Basically it protects your password from dictionary attacks and pre-computed rainbow tables. For example, if you were to use SHA-256 you would need a salt of at least 16 bytes and a minimum of 100,000 iterations.Īs a quick aside, a salt is just random data that you use as additional input into your hash to make it harder to “unhash” your password. You might use something like this for hashing your password as it supports a salt and iterations. It uses HMAC as its psuedorandom function. In fact, the only method that hashlib provides is the pbkdf2_hmac method, which is the PKCS#5 password-based key derivation function 2. Python has pretty limited support for key derivation built into the standard library. But it’s also less secure, so feel free to try one of the others. I chose to use the sha1 hash as it has a nice short hash that will fit the page better. Then we print out the hash to see what it is. '422fbfbc67fe17c86642c5eaaa48f8b670cbed1b'Īs you can see, we can create our hash instance and call its digest method at the same time. > sha = hashlib.sha1(b'Hello Python').hexdigest() There’s actually a shortcut method of creating a hash, so we’ll look at that next when we create our sha512 hash:
If you prefer the hex digest, we can do that too: So we try that and then call it’s digest method to get our hash. It turns out that to use the md5 hash, you have to pass it a byte string instead of a regular string. Next we add some text to the hash object and we get a traceback. First off, we import hashlib and then we create an instance of an md5 HASH object. Let’s take a moment to break this down a bit. TypeError: Unicode-objects must be encoded before hashingī'\x14\x82\xec\x1b#d\xf6N}\x16*+[\x16\xf4w' If it does, then that means no one has changed the file in transit. Then the person receiving the file can run a hash on the file to see if it matches the hash that was sent. Another popular use case for hashes is to hash a file and then send the file and its hash separately. Of course, the hash has to be a good one or it can be decrypted. One of the most popular uses of hashes is storing the hash of a password instead of the password itself.
Python also supports the adler32 and crc32 hash functions, but those are in the zlib module. It includes the FIPS secure hash algorithms SHA1, SHA224, SHA256, SHA384, and SHA512 as well as RSA’s MD5 algorithm. If you need secure hashes or message digest algorithms, then Python’s standard library has you covered in the hashlib module. We will learn how to encrypt and decrypt strings with both of these libraries. We’ll take a brief look at those in the chapter, but the primary focus will be on the following 3rd party packages: P圜rypto and cryptography. Python 3 doesn’t have very much in its standard library that deals with encryption.
0 kommentar(er)
