o þðcðã@s\ddlZddlmZddlmZmZmZmZddlm Z m Z ddl m Z Gdd„de ƒZ dS)éN)Úutils)ÚAlreadyFinalizedÚ InvalidKeyÚUnsupportedAlgorithmÚ_Reasons)Ú constant_timeÚhashes)ÚKeyDerivationFunctionc @sZeZdZ ddejdedededejf dd„Z d ed efd d „Z d ed ed dfdd„Z dS)Ú PBKDF2HMACNÚ algorithmÚlengthÚsaltÚ iterationsÚbackendcCsXddlm}| |¡std |j¡tjƒ‚d|_||_ ||_ t   d|¡||_ ||_dS)Nr©rz/{} is not supported for PBKDF2 by this backend.Fr )Ú,cryptography.hazmat.backends.openssl.backendrÚpbkdf2_hmac_supportedrÚformatÚnamerÚUNSUPPORTED_HASHÚ_usedÚ _algorithmÚ_lengthrÚ _check_bytesÚ_saltÚ _iterations)Úselfr r r rrÚossl©rúV/opt/certbot/lib/python3.10/site-packages/cryptography/hazmat/primitives/kdf/pbkdf2.pyÚ__init__s  ÿü  zPBKDF2HMAC.__init__Ú key_materialÚreturncCsF|jrtdƒ‚d|_t d|¡ddlm}| |j|j|j |j |¡S)Nz'PBKDF2 instances can only be used once.Tr!rr) rrrÚ_check_byteslikerrÚderive_pbkdf2_hmacrrrr)rr!rrrrÚderive.s  ûzPBKDF2HMAC.deriveÚ expected_keycCs"| |¡}t ||¡stdƒ‚dS)NzKeys do not match.)r%rÚbytes_eqr)rr!r&Ú derived_keyrrrÚverify>s  ÿzPBKDF2HMAC.verify)N) Ú__name__Ú __module__Ú __qualname__rÚ HashAlgorithmÚintÚbytesÚtypingÚAnyr r%r)rrrrr súþýüû úr )r0Ú cryptographyrÚcryptography.exceptionsrrrrÚcryptography.hazmat.primitivesrrÚ"cryptography.hazmat.primitives.kdfr r rrrrÚs