sdf

venv/lib/python3.12/site-packages/bcrypt-4.0.1.dist-info/METADATA

@@ -1,29 +1,30 @@
-Metadata-Version: 2.2
+Metadata-Version: 2.1
 Name: bcrypt
-Version: 4.3.0
+Version: 4.0.1
 Summary: Modern password hashing for your software and your servers
-Author-email: The Python Cryptographic Authority developers <cryptography-dev@python.org>
-License: Apache-2.0
-Project-URL: homepage, https://github.com/pyca/bcrypt/
+Home-page: https://github.com/pyca/bcrypt/
+Author: The Python Cryptographic Authority developers
+Author-email: cryptography-dev@python.org
+License: Apache License, Version 2.0
+Platform: UNKNOWN
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: License :: OSI Approved :: Apache Software License
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Programming Language :: Python :: Implementation :: PyPy
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
 Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
-Classifier: Programming Language :: Python :: 3.11
-Classifier: Programming Language :: Python :: 3.12
-Classifier: Programming Language :: Python :: 3.13
-Requires-Python: >=3.8
+Requires-Python: >=3.6
 Description-Content-Type: text/x-rst
 License-File: LICENSE
 Provides-Extra: tests
-Requires-Dist: pytest!=3.3.0,>=3.2.1; extra == "tests"
+Requires-Dist: pytest (!=3.3.0,>=3.2.1) ; extra == 'tests'
 Provides-Extra: typecheck
-Requires-Dist: mypy; extra == "typecheck"
+Requires-Dist: mypy ; extra == 'typecheck'
 
 bcrypt
 ======
@@ -44,7 +45,7 @@ Installation
 
 To install bcrypt, simply:
 
-.. code:: console
+.. code:: bash
 
     $ pip install bcrypt
 
@@ -53,19 +54,19 @@ compiler and a Rust compiler (the minimum supported Rust version is 1.56.0).
 
 For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:
 
-.. code:: console
+.. code:: bash
 
     $ sudo apt-get install build-essential cargo
 
 For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:
 
-.. code:: console
+.. code:: bash
 
     $ sudo yum install gcc cargo
 
 For Alpine, the following command will ensure that the required dependencies are installed:
 
-.. code:: console
+.. code:: bash
 
     $ apk add --update musl-dev gcc cargo
 
@@ -78,52 +79,6 @@ While bcrypt remains an acceptable choice for password storage, depending on you
 Changelog
 =========
 
-Unreleased
-----------
-
-* Dropped support for Python 3.7.
-* We now support free-threaded Python 3.13.
-* We now support PyPy 3.11.
-* We now publish wheels for free-threaded Python 3.13, for PyPy 3.11 on
-  ``manylinux``, and for ARMv7l on ``manylinux``.
-
-4.2.1
------
-
-* Bump Rust dependency versions - this should resolve crashes on Python 3.13
-  free-threaded builds.
-* We no longer build ``manylinux`` wheels for PyPy 3.9.
-
-4.2.0
------
-
-* Bump Rust dependency versions
-* Removed the ``BCRYPT_ALLOW_RUST_163`` environment variable.
-
-4.1.3
------
-
-* Bump Rust dependency versions
-
-4.1.2
------
-
-* Publish both ``py37`` and ``py39`` wheels. This should resolve some errors
-  relating to initializing a module multiple times per process.
-
-4.1.1
------
-
-* Fixed the type signature on the ``kdf`` method.
-* Fixed packaging bug on Windows.
-* Fixed incompatibility with passlib package detection assumptions.
-
-4.1.0
------
-
-* Dropped support for Python 3.6.
-* Bumped MSRV to 1.64. (Note: Rust 1.63 can be used by setting the ``BCRYPT_ALLOW_RUST_163`` environment variable)
-
 4.0.1
 -----
 
@@ -316,7 +271,12 @@ Compatibility
 -------------
 
 This library should be compatible with py-bcrypt and it will run on Python
-3.8+ (including free-threaded builds), and PyPy 3.
+3.6+, and PyPy 3.
+
+C Code
+------
+
+This library uses code from OpenBSD.
 
