ó ö 5Xc @sÁdZddlmZmZddlmZmZddlZeje ƒZ ddl Z ddl m Z ddlmZmZddlmZmZmZddlmZddljjZd d d d d ddddddg Zdejfd„ƒYZdejejej fd„ƒYZ!d efd„ƒYZ"d efd„ƒYZ#d e!fd„ƒYZ$d e!fd„ƒYZ%d e fd„ƒYZ&geD]Z'de'^q—Z(d„Z)e)ƒdS(s.passlib.handlers.digests - plain hash digests iÿÿÿÿ(t b64encodet b64decode(tmd5tsha1N(t plaintext(tunix_crypt_schemest to_unicode(t uascii_to_strtunicodetu(t classpropertytldap_plaintexttldap_md5t ldap_sha1tldap_salted_md5tldap_salted_sha1tldap_des_crypttldap_bsdi_crypttldap_md5_crypttldap_sha1_cryptldap_bcrypttldap_sha256_crypttldap_sha512_cryptt_Base64DigestHelpercBsAeZdZdZdZdZejZ e d„ƒZ d„Z RS(shelper for ldap_md5 / ldap_sha1cCs|jS(s/tell StaticHandler to strip ident from checksum(tident(tcls((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyt _hash_prefix0scCsIt|tƒr!|jdƒ}n|j|ƒjƒ}t|ƒjdƒS(Nsutf-8tascii(t isinstanceRtencodet _hash_functdigestRtdecode(tselftsecrettchk((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyt_calc_checksum5sN( t__name__t __module__t__doc__tNoneRRt _hash_regextuhtPADDED_BASE64_CHARStchecksum_charsR RR#(((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR's t_SaltedBase64DigestHelpercBsleZdZdZejZd Zd Z d Z dZ Z dZ dZ dZ ed„ƒZd„Zd„ZRS( s-helper for ldap_salted_md5 / ldap_salted_sha1tsaltt salt_sizeiicCs·t|ddƒ}|jj|ƒ}|s?tjj|ƒ‚ny"t|jdƒjdƒƒ}Wn#t k r†tjj |ƒ‚nX|j }|sœt ‚|d|| d||ƒS(NRthashttmptchecksumR-( RR(tmatchR)texctInvalidHashErrorRtgroupRt TypeErrortMalformedHashErrort checksum_sizetAssertionError(RR/tmtdatatcs((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyt from_stringLs"   cCs6|j|j}|jt|ƒjdƒ}t|ƒS(NR(R1R-RRRR(R R;R/((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyt to_stringZscCs;t|tƒr!|jdƒ}n|j||jƒjƒS(Nsutf-8(RRRRR-R(R R!((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR#_s(ssaltR.N(R$R%R&t setting_kwdsR)R*R+R'RRR(t min_salt_sizet max_salt_sizetdefault_salt_sizet classmethodR=R>R#(((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR,;s   cBs;eZdZdZedƒZeZej edƒƒZ RS(sìThis class stores passwords using LDAP's plain MD5 format, and follows the :ref:`password-hash-api`. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods have no optional keywords. R s{MD5}s%^\{MD5\}(?P[+/a-zA-Z0-9]{22}==)$( R$R%R&tnameR RRRtretcompileR((((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR gs  cBs;eZdZdZedƒZeZej edƒƒZ RS(síThis class stores passwords using LDAP's plain SHA1 format, and follows the :ref:`password-hash-api`. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods have no optional keywords. R s{SHA}s$^\{SHA\}(?P[+/a-zA-Z0-9]{27}=)$( R$R%R&RDR RRRRERFR((((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR qs  cBsAeZdZdZedƒZdZeZe j edƒƒZ RS(sÏThis class stores passwords using LDAP's salted MD5 format, and follows the :ref:`password-hash-api`. It supports a 4-16 byte salt. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it may be any 4-16 byte string. :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 4 bytes for compatibility with the LDAP spec, but some systems use larger salts, and Passlib supports any value between 4-16. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 .. versionchanged:: 1.6 This format now supports variable length salts, instead of a fix 4 bytes. Rs{SMD5}is+^\{SMD5\}(?P[+/a-zA-Z0-9]{27,}={0,2})$( R$R%R&RDR RR8RRRERFR((((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR{s   cBsAeZdZdZedƒZdZeZe j edƒƒZ RS(sÐThis class stores passwords using LDAP's salted SHA1 format, and follows the :ref:`password-hash-api`. It supports a 4-16 byte salt. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: bytes :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it may be any 4-16 byte string. :type salt_size: int :param salt_size: Optional number of bytes to use when autogenerating new salts. Defaults to 4 bytes for compatibility with the LDAP spec, but some systems use larger salts, and Passlib supports any value between 4-16. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 .. versionchanged:: 1.6 This format now supports variable length salts, instead of a fix 4 bytes. Rs{SSHA}is+^\{SSHA\}(?P[+/a-zA-Z0-9]{32,}={0,2})$( R$R%R&RDR RR8RRRERFR((((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR¢s   cBs_eZdZdZejedƒƒZej ddddƒe d„ƒƒZ e d„ƒZ RS( sYThis class stores passwords in plaintext, and follows the :ref:`password-hash-api`. This class acts much like the generic :class:`!passlib.hash.plaintext` handler, except that it will identify a hash only if it does NOT begin with the ``{XXX}`` identifier prefix used by RFC2307 passwords. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods all require the following additional contextual keyword: :type encoding: str :param encoding: This controls the character encoding to use (defaults to ``utf-8``). This encoding will be used to encode :class:`!unicode` passwords under Python 2, and decode :class:`!bytes` hashes under Python 3. .. versionchanged:: 1.6 The ``encoding`` keyword was added. R s ^\{\w+\}.*$t deprecateds1.7tremoveds2.0cCsdS(Nt!((R((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyt genconfigãscCs1tj|ƒ}t|ƒo0|jj|ƒdkS(N(R)tto_unicode_for_identifytboolt _2307_patR2R'(RR/((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pytidentifyês( R$R%R&RDRERFR RMR)tdeprecated_methodRCRJRN(((sA/usr/lib/python2.7/site-packages/passlib/handlers/ldap_digests.pyR És tldap_cCsStƒ}x@tD]8}d|}tj||dtdƒdtƒ||s>   %,  '',