Re: scrypt API question

[Colin Percival <cperciva@tarsnap.com>]

On 06/11/11 10:56, Ron Garret wrote:
> I have a question about the scrypt API. Scrypt is advertised as a secure key
> derivation function, but the reference implementation API is a full file
> encryption API with the actual scrypt key derivation function buried deep
> inside it and not easily accessible.  Is there a reason for this?  The extra
> complexity from the encryption step seems like an unnecessary complication if
> the application is password hashing.  Why not make the key derivation
> function directly accessible like, say, bcrypt does?

I wanted to provide code which was immediately useful to users rather than
only developers.  The scrypt library code is under /lib/crypto and /lib/util,
and the interface is in /lib/crypto/crypto_scrypt.h:

/**
 * crypto_scrypt(passwd, passwdlen, salt, saltlen, N, r, p, buf, buflen):
 * Compute scrypt(passwd[0 .. passwdlen - 1], salt[0 .. saltlen - 1], N, r,
 * p, buflen) and write the result into buf.  The parameters r, p, and buflen
 * must satisfy r * p < 2^30 and buflen <= (2^32 - 1) * 32.  The parameter N
 * must be a power of 2 greater than 1.
 *
 * Return 0 on success; or -1 on error.
 */
int crypto_scrypt(const uint8_t *, size_t, const uint8_t *, size_t, uint64_t,
    uint32_t, uint32_t, uint8_t *, size_t);

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid