o 3aC @sdZddlZddlZddlZddlZddlmZddlmZddl m Z Gddde Z ddd d d Z eZd Zeefd dZddZdddZdS)z3 Django's standard crypto functions and utilities. N)settings)RemovedInDjango40Warning) force_bytesc@seZdZdZdS)InvalidAlgorithmz&Algorithm is not supported by hashlib.N)__name__ __module__ __qualname____doc__r r 5/usr/lib/python3/dist-packages/django/utils/crypto.pyrsrsha1) algorithmc Csx|durtj}t|}t|}ztt|}Wnty)}ztd||d}~ww|||}tj |t||dS)a* Return the HMAC of 'value', using a key generated from key_salt and a secret (which defaults to settings.SECRET_KEY). Default algorithm is SHA1, but any algorithm name supported by hashlib can be passed. A different key_salt should be passed in for every application of HMAC. Nz6%r is not an algorithm accepted by the hashlib module.)msg digestmod) r SECRET_KEYrgetattrhashlibAttributeErrorrdigesthmacnew)key_saltvaluesecretr hasherekeyr r r salted_hmacs$r>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789cs4|tur tdtd}dfddt|DS)aG Return a securely generated random string. The bit length of the returned value can be calculated with the formula: log_2(len(allowed_chars)^length) For example, with default `allowed_chars` (26+26+10), this gives: * length: 12, bit length =~ 71 bits * length: 22, bit length =~ 131 bits z.Not providing a length argument is deprecated. c3s|]}tVqdSN)secretschoice).0i allowed_charsr r Hsz$get_random_string..) NOT_PROVIDEDwarningswarnrjoinrange)lengthr'r r&r get_random_string7s r/cCstt|t|S)z:Return True if the two strings are equal, False otherwise.)r"compare_digestr)val1val2r r r constant_time_compareKsr3cCs<|durtj}|p d}t|}t|}t|j||||S)z)Return the hash of password using pbkdf2.N)rsha256r pbkdf2_hmacname)passwordsalt iterationsdklenrr r r pbkdf2Ps r;r!)rN)r rrr"r* django.confrdjango.utils.deprecationrdjango.utils.encodingr ValueErrorrrobjectr)RANDOM_STRING_CHARSr/r3r;r r r r s