ó ù¢TQc@s§dZddlmZddlZddlZddlZddlZddlZddlZddl m Z ddl Z ye j ƒZ e ZWn0ek rÂddlZejdƒeZnXddlmZddlmZddlmZdd lmZeged ƒD]Zed A^qƒZeged ƒD]Zed A^q<ƒZdd „Z ddd„Z!d„Z"d„Z#d„Z$d„Z%ddd„Z&dS(u3 Django's standard crypto functions and utilities. iÿÿÿÿ(tunicode_literalsN(treduceujA secure pseudo-random number generator is not available on your system. Falling back to Mersenne Twister.(tsettings(t force_bytes(tsix(txrangeii\i6cCs\|dkrtj}ntj||jdƒƒjƒ}tj|dt |ƒdtjƒS(uÖ Returns the HMAC-SHA1 of 'value', using a key generated from key_salt and a secret (which defaults to settings.SECRET_KEY). A different key_salt should be passed in for every application of HMAC. uutf-8tmsgt digestmodN( tNoneRt SECRET_KEYthashlibtsha1tencodetdigestthmactnewR(tkey_salttvaluetsecrettkey((s,../Django//lib/python/django/utils/crypto.pyt salted_hmac#s  "i u>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789cCsytsJtjtjdtjƒtjƒtjfj dƒƒj ƒƒndj gt |ƒD]}tj |ƒ^q]ƒS(u´ Returns a securely generated random string. The default length of 12 with the a-z, A-Z, 0-9 character set returns a 71-bit value. log_2((26+26+10)^12) =~ 71 bits u%s%s%suutf-8u(tusing_sysrandomtrandomtseedR tsha256tgetstatettimeRR R R tjointrangetchoice(tlengtht allowed_charsti((s,../Django//lib/python/django/utils/crypto.pytget_random_string9s   #cCs¾t|ƒt|ƒkrtSd}tjrzt|tƒrzt|tƒrzxht||ƒD]\}}|||AO}qYWn:x7t||ƒD]&\}}|t|ƒt|ƒAO}qŠW|dkS(u Returns True if the two strings are equal, False otherwise. The time taken is independent of the number of characters that match. i(tlentFalseRtPY3t isinstancetbytestziptord(tval1tval2tresulttxty((s,../Django//lib/python/django/utils/crypto.pytconstant_time_compareSs'cCsttj|ƒdƒS(uq Convert a binary string into a long integer This is a clever optimization for fast xor vector math i(tinttbinasciithexlify(R,((s,../Django//lib/python/django/utils/crypto.pyt _bin_to_longescCstj||jdƒƒS(uw Convert a long integer into a binary string. hex_format_string is like "%020x" for padding 10 characters. uascii(R0t unhexlifyR (R,thex_format_string((s,../Django//lib/python/django/utils/crypto.pyt _long_to_binnscCs¨|ƒ|ƒ}}t|ƒ|jkr=||ƒjƒ}n|d|jt|ƒ7}|j|jtƒƒ|j|ƒ|j|jtƒƒ|j|jƒƒ|S(ug A trimmed down version of Python's HMAC implementation. This function operates on bytes. t(R"t block_sizeR tupdatet translatet _trans_36t _trans_5c(RRR tdig1tdig2((s,../Django//lib/python/django/utils/crypto.pyt _fast_hmacvs ic sˆdkst‚ˆs$tj‰ntˆƒ‰tˆƒ‰ˆƒj}|sW|}n|d |krvtdƒ‚n| | }||d|}d|d‰‡‡‡‡‡fd†}gtd|dƒD]} || ƒ^qÑ} dj| d ƒ| d | S( u¾ Implements PBKDF2 as defined in RFC 2898, section 5.2 HMAC+SHA256 is used as the default pseudo random function. Right now 10,000 iterations is the recommended default which takes 100ms on a 2.2Ghz Core 2 Duo. This is probably the bare minimum for security given 1000 iterations was recommended in 2001. This code is very well optimized for CPython and is only four times slower than openssl's implementation. iii iu dklen too bigu%%0%ixcs7‡‡‡‡‡fd†}tttj|ƒƒˆƒS(Nc3sZˆtjdˆƒ}x=ttˆƒƒD])}tˆ|ˆƒjƒ}t|ƒVq)WdS(Ns>I(tstructtpackRR/R>R R2(tutj(R t iterationstpasswordtsaltR (s,../Django//lib/python/django/utils/crypto.pytU£s(R5Rtoperatortxor(R RF(R4RCRDRER (R s,../Django//lib/python/django/utils/crypto.pytF¢stiÿÿÿÿIIÿÿÿÿ(tAssertionErrorR RRt digest_sizet OverflowErrorRR( RDRERCtdklenR thlentltrRIR,tT((R4RCRDRER s,../Django//lib/python/django/utils/crypto.pytpbkdf2‡s       ,('t__doc__t __future__RRR?R R0RGRt functoolsRRt SystemRandomtTrueRtNotImplementedErrortwarningstwarnR#t django.confRtdjango.utils.encodingRt django.utilsRtdjango.utils.six.movesRt bytearrayR,R;R:RRR!R.R2R5R>RS(((s,../Django//lib/python/django/utils/crypto.pyts<             ))