From 51e535fd33e5588657ae2ae1e32c889752b90efe Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Sat, 13 Dec 2025 13:12:14 -0700 Subject: [PATCH] Rename `simple` features to `password-hash` To reflect the feature activates the integration with the `password-hash`, this renames the various `simple` features of the crates in this repo to `password-hash` instead. It also takes care of wiring up `rand_core` better. The respective `simple` modules have either been named to `mcf` or `phc` depending on which format is implemented. This will make it possible to add another module to crates that support both, e.g. `pbkdf2` and `scrypt` could both have a `mcf` module. Closes #764 --- .github/workflows/argon2.yml | 2 +- .github/workflows/scrypt.yml | 2 +- .github/workflows/sha-crypt.yml | 2 +- .readme/Cargo.toml | 2 +- Cargo.lock | 9 ++------ Cargo.toml | 2 ++ argon2/Cargo.toml | 8 +++---- argon2/src/lib.rs | 2 +- balloon-hash/Cargo.toml | 4 ++-- balloon-hash/src/params.rs | 2 +- balloon-hash/tests/balloon.rs | 2 +- password-auth/Cargo.toml | 9 ++++---- password-auth/src/errors.rs | 1 + password-auth/src/lib.rs | 16 +++++++------- pbkdf2/Cargo.toml | 6 +++--- pbkdf2/src/lib.rs | 18 ++++++++-------- pbkdf2/src/{simple.rs => phc.rs} | 6 ++++-- pbkdf2/tests/{simple.rs => phc.rs} | 7 ++++--- scrypt/Cargo.toml | 8 +++---- scrypt/src/lib.rs | 10 ++++----- scrypt/src/params.rs | 30 ++++++++++++++------------- scrypt/src/{simple.rs => phc.rs} | 0 scrypt/tests/mod.rs | 12 +++++------ sha-crypt/Cargo.toml | 7 ++++--- sha-crypt/src/errors.rs | 2 +- sha-crypt/src/lib.rs | 12 ++++++----- sha-crypt/src/{simple.rs => mcf.rs} | 4 +++- sha-crypt/tests/{simple.rs => mcf.rs} | 6 +++--- yescrypt/Cargo.toml | 5 +++-- yescrypt/src/error.rs | 2 +- yescrypt/src/lib.rs | 10 ++++----- yescrypt/src/{simple.rs => mcf.rs} | 6 ++++-- yescrypt/tests/{simple.rs => mcf.rs} | 2 +- 33 files changed, 113 insertions(+), 103 deletions(-) rename pbkdf2/src/{simple.rs => phc.rs} (98%) rename pbkdf2/tests/{simple.rs => phc.rs} (84%) rename scrypt/src/{simple.rs => phc.rs} (100%) rename sha-crypt/src/{simple.rs => mcf.rs} (98%) rename sha-crypt/tests/{simple.rs => mcf.rs} (98%) rename yescrypt/src/{simple.rs => mcf.rs} (97%) rename yescrypt/tests/{simple.rs => mcf.rs} (98%) diff --git a/.github/workflows/argon2.yml b/.github/workflows/argon2.yml index 55090b82..78285d99 100644 --- a/.github/workflows/argon2.yml +++ b/.github/workflows/argon2.yml @@ -37,7 +37,7 @@ jobs: targets: ${{ matrix.target }} - run: cargo build --target ${{ matrix.target }} --no-default-features - run: cargo build --target ${{ matrix.target }} --no-default-features --features password-hash - - run: cargo build --target ${{ matrix.target }} --no-default-features --features simple + - run: cargo build --target ${{ matrix.target }} --no-default-features --features password-hash - run: cargo build --target ${{ matrix.target }} --no-default-features --features zeroize minimal-versions: diff --git a/.github/workflows/scrypt.yml b/.github/workflows/scrypt.yml index 08308429..832ca210 100644 --- a/.github/workflows/scrypt.yml +++ b/.github/workflows/scrypt.yml @@ -35,7 +35,7 @@ jobs: toolchain: ${{ matrix.rust }} targets: ${{ matrix.target }} - run: cargo build --target ${{ matrix.target }} --no-default-features - - run: cargo build --target ${{ matrix.target }} --no-default-features --features simple + - run: cargo build --target ${{ matrix.target }} --no-default-features --features password-hash minimal-versions: # disabled until belt-block gets published diff --git a/.github/workflows/sha-crypt.yml b/.github/workflows/sha-crypt.yml index 62cc45f2..ad58aafc 100644 --- a/.github/workflows/sha-crypt.yml +++ b/.github/workflows/sha-crypt.yml @@ -35,7 +35,7 @@ jobs: toolchain: ${{ matrix.rust }} targets: ${{ matrix.target }} - run: cargo build --target ${{ matrix.target }} --no-default-features - - run: cargo build --target ${{ matrix.target }} --no-default-features --features simple + - run: cargo build --target ${{ matrix.target }} --no-default-features --features password-hash minimal-versions: if: false # disabled while using pre-releases diff --git a/.readme/Cargo.toml b/.readme/Cargo.toml index c957c27b..3fe88d6e 100644 --- a/.readme/Cargo.toml +++ b/.readme/Cargo.toml @@ -8,5 +8,5 @@ publish = false [dependencies] password-hash = "0.6.0-rc.3" argon2 = { path = "../argon2" } -pbkdf2 = { path = "../pbkdf2", features = ["simple"] } +pbkdf2 = { path = "../pbkdf2", features = ["password-hash"] } scrypt = { path = "../scrypt" } diff --git a/Cargo.lock b/Cargo.lock index c96b3dcd..50539d83 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11,7 +11,6 @@ dependencies = [ "cpufeatures", "hex-literal", "password-hash", - "phc", "rayon", "zeroize", ] @@ -30,7 +29,6 @@ dependencies = [ "digest", "hex-literal", "password-hash", - "phc", "rayon", "sha2", "zeroize", @@ -300,18 +298,17 @@ dependencies = [ "getrandom", "password-hash", "pbkdf2", - "phc", "scrypt", ] [[package]] name = "password-hash" version = "0.6.0-rc.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87dec027112bafe3cc8a4dd8072c688dbd62dec3cd4e76897f2ce809a7008aee" +source = "git+https://github.com/RustCrypto/traits#19aa016b72368f2635dfa712e9621f95e184df2a" dependencies = [ "getrandom", "phc", + "rand_core", ] [[package]] @@ -323,7 +320,6 @@ dependencies = [ "hex-literal", "hmac", "password-hash", - "phc", "sha1", "sha2", "streebog", @@ -423,7 +419,6 @@ version = "0.12.0-rc.5" dependencies = [ "password-hash", "pbkdf2", - "phc", "rayon", "salsa20", "sha2", diff --git a/Cargo.toml b/Cargo.toml index 550af354..b65310e1 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -20,3 +20,5 @@ opt-level = 2 argon2 = { path = "./argon2" } pbkdf2 = { path = "./pbkdf2" } scrypt = { path = "./scrypt" } + +password-hash = { git = "https://github.com/RustCrypto/traits" } diff --git a/argon2/Cargo.toml b/argon2/Cargo.toml index 525a0914..cbc57530 100644 --- a/argon2/Cargo.toml +++ b/argon2/Cargo.toml @@ -23,7 +23,6 @@ blake2 = { version = "0.11.0-rc.3", default-features = false } # optional dependencies rayon = { version = "1.7", optional = true } password-hash = { version = "0.6.0-rc.5", optional = true, features = ["phc"] } -phc = { version = "0.6.0-rc.0", optional = true, features = ["rand_core"] } zeroize = { version = "1", default-features = false, optional = true } [target.'cfg(any(target_arch = "x86", target_arch = "x86_64"))'.dependencies] @@ -33,12 +32,13 @@ cpufeatures = "0.2.17" hex-literal = "1" [features] -default = ["alloc", "getrandom", "simple"] +default = ["alloc", "getrandom", "password-hash"] alloc = ["password-hash?