Skip to main content

Mass Cryptography (mcrypt) CLI tool for high-speed bulk password hashing.

Project description

# mcrypt (Mass Crypto) 🚀

`mcrypt` (Mass Cryptography) is an ultra-fast, production-ready password hashing library and CLI tool built in Rust. Inspired by bcrypt, `mcrypt` is architected from the ground up to handle **mass cryptography operations**—such as handling millions of password hashes concurrently during database migrations or high-traffic authentication workloads—without choking the server.

---

## 🔥 Key Features

* **Blazing Fast Key Stretching:** Implements a hardware-accelerated SHA-256 stretching engine running over $2^{\text{rounds}}$ iterations.
* **OS-Level CSPRNG Salting:** Uses the operating system's secure entropy (`OsRng`) to generate cryptographically secure unique salts.
* **Timing-Attack Protection:** Core verification utilizes a **Constant-Time Byte Comparison** algorithm to safely mitigate side-channel timing attacks.
* **Strict Hidden Pepper:** Supports compiled internal secrets and custom application peppers to protect against database leaks.
* **Universal FFI Bindings:** Written in Rust, exportable via C-FFI to **Python, JavaScript (Node.js), C++, and Java** with zero performance overhead.
* **Production CLI Integration:** Ships as a standalone native binary utility tool for sysadmins and DevOps engineers.

---

## 📊 Standard Format Layout

`mcrypt` outputs hashes in an explicit structured string layout:

```text
$mcrypt$v3$r12$sl16$AGIDzaexHggeY8us$33a48da36f94c4c960e03...
  │      │  │   │    │                │
  │      │  │   │    └─► Secure Salt  └─► Final Hex Hash
  │      │  │   └─► Salt Length (16 bytes)
  │      │  └─► Work Factor / Rounds ($2^{12}$)
  │      └─► Core Layout Version
  └─► mcrypt Signature Identifier

🚀 Installation & Setup

🦀 Rust & CLI Installation

To install the standalone command-line tool globally on your system:

cargo install --path .

🐍 Python Installation

pip install mcrypt

🟢 Node.js Installation

npm install mcrypt-mass-crypto

Java Installation

Build the native library first, then build the Java bindings:

cargo build --release
cd bindings/java
mvn package

At runtime, make sure the native library is on java.library.path or pass an explicit JNA library name/path:

java -Dmcrypt.library=../../target/release/mcrypt_native -jar your-app.jar

🛠️ Usage Quickstart

1. Using the Command Line Interface (CLI)

Always wrap your salt strings in single quotes ('...') inside PowerShell/Terminals to prevent environment variable interpolation of the $ tokens.

# Step A: Generate a secure salt prefix (12 rounds)
$ mcrypt gensalt 12
$mcrypt$v3$r12$sl16$AGIDzaexHggeY8us

# Step B: Compute the database hash using the generated salt
$ mcrypt hash 'MyPass' '$mcrypt$v3$r12$sl16$AGIDzaexHggeY8us'
$mcrypt$v3$r12$sl16$AGIDzaexHggeY8us$33a48da36f94c4c960e03f5b051a3aa2579d2ba4489d59bfa37787b527d2e685

# Step C: Verify credentials directly from the terminal
$ mcrypt verify 'MyPass' '$mcrypt$v3$r12$sl16$AGIDzaexHggeY8us$33a48da36f94c4c960e03f5b051a3aa2579d2ba4489d59bfa37787b527d2e685'
true

2. Using in Python Applications

import mcrypt

# Generate architectural prefix
salt = mcrypt.gensalt(rounds=12)

# Commit hash to database storage
db_hash = mcrypt.hash_with_salt("KoppalGadag@2026", salt_prefix=salt)

# Inbound user verification pipeline
is_valid = mcrypt.verify("KoppalGadag@2026", db_hash)
print(f"Authentication success: {is_valid}") # Returns: True

3. Using in Java Applications

import io.github.veereshhanni.mcrypt.Mcrypt;

String salt = Mcrypt.gensalt(12);
String hash = Mcrypt.hashWithSalt("KoppalGadag@2026", salt);
boolean valid = Mcrypt.verify("KoppalGadag@2026", hash);

System.out.println("Authentication success: " + valid);

🛡️ Security Best Practices Enforced

  1. Work Factor Tuning: mcrypt strictly enforces rounds between 4 and 31. We recommend setting rounds=12 for standard applications and scaling up based on server benchmarking metrics.
  2. Memory Hardening: C-FFI layers include an explicit mcrypt_free_string controller to force memory de-allocation inside native execution boundaries, avoiding potential memory leaks across managed runtime ecosystems like Node.js and Java.

📄 License

Distributed under the MIT License. Feel free to use, distribute, and optimize.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

mcrypt_mass_crypto-0.1.0-cp312-cp312-win_amd64.whl (120.9 kB view details)

Uploaded CPython 3.12Windows x86-64

mcrypt_mass_crypto-0.1.0-cp312-cp312-manylinux_2_34_x86_64.whl (256.3 kB view details)

Uploaded CPython 3.12manylinux: glibc 2.34+ x86-64

mcrypt_mass_crypto-0.1.0-cp312-cp312-macosx_10_12_x86_64.whl (226.1 kB view details)

Uploaded CPython 3.12macOS 10.12+ x86-64

File details

Details for the file mcrypt_mass_crypto-0.1.0-cp312-cp312-win_amd64.whl.

File metadata

File hashes

Hashes for mcrypt_mass_crypto-0.1.0-cp312-cp312-win_amd64.whl
Algorithm Hash digest
SHA256 975e5a7993acdb150b16ff59ffa5f7843323695a40755326db777450f0f9d6ea
MD5 3cb7c67393777b59bb8420f8362e709e
BLAKE2b-256 5cf03665ca60831d5b93034053db72d436344bcbb8be79587a752495d5a8bd0c

See more details on using hashes here.

File details

Details for the file mcrypt_mass_crypto-0.1.0-cp312-cp312-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for mcrypt_mass_crypto-0.1.0-cp312-cp312-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 173418d69b4c8a5517a4f9c7f82742524cf2248dd38fbb196efe9faa34dd3122
MD5 597217aee4adc371834e7410c30c7182
BLAKE2b-256 a644c7d1e89b106d62e4895d0a178e3301c610000cc1c4997e3f904f4f3821a2

See more details on using hashes here.

File details

Details for the file mcrypt_mass_crypto-0.1.0-cp312-cp312-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for mcrypt_mass_crypto-0.1.0-cp312-cp312-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 66863733cd826c620b2dad99876c1847088865f6df5f11bf6725008ccccf2bd1
MD5 2fc92aa9f21e8d22c750f321ef15e80a
BLAKE2b-256 f10d3bd2469c7a9e9c3112de326836dbfd9e21f02c88a3f0d1c7dfeda9889e83

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page