It is kinda cute, but one should just use a dummy file. The format saved, IIRC, is an HMACed scrypt hash and salt, followed by the encrypted contents of the file.
Kevin On Nov 15, 2013 8:34 AM, "Laurens Van Houtven" <[email protected]> wrote: > Hi! > > > I'm e-mailing this on behalf of PyCA. We're a group of Python hackers > trying to improve the state of cryptographic libraries in Python, and > trying to provide APIs that people can't get wrong. (The current state is > that some of the libraries aren't great, and the APIs are way too low > level.) > > I was wondering if the canonical way to use scrypt as a KDF, particularly > for purposes of password storage) is documented anywhere. The big > implementation right now for Python suggests writing one using enc/dec > functions (so the file encryption thing that is included in the tarball as > a demo), but that seems kind of orthogonal to the actual key derivation > part :) > > cheers and thanks in advance > lvh >
