o gI@s~UddlZddlmZddlmZddlmZmZddlm Z e ej Z dZ dZdZdZdZdZdZdZdZdZdZdZdZdZdZe reededdZ eZe Ze!Ze"Ze#Ze$Ze%Ze&Ze'Ze(Ze)Ze*Ze+Ze,Ze-Z.e/e0d<e1Z2e/e0d<e3Z4e/e0d <e5Z6e/e0d <e7Z8e/e0d <e9Z:e/e0d <e;Ze/e0d<e?Z@e/e0d<eedeAddZBeCe0d<eDZEe/e0d<eFZGe/e0d<eHZIe/e0d<eJZKe/e0d<eLZMe/e0d<eNZOe/e0d<ePZQe/e0d<eRZSe/e0d<eTZUe/e0d<eVZWe/e0d<eedeXddZYeCe0d<eZZ[e/e0d<e\Z]e/e0d<e^Z_e/e0d<e`Zae/e0d<ebZce/e0d <edZee/e0d!<efZge/e0d"<ehZie/e0d#<ejZke/e0d$<elZme/e0d%<eZneZoeZpeZqeZreZsd&Ztd'Zud(Zvd)Zwewfd*e/d+e/d,e/d-e/d.df d/d0Zxd1e/d2e/d.ee/e/e/ffd3d4Zyd5ewfd6eCd7eCd*e/d+e/d,e/d8e/d-e/d.eCfd9d:Zzeneofd6eCd1e/d2e/d.eCfd;d<Z{d=eCd6eCd.e fd>d?Z|d1e/d2e/d@e/d.dfdAdBZ}dCe/d6eCd7eCd1e/d2e/d@e/d.eCfdDdEZ~d6eCd1e/d2e/d@e/d.eCf dFdGZd=eCd6eCd.e fdHdIZeZdS)JN)Tuple)ffilib)ensurechar *crypto_pwhash_ALG_ARGON2I13crypto_pwhash_ALG_ARGON2ID13crypto_pwhash_ALG_DEFAULTcrypto_pwhash_SALTBYTEScrypto_pwhash_STRBYTEScrypto_pwhash_PASSWD_MINcrypto_pwhash_PASSWD_MAXcrypto_pwhash_BYTES_MINcrypto_pwhash_BYTES_MAXcrypto_pwhash_argon2i_STRPREFIX"crypto_pwhash_argon2i_MEMLIMIT_MIN"crypto_pwhash_argon2i_MEMLIMIT_MAX"crypto_pwhash_argon2i_OPSLIMIT_MIN"crypto_pwhash_argon2i_OPSLIMIT_MAX*crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE*crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE'crypto_pwhash_argon2i_OPSLIMIT_MODERATE'crypto_pwhash_argon2i_MEMLIMIT_MODERATE(crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE(crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE crypto_pwhash_argon2id_STRPREFIX#crypto_pwhash_argon2id_MEMLIMIT_MIN#crypto_pwhash_argon2id_MEMLIMIT_MAX#crypto_pwhash_argon2id_OPSLIMIT_MIN#crypto_pwhash_argon2id_OPSLIMIT_MAX+crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE+crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE(crypto_pwhash_argon2id_OPSLIMIT_MODERATE(crypto_pwhash_argon2id_MEMLIMIT_MODERATE)crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE)crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE??linrpmaxmemreturncCst|dkdtjdt|dkdtjdt||d@dkdtjdt|dkdtjdt|t|kdttjdt|dd |>ktjd|d |}td }t|d ||ktjdd ||d d }t|t|ktjdt|tj|ktjdt|||kdtjddS)NrzInvalid block sizeraisingzInvalid parallelization factorz Cost factor must be a power of 2zCost factor must be at least 2zp*r is greater than {} z7Memory limit would be exceeded with the choosen n, r, p)rexc ValueError SCRYPT_PR_MAXformat UINT64_MAXsysmaxsize)r)r*r+r,BleniVlenr@U/var/www/html/api-tag/env/lib/python3.10/site-packages/nacl/bindings/crypto_pwhash.py_check_memory_occupations2    rBopslimitmemlimitcCs|dkrd}d}||dkr)d}|d|}tddD] }d||dkr'nqn*||d}tddD] }d||dkr@nq4|dd|}|d krOd }||}|||fS) z/Python implementation of libsodium's pickparamsir4r0r5r(r3r2r')range)rCrDr*r+maxnn_log2maxrpr@r@rA nacl_bindings_pick_scrypt_paramss*    rJ@passwdsaltdklenc Csttdtjdtt|ttdtt|ttdtt|ttdtt|ttdtt|ttdt||||t d|}t |t ||t |||||| }t|dkdtjdt t d||ddS)a Derive a cryptographic key using the ``passwd`` and ``salt`` given as input. The work factor can be tuned by by picking different values for the parameters :param bytes passwd: :param bytes salt: :param bytes salt: *must* be *exactly* :py:const:`.SALTBYTES` long :param int dklen: :param int opslimit: :param int n: :param int r: block size, :param int p: the parallelism factor :param int maxmem: the maximum available memory available for scrypt's operations :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. Not available in minimal buildr.z uint8_t[]r$Unexpected failure in key derivationrN)r&has_crypto_pwhash_scryptsalsa208sha256r6UnavailableError isinstanceint TypeErrorbytesrBrnewr%crypto_pwhash_scryptsalsa208sha256_lllen RuntimeErrorbuffercast) rLrMr)r*r+rNr,bufretr@r@rArX s* rXcCsPttdtjdtdt}t||t |||}t|dkdtj dt |S)a Derive a cryptographic key using the ``passwd`` and ``salt`` given as input, returning a string representation which includes the salt and the tuning parameters. The returned string can be directly stored as a password hash. See :py:func:`.crypto_pwhash_scryptsalsa208sha256` for a short discussion about ``opslimit`` and ``memlimit`` values. :param bytes passwd: :param int opslimit: :param int memlimit: :return: serialized key hash, including salt and tuning parameters :rtype: bytes :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rOr.char[]rz&Unexpected failure in password hashing) rrQr6rRrrWSCRYPT_STRBYTESr&crypto_pwhash_scryptsalsa208sha256_strrYrZstring)rLrCrDr]r^r@r@rAraEs  ra passwd_hashcCsVttdtjdtt|tdkdtjdt||t|}t|dkdtj ddS)a9 Verifies the ``passwd`` against the ``passwd_hash`` that was generated. Returns True or False depending on the success :param passwd_hash: bytes :param passwd: bytes :rtype: boolean :raises nacl.exceptions.UnavailableError: If called when using a minimal build of libsodium. rOr.r0zInvalid password hashrWrong passwordT) rrQr6rRrYr`r7r-crypto_pwhash_scryptsalsa208sha256_str_verifyInvalidkeyErrorrcrLr^r@r@rAreqs  realgcCs|tkr6|tkrtdt|tkrtdt|tkr(tdt|tkr4tdtdS|tkrl|t krFtdt |t krRtdt |t kr^tdt |t krjtdt dSt d)Nz"memlimit must be at least {} bytesz!memlimit must be at most {} byteszopslimit must be at least {}zopslimit must be at most {}zUnsupported algorithm)rrr6r7r9rrrr rrrr rU)rCrDrhr@r@rA_check_argon2_limits_algsj rioutlenc Cs tt|ttjdtt|ttjdtt|ttjdtt|ttjdtt|ttjdt|tkr@td t|t krLtd t |t krXtd t t |||t d|}t|||t|||||}t|dkdtjdt ||ddS) a Derive a raw cryptographic key using the ``passwd`` and the ``salt`` given as input to the ``alg`` algorithm. :param outlen: the length of the derived key :type outlen: int :param passwd: The input password :type passwd: bytes :param salt: :type salt: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: algorithm identifier :type alg: int :return: derived key :rtype: bytes r.z"salt must be exactly {} bytes longz*derived key must be at least {} bytes longz)derived key must be at most {} bytes longzunsigned char[]rrPN)rrSrTr6rUrVrYr r7r9rrrirrWr crypto_pwhashrZr[)rjrLrMrCrDrhoutbufr^r@r@rAcrypto_pwhash_algsD   rmcCstt|ttdtt|ttdtt|ttdt|||tdd}t ||t ||||}t|dkdt j dt |S)a Derive a cryptographic key using the ``passwd`` given as input and a random salt, returning a string representation which includes the salt, the tuning parameters and the used algorithm. :param passwd: The input password :type passwd: bytes :param opslimit: computational cost :type opslimit: int :param memlimit: memory cost :type memlimit: int :param alg: The algorithm to use :type alg: int :return: serialized derived key and parameters :rtype: bytes r.r_r2rrP)rrSrTrUrVrirrWrcrypto_pwhash_str_algrYr6rZrb)rLrCrDrhrlr^r@r@rArns   rncCsftt|ttdtt|ttdtt|dkdtjdt||t|}t|dkdtj ddS)a4 Verifies the ``passwd`` against a given password