Edit File by line
/home/barbar84/public_h.../wp-conte.../plugins/sujqvwi/ShExBy/shex_roo.../lib64/python2....
File: hashlib.py
# $Id$
[0] Fix | Delete
#
[1] Fix | Delete
# Copyright (C) 2005 Gregory P. Smith (greg@krypto.org)
[2] Fix | Delete
# Licensed to PSF under a Contributor Agreement.
[3] Fix | Delete
#
[4] Fix | Delete
[5] Fix | Delete
__doc__ = """hashlib module - A common interface to many hash functions.
[6] Fix | Delete
[7] Fix | Delete
new(name, string='', usedforsecurity=True)
[8] Fix | Delete
- returns a new hash object implementing the given hash function;
[9] Fix | Delete
initializing the hash using the given string data.
[10] Fix | Delete
[11] Fix | Delete
"usedforsecurity" is a non-standard extension for better supporting
[12] Fix | Delete
FIPS-compliant environments (see below)
[13] Fix | Delete
[14] Fix | Delete
Named constructor functions are also available, these are much faster
[15] Fix | Delete
than using new():
[16] Fix | Delete
[17] Fix | Delete
md5(), sha1(), sha224(), sha256(), sha384(), and sha512()
[18] Fix | Delete
[19] Fix | Delete
More algorithms may be available on your platform but the above are guaranteed
[20] Fix | Delete
to exist. See the algorithms_guaranteed and algorithms_available attributes
[21] Fix | Delete
to find out what algorithm names can be passed to new().
[22] Fix | Delete
[23] Fix | Delete
NOTE: If you want the adler32 or crc32 hash functions they are available in
[24] Fix | Delete
the zlib module.
[25] Fix | Delete
[26] Fix | Delete
Choose your hash function wisely. Some have known collision weaknesses.
[27] Fix | Delete
sha384 and sha512 will be slow on 32 bit platforms.
[28] Fix | Delete
[29] Fix | Delete
Our implementation of hashlib uses OpenSSL.
[30] Fix | Delete
[31] Fix | Delete
OpenSSL has a "FIPS mode", which, if enabled, may restrict the available hashes
[32] Fix | Delete
to only those that are compliant with FIPS regulations. For example, it may
[33] Fix | Delete
deny the use of MD5, on the grounds that this is not secure for uses such as
[34] Fix | Delete
authentication, system integrity checking, or digital signatures.
[35] Fix | Delete
[36] Fix | Delete
If you need to use such a hash for non-security purposes (such as indexing into
[37] Fix | Delete
a data structure for speed), you can override the keyword argument
[38] Fix | Delete
"usedforsecurity" from True to False to signify that your code is not relying
[39] Fix | Delete
on the hash for security purposes, and this will allow the hash to be usable
[40] Fix | Delete
even in FIPS mode. This is not a standard feature of Python 2.7's hashlib, and
[41] Fix | Delete
is included here to better support FIPS mode.
[42] Fix | Delete
[43] Fix | Delete
Hash objects have these methods:
[44] Fix | Delete
- update(arg): Update the hash object with the string arg. Repeated calls
[45] Fix | Delete
are equivalent to a single call with the concatenation of all
[46] Fix | Delete
the arguments.
[47] Fix | Delete
- digest(): Return the digest of the strings passed to the update() method
[48] Fix | Delete
so far. This may contain non-ASCII characters, including
[49] Fix | Delete
NUL bytes.
[50] Fix | Delete
- hexdigest(): Like digest() except the digest is returned as a string of
[51] Fix | Delete
double length, containing only hexadecimal digits.
[52] Fix | Delete
- copy(): Return a copy (clone) of the hash object. This can be used to
[53] Fix | Delete
efficiently compute the digests of strings that share a common
[54] Fix | Delete
initial substring.
