
    Lf                         d dl Z d dlmZ d dlZd dlZddededee   defdZdded	edee   defd
Zddeded	edee   def
dZ	y)    N)Optionalemailpasswordsaltreturnc           
      h   |sGt        j                         }|j                  | j                  d             |j	                         dd }t        |      dk(  sJ t        j                  j                  |j                  d      |ddddt        j                  j                  j                  d	      }|S )
a]  
    Compute argon2id based secret from user email and password only. This uses Argon2id
    for stretching a potentially weak user password/PIN and subsequent HKDF based key
    extending to derive private key material (PKM) for different usage contexts.

    The Argon2 parameters used are the following:

    * kdf ``argon2id-13``
    * time cost ``4096``
    * memory cost ``512``
    * parallelism ``1``

    See `draft-irtf-cfrg-argon2 <https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/>`__ and
    `argon2-cffi <https://argon2-cffi.readthedocs.io/en/stable/>`__.

    :param email: User email.
    :param password: User password.
    :param salt: Optional salt to use (must be 16 bytes long). If none is given, compute salt
        from email as ``salt = SHA256(email)[:16]``.
    :return: The computed private key material (256b, 32 octets).
    utf8N   i   i             )secretr   	time_costmemory_costparallelismhash_lentypeversion)hashlibsha256updateencodedigestlenargon2	low_levelhash_secret_rawTypeID)r   r   r   mpkms        O/var/www/cs2snipe.com/venv/lib/python3.12/site-packages/autobahn/xbr/_wallet.pystretch_argon2_secretr#   !   s    , NN	f%&xxz#2t9??



*
*v&""%% + 	C J    r!   contextc                 x    t        j                  || t        j                        }|j	                  |d      }|S )z

    Expand ``pkm`` and ``context`` into a key of length ``bytes`` using
    HKDF's expand function based on HMAC SHA-512). See the HKDF draft RFC and paper for usage notes.

    :param pkm:
    :param context:
    :param salt:
    :return:
    )r   input_key_materialhashr   )infolength)hkdfHkdfr   sha512expand)r!   r%   r   kdfkeys        r"   expand_argon2_secretr1   K   s1     ))#GNN
KC
**'"*
-CJr$   c                    |sGt        j                         }|j                  | j                  d             |j	                         dd }t        |      dk(  sJ |j                  d      }t        | ||      }t        |||      }|S )z_

    :param email:
    :param password:
    :param context:
    :param salt:
    :return:
    r	   Nr
   )r   r   r   )r!   r%   r   )r   r   r   r   r   r   r#   r1   )r   r   r%   r   r    r!   r0   s          r"   pkm_from_argon2_secretr3   [   sx     NN	f%&xxz#2t9??nnV$G
ehT
JC
3d
CCJr$   )N)
r   typingr   r   r+   strbytesr#   r1   r3    r$   r"   <module>r8      s   6    ' ' '8E? 'V[ 'Te e 8E? V[  #  s (SX/ ej r$   