basics of python encryption w/ hashlib sha1

adam picture adam · Jan 27, 2011 · Viewed 38.2k times · Source

I'm struggling to fully understand how encryption works and is coded, particularly with python. I'm just trying to get the basics down and create code in the simplest form.

I'm going to be passing a userID between two different sites, but obviously I need this to be encrypted with a private key so Website2 knows it came from Website1. This seems to be the code for me: http://docs.python.org/library/hashlib.html#module-hashlib, but it doesn't have very good examples (or maybe I'm in the wrong spot).

The problem I'm having is fully understanding how to encode and decode.

So lets say the shared private key which each website will know is:

shared_private_key = "ABCDEF"

And I want Website1 to pass to Website2 the userID of:

userID = "123456"

How would Website1 encrypt my userID with the private key in a fashion that the encryption can be sent via HTTP headers, and then have Website2 decrypt and be able to read the userID using the shared private key?

I apologize for asking such a basic question, but I'm failing to grasp how this should be done. Thanks.

Answer

vz0 picture vz0 · Jan 27, 2011

The hashlib module provides hashing functions. While there is some relation to encryption, once you hash some data you can not go back to get the original data from the hash result.

Instead of encripting the data you can take a different approach: creating a unique signature using a hash of the data and some secret.

shared_private_key = "ABCDEF"

def create_signature(data):
    return hashlib.sha1(repr(data) + "," + shared_private_key).hexdigest()

def verify_signature(data, signature):
    return signature == create_signature(data)

Finally, you send to the Website 2 the data plus the signature. That way you can be (mostly) sure that no unauthorized person tampered the data.