a °…b Ić @s>UddlZddlmZddlmZddlmZmZddlm Z e ej ƒZ dZ dZdZdZdZdZdZdZdZdZdZdZdZdZdZe re e de ”””dd…Z e ”Ze  ”Ze !”Ze "”Ze #”Ze $”Ze %”Ze &”Ze '”Ze (”Ze )”Ze *”Ze +”Ze ,”Ze -”Z.e/e0d<e 1”Z2e/e0d<e 3”Z4e/e0d <e 5”Z6e/e0d <e 7”Z8e/e0d <e 9”Z:e/e0d <e ;”Ze/e0d<e ?”Z@e/e0d<e e de A”””dd…ZBeCe0d<e D”ZEe/e0d<e F”ZGe/e0d<e H”ZIe/e0d<e J”ZKe/e0d<e L”ZMe/e0d<e N”ZOe/e0d<e P”ZQe/e0d<e R”ZSe/e0d<e T”ZUe/e0d<e V”ZWe/e0d<e e de X”””dd…ZYeCe0d<e Z”Z[e/e0d<e \”Z]e/e0d<e ^”Z_e/e0d<e `”Zae/e0d<e b”Zce/e0d <e d”Zee/e0d!<e f”Zge/e0d"<e h”Zie/e0d#<e j”Zke/e0d$<e l”Zme/e0d%<eZneZoeZpeZqeZreZsd&Ztd'Zud(Zvd)Zwewfe/e/e/e/dd*œd+d,„Zxe/e/ee/e/e/fd-œd.d/„Zyd0ewfeCeCe/e/e/e/e/eCd1œd2d3„ZzeneofeCe/e/eCd4œd5d6„Z{eCeCe d7œd8d9„Z|e/e/e/dd:œd;d<„Z}e/eCeCe/e/e/eCd=œd>d?„Z~eCe/e/e/eCd@œdAdB„ZeCeCe d7œdCdD„Z€e€ZdS)EéN)ŚTuple)ŚffiŚlib)Śensureóśchar *Ścrypto_pwhash_ALG_ARGON2I13Ścrypto_pwhash_ALG_ARGON2ID13Ścrypto_pwhash_ALG_DEFAULTŚcrypto_pwhash_SALTBYTESŚcrypto_pwhash_STRBYTESŚcrypto_pwhash_PASSWD_MINŚcrypto_pwhash_PASSWD_MAXŚcrypto_pwhash_BYTES_MINŚcrypto_pwhash_BYTES_MAXŚcrypto_pwhash_argon2i_STRPREFIXŚ"crypto_pwhash_argon2i_MEMLIMIT_MINŚ"crypto_pwhash_argon2i_MEMLIMIT_MAXŚ"crypto_pwhash_argon2i_OPSLIMIT_MINŚ"crypto_pwhash_argon2i_OPSLIMIT_MAXŚ*crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVEŚ*crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVEŚ'crypto_pwhash_argon2i_OPSLIMIT_MODERATEŚ'crypto_pwhash_argon2i_MEMLIMIT_MODERATEŚ(crypto_pwhash_argon2i_OPSLIMIT_SENSITIVEŚ(crypto_pwhash_argon2i_MEMLIMIT_SENSITIVEŚ crypto_pwhash_argon2id_STRPREFIXŚ#crypto_pwhash_argon2id_MEMLIMIT_MINŚ#crypto_pwhash_argon2id_MEMLIMIT_MAXŚ#crypto_pwhash_argon2id_OPSLIMIT_MINŚ#crypto_pwhash_argon2id_OPSLIMIT_MAXŚ+crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVEŚ+crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVEŚ(crypto_pwhash_argon2id_OPSLIMIT_MODERATEŚ(crypto_pwhash_argon2id_MEMLIMIT_MODERATEŚ)crypto_pwhash_argon2id_OPSLIMIT_SENSITIVEŚ)crypto_pwhash_argon2id_MEMLIMIT_SENSITIVEé’’’?é?l’’’’i)ŚnŚrŚpŚmaxmemŚreturncCst|dkdtjdt|dkdtjdt||d@dkdtjdt|dkdtjdt|t|kd t”tjdt|dd |>ktjd|d |}td }t|d ||ktjdd ||d d }t|t|ktjdt|tj|ktjdt|||kdtjddS)NrzInvalid block size©ZraisingzInvalid parallelization factoréz Cost factor must be a power of 2zCost factor must be at least 2zp*r is greater than {}éé€éé éz7Memory limit would be exceeded with the choosen n, r, p)rŚexcŚ ValueErrorŚ SCRYPT_PR_MAXŚformatŚ UINT64_MAXŚsysŚmaxsize)r)r*r+r,ZBlenŚiZVlen©r=śB/tmp/pip-target-98j97qn4/lib/python/nacl/bindings/crypto_pwhash.pyŚ_check_memory_occupationæs2ż ż  żr?)