two version of R2R are hereHEADmaster

5 files changed, 602 insertions, 0 deletions

diff --git a/.venv/lib/python3.12/site-packages/nacl/pwhash/__init__.py b/.venv/lib/python3.12/site-packages/nacl/pwhash/__init__.py
new file mode 100644
index 00000000..ffd76a64
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/nacl/pwhash/__init__.py
@@ -0,0 +1,75 @@
+# Copyright 2017 Donald Stufft and individual contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from nacl.exceptions import CryptPrefixError
+
+from . import _argon2, argon2i, argon2id, scrypt
+
+STRPREFIX = argon2id.STRPREFIX
+
+PWHASH_SIZE = argon2id.PWHASH_SIZE
+
+assert _argon2.ALG_ARGON2_DEFAULT == _argon2.ALG_ARGON2ID13
+# since version 1.0.15 of libsodium
+
+PASSWD_MIN = argon2id.PASSWD_MIN
+PASSWD_MAX = argon2id.PASSWD_MAX
+MEMLIMIT_MAX = argon2id.MEMLIMIT_MAX
+MEMLIMIT_MIN = argon2id.MEMLIMIT_MIN
+OPSLIMIT_MAX = argon2id.OPSLIMIT_MAX
+OPSLIMIT_MIN = argon2id.OPSLIMIT_MIN
+OPSLIMIT_INTERACTIVE = argon2id.OPSLIMIT_INTERACTIVE
+MEMLIMIT_INTERACTIVE = argon2id.MEMLIMIT_INTERACTIVE
+OPSLIMIT_MODERATE = argon2id.OPSLIMIT_MODERATE
+MEMLIMIT_MODERATE = argon2id.MEMLIMIT_MODERATE
+OPSLIMIT_SENSITIVE = argon2id.OPSLIMIT_SENSITIVE
+MEMLIMIT_SENSITIVE = argon2id.MEMLIMIT_SENSITIVE
+
+str = argon2id.str
+
+assert argon2i.ALG != argon2id.ALG
+
+SCRYPT_SALTBYTES = scrypt.SALTBYTES
+SCRYPT_PWHASH_SIZE = scrypt.PWHASH_SIZE
+SCRYPT_OPSLIMIT_INTERACTIVE = scrypt.OPSLIMIT_INTERACTIVE
+SCRYPT_MEMLIMIT_INTERACTIVE = scrypt.MEMLIMIT_INTERACTIVE
+SCRYPT_OPSLIMIT_SENSITIVE = scrypt.OPSLIMIT_SENSITIVE
+SCRYPT_MEMLIMIT_SENSITIVE = scrypt.MEMLIMIT_SENSITIVE
+
+
+kdf_scryptsalsa208sha256 = scrypt.kdf
+scryptsalsa208sha256_str = scrypt.str
+verify_scryptsalsa208sha256 = scrypt.verify
+
+
+def verify(password_hash: bytes, password: bytes) -> bool:
+    """
+    Takes a modular crypt encoded stored password hash derived using one
+    of the algorithms supported by `libsodium` and checks if the user provided
+    password will hash to the same string when using the parameters saved
+    in the stored hash
+    """
+    if password_hash.startswith(argon2id.STRPREFIX):
+        return argon2id.verify(password_hash, password)
+    elif password_hash.startswith(argon2i.STRPREFIX):
+        return argon2id.verify(password_hash, password)
+    elif scrypt.AVAILABLE and password_hash.startswith(scrypt.STRPREFIX):
+        return scrypt.verify(password_hash, password)
+    else:
+        raise (
+            CryptPrefixError(
+                "given password_hash is not in a supported format"
+            )
+        )
diff --git a/.venv/lib/python3.12/site-packages/nacl/pwhash/_argon2.py b/.venv/lib/python3.12/site-packages/nacl/pwhash/_argon2.py
new file mode 100644
index 00000000..856eda04
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/nacl/pwhash/_argon2.py
@@ -0,0 +1,49 @@
+# Copyright 2013 Donald Stufft and individual contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import nacl.bindings
+
+_argon2_strbytes_plus_one = nacl.bindings.crypto_pwhash_STRBYTES
+
+PWHASH_SIZE = _argon2_strbytes_plus_one - 1
+SALTBYTES = nacl.bindings.crypto_pwhash_SALTBYTES
+
+PASSWD_MIN = nacl.bindings.crypto_pwhash_PASSWD_MIN
