PDT encrypted file: ::
$ crypto.py scrypt foo -i some-file.pdtcrypt
- {"scrypt_params": {"r": 8, "dkLen": 16, "p": 1, "N": 65536}, "hash": "b'c2941dfc6e3e65e8e887f1702b1091a3'", "salt": "b'd270b03100d187e2c946610d7b7f7e5f'"}
+ {"paramversion": 1, "salt": "Cqzbk48e3peEjzWto8D0yA==", "key": "JH9EkMwaM4x9F5aim5gK/Q=="}
The computed 16 byte key is given in hexadecimal notation in the value to
``hash`` and can be fed into Python’s ``binascii.unhexlify()`` to obtain the
# scrypt hashing output control
PDTCRYPT_SCRYPT_INTRANATOR = 0
PDTCRYPT_SCRYPT_PARAMETERS = 1
+PDTCRYPT_SCRYPT_DEFAULT = PDTCRYPT_SCRYPT_INTRANATOR
PDTCRYPT_SCRYPT_FORMAT = \
{ "i2n" : PDTCRYPT_SCRYPT_INTRANATOR
insspec = None
outsspec = None
nacl = None
- scrypt_format = None
+ scrypt_format = PDTCRYPT_SCRYPT_DEFAULT
argvi = iter (argv)
SELF = os.path.basename (next (argvi))
# decrypt outer archive layer with crypto.py
assert os.path.exists("sample.tar.gz.pdtcrypt")
- with subprocess.Popen ( [ "python3", "./deltatar/crypto.py"
- , "scrypt", "-i", "sample.tar.gz.pdtcrypt" ]
+ with subprocess.Popen ( [ "python3", "./deltatar/crypto.py", "scrypt"
+ , "-f", "params"
+ , "-i", "sample.tar.gz.pdtcrypt" ]
, env={ "PDTCRYPT_PASSWORD" : pw }
, stdout=subprocess.PIPE
) as p:
info = json.loads (raw)
assert nacl == binascii.unhexlify (info ["salt"])
- key = binascii.unhexlify (info ["hash"])
+ key = binascii.unhexlify (info ["key"])
kdf = crypto.kdf_by_version (1)
assert key, nacl == kdf (pw.encode (), nacl)