| Georg Brandl | 8ec7f65 | 2007-08-15 14:28:01 +0000 | [diff] [blame] | 1 | |
| 2 | :mod:`sha` --- SHA-1 message digest algorithm |
| 3 | ============================================= |
| 4 | |
| 5 | .. module:: sha |
| 6 | :synopsis: NIST's secure hash algorithm, SHA. |
| 7 | .. sectionauthor:: Fred L. Drake, Jr. <fdrake@acm.org> |
| 8 | |
| 9 | |
| 10 | .. deprecated:: 2.5 |
| 11 | Use the :mod:`hashlib` module instead. |
| 12 | |
| 13 | .. index:: |
| 14 | single: NIST |
| 15 | single: Secure Hash Algorithm |
| 16 | single: checksum; SHA |
| 17 | |
| 18 | This module implements the interface to NIST's secure hash algorithm, known as |
| 19 | SHA-1. SHA-1 is an improved version of the original SHA hash algorithm. It is |
| 20 | used in the same way as the :mod:`md5` module: use :func:`new` to create an sha |
| 21 | object, then feed this object with arbitrary strings using the :meth:`update` |
| 22 | method, and at any point you can ask it for the :dfn:`digest` of the |
| 23 | concatenation of the strings fed to it so far. SHA-1 digests are 160 bits |
| 24 | instead of MD5's 128 bits. |
| 25 | |
| 26 | |
| 27 | .. function:: new([string]) |
| 28 | |
| 29 | Return a new sha object. If *string* is present, the method call |
| 30 | ``update(string)`` is made. |
| 31 | |
| 32 | The following values are provided as constants in the module and as attributes |
| 33 | of the sha objects returned by :func:`new`: |
| 34 | |
| 35 | |
| 36 | .. data:: blocksize |
| 37 | |
| 38 | Size of the blocks fed into the hash function; this is always ``1``. This size |
| 39 | is used to allow an arbitrary string to be hashed. |
| 40 | |
| 41 | |
| 42 | .. data:: digest_size |
| 43 | |
| 44 | The size of the resulting digest in bytes. This is always ``20``. |
| 45 | |
| 46 | An sha object has the same methods as md5 objects: |
| 47 | |
| 48 | |
| 49 | .. method:: sha.update(arg) |
| 50 | |
| 51 | Update the sha object with the string *arg*. Repeated calls are equivalent to a |
| 52 | single call with the concatenation of all the arguments: ``m.update(a); |
| 53 | m.update(b)`` is equivalent to ``m.update(a+b)``. |
| 54 | |
| 55 | |
| 56 | .. method:: sha.digest() |
| 57 | |
| 58 | Return the digest of the strings passed to the :meth:`update` method so far. |
| 59 | This is a 20-byte string which may contain non-ASCII characters, including null |
| 60 | bytes. |
| 61 | |
| 62 | |
| 63 | .. method:: sha.hexdigest() |
| 64 | |
| 65 | Like :meth:`digest` except the digest is returned as a string of length 40, |
| 66 | containing only hexadecimal digits. This may be used to exchange the value |
| 67 | safely in email or other non-binary environments. |
| 68 | |
| 69 | |
| 70 | .. method:: sha.copy() |
| 71 | |
| 72 | Return a copy ("clone") of the sha object. This can be used to efficiently |
| 73 | compute the digests of strings that share a common initial substring. |
| 74 | |
| 75 | |
| 76 | .. seealso:: |
| 77 | |
| 78 | `Secure Hash Standard <http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf>`_ |
| 79 | The Secure Hash Algorithm is defined by NIST document FIPS PUB 180-2: `Secure |
| 80 | Hash Standard |
| 81 | <http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf>`_, |
| 82 | published in August 2002. |
| 83 | |
| 84 | `Cryptographic Toolkit (Secure Hashing) <http://csrc.nist.gov/encryption/tkhash.html>`_ |
| 85 | Links from NIST to various information on secure hashing. |
| 86 | |