+PASSWD_MAX = nacl.bindings.crypto_pwhash_PASSWD_MAX
+
+PWHASH_SIZE = _argon2_strbytes_plus_one - 1
+
+BYTES_MAX = nacl.bindings.crypto_pwhash_BYTES_MAX
+BYTES_MIN = nacl.bindings.crypto_pwhash_BYTES_MIN
+
+ALG_ARGON2I13 = nacl.bindings.crypto_pwhash_ALG_ARGON2I13
+ALG_ARGON2ID13 = nacl.bindings.crypto_pwhash_ALG_ARGON2ID13
+ALG_ARGON2_DEFAULT = nacl.bindings.crypto_pwhash_ALG_DEFAULT
+
+
+def verify(password_hash: bytes, password: bytes) -> bool:
+    """
+    Takes a modular crypt encoded argon2i or argon2id stored password hash
+    and checks if the user provided password will hash to the same string
+    when using the stored parameters
+
+    :param password_hash: password hash serialized in modular crypt() format
+    :type password_hash: bytes
+    :param password: user provided password
+    :type password: bytes
+    :rtype: boolean
+
+    .. versionadded:: 1.2
+    """
+    return nacl.bindings.crypto_pwhash_str_verify(password_hash, password)
diff --git a/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2i.py b/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2i.py
new file mode 100644
index 00000000..f9b3af7f
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2i.py
@@ -0,0 +1,132 @@
+# Copyright 2013 Donald Stufft and individual contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import nacl.bindings
+import nacl.encoding
+
+from . import _argon2
+
+ALG = _argon2.ALG_ARGON2I13
+STRPREFIX = nacl.bindings.crypto_pwhash_argon2i_STRPREFIX
+
+SALTBYTES = _argon2.SALTBYTES
+
+PASSWD_MIN = _argon2.PASSWD_MIN
+PASSWD_MAX = _argon2.PASSWD_MAX
+
+PWHASH_SIZE = _argon2.PWHASH_SIZE
+
+BYTES_MIN = _argon2.BYTES_MIN
+BYTES_MAX = _argon2.BYTES_MAX
+
+verify = _argon2.verify
+
+MEMLIMIT_MAX = nacl.bindings.crypto_pwhash_argon2i_MEMLIMIT_MAX
+MEMLIMIT_MIN = nacl.bindings.crypto_pwhash_argon2i_MEMLIMIT_MIN
+OPSLIMIT_MAX = nacl.bindings.crypto_pwhash_argon2i_OPSLIMIT_MAX
+OPSLIMIT_MIN = nacl.bindings.crypto_pwhash_argon2i_OPSLIMIT_MIN
+
+OPSLIMIT_INTERACTIVE = nacl.bindings.crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE
+MEMLIMIT_INTERACTIVE = nacl.bindings.crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE
+OPSLIMIT_SENSITIVE = nacl.bindings.crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE
+MEMLIMIT_SENSITIVE = nacl.bindings.crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE
+
+OPSLIMIT_MODERATE = nacl.bindings.crypto_pwhash_argon2i_OPSLIMIT_MODERATE
+MEMLIMIT_MODERATE = nacl.bindings.crypto_pwhash_argon2i_MEMLIMIT_MODERATE
+
+
+def kdf(
+    size: int,
+    password: bytes,
+    salt: bytes,
+    opslimit: int = OPSLIMIT_SENSITIVE,
+    memlimit: int = MEMLIMIT_SENSITIVE,
+    encoder: nacl.encoding.Encoder = nacl.encoding.RawEncoder,
+) -> bytes:
+    """
+    Derive a ``size`` bytes long key from a caller-supplied
+    ``password`` and ``salt`` pair using the argon2i
+    memory-hard construct.
+
+    the enclosing module provides the constants
+
+        - :py:const:`.OPSLIMIT_INTERACTIVE`
+        - :py:const:`.MEMLIMIT_INTERACTIVE`
+        - :py:const:`.OPSLIMIT_MODERATE`
+        - :py:const:`.MEMLIMIT_MODERATE`
+        - :py:const:`.OPSLIMIT_SENSITIVE`
+        - :py:const:`.MEMLIMIT_SENSITIVE`
+
+    as a guidance for correct settings.
