# MD5¶

MD5 is specified in RFC1321 and produces the 128 bit digest of a message. For example:

>>> from Crypto.Hash import MD5:
>>>
>>> h = MD5.new()
>>> h.update(b'Hello')
>>> print h.hexdigest()


MD5 stand for Message Digest version 5, and it was invented by Rivest in 1991.

Warning

This algorithm is not considered secure. Do not use it for new designs.

Warning

MD5 is vulnerable to length-extension attacks, which are relevant if you are computing the hash of a secret message.

For instance, let’s say you were planning to build a cheap MAC by concatenating a secret key to a public message m (bad idea!):

$h = \text{MD5}(m || k)$

By only knowing the digest h and the length of m and k, the attacker can easily compute a second digest h’:

$h' = \text{MD5}(m || p || z)$

where p is a well-known bit string and the attacker can pick a bit string z at will.

Crypto.MD5.new(msg=None)

Create a new hash object.

Parameters: msg (byte string) – Optional. The very first chunk of the message to hash. It is equivalent to an early call to update(). An MD5_Hash hash object
class Crypto.MD5.MD5_Hash

An MD5 hash object. Do not instantiate directly. Use the new() function.

Variables: oid (string) – ASN.1 Object ID block_size (integer) – the size in bytes of the internal message block, input to the compression function digest_size (integer) – the size in bytes of the resulting hash
update(msg)

Continue hashing of a message by consuming the next chunk of data.

Parameters: msg – The next chunk of the message being hashed.
digest()

Return the binary (non-printable) digest of the message that has been hashed so far.

Returns: The hash digest, computed over the data processed so far. Binary form. byte string
hexdigest()

Return the printable digest of the message that has been hashed so far.

Returns: The hash digest, computed over the data processed so far. Hexadecimal encoded. string