Crate yescrypt

Crate yescrypt 

Source
Expand description

§RustCrypto: yescrypt

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the yescrypt password-based key derivation function.

§About

yescrypt is a variant of the scrypt password-based key derivation function and finalist in the Password Hashing Competition. It has been adopted by several Linux distributions for the system password hashing function, including Fedora, Debian, Ubuntu, and Arch.

The algorithm is described in yescrypt - a Password Hashing Competition submission.

§⚠️ Security Warning

The implementation contained in this crate has never been independently audited!

USE AT YOUR OWN RISK!

Note that this crate is in an early stage of implementation and may contain bugs or features which do not work correctly.

§Minimum Supported Rust Version (MSRV) Policy

MSRV increases are not considered breaking changes and can happen in patch releases.

The crate MSRV accounts for all supported targets and crate feature combinations, excluding explicitly unstable features.

§License

Licensed under either of:

at your option.

§Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

§Usage

§Password Hashing

// NOTE: example requires `getrandom` feature is enabled

use yescrypt::{Yescrypt, PasswordHasher, PasswordVerifier};

let password = b"pleaseletmein"; // don't actually use this as a password!
let password_hash = Yescrypt.hash_password(password)?;
assert!(password_hash.as_str().starts_with("$y$"));

// verify password is correct for the given hash
Yescrypt.verify_password(password, &password_hash)?;

§Key Derivation Function (KDF)

let password = b"pleaseletmein"; // don't actually use this as a password!
let salt = b"WZaPV7LSUEKMo34."; // unique per password, ideally 16-bytes and random
let params = yescrypt::Params::default(); // use recommended settings

let mut output = [0u8; 32]; // can be sized as desired
yescrypt::yescrypt(password, salt, &params, &mut output)?;

Re-exports§

pub use password_hash;password-hash

Structs§

Params
yescrypt algorithm parameters.
PasswordHashpassword-hash
Password hash encoded in the Modular Crypt Format (MCF). Owned form with builder functionality.
PasswordHashRefpassword-hash
Password hash reference type for hashes encoded in the Modular Crypt Format (MCF), e.g. $<id>$....
Yescryptpassword-hash
yescrypt password hashing type which can produce and verify strings in Modular Crypt Format (MCF) which begin with $y$

Enums§

Error
Error type.
Mode
yescrypt modes: various ways yescrypt can operate.

Traits§

CustomizedPasswordHasherpassword-hash
Trait for password hashing functions which support customization.
PasswordHasherpassword-hash
High-level trait for password hashing functions.
PasswordVerifierpassword-hash
Trait for password verification.

Functions§

yescrypt
yescrypt Key Derivation Function (KDF).

Type Aliases§

Result
Result type for the yescrypt crate with its Error type.