Is there any Python library that can validate a password against a Hash having embedded the settings & salt (like com.lambdaworks.crypto.SCryptUtil.check(pass, hash) in Java)?
For example, pass123 should be valid against $s0$e1010$Hcxkdy8NyRZt6hCnNsDyhQ==$KG8hw/i7zDbVtwtuJfUHlo1vw+qrshDYMq6XlfYW0rg=
Anyway, since scrypt here suggests this, I ended up implementing it like that:
import scrypt
import base64
import math
def verify_password(password, password_check):
parts = password_check.split("$")
params = int(parts[2], 16)
N = int(math.pow(2.0, float((params >> 16 & 65535))))
r = int(params >> 8 & 255)
p = int(params & 255)
salt = base64.b64decode(parts[3])
decoded_hash = base64.b64decode(parts[4])
return decoded_hash == scrypt.hash(password, salt=salt, N=N, r=r, p=p, buflen=32)
print(verify_password("pass123", "$s0$e1010$Hcxkdy8NyRZt6hCnNsDyhQ==$KG8hw/i7zDbVtwtuJfUHlo1vw+qrshDYMq6XlfYW0rg="))