forked from AFPy/python-docs-fr
804 lines
25 KiB
Plaintext
804 lines
25 KiB
Plaintext
# SOME DESCRIPTIVE TITLE.
|
|
# Copyright (C) 2001-2016, Python Software Foundation
|
|
# This file is distributed under the same license as the Python package.
|
|
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
|
|
#
|
|
#, fuzzy
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: Python 3.6\n"
|
|
"Report-Msgid-Bugs-To: \n"
|
|
"POT-Creation-Date: 2017-04-02 22:11+0200\n"
|
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
|
"Language: fr\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
|
|
#: ../Doc/library/hashlib.rst:2
|
|
msgid ":mod:`hashlib` --- Secure hashes and message digests"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:10
|
|
msgid "**Source code:** :source:`Lib/hashlib.py`"
|
|
msgstr "**Code source :** :source:`Lib/hashlib.py`"
|
|
|
|
#: ../Doc/library/hashlib.rst:23
|
|
msgid ""
|
|
"This module implements a common interface to many different secure hash and "
|
|
"message digest algorithms. Included are the FIPS secure hash algorithms "
|
|
"SHA1, SHA224, SHA256, SHA384, and SHA512 (defined in FIPS 180-2) as well as "
|
|
"RSA's MD5 algorithm (defined in Internet :rfc:`1321`). The terms \"secure "
|
|
"hash\" and \"message digest\" are interchangeable. Older algorithms were "
|
|
"called message digests. The modern term is secure hash."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:32
|
|
msgid ""
|
|
"If you want the adler32 or crc32 hash functions, they are available in the :"
|
|
"mod:`zlib` module."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:37
|
|
msgid ""
|
|
"Some algorithms have known hash collision weaknesses, refer to the \"See also"
|
|
"\" section at the end."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:44
|
|
msgid "Hash algorithms"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:46
|
|
msgid ""
|
|
"There is one constructor method named for each type of :dfn:`hash`. All "
|
|
"return a hash object with the same simple interface. For example: use :func:"
|
|
"`sha256` to create a SHA-256 hash object. You can now feed this object with :"
|
|
"term:`bytes-like objects <bytes-like object>` (normally :class:`bytes`) "
|
|
"using the :meth:`update` method. At any point you can ask it for the :dfn:"
|
|
"`digest` of the concatenation of the data fed to it so far using the :meth:"
|
|
"`digest` or :meth:`hexdigest` methods."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:56
|
|
msgid ""
|
|
"For better multithreading performance, the Python :term:`GIL` is released "
|
|
"for data larger than 2047 bytes at object creation or on update."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:61
|
|
msgid ""
|
|
"Feeding string objects into :meth:`update` is not supported, as hashes work "
|
|
"on bytes, not on characters."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:66
|
|
msgid ""
|
|
"Constructors for hash algorithms that are always present in this module are :"
|
|
"func:`sha1`, :func:`sha224`, :func:`sha256`, :func:`sha384`, :func:"
|
|
"`sha512`, :func:`blake2b`, and :func:`blake2s`. :func:`md5` is normally "
|
|
"available as well, though it may be missing if you are using a rare \"FIPS "
|
|
"compliant\" build of Python. Additional algorithms may also be available "
|
|
"depending upon the OpenSSL library that Python uses on your platform. On "
|
|
"most platforms the :func:`sha3_224`, :func:`sha3_256`, :func:`sha3_384`, :"
|
|
"func:`sha3_512`, :func:`shake_128`, :func:`shake_256` are also available."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:76
|
|
msgid ""
|
|
"SHA3 (Keccak) and SHAKE constructors :func:`sha3_224`, :func:`sha3_256`, :"
|
|
"func:`sha3_384`, :func:`sha3_512`, :func:`shake_128`, :func:`shake_256`."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:80
|
|
msgid ":func:`blake2b` and :func:`blake2s` were added."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:83
|
|
msgid ""
|
|
"For example, to obtain the digest of the byte string ``b'Nobody inspects the "
|
|
"spammish repetition'``::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:97
|
|
msgid "More condensed:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:104
|
|
msgid ""
|
|
"Is a generic constructor that takes the string name of the desired algorithm "
|
|
"as its first parameter. It also exists to allow access to the above listed "
|
|
"hashes as well as any other algorithms that your OpenSSL library may offer. "
|
|
"The named constructors are much faster than :func:`new` and should be "
|
|
"preferred."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:110
|
|
msgid "Using :func:`new` with an algorithm provided by OpenSSL:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:117
|
|
msgid "Hashlib provides the following constant attributes:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:121
|
|
