o iI@s~UddlZddlmZddlmZddlmZmZddlm Z e ej Z dZ dZdZdZdZdZdZdZdZdZdZdZdZdZdZe reededdZ eZe Ze!Ze"Ze#Ze$Ze%Ze&Ze'Ze(Ze)Ze*Ze+Ze,Ze-Z.e/e0d<e1Z2e/e0d<e3Z4e/e0d <e5Z6e/e0d <e7Z8e/e0d <e9Z:e/e0d <e;Ze/e0d<e?Z@e/e0d<eedeAddZBeCe0d<eDZEe/e0d<eFZGe/e0d<eHZIe/e0d<eJZKe/e0d<eLZMe/e0d<eNZOe/e0d<ePZQe/e0d<eRZSe/e0d<eTZUe/e0d<eVZWe/e0d<eedeXddZYeCe0d<eZZ[e/e0d<e\Z]e/e0d<e^Z_e/e0d<e`Zae/e0d<ebZce/e0d <edZee/e0d!<efZge/e0d"<ehZie/e0d#<ejZke/e0d$<elZme/e0d%<eZneZoeZpeZqeZreZsd&Ztd'Zud(Zvd)Zwewfd*e/d+e/d,e/d-e/d.df d/d0Zxd1e/d2e/d.ee/e/e/ffd3d4Zyd5ewfd6eCd7eCd*e/d+e/d,e/d8e/d-e/d.eCfd9d:Zzeneofd6eCd1e/d2e/d.eCfd;d<Z{d=eCd6eCd.e fd>d?Z|d1e/d2e/d@e/d.dfdAdBZ}dCe/d6eCd7eCd1e/d2e/d@e/d.eCfdDdEZ~d6eCd1e/d2e/d@e/d.eCf dFdGZd=eCd6eCd.e fdHdIZeZdS)JN)Tuple)ffilib)ensurechar *crypto_pwhash_ALG_ARGON2I13crypto_pwhash_ALG_ARGON2ID13crypto_pwhash_ALG_DEFAULTcrypto_pwhash_SALTBYTEScrypto_pwhash_STRBYTEScrypto_pwhash_PASSWD_MINcrypto_pwhash_PASSWD_MAXcrypto_pwhash_BYTES_MINcrypto_pwhash_BYTES_MAXcrypto_pwhash_argon2i_STRPREFIX"crypto_pwhash_argon2i_MEMLIMIT_MIN"crypto_pwhash_argon2i_MEMLIMIT_MAX"crypto_pwhash_argon2i_OPSLIMIT_MIN"crypto_pwhash_argon2i_OPSLIMIT_MAX*crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE*crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE'crypto_pwhash_argon2i_OPSLIMIT_MODERATE'crypto_pwhash_argon2i_MEMLIMIT_MODERATE(crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE(crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE crypto_pwhash_argon2id_STRPREFIX#crypto_pwhash_argon2id_MEMLIMIT_MIN#crypto_pwhash_argon2id_MEMLIMIT_MAX#crypto_pwhash_argon2id_OPSLIMIT_MIN#crypto_pwhash_argon2id_OPSLIMIT_MAX+crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE+crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE(crypto_pwhash_argon2id_OPSLIMIT_MODERATE(crypto_pwhash_argon2id_MEMLIMIT_MODERATE)crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE)crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE??linrpmaxmemreturncCst|dkdtjdt|dkdtjdt||d@dkdtjdt|dkdtjdt|t|kdttjdt|dd |>ktjd|d |}td }t|d ||ktjdd ||d d }t|t|ktjdt|tj|ktjdt|||kdtjddS)NrzInvalid block sizeZraisingzInvalid parallelization factorz Cost factor must be a power of 2zCost factor must be at least 2zp*r is greater than {} z6Memory limit would be exceeded with the chosen n, r, p)rexc ValueError SCRYPT_PR_MAXformat UINT64_MAXsysmaxsize)r)r*r+r,ZBleniZVlenr=R/home/app/Keep/.python/lib/python3.10/site-packages/nacl/bindings/crypto_pwhash.py_check_memory_occupations2    r?opslimitmemlimitcCs|dkrd}d}||dkr)d}|d|}tddD] }d||dkr'nqn*||d}tddD] }d||dkr@nq4|dd|}|d krOd }||}|||fS) z/Python implementation of libsodium's pickparamsir3r/r4r(r2r1r')range)r@rAr*r+ZmaxnZn_log2Zmaxrpr=r=r> nacl_bindings_pick_scrypt_paramss*    rD@passwdsaltdklenc Csttdtjdtt|ttdtt|ttdtt|ttdtt|ttdtt|ttdt||||t d|}t |t ||t |||||| }t|dkdtjdt t d||ddS)a Derive a cryptographic key using the ``passwd`` and ``salt`` given as input. The work factor can be tuned by by picking different values for the parameters :param bytes passwd: :param bytes salt: :param bytes salt: *must* be *exactly* :py:const:`.SALTBYTES` long :param int dklen: :param int opslimit: :param int n: :param int r: block size, :param int p: the parallelism factor :param int maxmem: the maximum available memory available for scrypt's operations :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. Not available in minimal buildr.z uint8_t[]r$Unexpected failure in key derivationrN)r&has_crypto_pwhash_scryptsalsa208sha256r5UnavailableError isinstanceint TypeErrorbytesr?rnewr%crypto_pwhash_scryptsalsa208sha256_lllen RuntimeErrorbuffercast) rFrGr)r*r+rHr,bufretr=r=r>rR s* rRcCsPttdtjdtdt}t||t |||}t|dkdtj dt |S)a Derive a cryptographic key using the ``passwd`` and ``salt`` given as input, returning a string representation which includes the salt and the tuning parameters. The returned string can be directly stored as a password hash. See :py:func:`.crypto_pwhash_scryptsalsa208sha256` for a short discussion about ``opslimit`` and ``memlimit`` values. :param bytes passwd: :param int opslimit: :param int memlimit: :return: serialized key hash, including salt and tuning parameters :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rIr.char[]rz&Unexpected failure in password hashing) rrKr5rLrrQSCRYPT_STRBYTESr&crypto_pwhash_scryptsalsa208sha256_strrSrTstring)rFr@rArWrXr=r=r>r[Es  r[ passwd_hashcCsVttdtjdtt|tdkdtjdt||t|}t|dkdtj ddS)a9 Verifies the ``passwd`` against the ``passwd_hash`` that was generated. Returns True or False depending on the success :param passwd_hash: bytes :param passwd: bytes :rtype: boolean :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rIr.r/zInvalid password hashrWrong passwordT) rrKr5rLrSrZr6r-crypto_pwhash_scryptsalsa208sha256_str_verifyInvalidkeyErrorr]rFrXr=r=r>r_qs  r_algcCs|tkr6|tkrtdt|tkrtdt|tkr(tdt|tkr4tdtdS|tkrl|t krFtdt |t krRtdt |t kr^tdt |t krjtdt dSt d)Nz"memlimit must be at least {} bytesz!memlimit must be at most {} byteszopslimit must be at least {}zopslimit must be at most {}zUnsupported algorithm)rrr5r6r8rrrr rrrr rO)r@rArbr=r=r>_check_argon2_limits_algsj rcoutlenc Cs tt|ttjdtt|ttjdtt|ttjdtt|ttjdtt|ttjdt|tkr@td t|t krLtd t |t krXtd t t |||t d|}t|||t|||||}t|dkdtjdt ||ddS) a Derive a raw cryptographic key using the ``passwd`` and the ``salt`` given as input to the ``alg`` algorithm. :param outlen: the length of the derived key :type outlen: int :param passwd: The input password :type passwd: bytes :param salt: :type salt: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: algorithm identifier :type alg: int :return: derived key :rtype: bytes r.z"salt must be exactly {} bytes longz*derived key must be at least {} bytes longz)derived key must be at most {} bytes longzunsigned char[]rrJN)rrMrNr5rOrPrSr r6r8rrrcrrQrZ crypto_pwhashrTrU)rdrFrGr@rArboutbufrXr=r=r>crypto_pwhash_algsD   rfcCstt|ttdtt|ttdtt|ttdt|||tdd}t ||t ||||}t|dkdt j dt |S)a Derive a cryptographic key using the ``passwd`` given as input and a random salt, returning a string representation which includes the salt, the tuning parameters and the used algorithm. :param passwd: The input password :type passwd: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: The algorithm to use :type alg: int :return: serialized derived key and parameters :rtype: bytes r.rYr1rrJ)rrMrNrOrPrcrrQrcrypto_pwhash_str_algrSr5rTr\)rFr@rArbrerXr=r=r>rgs   rgcCsftt|ttdtt|ttdtt|dkdtjdt||t|}t|dkdtj ddS)a4 Verifies the ``passwd`` against a given password hash. Returns True on success, raises InvalidkeyError on failure :param passwd_hash: saved password hash :type