[55] Fix | Delete
[56] Fix | Delete
For example, to obtain the digest of the string 'Nobody inspects the
[57] Fix | Delete
spammish repetition':
[58] Fix | Delete
[59] Fix | Delete
>>> import hashlib
[60] Fix | Delete
>>> m = hashlib.md5()
[61] Fix | Delete
>>> m.update("Nobody inspects")
[62] Fix | Delete
>>> m.update(" the spammish repetition")
[63] Fix | Delete
>>> m.digest()
[64] Fix | Delete
'\\xbbd\\x9c\\x83\\xdd\\x1e\\xa5\\xc9\\xd9\\xde\\xc9\\xa1\\x8d\\xf0\\xff\\xe9'
[65] Fix | Delete
[66] Fix | Delete
More condensed:
[67] Fix | Delete
[68] Fix | Delete
>>> hashlib.sha224("Nobody inspects the spammish repetition").hexdigest()
[69] Fix | Delete
'a4337bc45a8fc544c03f52dc550cd6e1e87021bc896588bd79e901e2'
[70] Fix | Delete
[71] Fix | Delete
"""
[72] Fix | Delete
[73] Fix | Delete
# This tuple and __get_builtin_constructor() must be modified if a new
[74] Fix | Delete
# always available algorithm is added.
[75] Fix | Delete
__always_supported = ('md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512')
[76] Fix | Delete
[77] Fix | Delete
algorithms_guaranteed = set(__always_supported)
[78] Fix | Delete
algorithms_available = set(__always_supported)
[79] Fix | Delete
[80] Fix | Delete
algorithms = __always_supported
[81] Fix | Delete
[82] Fix | Delete
__all__ = __always_supported + ('new', 'algorithms_guaranteed',
[83] Fix | Delete
'algorithms_available', 'algorithms',
[84] Fix | Delete
'pbkdf2_hmac')
[85] Fix | Delete
[86] Fix | Delete
[87] Fix | Delete
def __get_openssl_constructor(name):
[88] Fix | Delete
try:
[89] Fix | Delete
f = getattr(_hashlib, 'openssl_' + name)
[90] Fix | Delete
# Allow the C module to raise ValueError. The function will be
[91] Fix | Delete
# defined but the hash not actually available thanks to OpenSSL.
[92] Fix | Delete
#
[93] Fix | Delete
# We pass "usedforsecurity=False" to disable FIPS-based restrictions:
[94] Fix | Delete
# at this stage we're merely seeing if the function is callable,
[95] Fix | Delete
# rather than using it for actual work.
[96] Fix | Delete
f(usedforsecurity=False)
[97] Fix | Delete
# Use the C function directly (very fast)
[98] Fix | Delete
return f
[99] Fix | Delete
except (AttributeError, ValueError):
[100] Fix | Delete
# RHEL only: Fallbacks removed; we always use OpenSSL for hashes.
[101] Fix | Delete
raise
[102] Fix | Delete
[103] Fix | Delete
[104] Fix | Delete
def __hash_new(name, string='', usedforsecurity=True):
[105] Fix | Delete
"""new(name, string='', usedforsecurity=True) - Return a new hashing object
[106] Fix | Delete
using the named algorithm; optionally initialized with a string.
[107] Fix | Delete
[108] Fix | Delete
Override 'usedforsecurity' to False when using for non-security purposes in
[109] Fix | Delete
a FIPS environment
[110] Fix | Delete
"""
[111] Fix | Delete
try:
[112] Fix | Delete
return _hashlib.new(name, string, usedforsecurity)
[113] Fix | Delete
except ValueError:
[114] Fix | Delete
# RHEL only: Fallbacks removed; we always use OpenSSL for hashes.
[115] Fix | Delete
raise
[116] Fix | Delete
[117] Fix | Delete
[118] Fix | Delete
try:
[119] Fix | Delete
import _hashlib
[120] Fix | Delete
new = __hash_new
[121] Fix | Delete
__get_hash = __get_openssl_constructor
[122] Fix | Delete
algorithms_available = algorithms_available.union(
[123] Fix | Delete
_hashlib.openssl_md_meth_names)
[124] Fix | Delete
except ImportError:
[125] Fix | Delete
new = __py_new
[126] Fix | Delete
__get_hash = __get_builtin_constructor
[127] Fix | Delete
[128] Fix | Delete
for __func_name in __always_supported:
