nacl.hashlib¶
The nacl.hashlib
module exposes directly usable implementations
of raw constructs which libsodium exposes with simplified APIs, like the
ones in nacl.hash
and in nacl.pwhash
.
The blake2b
and scrypt()
implementations
are as API compatible as possible with the corresponding ones added
to cpython standard library’s hashlib module in cpython’s version 3.6.
- class nacl.hashlib.blake2b(data=b'', digest_size=BYTES, key=b'', salt=b'', person=b'')[source]¶
Returns an hash object which exposes an API mostly compatible to python3.6’s hashlib.blake2b (the only difference being missing support for tree hashing parameters in the constructor)
The methods
update()
,copy()
,digest()
andhexdigest()
have the same semantics as described in hashlib documentation.Each instance exposes the
digest_size
,block_size
name
properties as required by hashlib API.- MAX_DIGEST_SIZE¶
the maximum allowed value of the requested digest_size
- MAX_KEY_SIZE¶
the maximum allowed size of the password parameter
- PERSON_SIZE¶
the maximum size of the personalization
- SALT_SIZE¶
the maximum size of the salt
- nacl.hashlib.scrypt(password, salt='', n=2**20, r=8, p=1, maxmem=2**25, dklen=64)[source]¶
Derive a raw cryptographic key using the scrypt KDF.
- Parameters:
password (bytes) – the input password
salt (bytes) – a crypographically-strong random salt
n (int) – CPU/Memory cost factor
r (int) – block size multiplier: the used block size will be 128 * r
p (int) – requested parallelism: the number of independently running scrypt constructs which will contribute to the final key generation
maxmem (int) – maximum memory the whole scrypt construct will be entitled to use
dklen (int) – length of the derived key
- Returns:
a buffer dklen bytes long containing the derived key
- Raises:
nacl.exceptions.UnavailableError – If called when using a minimal build of libsodium.
Implements the same signature as the
hashlib.scrypt
implemented in cpython version 3.6The recommended values for n, r, p in 2012 were n = 2**14, r = 8, p = 1; as of 2016, libsodium suggests using n = 2**14, r = 8, p = 1 in a “interactive” setting and n = 2**20, r = 8, p = 1 in a “sensitive” setting.
The total memory usage will respectively be a little greater than 16MB in the “interactive” setting, and a little greater than 1GB in the “sensitive” setting.