diff --git a/Cargo.toml b/Cargo.toml index 99b495f..86396da 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rcrypt" -version = "0.4.0-alpha.1" +version = "0.4.0" edition = "2021" authors = ["Sayan Nandan "] license = "Apache-2.0" diff --git a/README.md b/README.md index d4ba9eb..19cefb0 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,18 @@ assert!(rcrypt::verify(&mypass, &hash).unwrap()); The usage remains just the same for users who use the [bcrypt](https://crates.io/crates/bcrypt) crate, except that the `hash` method returns a `Vec` instead of a `String`, while for the `verify` method you need to pass a `&[u8]` for the hash. +## Getting back your bcrypt hash + +If for some reason you need a `String` with the bcrypt hash from your rcrypt hash, you can do that too! +Here's the procedure: + +```rust +use rcrypt::DEFAULT_COST; +let rhash = rcrypt::hash("mypassword", DEFAULT_COST).unwrap(); +// now let's get the bcrypt hash from the rcrypt hash +let bhash = rcrypt::bmcf::decode_into_mcf(&rhash).unwrap(); +``` + ## How it works The smaller hash sizes result by `rcrypt` producing binary hashes and merging hash fields, in accordance diff --git a/src/algorithms.rs b/src/algorithms.rs index 91630e4..74bc0d0 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -156,12 +156,12 @@ fn rcrypt_genhash(password: &[u8], cost: u32, salt: &[u8]) -> RcryptResult 72 to 71, because we need to also add the NULL terminator // due to a bug with C bcrypt impls (see: https://go-review.googlesource.com/c/crypto/+/177818) let trunc_password = if password.len() > 72 { - &password[..71] + &password[..72] } else { &password }; // generate the null terminated password - let mut null_terminated_password = Vec::with_capacity(password.len() + 1); + let mut null_terminated_password = Vec::with_capacity(trunc_password.len() + 1); null_terminated_password.extend(trunc_password); null_terminated_password.push(0); // this is the output digest diff --git a/src/lib.rs b/src/lib.rs index b55aa4d..271c6c5 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -40,6 +40,16 @@ //! //! The rest remains unchanged. //! +//! ## Getting back your bcrypt hash +//! +//! If for some reason you need a [`String`] with the bcrypt hash, you can do that too! +//! Here's the procedure: +//! ``` +//! use rcrypt::DEFAULT_COST; +//! let rhash = rcrypt::hash("mypassword", DEFAULT_COST).unwrap(); +//! // now let's get the bcrypt hash from the rcrypt hash +//! let bhash = rcrypt::bmcf::decode_into_mcf(&rhash).unwrap(); +//! ``` /// The default hash cost pub const DEFAULT_COST: u32 = 12;