msgid ""
|
|
"A set containing the names of the hash algorithms guaranteed to be supported "
|
|
"by this module on all platforms. Note that 'md5' is in this list despite "
|
|
"some upstream vendors offering an odd \"FIPS compliant\" Python build that "
|
|
"excludes it."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:130
|
|
msgid ""
|
|
"A set containing the names of the hash algorithms that are available in the "
|
|
"running Python interpreter. These names will be recognized when passed to :"
|
|
"func:`new`. :attr:`algorithms_guaranteed` will always be a subset. The "
|
|
"same algorithm may appear multiple times in this set under different names "
|
|
"(thanks to OpenSSL)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:138
|
|
msgid ""
|
|
"The following values are provided as constant attributes of the hash objects "
|
|
"returned by the constructors:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:144
|
|
msgid "The size of the resulting hash in bytes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:148
|
|
msgid "The internal block size of the hash algorithm in bytes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:150
|
|
msgid "A hash object has the following attributes:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:154
|
|
msgid ""
|
|
"The canonical name of this hash, always lowercase and always suitable as a "
|
|
"parameter to :func:`new` to create another hash of this type."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:157
|
|
msgid ""
|
|
"The name attribute has been present in CPython since its inception, but "
|
|
"until Python 3.4 was not formally specified, so may not exist on some "
|
|
"platforms."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:162
|
|
msgid "A hash object has the following methods:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:167
|
|
msgid ""
|
|
"Update the hash object with the object *arg*, which must be interpretable as "
|
|
"a buffer of bytes. Repeated calls are equivalent to a single call with the "
|
|
"concatenation of all the arguments: ``m.update(a); m.update(b)`` is "
|
|
"equivalent to ``m.update(a+b)``."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:172
|
|
msgid ""
|
|
"The Python GIL is released to allow other threads to run while hash updates "
|
|
"on data larger than 2047 bytes is taking place when using hash algorithms "
|
|
"supplied by OpenSSL."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:180
|
|
msgid ""
|
|
"Return the digest of the data passed to the :meth:`update` method so far. "
|
|
"This is a bytes object of size :attr:`digest_size` which may contain bytes "
|
|
"in the whole range from 0 to 255."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:187 ../Doc/library/hashlib.rst:215
|
|
msgid ""
|
|
"Like :meth:`digest` except the digest is returned as a string object of "
|
|
"double length, containing only hexadecimal digits. This may be used to "
|
|
"exchange the value safely in email or other non-binary environments."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:194
|
|
msgid ""
|
|
"Return a copy (\"clone\") of the hash object. This can be used to "
|
|
"efficiently compute the digests of data sharing a common initial substring."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:199
|
|
msgid "SHAKE variable length digests"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:201
|
|
msgid ""
|
|
"The :func:`shake_128` and :func:`shake_256` algorithms provide variable "
|
|
"length digests with length_in_bits//2 up to 128 or 256 bits of security. As "
|
|
"such, their digest methods require a length. Maximum length is not limited "
|
|
"by the SHAKE algorithm."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:208
|
|
msgid ""
|
|
"Return the digest of the data passed to the :meth:`update` method so far. "
|
|
"This is a bytes object of size ``length`` which may contain bytes in the "
|
|
"whole range from 0 to 255."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:221
|
|
msgid "Key derivation"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:223
|
|
msgid ""
|
|
"Key derivation and key stretching algorithms are designed for secure "
|
|
"password hashing. Naive algorithms such as ``sha1(password)`` are not "
|
|
"resistant against brute-force attacks. A good password hashing function must "
|
|
"be tunable, slow, and include a `salt <https://en.wikipedia.org/wiki/Salt_"
|
|
"%28cryptography%29>`_."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:231
|
|
msgid ""
|
|
"The function provides PKCS#5 password-based key derivation function 2. It "
|
|
"uses HMAC as pseudorandom function."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:234
|
|
msgid ""
|
|
"The string *hash_name* is the desired name of the hash digest algorithm for "
|
|
"HMAC, e.g. 'sha1' or 'sha256'. *password* and *salt* are interpreted as "
|
|