ŚopslimitŚmemlimitr-cCs°|dkr d}d}||dkrRd}|d|}tddƒD]}d||dkr6q¦q6nT||d}tddƒD]}d||dkrhq‚qh|dd|}|d kržd }||}|||fS) z/Python implementation of libsodium's pickparamsi€ér3r/r4r(r2r1r')Śrange)r@rAr*r+ZmaxnZn_log2Zmaxrpr=r=r>Ś nacl_bindings_pick_scrypt_paramsés$   rDé@)ŚpasswdŚsaltr)r*r+Śdklenr,r-c CsÖttdtjdtt|tƒtdtt|tƒtdtt|tƒtdtt|tƒtdtt|tƒtdt||||ƒt   d|”}t   |t |ƒ|t |ƒ|||||” }t|dkdtjdt  t  d|”|”dd…S)aš Derive a cryptographic key using the ``passwd`` and ``salt`` given as input. The work factor can be tuned by by picking different values for the parameters :param bytes passwd: :param bytes salt: :param bytes salt: *must* be *exactly* :py:const:`.SALTBYTES` long :param int dklen: :param int opslimit: :param int n: :param int r: block size, :param int p: the parallelism factor :param int maxmem: the maximum available memory available for scrypt's operations :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. śNot available in minimal buildr.z uint8_t[]rś$Unexpected failure in key derivationrN)rŚ&has_crypto_pwhash_scryptsalsa208sha256r5ŚUnavailableErrorŚ isinstanceŚintŚ TypeErrorŚbytesr?rŚnewrŚ%crypto_pwhash_scryptsalsa208sha256_llŚlenŚ RuntimeErrorŚbufferŚcast) rFrGr)r*r+rHr,ŚbufŚretr=r=r>rR s*ż ’żrR)rFr@rAr-cCsPttdtjdt dt”}t ||t |ƒ||”}t|dkdtj dt  |”S)a„ Derive a cryptographic key using the ``passwd`` and ``salt`` given as input, returning a string representation which includes the salt and the tuning parameters. The returned string can be directly stored as a password hash. See :py:func:`.crypto_pwhash_scryptsalsa208sha256` for a short discussion about ``opslimit`` and ``memlimit`` values. :param bytes passwd: :param int opslimit: :param int memlimit: :return: serialized key hash, including salt and tuning parameters :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rIr.śchar[]rz&Unexpected failure in password hashing) rrKr5rLrrQŚSCRYPT_STRBYTESrŚ&crypto_pwhash_scryptsalsa208sha256_strrSrTŚstring)rFr@rArWrXr=r=r>r[Esż ’żr[)Ś passwd_hashrFr-cCsVttdtjdtt|ƒtdkdtjdt ||t|ƒ”}t|dkdtj ddS)a9 Verifies the ``passwd`` against the ``passwd_hash`` that was generated. Returns True or False depending on the success :param passwd_hash: bytes :param passwd: bytes :rtype: boolean :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rIr.r/zInvalid password hashrśWrong passwordT) rrKr5rLrSrZr6rŚ-crypto_pwhash_scryptsalsa208sha256_str_verifyŚInvalidkeyError©r]rFrXr=r=r>r_qs żż ’r_)r@rAŚalgr-cCsź|tkrn|tkr"t d t””‚n|tkr:t d t””‚|tkrTt d t””‚qę|tkręt d t””‚nx|tkrÜ|t krt d t ””‚n|t krØt d t ””‚|t krĀt d t ””‚qę|t kręt d t ””‚n t  d”‚dS)Nz"memlimit must be at least {} bytesz!memlimit must