/alloc"] -getrandom = ["simple", "password-hash/getrandom"] +getrandom = ["password-hash/getrandom"] parallel = ["dep:rayon"] -simple = ["password-hash", "phc"] +password-hash = ["dep:password-hash"] +rand_core = ["password-hash/rand_core"] zeroize = ["dep:zeroize"] [lints.rust.unexpected_cfgs] diff --git a/argon2/src/lib.rs b/argon2/src/lib.rs index ac4f9e03..674e463d 100644 --- a/argon2/src/lib.rs +++ b/argon2/src/lib.rs @@ -711,7 +711,7 @@ mod tests { } #[test] - fn hash_simple_retains_configured_params() { + fn password_hash_retains_configured_params() { // Non-default but valid parameters let t_cost = 4; let m_cost = 2048; diff --git a/balloon-hash/Cargo.toml b/balloon-hash/Cargo.toml index e04fe58e..3bdd2939 100644 --- a/balloon-hash/Cargo.toml +++ b/balloon-hash/Cargo.toml @@ -19,7 +19,6 @@ crypto-bigint = { version = "0.7.0-rc.9", default-features = false, features = [ # optional dependencies password-hash = { version = "0.6.0-rc.5", optional = true, default-features = false, features = ["phc"] } -phc = { version = "0.6.0-rc.0", optional = true, features = ["rand_core"] } rayon = { version = "1.7", optional = true } zeroize = { version = "1", default-features = false, optional = true } @@ -33,7 +32,8 @@ alloc = ["password-hash/alloc"] getrandom = ["password-hash/getrandom"] parallel = ["dep:rayon"] -password-hash = ["dep:password-hash", "dep:phc"] +password-hash = ["dep:password-hash"] +rand_core = ["password-hash/rand_core"] zeroize = ["dep:zeroize"] [package.metadata.docs.rs] diff --git a/balloon-hash/src/params.rs b/balloon-hash/src/params.rs index f65d87df..215debf3 100644 --- a/balloon-hash/src/params.rs +++ b/balloon-hash/src/params.rs @@ -9,7 +9,7 @@ use { fmt::{self, Display}, str::FromStr, }, - phc::{ParamsString, PasswordHash}, + password_hash::phc::{ParamsString, PasswordHash}, }; /// Balloon password hash parameters. diff --git a/balloon-hash/tests/balloon.rs b/balloon-hash/tests/balloon.rs index 72b1db7b..34001bcc 100644 --- a/balloon-hash/tests/balloon.rs +++ b/balloon-hash/tests/balloon.rs @@ -74,7 +74,7 @@ fn test_vectors() { #[cfg(all(feature = "password-hash", feature = "alloc"))] #[test] -fn hash_simple_retains_configured_params() { +fn password_hash_retains_configured_params() { use balloon_hash::PasswordHasher; use sha2::Sha256; diff --git a/password-auth/Cargo.toml b/password-auth/Cargo.toml index 05983c69..6a195fbc 100644 --- a/password-auth/Cargo.toml +++ b/password-auth/Cargo.toml @@ -18,13 +18,12 @@ rust-version = "1.85" [dependencies] getrandom = { version = "0.3", default-features = false } -password-hash = { version = "0.6.0-rc.5", features = ["alloc", "phc"] } -phc = { version = "0.6.0-rc.0", features = ["getrandom"] } +password-hash = { version = "0.6.0-rc.5", features = ["alloc", "getrandom", "phc"] } # optional dependencies -argon2 = { version = "0.6.0-rc.4", optional = true, default-features = false, features = ["alloc", "simple"] } -pbkdf2 = { version = "0.13.0-rc.4", optional = true, default-features = false, features = ["simple"] } -scrypt = { version = "0.12.0-rc.5", optional = true, default-features = false, features = ["simple"] } +argon2 = { version = "0.6.0-rc.4", optional = true, default-features = false, features = ["alloc", "password-hash"] } +pbkdf2 = { version = "0.13.0-rc.4", optional = true, default-features = false, features = ["password-hash"] } +scrypt = { version = "0.12.0-rc.5", optional = true, default-features = false, features = ["password-hash"] } [features] default = ["argon2", "std"] diff --git a/password-auth/src/errors.rs b/password-auth/src/errors.rs index 6059d236..c5400e4e 100644 --- a/password-auth/src/errors.rs +++ b/password-auth/src/errors.rs @@ -2,6 +2,7 @@ use alloc::string::ToString; use core::fmt; +use password_hash::phc; /// Password hash parse errors. // This type has no public constructor and deliberately keeps `phc::Error` out of the public API diff --git a/password-auth/src/lib.rs b/password-auth/src/lib.rs index 5cb70024..564ec6da 100644 --- a/password-auth/src/lib.rs +++ b/password-auth/src/lib.rs @@ -28,7 +28,7 @@ pub use crate::errors::{ParseError, VerifyError}; use alloc::string::{String, ToString}; use password_hash::{ PasswordHasher, PasswordVerifier, - phc::{ParamsString, PasswordHash, Salt}, + phc::{ParamsString, PasswordHash}, }; #[cfg(not(any(feature = "argon2", feature = "pbkdf2", feature = "scrypt")))] @@ -48,26 +48,26 @@ use scrypt::Scrypt; /// Uses the best available password hashing algorithm given the enabled /// crate features (typically Argon2 unless explicitly disabled). pub fn generate_hash(password: impl AsRef<[u8]>) -> String { - let salt = Salt::generate(); - generate_phc_hash(password.as_ref(), &salt) - .map(|hash| hash.to_string()) + generate_phc_hash(password.as_ref()) + .as_ref() + .map(ToString::to_string) .expect("password hashing error") } /// Generate a PHC hash using the preferred algorithm. #[allow(unreachable_code)] -fn generate_phc_hash(password: &[u8], salt: &[u8]) -> password_hash::Result { +fn generate_phc_hash(password: &[u8]) -> password_hash::Result { // // Algorithms below are in order of preference // #[cfg(feature = "argon2")] - return Argon2::default().hash_password_with_salt(password, salt); + return Argon2::default().hash_password(password); #[cfg(feature = "scrypt")] - return Scrypt.hash_password_with_salt(password, salt); + return Scrypt.hash_password(password); #[cfg(feature = "pbkdf2")] - return Pbkdf2.hash_password_with_salt(password, salt); + return Pbkdf2.hash_password(password); } /// Verify the provided password against the provided password hash. diff --git a/pbkdf2/Cargo.toml b/pbkdf2/Cargo.toml index 3c5fd21b..1c1dd489 100644 --- a/pbkdf2/Cargo.toml +++ b/pbkdf2/Cargo.toml @@ -19,7 +19,6 @@ digest = { version = "0.11.0-rc.4", features = ["mac"] } # optional dependencies hmac = { version = "0.13.0-rc.3", default-features = false, optional = true } password-hash = { version = "0.6.0-rc.5", default-features = false, optional = true, features = ["phc"] } -phc = { version = "0.6.0-rc.0", optional = true, features = ["rand_core"] } sha1 = { version = "0.11.0-rc.3", default-features = false, optional = true } sha2 = { version = "0.11.0-rc.3", default-features = false, optional = true } @@ -33,8 +32,9 @@ belt-hash = "0.2.0-rc.3" [features] default = ["hmac"] -getrandom = ["simple", "password-hash/getrandom"] -simple = ["hmac", "dep:password-hash", "dep:phc", "sha2"] +getrandom = ["password-hash", "password-hash/getrandom"] +password-hash = ["hmac", "dep:password-hash", "sha2"] +rand_core = ["password-hash/rand_core"] [package.metadata.docs.rs] all-features = true diff --git a/pbkdf2/src/lib.rs b/pbkdf2/src/lib.rs index 87a48f59..df2470c9 100644 --- a/pbkdf2/src/lib.rs +++ b/pbkdf2/src/lib.rs @@ -48,14 +48,14 @@ //! //! ```toml //! [dependencies] -//! pbkdf2 = { version = "0.12", features = ["simple"] } +//! pbkdf2 = { version = "0.12", features = ["password-hash"] } //! rand_core = { version = "0.6", features = ["std"] } //! ``` //! //! The following example demonstrates the high-level password hashing API: //! -#![cfg_attr(feature = "simple", doc = "```")] -#![cfg_attr(not(feature = "simple"), doc = "```ignore")] +#![cfg_attr(feature = "password-hash", doc = "```")] +#![cfg_attr(not(feature = "password-hash"), doc = "```ignore")] //! # fn main() -> Result<(), Box> { //! // NOTE: example