Christian Heimes | 3626a50 | 2013-10-19 14:12:02 +0200 | [diff] [blame] | 1 | #. Copyright (C) 2005-2010 Gregory P. Smith (greg@krypto.org) |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 2 | # Licensed to PSF under a Contributor Agreement. |
| 3 | # |
| 4 | |
| 5 | __doc__ = """hashlib module - A common interface to many hash functions. |
| 6 | |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 7 | new(name, data=b'') - returns a new hash object implementing the |
| 8 | given hash function; initializing the hash |
| 9 | using the given binary data. |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 10 | |
Gregory P. Smith | 2f21eb3 | 2007-09-09 06:44:34 +0000 | [diff] [blame] | 11 | Named constructor functions are also available, these are faster |
| 12 | than using new(name): |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 13 | |
| 14 | md5(), sha1(), sha224(), sha256(), sha384(), and sha512() |
| 15 | |
Gregory P. Smith | 13b5529 | 2010-09-06 08:30:23 +0000 | [diff] [blame] | 16 | More algorithms may be available on your platform but the above are guaranteed |
| 17 | to exist. See the algorithms_guaranteed and algorithms_available attributes |
| 18 | to find out what algorithm names can be passed to new(). |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 19 | |
Christian Heimes | d5e2b6f | 2008-03-19 21:50:51 +0000 | [diff] [blame] | 20 | NOTE: If you want the adler32 or crc32 hash functions they are available in |
| 21 | the zlib module. |
| 22 | |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 23 | Choose your hash function wisely. Some have known collision weaknesses. |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 24 | sha384 and sha512 will be slow on 32 bit platforms. |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 25 | |
| 26 | Hash objects have these methods: |
Gregory P. Smith | 2f21eb3 | 2007-09-09 06:44:34 +0000 | [diff] [blame] | 27 | - update(arg): Update the hash object with the bytes in arg. Repeated calls |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 28 | are equivalent to a single call with the concatenation of all |
| 29 | the arguments. |
Gregory P. Smith | 2f21eb3 | 2007-09-09 06:44:34 +0000 | [diff] [blame] | 30 | - digest(): Return the digest of the bytes passed to the update() method |
| 31 | so far. |
| 32 | - hexdigest(): Like digest() except the digest is returned as a unicode |
| 33 | object of double length, containing only hexadecimal digits. |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 34 | - copy(): Return a copy (clone) of the hash object. This can be used to |
| 35 | efficiently compute the digests of strings that share a common |
| 36 | initial substring. |
| 37 | |
| 38 | For example, to obtain the digest of the string 'Nobody inspects the |
| 39 | spammish repetition': |
| 40 | |
| 41 | >>> import hashlib |
| 42 | >>> m = hashlib.md5() |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 43 | >>> m.update(b"Nobody inspects") |
| 44 | >>> m.update(b" the spammish repetition") |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 45 | >>> m.digest() |
Gregory P. Smith | 6359450 | 2008-08-31 16:35:01 +0000 | [diff] [blame] | 46 | b'\\xbbd\\x9c\\x83\\xdd\\x1e\\xa5\\xc9\\xd9\\xde\\xc9\\xa1\\x8d\\xf0\\xff\\xe9' |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 47 | |
| 48 | More condensed: |
| 49 | |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 50 | >>> hashlib.sha224(b"Nobody inspects the spammish repetition").hexdigest() |
Thomas Wouters | 89f507f | 2006-12-13 04:49:30 +0000 | [diff] [blame] | 51 | 'a4337bc45a8fc544c03f52dc550cd6e1e87021bc896588bd79e901e2' |
| 52 | |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 53 | """ |
| 54 | |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 55 | # This tuple and __get_builtin_constructor() must be modified if a new |
| 56 | # always available algorithm is added. |
Martin v. Löwis | 24e4330 | 2014-01-03 14:05:06 +0100 | [diff] [blame] | 57 | __always_supported = ('md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512') |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 58 | |
Raymond Hettinger | bf1d2bc | 2011-01-24 04:52:27 +0000 | [diff] [blame] | 59 | algorithms_guaranteed = set(__always_supported) |
| 60 | algorithms_available = set(__always_supported) |
Gregory P. Smith | 86508cc | 2010-03-01 02:05:26 +0000 | [diff] [blame] | 61 | |
Gregory P. Smith | 13b5529 | 2010-09-06 08:30:23 +0000 | [diff] [blame] | 62 | __all__ = __always_supported + ('new', 'algorithms_guaranteed', |
