Official Copy:/zh-cn/3/library/
hashlib --- secure hashing with message digests
Python's hashlib provides common digest algorithms such as MD5, SHA1, and so on.
What is digest algorithms digest algorithms? Digest algorithms are also known as hash hash algorithms, hashing algorithms. It passes a function that converts data of arbitrary length into a data string of fixed length (usually represented as a hexadecimal string).
hash algorithm
Each type of hash has a builder method that returns a hash object and the same simple interface.
Example:
Use sha256() to create a SHA-256hash object. you can use update() to feed it bytes-like object. you can then use digest() or hexdigest() to get a digest of the data.
The hashlib model has many algorithms such as: sha1(), sha224(), sha256(), sha384(), sha512(), blake2b(), and blake2s(). There are many other algorithms depending on the OpenSSL libary used by Python. see the documentation.
Use the algorithms_guaranteed constant to see which algorithms the module supports on all platforms:
>>> hashlib.algorithms_guaranteed
{'blake2s', 'sha256', 'sha3_512', 'sha1', 'shake_128', 'sha3_256', 'sha3_384', 'blake2b', 'sha3_224', 'sha512', 'md5', 'shake_256', 'sha224', 'sha384'}
Use the algorithms_available constant for hash algorithms that are available to the compiler at runtime.
>>> hashlib.algorithms_available
{'sha3_256', 'blake2b', 'md5', 'sha512_224', 'sha384', 'md4', 'sha256', 'sha512', 'whirlpool', 'sha224', 'sha512_256', 'shake_128', 'sha3_384', 'ripemd160', 'blake2s', 'sha3_512', 'sha1', 'sm3', 'shake_256', 'sha3_224', 'md5-sha1'}
Example:
>>> import hashlib >>> m = hashlib.sha256() >>> (b" the spammish repetition") # Repeat call is equivalent to, summing bytes byte strings. >>> The name of the #hash algorithm 'sha256' >>> () # Returns a summary of the data passed into update(). b'U<\x9bP\xb1\xa8\x9a\x9aE\x0f;h\xdb\x04\x11\xc1\x08\xfaH\xa7\t\xbfF\x91\x01\x13\xa1\x87\xb6\xd9`\x96' >>> m.digest_size # Size of summary >>> m.block_size Size of the blocks within the #hash algorithm >>> () # Returns a string object, typically used in secure email or other non-binary environments. '553c9b50b1a89a9a450f3b68db0411c108fa48a709bf46910113a187b6d96096' >>>
Different algorithms are not equally secure, sha256 is more secure than sha1, but the more secure the algorithm is not only the slower it is, the longer the digest length is.
Abstract Algorithm Application
Storing user-entered passwords: The correct way to store a password is not to store the user's plaintext password, but to store a digest of the user's password, such as MD5.
Digest algorithms are widely used in many places. It is important to note that the digest algorithm is not a cryptographic algorithm and cannot be used for encryption (since it is not possible to backtrack plaintext through the digest), it can only be used for tamper-proofing, but its unidirectional computational properties dictate that it is possible to validate a user's passphrase without storing the plaintext passphrase.
Example:
The advantage of storing MD5 is that even if operations personnel have access to the database, they cannot learn the user's plaintext passphrase.
Design a function that validates a user's login and returns True or False depending on whether the user entered the correct passphrase:
# -*- coding: utf-8 -*-
db = {
'michael': 'e10adc3949ba59abbe56e057f20f883e',
'bob': '878ef96e86145580c38c87f0410ad153',
'alice': '99b1c2188db85afee403b1536010c2c9'
}
import hashlib
def calc_md5(password):
m = hashlib.md5()
(('utf-8'))
return ()
def login(user, password):
return db[user] == calc_md5(password)
# Testing.
assert login('michael', '123456')
assert login('bob', 'abc999')
assert login('alice', 'alice2008')
assert not login('michael', '1234567')
assert not login('bob', '123456')
assert not login('alice', 'Alice2008')
print('ok')
I hope the relevant points I've compiled will help, and I thank you for your support.