ns (ssalts salt_sizesrounds(R*R+R,R9R-RRt_stub_checksumR0R1RR.t salt_charsR R3R4R5R6R7R!R%RPR)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRòs        tatlassian_pbkdf2_sha1cBsWeZdZdZd ZedƒZdZdZZ e d„ƒZ d„Z d„Z RS( sBThis class implements the PBKDF2 hash used by Atlassian. It supports a fixed-length salt, and a fixed number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be exactly 16 bytes. If not specified, a salt will be autogenerated (this is recommended). :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 RTRs {PKCS5S2}i icCs†t|ddƒ}|j}|j|ƒs?tjj|ƒ‚nt|t|ƒjdƒƒ}|d |d}}|d|d|ƒS(NRRiRR( RRt startswithRtexctInvalidHashErrorRtlenR(RRRtdataRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!{s cCs6|j|j}|jt|ƒjdƒ}t|ƒS(NR(RRRRR"R (R$RYR((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%…scCstd||jddƒS(NRFi'i (R R(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)Šs(ssalt(R*R+R,R9R-RRR't min_salt_sizeR1R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyRT[s   cBsteZdZdZdZedƒZdZdZdZ e j Z dZ d Z d Zed „ƒZd „Zd „ZRS(sÿThis class implements Grub's pbkdf2-hmac-sha512 hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt bytes. If specified, the length must be between 0-1024 bytes. If not specified, a 64 byte salt will be autogenerated (this is recommended). :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 64 bytes, but can be any value between 0 and 1024. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 19000, but must be within ``range(1,1<<32)``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 RRRRsgrub.pbkdf2.sha512.i@iiIÿÿÿÿRcCs|tj||jdtdƒd|ƒ\}}}t|jdƒƒ}|rct|jdƒƒ}n|d|d|d|ƒS(Ntsept.RRRRR(RRRRRR(RRRRR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR!Æs cCsdt|jƒjdƒjƒ}t|jƒjdƒjƒ}tj|j|j||dt dƒƒS(NRR[R\( RRR"R@RRR#RRR(R$RR ((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR%ÏscCstd||j|jdƒS(NRHi@(R RR(R$R(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR)Ôs(ssalts salt_sizesrounds(R*R+R,R9R-RRR'R0R1RR3R4R5R6R7R!R%R)(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyR“s    (1R,tbinasciiRRtbase64RRtloggingt getLoggerR*tlogt passlib.utilsRtpasslib.utils.binaryRRtpasslib.utils.compatRRR R tpasslib.crypto.digestR tpasslib.utils.handlerstutilsthandlersRt__all__t HasRoundst HasRawSalttHasRawChecksumtGenericHandlerRR2RER R Rt PrefixWrappertTrueRIRJRKRMRtHasSaltRRTR(((s;/usr/lib/python2.7/site-packages/passlib/handlers/pbkdf2.pyts8 " +33+`%i%8