Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

python (django) hashlib vs Nodejs crypto

Tags:

python

node.js

django

passport.js

hashlib

I'm porting over a Django site to Node.js and I am trying to re implement the Django set password method in Node. This is the Django code

from django.utils.crypto import (
    pbkdf2, get_random_string)

import hashlib

password = 'text1'
algorithm = "pbkdf2_sha256"
iterations = 10000
salt = 'p9Tkr6uqxKtf'
digest = hashlib.sha256
hash = pbkdf2(password, salt, iterations, digest=self.digest)
hash = hash.encode('base64').strip()
print "%s$%d$%s$%s" % (self.algorithm, iterations, salt, hash)

and here's the Node.js code I have so far:

var password = 'text1';
var hashed = crypto.createHash('sha256').update(password, 'utf8').digest();
var salt = 'p9Tkr6uqxKtf';
var algorithm = "pbkdf2_sha256";
var iterations = 10000;
crypto.pbkdf2(hashed, salt, iterations, 32, function(err, encodedPassword) {
    var newPass = new Buffer(encodedPassword).toString('base64');
    console.log(encodedPassword);

    // console.log(Buffer(encodedPassword, 'binary').toString('hex'));
    var finalPass = algorithm +'$'+ iterations +'$'+  salt +'$'+  newPass;
    console.log(finalPass);
});

My solution in Node doesn't output the same results as the Python / Django code. At this point I'm pretty much over my head and any help would be very much appreciated. Thanks in advance.

like image 446
imns Avatar asked Mar 13 '13 19:03

imns

Video Answer

2 Answers

So my solution to this was to create a python script that takes the salt and users password and returns the hashed password. I call this script from node and parse the results. I check if the hashed password starts with: pbkdf2_sha256, then I validate it against what my python script returned, if it validates use my new systems hashing function to reset the password.

like image 41
imns Avatar answered Oct 15 '22 11:10

imns

Here is a better solution using pbkdf2-sha256:

var pbkdf2 = require('pbkdf2-sha256');
var password = 'text1';
var salt = 'p9Tkr6uqxKtf';
var algorithm = "pbkdf2_sha256";
var iterations = 10000;
var hashed = pbkdf2(password, new Buffer(salt), iterations, 32).toString('base64');
var finalPass = algorithm +'$'+ iterations +'$'+  salt +'$'+  hashed;

The above code should be sufficient to validate passwords stored in Django using Node.

like image 78
paldepind Avatar answered Oct 15 '22 11:10

paldepind
Sign in to Comment

Related questions

Percentile rank calculation
suffix tree implementation in python [closed]
Networkx graph clustering
Changing the icon of the produced .exe, py2exe
Alternative use patterns for python multiprocessing avoiding proliferation of global state?
Way to iterate two items at a time in a list?
Decode python base64 String
Why Is The property Decorator Only Defined For Classes?
Are the paths to the python standard library and to the dist-packages different for different linux distributions(Debian, Redhat, Slackware, ...)?
get the smallest unit of a currency in python
Integrate indentation & content changes in Git during merge: Best practices?
Nesting string format
Pythonic design without enums
how to use unions with python?
Converting string to int is too slow
Weird syntax error in using beautifulsoup.find()
WTForms creating a custom widget
Run a Python Script from the Web
Conditional __debug__ statement not executed though __debug__ is True
Sentiment Analysis on LARGE collection of online conversation text

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!