def crypto_pwhash_scryptsalsa208sha256_str(
passwd, opslimit=SCRYPT_OPSLIMIT_INTERACTIVE,
memlimit=SCRYPT_MEMLIMIT_INTERACTIVE):
"""
Derive a cryptographic key using the ``passwd`` and ``salt``
given as input, returning a string representation which includes
the salt and the tuning parameters.
The returned string can be directly stored as a password hash.
See :py:func:`.crypto_pwhash_scryptsalsa208sha256` for a short
discussion about ``opslimit`` and ``memlimit`` values.
:param bytes passwd:
:param int opslimit:
:param int memlimit:
:return: serialized key hash, including salt and tuning parameters
:rtype: bytes
"""
buf = ffi.new("char[]", SCRYPT_STRBYTES)
ret = lib.crypto_pwhash_scryptsalsa208sha256_str(buf, passwd,
len(passwd),
opslimit,
memlimit)
ensure(ret == 0, 'Unexpected failure in password hashing',
raising=exc.RuntimeError)
return ffi.string(buf)
def crypto_pwhash_str_alg(passwd, opslimit, memlimit, alg):
"""
Derive a cryptographic key using the ``passwd`` given as input
and a random ``salt``, returning a string representation which
includes the salt, the tuning parameters and the used algorithm.
:param passwd: The input password
:type passwd: bytes
:param opslimit: computational cost
:type opslimit: int
:param memlimit: memory cost
:type memlimit: int
:param alg: The algorithm to use
:type alg: int
:return: serialized derived key and parameters
:rtype: bytes
"""
ensure(isinstance(opslimit, integer_types), raising=TypeError)
ensure(isinstance(memlimit, integer_types), raising=TypeError)
ensure(isinstance(passwd, bytes), raising=TypeError)
_check_argon2_limits_alg(opslimit, memlimit, alg)
outbuf = ffi.new("char[]", 128)
ret = lib.crypto_pwhash_str_alg(outbuf, passwd, len(passwd), opslimit,
memlimit, alg)
ensure(ret == 0,
'Unexpected failure in key derivation',
raising=exc.RuntimeError)
return ffi.string(outbuf)
def crypto_pwhash_scryptsalsa208sha256_str(
passwd,
opslimit=SCRYPT_OPSLIMIT_INTERACTIVE,
memlimit=SCRYPT_MEMLIMIT_INTERACTIVE):
"""
Derive a cryptographic key using the ``passwd`` and ``salt``
given as input, returning a string representation which includes
the salt and the tuning parameters.
The returned string can be directly stored as a password hash.
See :py:func:`.crypto_pwhash_scryptsalsa208sha256` for a short
discussion about ``opslimit`` and ``memlimit`` values.
:param bytes passwd:
:param int opslimit:
:param int memlimit:
:return: serialized key hash, including salt and tuning parameters
:rtype: bytes
"""
buf = ffi.new("char[]", SCRYPT_STRBYTES)
ret = lib.crypto_pwhash_scryptsalsa208sha256_str(buf, passwd, len(passwd),
opslimit, memlimit)
ensure(ret == 0,
'Unexpected failure in password hashing',
raising=exc.RuntimeError)
return ffi.string(buf)
def crypto_pwhash_str_alg(passwd, opslimit, memlimit, alg):
"""
Derive a cryptographic key using the ``passwd`` given as input
and a random ``salt``, returning a string representation which
includes the salt, the tuning parameters and the used algorithm.
:param passwd: The input password
:type passwd: bytes
:param opslimit: computational cost
:type opslimit: int
:param memlimit: memory cost
:type memlimit: int
:param alg: The algorithm to use
:type alg: int
:return: serialized derived key and parameters
:rtype: bytes
"""
ensure(isinstance(opslimit, integer_types),
raising=TypeError)
ensure(isinstance(memlimit, integer_types),
raising=TypeError)
ensure(isinstance(passwd, bytes),
raising=TypeError)
_check_argon2_limits_alg(opslimit, memlimit, alg)
outbuf = ffi.new("char[]", 128)
ret = lib.crypto_pwhash_str_alg(outbuf, passwd, len(passwd),
opslimit, memlimit, alg)
ensure(ret == 0, 'Unexpected failure in key derivation',
raising=exc.RuntimeError)
return ffi.string(outbuf)
crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX = 0
crypto_pwhash_scryptsalsa208sha256_BYTES_MIN = 0
crypto_pwhash_scryptsalsa208sha256_BYTES_MAX = 0
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN = 0
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX = 0
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN = 0
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX = 0
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE = 0
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE = 0
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE = 0
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE = 0
if has_crypto_pwhash_scryptsalsa208sha256:
crypto_pwhash_scryptsalsa208sha256_STRPREFIX = \
ffi.string(ffi.cast("char *",
lib.crypto_pwhash_scryptsalsa208sha256_strprefix()
)
)[:]
crypto_pwhash_scryptsalsa208sha256_SALTBYTES = \
lib.crypto_pwhash_scryptsalsa208sha256_saltbytes()
crypto_pwhash_scryptsalsa208sha256_STRBYTES = \
lib.crypto_pwhash_scryptsalsa208sha256_strbytes()
crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_passwd_min()
crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX = \
lib.crypto_pwhash_scryptsalsa208sha256_passwd_max()
crypto_pwhash_scryptsalsa208sha256_BYTES_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_bytes_min()
crypto_pwhash_scryptsalsa208sha256_BYTES_MAX = \
lib.crypto_pwhash_scryptsalsa208sha256_bytes_max()
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_memlimit_min()
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import absolute_import, division, print_function
import sys
from six import integer_types
import nacl.exceptions as exc
from nacl._sodium import ffi, lib
from nacl.exceptions import ensure
crypto_pwhash_scryptsalsa208sha256_STRPREFIX = \
ffi.string(ffi.cast("char *",
lib.crypto_pwhash_scryptsalsa208sha256_strprefix()
)
)[:]
crypto_pwhash_scryptsalsa208sha256_SALTBYTES = \
lib.crypto_pwhash_scryptsalsa208sha256_saltbytes()
crypto_pwhash_scryptsalsa208sha256_STRBYTES = \
lib.crypto_pwhash_scryptsalsa208sha256_strbytes()
crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_passwd_min()
crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX = \
lib.crypto_pwhash_scryptsalsa208sha256_passwd_max()
crypto_pwhash_scryptsalsa208sha256_BYTES_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_bytes_min()
crypto_pwhash_scryptsalsa208sha256_BYTES_MAX = \
lib.crypto_pwhash_scryptsalsa208sha256_bytes_max()
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN = \
lib.crypto_pwhash_scryptsalsa208sha256_memlimit_min()
