U ;g@s.ddlmZmZmZmZddlZddlZddlmZddlm Z ddl m Z ddl m Z mZmZddlmZdd lmZmZe Zed krdd lmZmZnBed ksed krdd lmZmZddlmZmZndd lmZmZddddgZejdkrddZ ddZ!nddZ ddZ!dddZ"ddZ#dS))unicode_literalsdivisionabsolute_importprint_functionN)datetime)backend) rand_bytes) type_namebyte_cls int_types)pretty_message)newderefmac)pbkdf2 pkcs12_kdfwinZ winlegacy)kernel32 handle_errorpbkdf1rpbkdf2_iteration_calculatorrwin32cCs$ttd}t|}t|t|S)NzLARGE_INTEGER *)rrZQueryPerformanceCounterrr)numberresr0/tmp/pip-unpacked-wheel-x1gypflw/oscrypto/kdf.py _get_start$s  rcCst|}t|dS)Ng@@)rint)startlengthrrr _get_elapsed*s r!cCstS)N)rnowrrrrr/scCs:t|}|j|jdd}|jd}t||dS)Nii)rr"secondsdays microsecondsr)rr r$Z millisecondsrrrr!2s  dFcs2tdddddgkr(ttdtttsDttdtdkr^ttd tttszttd tdkrttd ttj rt td d d dt fdd}|}t |d|}|dkrdnd}t t|}|dkr.|dd}|S)a Runs pbkdf2() twice to determine the approximate number of iterations to use to hit a desired time per run. Use this on a production machine to dynamically adjust the number of iterations as high as you can. :param hash_algorithm: The string name of the hash algorithm to use: "md5", "sha1", "sha224", "sha256", "sha384", "sha512" :param key_length: The length of the desired key in bytes :param target_ms: The number of milliseconds the derivation should take :param quiet: If no output should be printed as attempts are made :return: An integer number of iterations of PBKDF2 using the specified hash that will take at least target_ms sha1sha224sha256sha384sha512zz hash_algorithm must be one of "sha1", "sha224", "sha256", "sha384", "sha512", not %s ? key_length must be an integer, not %s rC key_length must be greater than 0 - is %s z> target_ms must be an integer, not %s zB target_ms must be greater than 0 - is %s z Only a very slow, pure-python version of PBKDF2 is available, making this function useless i'zthis is a testzutf-8cs>t}tt|}s2td|fd|S)Nz%s iterations in %smsg?)rrr!print)rZ observed_mshash_algorithm iterations key_lengthpasswordquietsalt target_msrr_measures z-pbkdf2_iteration_calculator.._measureg@ii Ni)set ValueErrorr repr isinstancer TypeErrorr rZ pure_pythonOSErrorencoder rround)r1r3r7r5r8fractionZ round_factorresultrr0rr9sT      cCsdt|tsttdt|t|ts8ttdt|t|tsTttdt||dkrnttdt|t|tsttdt||dkrttdt||tdd d gkrttd t||d kr|tdd gkrttd |t|f|dkr|d krttdt|t t |}||| }t d|dD]}|| }qD|d|S)aF An implementation of PBKDF1 - should only be used for interop with legacy systems, not new architectures :param hash_algorithm: The string name of the hash algorithm to use: "md2", "md5", "sha1" :param password: A byte string of the password to use an input to the KDF :param salt: A cryptographic random byte string :param iterations: The numbers of iterations to use when deriving the key :param key_length: The length of the desired key in bytes :return: The derived key as a byte string z@ password must be a byte string, not %s z< salt must be a byte string, not %s z? iterations must be an integer, not %s rzC iterations must be greater than 0 - is %s r-r.Zmd2md5r(zT hash_algorithm must be one of "md2", "md5", "sha1", not %s zM key_length can not be longer than 16 for %s - is %s zO key_length can not be longer than 20 for sha1 - is %s N) r>r r?r r r r<r=r;getattrhashlibdigestrange)r1r4r6r2r3algooutput_rrrrsd      )r'F)$ __future__rrrrsysrJrrutilr _typesr r r _errorsr _ffirrZ_backendZ _mac.utilrrZ _win.utilZ_win._kernel32rrZ _openssl.util__all__platformrr!rrrrrrs6       g