o 5 h_W@s$dZddlZddlZeeZddlmZddlm Z m Z m Z ddl m Z mZddlmZmZmZmZmZddlmZddlmmZgdZd Zd d Zd d ZddZddZ Gdddej!ej"ej#ej$Z%Gdddej"ej&ej#ej$Z'Gdddej#ej$Z(Gdddej!ej#ej$Z)dS)zFpasslib.handlers.des_crypt - traditional unix (DES) crypt and variantsN)warn) safe_crypt test_crypt to_unicode)h64h64big)byte_elem_valueu uascii_to_strunicodesuppress_cause)des_encrypt_int_block) des_crypt bsdi_cryptbigcryptcrypt16cCstddt|ddDS)zconvert secret to 64-bit DES key. this only uses the first 8 bytes of the secret, and discards the high 8th bit of each byte at that. a null parity bit is inserted after every 7th bit of the output. css,|]\}}t|d@d|d>VqdS)9N)r).0icrn/var/www/html/construction_image-detection-poc/venv/lib/python3.10/site-packages/passlib/handlers/des_crypt.py (s z'_crypt_secret_to_key..Nr)sum enumerate)secretrrr_crypt_secret_to_keys rcCspt|dksJt|}t|tr|d}t|tsJt|vr(tj t t |}t |d|d}t|S)z pure-python backed for des_cryptutf-8r)lenr decode_int12 isinstancer encodebytes_BNULLuhexcNullPasswordErrorrrr r encode_int64)rsalt salt_value key_valueresultrrr_raw_des_crypt+s     r1cCsRt|}d}t|}||kr'|d}t|||}t|||A}|}||ks|S)z,convert secret to DES key used by bsdi_cryptr)rr#r )rr/idxendnext tmp_valuerrr_bsdi_secret_to_keyIsr6cCs`t|}t|tr|d}t|tsJt|vr tj t t |}t |d||}t |S)z"pure-python backend for bsdi_cryptr!r)r decode_int24r%r r&r'r(r)r*r+rr6r rr,)rroundsr-r.r/r0rrr_raw_bsdi_cryptUs     r9c@seZdZdZdZdZejZdZ dZ Z ejZ dZ eedejejBZeddZd d Zd d Zd ZeddZddZeddZddZdS)raThis class implements the des-crypt password hash, and follows the :ref:`password-hash-api`. It supports a fixed-length salt. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :param bool truncate_error: By default, des_crypt will silently truncate passwords larger than 8 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 r-truncate_error r rzU ^ (?P[./a-z0-9]{2}) (?P[./a-z0-9]{11})? $cCs6t|dd}|dd|dd}}|||pddS)Nasciihashr r-checksum)r)clsr>r-chkrrr from_strings zdes_crypt.from_stringcCtd|j|jf}t|SNz%s%sr r-r@r selfr>rrr to_stringzdes_crypt.to_stringcCs|jr||||S)N) use_defaults_check_truncate_policy_calc_checksum_backendrHrrrr_calc_checksums  zdes_crypt._calc_checksumos_cryptbuiltincCtddr ||jdSdS)Ntest abgOeLfPimXQoTFr_set_calc_checksum_backend_calc_checksum_os_cryptrArrr_load_backend_os_crypt  z des_crypt._load_backend_os_cryptcCsTt||j}|dur||S||jrt|dkr$tj||j||ddS)N r )rr-_calc_checksum_builtin startswithr#r)r*CryptBackendError)rHrr>rrrrXs   z!des_crypt._calc_checksum_os_cryptcC||jdSNTrWr]rYrrr_load_backend_builtin zdes_crypt._load_backend_builtincCst||jddSNr=)r1r-r&decoderNrrrr]sz des_crypt._calc_checksum_builtinN)__name__ __module__ __qualname____doc__name setting_kwdsr) HASH64_CHARSchecksum_chars checksum_size min_salt_size max_salt_size salt_chars truncate_sizerecompiler XI _hash_regex classmethodrCrIrObackendsrZrXrcr]rrrrrps.$       rcseZdZdZdZdZdZejZ dZ Z ejZ dZ dZdZdZeed ejejBZed d Zd d ZdZefddZefddZfddZdZeddZddZ eddZ!ddZ"Z#S)ra This class implements the BSDi-Crypt password hash, and follows the :ref:`password-hash-api`. It supports a fixed-length salt, and a variable number of rounds. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 4 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :type rounds: int :param rounds: Optional number of rounds to use. Defaults to 5001, must be between 1 and 16777215, inclusive. