Significant changes since 1.2.1:
* In addition to the scrypt command-line utility, a library "libscrypt-kdf"
can now be built and installed by passing the --enable-libscrypt-kdf option
to configure.
* On x86 CPUs which support them, RDRAND and SHA extensions are used to
provide supplemental entropy and speed up hash computations respectively.
* When estimating the amount of available RAM, scrypt ignores RLIMIT_DATA on
systems which have mmap.
* A new command "scrypt info encfile" prints information about an encrypted
file without decrypting it.
Significant changes since 1.2.0:
* A new -v option instructs scrypt to print the key derivation parameters
it has selected.
* A new --version option prints the version number of the scrypt utility.
* A new -P option make scrypt read the passphrase from standard input; this
is designed for scripts which pipe a passphrase in from elsewhere.
* A new -f option makes 'scrypt dec' ignore the amount of memory or CPU time
it thinks decrypting a file will take, and proceed anyway; this may be useful
in cases where scrypt's estimation is wrong.
* The '-M maxmem' option now accepts "humanized" inputs, e.g., "-M 1GB".
There are also a variety of less visible changes: Performance improvements
in the SHA256 routines, minor bug and compiler warning fixes, the addition
of a test suite, and some minor code reorganization.
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Significant changes since 1.1.6:
* You can now specify "-" as the input file, meaning standard input.
* Lots and lots of code reorganization, including changes to the build system.
* scrypt now consults the hw.memsize sysctl on relevant platforms to figure
out how much memory is available. (This should help on OS X.)
* scrypt now detects and uses AESNI instructions for encryption/decryption.
* scrypt now detects and uses SSE2 instructions automatically (and thus there
is no longer an --enable-sse2 option to the configure script).
of the scrypt key derivation function. On modern hardware and with default
parameters, the cost of cracking the password on a file encrypted by scrypt
enc is approximately 100 billion times more than the cost of cracking the
same password on a file encrypted by openssl enc; this means that a five-
character password using scrypt is stronger than a ten-character password
using openssl