+
+    :param size: derived key size, must be between
+                 :py:const:`.BYTES_MIN` and
+                 :py:const:`.BYTES_MAX`
+    :type size: int
+    :param password: password used to seed the key derivation procedure;
+                     it length must be between
+                     :py:const:`.PASSWD_MIN` and
+                     :py:const:`.PASSWD_MAX`
+    :type password: bytes
+    :param salt: **RANDOM** salt used in the key derivation procedure;
+                 its length must be exactly :py:const:`.SALTBYTES`
+    :type salt: bytes
+    :param opslimit: the time component (operation count)
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.OPSLIMIT_MIN` and
+                     :py:const:`.OPSLIMIT_MAX`
+    :type opslimit: int
+    :param memlimit: the memory occupation component
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.MEMLIMIT_MIN` and
+                     :py:const:`.MEMLIMIT_MAX`
+    :type memlimit: int
+    :rtype: bytes
+
+    .. versionadded:: 1.2
+    """
+
+    return encoder.encode(
+        nacl.bindings.crypto_pwhash_alg(
+            size, password, salt, opslimit, memlimit, ALG
+        )
+    )
+
+
+def str(
+    password: bytes,
+    opslimit: int = OPSLIMIT_INTERACTIVE,
+    memlimit: int = MEMLIMIT_INTERACTIVE,
+) -> bytes:
+    """
+    Hashes a password with a random salt, using the memory-hard
+    argon2i construct and returning an ascii string that has all
+    the needed info to check against a future password
+
+
+    The default settings for opslimit and memlimit are those deemed
+    correct for the interactive user login case.
+
+    :param bytes password:
+    :param int opslimit:
+    :param int memlimit:
+    :rtype: bytes
+
+    .. versionadded:: 1.2
+    """
+    return nacl.bindings.crypto_pwhash_str_alg(
+        password, opslimit, memlimit, ALG
+    )
diff --git a/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2id.py b/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2id.py
new file mode 100644
index 00000000..1b86d69e
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/nacl/pwhash/argon2id.py
@@ -0,0 +1,135 @@
+# Copyright 2013 Donald Stufft and individual contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import nacl.bindings
+import nacl.encoding
+
+from . import _argon2
+
+ALG = _argon2.ALG_ARGON2ID13
+STRPREFIX = nacl.bindings.crypto_pwhash_argon2id_STRPREFIX
+
+SALTBYTES = _argon2.SALTBYTES
+
+PASSWD_MIN = _argon2.PASSWD_MIN
+PASSWD_MAX = _argon2.PASSWD_MAX
+
+PWHASH_SIZE = _argon2.PWHASH_SIZE
+
+BYTES_MIN = _argon2.BYTES_MIN
+BYTES_MAX = _argon2.BYTES_MAX
+
+verify = _argon2.verify
+
+MEMLIMIT_MIN = nacl.bindings.crypto_pwhash_argon2id_MEMLIMIT_MIN
+MEMLIMIT_MAX = nacl.bindings.crypto_pwhash_argon2id_MEMLIMIT_MAX
+OPSLIMIT_MIN = nacl.bindings.crypto_pwhash_argon2id_OPSLIMIT_MIN
+OPSLIMIT_MAX = nacl.bindings.crypto_pwhash_argon2id_OPSLIMIT_MAX
+
+OPSLIMIT_INTERACTIVE = (
+    nacl.bindings.crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE
+)
+MEMLIMIT_INTERACTIVE = (
+    nacl.bindings.crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE
+)
+OPSLIMIT_SENSITIVE = nacl.bindings.crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE
+MEMLIMIT_SENSITIVE = nacl.bindings.crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE
+
+OPSLIMIT_MODERATE = nacl.bindings.crypto_pwhash_argon2id_OPSLIMIT_MODERATE
+MEMLIMIT_MODERATE = nacl.bindings.crypto_pwhash_argon2id_MEMLIMIT_MODERATE
+
+
+def kdf(
+    size: int,
+    password: bytes,
+    salt: bytes,
+    opslimit: int = OPSLIMIT_SENSITIVE,
+    memlimit: int = MEMLIMIT_SENSITIVE,
+    encoder: nacl.encoding.Encoder = nacl.encoding.RawEncoder,
+) -> bytes:
+    """
+    Derive a ``size`` bytes long key from a caller-supplied
+    ``password`` and ``salt`` pair using the argon2i
+    memory-hard construct.
+
+    the enclosing module provides the constants
+
+        - :py:const:`.OPSLIMIT_INTERACTIVE`
+        - :py:const:`.MEMLIMIT_INTERACTIVE`
+        - :py:const:`.OPSLIMIT_MODERATE`
+        - :py:const:`.MEMLIMIT_MODERATE`
+        - :py:const:`.OPSLIMIT_SENSITIVE`
+        - :py:const:`.MEMLIMIT_SENSITIVE`
+
+    as a guidance for correct settings.