 Security
 --------
@@ -328,3 +288,5 @@ identify a vulnerability, we ask you to contact us privately.
 .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt
 .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io
 .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt
+
+

venv/lib/python3.12/site-packages/bcrypt-4.0.1.dist-info/RECORD

@@ -0,0 +1,14 @@
+bcrypt-4.0.1.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4
+bcrypt-4.0.1.dist-info/LICENSE,sha256=gXPVwptPlW1TJ4HSuG5OMPg-a3h43OGMkZRR1rpwfJA,10850
+bcrypt-4.0.1.dist-info/METADATA,sha256=peZwWFa95xnpp4NiIE7gJkV01CTkbVXIzoEN66SXd3c,8972
+bcrypt-4.0.1.dist-info/RECORD,,
+bcrypt-4.0.1.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+bcrypt-4.0.1.dist-info/WHEEL,sha256=ZXaM-AC_dnzk1sUAdQV_bMrIMG6zI-GthFaEkNkWsgU,112
+bcrypt-4.0.1.dist-info/top_level.txt,sha256=BkR_qBzDbSuycMzHWE1vzXrfYecAzUVmQs6G2CukqNI,7
+bcrypt/__about__.py,sha256=F7i0CQOa8G3Yjw1T71jQv8yi__Z_4TzLyZJv1GFqVx0,1320
+bcrypt/__init__.py,sha256=EpUdbfHaiHlSoaM-SSUB6MOgNpWOIkS0ZrjxogPIRLM,3781
+bcrypt/__pycache__/__about__.cpython-312.pyc,,
+bcrypt/__pycache__/__init__.cpython-312.pyc,,
+bcrypt/_bcrypt.abi3.so,sha256=_T-y5IrekziUzkYio4hWH7Xzw92XBKewSLd8kmERhGU,1959696
+bcrypt/_bcrypt.pyi,sha256=O-vvHdooGyAxIkdKemVqOzBF5aMhh0evPSaDMgETgEk,214
+bcrypt/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0

venv/lib/python3.12/site-packages/bcrypt-4.0.1.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: bdist_wheel (0.37.1)
+Root-Is-Purelib: false
+Tag: cp36-abi3-manylinux_2_28_x86_64
+

venv/lib/python3.12/site-packages/bcrypt-4.3.0.dist-info/RECORD

@@ -1,11 +0,0 @@
-bcrypt-4.3.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4
-bcrypt-4.3.0.dist-info/LICENSE,sha256=gXPVwptPlW1TJ4HSuG5OMPg-a3h43OGMkZRR1rpwfJA,10850
-bcrypt-4.3.0.dist-info/METADATA,sha256=95qX7ziIfmOF0kNM95YZuWhLVfFy-6EtssVvf1ZgeWg,10042
-bcrypt-4.3.0.dist-info/RECORD,,
-bcrypt-4.3.0.dist-info/WHEEL,sha256=XlovOtcAZFqrc4OSNBtc5R3yDeRHyhWP24RdDnylFpY,111
-bcrypt-4.3.0.dist-info/top_level.txt,sha256=BkR_qBzDbSuycMzHWE1vzXrfYecAzUVmQs6G2CukqNI,7
-bcrypt/__init__.py,sha256=cv-NupIX6P7o6A4PK_F0ur6IZoDr3GnvyzFO9k16wKQ,1000
-bcrypt/__init__.pyi,sha256=ITUCB9mPVU8sKUbJQMDUH5YfQXZb1O55F9qvKZR_o8I,333
-bcrypt/__pycache__/__init__.cpython-312.pyc,,
-bcrypt/_bcrypt.abi3.so,sha256=oMArVCuY_atg2H4SGNfM-zbfEgUOkd4qSiWn2nPqmXc,644928
-bcrypt/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0

venv/lib/python3.12/site-packages/bcrypt-4.3.0.dist-info/WHEEL

@@ -1,5 +0,0 @@
-Wheel-Version: 1.0
-Generator: setuptools (75.8.2)
-Root-Is-Purelib: false
-Tag: cp39-abi3-manylinux_2_34_x86_64
-

venv/lib/python3.12/site-packages/bcrypt/__about__.py

@@ -0,0 +1,41 @@
+# Author:: Donald Stufft (<donald@stufft.io>)
+# Copyright:: Copyright (c) 2013 Donald Stufft
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from __future__ import absolute_import
+from __future__ import division
+from __future__ import unicode_literals
+
+__all__ = [
+    "__title__",
+    "__summary__",
+    "__uri__",
+    "__version__",
+    "__author__",
+    "__email__",
+    "__license__",
+    "__copyright__",
+]
+
+__title__ = "bcrypt"
+__summary__ = "Modern password hashing for your software and your servers"
+__uri__ = "https://github.com/pyca/bcrypt/"
+
+__version__ = "4.0.1"
+
+__author__ = "The Python Cryptographic Authority developers"
+__email__ = "cryptography-dev@python.org"
+
+__license__ = "Apache License, Version 2.0"
+__copyright__ = "Copyright 2013-2022 {0}".format(__author__)

venv/lib/python3.12/site-packages/bcrypt/__init__.py

@@ -1,3 +1,7 @@
+# Author:: Donald Stufft (<donald@stufft.io>)
+# Copyright:: Copyright (c) 2013 Donald Stufft
+# License:: Apache License, Version 2.0
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -9,8 +13,14 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+from __future__ import absolute_import
+from __future__ import division
 
