14.2. hmac — Keyed-Hashing for Message Authentication
This module implements the HMAC algorithm as described by RFC 2104.
-
hmac.new(key, msg=None, digestmod=None)
- Return a new hmac object. key is a bytes object giving the secret key. If
msg is present, the method call update(msg) is made. digestmod is
the digest constructor or module for the HMAC object to use. It defaults to
the hashlib.md5() constructor.
An HMAC object has the following methods:
-
hmac.update(msg)
- Update the hmac object with the bytes object msg. Repeated calls are
equivalent to a single call with the concatenation of all the arguments:
m.update(a); m.update(b) is equivalent to m.update(a + b).
-
hmac.digest()
- Return the digest of the bytes passed to the update() method so far.
This bytes object will be the same length as the digest_size of the digest
given to the constructor. It may contain non-ASCII bytes, including NUL
bytes.
-
hmac.hexdigest()
- Like digest() except the digest is returned as a string twice the
length containing only hexadecimal digits. This may be used to exchange the
value safely in email or other non-binary environments.
-
hmac.copy()
- Return a copy (“clone”) of the hmac object. This can be used to efficiently
compute the digests of strings that share a common initial substring.
See also
- Module hashlib
- The Python module providing secure hash functions.
