PBKDF2 not matching between Python and Javascript libraries

Question

Using password "password", salt "1234567812345678" 100 repetitions, 128-bit result

http://bitwiseshiftleft.github.com/sjcl/demo/ is a javascript implementation, gives result A374FF6A12280F020162A62A9B3212AA

http://matt.ucc.asn.au/src/pbkdf2.py is a python implementation gives result 89FBE50AF230BD273076AA9BC9F1142A

Why are they different, if PBKDF2 is a standard that they both implement?

Answer 1

It appears SJCL uses SHA-256, whereas the Python implementation defaults to SHA-1.

These are different hashes which can be used inside PBKDF#2, and as such will lead to different results.

PBKDF#2 is an algorithm, but does not specify the exact makeup of its internals.