+
+    :param size: derived key size, must be between
+                 :py:const:`.BYTES_MIN` and
+                 :py:const:`.BYTES_MAX`
+    :type size: int
+    :param password: password used to seed the key derivation procedure;
+                     it length must be between
+                     :py:const:`.PASSWD_MIN` and
+                     :py:const:`.PASSWD_MAX`
+    :type password: bytes
+    :param salt: **RANDOM** salt used in the key derivation procedure;
+                 its length must be exactly :py:const:`.SALTBYTES`
+    :type salt: bytes
+    :param opslimit: the time component (operation count)
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.OPSLIMIT_MIN` and
+                     :py:const:`.OPSLIMIT_MAX`
+    :type opslimit: int
+    :param memlimit: the memory occupation component
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.MEMLIMIT_MIN` and
+                     :py:const:`.MEMLIMIT_MAX`
+    :type memlimit: int
+    :rtype: bytes
+
+    .. versionadded:: 1.2
+    """
+
+    return encoder.encode(
+        nacl.bindings.crypto_pwhash_alg(
+            size, password, salt, opslimit, memlimit, ALG
+        )
+    )
+
+
+def str(
+    password: bytes,
+    opslimit: int = OPSLIMIT_INTERACTIVE,
+    memlimit: int = MEMLIMIT_INTERACTIVE,
+) -> bytes:
+    """
+    Hashes a password with a random salt, using the memory-hard
+    argon2id construct and returning an ascii string that has all
+    the needed info to check against a future password
+
+    The default settings for opslimit and memlimit are those deemed
+    correct for the interactive user login case.
+
+    :param bytes password:
+    :param int opslimit:
+    :param int memlimit:
+    :rtype: bytes
+
+    .. versionadded:: 1.2
+    """
+    return nacl.bindings.crypto_pwhash_str_alg(
+        password, opslimit, memlimit, ALG
+    )
diff --git a/.venv/lib/python3.12/site-packages/nacl/pwhash/scrypt.py b/.venv/lib/python3.12/site-packages/nacl/pwhash/scrypt.py
new file mode 100644
index 00000000..55bdf498
--- /dev/null
+++ b/.venv/lib/python3.12/site-packages/nacl/pwhash/scrypt.py
@@ -0,0 +1,211 @@
+# Copyright 2013 Donald Stufft and individual contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from typing import cast
+
+import nacl.bindings
+import nacl.encoding
+from nacl import exceptions as exc
+from nacl.exceptions import ensure
+
+_strbytes_plus_one = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_STRBYTES
+
+AVAILABLE = nacl.bindings.has_crypto_pwhash_scryptsalsa208sha256
+
+STRPREFIX = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_STRPREFIX
+
+SALTBYTES = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_SALTBYTES
+
+PASSWD_MIN = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN
+PASSWD_MAX = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX
+
+PWHASH_SIZE = _strbytes_plus_one - 1
+
+BYTES_MIN = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_BYTES_MIN
+BYTES_MAX = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_BYTES_MAX
+
+MEMLIMIT_MIN = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN
+MEMLIMIT_MAX = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX
+OPSLIMIT_MIN = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
+OPSLIMIT_MAX = nacl.bindings.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX
+
+OPSLIMIT_INTERACTIVE = (
+    nacl.bindings.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE
+)
+MEMLIMIT_INTERACTIVE = (
+    nacl.bindings.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
+)
+OPSLIMIT_SENSITIVE = (
+    nacl.bindings.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE
+)
+MEMLIMIT_SENSITIVE = (
+    nacl.bindings.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE
+)
+
+OPSLIMIT_MODERATE = 8 * OPSLIMIT_INTERACTIVE
+MEMLIMIT_MODERATE = 8 * MEMLIMIT_INTERACTIVE
+
+
+def kdf(
+    size: int,
+    password: bytes,
+    salt: bytes,
+    opslimit: int = OPSLIMIT_SENSITIVE,
+    memlimit: int = MEMLIMIT_SENSITIVE,
+    encoder: nacl.encoding.Encoder = nacl.encoding.RawEncoder,
+) -> bytes:
+    """
+    Derive a ``size`` bytes long key from a caller-supplied
+    ``password`` and ``salt`` pair using the scryptsalsa208sha256
+    memory-hard construct.