"buffers of bytes. Applications and libraries should limit *password* to a "
|
|
"sensible length (e.g. 1024). *salt* should be about 16 or more bytes from a "
|
|
"proper source, e.g. :func:`os.urandom`."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:240
|
|
msgid ""
|
|
"The number of *iterations* should be chosen based on the hash algorithm and "
|
|
"computing power. As of 2013, at least 100,000 iterations of SHA-256 are "
|
|
"suggested."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:244
|
|
msgid ""
|
|
"*dklen* is the length of the derived key. If *dklen* is ``None`` then the "
|
|
"digest size of the hash algorithm *hash_name* is used, e.g. 64 for SHA-512."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:256
|
|
msgid ""
|
|
"A fast implementation of *pbkdf2_hmac* is available with OpenSSL. The "
|
|
"Python implementation uses an inline version of :mod:`hmac`. It is about "
|
|
"three times slower and doesn't release the GIL."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:262
|
|
msgid ""
|
|
"The function provides scrypt password-based key derivation function as "
|
|
"defined in :rfc:`7914`."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:265
|
|
msgid ""
|
|
"*password* and *salt* must be bytes-like objects. Applications and libraries "
|
|
"should limit *password* to a sensible length (e.g. 1024). *salt* should be "
|
|
"about 16 or more bytes from a proper source, e.g. :func:`os.urandom`."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:269
|
|
msgid ""
|
|
"*n* is the CPU/Memory cost factor, *r* the block size, *p* parallelization "
|
|
"factor and *maxmem* limits memory (OpenSSL 1.1.0 defaults to 32 MB). *dklen* "
|
|
"is the length of the derived key."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:273
|
|
msgid "Availability: OpenSSL 1.1+"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:279
|
|
msgid "BLAKE2"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:286
|
|
msgid ""
|
|
"BLAKE2_ is a cryptographic hash function defined in RFC-7693_ that comes in "
|
|
"two flavors:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:289
|
|
msgid ""
|
|
"**BLAKE2b**, optimized for 64-bit platforms and produces digests of any size "
|
|
"between 1 and 64 bytes,"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:292
|
|
msgid ""
|
|
"**BLAKE2s**, optimized for 8- to 32-bit platforms and produces digests of "
|
|
"any size between 1 and 32 bytes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:295
|
|
msgid ""
|
|
"BLAKE2 supports **keyed mode** (a faster and simpler replacement for HMAC_), "
|
|
"**salted hashing**, **personalization**, and **tree hashing**."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:298
|
|
msgid ""
|
|
"Hash objects from this module follow the API of standard library's :mod:"
|
|
"`hashlib` objects."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:303
|
|
msgid "Creating hash objects"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:305
|
|
msgid "New hash objects are created by calling constructor functions:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:317
|
|
msgid ""
|
|
"These functions return the corresponding hash objects for calculating "
|
|
"BLAKE2b or BLAKE2s. They optionally take these general parameters:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:320
|
|
msgid ""
|
|
"*data*: initial chunk of data to hash, which must be interpretable as buffer "
|
|
"of bytes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:323
|
|
msgid "*digest_size*: size of output digest in bytes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:325
|
|
msgid ""
|
|
"*key*: key for keyed hashing (up to 64 bytes for BLAKE2b, up to 32 bytes for "
|
|
"BLAKE2s)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:328
|
|
msgid ""
|
|
"*salt*: salt for randomized hashing (up to 16 bytes for BLAKE2b, up to 8 "
|
|
"bytes for BLAKE2s)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:331
|
|
msgid ""
|
|
"*person*: personalization string (up to 16 bytes for BLAKE2b, up to 8 bytes "
|
|
"for BLAKE2s)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:334
|
|
msgid "The following table shows limits for general parameters (in bytes):"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:337
|
|
msgid "Hash"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:337
|
|
msgid "digest_size"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:337
|
|
msgid "len(key)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:337
|
|
msgid "len(salt)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:337
|
|
msgid "len(person)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:339
|
|
msgid "BLAKE2b"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:339
|
|
msgid "64"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:339
|
|
msgid "16"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:340
|
|
