| Alex Gaynor | af82d5e | 2013-10-29 17:07:24 -0700 | [diff] [blame] | 1 | .. hazmat:: |
| Donald Stufft | d8f0118 | 2013-10-27 16:59:56 -0400 | [diff] [blame] | 2 | |
| Donald Stufft | e51fb93 | 2013-10-27 17:26:17 -0400 | [diff] [blame] | 3 | Message Digests |
| 4 | =============== |
| 5 | |
| Donald Stufft | f04317a | 2013-10-27 16:44:30 -0400 | [diff] [blame] | 6 | .. currentmodule:: cryptography.hazmat.primitives.hashes |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 7 | |
| David Reid | ef0fcf2 | 2013-11-06 11:12:45 -0800 | [diff] [blame] | 8 | .. class:: Hash(algorithm, backend) |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 9 | |
| David Reid | 5560298 | 2013-11-01 13:34:05 -0700 | [diff] [blame] | 10 | A cryptographic hash function takes an arbitrary block of data and |
| 11 | calculates a fixed-size bit string (a digest), such that different data |
| 12 | results (with a high probability) in different digests. |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 13 | |
| David Reid | 5560298 | 2013-11-01 13:34:05 -0700 | [diff] [blame] | 14 | This is an implementation of |
| Alex Gaynor | ab5f011 | 2013-11-08 10:34:00 -0800 | [diff] [blame] | 15 | :class:`~cryptography.hazmat.primitives.interfaces.HashContext` meant to |
| David Reid | 5560298 | 2013-11-01 13:34:05 -0700 | [diff] [blame] | 16 | be used with |
| Alex Gaynor | ab5f011 | 2013-11-08 10:34:00 -0800 | [diff] [blame] | 17 | :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` |
| David Reid | 5560298 | 2013-11-01 13:34:05 -0700 | [diff] [blame] | 18 | implementations to provide an incremental interface to calculating |
| 19 | various message digests. |
| Alex Gaynor | 23d01a2 | 2013-10-28 10:14:46 -0700 | [diff] [blame] | 20 | |
| 21 | .. doctest:: |
| David Reid | 846460a | 2013-11-06 11:24:50 -0800 | [diff] [blame] | 22 | |
| David Reid | ef0fcf2 | 2013-11-06 11:12:45 -0800 | [diff] [blame] | 23 | >>> from cryptography.hazmat.bindings import default_backend |
| Alex Gaynor | 23d01a2 | 2013-10-28 10:14:46 -0700 | [diff] [blame] | 24 | >>> from cryptography.hazmat.primitives import hashes |
| David Reid | 63fa19a | 2013-11-20 10:49:13 -0800 | [diff] [blame^] | 25 | >>> digest = hashes.Hash(hashes.SHA256(), backend=default_backend()) |
| Alex Gaynor | 23d01a2 | 2013-10-28 10:14:46 -0700 | [diff] [blame] | 26 | >>> digest.update(b"abc") |
| 27 | >>> digest.update(b"123") |
| David Reid | 30b1613 | 2013-10-31 13:37:24 -0700 | [diff] [blame] | 28 | >>> digest.finalize() |
| 29 | 'l\xa1=R\xcap\xc8\x83\xe0\xf0\xbb\x10\x1eBZ\x89\xe8bM\xe5\x1d\xb2\xd29%\x93\xafj\x84\x11\x80\x90' |
| Alex Gaynor | f3b06cd | 2013-10-21 21:49:50 -0700 | [diff] [blame] | 30 | |
| Alex Gaynor | 9480129 | 2013-11-13 10:33:01 -0800 | [diff] [blame] | 31 | Keep in mind that attacks against cryptographic hashes only get stronger |
| 32 | with time, and that often algorithms that were once thought to be strong, |
| 33 | become broken. Because of this it's important to include a plan for |
| 34 | upgrading the hash algorithm you use over time. For more information, see |
| 35 | `Lifetimes of cryptographic hash functions`_. |
| 36 | |
| Paul Kehrer | 6b9ddeb | 2013-10-19 12:28:15 -0500 | [diff] [blame] | 37 | .. method:: update(data) |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 38 | |
| Alex Gaynor | ddc62f0 | 2013-10-20 06:14:24 -0700 | [diff] [blame] | 39 | :param bytes data: The bytes you wish to hash. |
| David Reid | 6392a9c | 2013-11-13 10:01:15 -0800 | [diff] [blame] | 40 | :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize` |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 41 | |
| 42 | .. method:: copy() |
| 43 | |
| David Reid | 6392a9c | 2013-11-13 10:01:15 -0800 | [diff] [blame] | 44 | Copy this :class:`Hash` instance, usually so that we may call |
| 45 | :meth:`finalize` and get an intermediate digest value while we continue |
| 46 | to call :meth:`update` on the original. |
| 47 | |
| 48 | :return: A new instance of :class:`Hash` which can be updated |
| 49 | and finalized independently of the original instance. |
| 50 | :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize` |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 51 | |
| David Reid | 30b1613 | 2013-10-31 13:37:24 -0700 | [diff] [blame] | 52 | .. method:: finalize() |
| Alex Gaynor | 1496845 | 2013-11-01 14:05:14 -0700 | [diff] [blame] | 53 | |
| David Reid | 5560298 | 2013-11-01 13:34:05 -0700 | [diff] [blame] | 54 | Finalize the current context and return the message digest as bytes. |
| 55 | |
| David Reid | 6392a9c | 2013-11-13 10:01:15 -0800 | [diff] [blame] | 56 | Once ``finalize`` is called this object can no longer be used and |
