# Hashlib and Argon2

## Hashlib

In [None]:
## Import hashlib ##
import hashlib

In [22]:
## Get a list of hash algorithms from this module that is supported on all platforms ##
hashlib.algorithms_guaranteed

{'blake2b',
 'blake2s',
 'md5',
 'sha1',
 'sha224',
 'sha256',
 'sha384',
 'sha3_224',
 'sha3_256',
 'sha3_384',
 'sha3_512',
 'sha512',
 'shake_128',
 'shake_256'}

### Hashing a string with md5

In [25]:
## Importing md5 from hashlib ##
from hashlib import md5

## Getting the md5 hash ##
hash_result = md5(b'this is just a regular string')

## printing the the hash result ##
print(hash_result.hexdigest())

f3c73138df6f00be0c8e83ba14e58e2e


### Hashing a string with sha512

In [2]:
## Importing sha512 from hashlib ##
from hashlib import sha512

## Getting the sha512 hash ##
sha512_hash_result = sha512(b'this is just a regular string')

## Printing the has result ##
print(sha512_hash_result.hexdigest())

a593be50301801c5a45e8d710db09dbdd863b0eb4f2e854030f0a45d2d5a1876de9018e505e38480b3f21217eb9c7bddefc8c91495886781641a7ca497eabaed


### Using the .update method

In [4]:
## Importing md5 from hashlib ##
from hashlib import md5

## Hashing the original string using the md5 algorithm ##
md5_hash_result = md5(b"we are going to hash this sentence then add a few words to it")

## Original hash computed from orginal string ##
print('Hash of original string: ', md5_hash_result.hexdigest())

## Adding a few words to the sentence using the .update method ##
md5_hash_result.update(b'new words to add')

## The .update method concatenates the two strings for us "previous string" + "new string" ##

##  The hash result of the updated string ##
print('Hash result of updated string: ', md5_hash_result.hexdigest())


Hash of original string:  ceb2ba3119c7dfd284fda44234d7aa03
Hash result of updated string:  2efe5a96afb4cbd1739c186cbc44d920


In [5]:
md5_hash_result.digest_size

16

### Determining the digest_size

In [11]:
## Importing md5 from hashlib ##
from hashlib import md5

## calcuate the md5 hash of a string ##
md5_hash = md5(b'this is an example string')

## print the md5 hash of the string ##
print('The md5 hash is: ', md5_hash.hexdigest())

## Determining the digest size of the md5 hash returned above ##

print('The digest size is:', md5_hash.digest_size)

The md5 hash is:  f8a7c62be8a16e280bbbce4cd3142b1f
The digest size is: 16


### Password Hashing using .pbkdf2_hmac

In [15]:
## Importing hashlib ##

import hashlib

## Import sha256 from hashlib ##

from hashlib import sha256

## Parameters that will be used to obtain the derived_key ##

# hash_name: sha256
# password: p@ssword2020
# salt: s@1t123!!
# iterations: 100000
# dklen: None

## Obtaining the derived key ##
derived_key = hashlib.pbkdf2_hmac('sha256', b'p@ssword2020', b's@1t123!!', 100000, dklen=None)

# Print the derived_key
print('The derived_key is: ', derived_key.hex())


The derived_key is:  168f865cdec571999b253a00c2e140d7dddd96ab2e266523a0a9594929db06f8


## Argon2

In [17]:
# Installing argon2

pip install argon2-cffi

In [7]:
# Install a pip package in the current Jupyter kernel
import sys
# !{sys.executable} -m pip install argon2-cffi
!{sys.executable} -m pip install binascii

[31mERROR: Could not find a version that satisfies the requirement binascii (from versions: none)[0m
[31mERROR: No matching distribution found for binascii[0m


### Using Argon2 for secure password hashing

In [6]:
# Importing argon2

from argon2 import PasswordHasher

# Obtaining a derived key from a password

password_hasher = PasswordHasher()

argon2_derived_key = password_hasher.hash('p@ssword2020')

print('The derived key using the agron2 key derivation algorith is: ', argon2_derived_key)


The derived key using the agron2 key derivation algorith is:  $argon2id$v=19$m=102400,t=2,p=8$Pf4NoKzgePJSQ7o1QTvuLQ$LiDfCPkQrboIkD2InnclBQ


In [15]:
# Importing argon2, binascii, base64

import binascii, base64
from argon2 import PasswordHasher

# Obtaining a derived key from a password

password_hasher = PasswordHasher()
argon2_derived_key = password_hasher.hash("p@ssword2020")

print('The derived key (in binary format) using the agron2 key derivation algorithm is: ', argon2_derived_key)

# Convert the returned argon2_derived_key to data bytes then convert the data bytes to base46

argon2_derived_key_to_data_bytes = argon2_derived_key.encode("utf-8")

argon2_derived_key_byte_obj = base64.b64encode(argon2_derived_key_to_data_bytes)

argon2_derived_key_hex_version = binascii.hexlify(argon2_derived_key_byte_obj)

print('The derived key (in ascii hex format) using the agron2 key derivation algorithm is: ', argon2_derived_key_hex_version)


The derived key (in binary format) using the agron2 key derivation algorithm is:  $argon2id$v=19$m=102400,t=2,p=8$SkQZc4HRqAwjg8IofKRnVg$RXdh9ELUy7r4iYSviZWvgA
The derived key (in ascii hex format) using the agron2 key derivation algorithm is:  b'4a4746795a3239754d6d6c6b4a4859394d546b6b625430784d4449304d444173644430794c4841394f43525461314661597a5249556e46426432706e4f456c765a6b7453626c5a6e4a464a595a47673552557856655464794e476c5a55335a70576c64325a30453d'


### Comparing password hashes with Argon2

In [12]:
# Import argon2
from argon2 import PasswordHasher

# Argon2 stored hash
password_hasher = PasswordHasher()
argon2_stored_hash = password_hasher.hash("p@ssword2020")

#  Using try/ Except to check if password is valid
try:
    verifyValid = password_hasher.verify(argon2_stored_hash, "new_password")
    print('Passwords match')
except:
    print('Sorry, the passwords did not match. Try again!')

Sorry, the passwords did not match. Try again!
