ó ö 5Xc @sQdZddlmZddlZejeƒZddlmZddl m Z m Z ddl m Z ddlmZedƒjZddljjZd d d d d gZd ejejejfd„ƒYZd ejfd„ƒYZejd eddddddƒZd ejejfd„ƒYZd ejejfd„ƒYZ dS(s;passlib.handlers.nthash - Microsoft Windows -related hashesiÿÿÿÿ(thexlifyN(twarn(t to_unicodetright_pad_string(tunicode(t lookup_hashtmd4tlmhashtnthasht bsd_nthashtmsdcctmsdcc2cBseeZdZdZd ZejZdZdZ dZ e d„ƒZ d„Z dZe d d „ƒZRS( söThis class implements the Lan Manager Password hash, and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.using` method accepts a single optional keyword: :param bool truncate_error: By default, this will silently truncate passwords larger than 14 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.verify` methods accept a single optional keyword: :type encoding: str :param encoding: This specifies what character encoding LMHASH should use when calculating digest. It defaults to ``cp437``, the most common encoding encountered. Note that while this class outputs digests in lower-case hexadecimal, it will accept upper-case as well. Rttruncate_errori itcp437cCs |jƒS(N(tlower(tclsthash((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt _norm_hashUscCs;|jr|j|ƒnt|j||jƒƒjdƒS(Ntascii(t use_defaultst_check_truncate_policyRtrawtencodingtdecode(tselftsecret((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt_calc_checksumYs sKGS!@#$%cCs³|s|j}nddlm}|j}t|tƒrR|jƒj|ƒ}n*t|tƒrp|jƒ}n t dƒ‚t |dƒ}||dd!|ƒ||dd!|ƒS(sŒencode password using LANMAN hash algorithm. :type secret: unicode or utf-8 encoded bytes :arg secret: secret to hash :type encoding: str :arg encoding: optional encoding to use for unicode inputs. this defaults to ``cp437``, which is the common case for most situations. :returns: returns string of raw bytes iÿÿÿÿ(tdes_encrypt_blockssecret must be unicode or bytesiii( tdefault_encodingtpasslib.crypto.desRt_magict isinstanceRtuppertencodetbytest TypeErrorR(RRRRtMAGIC((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRcs   (R N(t__name__t __module__t__doc__tnamet setting_kwdstuht HEX_CHARStchecksum_charst checksum_sizet truncate_sizeRt classmethodRRRtNoneR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRs  cBs\eZdZdZejZdZed„ƒZ d„Z ed„ƒZ ee d„ƒZ RS(s„This class implements the NT Password hash, and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept no optional keywords. Note that while this class outputs lower-case hexadecimal digests, it will accept upper-case digests as well. Ri cCs |jƒS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR¤scCst|j|ƒƒjdƒS(NR(RRR(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR¨scCs.t|dddƒ}t|jdƒƒjƒS(s§encode password using MD4-based NTHASH algorithm :arg secret: secret as unicode or utf-8 encoded bytes :returns: returns string of raw bytes sutf-8tparamRs utf-16-le(RRR!tdigest(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR«scCs9tdtƒtj|ƒ}|r5t|ƒjdƒS|S(Nsfnthash.raw_nthash() is deprecated, and will be removed in Passlib 1.8, please use nthash.raw() insteadR(RtDeprecationWarningRRRR(RRthextret((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyt raw_nthash·s(R%R&R'R(R*R+R,R-R/RRRtFalseR6(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRs    tprefixs$3$$tidenttdocsZThe class support FreeBSD's representation of NTHASH (which is compatible with the :ref:`modular-crypt-format`), and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept no optional keywords. cBsJeZdZdZejZdZed„ƒZ d„Z ed„ƒZ RS(sKThis class implements Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following optional keywords: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). Note that while this class outputs lower-case hexadecimal digests, it will accept upper-case digests as well. R i cCs |jƒS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyRscCs"t|j||jƒƒjdƒS(NR(RRtuserR(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR scCsbt|dddƒjdƒ}t|dddƒjƒjdƒ}tt|ƒjƒ|ƒjƒS(sËencode password using mscash v1 algorithm :arg secret: secret as unicode or utf-8 encoded bytes :arg user: username to use as salt :returns: returns string of raw bytes sutf-8R1Rs utf-16-leR;(RR!RRR2(RRR;((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR s $( R%R&R'R(R*R+R,R-R/RRR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR ís  cBsJeZdZdZejZdZed„ƒZ d„Z ed„ƒZ RS(sÝThis class implements version 2 of Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following extra keyword: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). R i cCs |jƒS(N(R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR3scCs"t|j||jƒƒjdƒS(NR(RRR;R(RR((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR7scCsŠddlm}t|dddƒjdƒ}t|dddƒjƒjdƒ}tt|ƒjƒ|ƒjƒ}|d||d d ƒS( sîencode password using msdcc v2 algorithm :type secret: unicode or utf-8 bytes :arg secret: secret :type user: str :arg user: username to use as salt :returns: returns string of raw bytes iÿÿÿÿ(t pbkdf2_hmacsutf-8R1Rs utf-16-leR;tsha1i(i(tpasslib.crypto.digestR<RR!RRR2(RRR;R<ttmp((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR:s $"( R%R&R'R(R*R+R,R-R/RRR(((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyR s  (!R'tbinasciiRtloggingt getLoggerR%tlogtwarningsRt passlib.utilsRRtpasslib.utils.compatRR>RtconstRtpasslib.utils.handlerstutilsthandlersR*t__all__t TruncateMixintHasEncodingContextt StaticHandlerRRt PrefixWrapperR tHasUserContextR R (((s</usr/lib/python2.7/site-packages/passlib/handlers/windows.pyts(  %t3 "0