scrypt: add MCF support

.readme/Cargo.toml

@@ -9,4 +9,4 @@ publish = false
 password-hash = "0.6.0-rc.3"
 argon2 = { path = "../argon2" }
 pbkdf2 = { path = "../pbkdf2", features = ["password-hash"] }
-scrypt = { path = "../scrypt" }
+scrypt = { path = "../scrypt", features = ["phc"] }

password-auth/Cargo.toml

@@ -23,7 +23,7 @@ password-hash = { version = "0.6.0-rc.6", features = ["alloc", "getrandom", "phc
 # optional dependencies
 argon2 = { version = "0.6.0-rc.5", optional = true, default-features = false, features = ["alloc", "password-hash"] }
 pbkdf2 = { version = "0.13.0-rc.5", optional = true, default-features = false, features = ["password-hash"] }
-scrypt = { version = "0.12.0-rc.6", optional = true, default-features = false, features = ["password-hash"] }
+scrypt = { version = "0.12.0-rc.6", optional = true, default-features = false, features = ["phc"] }
 
 [features]
 default = ["argon2", "std"]

password-auth/src/lib.rs

@@ -118,7 +118,7 @@ pub fn is_hash_obsolete(hash: &str) -> Result<bool, ParseError> {
         || hash.params != default_params_string::<argon2::Params>());
 
     #[cfg(feature = "scrypt")]
-    return Ok(hash.algorithm != scrypt::ALG_ID
+    return Ok(hash.algorithm != scrypt::phc::ALG_ID
         || hash.params != default_params_string::<scrypt::Params>());
 
     #[cfg(feature = "pbkdf2")]

scrypt/Cargo.toml

@@ -20,14 +20,16 @@ sha2 = { version = "0.11.0-rc.3", default-features = false }
 rayon = { version = "1.11", optional = true }
 
 # optional dependencies
-password-hash = { version = "0.6.0-rc.6", optional = true, default-features = false, features = ["phc"] }
+mcf = { version = "0.6.0-rc.0", optional = true }
+password-hash = { version = "0.6.0-rc.6", optional = true, default-features = false }
+subtle = { version = "2", optional = true, default-features = false }
 
 [features]
-default = ["password-hash", "rayon"]
 alloc = ["password-hash?/alloc"]
 
 getrandom = ["password-hash", "password-hash/getrandom"]
-password-hash = ["dep:password-hash"]
+mcf = ["alloc", "password-hash", "dep:mcf", "dep:subtle"]
+phc = ["password-hash/phc"]
 rand_core = ["password-hash/rand_core"]
 rayon = ["dep:rayon"]
 

scrypt/src/lib.rs

@@ -27,10 +27,11 @@
 //! let password = b"hunter42"; // Bad password; don't actually use!
 //!
 //! // Hash password to PHC string ($scrypt$...)
-//! let password_hash = Scrypt.hash_password(password)?.to_string();
+//! let hash: PasswordHash = Scrypt.hash_password(password)?;
+//! let hash_string = hash.to_string();
 //!
 //! // Verify password against PHC string
-//! let parsed_hash = PasswordHash::new(&password_hash)?;
+//! let parsed_hash = PasswordHash::new(&hash_string)?;
 //! assert!(Scrypt.verify_password(password, &parsed_hash).is_ok());
 //! # Ok(())
 //! # }
@@ -58,16 +59,18 @@ pub mod errors;
 mod params;
 mod romix;
 
-#[cfg(feature = "password-hash")]
-mod phc;
+#[cfg(feature = "mcf")]
+pub mod mcf;
+#[cfg(feature = "phc")]
+pub mod phc;
 
 pub use crate::params::Params;
 
 #[cfg(feature = "password-hash")]
 pub use password_hash;
 
-#[cfg(feature = "password-hash")]
-pub use crate::phc::{ALG_ID, Scrypt};
+#[cfg(all(doc, feature = "password-hash"))]
+use password_hash::{CustomizedPasswordHasher, PasswordHasher, PasswordVerifier};
 
 /// The scrypt key derivation function.
 ///
@@ -139,3 +142,14 @@ fn romix_parallel(nr128: usize, r128: usize, n: usize, b: &mut [u8]) {
         romix::scrypt_ro_mix(chunk, &mut v, &mut t, n);
     });
 }
+
+/// scrypt password hashing type which can produce and verify strings in either the Password Hashing
+/// Competition (PHC) string format which begin with `$scrypt$`, or in Modular Crypt Format (MCF)
+/// which begin with `$7$`.
+///
+/// This is a ZST which impls traits from the [`password-hash`][`password_hash`] crate, notably
+/// the [`PasswordHasher`], [`PasswordVerifier`], and [`CustomizedPasswordHasher`] traits.
+///
+/// See the toplevel documentation for a code example.
+#[derive(Copy, Clone, Debug, Eq, PartialEq)]
+pub struct Scrypt;