0

I need to probe if a given String matches a scrypt key.

Some examples that need to match:

$s0$e0801$epIxT/h6HbbwHaehFnh/bw==$7H0vsXlY8UxxyW/BWx/9GuY7jEvGjT71GFd6O4SZND0=
$s0$100808$6McCjsQBpcCShLWq4nl3gg==$gs+Tz5DLGCDtYHGpIkP4i3EDpufBzsEGvoXzegkO5cU=

I use Javas String.matches function.

The description of the Keys is like this: Basic form: $s0$params$salt$key The values stand for:

  • s0 - version 0 of the format with 128-bit salt and 256-bit derived key
  • params - 32-bit hex integer containing log2(N) (16 bits), r (8 bits), and p (8 bits)
  • salt - base64-encoded salt
  • key - base64-encoded derived key
Angelo Fuchs
  • 9,825
  • 1
  • 35
  • 72

1 Answers1

2

This is the best I could come up with. Any better answer is greatly appreciated.

Java:
String match = "^\\$s0\\$[0-9a-f]{5,6}\\$[a-zA-Z0-9/+]+[=]*\\$[a-zA-Z0-9/+]+[=]*$"

General:
^\$s0\$[0-9a-f]{5,6}\$[a-zA-Z0-9/+]+[=]*\$[a-zA-Z0-9/+]+[=]*$
Angelo Fuchs
  • 9,825
  • 1
  • 35
  • 72
  • 1
    Depends on how precise you want to be. Since the salt and key lengths are known, you could verify that the correct number of characters are present for each. Also, the specification allows up to 8 characters for `params`, even though this is not possible in practice. `^\$s0\$[0-9a-f]{5,8}\$[a-zA-Z0-9/+]{22}[a-zA-Z0-9/+=]{2}\$[a-zA-Z0-9/+]{42}[a-zA-Z0-9/+=]{2}$` – Rand Aug 31 '16 at 14:56
  • @Rand That looks great, could you make it into an answer? – Angelo Fuchs Sep 01 '16 at 08:30