passwd_hash: bytes :param passwd: password to be checked :type passwd: bytes :return: success :rtype: boolean r.z#Hash must be at most 127 bytes longrr^T) rrMrPrOrSr5r6rcrypto_pwhash_str_verifyr`rar=r=r>ri<s  ri)r:typingrZnacl.exceptions exceptionsr5Z nacl._sodiumrrrboolZ-PYNACL_HAS_CRYPTO_PWHASH_SCRYPTSALSA208SHA256rKZ,crypto_pwhash_scryptsalsa208sha256_STRPREFIXZ,crypto_pwhash_scryptsalsa208sha256_SALTBYTESZ+crypto_pwhash_scryptsalsa208sha256_STRBYTESZ-crypto_pwhash_scryptsalsa208sha256_PASSWD_MINZ-crypto_pwhash_scryptsalsa208sha256_PASSWD_MAXZ,crypto_pwhash_scryptsalsa208sha256_BYTES_MINZ,crypto_pwhash_scryptsalsa208sha256_BYTES_MAXZ/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MINZ/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAXZ/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MINZ/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAXZ7crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVEZ7crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVEZ5crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVEZ5crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVEr\rVZ,crypto_pwhash_scryptsalsa208sha256_strprefixZ,crypto_pwhash_scryptsalsa208sha256_saltbytesZ+crypto_pwhash_scryptsalsa208sha256_strbytesZ-crypto_pwhash_scryptsalsa208sha256_passwd_minZ-crypto_pwhash_scryptsalsa208sha256_passwd_maxZ,crypto_pwhash_scryptsalsa208sha256_bytes_minZ,crypto_pwhash_scryptsalsa208sha256_bytes_maxZ/crypto_pwhash_scryptsalsa208sha256_memlimit_minZ/crypto_pwhash_scryptsalsa208sha256_memlimit_maxZ/crypto_pwhash_scryptsalsa208sha256_opslimit_minZ/crypto_pwhash_scryptsalsa208sha256_opslimit_maxZ7crypto_pwhash_scryptsalsa208sha256_opslimit_interactiveZ7crypto_pwhash_scryptsalsa208sha256_memlimit_interactiveZ5crypto_pwhash_scryptsalsa208sha256_opslimit_sensitiveZ5crypto_pwhash_scryptsalsa208sha256_memlimit_sensitiveZcrypto_pwhash_alg_argon2i13rrN__annotations__Zcrypto_pwhash_alg_argon2id13r Zcrypto_pwhash_alg_defaultr Zcrypto_pwhash_saltbytesr Zcrypto_pwhash_strbytesr Zcrypto_pwhash_passwd_minr Zcrypto_pwhash_passwd_maxrZcrypto_pwhash_bytes_minrZcrypto_pwhash_bytes_maxrZcrypto_pwhash_argon2i_strprefixrrPZ"crypto_pwhash_argon2i_memlimit_minrZ"crypto_pwhash_argon2i_memlimit_maxrZ"crypto_pwhash_argon2i_opslimit_minrZ"crypto_pwhash_argon2i_opslimit_maxrZ*crypto_pwhash_argon2i_opslimit_interactiverZ*crypto_pwhash_argon2i_memlimit_interactiverZ'crypto_pwhash_argon2i_opslimit_moderaterZ'crypto_pwhash_argon2i_memlimit_moderaterZ(crypto_pwhash_argon2i_opslimit_sensitiverZ(crypto_pwhash_argon2i_memlimit_sensitiverZ crypto_pwhash_argon2id_strprefixrZ#crypto_pwhash_argon2id_memlimit_minrZ#crypto_pwhash_argon2id_memlimit_maxrZ#crypto_pwhash_argon2id_opslimit_minrZ#crypto_pwhash_argon2id_opslimit_maxr Z+crypto_pwhash_argon2id_opslimit_interactiver!Z+crypto_pwhash_argon2id_memlimit_interactiver"Z(crypto_pwhash_argon2id_opslimit_moderater#Z(crypto_pwhash_argon2id_memlimit_moderater$Z)crypto_pwhash_argon2id_opslimit_sensitiver%Z)crypto_pwhash_argon2id_memlimit_sensitiver&ZSCRYPT_OPSLIMIT_INTERACTIVEZSCRYPT_MEMLIMIT_INTERACTIVEZSCRYPT_OPSLIMIT_SENSITIVEZSCRYPT_MEMLIMIT_SENSITIVEZSCRYPT_SALTBYTESrZr7ZLOG2_UINT64_MAXr9ZSCRYPT_MAX_MEMr?rDrRr[r_rcrfrgriZ crypto_pwhash_argon2i_str_verifyr=r=r=r>s                           *  & > , !8 G +