msgid "BLAKE2s"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:340
|
|
msgid "32"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:340
|
|
msgid "8"
|
|
msgstr "8"
|
|
|
|
#: ../Doc/library/hashlib.rst:345
|
|
msgid ""
|
|
"BLAKE2 specification defines constant lengths for salt and personalization "
|
|
"parameters, however, for convenience, this implementation accepts byte "
|
|
"strings of any size up to the specified length. If the length of the "
|
|
"parameter is less than specified, it is padded with zeros, thus, for "
|
|
"example, ``b'salt'`` and ``b'salt\\x00'`` is the same value. (This is not "
|
|
"the case for *key*.)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:352
|
|
msgid "These sizes are available as module `constants`_ described below."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:354
|
|
msgid ""
|
|
"Constructor functions also accept the following tree hashing parameters:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:356
|
|
msgid "*fanout*: fanout (0 to 255, 0 if unlimited, 1 in sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:358
|
|
msgid ""
|
|
"*depth*: maximal depth of tree (1 to 255, 255 if unlimited, 1 in sequential "
|
|
"mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:361
|
|
msgid ""
|
|
"*leaf_size*: maximal byte length of leaf (0 to 2**32-1, 0 if unlimited or in "
|
|
"sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:364
|
|
msgid ""
|
|
"*node_offset*: node offset (0 to 2**64-1 for BLAKE2b, 0 to 2**48-1 for "
|
|
"BLAKE2s, 0 for the first, leftmost, leaf, or in sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:367
|
|
msgid ""
|
|
"*node_depth*: node depth (0 to 255, 0 for leaves, or in sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:369
|
|
msgid ""
|
|
"*inner_size*: inner digest size (0 to 64 for BLAKE2b, 0 to 32 for BLAKE2s, 0 "
|
|
"in sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:372
|
|
msgid ""
|
|
"*last_node*: boolean indicating whether the processed node is the last one "
|
|
"(`False` for sequential mode)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:378
|
|
msgid ""
|
|
"See section 2.10 in `BLAKE2 specification <https://blake2.net/"
|
|
"blake2_20130129.pdf>`_ for comprehensive review of tree hashing."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:384
|
|
msgid "Constants"
|
|
msgstr "Constantes"
|
|
|
|
#: ../Doc/library/hashlib.rst:389
|
|
msgid "Salt length (maximum length accepted by constructors)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:395
|
|
msgid ""
|
|
"Personalization string length (maximum length accepted by constructors)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:401
|
|
msgid "Maximum key size."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:407
|
|
msgid "Maximum digest size that the hash function can output."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:411
|
|
msgid "Examples"
|
|
msgstr "Exemples"
|
|
|
|
#: ../Doc/library/hashlib.rst:414
|
|
msgid "Simple hashing"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:416
|
|
msgid ""
|
|
"To calculate hash of some data, you should first construct a hash object by "
|
|
"calling the appropriate constructor function (:func:`blake2b` or :func:"
|
|
"`blake2s`), then update it with the data by calling :meth:`update` on the "
|
|
"object, and, finally, get the digest out of the object by calling :meth:"
|
|
"`digest` (or :meth:`hexdigest` for hex-encoded string)."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:429
|
|
msgid ""
|
|
"As a shortcut, you can pass the first chunk of data to update directly to "
|
|
"the constructor as the first argument (or as *data* keyword argument):"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:436
|
|
msgid ""
|
|
"You can call :meth:`hash.update` as many times as you need to iteratively "
|
|
"update the hash:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:449
|
|
msgid "Using different digest sizes"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:451
|
|
msgid ""
|
|
"BLAKE2 has configurable size of digests up to 64 bytes for BLAKE2b and up to "
|
|
"32 bytes for BLAKE2s. For example, to replace SHA-1 with BLAKE2b without "
|
|
"changing the size of output, we can tell BLAKE2b to produce 20-byte digests:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:465
|
|
msgid ""
|
|
"Hash objects with different digest sizes have completely different outputs "
|
|
"(shorter hashes are *not* prefixes of longer hashes); BLAKE2b and BLAKE2s "
|
|
"produce different outputs even if the output length is the same:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:481
|
|
msgid "Keyed hashing"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:483
|
|
msgid ""
|
|
"Keyed hashing can be used for authentication as a faster and simpler "
|
|
"replacement for `Hash-based message authentication code <http://en.wikipedia."
