Python之hmac模块的使用
2024-09-02 11:33:10
hmac模块的作用:
用于验证信息的完整性。
1、hmac消息签名(默认使用MD5加算法)
#!/usr/bin/env python
# -*- coding: utf-8 -*- import hmac #默认使用是md5算法
digest_maker = hmac.new('secret-shared-key'.encode('utf-8'))
with open('content.txt', 'rb') as f:
while True:
block = f.read(1024)
if not block:
break
digest_maker.update(block)
digest = digest_maker.hexdigest()
print(digest)
hmac_md5.py
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec
egestas, enim et consectetuer ullamcorper, lectus ligula rutrum leo, a
elementum elit tortor eu quam. Duis tincidunt nisi ut ante. Nulla
facilisi. Sed tristique eros eu libero. Pellentesque vel arcu. Vivamus
purus orci, iaculis ac, suscipit sit amet, pulvinar eu,
lacus. Praesent placerat tortor sed nisl. Nunc blandit diam egestas
dui. Pellentesque habitant morbi tristique senectus et netus et
malesuada fames ac turpis egestas. Aliquam viverra fringilla
leo. Nulla feugiat augue eleifend nulla. Vivamus mauris. Vivamus sed
mauris in nibh placerat egestas. Suspendisse potenti. Mauris massa. Ut
eget velit auctor tortor blandit sollicitudin. Suspendisse imperdiet
justo.
content.txt
运行效果
[root@ mnt]# python3 hmac_md5.py
79cbf5942e8f67be558bc28610c02117
2、hmac消息签名摘要(使用SHA1加算法)
#!/usr/bin/env python
# -*- coding: utf-8 -*- import hmac digest_maker = hmac.new('secret-shared-key'.encode('utf-8'), b'', digestmod='sha1')
# hmac.new(key,msg,digestmod)
# key:加盐的key,
# msg:加密的内容,
# digestmod:加密的方式 with open('hmac_sha1.py', 'rb') as f:
while True:
block = f.read(1024)
if not block:
break
digest_maker.update(block)
digest = digest_maker.hexdigest()
print(digest)
hmac_sha1.py
运行效果
[root@ mnt]# python3 hmac_sha1.py
e5c012eac5fa76a274f77ee678e6cc98cad8fff9
3、hmac二进制消息签名摘要(使用SHA1加算法)
#!/usr/bin/env python
# -*- coding: utf-8 -*- import hmac
import base64
import hashlib with open('test.py', 'rb') as f:
body = f.read() # 默认使用是md5算法
digest_maker = hmac.new('secret-shared-key'.encode('utf-8'), body, hashlib.sha1)
# hmac.new(key,msg,digestmod)
# key:加盐的key,
# msg:加密的内容,
# digestmod:加密的方式 digest = digest_maker.digest() # 默认内容是字节类型,所以需要base64
print(base64.encodebytes(digest)) #注意base64结果是以\n结束,所以Http头部或其它传输时,需要去除\n
hmac_base64.py
运行效果
[root@ mnt]# python3 hmac_base64.py
b'Y9a4OMRqU4DB6Ks/hGfru+MNXAw=\n'
4、hmac摘要数据比较示例
#!/usr/bin/env python
# -*- coding: utf-8 -*- import hashlib
import hmac
import io
import pickle def make_digest(message):
"返消息摘要,加密码后的结果"
hash = hmac.new(
'secret-shared-key'.encode('utf-8'),
message,
hashlib.sha1
)
return hash.hexdigest().encode('utf-8') class SimpleObject(object):
def __init__(self, name):
self.name = name def __str__(self):
return self.name # 输出缓冲区
out_s = io.BytesIO()
o = SimpleObject('digest matches')
pickle_data = pickle.dumps(o) # 序列化
digest = make_digest(pickle_data) # 使用sha1加密算法
header = b'%s %d\n' % (digest, len(pickle_data))
print('提示:{}'.format(header))
out_s.write(header) # 将消息头写入缓冲区
out_s.write(pickle_data) # 将序列化内容写入缓冲区 o = SimpleObject('digest does not matches')
pickle_data = pickle.dumps(o)
digest = make_digest(b'not the pickled data at all')
header = b'%s %d\n' % (digest, len(pickle_data))
print('提示:{}'.format(header))
out_s.write(header) # 将消息头写入缓冲区
out_s.write(pickle_data) # 将序列化内容写入缓冲区
out_s.flush() # 刷新缓冲区 # 输入缓冲区
in_s = io.BytesIO(out_s.getvalue()) while True:
first_line = in_s.readline()
if not first_line:
break
incoming_digest, incoming_length = first_line.split(b' ')
incoming_length = int(incoming_length.decode('utf-8'))
print('读取到:', incoming_digest, incoming_length) incoming_pickled_data = in_s.read(incoming_length) actual_digest = make_digest(incoming_pickled_data) # 实际的摘要
print('实际值:', actual_digest) if hmac.compare_digest(actual_digest, incoming_digest): # 比较两个摘要是否相等
obj = pickle.loads(incoming_pickled_data)
print('OK:', obj)
else:
print('数据不完整')
hmac_pickle.py
运行效果
[root@ mnt]# python3 hmac_pickle.py
提示:b'00e080735a8de379e19fe2aa731c92fc9253a6e2 69\n'
提示:b'1d147690f94ea374f6f8c3767bd5a5f9a8989a53 78\n'
读取到: b'00e080735a8de379e19fe2aa731c92fc9253a6e2'
实际值: b'00e080735a8de379e19fe2aa731c92fc9253a6e2'
OK: digest matches
读取到: b'1d147690f94ea374f6f8c3767bd5a5f9a8989a53'
实际值: b'4dcaad9b05bbb67b571a64defa52e8960a27c45d'
数据不完整
最新文章
- Arrays和Collection之间的转换
- js封装、简单实例源码记录
- [转]Android 学习资料分享(2015 版)
- loj 1036(dp)
- 设置mariadb字符集为utf8
- jquery ajax GET POST 跨域请求实现
- 为Mono安装MySql连接驱动
- git的使用说明详解
- java入门学习(九) 算术运算符
- PHPCMS v9 列表页实现文件下砸
- 搭建内网的NTP时间服务器
- day07 Cookie 和 Session(非常重要)
- 剑指offer面试题5 从头到尾打印链表(c)
- [九]JavaIO之ObjectInputStream 和 ObjectOutputStream
- web自动化测试python+selenium学习总结----python环境安装
- Github远程仓库提交代码步骤
- 【React】开发一个城市选择控件
- bzoj1206-[HNOI2005]虚拟内存
- 序列化serialize与反序列化unserialize
- 虚拟机---vmmare15安装centos7.4