af ddlZddlmZddlZddlZd dededeedefdZd ded edeedefd Zd deded edeedef d Z dS) N)Optionalemailpasswordsaltreturnc ~|sWtj}||d|dd}t |dksJt j|d|ddddt jj j d }|S) a] Compute argon2id based secret from user email and password only. This uses Argon2id for stretching a potentially weak user password/PIN and subsequent HKDF based key extending to derive private key material (PKM) for different usage contexts. The Argon2 parameters used are the following: * kdf ``argon2id-13`` * time cost ``4096`` * memory cost ``512`` * parallelism ``1`` See `draft-irtf-cfrg-argon2 `__ and `argon2-cffi `__. :param email: User email. :param password: User password. :param salt: Optional salt to use (must be 16 bytes long). If none is given, compute salt from email as ``salt = SHA256(email)[:16]``. :return: The computed private key material (256b, 32 octets). utf8Nii )secretr time_cost memory_cost parallelismhash_lentypeversion) hashlibsha256updateencodedigestlenargon2 low_levelhash_secret_rawTypeID)rrrmpkms F/var/www/html/env/lib/python3.11/site-packages/autobahn/xbr/_wallet.pystretch_argon2_secretr#!s,  N   f%%&&&xxzz#2# t99????   * *v&&    " % +  C Jr!contextcvtj||tj}||d}|S)z Expand ``pkm`` and ``context`` into a key of length ``bytes`` using HKDF's expand function based on HMAC SHA-512). See the HKDF draft RFC and paper for usage notes. :param pkm: :param context: :param salt: :return: )rinput_key_materialhashr )infolength)hkdfHkdfrsha512expand)r!r%rkdfkeys r"expand_argon2_secretr1Ks6 )#GN K K KC **'"* - -C Jr$cT|sWtj}||d|dd}t |dksJ|d}t |||}t|||}|S)z_ :param email: :param password: :param context: :param salt: :return: r Nr )rrr)r!r%r)rrrrrrr#r1)rrr%rr r!r0s r"pkm_from_argon2_secretr3[s  N   f%%&&&xxzz#2# t99????nnV$$G ehT J J JC 3d C C CC Jr$)N) rtypingrrr+strbytesr#r1r3r$r"r8s6 ''''8E?'V[''''T  e e 8E? V[     #s(SX/ejr$