|
|
"org/wiki/Hash-based_message_authentication_code>`_ (HMAC). BLAKE2 can be "
|
|
"securely used in prefix-MAC mode thanks to the indifferentiability property "
|
|
"inherited from BLAKE."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:489
|
|
msgid ""
|
|
"This example shows how to get a (hex-encoded) 128-bit authentication code "
|
|
"for message ``b'message data'`` with key ``b'pseudorandom key'``::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:499
|
|
msgid ""
|
|
"As a practical example, a web application can symmetrically sign cookies "
|
|
"sent to users and later verify them to make sure they weren't tampered with::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:523
|
|
msgid ""
|
|
"Even though there's a native keyed hashing mode, BLAKE2 can, of course, be "
|
|
"used in HMAC construction with :mod:`hmac` module::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:534
|
|
msgid "Randomized hashing"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:536
|
|
msgid ""
|
|
"By setting *salt* parameter users can introduce randomization to the hash "
|
|
"function. Randomized hashing is useful for protecting against collision "
|
|
"attacks on the hash function used in digital signatures."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:540
|
|
msgid ""
|
|
"Randomized hashing is designed for situations where one party, the message "
|
|
"preparer, generates all or part of a message to be signed by a second party, "
|
|
"the message signer. If the message preparer is able to find cryptographic "
|
|
"hash function collisions (i.e., two messages producing the same hash value), "
|
|
"then she might prepare meaningful versions of the message that would produce "
|
|
"the same hash value and digital signature, but with different results (e.g., "
|
|
"transferring $1,000,000 to an account, rather than $10). Cryptographic hash "
|
|
"functions have been designed with collision resistance as a major goal, but "
|
|
"the current concentration on attacking cryptographic hash functions may "
|
|
"result in a given cryptographic hash function providing less collision "
|
|
"resistance than expected. Randomized hashing offers the signer additional "
|
|
"protection by reducing the likelihood that a preparer can generate two or "
|
|
"more messages that ultimately yield the same hash value during the digital "
|
|
"signature generation process --- even if it is practical to find collisions "
|
|
"for the hash function. However, the use of randomized hashing may reduce the "
|
|
"amount of security provided by a digital signature when all portions of the "
|
|
"message are prepared by the signer."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:559
|
|
msgid ""
|
|
"(`NIST SP-800-106 \"Randomized Hashing for Digital Signatures\" <http://csrc."
