BLAKE2s
BLAKE2s is an optimized variant of BLAKE, one of the SHA-3 candidates that made it to the final round of the NIST hash competition. It is specified in RFC7693.
The algorithm uses 32 bit words, and it therefore works best on 32-bit platforms. The digest size ranges from 8 to 256 bits:
>>> from Crypto.Hash import BLAKE2s
>>>
>>> h_obj = BLAKE2s.new(digest_bits=256)
>>> h_obj.update(b'Some data')
>>> print h_obj.hexdigest()
Optionally, BLAKE2s can work as a cryptographic MAC when initialized with a secret key:
>>> from Crypto.Hash import BLAKE2s
>>>
>>> mac = BLAKE2s.new(digest_bits=128, key=b'secret')
>>> mac.update(b'Some data')
>>> print mac.hexdigest()
- class Crypto.Hash.BLAKE2s.BLAKE2s_Hash(data, key, digest_bytes, update_after_digest)
A BLAKE2s hash object. Do not instantiate directly. Use the
new()
function.- Variables
oid (string) – ASN.1 Object ID
block_size (integer) – the size in bytes of the internal message block, input to the compression function
digest_size (integer) – the size in bytes of the resulting hash
- digest()
Return the binary (non-printable) digest of the message that has been hashed so far.
- Returns
The hash digest, computed over the data processed so far. Binary form.
- Return type
byte string
- hexdigest()
Return the printable digest of the message that has been hashed so far.
- Returns
The hash digest, computed over the data processed so far. Hexadecimal encoded.
- Return type
string
- hexverify(hex_mac_tag)
Verify that a given printable MAC (computed by another party) is valid.
- Parameters
hex_mac_tag (string) – the expected MAC of the message, as a hexadecimal string.
- Raises
ValueError – if the MAC does not match. It means that the message has been tampered with or that the MAC key is incorrect.
- update(data)
Continue hashing of a message by consuming the next chunk of data.
- Parameters
data (byte string/byte array/memoryview) – The next chunk of the message being hashed.
- verify(mac_tag)
Verify that a given binary MAC (computed by another party) is valid.
- Parameters
mac_tag (byte string/byte array/memoryview) – the expected MAC of the message.
- Raises
ValueError – if the MAC does not match. It means that the message has been tampered with or that the MAC key is incorrect.
- Crypto.Hash.BLAKE2s.new(**kwargs)
Create a new hash object.
- Parameters
data (byte string/byte array/memoryview) – Optional. The very first chunk of the message to hash. It is equivalent to an early call to
BLAKE2s_Hash.update()
.digest_bytes (integer) – Optional. The size of the digest, in bytes (1 to 32). Default is 32.
digest_bits (integer) – Optional and alternative to
digest_bytes
. The size of the digest, in bits (8 to 256, in steps of 8). Default is 256.key (byte string) – Optional. The key to use to compute the MAC (1 to 64 bytes). If not specified, no key will be used.
update_after_digest (boolean) – Optional. By default, a hash object cannot be updated anymore after the digest is computed. When this flag is
True
, such check is no longer enforced.
- Returns
A
BLAKE2s_Hash
hash object