Introduction to HMAC & Using in Python
HMAC stands for Hash-base Message Authentication Code, it is key based message digest algorithm which can be used for verifying the integrity of the message (i.e. the original message from which the hash is generated) or to verify the authenticity of the sender of the message or both. Nowadays, HMAC is being widely used in various systems & domains, like server-to-server communications, Web Service APIs, etc. A well known use of HMAC is in Amazon's AWS API calls where the signature is generated using HMAC.
HMAC can use a variety of hashing algorithms, like MD5, SHA1, SHA256, etc. HMAC function is not very processing intensive, so it has been widely accepted, and it is relatively easy to implement in mobile & embedded devices too while maintaining decent security.
Since Python version 2.2 the HMAC module comes with Python installation, and the hashing library hashlib comes with the Python installation from version 2.5 onwards, in case you are having Python versions lesser than earlier mentioned, you'll need to manually install the HMAC/hashlib libraries.
Once you are all set, creating the HMAC digest is pretty simple, follow the next code example where we'll generate a HMAC-MD5 digest with Python code:
That was easy, now I'll demonstrate a real-world example of generating Amazon S3 sharing file URL:
|All times are GMT +5.5. The time now is 11:25.|