��
�
5Xc�@s��dZd�d�l�Z�d�d�l�Z�e�j�e���Z�d�d�l�m�Z��d�d�l�m Z m
Z
m�Z��d�d�l�m
Z
m�Z��d�d�l�m�Z�m�Z�m�Z�m�Z�m�Z��d�d�l�m�Z��d�d�l�j�j�Z�d�d d
d�g�Z�d�Z�d
�Z�d��Z�d��Z�d��Z d�e�j!e�j"e�j#e�j$f�d���YZ%d e�j"e�j&e�j#e�j$f�d���YZ'd
e�j#e�j$f�d���YZ(d�e�j!e�j#e�j$f�d���YZ)d�S(�sFpasslib.handlers.des_crypt - traditional unix (DES) crypt and variantsi����N(�t�warn(�t
safe_cryptt
test_cryptt
to_unicode(�t�h64t�h64big(�t�byte_elem_valuet�ut
uascii_to_strt�unicodet�suppress_cause(�t�des_encrypt_int_blockt des_cryptt
bsdi_cryptt�bigcryptt�crypt16t�c���Cs�td��t�|d� ��D����S(�s�convert secret to 64-bit DES key.
this only uses the first 8 bytes of the secret,
and discards the high 8th bit of each byte at that.
a null parity bit is inserted after every 7th bit of the output.
c���ss1|]'\�}�}�t|���d@d�|�d���>V�q�d�S(�ii9i�N(�R�(�t�.0t�it�c((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pys <genexpr>(s���i�(�t�sumt enumerate(�t�secret((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_crypt_secret_to_key�s�� �c���Cstj�|���}�t�|t���r0|j�d���}nt�|k�rQt�j�j�t ����nt
|��}�t�|�d�|�d���}�t�j
|���S(�s pure-python backed for des_crypts�utf-8ii�(�R�t�decode_int12t
isinstanceR t�encodet�_BNULLt�uht�exct�NullPasswordErrorR�R�R�R�t�encode_int64(�R�t�saltt
salt_valuet key_valuet�result((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_raw_des_crypt+s�
��������������c���Cskt|��}�d�}�t�|��}�xF|�|�krf|�d��}�t||�|�!��}�t�|�|���|�A}�|�}�q!W|�S(�s,convert secret to DES key used by bsdi_crypti�(�R�t�lenR�(�R�R"t�idxt�endt�nextt tmp_value((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_bsdi_secret_to_keyIs����������
�����
�c���Cstj�|���}�t�|t���r0|j�d���}nt�|k�rQt�j�j�t ����nt
|��}�t�|�d�|�|���}�t�j
|���S(�s"pure-python backend for bsdi_crypts�utf-8i(�R�t�decode_int24R�R R�R�R�R�R�R
R*R�R�R�(�R�t�roundsR R!R"R#((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_raw_bsdi_cryptUs����������������c�Bs�eZ�dZ�d�Z�d�Z�e�j�Z�d�Z�d��Z Z
e�j�Z�d�Z�e
j�e�d���e
j�e
j�B��Z�e�d����Z�d �Z�d
�Z�d�Z�e�d
���Z�d��Z�e�d����Z�d��Z�RS(�s��This class implements the des-crypt password hash, and follows the :ref:`password-hash-api`.
It supports a fixed-length salt.
The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
:type salt: str
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
:param bool truncate_error:
By default, des_crypt will silently truncate passwords larger than 8 bytes.
Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash`
to raise a :exc:`~passlib.exc.PasswordTruncateError` instead.
.. versionadded:: 1.7
:type relaxed: bool
:param relaxed:
By default, providing an invalid value for one of the other
keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
will be issued instead. Correctable errors include
``salt`` strings that are too long.
.. versionadded:: 1.6
R�R t�truncate_errori�i�i�sU
^
(?P<salt>[./a-z0-9]{2})
(?P<chk>[./a-z0-9]{11})?
