Python’s standard library hashlib module allows you to easily generate hash values (message digests) from strings or files.
Hash values are widely used for security and data integrity checks, such as password storage and file tampering detection.
1. Main Hash Generation Functions
The hashlib module provides constructor functions corresponding to each algorithm. These functions accept byte sequences as arguments and return hash objects.
| Function Name | Algorithm | Return Value | Note |
hashlib.sha256(data) | SHA-256 | Hash Object | Current standard algorithm (Recommended). |
hashlib.sha1(data) | SHA-1 | Hash Object | Deprecated except for compatibility (Vulnerable). |
hashlib.md5(data) | MD5 | Hash Object | Fast but low collision resistance. Not recommended for security. |
Note: The data argument must be of type bytes.
2. Hash Object Methods
To retrieve the actual hash value from the generated object, use the following methods. hexdigest() is commonly used as it is easier to handle.
| Method Name | Return Type | Description |
hexdigest() | str (String) | Returns the hash value as a hexadecimal string (e.g., 5e884...). |
digest() | bytes (Bytes) | Returns the hash value as raw binary data. |
Implementation Example: Hashing a Password
In this example, we will hash a user-input password using the SHA-256 algorithm and obtain a hexadecimal string suitable for database storage.
Source Code
import hashlib
# 1. String to hash (e.g., user password)
raw_password = "my_secret_p@ssw0rd"
# 2. Generate Hash Object
# Strings (str) must be converted to bytes using .encode() before passing
# Here we use the SHA-256 algorithm
hash_obj = hashlib.sha256(raw_password.encode('utf-8'))
# 3. Retrieve Hash Value
# Extract as a hexadecimal string using hexdigest()
password_hash = hash_obj.hexdigest()
print(f"Original String: {raw_password}")
print("-" * 50)
print(f"Algorithm : {hash_obj.name}")
print(f"Hash Value : {password_hash}")
# SHA-256 produces 64 characters (256 bits)
print(f"Length : {len(password_hash)} characters")
Execution Result
Original String: my_secret_p@ssw0rd
--------------------------------------------------
Algorithm : sha256
Hash Value : 34b1593979848773950f5803964952554625f5431668c6870c26569260c5a396
Length : 64 characters
Explanation
Steps for Hashing
- Encoding: Hash functions only accept “byte sequences.” If you have a string, you must convert it to bytes using
.encode("utf-8"). - Algorithm Selection: For security-critical applications (such as password storage), algorithms with strength equal to or greater than SHA-256 are recommended. Since MD5 and SHA-1 have risks of “collision” (where different data produces the same hash), they are currently limited primarily to uses like checksums (corruption detection).
Characteristics of Hashing
Hashing is an irreversible transformation. It is practically impossible to reverse-calculate the original string my_secret_p@ssw0rd from the generated hash string 34b15....
