o 0c@sUddlZddlZddlZddlZddlZddlZddlZejr! dZ dZ e ddej j ej jfDZejeed<e ddfdejeefdejeefd ed ejed ejejeejfd ef d dZe ddfdejeefdejeefd ed ejed ejejeejfd ef ddZdeded efddZded efddZdededed ejeeffddZ d(dededed efdd Zd!eded efd"d#Z d$ed%ed ejefd&d'Z!dS))N>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789iccs$|] }|dur|dkr|VqdS)N/.0seprrG/var/www/html/gps/gps/lib/python3.10/site-packages/werkzeug/security.py s r _os_alt_sepsdatasalt iterationskeylenhashfuncreturncCs$tjdtddt|||||S)aLike :func:`pbkdf2_bin`, but returns a hex-encoded string. :param data: the data to derive. :param salt: the salt for the derivation. :param iterations: the number of iterations. :param keylen: the length of the resulting key. If not provided, the digest size will be used. :param hashfunc: the hash function to use. This can either be the string name of a known hash function, or a function from the hashlib module. Defaults to sha256. .. deprecated:: 2.0 Will be removed in Werkzeug 2.1. Use :func:`hashlib.pbkdf2_hmac` instead. .. versionadded:: 0.9 zj'pbkdf2_hex' is deprecated and will be removed in Werkzeug 2.1. Use 'hashlib.pbkdf2_hmac().hex()' instead. stacklevel)warningswarnDeprecationWarning pbkdf2_binhex)r r r rrrrr pbkdf2_hexs rcCsjtjdtddt|tr|d}t|tr|d}|s!d}n t|r*|j}n|}t |||||S)aeReturns a binary digest for the PBKDF2 hash algorithm of `data` with the given `salt`. It iterates `iterations` times and produces a key of `keylen` bytes. By default, SHA-256 is used as hash function; a different hashlib `hashfunc` can be provided. :param data: the data to derive. :param salt: the salt for the derivation. :param iterations: the number of iterations. :param keylen: the length of the resulting key. If not provided the digest size will be used. :param hashfunc: the hash function to use. This can either be the string name of a known hash function or a function from the hashlib module. Defaults to sha256. .. deprecated:: 2.0 Will be removed in Werkzeug 2.1. Use :func:`hashlib.pbkdf2_hmac` instead. .. versionadded:: 0.9 zd'pbkdf2_bin' is deprecated and will be removed in Werkzeug 2.1. Use 'hashlib.pbkdf2_hmac()' instead.rrutf8sha256) rrr isinstancestrencodecallablenamehashlib pbkdf2_hmac)r r r rr hash_namerrrr5s     rabcCsDtjdtddt|tr|d}t|tr|d}t||S)aiThis function compares strings in somewhat constant time. This requires that the length of at least one string is known in advance. Returns `True` if the two strings are equal, or `False` if they are not. .. deprecated:: 2.0 Will be removed in Werkzeug 2.1. Use :func:`hmac.compare_digest` instead. .. versionadded:: 0.7 zd'safe_str_cmp' is deprecated and will be removed in Werkzeug 2.1. Use 'hmac.compare_digest' instead.rrutf-8)rrrrrrhmaccompare_digest)r$r%rrr safe_str_cmpgs      r)lengthcCs(|dkrtddddt|DS)zAGenerate a random string of SALT_CHARS with specified ``length``.rzSalt length must be positivecss|]}ttVqdSN)secretschoice SALT_CHARS)r_rrrr szgen_salt..) ValueErrorjoinrange)r*rrrgen_saltsr4methodpasswordcCs|dkr||fS|d}|d}|drS|std|ddd}t|dvr0td |d }|r?t|d p=d nt}t |||| d|d|fS|r`t ||| |fSt || |fS) zInternal password hash helper. Supports plaintext without salt, unsalted and salted passwords. In case salted passwords are used hmac is used. plainr&zpbkdf2:zSalt is required for PBKDF2N:)rz&Invalid number of arguments for PBKDF2r)r startswithr1splitlenpopintDEFAULT_PBKDF2_ITERATIONSr!r"rr'new hexdigest)r5r r6argsr rrr_hash_internals$     rD pbkdf2:sha256 salt_lengthcCs8|dkrt|nd}t|||\}}|d|d|S)aHash a password with the given method and salt with a string of the given length. The format of the string returned includes the method that was used so that :func:`check_password_hash` can check the hash. The format for the hashed string looks like this:: method$salt$hash This method can **not** generate unsalted passwords but it is possible to set param method='plain' in order to enforce plaintext passwords. If a salt is used, hmac is used internally to salt the password. If PBKDF2 is wanted it can be enabled by setting the method to ``pbkdf2:method:iterations`` where iterations is optional:: pbkdf2:sha256:80000$salt$hash pbkdf2:sha256$salt$hash :param password: the password to hash. :param method: the hash method to use (one that hashlib supports). Can optionally be in the format ``pbkdf2:method:iterations`` to enable PBKDF2. :param salt_length: the length of the salt in letters. r7r+$)r4rD)r6r5rGr h actual_methodrrrgenerate_password_hashsrKpwhashcCs<|ddkr dS|dd\}}}tt|||d|S)aCheck a password against a given salted and hashed password value. In order to support unsalted legacy passwords this method supports plain text passwords, md5 and sha1 hashes (both salted and unsalted). Returns `True` if the password matched, `False` otherwise. :param pwhash: a hashed string like returned by :func:`generate_password_hash`. :param password: the plaintext password to compare against the hash. rHrFr)countr<r'r(rD)rLr6r5r hashvalrrrcheck_password_hashs rO directory pathnamescsp|g}|D]-dkrttfddtDs*tjs*dks*dr-dS|qtj |S)a2Safely join zero or more untrusted path components to a base directory to avoid escaping the base directory. :param directory: The trusted base directory. :param pathnames: The untrusted path components relative to the base directory. :return: A safe path, otherwise ``None``. r+c3s|]}|vVqdSr,rrfilenamerrr szsafe_join..z..z../N) posixpathnormpathanyr ospathisabsr;appendr2)rPrQpartsrrRr safe_joins     r\)rErF)"r!r'rWrTr-typingtr TYPE_CHECKINGr/r@listrXraltsepr Listr__annotations__Unionbytesr?OptionalCallablerrboolr)r4TuplerDrKrOr\rrrrsz    $   2$"