tessl/pypi-pycryptodome
PyCryptodome is a self-contained Python package of low-level cryptographic primitives
—
Pending
cryptographic-hashing.mddocs/
Cryptographic Hashing
Comprehensive collection of cryptographic hash functions, message authentication codes, and extendable output functions. Includes traditional algorithms like SHA and MD families, modern SHA-3 variants, and specialized functions for advanced cryptographic protocols.
Capabilities
SHA Family Hash Functions
The Secure Hash Algorithm family providing strong cryptographic hashing with different output sizes and security levels.
# SHA-1 (legacy, avoid for new applications)
def SHA1.new(data=None):
"""Create SHA-1 hash object (160-bit output)."""
# SHA-2 Family (recommended)
def SHA224.new(data=None):
"""Create SHA-224 hash object (224-bit output)."""
def SHA256.new(data=None):
"""Create SHA-256 hash object (256-bit output)."""
def SHA384.new(data=None):
"""Create SHA-384 hash object (384-bit output)."""
def SHA512.new(data=None):
"""Create SHA-512 hash object (512-bit output)."""
# Common hash object interface
class SHA256Hash:
def update(self, data: bytes) -> None:
"""Add data to the hash computation."""
def digest(self) -> bytes:
"""Return the digest as bytes."""
def hexdigest(self) -> str:
"""Return the digest as hex string."""
def copy(self):
"""Create a copy of the hash object."""
digest_size: int # Output size in bytes
block_size: int # Internal block sizeSHA-3 Family
The latest SHA-3 standard providing Keccak-based hashing with resistance to length extension attacks.
def SHA3_224.new(data=None, update_after_digest=False):
"""
Create SHA3-224 hash object.
Parameters:
- data (bytes): Initial data to hash
- update_after_digest (bool): Allow updates after digest() called
Returns:
SHA3-224 hash object (224-bit output)
"""
def SHA3_256.new(data=None, update_after_digest=False):
"""Create SHA3-256 hash object (256-bit output)."""
def SHA3_384.new(data=None, update_after_digest=False):
"""Create SHA3-384 hash object (384-bit output)."""
def SHA3_512.new(data=None, update_after_digest=False):
"""Create SHA3-512 hash object (512-bit output)."""BLAKE2 Hash Functions
High-performance cryptographic hash functions optimized for software implementations, faster than SHA-2 while providing equivalent security.
def BLAKE2b.new(**kwargs):
"""
Create BLAKE2b hash object (up to 512-bit output).
Parameters:
- digest_bits (int): Output size in bits (default: 512)
- key (bytes): Optional key for keyed hashing
- salt (bytes): Optional salt
- person (bytes): Optional personalization
- data (bytes): Initial data
Returns:
BLAKE2b hash object
"""
def BLAKE2s.new(**kwargs):
"""Create BLAKE2s hash object (up to 256-bit output)."""MD Family (Legacy)
Message Digest algorithms for compatibility with legacy systems. Not recommended for new cryptographic applications.
def MD2.new(data=None):
"""Create MD2 hash object (128-bit output)."""
def MD4.new(data=None):
"""Create MD4 hash object (128-bit output)."""
def MD5.new(data=None):
"""Create MD5 hash object (128-bit output)."""RIPEMD
RIPEMD-160 hash function designed as an alternative to SHA-1.
def RIPEMD160.new(data=None):
"""Create RIPEMD-160 hash object (160-bit output)."""Extendable Output Functions (XOF)
Functions that can produce variable-length output, useful for key derivation and other cryptographic protocols.
# SHAKE (SHA-3 based XOF)
def SHAKE128.new(data=None):
"""
Create SHAKE128 XOF object.
Methods:
- update(data): Add input data
- read(length): Extract output bytes
"""
def SHAKE256.new(data=None):
"""Create SHAKE256 XOF object."""
# Customizable SHAKE (cSHAKE)
def cSHAKE128.new(data=None, custom=None):
"""
Create cSHAKE128 XOF with customization.
Parameters:
- data (bytes): Initial input data
- custom (bytes): Customization string
"""
def cSHAKE256.new(data=None, custom=None):
"""Create cSHAKE256 XOF with customization."""
# TurboSHAKE (high-performance XOF)
def TurboSHAKE128.new(domain_sep=0x1F):
"""Create TurboSHAKE128 XOF with domain separation."""
def TurboSHAKE256.new(domain_sep=0x1F):
"""Create TurboSHAKE256 XOF with domain separation."""