|
|
"nist.gov/publications/nistpubs/800-106/NIST-SP-800-106.pdf>`_)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:562
|
|
msgid ""
|
|
"In BLAKE2 the salt is processed as a one-time input to the hash function "
|
|
"during initialization, rather than as an input to each compression function."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:567
|
|
msgid ""
|
|
"*Salted hashing* (or just hashing) with BLAKE2 or any other general-purpose "
|
|
"cryptographic hash function, such as SHA-256, is not suitable for hashing "
|
|
"passwords. See `BLAKE2 FAQ <https://blake2.net/#qa>`_ for more information."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:590
|
|
msgid "Personalization"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:592
|
|
msgid ""
|
|
"Sometimes it is useful to force hash function to produce different digests "
|
|
"for the same input for different purposes. Quoting the authors of the Skein "
|
|
"hash function:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:596
|
|
msgid ""
|
|
"We recommend that all application designers seriously consider doing this; "
|
|
"we have seen many protocols where a hash that is computed in one part of the "
|
|
"protocol can be used in an entirely different part because two hash "
|
|
"computations were done on similar or related data, and the attacker can "
|
|
"force the application to make the hash inputs the same. Personalizing each "
|
|
"hash function used in the protocol summarily stops this type of attack."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:603
|
|
msgid ""
|
|
"(`The Skein Hash Function Family <http://www.skein-hash.info/sites/default/"
|
|
"files/skein1.3.pdf>`_, p. 21)"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:607
|
|
msgid "BLAKE2 can be personalized by passing bytes to the *person* argument::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:621
|
|
msgid ""
|
|
"Personalization together with the keyed mode can also be used to derive "
|
|
"different keys from a single one."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:635
|
|
msgid "Tree mode"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:637
|
|
msgid "Here's an example of hashing a minimal tree with two leaf nodes::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:643
|
|
msgid ""
|
|
"This example uses 64-byte internal digests, and returns the 32-byte final "
|
|
"digest::"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:673
|
|
msgid "Credits"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:675
|
|
msgid ""
|
|
"BLAKE2_ was designed by *Jean-Philippe Aumasson*, *Samuel Neves*, *Zooko "
|
|
"Wilcox-O'Hearn*, and *Christian Winnerlein* based on SHA-3_ finalist BLAKE_ "
|
|
"created by *Jean-Philippe Aumasson*, *Luca Henzen*, *Willi Meier*, and "
|
|
"*Raphael C.-W. Phan*."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:680
|
|
msgid ""
|
|
"It uses core algorithm from ChaCha_ cipher designed by *Daniel J. "
|
|
"Bernstein*."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:682
|
|
msgid ""
|
|
"The stdlib implementation is based on pyblake2_ module. It was written by "
|
|
"*Dmitry Chestnykh* based on C implementation written by *Samuel Neves*. The "
|
|
"documentation was copied from pyblake2_ and written by *Dmitry Chestnykh*."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:686
|
|
msgid "The C code was partly rewritten for Python by *Christian Heimes*."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:688
|
|
msgid ""
|
|
"The following public domain dedication applies for both C hash function "
|
|
"implementation, extension code, and this documentation:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:691
|
|
msgid ""
|
|
"To the extent possible under law, the author(s) have dedicated all copyright "
|
|
"and related and neighboring rights to this software to the public domain "
|
|
"worldwide. This software is distributed without any warranty."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:695
|
|
msgid ""
|
|
"You should have received a copy of the CC0 Public Domain Dedication along "
|
|
"with this software. If not, see http://creativecommons.org/publicdomain/"
|
|
"zero/1.0/."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:699
|
|
msgid ""
|
|
"The following people have helped with development or contributed their "
|
|
"changes to the project and the public domain according to the Creative "
|
|
"Commons Public Domain Dedication 1.0 Universal:"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:703
|
|
msgid "*Alexandr Sokolovskiy*"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:718
|
|
msgid "Module :mod:`hmac`"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:718
|
|
msgid "A module to generate message authentication codes using hashes."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:721
|
|
msgid "Module :mod:`base64`"
|
|
msgstr "Module :mod:`base64`"
|
|
|
|
#: ../Doc/library/hashlib.rst:721
|
|
msgid "Another way to encode binary hashes for non-binary environments."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:724
|
|
msgid "https://blake2.net"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:724
|
|
msgid "Official BLAKE2 website."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:727
|
|
msgid "http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:727
|
|
msgid "The FIPS 180-2 publication on Secure Hash Algorithms."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:731
|
|
msgid ""
|
|
"https://en.wikipedia.org/wiki/"
|
|
"Cryptographic_hash_function#Cryptographic_hash_algorithms"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:730
|
|
msgid ""
|
|
"Wikipedia article with information on which algorithms have known issues and "
|
|
"what that means regarding their use."
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:733
|
|
msgid "https://www.ietf.org/rfc/rfc2898.txt"
|
|
msgstr ""
|
|
|
|
#: ../Doc/library/hashlib.rst:734
|
|
msgid "PKCS #5: Password-Based Cryptography Specification Version 2.0"
|
|
msgstr ""
|