Expand description

rcrypt: A compact hashing and salting library based on bcrypt with smaller hashes

rcrypt, short for “reduced crypt” is a more compact alternative to bcrypt, generating hashes that are 33.3% smaller (40 bytes vs 60 bytes) than bcrypt.

To achieve this, rcrypt merges fields of the hash and encodes the salt+digest into binary, in accordance with the BMCF specification. Read more here.

This is a very simple example that you can use for conveniently hashing and salting passwords:

let password = String::from("pass123");
let hash = rcrypt::hash(&password, rcrypt::DEFAULT_COST).unwrap();
assert!(rcrypt::verify(&password, &hash).unwrap());

Migrating from bcrypt

To migrate from bcrypt, simply keep this in mind: the returned hash is a Vec<u8> instead of a String, since rcrypt returns hashes with binary data. Similary, to verify a hash, you’ll have to pass the password as usual but the hash passed must be a &[u8], corresponding to the binary hash that rcrypt generates.

The rest remains unchanged.

Getting back your bcrypt hash

If for some reason you need a String with the bcrypt hash, you can do that too! Here’s the procedure:

use rcrypt::DEFAULT_COST;
let rhash = rcrypt::hash("mypassword", DEFAULT_COST).unwrap();
// now let's get the bcrypt hash from the rcrypt hash
let bhash = rcrypt::bmcf::decode_into_mcf(&rhash).unwrap();

Modules

MCF/BMCF tools

Enums

Errors that can result when hashing, salting, verifying, compressing or decompressing rcrypt hashes

Constants

The default hash cost

Functions

Hash and salt the provided password with the given cost. If you don’t know which cost to use, use the DEFAULT_COST. The OS randomness is used to generate the salt

Hash and salt the provided password with the given cost and salt. If you don’t know which cost to use, use the DEFAULT_COST

Verify if the provided password is correct using the provided hash

Type Definitions

A generic result for the rcrypt library