I am trying to port a python script that use scrypt to generate a password.
import pylibscrypt
scrypt = pylibscrypt.scrypt
password = 'test123'.encode("utf_16_be", "replace")
salt = '384eaed91035763e'.decode('hex')
key = scrypt(password, salt, 16384, 8, 1, 32)
print (key.encode('hex'))
Result should be: 9f2117416c7b2de9419a81c4625a28e40c16ac92aaa3000bb2c35844b3839eb1
In C, I use libsodium crypto_pwhash_scryptsalsa208sha256_ll() function.
If I try to pass the password from that variable:
const uint8_t password[] = "test123";
I am not getting the same key. I tried to remove ".encode("utf_16_be", "replace")" from the python script and then I get the same result.
So how can I convert my C variable to be the same as the python variable?
EDIT: The original software is in Java and seems to encode strings as UTF-16 big endian. Now I need to encode a C string to the same format.
I found a solution inspired from: Create UTF-16 string from char*
size_t uint8_t_UTF_16(uint8_t *input, uint8_t *output, size_t inlen) {
size_t outlen = 0.0;
for (size_t i = 0; i < inlen; i++) {
if (isascii(input[i])) {
output[i] = 0;
output[i + 1] = input[i / 2];
i++;
outlen += 2;
} else {
output[i] = input[i];
outlen += 0.5;
}
}
return outlen;
}
It does work but I'm not sure that this solution is safe.