ó Ÿ;Xc@@sdZddlZddlZejeƒZddlmZmZm Z m Z ddl m Z ddl mZmZmZmZddljjZddgZdZdQdRdSdTdUdVdWdXdYdZd[d\d]d^d_d`dadbdcdddefZdfZdgZedI„ZedJƒZedKƒZedLƒZdMej ej!ej"ej#fdN„ƒYZ$de$fdO„ƒYZ%de$fdP„ƒYZ&dS(hs9passlib.handlers.sha2_crypt - SHA256-Crypt / SHA512-CryptiÿÿÿÿN(t safe_cryptt test_cryptt repeat_stringt to_unicode(th64(tbyte_elem_valuetut uascii_to_strtunicodet sha512_cryptt sha256_crypttiiiiiiii i iii ii iiiiiiiiiiiiiiii iii*i+i,i-i.i/i0i1i2i3i4i i5i6i!i7i"i#i8i9i$i:i%i&i;i<i'i=i(i)i>i?cCs<t|tƒr!|jdƒ}nt|krNtjj|rBtntƒ‚nt |ƒ}|jdƒ}t |ƒ}|rt j }t }nt j }t}||||ƒjƒ}|||ƒ} | j} | t||ƒƒ|} x.| r| | d@r|n|ƒ| dL} qëW| jƒ} |dkrSt|||ƒjƒ|ƒ} nU||ƒ}|j}|d} x| r’||ƒ| d8} quWt|jƒ|ƒ} ||dt| dƒƒjƒ| }| | }| |}| |||| || ||g}gtD] \}}||||f^q}| }t|dƒ\}}xQ|r£x:|D]2\}}|||||ƒjƒƒjƒ}q`W|d8}qSW|r#|d?}x>|| D]2\}}|||||ƒjƒƒjƒ}q¿W|d@r#||||dƒjƒ}q#ntj||ƒjdƒS(sßperform raw sha256-crypt / sha512-crypt this function provides a pure-python implementation of the internals for the SHA256-Crypt and SHA512-Crypt algorithms; it doesn't handle any of the parsing/validation of the hash strings themselves. :arg pwd: password chars/bytes to hash :arg salt: salt chars to use :arg rounds: linear rounds cost :arg use_512: use sha512-crypt instead of sha256-crypt mode :returns: encoded checksum chars sutf-8tasciiii`iii*(t isinstanceRtencodet_BNULLtuhtexctNullPasswordErrorR R tlenthashlibtsha512t_512_transpose_maptsha256t_256_transpose_maptdigesttupdateRRt_c_digest_offsetstdivmodRtencode_transposed_bytestdecode(tpwdtsalttroundstuse_512tpwd_lentsalt_lent hash_constt transpose_maptdbta_ctxt a_ctx_updatetitdatdpttmp_ctxttmp_ctx_updatetdstdp_dptdp_dstpermsteventoddtdatatdctblocksttailtpairs((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt_raw_sha2_crypt8s`! !         "     (/  $- * * $srounds=t$t0t _SHA2_CommoncBsÂeZdZdZejZdZejZdZ dZ dZ e Z dZe Zdd „Zd „Zd „Zed „ƒZd „ZdZdZed„ƒZd„Zed„ƒZd„ZRS(sBclass containing common code shared by sha256_crypt & sha512_cryptR R!timplicit_roundst salt_sizeiièiÿÉš;tlinearcKsJtt|ƒj||dkr=|jo7|jdk}n||_dS(Niˆ(tsuperR=t__init__tNonet use_defaultsR!R>(tselfR>tkwds((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyRBs cCs|j|d|jdkƒS(Ntrelaxed(t _norm_salttchecksumRC(RER ((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt _parse_saltscCs|j|d|jdkƒS(NRG(t _norm_roundsRIRC(RER!((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt _parse_rounds#sc CsFt|ddƒ}|j}|j|ƒs?tjj|ƒ‚n|djtƒ}|djtƒr½|j dƒd}|jt ƒr¨|t kr¨tjj |ƒ‚nt |ƒ}t }n d}t}t|ƒdkrê|\}}n7t|ƒdkr|d}d}ntjj|ƒ‚|d |d |d |p<dd |ƒS( NR thashiiiiˆiiR!R RIR>(Rtidentt startswithRRtInvalidHashErrortsplitt_UDOLLARt_UROUNDStpopt_UZEROtZeroPaddedRoundsErrortinttFalsetTrueRRCtMalformedHashError(tclsRMRNtpartsR!R>R tchk((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt from_string's0       cCs‡|jdkrI|jrItdƒ|j|j|jp?tdƒf}n4tdƒ|j|j|j|jpvtdƒf}t|ƒS(Niˆs%s%s$%sts%srounds=%d$%s$%s(R!R>RRNR RIR(RERM((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt to_stringTs tos_crypttbuiltincCs+t|jŒr#|j|jƒtStSdS(N(Rt _test_hasht_set_calc_checksum_backendt_calc_checksum_os_cryptRYRX(R[((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt_load_backend_os_cryptiscCs>t||jƒƒ}|r-|j}|| S|j|ƒSdS(N(RR`t