Comparing MD5s in Python

Question

For a programming exercise I designed for myself, and for use in a pretty non-secure system later on, I'm trying to compare MD5 hashes. The one that is stored in a plain text file and is pulled out by the check_pw() function and the one that is created from the submitted password from a CGI form. md5_pw() is used to create all the hashes in the program.

For some reason, if (pair[1] == md5_pw(pw)) always fails, even though my program prints out identical hashes in my error checking lines:

    print "this is the pw from the file: ", pair[1], "
"
    print "this is the md5 pw you entered: ", md5_pw(pw), "
"

Where am I messing up?

Code:

def md5_pw(pw):
    """Returns the MD5 hex digest of the pw with addition."""
    m = md5.new()
    m.update("4hJ2Yq7qdHd9sdjFASh9"+pw)
    return m.hexdigest()

def check_pw(user, pw, pwfile):
    """Returns True if the username and password match, False otherwise. pwfile is a xxx.txt format."""
    f = open(pwfile)
    for line in f:
        pair = line.split(":")
        print "this is the pw from the file: ", pair[1], "
"
        print "this is the md5 pw you entered: ", md5_pw(pw), "
"
        if (pair[0] == user):
            print "user matched 
"
            if (pair[1] == md5_pw(pw)):
                f.close()
                return True
            else:
                f.close()
                print "passmatch a failure"
                return False

Greg Hewgill · Accepted Answer

Your pair[1] probably has a trailing newline. Try:

for line in f:
    line = line.rstrip()
    pair = line.split(":")
    # ...etc

Comparing MD5s in Python

Answers (2)

Related Questions