�
7Y�Kc@s�dZd
dl
mZ
d
dlmZ
d
dlmZ
d
dlmZ
d
dl	m
ZmZ

d�Zdef
d	��YZddd
�Zee�
e_d�Zd�Zed
kr�e�
ndS(s1.1i����(
tpack(
tb2a_hex(
trandint(
t	b64encode(thmact	hmac_sha1cCsEd
jgt
||
�D](\}}tt|�
t|�
A�
^q�
S(Nt(tjointziptchrtord(t
at
bt
xt
y((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pytstrxorMs
tPBKDF2cBsVeZ
dZd
eed�Zd�Zd�Zd�Zd�Z	d�Z
d�ZRS(	s�PBKDF2.py : PKCS#5 v2.0 Password-Based Key Derivation
    
    This implementation takes a passphrase and a salt (and optionally an
    iteration count, a digest module, and a MAC module) and provides a
    file-like object from which an arbitrarily-sized key can be read.

    If the passphrase and/or salt are unicode objects, they are encoded as
    UTF-8 before they are processed.

    The idea behind PBKDF2 is to derive a cryptographic key from a
    passphrase and a salt.
    
    PBKDF2 may also be used as a strong salted password hash.  The
    'crypt' function is provided for that purpose.
    
    Remember: Keys generated using PBKDF2 are only as strong as the
    passphrases they are derived from.
    i�cCsGt|�
s|j
}n||_||_|j|
|||j�
dS(
N(tcallabletnewt_PBKDF2__macmodulet_PBKDF2__digestmodulet_setupt
_pseudorandom(tselft
passphrasetsaltt
iterationstdigestmodulet	macmodule((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyt__init__ds


	
	
cCs%|jd
|
d|d|j
�j�S(s&Pseudorandom function.  e.g. HMAC-SHA1tkeytmsgt	digestmod(RRtdigest(RRR((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyRls
cCs�|jrt
d
�
�
nt|j�
}|jg
}|j}xa||
kr�|d7}|dkrptd�
�
n|j|�
}|j|�

|t|�
7}q?Wdj|�
}||
 }||
|_||_|S(s'Read the specified number of key bytes.sfile-like object is closedi
I����sderived key too longR(	tclosedt
ValueErrortlent_PBKDF2__buft_PBKDF2__blockNumt
OverflowErrort
_PBKDF2__ftappendR(Rtbytestsizetblockst
itblocktbuftretval((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pytreadqs"	


	













	
cCst|j|j
|jtd
|
��}|}xBtdd|j�D]*}|j|j
|�}t||�}qBW|S(Ns!Lii
(t_PBKDF2__prft_PBKDF2__passphraset
_PBKDF2__saltRtxranget_PBKDF2__iterationsR(RR-t
Utresultt
j((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyt__f�s%




cCst|j
|
�
�
S(
sxRead the specified number of octets. Return them as hexadecimal.

        Note that len(obj.hexread(n)) == 2*n.
        (R
R1(Rtoctets((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pythexread�scCs
t|
t
�r!|
jd
�
}
nt|
t�s?td�
�
nt|t
�r`|jd
�
}nt|t�s~td�
�
nt|ttf�s�td�
�
n|dkr�td�
�
nt|�
s�td�
�
n|
|_	||_
||_||_d|_
d	|_t|_dS(
NsUTF-8s!passphrase must be str or unicodessalt must be str or unicodesiterations must be an integeri
siterations must be at least 1sprf must be callableiR(t
isinstancetunicodetencodetstrt	TypeErrortinttlongR#RR3R4R6R2R&R%tFalseR"(RRRRtprf((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyR�s*










	
	
	
	
	
	
c

Cs=|js9|`
|`|`|`|`|`t|_nd
S(sClose the stream.N(R"R3R4R6R2R&R%tTrue(
R((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pytclose�s	