[129] Fix | Delete
# try them all, some may not work due to the OpenSSL
[130] Fix | Delete
# version not supporting that algorithm.
[131] Fix | Delete
try:
[132] Fix | Delete
globals()[__func_name] = __get_hash(__func_name)
[133] Fix | Delete
except ValueError:
[134] Fix | Delete
import logging
[135] Fix | Delete
logging.exception('code for hash %s was not found.', __func_name)
[136] Fix | Delete
[137] Fix | Delete
[138] Fix | Delete
try:
[139] Fix | Delete
# OpenSSL's PKCS5_PBKDF2_HMAC requires OpenSSL 1.0+ with HMAC and SHA
[140] Fix | Delete
from _hashlib import pbkdf2_hmac
[141] Fix | Delete
except ImportError:
[142] Fix | Delete
import binascii
[143] Fix | Delete
import struct
[144] Fix | Delete
[145] Fix | Delete
_trans_5C = b"".join(chr(x ^ 0x5C) for x in range(256))
[146] Fix | Delete
_trans_36 = b"".join(chr(x ^ 0x36) for x in range(256))
[147] Fix | Delete
[148] Fix | Delete
def pbkdf2_hmac(hash_name, password, salt, iterations, dklen=None):
[149] Fix | Delete
"""Password based key derivation function 2 (PKCS #5 v2.0)
[150] Fix | Delete
[151] Fix | Delete
This Python implementations based on the hmac module about as fast
[152] Fix | Delete
as OpenSSL's PKCS5_PBKDF2_HMAC for short passwords and much faster
[153] Fix | Delete
for long passwords.
[154] Fix | Delete
"""
[155] Fix | Delete
if not isinstance(hash_name, str):
[156] Fix | Delete
raise TypeError(hash_name)
[157] Fix | Delete
[158] Fix | Delete
if not isinstance(password, (bytes, bytearray)):
[159] Fix | Delete
password = bytes(buffer(password))
[160] Fix | Delete
if not isinstance(salt, (bytes, bytearray)):
[161] Fix | Delete
salt = bytes(buffer(salt))
[162] Fix | Delete
[163] Fix | Delete
# Fast inline HMAC implementation
[164] Fix | Delete
inner = new(hash_name)
[165] Fix | Delete
outer = new(hash_name)
[166] Fix | Delete
blocksize = getattr(inner, 'block_size', 64)
[167] Fix | Delete
if len(password) > blocksize:
[168] Fix | Delete
password = new(hash_name, password).digest()
[169] Fix | Delete
password = password + b'\x00' * (blocksize - len(password))
[170] Fix | Delete
inner.update(password.translate(_trans_36))
[171] Fix | Delete
outer.update(password.translate(_trans_5C))
[172] Fix | Delete
[173] Fix | Delete
def prf(msg, inner=inner, outer=outer):
[174] Fix | Delete
# PBKDF2_HMAC uses the password as key. We can re-use the same
[175] Fix | Delete
# digest objects and just update copies to skip initialization.
[176] Fix | Delete
icpy = inner.copy()
[177] Fix | Delete
ocpy = outer.copy()
[178] Fix | Delete
icpy.update(msg)
[179] Fix | Delete
ocpy.update(icpy.digest())
[180] Fix | Delete
return ocpy.digest()
[181] Fix | Delete
[182] Fix | Delete
if iterations < 1:
[183] Fix | Delete
raise ValueError(iterations)
[184] Fix | Delete
if dklen is None:
[185] Fix | Delete
dklen = outer.digest_size
[186] Fix | Delete
if dklen < 1:
[187] Fix | Delete
raise ValueError(dklen)
[188] Fix | Delete
[189] Fix | Delete
hex_format_string = "%%0%ix" % (new(hash_name).digest_size * 2)
[190] Fix | Delete
[191] Fix | Delete
dkey = b''
[192] Fix | Delete
loop = 1
[193] Fix | Delete
while len(dkey) < dklen:
[194] Fix | Delete
prev = prf(salt + struct.pack(b'>I', loop))
[195] Fix | Delete
rkey = int(binascii.hexlify(prev), 16)
[196] Fix | Delete
for i in xrange(iterations - 1):
[197] Fix | Delete
prev = prf(prev)
[198] Fix | Delete
rkey ^= int(binascii.hexlify(prev), 16)
[199] Fix | Delete
loop += 1
[200] Fix | Delete
dkey += binascii.unhexlify(hex_format_string % rkey)
[201] Fix | Delete
[202] Fix | Delete
return dkey[:dklen]
[203] Fix | Delete
[204] Fix | Delete
# Cleanup locals()
[205] Fix | Delete
del __always_supported, __func_name, __get_hash
[206] Fix | Delete
del __hash_new, __get_openssl_constructor
[207] Fix | Delete
[208] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function