Christian Heimes | 3626a50 | 2013-10-19 14:12:02 +0200 | [diff] [blame] | 63 | 'algorithms_available', 'pbkdf2_hmac') |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 64 | |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 65 | |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 66 | __builtin_constructor_cache = {} |
| 67 | |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 68 | def __get_builtin_constructor(name): |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 69 | cache = __builtin_constructor_cache |
| 70 | constructor = cache.get(name) |
| 71 | if constructor is not None: |
| 72 | return constructor |
Gregory P. Smith | 12c9d02 | 2011-05-14 15:15:49 -0700 | [diff] [blame] | 73 | try: |
| 74 | if name in ('SHA1', 'sha1'): |
| 75 | import _sha1 |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 76 | cache['SHA1'] = cache['sha1'] = _sha1.sha1 |
Gregory P. Smith | 12c9d02 | 2011-05-14 15:15:49 -0700 | [diff] [blame] | 77 | elif name in ('MD5', 'md5'): |
| 78 | import _md5 |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 79 | cache['MD5'] = cache['md5'] = _md5.md5 |
Gregory P. Smith | 12c9d02 | 2011-05-14 15:15:49 -0700 | [diff] [blame] | 80 | elif name in ('SHA256', 'sha256', 'SHA224', 'sha224'): |
| 81 | import _sha256 |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 82 | cache['SHA224'] = cache['sha224'] = _sha256.sha224 |
| 83 | cache['SHA256'] = cache['sha256'] = _sha256.sha256 |
Gregory P. Smith | 12c9d02 | 2011-05-14 15:15:49 -0700 | [diff] [blame] | 84 | elif name in ('SHA512', 'sha512', 'SHA384', 'sha384'): |
| 85 | import _sha512 |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 86 | cache['SHA384'] = cache['sha384'] = _sha512.sha384 |
| 87 | cache['SHA512'] = cache['sha512'] = _sha512.sha512 |
Brett Cannon | cd171c8 | 2013-07-04 17:43:24 -0400 | [diff] [blame] | 88 | except ImportError: |
Gregory P. Smith | a3221f8 | 2011-05-14 15:35:19 -0700 | [diff] [blame] | 89 | pass # no extension module, this hash is unsupported. |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 90 | |
Christian Heimes | e535107 | 2013-10-22 14:59:12 +0200 | [diff] [blame] | 91 | constructor = cache.get(name) |
| 92 | if constructor is not None: |
| 93 | return constructor |
| 94 | |
Gregory P. Smith | 76c28f7 | 2012-07-21 21:19:53 -0700 | [diff] [blame] | 95 | raise ValueError('unsupported hash type ' + name) |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 96 | |
| 97 | |
| 98 | def __get_openssl_constructor(name): |
| 99 | try: |
| 100 | f = getattr(_hashlib, 'openssl_' + name) |
| 101 | # Allow the C module to raise ValueError. The function will be |
| 102 | # defined but the hash not actually available thanks to OpenSSL. |
| 103 | f() |
| 104 | # Use the C function directly (very fast) |
| 105 | return f |
| 106 | except (AttributeError, ValueError): |
| 107 | return __get_builtin_constructor(name) |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 108 | |
| 109 | |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 110 | def __py_new(name, data=b''): |
Gregory P. Smith | 2f21eb3 | 2007-09-09 06:44:34 +0000 | [diff] [blame] | 111 | """new(name, data=b'') - Return a new hashing object using the named algorithm; |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 112 | optionally initialized with data (which must be bytes). |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 113 | """ |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 114 | return __get_builtin_constructor(name)(data) |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 115 | |
| 116 | |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 117 | def __hash_new(name, data=b''): |
| 118 | """new(name, data=b'') - Return a new hashing object using the named algorithm; |
| 119 | optionally initialized with data (which must be bytes). |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 120 | """ |
| 121 | try: |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 122 | return _hashlib.new(name, data) |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 123 | except ValueError: |
| 124 | # If the _hashlib module (OpenSSL) doesn't support the named |
| 125 | # hash, try using our builtin implementations. |
| 126 | # This allows for SHA224/256 and SHA384/512 support even though |
| 127 | # the OpenSSL library prior to 0.9.8 doesn't provide them. |
