Solved

How do you decode with hmac?

Posted on 2010-11-23
5
2,642 Views
Last Modified: 2012-05-10
Hi,

How do you decode with hmac?
I can encode with this function below.. but decode function does not work

def hmac_encode(key, str):
     return hmac.new(key, str, hashlib.sha1).digest().encode('base64')[:-1]
def hmac_decode(key, str):
     return hmac.new(key, str, hashlib.sha1).digest().decode('base64')[:-1]

Thanks
Jamie

0
Comment
Question by:jamie_lynn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 29

Assisted Solution

by:pepr
pepr earned 500 total points
ID: 34208895
Hi Jamie, hmac does something else than you expect It can take many kilobytes of the input string.  It returns a fixed lenght digest that is a kind of fingerprint of the input string.  This way, you can check whether (say) downloaded data (i.e. the input string) was not changed during the transmission.  You simply use the same algorithm and the same key and (hopefully) the same input string, and you have to get the same digest (the fingerprint).  If you get something else, then the data is not identical to what was sent.

In other way, it is a one-way function that returns a signature of the data.  It is not a kind of compression or reversable encoding.

The methods .encode() and .decode() do simply convert the string (bytes) signature to some other string.  You can also use .hexdigest() to have the signature expressed as nicely printable characters.

Try this:
import hashlib
import hmac

k = '0000'
s = 'xxxx string'
h = hmac.new(k, s, hashlib.sha1)
print h.digest()
print h.hexdigest()

Open in new window


See the funny characters as the result of .digest() -- the bytes are interpreted as characters by the print command.  The .hexdigest() shows what the bytes are -- each couple of hex digits describes one byte from the .digest(). It shows the following on my computer:

C:\tmp\_Python\jamie_lynn\Q_26635274>python a.py
cEG¦vë_¿wlÜ8u¿°UkW+l
9fb747b17689dcfa77889a38fbf4f8eb6b57bc88
0
 

Author Comment

by:jamie_lynn
ID: 34210847
Hi pepr,

Oh, then this isn't what i want. This works for password (encoding one way), but i am obfuscating my emails addresses too. So I need a way to decode the data.
What is a good way to enocde and decode emails in databases?

thanks
Jamie
0
 
LVL 29

Accepted Solution

by:
pepr earned 500 total points
ID: 34211028
You probably should search for encryption/decryption algorithms.  The standard documentation points indirectly to PyCrypto that can be downloaded from PyPI (see http://pypi.python.org/pypi/pycrypto/).  The homepage of the package is http://www.pycrypto.org/.  The principles (how to work with it) are described at http://www.dlitz.net/software/pycrypto/doc/.  You probably want to use one of the encryption algorithms (http://www.dlitz.net/software/pycrypto/doc/#crypto-cipher-encryption-algorithms).  There is a short example that uses DES algorithm -- it should be OK for you.  However, AES is more recommended these days.

Basically, there are two ways used to encrypt/decrypt the data.  The simpler one uses a single key (must be kept secret) that is used to both encrypt and then decrypt the message.  The more sofisticated uses two keys: one is used for encryption and the other for decryption. One of them may be made public, the other must be kept secret by the owner of the keys. The two approaches are often combined to get better performance.
0
 
LVL 29

Expert Comment

by:pepr
ID: 34211040
0
 

Author Closing Comment

by:jamie_lynn
ID: 34211056
Thanks pepr. I'll use the single key since my app is the only one encrypting and decrypting the data
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Python script with password security? 15 146
Trying to run a Python File 11 83
Perl Frameworks 1 117
IDE for Python 5 104
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Article by: Swadhin
Introduction of Lists in Python: There are six built-in types of sequences. Lists and tuples are the most common one. In this article we will see how to use Lists in python and how we can utilize it while doing our own program. In general we can al…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question