+
+
+    the enclosing module provides the constants
+
+        - :py:const:`.OPSLIMIT_INTERACTIVE`
+        - :py:const:`.MEMLIMIT_INTERACTIVE`
+        - :py:const:`.OPSLIMIT_SENSITIVE`
+        - :py:const:`.MEMLIMIT_SENSITIVE`
+        - :py:const:`.OPSLIMIT_MODERATE`
+        - :py:const:`.MEMLIMIT_MODERATE`
+
+    as a guidance for correct settings respectively for the
+    interactive login and the long term key protecting sensitive data
+    use cases.
+
+    :param size: derived key size, must be between
+                 :py:const:`.BYTES_MIN` and
+                 :py:const:`.BYTES_MAX`
+    :type size: int
+    :param password: password used to seed the key derivation procedure;
+                     it length must be between
+                     :py:const:`.PASSWD_MIN` and
+                     :py:const:`.PASSWD_MAX`
+    :type password: bytes
+    :param salt: **RANDOM** salt used in the key derivation procedure;
+                 its length must be exactly :py:const:`.SALTBYTES`
+    :type salt: bytes
+    :param opslimit: the time component (operation count)
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.OPSLIMIT_MIN` and
+                     :py:const:`.OPSLIMIT_MAX`
+    :type opslimit: int
+    :param memlimit: the memory occupation component
+                     of the key derivation procedure's computational cost;
+                     it must be between
+                     :py:const:`.MEMLIMIT_MIN` and
+                     :py:const:`.MEMLIMIT_MAX`
+    :type memlimit: int
+    :rtype: bytes
+    :raises nacl.exceptions.UnavailableError: If called when using a
+        minimal build of libsodium.
+
+    .. versionadded:: 1.2
+    """
+    ensure(
+        AVAILABLE,
+        "Not available in minimal build",
+        raising=exc.UnavailableError,
+    )
+
+    ensure(
+        len(salt) == SALTBYTES,
+        "The salt must be exactly %s, not %s bytes long"
+        % (SALTBYTES, len(salt)),
+        raising=exc.ValueError,
+    )
+
+    n_log2, r, p = nacl.bindings.nacl_bindings_pick_scrypt_params(
+        opslimit, memlimit
+    )
+    maxmem = memlimit + (2 ** 16)
+
+    return encoder.encode(
+        nacl.bindings.crypto_pwhash_scryptsalsa208sha256_ll(
+            password,
+            salt,
+            # Cast safety: n_log2 is a positive integer, and so 2 ** n_log2 is also
+            # a positive integer. Mypy+typeshed can't deduce this, because there's no
+            # way to for them to know that n_log2: int is positive.
+            cast(int, 2 ** n_log2),
+            r,
+            p,
+            maxmem=maxmem,
+            dklen=size,
+        )
+    )
+
+
+def str(
+    password: bytes,
+    opslimit: int = OPSLIMIT_INTERACTIVE,
+    memlimit: int = MEMLIMIT_INTERACTIVE,
+) -> bytes:
+    """
+    Hashes a password with a random salt, using the memory-hard
+    scryptsalsa208sha256 construct and returning an ascii string
+    that has all the needed info to check against a future password
+
+    The default settings for opslimit and memlimit are those deemed
+    correct for the interactive user login case.
+
+    :param bytes password:
+    :param int opslimit:
+    :param int memlimit:
+    :rtype: bytes
+    :raises nacl.exceptions.UnavailableError: If called when using a
+        minimal build of libsodium.
+
+    .. versionadded:: 1.2
+    """
+    ensure(
+        AVAILABLE,
+        "Not available in minimal build",
+        raising=exc.UnavailableError,
+    )
+
+    return nacl.bindings.crypto_pwhash_scryptsalsa208sha256_str(
+        password, opslimit, memlimit
+    )
+
+
+def verify(password_hash: bytes, password: bytes) -> bool:
+    """
+    Takes the output of scryptsalsa208sha256 and compares it against
+    a user provided password to see if they are the same
+
+    :param password_hash: bytes
+    :param password: bytes
+    :rtype: boolean
+    :raises nacl.exceptions.UnavailableError: If called when using a
+        minimal build of libsodium.
+
+    .. versionadded:: 1.2
+    """
+    ensure(
+        AVAILABLE,
+        "Not available in minimal build",
+        raising=exc.UnavailableError,
+    )
+
+    ensure(
+        len(password_hash) == PWHASH_SIZE,
+        "The password hash must be exactly %s bytes long"
+        % nacl.bindings.crypto_pwhash_scryptsalsa208sha256_STRBYTES,
+        raising=exc.ValueError,
+    )
+
+    return nacl.bindings.crypto_pwhash_scryptsalsa208sha256_str_verify(
+        password_hash, password
+    )