be at most {} byteszopslimit must be at least {}zopslimit must be at most {}zUnsupported algorithm)rrr5r6r8rrrr rrrr rO)r@rArbr=r=r>Ś_check_argon2_limits_alg’sf’’’’’’’’’’’’’’’’rc)ŚoutlenrFrGr@rArbr-c Cstt|tƒtjdtt|tƒtjdtt|tƒtjdtt|tƒtjdtt|tƒtjdt|ƒtkr€t d  t””‚|t kršt d  t ””‚n|t kr²t d  t ””‚t |||ƒt  d|”}t |||t|ƒ||||”}t|dkdtjdt  ||”dd…S) a Derive a raw cryptographic key using the ``passwd`` and the ``salt`` given as input to the ``alg`` algorithm. :param outlen: the length of the derived key :type outlen: int :param passwd: The input password :type passwd: bytes :param salt: :type salt: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: algorithm identifier :type alg: int :return: derived key :rtype: bytes r.z"salt must be exactly {} bytes longz*derived key must be at least {} bytes longz)derived key must be at most {} bytes longzunsigned char[]rrJN)rrMrNr5rOrPrSr r6r8rrrcrrQrZ crypto_pwhashrTrU)rdrFrGr@rArbŚoutbufrXr=r=r>Ścrypto_pwhash_algĖsD ’’’’’’  ’żrf)rFr@rArbr-cCs„tt|tƒtdtt|tƒtdtt|tƒtdt|||ƒt dd”}t  ||t |ƒ|||”}t|dkdt j dt  |”S)a Derive a cryptographic key using the ``passwd`` given as input and a random salt, returning a string representation which includes the salt, the tuning parameters and the used algorithm. :param passwd: The input password :type passwd: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: The algorithm to use :type alg: int :return: serialized derived key and parameters :rtype: bytes r.rYr1rrJ)rrMrNrOrPrcrrQrŚcrypto_pwhash_str_algrSr5rTr\)rFr@rArbrerXr=r=r>rgs  ’żrgcCsftt|tƒtdtt|tƒtdtt|ƒdkdtjdt ||t|ƒ”}t|dkdtj ddS)a4 Verifies the ``passwd`` against a given password hash. Returns True on success, raises InvalidkeyError on failure :param passwd_hash: saved password hash :type passwd_hash: bytes :param passwd: password to be checked :type passwd: bytes :return: success :rtype: boolean r.éz#Hash must be at most 127 bytes longrr^T) rrMrPrOrSr5r6rŚcrypto_pwhash_str_verifyr`rar=r=r>ri=s  żri)‚r:ŚtypingrZnacl.exceptionsŚ exceptionsr5Z nacl._sodiumrrrŚboolZ-PYNACL_HAS_CRYPTO_PWHASH_SCRYPTSALSA208SHA256rKZ,crypto_pwhash_scryptsalsa208sha256_STRPREFIXZ,crypto_pwhash_scryptsalsa208sha256_SALTBYTESZ+crypto_pwhash_scryptsalsa208sha256_STRBYTESZ-crypto_pwhash_scryptsalsa208sha256_PASSWD_MINZ-crypto_pwhash_scryptsalsa208sha256_PASSWD_MAXZ,crypto_pwhash_scryptsalsa208sha256_BYTES_MINZ,crypto_pwhash_scryptsalsa208sha256_BYTES_MAXZ/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MINZ/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAXZ/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MINZ/