$c���Cs@t|�d�d���}�|�d� |�d���}�}�|d�|�d�|�p<d��S(�Nt�asciit�hashi�R t�checksum(�R�t�None(�t�clsR0R t�chk((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�from_string�s������c���Cs&td���|j�|j�f��}�t�|���S(�Ns�%s%s(�R�R R1R�(�t�selfR0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt to_string�s����c���Cs&|jr�|j�|����n|j�|���S(�N(�t�use_defaultst�_check_truncate_policyt�_calc_checksum_backend(�R6R�((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_calc_checksum�s�� ���t�os_cryptt�builtinc���Cs+td�d���r#|j�|j����t�St�SdS(�Nt�testt
abgOeLfPimXQo(�R�t�_set_calc_checksum_backendt�_calc_checksum_os_cryptt�Truet�False(�R3((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_load_backend_os_crypt�s��������c���Cs1t|�|j���}�|�r |�d��S|j�|���SdS(�Ni�(�R�R t�_calc_checksum_builtin(�R6R�R0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRA�s��������c���Cs�|j|j����t�S(�N(�R@RERB(�R3((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�_load_backend_builtin�s����c���Cs"t|�|j�j�d�����j�d���S(�NR/(�R$R R�t�decode(�R6R�((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRE�s��(�s�saltR.(�R<R=(�t�__name__t
__module__t�__doc__t�namet�setting_kwdsR�t�HASH64_CHARSt�checksum_charst
checksum_sizet
min_salt_sizet
max_salt_sizet
salt_charst
truncate_sizet�ret�compileR�t�Xt�It�_hash_regext�classmethodR5R7R;t�backendsRDRARFRE(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR�ps$�������� ���
� ��� ����� �
���� ���c�Bs�eZ�dZ�d�Z�d�Z�d�Z�e�j�Z�d��Z Z
e�j�Z�d�Z�d�Z
d�Z�d Z�e�j�e�d
��e�j�e�j�B��Z�e�d����Z�d��Z�e�Z�e�d
���Z�e�d����Z�d��Z�d�Z�e�d����Z�d��Z e�d����Z!d��Z"RS(�s
�This class implements the BSDi-Crypt password hash, and follows the :ref:`password-hash-api`.
It supports a fixed-length salt, and a variable number of rounds.
The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
:type salt: str
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 4 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
:type rounds: int
:param rounds:
Optional number of rounds to use.
Defaults to 5001, must be between 1 and 16777215, inclusive.
:type relaxed: bool
:param relaxed:
By default, providing an invalid value for one of the other
keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
will be issued instead. Correctable errors include ``rounds``
that are too small or too large, and ``salt`` strings that are too long.
.. versionadded:: 1.6
.. versionchanged:: 1.6
:meth:`hash` will now issue a warning if an even number of rounds is used
(see :ref:`bsdi-crypt-security-issues` regarding weak DES keys).
R
R R,i�i�i��i�i���t�linears�
^
_
(?P<rounds>[./a-z0-9]{4})
(?P<salt>[./a-z0-9]{4})
(?P<chk>[./a-z0-9]{11})?
$c���Cs�t|�d�d���}�|j�j�|���}�|�s?t�j�j�|����n|�j�d�d�d���\�}�}�}�|d�t�j�|�j d�����d�|�d�|���S(�NR/R0R,R R4R1(
R�RXt�matchR�R�t�InvalidHashErrort�groupR�R+R�(�R3R0t�mR,R R4((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR54�s������������������c���Cs>td���t�j�|j���j�d���|j�|j�f��}�t�|���S(�Ns�_%s%s%sR/(�R�R�t�encode_int24R,RGR R1R�(�R6R0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR7A�s��!���c���Ks?tt�|��j�|��}�|�j�d�@s;t�d�t�j�j����n|�S(�Ni�sHbsdi_crypt rounds should be odd, as even rounds may reveal weak DES keys(�t�superR
t�usingt�default_roundsRR�R�t�PasslibSecurityWarning(�R3t�kwdst�subcls((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRbN�s
���
�����c���Cs�tt�|��j��}�|�d�BS(�Ni�(�RaR
t�_generate_rounds(�R3R,((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRgW�s����c���Ks'|jd�@s�t�St�t�|��j�|��S(�Ni�(�R,RBRaR
t�_calc_needs_update(�R6Re((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRhe�s��
���R<R=c���Cs+td�d���r#|j�|j����t�St�SdS(�NR>s�_/...lLDAxARksGCHin.(�R�R@RARBRC(�R3((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRDt�s��������c���Cs:|j�}�t�|�|���}�|�r)|�d��S|j�|���SdS(�Ni����(�R7R�RE(�R6R�t�configR0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRA|�s
���������c���Cs�|j|j����t�S(�N(�R@RERB(�R3((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRF��s����c���Cs(t|�|j�|j�j�d�����j�d���S(�NR/(�R-R,R R�RG(�R6R�((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRE��s��(�s�salts�rounds(�s�os_crypts�builtin(#RHRIRJRKRLROR�RMRNRPRQRRRct
min_roundst
max_roundst�rounds_costRTRUR�RVRWRXRYR5R7RBt�_avoid_even_roundsRbRgRhRZRDRARFRE(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR
�s0���������� �
� ��������� ����
���� ��
���� ���c�Bs�eZ�dZ�d�Z�d Z�e�j�Z�d��Z�Z e�j�Z
e�j�e
d���e�j�e�j�B��Z�e�d����Z�d��Z�e�d���Z�d��Z�RS(
sg�This class implements the BigCrypt password hash, and follows the :ref:`password-hash-api`.
It supports a fixed-length salt.
The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
:type salt: str
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 22 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
:type relaxed: bool
:param relaxed:
By default, providing an invalid value for one of the other
keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
will be issued instead. Correctable errors include
``salt`` strings that are too long.
.. versionadded:: 1.6
R�R i�sX
^
(?P<salt>[./a-z0-9]{2})
(?P<chk>([./a-z0-9]{11})+)?
$c���Csjt|�d�d���}�|j�j�|���}�|�s?t�j�j�|����n|�j�d�d���\�}�}�|d�|�d�|���S(�NR/R0R R4R1(�R�RXR\R�R�R]R^(�R3R0R_R R4((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR5��s������������c���Cs&td���|j�|j�f��}�t�|���S(�Ns�%s%s(�R�R R1R�(�R6R0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR7��s����c���CsGtt�|��j�|�d�|����}�t�|���d��rCt�j�j�|����n|�S(�Nt�relaxedi�(�RaR�t�_norm_checksumR%R�R�R](�R6R1Rn((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyRo��s��������c���Cs�t|�t���r!|�j�d���}�nt�|�|j�j�d�����}�d�}�t�|���}�xA|�|�kr�|�d��}�|�t�|�|�|�!|�d�d�!��7}�|�}�qQW|�j�d���S(�Ns�utf-8R/i�i����i����(�R�R R�R$R R%RG(�R6R�R4R&R'R(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR;��s��������������
�!�
�(�s�salt(�RHRIRJRKRLR�RMRNRPRQRRRTRUR�RVRWRXRYR5R7RCRoR;(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR���s��������� �
� � ���� �� c�Bs�eZ�dZ�d�Z�d�Z�d�Z�e�j�Z�d��Z Z
e�j�Z�d�Z�e
j�e�d���e
j�e
j�B��Z�e�d����Z�d �Z�d
�Z�RS(�s��This class implements the crypt16 password hash, and follows the :ref:`password-hash-api`.
It supports a fixed-length salt.
The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords:
:type salt: str
:param salt:
Optional salt string.
If not specified, one will be autogenerated (this is recommended).
If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``.
:param bool truncate_error:
By default, crypt16 will silently truncate passwords larger than 16 bytes.
Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash`
to raise a :exc:`~passlib.exc.PasswordTruncateError` instead.
.. versionadded:: 1.7
:type relaxed: bool
:param relaxed:
By default, providing an invalid value for one of the other
keywords will result in a :exc:`ValueError`. If ``relaxed=True``,
and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning`
will be issued instead. Correctable errors include
``salt`` strings that are too long.
.. versionadded:: 1.6
R�R R.i�i�i�sU
^
(?P<salt>[./a-z0-9]{2})
(?P<chk>[./a-z0-9]{22})?
$c���Csjt|�d�d���}�|j�j�|���}�|�s?t�j�j�|����n|�j�d�d���\�}�}�|d�|�d�|���S(�NR/R0R R4R1(�R�RXR\R�R�R]R^(�R3R0R_R R4((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR5+�s������������c���Cs&td���|j�|j�f��}�t�|���S(�Ns�%s%s(�R�R R1R�(�R6R0((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR74�s����c���Cs�t|�t���r!|�j�d���}�n|j�r:|j�|����ny�t�j�|j�j�d�����}�Wn#�t�k
r~���t t�d�������n�Xt
|���}�t�|�d�|�d���}�t
|�d�d�!��}�t�|�d�|�d���}�t�j
|���t�j
|����}�|�j�d���S( Ns�utf-8R/s�invalid chars in saltii�i�i�i�(�R�R R�R8R9R�R�R t
ValueErrorR
R�R�R�R�RG(�R6R�R!t�key1t�result1t�key2t�result2R4((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR;;�s������ �������
�������������(�s�salts�truncate_error(�RHRIRJRKRLROR�RMRNRPRQRRRSRTRUR�RVRWRXRYR5R7R;(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyR���s����������� �
� ��� ���� �(*RJRTt�loggingt getLoggerRHt�logt�warningsRt
passlib.utilsR�R�R�t�passlib.utils.binaryR�R�t�passlib.utils.compatR�R�R�R R
t�passlib.crypto.desR�t�passlib.utils.handlerst�utilst�handlersR�t�__all__R�R�R$R*R-t
TruncateMixint�HasManyBackendst�HasSaltt�GenericHandlerR�t HasRoundsR
R�R�(((s>/usr/lib/python2.7/site-packages/passlib/handlers/des_crypt.pyt�<module>�s,�������������(����������� ��� � � � �+�+��S |