Iron Music Learning python26_hashlib+configparser+logging Module

Most of the content was excerpted from the blog http://www.cnblogs.com/Eva-J/

Hashlib Module Algorithm Introduction

Python's hashlib provides a common digest algorithm, such as MD5,SHA1 and so on.
What is a digest algorithm?
Abstract the algorithm is also called hash algorithm and hashing algorithm.
It uses a function to convert any length of data into a fixed length data string (usually represented by a 16-binary string).
Abstract algorithm is to calculate the fixed-length summary digest by using the Digest function f () to the data of arbitrary length.
The goal is to find out if the original data has been tampered with.
Abstract the algorithm can indicate whether the data has been tampered with, because the digest function is a one-way function,
It is easy to calculate f (data), but it is very difficult to reverse data by digest.
Also, making a bit change to the original data will result in a completely different summary of the calculations.
We take the Common Digest algorithm MD5 as an example,

Calculates the MD5 value of a string:ImportHashlibmd5=HASHLIB.MD5 () md5.update (b' How do I use the md5 in Python hashlib? ')#注, to convert to B-byte mode to be normalPrint(Md5.hexdigest ())# d26a53750bc40b38b65a520292f69306If you have a large amount of data, you can call Update () multiple times, and the result of a string of direct summaries and snippets is the same: MD5=HASHLIB.MD5 () md5.update (b' How to use MD5 ') Md5.update (b' python hashlib? ')Print(Md5.hexdigest ())# d26a53750bc40b38b65a520292f69306Copy file checksum MD5 consistentdefCHECK_MD5 (filename): MD5=HASHLIB.MD5 () with Open(FileName,' RB ') asF: while True: Content=F.read (4096)# Fragment read to prevent large memory footprint            ifContent:md5.update (content)Else: Break    returnMd5.hexdigest () file1=CHECK_MD5 (' Md5-test1 ') file2=CHECK_MD5 (' Md5-test2 ')Print(File1)# 2e5f9458bcd27e3c2b5908af0b91551aPrint(file2)# 2e5f9458bcd27e3c2b5908af0b91551aMD5 Digest encrypt incoming plaintext password and add salt dynamically (more secure)ImportHashlib# MD5 Digest encrypted plaintext password transmitted indefMd5_digest (User, Plain_pass): MD5=HASHLIB.MD5 (user[::-1].encode (' Utf-8 '))# Create an object of the MD5 algorithm, and reverse the definition of the salt sliceMd5.update (Plain_pass.encode (' Utf-8 '))returnMd5.hexdigest () User= ' Bilibili 'Pwd= ' 123456 'Print(Md5_digest (user, PWD))# b442d27216d7e1dd54d6419a9d31056f

MD5 is the most common digest algorithm and is fast enough to generate a fixed byte of bytes, typically represented by a 32-bit 16 binary string.
Another common digest algorithm is SHA1, call SHA1 and call MD5 exactly the same, is to change the previous MD5 to SHA1 and yourself.
The result of the SHA1 is a bit byte, which is usually represented by a 40-bit 16 binary string.
Algorithms that are more secure than SHA1 are SHA256 and SHA512, but the more secure the algorithm is, the slower it is, and the longer the digest length.

Abstract algorithm Application

Any site that allows users to log on will store the user name and password that the user is logged on to.
How do I store a user name and password? method is stored in the database table:

Name|Password--------+----------Michael| 123456Bob|Abc999alice|alice2008 If the user password is saved in clear text, if the database is compromised, all users ' passwords fall into the hands of hackers. In addition, the site operators can access the database, that is, to get all the user's password. The correct way to save the password is not to store the user's plaintext password, but instead to store a digest of the user's password, such as Md5:username|Password---------+---------------------------------Michael|E10adc3949ba59abbe56e057f20f883ebob|878ef96e86145580c38c87f0410ad153alice|99B1C2188DB85AFEE403B1536010C2C9 consider such a situation, many users like to use123456，888888, password these simple passwords, so the hacker can calculate the MD5 value of these common passwords in advance, get a counter-push table:' e10adc3949ba59abbe56e057f20f883e ':' 123456 '' 21218cca77804d2ba1922c33e0151105 ':' 888888 '' 5f4dcc3b5aa765d61d8327deb882cf99 ':' Password '

This way, no need to crack, only need to compare the database MD5, hackers get the use of common password user account.
For the user, of course, do not use too simple password. But can we enhance the protection of simple passwords in program design?
Because the MD5 value of a common password is easily computed,
Therefore, to ensure that the Stored user password is not the MD5 of the commonly used passwords that have been computed,

This method is implemented by adding a complex string to the original password, commonly known as "Add salt":
(A bit like kingdoms in the advising died in the "chicken ribs," A Night patrol password)
HASHLIB.MD5 ("Salt". Encode ("UTF8"))

Salt processing of the MD5 password, as long as the salt is not known by hackers, even if the user entered a simple password, it is difficult to MD5 the plaintext password.

But if two users are using the same simple password like 123456,
In the database, two identical MD5 values are stored, which means the passwords for the two users are the same.
Is there a way for users with the same password to store different MD5?
If you assume that a user cannot modify a login, you can calculate the MD5 by using the login as part of the salt.
Users that implement the same password also store different MD5.

Abstract algorithms are widely used in many places.
Note that the digest algorithm is not an encryption algorithm and cannot be used for encryption (because plaintext cannot be reversed by a digest) and can only be used for tamper protection.
However, its one-way computing feature determines that the user's password can be verified without storing the plaintext password.

Configparser Module

Development process: The general development after the completion of the test, test pass and then to the implementation or operations department deployed to the line.
You need to configure the file for Operations department or Open source project, give the user to customize some of the actual parameters, and do not need to be modified in the code file.

This module is suitable for configuration files in a format similar to the Windows INI file.
Can contain one or more sections (section), each of which can have multiple option parameters (key = value).

Creating a configuration file

Common document formats are as follows: [Default]serveraliveinterval=  $Compression=Yescompressionlevel= 9ForwardX11=Yes[bitbucket.org]user=Hg[topsecret.server.com]port= 50022ForwardX11=No use Python to generate a configuration file:ImportConfigparserconfig=Configparser. Configparser () config["DEFAULT"]={' Serveraliveinterval ':' A ',' Compression ':' yes ',' CompressionLevel ':' 9 ',' ForwardX11 ':' yes '}config[' bitbucket.org ']={' User ':' HG '}config[' topsecret.server.com ']={' Host Port ':' 50022 ',' ForwardX11 ':' No '} with Open(' Example.ini ',' W ') asConfigfile:config.write (configfile) generates Example.ini as follows, note that the options inside are lowercase (case-insensitive): [Default]compressionlevel= 9Serveraliveinterval=  $Forwardx11=Yescompression=Yes[bitbucket.org]user=Hg[topsecret.server.com]host Port= 50022Forwardx11=No view configuration file from top to bottom click to execute to see the effectImportConfigparserconfig=Configparser. Configparser ()#---------------------------Find the contents of a file in a dictionary-based formatPrint(Config.sections ())# Display [], default, because at this time do not know which configuration file to read the contents ofConfig.read (' Example.ini ')# Read the sample configuration file created in the previous section.Print(Config.sections ())# This shows [' bitbucket.org ', ' topsecret.server.com ')Print(' bytebong.com ' inchConfig# Determine if there is no this parameter in the configuration file FalsePrint(' bitbucket.org ' inchConfig# Determine if there is no this parameter in the config file TruePrint(config[' bitbucket.org ']["User"])# like a dictionary by key to find the value HGPrint(config[' DEFAULT '][' Compression '])# YesPrint(config[' topsecret.server.com '][' ForwardX11 '])# noPrint(config[' bitbucket.org '])# View Objects <Section:bitbucket.org> forKeyinchconfig[' bitbucket.org ']:# Note that there is a key to default defaults    Print(key)# User# CompressionLevel# Serveraliveinterval# forwardx11# compressionPrint(Config.options (' bitbucket.org '))# with For loop, find all keys under ' bitbucket.org 'Print(Config.items (' bitbucket.org '))# Find all key-value pairs under ' bitbucket.org '# [(' CompressionLevel ', ' 9 '), (' Serveraliveinterval ', ' a '), (' forwardx11 ', ' yes '), (' Compression ', ' yes '), (' User ' , ' HG ')]Print(Config.get (' bitbucket.org ',' compression '))# Yes Get method section key corresponding to valueDelete and change the configuration file:ImportConfigparserconfig=Configparser. Configparser () Config.read (' Example.ini ') Config.add_section (' Yuan ')# Note, at this point just read out the configuration file contents in memory,# and added in memory, you need to perform the bottom-most write handle operation to take effect, and the following actions are the sameConfig.remove_section (' bitbucket.org ') Config.remove_option (' topsecret.server.com ',"Forwardx11")# Remove RemovalConfig.Set(' topsecret.server.com ',' K1 ',' 11111 ') config.Set(' Yuan ',' K2 ',' 22222 ')# Add or modify setConfig.write (Open(' Example.ini ',"W") after execution, the original configuration file was changed to look like this: [Default]compressionlevel= 9Serveraliveinterval=  $Forwardx11=Yescompression=Yes[topsecret.server.com]host