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``rounds`` that are too small or too large, and ``salt`` strings that are too long. .. versionadded:: 1.6 .. versionchanged:: 1.6 :meth:`hash` will now issue a warning if an even number of rounds is used (see :ref:`bsdi-crypt-security-issues` regarding weak DES keys). )r-r8r<iilinearz ^ _ (?P[./a-z0-9]{4}) (?P[./a-z0-9]{4}) (?P[./a-z0-9]{11})? $cCsVt|dd}|j|}|stj||ddd\}}}|t| d||dS)Nr=r>r8r-rB)r8r-r@) rrxmatchr)r*InvalidHashErrorgrouprr7r&)rAr>mr8r-rBrrrrC4s   zbsdi_crypt.from_stringcCs,tdt|jd|j|jf}t|S)Nz_%s%s%sr=)r r encode_int24r8rfr-r@r rGrrrrIAszbsdi_crypt.to_stringTc s2tt|jdi|}|jd@stdtjj|S)Nr|zHbsdi_crypt rounds should be odd, as even rounds may reveal weak DES keysr)superrusingdefault_roundsrr)r*PasslibSecurityWarning)rAkwdssubcls __class__rrrNs  zbsdi_crypt.usingcstt|}|dBS)Nr|)rr_generate_rounds)rAr8rrrrWszbsdi_crypt._generate_roundsc s$|jd@sdStt|jdi|S)Nr|Tr)r8rr_calc_needs_update)rHrrrrres zbsdi_crypt._calc_needs_updaterPcCrS)NrTz_/...lLDAxARksGCHin.TFrVrYrrrrZtr[z!bsdi_crypt._load_backend_os_cryptcCs^|}t||}|dur||S||ddr!t|dkr)tj||||ddS)N )rIrr]r^r#r)r*r_)rHrconfigr>rrrrX|s   z"bsdi_crypt._calc_checksum_os_cryptcCr`rarbrYrrrrcrdz bsdi_crypt._load_backend_builtincCst||j|jddSre)r9r8r-r&rfrNrrrr]sz!bsdi_crypt._calc_checksum_builtin)$rgrhrirjrkrlror)rmrnrprqrrr min_rounds max_rounds rounds_costrtrur rvrwrxryrCrI_avoid_even_roundsrrrrzrZrXrcr] __classcell__rrrrrs>#         rcsreZdZdZdZdZejZdZ Z ejZ e ede je jBZeddZddZdfd d Zd d ZZS)ragThis class implements the BigCrypt password hash, and follows the :ref:`password-hash-api`. It supports a fixed-length salt. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 22 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 )r-r zX ^ (?P[./a-z0-9]{2}) (?P([./a-z0-9]{11})+)? $cCDt|dd}|j|}|stj||dd\}}|||dSNr=r>r-rBr?rrxr~r)r*rrrAr>rr-rBrrrrC    zbigcrypt.from_stringcCrDrErFrGrrrrIrJzbigcrypt.to_stringFcs0tt|j||d}t|drtj||S)N)relaxedr<)rr_norm_checksumr#r)r*r)rHr@rrrrrs  zbigcrypt._norm_checksumcCsvt|tr |d}t||jd}d}t|}||kr6|d}|t||||dd7}|}||ks|dS)Nr!r=rri)r%r r&r1r-r#rf)rHrrBr2r3r4rrrrOs   zbigcrypt._calc_checksum)F)rgrhrirjrkrlr)rmrnrprqrrrtrur rvrwrxryrCrIrrOrrrrrrs    rc@sheZdZdZdZdZdZejZ dZ Z ejZ dZ eedejejBZeddZd d Zd d Zd S)raThis class implements the crypt16 password hash, and follows the :ref:`password-hash-api`. It supports a fixed-length salt. The :meth:`~passlib.ifc.PasswordHash.using` method accepts the following optional keywords: :type salt: str :param salt: Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 2 characters, drawn from the regexp range ``[./0-9A-Za-z]``. :param bool truncate_error: By default, crypt16 will silently truncate passwords larger than 16 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 :type relaxed: bool :param relaxed: By default, providing an invalid value for one of the other keywords will result in a :exc:`ValueError`. If ``relaxed=True``, and the error can be corrected, a :exc:`~passlib.exc.PasslibHashWarning` will be issued instead. Correctable errors include ``salt`` strings that are too long. .. versionadded:: 1.6 r:r zU ^ (?P[./a-z0-9]{2}) (?P[./a-z0-9]{22})? $cCrrrrrrrrC+rzcrypt16.from_stringcCrDrErFrGrrrrI4rJzcrypt16.to_stringcCst|tr |d}|jr||z t|jd}Wn ty*t tdwt |}t |d|d}t |dd}t |d|d}t |t |}|dS) Nr!r=zinvalid chars in saltrrrr)r%r r&rKrLrr$r- ValueErrorr rr rr,rf)rHrr.key1result1key2result2rBrrrrO;s      zcrypt16._calc_checksumN)rgrhrirjrkrlror)rmrnrprqrrrsrtrur rvrwrxryrCrIrOrrrrrs $    r)*rjrtlogging getLoggerrglogwarningsr passlib.utilsrrrpasslib.utils.binaryrrpasslib.utils.compatrr r r r passlib.crypto.desr passlib.utils.handlersutilshandlersr)__all__r(rr1r6r9 TruncateMixinHasManyBackendsHasSaltGenericHandlerr HasRoundsrrrrrrrs*    $S