| Alex Gaynor | 272d537 | 2013-11-13 13:50:02 -0800 | [diff] [blame] | 57 | :meth:`update`, :meth:`copy`, and :meth:`finalize` will raise |
| David Reid | 6392a9c | 2013-11-13 10:01:15 -0800 | [diff] [blame] | 58 | :class:`~cryptography.exceptions.AlreadyFinalized`. |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 59 | |
| 60 | :return bytes: The message digest as bytes. |
| 61 | |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 62 | |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 63 | SHA-1 |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 64 | ~~~~~ |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 65 | |
| 66 | .. attention:: |
| 67 | |
| 68 | NIST has deprecated SHA-1 in favor of the SHA-2 variants. New applications |
| 69 | are strongly suggested to use SHA-2 over SHA-1. |
| 70 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 71 | .. class:: SHA1() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 72 | |
| 73 | SHA-1 is a cryptographic hash function standardized by NIST. It has a |
| 74 | 160-bit message digest. |
| 75 | |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 76 | SHA-2 Family |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 77 | ~~~~~~~~~~~~ |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 78 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 79 | .. class:: SHA224() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 80 | |
| 81 | SHA-224 is a cryptographic hash function from the SHA-2 family and |
| 82 | standardized by NIST. It has a 224-bit message digest. |
| 83 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 84 | .. class:: SHA256() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 85 | |
| 86 | SHA-256 is a cryptographic hash function from the SHA-2 family and |
| 87 | standardized by NIST. It has a 256-bit message digest. |
| 88 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 89 | .. class:: SHA384() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 90 | |
| 91 | SHA-384 is a cryptographic hash function from the SHA-2 family and |
| 92 | standardized by NIST. It has a 384-bit message digest. |
| 93 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 94 | .. class:: SHA512() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 95 | |
| 96 | SHA-512 is a cryptographic hash function from the SHA-2 family and |
| 97 | standardized by NIST. It has a 512-bit message digest. |
| 98 | |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 99 | RIPEMD160 |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 100 | ~~~~~~~~~ |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 101 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 102 | .. class:: RIPEMD160() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 103 | |
| 104 | RIPEMD160 is a cryptographic hash function that is part of ISO/IEC |
| 105 | 10118-3:2004. It has a 160-bit message digest. |
| 106 | |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 107 | Whirlpool |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 108 | ~~~~~~~~~ |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 109 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 110 | .. class:: Whirlpool() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 111 | |
| 112 | Whirlpool is a cryptographic hash function that is part of ISO/IEC |
| 113 | 10118-3:2004. It has a 512-bit message digest. |
| 114 | |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 115 | MD5 |
| Matthew Iversen | 505491b | 2013-10-19 15:56:17 +1100 | [diff] [blame] | 116 | ~~~ |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 117 | |
| 118 | .. warning:: |
| 119 | |
| 120 | MD5 is a deprecated hash algorithm that has practical known collision |
| Alex Gaynor | ab5f011 | 2013-11-08 10:34:00 -0800 | [diff] [blame] | 121 | attacks. You are strongly discouraged from using it. Existing applications |
| 122 | should strongly consider moving away. |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 123 | |
| David Reid | 1f3d718 | 2013-10-22 16:55:18 -0700 | [diff] [blame] | 124 | .. class:: MD5() |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 125 | |
| Paul Kehrer | 2b9b301 | 2013-10-22 17:09:38 -0500 | [diff] [blame] | 126 | MD5 is a deprecated cryptographic hash function. It has a 128-bit message |
| Paul Kehrer | 36e7d0d | 2013-10-18 18:54:40 -0500 | [diff] [blame] | 127 | digest and has practical known collision attacks. |
| Alex Gaynor | 9480129 | 2013-11-13 10:33:01 -0800 | [diff] [blame] | 128 | |
| 129 | |
| 130 | .. _`Lifetimes of cryptographic hash functions`: http://valerieaurora.org/hash.html |