hashlib module
Introduction:
hashlib module is a module that provides string encryption function, including MD5 and SHA encryption algorithm. Specific encryption support includes:
MD5,sha1,sha224,sha256, sha384, sha512, blake2b,blake2s,sha3_224, sha3_256, sha3_384, sha3_512, shake_128, shake_256
This module is widely used in user login authentication and text encryption. Verification between documents and documents. This module is easy to call, so let's take a look at it.
Basic calls
- The basic steps and encryption algorithms are the same. Take MD5 encryption as an example:
- Create an MD5 Encryption Object
- After the string is converted to byte, the algorithm is encrypted
- Display in hexadecimal system
- Code:
# Import hashlib module
import hashlib
# Instantiate an MD5 encrypted object
md5 = hashlib.md5()
# Call the update method of the MD5 object to encrypt the string (here the encoding byte is passed in)
md5.update('hello'.encode('utf8'))
# Returns a double-length string containing only hexadecimal digits
ret = md5.hexdigest()
# Print encrypted returned string
print(ret)The encryption algorithms that can be created are: md5,sha1, sha224, sha256, sha384, sha512.
# Instantiate an MD5 encryption object md5 = hashlib.md5() # Instantiate a sha1 encrypted object sha1 = hashlib.sha1() # Instantiate a sha224 encrypted object sha224 = hashlib.sha224() # Instantiate a sha256 encryption object sha256 = hashlib.sha256()
If the amount of data is large, update() can be called several times in blocks, and the final results are the same.
md5 = hashlib.md5()
md5.update('how to use md5 in '.encode('utf8'))
md5.update('python hashlib?'.encode('utf8'))
print(md5.hexdigest())
new_md5 = hashlib.md5()
new_md5.update('how to use md5 in python hashlib?'.encode('utf8'))
print(new_md5.hexdigest())
# Result
d26a53750bc40b38b65a520292f69306
d26a53750bc40b38b65a520292f69306
Salt addition
Note: But usually such a password is equivalent to a fixed encrypted string. If someone writes such a dictionary, which stores various combinations of strings and corresponding MD5 encrypted strings, and then goes to the violence test, it will be possible to calculate our real password, so make sure to store them. User passwords are not MD5 of commonly used passwords that have been calculated. This method is implemented by adding a complex string to the original password, commonly known as "salt":
Code:
# String encryption without salt
new_md5 = hashlib.md5()
new_md5.update('how to use md5 in python hashlib?'.encode('utf8'))
print(new_md5.hexdigest())
# String encryption after salt addition
new_md5 = hashlib.md5('My dream is to rush out of the earth!'.encode('utf8')) # Salt addition
new_md5.update('how to use md5 in python hashlib?'.encode('utf8'))
print(new_md5.hexdigest())
# Result
d26a53750bc40b38b65a520292f69306
52841008c37295e291f426bbabe56f15Dynamic Salting
# The meaning is to use a variable where salt is added, such as a username.
user = input('user>>: ')
pwd = input('pwd>>: ')
md5 = hashlib.md5('{0}My dream is to visit all over the world.'.format(user).encode('utf8'))
md5.update(pwd.encode('utf8')) # Update password
print(md5.hexdigest())When checking files, the method of calculating MD5 value is too large.
def file_get_md5(file):
md5 = hashlib.md5()
with open(file, mode='rb') as fp: # Open the file
for line in fp: # loop
md5.update(line) # Each update
return md5.hexdigest()