-from ._bcrypt import (
+import hmac
+import os
+import warnings
+
+from .__about__ import (
     __author__,
     __copyright__,
     __email__,
@@ -18,26 +28,100 @@ from ._bcrypt import (
     __summary__,
     __title__,
     __uri__,
-    checkpw,
-    gensalt,
-    hashpw,
-    kdf,
-)
-from ._bcrypt import (
-    __version_ex__ as __version__,
+    __version__,
 )
+from . import _bcrypt  # noqa: I100
+
 
 __all__ = [
-    "__author__",
-    "__copyright__",
-    "__email__",
-    "__license__",
-    "__summary__",
     "__title__",
+    "__summary__",
     "__uri__",
     "__version__",
-    "checkpw",
+    "__author__",
+    "__email__",
+    "__license__",
+    "__copyright__",
     "gensalt",
     "hashpw",
     "kdf",
+    "checkpw",
 ]
+
+
+def gensalt(rounds: int = 12, prefix: bytes = b"2b") -> bytes:
+    if prefix not in (b"2a", b"2b"):
+        raise ValueError("Supported prefixes are b'2a' or b'2b'")
+
+    if rounds < 4 or rounds > 31:
+        raise ValueError("Invalid rounds")
+
+    salt = os.urandom(16)
+    output = _bcrypt.encode_base64(salt)
+
+    return (
+        b"$"
+        + prefix
+        + b"$"
+        + ("%2.2u" % rounds).encode("ascii")
+        + b"$"
+        + output
+    )
+
+
+def hashpw(password: bytes, salt: bytes) -> bytes:
+    if isinstance(password, str) or isinstance(salt, str):
+        raise TypeError("Strings must be encoded before hashing")
+
+    # bcrypt originally suffered from a wraparound bug:
+    # http://www.openwall.com/lists/oss-security/2012/01/02/4
+    # This bug was corrected in the OpenBSD source by truncating inputs to 72
+    # bytes on the updated prefix $2b$, but leaving $2a$ unchanged for
+    # compatibility. However, pyca/bcrypt 2.0.0 *did* correctly truncate inputs
+    # on $2a$, so we do it here to preserve compatibility with 2.0.0
+    password = password[:72]
+
+    return _bcrypt.hashpass(password, salt)
+
+
+def checkpw(password: bytes, hashed_password: bytes) -> bool:
+    if isinstance(password, str) or isinstance(hashed_password, str):
+        raise TypeError("Strings must be encoded before checking")
+
+    ret = hashpw(password, hashed_password)
+    return hmac.compare_digest(ret, hashed_password)
+
+
+def kdf(
+    password: bytes,
+    salt: bytes,
+    desired_key_bytes: int,
+    rounds: int,
+    ignore_few_rounds: bool = False,
+) -> bytes:
+    if isinstance(password, str) or isinstance(salt, str):
+        raise TypeError("Strings must be encoded before hashing")
+
+    if len(password) == 0 or len(salt) == 0:
+        raise ValueError("password and salt must not be empty")
+
+    if desired_key_bytes <= 0 or desired_key_bytes > 512:
+        raise ValueError("desired_key_bytes must be 1-512")
+
+    if rounds < 1:
+        raise ValueError("rounds must be 1 or more")
+
+    if rounds < 50 and not ignore_few_rounds:
+        # They probably think bcrypt.kdf()'s rounds parameter is logarithmic,
+        # expecting this value to be slow enough (it probably would be if this
+        # were bcrypt). Emit a warning.
+        warnings.warn(
+            (
+                "Warning: bcrypt.kdf() called with only {0} round(s). "
+                "This few is not secure: the parameter is linear, like PBKDF2."
+            ).format(rounds),
+            UserWarning,
+            stacklevel=2,
+        )
+
+    return _bcrypt.pbkdf(password, salt, rounds, desired_key_bytes)

venv/lib/python3.12/site-packages/bcrypt/__init__.pyi

@@ -1,10 +0,0 @@
-def gensalt(rounds: int = 12, prefix: bytes = b"2b") -> bytes: ...
-def hashpw(password: bytes, salt: bytes) -> bytes: ...
-def checkpw(password: bytes, hashed_password: bytes) -> bool: ...
-def kdf(
-    password: bytes,
-    salt: bytes,
-    desired_key_bytes: int,
-    rounds: int,
-    ignore_few_rounds: bool = False,
-) -> bytes: ...

venv/lib/python3.12/site-packages/bcrypt/_bcrypt.pyi

@@ -0,0 +1,7 @@
+import typing
+
+def encode_base64(data: bytes) -> bytes: ...
+def hashpass(password: bytes, salt: bytes) -> bytes: ...
+def pbkdf(
+    password: bytes, salt: bytes, rounds: int, desired_key_bytes: int
+) -> bytes: ...