a fŸWc`0ã@sêdZddlmZddlZe e¡ZddlmZddl m Z m Z ddl m Z ddlmZedƒjZddlmmZgd ¢ZGd d „d ejejejƒZGd d „d ejƒZejdeddddZGdd„dejejƒZGdd„dejejƒZ dS)z;passlib.handlers.nthash - Microsoft Windows -related hashesé)ÚhexlifyN)Úwarn)Ú to_unicodeÚright_pad_string)Úunicode)Ú lookup_hashÚmd4)ÚlmhashÚnthashÚ bsd_nthashÚmsdccÚmsdcc2c@sPeZdZdZdZdZejZdZ dZ dZ e dd„ƒZ dd „Zd Ze dd d „ƒZd S)r aöThis class implements the Lan Manager Password hash, and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.using` method accepts a single optional keyword: :param bool truncate_error: By default, this will silently truncate passwords larger than 14 bytes. Setting ``truncate_error=True`` will cause :meth:`~passlib.ifc.PasswordHash.hash` to raise a :exc:`~passlib.exc.PasswordTruncateError` instead. .. versionadded:: 1.7 The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.verify` methods accept a single optional keyword: :type encoding: str :param encoding: This specifies what character encoding LMHASH should use when calculating digest. It defaults to ``cp437``, the most common encoding encountered. Note that while this class outputs digests in lower-case hexadecimal, it will accept upper-case as well. )Ztruncate_erroré éÚcp437cCs| ¡S©N©Úlower©ÚclsÚhash©rúrrrrr s   r r z$3$$aZThe class support FreeBSD's representation of NTHASH (which is compatible with the :ref:`modular-crypt-format`), and follows the :ref:`password-hash-api`. It has no salt and a single fixed round. The :meth:`~passlib.ifc.PasswordHash.hash` and :meth:`~passlib.ifc.PasswordHash.genconfig` methods accept no optional keywords. )ÚprefixÚidentÚdocc@s>eZdZdZdZejZdZe dd„ƒZ dd„Z e dd„ƒZ d S) r aKThis class implements Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following optional keywords: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). Note that while this class outputs lower-case hexadecimal digests, it will accept upper-case digests as well. rcCs| ¡Srrrrrrrszmsdcc._norm_hashcCst| ||j¡ƒ d¡Sr©rrÚuserrrrrrr" szmsdcc._calc_checksumcCsDt|ddd d¡}t|ddd ¡ d¡}tt|ƒ ¡|ƒ ¡S)zËencode password using mscash v1 algorithm :arg secret: secret as unicode or utf-8 encoded bytes :arg user: username to use as salt :returns: returns string of raw bytes r7r!r8r9rC)rr)rrr:)rr!rCrrrr s z msdcc.rawN© r-r.r/r0r1r2r3r4r5r6rr"rrrrrr ís r c@s>eZdZdZdZejZdZe dd„ƒZ dd„Z e dd„ƒZ d S) r aÝThis class implements version 2 of Microsoft's Domain Cached Credentials password hash, and follows the :ref:`password-hash-api`. It has a fixed number of rounds, and uses the associated username as the salt. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods have the following extra keyword: :type user: str :param user: String containing name of user account this password is associated with. This is required to properly calculate the hash. This keyword is case-insensitive, and should contain just the username (e.g. ``Administrator``, not ``SOMEDOMAIN\Administrator``). rcCs| ¡Srrrrrrr3szmsdcc2._norm_hashcCst| ||j¡ƒ d¡SrrBrrrrr"7szmsdcc2._calc_checksumcCs`ddlm}t|ddd d¡}t|ddd ¡ d¡}tt|ƒ ¡|ƒ ¡}|d||d d ƒS) zîencode password using msdcc v2 algorithm :type secret: unicode or utf-8 bytes :arg secret: secret :type user: str :arg user: username to use as salt :returns: returns string of raw bytes r)Ú pbkdf2_hmacr7r!r8r9rCZsha1i(é)Úpasslib.crypto.digestrErr)rrr:)rr!rCrEÚtmprrrr:s z msdcc2.rawNrDrrrrr s r )!r0ZbinasciirZloggingZ getLoggerr-ÚlogÚwarningsrZ passlib.utilsrrZpasslib.utils.compatrrGrÚconstrZpasslib.utils.handlersZutilsÚhandlersr2Ú__all__Z TruncateMixinZHasEncodingContextZ StaticHandlerr r Z PrefixWrapperr ZHasUserContextr r rrrrÚs       t3 ÿ*0