Message Authentication Codes

A message authentication code (MAC) is a short piece of information used to authenticate a message — in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

wolfcrypt implements the Hash-based message authentication code (HMAC), which uses a cryptographic hash function coupled with a secret key to produce message authentication codes.

Hmac Classes

Interface

All Hmac classes available in this module implements the following interface:

class wolfcrypt.hashes._Hmac(key, string=None)[source]

A PEP 247: Cryptographic Hash Functions compliant Keyed Hash Function Interface.

classmethod new(key, string=None)[source]

Creates a new hashing object and returns it. key is a required parameter containing a string giving the key to use. The optional string parameter, if supplied, will be immediately hashed into the object’s starting state, as if obj.update(string) was called.

copy()

Returns a separate copy of this hashing object. An update to this copy won’t affect the original object.

digest()

Returns the hash value of this hashing object as a string containing 8-bit data. The object is not altered in any way by this function; you can continue updating the object after calling this function.

hexdigest()

Returns the hash value of this hashing object as a string containing hexadecimal digits. Lowercase letters are used for the digits ‘a’ through ‘f’. Like the .digest() method, this method doesn’t alter the object.

update(string)

Hashes string into the current state of the hashing object. update() can be called any number of times during a hashing object’s lifetime.

SHA-1

Attention

NIST has deprecated SHA-1 in favor of the SHA-2 variants. New applications are strongly suggested to use SHA-2 over SHA-1.

class wolfcrypt.hashes.HmacSha(key, string=None)[source]

A HMAC function using SHA-1 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

SHA-2 family

class wolfcrypt.hashes.HmacSha256(key, string=None)[source]

A HMAC function using SHA-256 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

class wolfcrypt.hashes.HmacSha384(key, string=None)[source]

A HMAC function using SHA-384 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

class wolfcrypt.hashes.HmacSha512(key, string=None)[source]

A HMAC function using SHA-512 as it’s cryptographic hash function.

It produces a [ 512-bit | 64 bytes ] message digest.

Example

>>> from wolfcrypt.hashes import HmacSha256
>>>
>>> h = HmacSha256('secret')
>>> h.update("wolf")
>>> h.update("crypt")
>>> h.digest()
b'\x18\xbf*\t9\xa2o\xdf\\\xc8\xe0\xc2U\x94,\x8dY\x02;\x1c<Q\xdf\x8d\xdb\x863\xfb\xc1f#o'
>>> h.hexdigest()
b'18bf2a0939a26fdf5cc8e0c255942c8d59023b1c3c51df8ddb8633fbc166236f'
>>>
>>> h.update("rocks")
>>> h.hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'
>>>
>>> HmacSha256('secret', 'wolfcryptrocks').hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'
>>>
>>> HmacSha256.new('secret', 'wolfcryptrocks').hexdigest()
b'85dc8c1995d20b17942d52773d8a597d028ad958e5736beafb59a4742f63889e'