Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 6392a9c63ce134c4aceefb8a4eb9da2fa7f4f390 / . / docs / hazmat / primitives / cryptographic-hashes.rst
blob: 7eff1b85459471feeb80741c9a8f6c1d6c559a77 [file] [log] [blame]
Alex Gaynoraf82d5e2013-10-29 17:07:24 -0700[diff] [blame]1.. hazmat::
Donald Stufftd8f01182013-10-27 16:59:56 -0400[diff] [blame]2
Donald Stuffte51fb932013-10-27 17:26:17 -0400[diff] [blame]3Message Digests
4===============
5
Donald Stufftf04317a2013-10-27 16:44:30 -0400[diff] [blame]6.. currentmodule:: cryptography.hazmat.primitives.hashes
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]7
David Reid30b16132013-10-31 13:37:24 -0700[diff] [blame]8.. class:: Hash(algorithm)
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]9
David Reid55602982013-11-01 13:34:05 -0700[diff] [blame]10 A cryptographic hash function takes an arbitrary block of data and
11 calculates a fixed-size bit string (a digest), such that different data
12 results (with a high probability) in different digests.
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]13
David Reid55602982013-11-01 13:34:05 -0700[diff] [blame]14 This is an implementation of
Alex Gaynorab5f0112013-11-08 10:34:00 -0800[diff] [blame]15 :class:`~cryptography.hazmat.primitives.interfaces.HashContext` meant to
David Reid55602982013-11-01 13:34:05 -0700[diff] [blame]16 be used with
Alex Gaynorab5f0112013-11-08 10:34:00 -0800[diff] [blame]17 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
David Reid55602982013-11-01 13:34:05 -0700[diff] [blame]18 implementations to provide an incremental interface to calculating
19 various message digests.
Alex Gaynor23d01a22013-10-28 10:14:46 -0700[diff] [blame]20
21 .. doctest::
22
23 >>> from cryptography.hazmat.primitives import hashes
David Reid30b16132013-10-31 13:37:24 -0700[diff] [blame]24 >>> digest = hashes.Hash(hashes.SHA256())
Alex Gaynor23d01a22013-10-28 10:14:46 -0700[diff] [blame]25 >>> digest.update(b"abc")
26 >>> digest.update(b"123")
David Reid30b16132013-10-31 13:37:24 -0700[diff] [blame]27 >>> digest.finalize()
28 'l\xa1=R\xcap\xc8\x83\xe0\xf0\xbb\x10\x1eBZ\x89\xe8bM\xe5\x1d\xb2\xd29%\x93\xafj\x84\x11\x80\x90'
Alex Gaynorf3b06cd2013-10-21 21:49:50 -0700[diff] [blame]29
Paul Kehrer6b9ddeb2013-10-19 12:28:15 -0500[diff] [blame]30 .. method:: update(data)
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]31
Alex Gaynorddc62f02013-10-20 06:14:24 -0700[diff] [blame]32 :param bytes data: The bytes you wish to hash.
David Reid6392a9c2013-11-13 10:01:15 -0800[diff] [blame^]33 :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]34
35 .. method:: copy()
36
David Reid6392a9c2013-11-13 10:01:15 -0800[diff] [blame^]37 Copy this :class:`Hash` instance, usually so that we may call
38 :meth:`finalize` and get an intermediate digest value while we continue
39 to call :meth:`update` on the original.
40
41 :return: A new instance of :class:`Hash` which can be updated
42 and finalized independently of the original instance.
43 :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]44
David Reid30b16132013-10-31 13:37:24 -0700[diff] [blame]45 .. method:: finalize()
Alex Gaynor14968452013-11-01 14:05:14 -0700[diff] [blame]46
David Reid55602982013-11-01 13:34:05 -0700[diff] [blame]47 Finalize the current context and return the message digest as bytes.
48
David Reid6392a9c2013-11-13 10:01:15 -0800[diff] [blame^]49 Once ``finalize`` is called this object can no longer be used and
50 :meth:`update` and :meth:`copy` will raise
51 :class:`~cryptography.exceptions.AlreadyFinalized`.
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]52
53 :return bytes: The message digest as bytes.
54
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]55
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]56SHA-1
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]57~~~~~
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]58
59.. attention::
60
61 NIST has deprecated SHA-1 in favor of the SHA-2 variants. New applications
62 are strongly suggested to use SHA-2 over SHA-1.
63
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]64.. class:: SHA1()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]65
66 SHA-1 is a cryptographic hash function standardized by NIST. It has a
67 160-bit message digest.
68
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]69SHA-2 Family
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]70~~~~~~~~~~~~
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]71
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]72.. class:: SHA224()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]73
74 SHA-224 is a cryptographic hash function from the SHA-2 family and
75 standardized by NIST. It has a 224-bit message digest.
76
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]77.. class:: SHA256()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]78
79 SHA-256 is a cryptographic hash function from the SHA-2 family and
80 standardized by NIST. It has a 256-bit message digest.
81
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]82.. class:: SHA384()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]83
84 SHA-384 is a cryptographic hash function from the SHA-2 family and
85 standardized by NIST. It has a 384-bit message digest.
86
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]87.. class:: SHA512()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]88
89 SHA-512 is a cryptographic hash function from the SHA-2 family and
90 standardized by NIST. It has a 512-bit message digest.
91
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]92RIPEMD160
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]93~~~~~~~~~
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]94
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]95.. class:: RIPEMD160()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]96
97 RIPEMD160 is a cryptographic hash function that is part of ISO/IEC
98 10118-3:2004. It has a 160-bit message digest.
99
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]100Whirlpool
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]101~~~~~~~~~
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]102
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]103.. class:: Whirlpool()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]104
105 Whirlpool is a cryptographic hash function that is part of ISO/IEC
106 10118-3:2004. It has a 512-bit message digest.
107
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]108MD5
Matthew Iversen505491b2013-10-19 15:56:17 +1100[diff] [blame]109~~~
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]110
111.. warning::
112
113 MD5 is a deprecated hash algorithm that has practical known collision
Alex Gaynorab5f0112013-11-08 10:34:00 -0800[diff] [blame]114 attacks. You are strongly discouraged from using it. Existing applications
115 should strongly consider moving away.
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]116
David Reid1f3d7182013-10-22 16:55:18 -0700[diff] [blame]117.. class:: MD5()
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]118
Paul Kehrer2b9b3012013-10-22 17:09:38 -0500[diff] [blame]119 MD5 is a deprecated cryptographic hash function. It has a 128-bit message
Paul Kehrer36e7d0d2013-10-18 18:54:40 -0500[diff] [blame]120 digest and has practical known collision attacks.