Port= 50022K1= 11111[Yuan]k2= 22222Logging module function Simple configurationImportLogging Logging.debug (' Debug message ') Logging.info (' info message ') Logging.warning (' warning message ') Logging.error (' error message ') Logging.critical (' critical message 'By default, Python's logging module prints the logs to standard output and only displays logs that are greater than or equal to the warning level, indicating that the default logging level is set to warning (log level level critical>ERROR>WARNING>INFO>DEBUG), the default log format is log level: Logger name: User output message. Flexible configuration log level, log format, output location:ImportLogging Logging.basicconfig (Level=Logging. DEBUG,format='% (asctime) s % (filename) s[Line:% (Lineno) d] % (levelname) s % (message) s', datefmt='%a,%d%b%Y%h:%m:%s ', filename=' Test.log ', FileMode=' W ') Logging.debug (' Debug message ') Logging.info (' info message ') Logging.warning (' warning message ') Logging.error (' error message ') Logging.critical (' critical message ') View Test.log:Mon, atApr2018  -: $:GenevaHashlib_test.py[line:205] Debug Debug Messagemon, atApr2018  -: $:GenevaHashlib_test.py[line:206] Info Info Messagemon, atApr2018  -: $:GenevaHashlib_test.py[line:207] WARNING WARNING Messagemon, atApr2018  -: $:GenevaHashlib_test.py[line:208] Error Error Messagemon, atApr2018  -: $:GenevaHashlib_test.py[line:209] The CRITICAL CRITICAL messagelogging.basicconfig () function can change the default behavior of the logging module through specific parameters, the available parameters are: FileName: Create a filedhandler with the specified file name, This allows the log to be stored in the specified file. FileMode: File open mode, use this parameter when filename is specified, the default value is "a" (Append mode) can also be specified as "W". Format: Specifies the log display format used by handler. DATEFMT: Specifies the date time format, setting the time display format in Asctime. Level: Set Rootlogger log levels, optional debug debug/Info Normal/Warning warning/Error errors/Critical severity error levels. Stream: Creates a streamhandler with the specified stream. You can specify output to Sys.stderr,sys.stdout or file (f=Open(' Test.log ', ' W '), the default is Sys.stderr. If you list both the filename and stream two parameters, the stream parameter is ignored. formatting strings that may be used in the format parameter:%(name) s Logger's name%(Levelno) s log level in digital form%(levelname) s log level in text form%(pathname) s The full pathname of the module that invokes the log output function, possibly without%(filename) s The file name of the module that invokes the log output function%Module name of the log output function called by (module) s%(funcName) s function name of the call log output function%(Lineno) d The line of code where the statement that invokes the log output function%(created) F current time, represented by the UNIX standard floating-point number representing the time%(relativecreated) d when the log information is output, the number of milliseconds since logger was created%(asctime) The current time in string form. The default format is "2003-07-08  -: the: $,896”。 The comma is followed by milliseconds%(thread) d thread ID. Probably not.%(threadname) s thread name. Probably not.%(process) d ID. Probably not.%(message) s user output messages Logger object configurationImportLogginglogger=Logging.getlogger ()# Create a handler to write to the log fileFh=Logging. Filehandler (' Test.log ', encoding=' Utf-8 ')# Create another handler for output to the consoleCh=Logging. Streamhandler () Formatter=Logging. Formatter ('% (asctime) s - % (name) s - % (levelname) s - % (message) s') Fh.setlevel (logging. DEBUG) Fh.setformatter (formatter) ch.setformatter (formatter) Logger.addhandler (FH)#logger对象可以添加多个fh和ch对象Logger.addhandler (CH) logger.debug (' logger debug message ') Logger.info (' Logger info message ') Logger.warning (' logger warning message ') Logger.error (' logger error message ') Logger.critical (' logger critical message 'The logging library provides multiple components: Logger, Handler, Filter, Formatter. The Logger object provides an interface that the application can use directly, handler sends logs to the appropriate destination, and filter provides a way to filter the log information formatter specify the log display format. Alternatively, you can pass: logger.setlevel (logging. Debug) setting level, of course, can also be passed fh.setlevel (logging. Debug) to set a level on a file stream.

End
2018-4-23

Iron python26_hashlib+configparser+logging Module