U ;g@sddlmZmZmZmZddlmZddlmZm Z ddl m Z m Z m Z ddlmZddlmZmZmZd d d gZe d krdd lmZndd Zde_dd ZdS))unicode_literalsdivisionabsolute_importprint_function)pretty_message)buffer_from_bytesbytes_from_buffer) libcryptolibcrypto_version_infohandle_openssl_error) rand_bytes) type_namebyte_cls int_typespbkdf2 pkcs12_kdfr)r )rc Cst|tsttdt|t|ts8ttdt|t|tsTttdt||dkrdtdt|tsttdt||dkrtd|tdd d d d gkrttd t|t j t j t j t j t jd|}t|}t |t||t|||||}t|t|S)a PBKDF2 from PKCS#5 :param hash_algorithm: The string name of the hash algorithm to use: "sha1", "sha224", "sha256", "sha384", "sha512" :param password: A byte string of the password to use an input to the KDF :param salt: A cryptographic random byte string :param iterations: The numbers of iterations to use when deriving the key :param key_length: The length of the desired key in bytes :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type :return: The derived key as a byte string zH password must be a byte string, not %s zD salt must be a byte string, not %s zG iterations must be an integer, not %s r z!iterations must be greater than 0zG key_length must be an integer, not %s z!key_length must be greater than 0sha1sha224sha256sha384sha512z hash_algorithm must be one of "sha1", "sha224", "sha256", "sha384", "sha512", not %s )rrrrr) isinstancer TypeErrorrrr ValueErrorsetreprr EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512rZPKCS5_PBKDF2_HMAClenr r )hash_algorithmpasswordsalt iterations key_lengthevp_md output_bufferresultr,:/tmp/pip-unpacked-wheel-x1gypflw/oscrypto/_openssl/util.pyrsd      Fc Csdt|tsttdt|t|ts8ttdt|t|tsTttdt||dkrnttdt|t|tsttdt||dkrttdt||tdd d d d d gkrttdt||tdddgkrttdt|| d dd}t j t j t jt jt jt jd|}t|}t |t||t|||||| } t| t|S)a0 KDF from RFC7292 appendix B.2 - https://tools.ietf.org/html/rfc7292#page-19 :param hash_algorithm: The string name of the hash algorithm to use: "md5", "sha1", "sha224", "sha256", "sha384", "sha512" :param password: A byte string of the password to use an input to the KDF :param salt: A cryptographic random byte string :param iterations: The numbers of iterations to use when deriving the key :param key_length: The length of the desired key in bytes :param id_: The ID of the usage - 1 for key, 2 for iv, 3 for mac :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type :return: The derived key as a byte string z@ password must be a byte string, not %s z< salt must be a byte string, not %s z? iterations must be an integer, not %s r zC iterations must be greater than 0 - is %s z? key_length must be an integer, not %s zC key_length must be greater than 0 - is %s md5rrrrrz hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", not %s rz< id_ must be one of 1, 2, 3, not %s zutf-8zutf-16bes)r.rrrrr)rrrrrrrrrdecodeencoder ZEVP_md5rrr r!r"rZPKCS12_key_gen_unir#r r ) r$r%r&r'r(Zid_Zutf16_passwordZ digest_typer*r+r,r,r-r{s      N) __future__rrrr_errorsr_ffirr Z _libcryptor r r Z_randr_typesrrr__all__Z_pkcs5rZ pure_pythonrr,r,r,r-s  a