(t__name__t
__module__t__doc__tSHA1tHMACRRR1R(R<RRG(((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyRPs
			
		 cCs�
|
dkrt
�}
nt|
t�r9|
jd
�
}
nt|
t�sWtd�
�
nt|t�rx|jd�
}nt|t�s�td�
�
n|
jd�
r+
|
jd�
dd!\}}
}|d	kr�d
}q+
t	|d�}|d|kr
t
d
�
�
n|}|dks+
t
d
�
�
q+
nd}x0|
D](}||kr8
t
d|f
�
�
q8
q8
W|dks|
|d
kr�
d
}d|
}
nd||
f}
t||
|�jd�
}|
dt
|d�S(s�PBKDF2-based unix crypt(3) replacement.
    
    The number of iterations specified in the salt overrides the 'iterations'
    parameter.

    The effective hash length is 192 bits.
    sus-asciissalt must be a stringsUTF-8s word must be a string or unicodes$p5k2$s
$iiRi�
is%xsInvalid salti
s@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./sIllegal character %r in salts$p5k2$$s$p5k2$%x$%sis./N(tNonet	_makesaltR=R>R?R@RAt
startswithtsplitRBR#RR1R(twordRRtdummyt	convertedtallowedtchtrawhash((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pytcrypt�s<










	













cCsGd
jgt
d�
D]}tdtdd��^q�
}
t|
d�S(s�Return a 48-bit pseudorandom salt for crypt().
    
    This function is not suitable for generating cryptographic secrets.
    Ris@Hii��s./(RtrangeRRR(R-t
binarysalt((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyRN�s:
cCs{d
dlm
}
tddd�jd�
}
|d�
}|
|krRtd�
�
ntddd	�jd
�
}
d}|
|kr�td�
�
ntdd
dd	�jd
�
}
d}|
|kr�td�
�
ntdddd	�jd
�
}
d}|
|kr
td�
�
ntddd�}|jd�
}
|
|jd�
7}
|
|jd�
7}
|
|jd�
7}
|
|jd�
7}
tddd�jd�
}|
|kr�
td�
�
ntdd�}
d}|
|kr�
td�
�
ntdd�}
d}|
|krtd�
�
ntd d!d"d#�
}
d$}|
|krGtd�
�
ntd%d&�}
d&}|
|krwtd�
�
nd'S((sModule self-testi����(
ta2b_hextpasswordsATHENA.MIT.EDUraeburni
it cdedb5281bb2f801565a1122b2563515sself-test failedi�i t@5c08eb61fdf71e4e4ec3cf6ba1f5512ba7e52ddbc5e5142f708a31e2e62b1e13t
Xi@spass phrase equals block sizet@139c30c0966bc32ba55fdbf212530ac9c5ec59f1a452f5cc9ad940fea0598ed1iAspass phrase exceeds block sizet@9ccad6d468770cd51b10e6a68721be611a8b4d282601db3b36be9246915ec82at	kickstartt	workbenchi
iiii(tcloadmtexecs,$p5k2$$exec$r1EWMCMk7Rlv3L/RNcFXviDefYa0hlqltgnus$p5k2$c$u9HvcT4d$.....s1$p5k2$c$u9HvcT4d$Sd1gwSVCLZYAuqZ25piRnbBEoAesaa/gtdclttUsch7fURi
s1$p5k2$d$tUsch7fU$nqDkaxMDOFBeJsTSfABsyn.PYUXilHwLuΙωαννηςs0$p5k2$$KosHgqNo$9mjN8gqjt02hDoP0c2J0ABtLIwtot8cQN(tbinasciiRZRR1tRuntimeErrorR<RW(RZR8texpectedt
f((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyttest_pbkdf2
sV


























	


t__main__N(t__version__tstructRRhR
trandomRtbase64Rtbeaker.crypto.utilRRLRRKRtobjectRRMRWtstaticmethodRNRlRH(((sE/opt/alt/python27/lib/python2.7/site-packages/beaker/crypto/pbkdf2.pyt<module>Cs

	s7		O