Skip to content

password-hash: add rand_core feature #2126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
tarcieri merged 1 commit into from
Dec 13, 2025
Merged

password-hash: add rand_core feature #2126

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions password-hash/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,12 @@ as well as a `no_std`-friendly implementation of the PHC string format
[dependencies]
getrandom = { version = "0.3", optional = true, default-features = false }
phc = { version = "0.6.0-rc.0", optional = true, default-features = false }
rand_core = { version = "0.10.0-rc-2", optional = true, default-features = false }

[features]
alloc = ["phc?/alloc"]
getrandom = ["dep:getrandom", "phc?/getrandom"]
rand_core = ["dep:rand_core", "phc?/rand_core"]

[package.metadata.docs.rs]
all-features = true
20 changes: 19 additions & 1 deletion password-hash/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@ pub use crate::error::{Error, Result};
#[cfg(feature = "phc")]
pub use phc;

#[cfg(feature = "rand_core")]
pub use rand_core::{self, TryCryptoRng};

/// DEPRECATED: import this as `password_hash::phc::PasswordHash`.
#[cfg(feature = "phc")]
#[deprecated(
Expand Down Expand Up @@ -71,7 +74,7 @@ pub type Version = u32;
/// > over exactly 16 bytes). 16 bytes encode as 22 characters in B64.
///
/// [PHC string format specification]: https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md#function-duties
#[cfg(feature = "getrandom")]
#[cfg(any(feature = "getrandom", feature = "rand_core"))]
const RECOMMENDED_SALT_LEN: usize = 16;

/// High-level trait for password hashing functions.
Expand All @@ -95,6 +98,21 @@ pub trait PasswordHasher<H> {
getrandom::fill(&mut salt).map_err(|_| Error::Crypto)?;
self.hash_password_with_salt(password, &salt)
}

/// Compute the hash `H` from the given password, potentially using configuration stored in
/// `&self` for the parameters, or otherwise the recommended defaults.
///
/// A large random salt will be generated automatically from the provided RNG.
#[cfg(feature = "rand_core")]
fn hash_password_with_rng<R: TryCryptoRng + ?Sized>(
&self,
rng: &mut R,
password: &[u8],
) -> Result<H> {
let mut salt = [0u8; RECOMMENDED_SALT_LEN];
rng.try_fill_bytes(&mut salt).map_err(|_| Error::Crypto)?;
self.hash_password_with_salt(password, &salt)
}
}

/// Trait for password hashing functions which support customization.
Expand Down