checksum_sizet_calc_checksum_builtin(REtsecretRMtcs((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyReqs   cCs|j|jƒtS(N(RdRhRY(R[((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyt_load_backend_builtinscCst||j|j|jƒS(N(R:R R!t _cdb_use_512(RERi((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyRh†s(ssaltsroundssimplicit_roundsR?N(RaRb(t__name__t __module__t__doc__t setting_kwdsRt HASH64_CHARStchecksum_charst max_salt_sizet salt_charst min_roundst max_roundst rounds_costRXRlRCt_rounds_prefixR>RBRJRLt classmethodR^R`tbackendsRcRfReRkRh(((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyR=ýs,     -  cBs2eZdZdZedƒZdZdZdZRS(s.This class implements the SHA256-Crypt password hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 0-16 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 535000, must be between 1000 and 999999999, inclusive. :type implicit_rounds: bool :param implicit_rounds: this is an internal option which generally doesn't need to be touched. this flag determines whether the hash should omit the rounds parameter when encoding it to a string; this is only permitted by the spec for rounds=5000, and the flag is ignored otherwise. the spec requires the two different encodings be preserved as they are, instead of normalizing them. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 R s$5$i+iØ)ttests?$5$rounds=1000$test$QmQADEXMG8POI5WDsaeho0P36yK3Tcrgboabng6bkb/(R{s?$5$rounds=1000$test$QmQADEXMG8POI5WDsaeho0P36yK3Tcrgboabng6bkb/( RmRnRotnameRRNRgtdefault_roundsRc(((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyR Žs $ cBs8eZdZdZedƒZdZeZdZ dZ RS(s.This class implements the SHA512-Crypt password hash, and follows the :ref:`password-hash-api`. It supports a variable-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 0-16 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 656000, must be between 1000 and 999999999, inclusive. :type implicit_rounds: bool :param implicit_rounds: this is an internal option which generally doesn't need to be touched. this flag determines whether the hash should omit the rounds parameter when encoding it to a string; this is only permitted by the spec for rounds=5000, and the flag is ignored otherwise. the spec requires the two different encodings be preserved as they are, instead of normalizing them. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 R s$6$iVi€ R{sj$6$rounds=1000$test$2M/Lx6MtobqjLjobw0Wmo4Q5OFx5nVLJvmgseatA6oMnyWeBdRDx4DU.1H3eGmse6pgsOgDisWBGI5c7TZauS0(stestsj$6$rounds=1000$test$2M/Lx6MtobqjLjobw0Wmo4Q5OFx5nVLJvmgseatA6oMnyWeBdRDx4DU.1H3eGmse6pgsOgDisWBGI5c7TZauS0( RmRnRoR|RRNRgRYRlR}Rc(((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyR És$ (ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii(ii( ii ii iiiii ii iiiiiiiiiiiiiiiiiii ii(@i*iiii+iiii,i-iiii.iiii/i0iiii1iiii2i3ii i i4ii i i5i6i!i i i7i"i#ii8i9i$iii:i%i&ii;i<i'iii=i(i)ii>i?('RoRtloggingt getLoggerRmtlogt passlib.utilsRRRRtpasslib.utils.binaryRtpasslib.utils.compatRRRRtpasslib.utils.handlerstutilsthandlersRt__all__RRRRRXR:RSRRRUtHasManyBackendst HasRoundstHasSalttGenericHandlerR=R R (((s?/usr/lib/python2.7/site-packages/passlib/handlers/sha2_crypt.pyts6  ""   Á   ;