Guido van Rossum | e22905a | 2007-08-27 23:09:25 +0000 | [diff] [blame] | 128 | return __get_builtin_constructor(name)(data) |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 129 | |
| 130 | |
| 131 | try: |
| 132 | import _hashlib |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 133 | new = __hash_new |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 134 | __get_hash = __get_openssl_constructor |
Gregory P. Smith | 13b5529 | 2010-09-06 08:30:23 +0000 | [diff] [blame] | 135 | algorithms_available = algorithms_available.union( |
| 136 | _hashlib.openssl_md_meth_names) |
Brett Cannon | cd171c8 | 2013-07-04 17:43:24 -0400 | [diff] [blame] | 137 | except ImportError: |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 138 | new = __py_new |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 139 | __get_hash = __get_builtin_constructor |
Gregory P. Smith | f21a5f7 | 2005-08-21 18:45:59 +0000 | [diff] [blame] | 140 | |
Christian Heimes | e92ef13 | 2013-10-13 00:52:43 +0200 | [diff] [blame] | 141 | try: |
Christian Heimes | 3626a50 | 2013-10-19 14:12:02 +0200 | [diff] [blame] | 142 | # OpenSSL's PKCS5_PBKDF2_HMAC requires OpenSSL 1.0+ with HMAC and SHA |
Christian Heimes | e92ef13 | 2013-10-13 00:52:43 +0200 | [diff] [blame] | 143 | from _hashlib import pbkdf2_hmac |
| 144 | except ImportError: |
Christian Heimes | 3626a50 | 2013-10-19 14:12:02 +0200 | [diff] [blame] | 145 | _trans_5C = bytes((x ^ 0x5C) for x in range(256)) |
| 146 | _trans_36 = bytes((x ^ 0x36) for x in range(256)) |
| 147 | |
| 148 | def pbkdf2_hmac(hash_name, password, salt, iterations, dklen=None): |
| 149 | """Password based key derivation function 2 (PKCS #5 v2.0) |
| 150 | |
| 151 | This Python implementations based on the hmac module about as fast |
| 152 | as OpenSSL's PKCS5_PBKDF2_HMAC for short passwords and much faster |
| 153 | for long passwords. |
| 154 | """ |
| 155 | if not isinstance(hash_name, str): |
| 156 | raise TypeError(hash_name) |
| 157 | |
| 158 | if not isinstance(password, (bytes, bytearray)): |
| 159 | password = bytes(memoryview(password)) |
| 160 | if not isinstance(salt, (bytes, bytearray)): |
| 161 | salt = bytes(memoryview(salt)) |
| 162 | |
| 163 | # Fast inline HMAC implementation |
| 164 | inner = new(hash_name) |
| 165 | outer = new(hash_name) |
| 166 | blocksize = getattr(inner, 'block_size', 64) |
| 167 | if len(password) > blocksize: |
| 168 | password = new(hash_name, password).digest() |
| 169 | password = password + b'\x00' * (blocksize - len(password)) |
| 170 | inner.update(password.translate(_trans_36)) |
| 171 | outer.update(password.translate(_trans_5C)) |
| 172 | |
| 173 | def prf(msg, inner=inner, outer=outer): |
| 174 | # PBKDF2_HMAC uses the password as key. We can re-use the same |
Serhiy Storchaka | 56a6d85 | 2014-12-01 18:28:43 +0200 | [diff] [blame] | 175 | # digest objects and just update copies to skip initialization. |
Christian Heimes | 3626a50 | 2013-10-19 14:12:02 +0200 | [diff] [blame] | 176 | icpy = inner.copy() |
| 177 | ocpy = outer.copy() |
| 178 | icpy.update(msg) |
| 179 | ocpy.update(icpy.digest()) |
| 180 | return ocpy.digest() |
| 181 | |
| 182 | if iterations < 1: |
| 183 | raise ValueError(iterations) |
| 184 | if dklen is None: |
| 185 | dklen = outer.digest_size |
| 186 | if dklen < 1: |
| 187 | raise ValueError(dklen) |
| 188 | |
| 189 | dkey = b'' |
| 190 | loop = 1 |
| 191 | from_bytes = int.from_bytes |
| 192 | while len(dkey) < dklen: |
| 193 | prev = prf(salt + loop.to_bytes(4, 'big')) |
| 194 | # endianess doesn't matter here as long to / from use the same |
| 195 | rkey = int.from_bytes(prev, 'big') |
| 196 | for i in range(iterations - 1): |
| 197 | prev = prf(prev) |
| 198 | # rkey = rkey ^ prev |
| 199 | rkey ^= from_bytes(prev, 'big') |
| 200 | loop += 1 |
| 201 | dkey += rkey.to_bytes(inner.digest_size, 'big') |
| 202 | |
| 203 | return dkey[:dklen] |
| 204 | |
Christian Heimes | e92ef13 | 2013-10-13 00:52:43 +0200 | [diff] [blame] | 205 | |
Gregory P. Smith | d8fe8bf | 2009-08-16 22:08:56 +0000 | [diff] [blame] | 206 | for __func_name in __always_supported: |
| 207 | # try them all, some may not work due to the OpenSSL |
| 208 | # version not supporting that algorithm. |
| 209 | try: |
| 210 | globals()[__func_name] = __get_hash(__func_name) |
| 211 | except ValueError: |
| 212 | import logging |
| 213 | logging.exception('code for hash %s was not found.', __func_name) |
| 214 | |
| 215 | # Cleanup locals() |
| 216 | del __always_supported, __func_name, __get_hash |
| 217 | del __py_new, __hash_new, __get_openssl_constructor |