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAXZ7crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVEZ7crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVEZ5crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVEZ5crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVEr\rVZ,crypto_pwhash_scryptsalsa208sha256_strprefixZ,crypto_pwhash_scryptsalsa208sha256_saltbytesZ+crypto_pwhash_scryptsalsa208sha256_strbytesZ-crypto_pwhash_scryptsalsa208sha256_passwd_minZ-crypto_pwhash_scryptsalsa208sha256_passwd_maxZ,crypto_pwhash_scryptsalsa208sha256_bytes_minZ,crypto_pwhash_scryptsalsa208sha256_bytes_maxZ/crypto_pwhash_scryptsalsa208sha256_memlimit_minZ/crypto_pwhash_scryptsalsa208sha256_memlimit_maxZ/crypto_pwhash_scryptsalsa208sha256_opslimit_minZ/crypto_pwhash_scryptsalsa208sha256_opslimit_maxZ7crypto_pwhash_scryptsalsa208sha256_opslimit_interactiveZ7crypto_pwhash_scryptsalsa208sha256_memlimit_interactiveZ5crypto_pwhash_scryptsalsa208sha256_opslimit_sensitiveZ5crypto_pwhash_scryptsalsa208sha256_memlimit_sensitiveZcrypto_pwhash_alg_argon2i13rrNŚ__annotations__Zcrypto_pwhash_alg_argon2id13r Zcrypto_pwhash_alg_defaultr Zcrypto_pwhash_saltbytesr Zcrypto_pwhash_strbytesr Zcrypto_pwhash_passwd_minr Zcrypto_pwhash_passwd_maxrZcrypto_pwhash_bytes_minrZcrypto_pwhash_bytes_maxrZcrypto_pwhash_argon2i_strprefixrrPZ"crypto_pwhash_argon2i_memlimit_minrZ"crypto_pwhash_argon2i_memlimit_maxrZ"crypto_pwhash_argon2i_opslimit_minrZ"crypto_pwhash_argon2i_opslimit_maxrZ*crypto_pwhash_argon2i_opslimit_interactiverZ*crypto_pwhash_argon2i_memlimit_interactiverZ'crypto_pwhash_argon2i_opslimit_moderaterZ'crypto_pwhash_argon2i_memlimit_moderaterZ(crypto_pwhash_argon2i_opslimit_sensitiverZ(crypto_pwhash_argon2i_memlimit_sensitiverZ crypto_pwhash_argon2id_strprefixrZ#crypto_pwhash_argon2id_memlimit_minrZ#crypto_pwhash_argon2id_memlimit_maxrZ#crypto_pwhash_argon2id_opslimit_minrZ#crypto_pwhash_argon2id_opslimit_maxr Z+crypto_pwhash_argon2id_opslimit_interactiver!Z+crypto_pwhash_argon2id_memlimit_interactiver"Z(crypto_pwhash_argon2id_opslimit_moderater#Z(crypto_pwhash_argon2id_memlimit_moderater$Z)crypto_pwhash_argon2id_opslimit_sensitiver%Z)crypto_pwhash_argon2id_memlimit_sensitiver&ZSCRYPT_OPSLIMIT_INTERACTIVEZSCRYPT_MEMLIMIT_INTERACTIVEZSCRYPT_OPSLIMIT_SENSITIVEZSCRYPT_MEMLIMIT_SENSITIVEZSCRYPT_SALTBYTESrZr7ZLOG2_UINT64_MAXr9ZSCRYPT_MAX_MEMr?rDrRr[r_rcrfrgriZ crypto_pwhash_argon2i_str_verifyr=r=r=r>Śsb    ’’ž’’’’’’’’’’’’’’’ž ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ž ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’’’’’ž + ž &łų >żü -ž !:ł Hū +