requires `getrandom` feature is enabled //! @@ -83,20 +83,20 @@ html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg" )] -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] extern crate alloc; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] pub use password_hash; -#[cfg(feature = "simple")] -mod simple; +#[cfg(feature = "password-hash")] +mod phc; #[cfg(feature = "hmac")] pub use hmac; -#[cfg(feature = "simple")] -pub use crate::simple::{Algorithm, Params, Pbkdf2}; +#[cfg(feature = "password-hash")] +pub use crate::phc::{Algorithm, Params, Pbkdf2}; use digest::{FixedOutput, InvalidLength, KeyInit, Update, typenum::Unsigned}; diff --git a/pbkdf2/src/simple.rs b/pbkdf2/src/phc.rs similarity index 98% rename from pbkdf2/src/simple.rs rename to pbkdf2/src/phc.rs index 34cc02a7..65c13890 100644 --- a/pbkdf2/src/simple.rs +++ b/pbkdf2/src/phc.rs @@ -5,8 +5,10 @@ use core::{ fmt::{self, Display, Formatter}, str::FromStr, }; -use password_hash::{CustomizedPasswordHasher, Error, PasswordHasher, Result}; -use phc::{Decimal, Ident, Output, ParamsString, PasswordHash, Salt}; +use password_hash::{ + CustomizedPasswordHasher, Error, PasswordHasher, Result, + phc::{Decimal, Ident, Output, ParamsString, PasswordHash, Salt}, +}; use sha2::{Sha256, Sha512}; #[cfg(feature = "sha1")] diff --git a/pbkdf2/tests/simple.rs b/pbkdf2/tests/phc.rs similarity index 84% rename from pbkdf2/tests/simple.rs rename to pbkdf2/tests/phc.rs index b336a37a..d8b3a486 100644 --- a/pbkdf2/tests/simple.rs +++ b/pbkdf2/tests/phc.rs @@ -1,8 +1,9 @@ -//! Tests for `password-hash` crate integration. +//! Tests for `password-hash` crate integration with Password Hashing Competition (PHC) string +//! format as the password hash serialization. //! -//! PBKDF2-SHA256 vectors adapted from: https://stackoverflow.com/a/5136918 +//! PHC PBKDF2-SHA256 vectors adapted from: https://stackoverflow.com/a/5136918 -#![cfg(feature = "simple")] +#![cfg(feature = "password-hash")] use hex_literal::hex; use pbkdf2::{Algorithm, Params, Pbkdf2, password_hash::CustomizedPasswordHasher}; diff --git a/scrypt/Cargo.toml b/scrypt/Cargo.toml index 4f08ed9d..d589cd4d 100644 --- a/scrypt/Cargo.toml +++ b/scrypt/Cargo.toml @@ -21,15 +21,15 @@ rayon = { version = "1.11", optional = true } # optional dependencies password-hash = { version = "0.6.0-rc.5", optional = true, default-features = false, features = ["phc"] } -phc = { version = "0.6.0-rc.0", optional = true, features = ["rand_core"] } [features] -default = ["simple", "rayon"] +default = ["password-hash", "rayon"] alloc = ["password-hash?/alloc"] -getrandom = ["simple", "password-hash/getrandom"] +getrandom = ["password-hash", "password-hash/getrandom"] +password-hash = ["dep:password-hash"] +rand_core = ["password-hash/rand_core"] rayon = ["dep:rayon"] -simple = ["dep:password-hash", "dep:phc"] [package.metadata.docs.rs] all-features = true diff --git a/scrypt/src/lib.rs b/scrypt/src/lib.rs index badf72ce..01e39ee4 100644 --- a/scrypt/src/lib.rs +++ b/scrypt/src/lib.rs @@ -58,16 +58,16 @@ pub mod errors; mod params; mod romix; -#[cfg(feature = "simple")] -mod simple; +#[cfg(feature = "password-hash")] +mod phc; pub use crate::params::Params; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] pub use password_hash; -#[cfg(feature = "simple")] -pub use crate::simple::{ALG_ID, Scrypt}; +#[cfg(feature = "password-hash")] +pub use crate::phc::{ALG_ID, Scrypt}; /// The scrypt key derivation function. /// diff --git a/scrypt/src/params.rs