2001-09-11 13:56:09 -03:00
|
|
|
\section{\module{hmac} ---
|
|
|
|
Keyed-Hashing for Message Authentication}
|
|
|
|
|
|
|
|
\declaremodule{standard}{hmac}
|
|
|
|
\modulesynopsis{Keyed-Hashing for Message Authentication (HMAC)
|
|
|
|
implementation for Python.}
|
|
|
|
\moduleauthor{Gerhard H{\"a}ring}{ghaering@users.sourceforge.net}
|
|
|
|
\sectionauthor{Gerhard H{\"a}ring}{ghaering@users.sourceforge.net}
|
|
|
|
|
|
|
|
\versionadded{2.2}
|
|
|
|
|
|
|
|
This module implements the HMAC algorithm as described by \rfc{2104}.
|
|
|
|
|
|
|
|
\begin{funcdesc}{new}{key\optional{, msg\optional{, digestmod}}}
|
|
|
|
Return a new hmac object. If \var{msg} is present, the method call
|
|
|
|
\code{update(\var{msg})} is made. \var{digestmod} is the digest
|
2005-08-21 15:45:59 -03:00
|
|
|
constructor or module for the HMAC object to use. It defaults to
|
|
|
|
the \code{\refmodule{hashlib}.md5} constructor. \note{The md5 hash
|
|
|
|
has known weaknesses but remains the default for backwards compatibility.
|
|
|
|
Choose a better one for your application.}
|
2001-09-11 13:56:09 -03:00
|
|
|
\end{funcdesc}
|
|
|
|
|
|
|
|
An HMAC object has the following methods:
|
|
|
|
|
|
|
|
\begin{methoddesc}[hmac]{update}{msg}
|
|
|
|
Update the hmac object with the string \var{msg}. Repeated calls
|
|
|
|
are equivalent to a single call with the concatenation of all the
|
|
|
|
arguments: \code{m.update(a); m.update(b)} is equivalent to
|
|
|
|
\code{m.update(a + b)}.
|
|
|
|
\end{methoddesc}
|
|
|
|
|
|
|
|
\begin{methoddesc}[hmac]{digest}{}
|
|
|
|
Return the digest of the strings passed to the \method{update()}
|
2005-08-21 15:45:59 -03:00
|
|
|
method so far. This string will be the same length as the
|
|
|
|
\var{digest_size} of the digest given to the constructor. It
|
|
|
|
may contain non-\ASCII{} characters, including NUL bytes.
|
2001-09-11 13:56:09 -03:00
|
|
|
\end{methoddesc}
|
|
|
|
|
|
|
|
\begin{methoddesc}[hmac]{hexdigest}{}
|
2005-08-21 15:45:59 -03:00
|
|
|
Like \method{digest()} except the digest is returned as a string
|
|
|
|
twice the length containing
|
2001-09-11 13:56:09 -03:00
|
|
|
only hexadecimal digits. This may be used to exchange the value
|
|
|
|
safely in email or other non-binary environments.
|
|
|
|
\end{methoddesc}
|
|
|
|
|
|
|
|
\begin{methoddesc}[hmac]{copy}{}
|
|
|
|
Return a copy (``clone'') of the hmac object. This can be used to
|
|
|
|
efficiently compute the digests of strings that share a common
|
|
|
|
initial substring.
|
|
|
|
\end{methoddesc}
|
2005-08-21 15:45:59 -03:00
|
|
|
|
|
|
|
\begin{seealso}
|
|
|
|
\seemodule{hashlib}{The python module providing secure hash functions.}
|
|
|
|
\end{seealso}
|