Package Crypto :: Package Hash :: Module HMAC
[frames] | no frames]

Module HMAC

HMAC (Hash-based Message Authentication Code) algorithm

HMAC is a MAC defined in RFC2104 and FIPS-198 and constructed using a cryptograpic hash algorithm. It is usually named HMAC-X, where X is the hash algorithm; for instance HMAC-SHA1 or HMAC-MD5.

The strength of an HMAC depends on:

An example of possible usage is the following:

>>> from Crypto.Hash import HMAC
>>> secret = b'Swordfish'
>>> h =
>>> h.update(b'Hello')
>>> print h.hexdigest()
Class that implements HMAC
new(key, msg=None, digestmod=None)
Create a new HMAC object.
  digest_size = None
The size of the authentication tag produced by the MAC. It matches the digest size on the underlying hashing module used.
Function Details

new(key, msg=None, digestmod=None)

Create a new HMAC object.
  • key (byte string) - key for the MAC object. It must be long enough to match the expected security level of the MAC. However, there is no benefit in using keys longer than the digest_size of the underlying hash algorithm.
  • msg (byte string) - The very first chunk of the message to authenticate. It is equivalent to an early call to HMAC.update(). Optional.
  • digestmod (A hash module or instantiated object from Crypto.Hash) - The hash to use to implement the HMAC. Default is Crypto.Hash.MD5.
An HMAC object