hash. Returns True on success, raises InvalidkeyError on failure :param passwd_hash: saved password hash :type passwd_hash: bytes :param passwd: password to be checked :type passwd: bytes :return: success :rtype: boolean r.z#Hash must be at most 127 bytes longrrdT) rrSrVrUrYr6r7rcrypto_pwhash_str_verifyrfrgr@r@rArp=s  rp)r;typingrnacl.exceptions exceptionsr6 nacl._sodiumrrrbool-PYNACL_HAS_CRYPTO_PWHASH_SCRYPTSALSA208SHA256rQ,crypto_pwhash_scryptsalsa208sha256_STRPREFIX,crypto_pwhash_scryptsalsa208sha256_SALTBYTES+crypto_pwhash_scryptsalsa208sha256_STRBYTES-crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN-crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX,crypto_pwhash_scryptsalsa208sha256_BYTES_MIN,crypto_pwhash_scryptsalsa208sha256_BYTES_MAX/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN/crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN/crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX7crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE7crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE5crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE5crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVErbr\,crypto_pwhash_scryptsalsa208sha256_strprefix,crypto_pwhash_scryptsalsa208sha256_saltbytes+crypto_pwhash_scryptsalsa208sha256_strbytes-crypto_pwhash_scryptsalsa208sha256_passwd_min-crypto_pwhash_scryptsalsa208sha256_passwd_max,crypto_pwhash_scryptsalsa208sha256_bytes_min,crypto_pwhash_scryptsalsa208sha256_bytes_max/crypto_pwhash_scryptsalsa208sha256_memlimit_min/crypto_pwhash_scryptsalsa208sha256_memlimit_max/crypto_pwhash_scryptsalsa208sha256_opslimit_min/crypto_pwhash_scryptsalsa208sha256_opslimit_max7crypto_pwhash_scryptsalsa208sha256_opslimit_interactive7crypto_pwhash_scryptsalsa208sha256_memlimit_interactive5crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive5crypto_pwhash_scryptsalsa208sha256_memlimit_sensitivecrypto_pwhash_alg_argon2i13rrT__annotations__crypto_pwhash_alg_argon2id13r crypto_pwhash_alg_defaultr crypto_pwhash_saltbytesr crypto_pwhash_strbytesr crypto_pwhash_passwd_minr crypto_pwhash_passwd_maxrcrypto_pwhash_bytes_minrcrypto_pwhash_bytes_maxrcrypto_pwhash_argon2i_strprefixrrV"crypto_pwhash_argon2i_memlimit_minr"crypto_pwhash_argon2i_memlimit_maxr"crypto_pwhash_argon2i_opslimit_minr"crypto_pwhash_argon2i_opslimit_maxr*crypto_pwhash_argon2i_opslimit_interactiver*crypto_pwhash_argon2i_memlimit_interactiver'crypto_pwhash_argon2i_opslimit_moderater'crypto_pwhash_argon2i_memlimit_moderater(crypto_pwhash_argon2i_opslimit_sensitiver(crypto_pwhash_argon2i_memlimit_sensitiver crypto_pwhash_argon2id_strprefixr#crypto_pwhash_argon2id_memlimit_minr#crypto_pwhash_argon2id_memlimit_maxr#crypto_pwhash_argon2id_opslimit_minr#crypto_pwhash_argon2id_opslimit_maxr +crypto_pwhash_argon2id_opslimit_interactiver!+crypto_pwhash_argon2id_memlimit_interactiver"(crypto_pwhash_argon2id_opslimit_moderater#(crypto_pwhash_argon2id_memlimit_moderater$)crypto_pwhash_argon2id_opslimit_sensitiver%)crypto_pwhash_argon2id_memlimit_sensitiver&SCRYPT_OPSLIMIT_INTERACTIVESCRYPT_MEMLIMIT_INTERACTIVESCRYPT_OPSLIMIT_SENSITIVESCRYPT_MEMLIMIT_SENSITIVESCRYPT_SALTBYTESr`r8LOG2_UINT64_MAXr:SCRYPT_MAX_MEMrBrJrXrarerirmrnrp crypto_pwhash_argon2i_str_verifyr@r@r@rAs                           *  & > , !9 G +