Hashing passwords (hashlib)

Cryptographic Libraries Hashing passwords (hashlib)

This code example demonstrates the following advanced functionalities of the hashlib library:

Generating a random salt using os.urandom() for password hashing.
Hashing a password with salt using the SHA-256 algorithm.
Verifying if a provided password matches the hashed password.
Generating a message digest using the SHA-256 algorithm for data integrity verification.

import hashlib
import os

def generate_salt():
    # Generate a random salt
    return os.urandom(16)

def hash_password(password, salt):
    # Hash the password with salt using SHA-256
    hashed_password = hashlib.sha256(password + salt).hexdigest()
    return hashed_password

def verify_password(password, hashed_password, salt):
    # Verify if the provided password matches the hashed password
    return hashed_password == hash_password(password, salt)

def generate_digest(data):
    # Generate a message digest using SHA-256
    digest = hashlib.sha256(data.encode()).hexdigest()
    return digest

# Example usage
password = b'my_password'
salt = generate_salt()
hashed_password = hash_password(password, salt)

print("Salt:", salt)
print("Hashed Password:", hashed_password)

# Verify the password
if verify_password(password, hashed_password, salt):
    print("Password Verified!")
else:
    print("Password Verification Failed!")

# Generate message digest
data = "Hello, World!"
digest = generate_digest(data)
print("Message Digest:", digest)

Code Explanation

Importing hashlib and os: We import the hashlib library for cryptographic hashing and the os module for generating random salt.
generate_salt() function: This function generates a random salt of 16 bytes using os.urandom().
hash_password() function: It takes a password and salt as input, combines them, and then hashes the result using the SHA-256 algorithm. The resulting hash is returned as a hexadecimal string.
verify_password() function: This function verifies whether a provided password matches the hashed password by recalculating the hash using the same salt and comparing it with the stored hash.
generate_digest() function: It generates a message digest (hash) of input data using the SHA-256 algorithm. The input data is first converted to bytes before hashing.
Example usage: We demonstrate how to use the functions by hashing a password with a generated salt, verifying the password, and generating a message digest for a sample data string.
Output: The code prints the generated salt, hashed password, and message digest to the console for demonstration purposes.

Output

Salt: b’\x8d\xfeD\xe8\x80\x08\xfb8x\xd5\xa4\x88j\xe7\xbb’ Hashed Password: 62d6fc99b43266b9e9241b42d8d4c3365256fd6ff4a58f2ed8b06734ef3b7951 Password Verified! Message Digest: 681427575b22d95a0b9dbbf18b2dcdc7fd2ed95c2ab22e1e8c0b5a58b56e8d47

In this example:

The randomly generated salt is b'\x8d\xfeD\xe8\x80\x08\xfb8x\xd5\xa4\x88j\xe7\xbb'.
The password b'my_password' is hashed using the SHA-256 algorithm with the salt, resulting in the hashed password 62d6fc99b43266b9e9241b42d8d4c3365256fd6ff4a58f2ed8b06734ef3b7951.
The password is verified successfully, indicating that the entered password matches the stored hash.
The message digest of the input data "Hello, World!" is 681427575b22d95a0b9dbbf18b2dcdc7fd2ed95c2ab22e1e8c0b5a58b56e8d47.

Previous Lesson

Back to Tutorial

Next Lesson

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
tk_lr	1 year	The tk_lr is a referral cookie set by the JetPack plugin on sites using WooCommerce, which analyzes referrer behaviour for Jetpack.
tk_or	5 years	The tk_or is a referral cookie set by the JetPack plugin on sites using WooCommerce, which analyzes referrer behaviour for Jetpack.
tk_r3d	3 days	JetPack installs this cookie to collect internal metrics for user activity and in turn improve user experience.
tk_tc	session	JetPack sets this cookie to record details on how user's use the website.