# KangarooTwelve (K12) - extremely fast XOF
def KangarooTwelve.new(custom=b""):
"""Create KangarooTwelve XOF with customization string."""Message Authentication Codes (MAC)
Cryptographic functions that provide both data integrity and authenticity verification using a secret key.
# HMAC - Hash-based MAC
def HMAC.new(key, msg=b"", digestmod=None):
"""
Create HMAC object for message authentication.
Parameters:
- key (bytes): Secret key
- msg (bytes): Initial message data
- digestmod: Hash algorithm (default: MD5, recommend SHA256)
Returns:
HMAC object with update/digest/verify methods
"""
class HMAC:
def update(self, data: bytes) -> None:
"""Add data to MAC computation."""
def digest(self) -> bytes:
"""Return MAC value as bytes."""
def hexdigest(self) -> str:
"""Return MAC value as hex string."""
def verify(self, mac_tag: bytes) -> None:
"""Verify MAC tag (raises ValueError if invalid)."""
def copy(self):
"""Create copy of HMAC object."""
# CMAC - Cipher-based MAC
def CMAC.new(key, msg=None, ciphermod=None, cipher_params=None, mac_len=None):
"""
Create CMAC object using block cipher.
Parameters:
- key (bytes): Secret key
- msg (bytes): Initial message
- ciphermod: Cipher module (e.g., AES)
- cipher_params (dict): Additional cipher parameters
- mac_len (int): MAC length in bytes
Returns:
CMAC object with update/digest/verify methods
"""
# Poly1305 - High-speed MAC
def Poly1305.new(key, nonce=None, cipher=None):
"""
Create Poly1305 MAC object.
Parameters:
- key (bytes): 32-byte secret key
- nonce (bytes): Nonce for cipher mode
- cipher: Optional cipher for one-time key derivation
Returns:
Poly1305 MAC object
"""Specialized Hash Functions
Advanced hash functions for specific cryptographic protocols and applications.
# KMAC - Keccak-based MAC and PRF
def KMAC128.new(key, custom=b""):
"""
Create KMAC128 object (Keccak-based MAC).
Parameters:
- key (bytes): Secret key
- custom (bytes): Customization string
Returns:
KMAC object with update/digest methods and variable output
"""
def KMAC256.new(key, custom=b""):
"""Create KMAC256 object."""
# TupleHash - Hash tuples of strings
def TupleHash128.new(custom=b""):
"""
Create TupleHash128 for hashing tuples.
Methods:
- update(data_tuple): Hash tuple of byte strings
- digest(length): Get fixed-length output
"""
def TupleHash256.new(custom=b""):
"""Create TupleHash256 for hashing tuples."""Usage Patterns
Basic Hashing
from Crypto.Hash import SHA256
# Single-step hashing
hash_obj = SHA256.new(b"data to hash")
digest = hash_obj.digest()
# Incremental hashing
hash_obj = SHA256.new()
hash_obj.update(b"first chunk")
hash_obj.update(b"second chunk")
final_digest = hash_obj.digest()Message Authentication
from Crypto.Hash import HMAC, SHA256
# HMAC for message authentication
key = b"secret_key"
message = b"message to authenticate"
hmac_obj = HMAC.new(key, message, SHA256)
mac_tag = hmac_obj.digest()
# Verification
hmac_obj = HMAC.new(key, message, SHA256)
try:
hmac_obj.verify(mac_tag)
print("Message is authentic")
except ValueError:
print("Message authentication failed")Extendable Output Functions
from Crypto.Hash import SHAKE256
# Variable-length output
shake = SHAKE256.new()
shake.update(b"input data")
output1 = shake.read(32) # Get 32 bytes
output2 = shake.read(64) # Get another 64 bytesCommon Hash Object Interface
All hash objects implement a consistent interface:
class HashObjectInterface:
def update(self, data: bytes) -> None:
"""Add data to hash computation."""
def digest(self) -> bytes:
"""Get hash digest as bytes."""
def hexdigest(self) -> str:
"""Get hash digest as hex string."""
def copy(self):
"""Create copy of hash state."""
digest_size: int # Output size in bytes
block_size: int # Internal block size in bytesError Handling
ValueError: Invalid key size, parameters, or verification failureTypeError: Incorrect parameter types- Hash function specific exceptions for invalid states or operations
Install with Tessl CLI
npx tessl i tessl/pypi-pycryptodome