tags:

views:

111

answers:

2
Q: 

Comparing MD5s in Python

For a programming exercise I designed for myself, and for use in a pretty non-secure system later on, I'm trying to compare MD5 hashes. The one that is stored in a plain text file and is pulled out by the check_pw() function and the one that is created from the submitted password from a CGI form. md5_pw() is used to create all the hashes in the program.

For some reason, if (pair[1] == md5_pw(pw)) always fails, even though my program prints out identical hashes in my error checking lines:

    print "this is the pw from the file: ", pair[1], "<br />"
    print "this is the md5 pw you entered: ", md5_pw(pw), "<br />"

Where am I messing up?

Code:

def md5_pw(pw):
    """Returns the MD5 hex digest of the pw with addition."""
    m = md5.new()
    m.update("4hJ2Yq7qdHd9sdjFASh9"+pw)
    return m.hexdigest()

def check_pw(user, pw, pwfile):
    """Returns True if the username and password match, False otherwise. pwfile is a xxx.txt format."""
    f = open(pwfile)
    for line in f:
        pair = line.split(":")
        print "this is the pw from the file: ", pair[1], "<br />"
        print "this is the md5 pw you entered: ", md5_pw(pw), "<br />"
        if (pair[0] == user):
            print "user matched <br />"
            if (pair[1] == md5_pw(pw)):
                f.close()
                return True
            else:
                f.close()
                print "passmatch a failure"
                return False
+2  A: 

Your pair[1] probably has a trailing newline. Try:

for line in f:
    line = line.rstrip()
    pair = line.split(":")
    # ...etc
Greg Hewgill  2009-07-23 05:19:10
Thank you very much! I was unaware of the fact that the iterator would return the newline as well... ah, Python!
Isaac Hodes  2009-07-23 05:27:42
+1  A: 

My guess is that there's an problem with the file loading/parsing, most likely caused by a newline character. By paring your code down, I was able to find that your logic was sound:

def md5_pw(pw):
    m = md5.new()
    m.update("4hJ2Yq7qdHd9sdjFASh9"+pw)
    return m.hexdigest()

def check_pw(pw):
    pair = ("c317db7d54073ef5d345d6dd8b2c51e6")
    if (pair == md5_pw(pw)):
        return True
    else:
        return False

>>> import md5
>>> check_pw('fakepw')
False
>>> check_pw('testpw')
True

("c317db7d54073ef5d345d6dd8b2c51e6" is the md5 hash for "4hJ2Yq7qdHd9sdjFASh9testpw")

cpharmston  2009-07-23 05:31:55

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python