Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 5bbcf7660b07f5a77ce9ff5666bede3c3377dfc7 / . / docs / hazmat / primitives / hmac.rst
blob: f4f5daa1b6b02a8362a968b1f7959439694a7988 [file] [log] [blame]
Alex Gaynoraf82d5e2013-10-29 17:07:24 -0700[diff] [blame]1.. hazmat::
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]2
3Hash-based Message Authentication Codes
4=======================================
5
Alex Gaynor4658ce12013-10-29 15:26:50 -0700[diff] [blame]6.. currentmodule:: cryptography.hazmat.primitives.hmac
7
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]8.. testsetup::
9
10 import binascii
11 key = binascii.unhexlify(b"0" * 32)
12
13Hash-based message authentication codes (or HMACs) are a tool for calculating
14message authentication codes using a cryptographic hash function coupled with a
15secret key. You can use an HMAC to verify integrity as well as authenticate a
16message.
17
David Reidef0fcf22013-11-06 11:12:45 -0800[diff] [blame]18.. class:: HMAC(key, algorithm, backend)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]19
David Reid6753e392013-11-01 15:32:03 -0700[diff] [blame]20 HMAC objects take a ``key`` and a provider of
21 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`.
Paul Kehrer50a88152013-10-29 10:46:05 -0500[diff] [blame]22 The ``key`` should be randomly generated bytes and is recommended to be
23 equal in length to the ``digest_size`` of the hash function chosen.
24 You must keep the ``key`` secret.
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]25
Alex Gaynor58ecc8d2013-11-03 21:21:00 -0800[diff] [blame]26 This is an implementation of :rfc:`2104`.
27
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]28 .. doctest::
29
Alex Gaynorf8796b12013-12-13 20:28:55 -0800[diff] [blame]30 >>> from cryptography.hazmat.backends import default_backend
Paul Kehrerbf8962a2013-10-28 17:44:42 -0500[diff] [blame]31 >>> from cryptography.hazmat.primitives import hashes, hmac
David Reid63fa19a2013-11-20 10:49:13 -0800[diff] [blame]32 >>> h = hmac.HMAC(key, hashes.SHA256(), backend=default_backend())
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]33 >>> h.update(b"message to hash")
David Reid6753e392013-11-01 15:32:03 -0700[diff] [blame]34 >>> h.finalize()
35 '#F\xdaI\x8b"e\xc4\xf1\xbb\x9a\x8fc\xff\xf5\xdex.\xbc\xcd/+\x8a\x86\x1d\x84\'\xc3\xa6\x1d\xd8J'
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]36
Alex Stapleton447d64f2013-12-21 21:26:55 +0000[diff] [blame]37 If the backend doesn't support the requested ``algorithm`` an
38 :class:`~cryptography.exceptions.UnsupportedAlgorithm` will be raised.
David Reid663295d2013-11-20 13:55:08 -0800[diff] [blame]39
Alex Gaynor5bbcf762014-01-08 18:36:57 -0800[diff] [blame^]40 If you've been given a signature and need to check that it's correct, this
41 can be done with the :meth:`verify` method, you'll get an exception if the
42 signature is wrong:
43
44 .. code-block:: pycon
45
46 >>> h.verify(b"an incorrect signature")
47 Traceback (most recent call last):
48 ...
49 cryptography.exceptions.InvalidSignature: Signature did not match digest.
50
David Reid663295d2013-11-20 13:55:08 -0800[diff] [blame]51 :param key: Secret key as ``bytes``.
52 :param algorithm: A
53 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
54 provider such as those described in
55 :ref:`Cryptographic Hashes <cryptographic-hash-algorithms>`.
56 :param backend: A
Alex Gaynorf8796b12013-12-13 20:28:55 -0800[diff] [blame]57 :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
David Reid663295d2013-11-20 13:55:08 -0800[diff] [blame]58 provider.
59
Paul Kehrer2824ab72013-10-28 11:06:55 -0500[diff] [blame]60 .. method:: update(msg)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]61
Paul Kehrer50a88152013-10-29 10:46:05 -0500[diff] [blame]62 :param bytes msg: The bytes to hash and authenticate.
David Reid2cce6182013-11-13 13:49:41 -0800[diff] [blame]63 :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]64
65 .. method:: copy()
66
David Reid2cce6182013-11-13 13:49:41 -0800[diff] [blame]67 Copy this :class:`HMAC` instance, usually so that we may call
68 :meth:`finalize` and get an intermediate digest value while we continue
69 to call :meth:`update` on the original.
70
71 :return: A new instance of :class:`HMAC` which can be updated
72 and finalized independently of the original instance.
73 :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]74
Julian Krausec91fe6a2013-12-25 11:00:49 -0800[diff] [blame]75 .. method:: verify(signature)
Julian Krause2288e302013-12-17 21:26:23 -0800[diff] [blame]76
Alex Gaynor12252702014-01-02 11:10:35 -0800[diff] [blame]77 Finalize the current context and securely compare digest to
78 ``signature``.
Julian Krause2288e302013-12-17 21:26:23 -0800[diff] [blame]79
Alex Gaynor12252702014-01-02 11:10:35 -0800[diff] [blame]80 :param bytes signature: The bytes to compare the current digest
81 against.
Julian Krause2288e302013-12-17 21:26:23 -0800[diff] [blame]82 :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
Alex Gaynor12252702014-01-02 11:10:35 -0800[diff] [blame]83 :raises cryptography.exceptions.InvalidSignature: If signature does not
84 match digest
Alex Gaynor5bbcf762014-01-08 18:36:57 -0800[diff] [blame^]85
86 .. method:: finalize()
87
88 Finalize the current context and return the message digest as bytes.
89
90 Once ``finalize`` is called this object can no longer be used and
91 :meth:`update`, :meth:`copy`, and :meth:`finalize` will raise
92 :class:`~cryptography.exceptions.AlreadyFinalized`.
93
94 :return bytes: The message digest as bytes.
95 :raises cryptography.exceptions.AlreadyFinalized: