Secure Hashes and Message Digest in Python

The hashlib module in Python provides a common interface for secure hash algorithms like SHA1, SHA224, SHA256, SHA512, and RSA's MD5. These algorithms are essential for data integrity verification, password storage, and digital signatures.

To use hashlib, import it at the beginning of your Python code ?

import hashlib

Available Hash Algorithms

You can check which algorithms are available on your system ?

import hashlib

print("Guaranteed algorithms:", hashlib.algorithms_guaranteed)
print("Available algorithms:", hashlib.algorithms_available)

Guaranteed algorithms: {'sha3_224', 'sha256', 'sha3_256', 'md5', 'sha1', 'sha224', 'sha512', 'sha3_384', 'sha384', 'sha3_512'}
Available algorithms: {'sha3_224', 'sha256', 'sha3_256', 'md5', 'sha1', 'sha224', 'sha512', 'sha3_384', 'sha384', 'sha3_512', 'blake2b', 'blake2s'}

Creating Hash Objects

Create hash objects using specific algorithm constructors or the generic new() method ?

import hashlib

# Method 1: Using specific constructors
hash_md5 = hashlib.md5()
hash_sha256 = hashlib.sha256()

# Method 2: Using new() with algorithm name
hash_sha1 = hashlib.new('sha1')

print("MD5 digest size:", hash_md5.digest_size)
print("SHA256 digest size:", hash_sha256.digest_size)
print("SHA1 digest size:", hash_sha1.digest_size)

MD5 digest size: 16
SHA256 digest size: 32
SHA1 digest size: 20

Hashing Data

Use update() to feed data and hexdigest() to get the hash result ?

import hashlib

data = b'Python123'

# MD5 hash
md5_hash = hashlib.md5()
md5_hash.update(data)
print("MD5 hash:", md5_hash.hexdigest())

# SHA256 hash
sha256_hash = hashlib.sha256()
sha256_hash.update(data)
print("SHA256 hash:", sha256_hash.hexdigest())

MD5 hash: ae35eacb1cb6f6d38c29a04ecb2d7471
SHA256 hash: bba32ba33d6a7f3e02a96e2d7ee6860765780aee42b878007369e373ff419b1e

Hashing Strings vs Bytes

Hash functions require bytes input. Encode strings before hashing ?

import hashlib

# Hashing a string (must encode to bytes)
text = "Hello World"
hash_obj = hashlib.sha1()
hash_obj.update(text.encode('utf-8'))
print("SHA1 of 'Hello World':", hash_obj.hexdigest())

# Alternative: Direct bytes input
hash_obj2 = hashlib.sha1(b"Hello World")
print("Direct bytes input:", hash_obj2.hexdigest())

SHA1 of 'Hello World': 0a4d55a8d778e5022fab701977c5d840bbc486d0
Direct bytes input: 0a4d55a8d778e5022fab701977c5d840bbc486d0

Comparison of Hash Methods

digest() vs hexdigest()

The digest() method returns raw bytes, while hexdigest() returns a hexadecimal string ?

import hashlib

data = b"Python"
hash_obj = hashlib.sha256(data)

print("Raw bytes:", hash_obj.digest())
print("Hex string:", hash_obj.hexdigest())
print("Length of raw bytes:", len(hash_obj.digest()))
print("Length of hex string:", len(hash_obj.hexdigest()))

Raw bytes: b')\x81G\xfd\xd4\x15b\x83\x96\x99\x8d\x1d\xd2\x1b\x9f\xdf\xf7\xde\xceR\xd9V"\xb2\xa8\xc4i\x92\xc0\x801f\xe5'
Hex string: 298147fdd415628396998d1dd21b9fdff7deced52d9d5622b2a8c46992c080316e5
Length of raw bytes: 32
Length of hex string: 64

Conclusion

Use SHA256 or SHA512 for secure applications, as MD5 and SHA1 are cryptographically broken. The hashlib module provides easy-to-use hash functions for data integrity and security purposes in Python.