sha-crypt: switch from rand to rand_core#720
Merged
Conversation
tarcieri
force-pushed
the
sha-crypt/use-rand_core
branch
from
7dc1466 to
4da22c1
Compare
Replaces the use of `Distribution` by first filling a buffer with random bytes, then encoding it as Base64. It seems the Base64 encoding is directly consumed by the algorithm, or otherwise it would probably make sense to convert all usages of `salt` to be raw bytes. That warrants further investigation.
tarcieri
force-pushed
the
sha-crypt/use-rand_core
branch
from
4da22c1 to
1451d8e
Compare
Merged
tarcieri
added a commit
that referenced
this pull request
Apr 21, 2026
## Added - Implement `core::error::Error` for error types (#719) - Implement the `password-hash` crate traits (#771, #779, #806) - Dynamic `Algorithm` support (#800) - `Params` customization for `ShaCrypt` type (#801) - `ShaCrypt::SHA256` and `ShaCrypt::SHA512` (#813) - `no_alloc` support (#894) ## Changed - `rounds` parameter is now `u32` (#500) - Make hashing infallible (#500) - Bump edition to 2024; MSRV 1.85 (#563) - Switch from `rand` to `rand_core` (#720) - Use `mcf` crate for implementing Modular Crypt Format (#726, #842) - Unify `Params` type (#772) - Rename `simple` feature to `password-hash` (#776) - Migrate from `subtle` to `ctutils` (#845) - Bump `password-hash` dependency to v0.6 (#848) - Bump `sha2` to v0.11 (#872) ## Removed - `std` feature (#719)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replaces the use of
Distributionby first filling a buffer with random bytes, then encoding it as Base64.It seems the Base64 encoding is directly consumed by the algorithm, or otherwise it would probably make sense to convert all usages of
saltto be raw bytes. That warrants further investigation.