Search code examples
pythonsha512pbkdf2

Python program to create and verify an PBKDF2 - SHA512 hash

I want to have a Python program who get in entry a passphrase and a hash (kind of hash), transform the passphrase into a hash and verify if it equal to the previously given hash. I use ChatGPT to answer to my question and here the code :

import hashlib

def verify_password(password, hash_value):
    algorithm, iterations, salt, hashed_password = hash_value.split(':')
    iterations = int(iterations)
    
    new_hash = hashlib.pbkdf2_hmac('sha512', password.encode('utf-8'), salt.encode('utf-8'), iterations).hex()
    
    if hashed_password == new_hash:
        return True
    else:
        return False

stored_hash = input("Give your hash : ")

user_password = input("Give your password : ")

print("Password hash is :", stored_hash)

# Verify

if verify_password(user_password, stored_hash):
    print("Valid Password.")
else:
    print("Wrong password.")

Here my example hash for 'testing' passphrase : :pbkdf2:sha512:30000:64:OSn313BE8n6uRs2ddby4EQ==:vkWCj+mYOfSMiKPm7ca+u4zBWPqzb4MmAcGJhAkhG02wssTdGuEKuSPFpVXK9cgfN2mdxLata/zL3UZcqUfDMA==

I try the program and here where I am :

Give your hash : :pbkdf2:sha512:30000:64:OSn313BE8n6uRs2ddby4EQ==:vkWCj+mYOfSMiKPm7ca+u4zBWPqzb4MmAcGJhAkhG02wssTdGuEKuSPFpVXK9cgfN2mdxLata/zL3UZcqUfDMA= =

Give your password : testing*
Password hash is : :pbkdf2:sha512:30000:64:OSn313BE8n6uRs2ddby4EQ==:vkWCj+mYOfSMiKPm7ca+u4zBWPqzb4MmAcGJhAkhG02wssTdGuEKuSPFpVXK9cgfN2mdxLata/zL3UZcqUfDMA==
Traceback (most recent call last):
  File "c:\Users\mathy\Downloads\temp.py", line 22, in <module>
    if verify_password(user_password, stored_hash):
  File "c:\Users\mathy\Downloads\temp.py", line 4, in verify_password
    algorithm, iterations, salt, hashed_password = hash_value.split(':')
ValueError: too many values to unpack (expected 4)
Solution

  • I am a committer of https://github.com/WolfgangFahl/py-3rdparty-mediawiki and have finished your work at https://github.com/WolfgangFahl/py-3rdparty-mediawiki/blob/master/wikibot3rd/sso.py

    with a working test. There has still been ChatGPT-4 support in creating the solution so i am not posting the full code. The issue is to prompt ChatGPT to make sure the different parts are really checked. E.g.

      if pbkdf2_indicator != "pbkdf2":
            raise ValueError("verify_password expects pbkdf2 hashes")

    and make sure the hash algorithm is used:

    new_hash = hashlib.pbkdf2_hmac(
            hash_algorithm, password.encode("utf-8"), salt, iterations
        )

    which was hard-coded in your question