Message Authentication Codes¶

A message authentication code (MAC) is a short piece of information used to authenticate a message — in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

wolfcrypt implements the Hash-based message authentication code (HMAC), which uses a cryptographic hash function coupled with a secret key to produce message authentication codes.

Hmac Classes¶

Interface¶

All Hmac classes available in this module implements the following interface:

class wolfcrypt.hashes._Hmac(key, string=None)[source]¶

A PEP 247: Cryptographic Hash Functions compliant Keyed Hash Function Interface.

classmethod new(key, string=None)[source]¶: Creates a new hashing object and returns it. key is a required parameter containing a string giving the key to use. The optional string parameter, if supplied, will be immediately hashed into the object’s starting state, as if obj.update(string) was called.

copy()¶: Returns a separate copy of this hashing object. An update to this copy won’t affect the original object.

digest()¶: Returns the hash value of this hashing object as a string containing 8-bit data. The object is not altered in any way by this function; you can continue updating the object after calling this function.

hexdigest()¶: Returns the hash value of this hashing object as a string containing hexadecimal digits. Lowercase letters are used for the digits ‘a’ through ‘f’. Like the .digest() method, this method doesn’t alter the object.

update(string)¶: Hashes string into the current state of the hashing object. update() can be called any number of times during a hashing object’s lifetime.

SHA-1¶

Attention

NIST has deprecated SHA-1 in favor of the SHA-2 variants. New applications are strongly suggested to use SHA-2 over SHA-1.

class wolfcrypt.hashes.HmacSha(key, string=None)[source]¶

A HMAC function using SHA-1 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

SHA-2 family¶

class wolfcrypt.hashes.HmacSha256(key, string=None)[source]¶

A HMAC function using SHA-256 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

class wolfcrypt.hashes.HmacSha384(key, string=None)[source]¶

A HMAC function using SHA-384 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

class wolfcrypt.hashes.HmacSha512(key, string=None)[source]¶

A HMAC function using SHA-512 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

Example¶

>>> from wolfcrypt.hashes import HmacSha256
>>>
>>> h = HmacSha256('secret')
>>> h.update("wolf")
>>> h.update("crypt")
>>> h.digest()
b'\x18\xbf*\t9\xa2o\xdf\\\xc8\xe0\xc2U\x94,\x8dY\x02;\x1c<Q\xdf\x8d\xdb\x863\xfb\xc1f#o'
>>> h.hexdigest()
b'18bf2a0939a26fdf5cc8e0c255942c8d59023b1c3c51df8ddb8633fbc166236f'
>>>
>>> h.update("rocks")
>>> h.hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'
>>>
>>> HmacSha256('secret', 'wolfcryptrocks').hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'
>>>
>>> HmacSha256.new('secret', 'wolfcryptrocks').hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'