Expand description
§rcrypt: A compact hashing and salting library based on bcrypt with smaller hashes
rcrypt
, short for “reduced crypt” is a more compact alternative to bcrypt,
generating hashes that are 33.3% smaller (40 bytes vs 60 bytes) than bcrypt.
To achieve this, rcrypt merges fields of the hash and encodes the salt+digest into binary, in accordance with the BMCF specification. Read more here.
This is a very simple example that you can use for conveniently hashing and salting passwords:
let password = String::from("pass123");
let hash = rcrypt::hash(&password, rcrypt::DEFAULT_COST).unwrap();
assert!(rcrypt::verify(&password, &hash).unwrap());
§Migrating from bcrypt
To migrate from bcrypt, simply keep this in mind: the returned hash is a Vec<u8>
instead of a String
, since rcrypt
returns hashes with binary data.
Similary, to verify a hash, you’ll have to pass the password as usual but the hash
passed must be a &[u8]
, corresponding to the binary hash that rcrypt generates.
The rest remains unchanged.
§Getting back your bcrypt hash
If for some reason you need a String
with the bcrypt hash, you can do that too!
Here’s the procedure:
use rcrypt::DEFAULT_COST;
let rhash = rcrypt::hash("mypassword", DEFAULT_COST).unwrap();
// now let's get the bcrypt hash from the rcrypt hash
let bhash = rcrypt::bmcf::decode_into_mcf(&rhash).unwrap();
Modules§
- bmcf
- MCF/BMCF tools
Enums§
- Rcrypt
Error - Errors that can result when hashing, salting, verifying, compressing
or decompressing
rcrypt
hashes
Constants§
- DEFAULT_
COST - The default hash cost
Functions§
- hash
- Hash and salt the provided password with the given cost. If you don’t know
which cost to use, use the
DEFAULT_COST
. The OS randomness is used to generate the salt - hash_
with_ salt - Hash and salt the provided password with the given cost and salt. If you don’t know
which cost to use, use the
DEFAULT_COST
- verify
- Verify if the provided password is correct using the provided hash
Type Aliases§
- Rcrypt
Result - A generic result for the rcrypt library