rcrypt: A compact hashing and salting library

rcrypt, short for "reduced crypt" is a compact hashing and salting library based on bcrypt generating hashes that are 33.3% smaller than bcrypt (40 bytes over 60 bytes).

It was originally made for a part of Skytable's authentication system storage, but was moved into a separate library for usage in the wider Rust community. rcrypt is almost a drop-in replacement for the bcrypt crate. Here's how it works.

Usage

use rcrypt::DEFAULT_COST;
// your password
let mypass = String::from("pass123");
// hash
let hash = rcrypt::hash(&mypass, DEFAULT_COST).unwrap();
// verify
assert!(rcrypt::verify(&mypass, &hash).unwrap());

The usage remains just the same for users who use the bcrypt crate, except that the hash method returns a Vec<u8> instead of a String, while for the verify method you need to pass a &[u8] for the hash.

Getting back your bcrypt hash

If for some reason you need a String with the bcrypt hash from your rcrypt hash, you can do that too! Here's the procedure:

use rcrypt::DEFAULT_COST;
let rhash = rcrypt::hash("mypassword", DEFAULT_COST).unwrap();
// now let's get the bcrypt hash from the rcrypt hash
let bhash = rcrypt::bmcf::decode_into_mcf(&rhash).unwrap();

How it works

The smaller hash sizes result by rcrypt producing binary hashes and merging hash fields, in accordance with the BMCF spec.

• The field separators in the MCF hash are not present in hashes generated by rcrypt
• The cost and scheme fields are merged into one field
• The hashes generated by rcrypt do not use base64 which results in lesser bytes being used to store the salt+digest

Acknowledgements

• The Binary Modular Crypt Format specification by Andre DeMarre
• The original bcrypt implementation in Rust by Vincent Prouillet. The underlying bcrypt implementation used in this crate, and the public API are heavily inspired by the bcrypt crate

License

This crate is distributed under the Apache-2.0 License.