b/scrypt/src/params.rs index 0d7cfa33..50420c4d 100644 --- a/scrypt/src/params.rs +++ b/scrypt/src/params.rs @@ -1,16 +1,18 @@ use crate::errors::InvalidParams; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] use { core::{ fmt::{self, Display}, str::FromStr, }, - password_hash::Error, - phc::{Decimal, Output, ParamsString, PasswordHash}, + password_hash::{ + Error, + phc::{Decimal, Output, ParamsString, PasswordHash}, + }, }; -#[cfg(all(feature = "simple", doc))] +#[cfg(all(feature = "password-hash", doc))] use password_hash::PasswordHasher; /// The Scrypt parameter values. @@ -19,7 +21,7 @@ pub struct Params { pub(crate) log_n: u8, pub(crate) r: u32, pub(crate) p: u32, - #[cfg(feature = "simple")] + #[cfg(feature = "password-hash")] pub(crate) len: Option, } @@ -46,7 +48,7 @@ impl Params { log_n: Self::RECOMMENDED_LOG_N, r: Self::RECOMMENDED_R, p: Self::RECOMMENDED_P, - #[cfg(feature = "simple")] + #[cfg(feature = "password-hash")] len: None, }; @@ -102,7 +104,7 @@ impl Params { log_n, r: r as u32, p: p as u32, - #[cfg(feature = "simple")] + #[cfg(feature = "password-hash")] len: None, }) } @@ -116,7 +118,7 @@ impl Params { /// The allowed values for `len` are between 10 bytes (80 bits) and 64 bytes inclusive. /// These lengths come from the [PHC string format specification](https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md) /// because they are intended for use with password hash strings. - #[cfg(feature = "simple")] + #[cfg(feature = "password-hash")] pub fn new_with_output_len( log_n: u8, r: u32, @@ -174,14 +176,14 @@ impl Default for Params { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl Display for Params { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { ParamsString::try_from(self).map_err(|_| fmt::Error)?.fmt(f) } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl FromStr for Params { type Err = Error; @@ -191,7 +193,7 @@ impl FromStr for Params { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl TryFrom<&ParamsString> for Params { type Error = Error; @@ -227,7 +229,7 @@ impl TryFrom<&ParamsString> for Params { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl TryFrom<&PasswordHash> for Params { type Error = Error; @@ -248,7 +250,7 @@ impl TryFrom<&PasswordHash> for Params { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl TryFrom for ParamsString { type Error = Error; @@ -257,7 +259,7 @@ impl TryFrom for ParamsString { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl TryFrom<&Params> for ParamsString { type Error = Error; diff --git a/scrypt/src/simple.rs b/scrypt/src/phc.rs similarity index 100% rename from scrypt/src/simple.rs rename to scrypt/src/phc.rs diff --git a/scrypt/tests/mod.rs b/scrypt/tests/mod.rs index 702b703f..951f6fef 100644 --- a/scrypt/tests/mod.rs +++ b/scrypt/tests/mod.rs @@ -1,6 +1,6 @@ use scrypt::{Params, scrypt}; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] use { password_hash::{PasswordVerifier, phc::PasswordHash}, scrypt::Scrypt, @@ -83,21 +83,21 @@ fn test_scrypt() { /// Test vector from passlib: /// -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] const EXAMPLE_PASSWORD_HASH: &str = "$scrypt$ln=16,r=8,p=1$aM15713r3Xsvxbi31lqr1Q$nFNh2CVHVjNldFVKDHDlm4CbdRSCdEBsjjJxD+iCs5E"; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] #[test] -fn simple_verify_password() { +fn password_hash_verify_password() { let password = "password"; let hash = PasswordHash::new(EXAMPLE_PASSWORD_HASH).unwrap(); assert_eq!(Scrypt.verify_password(password.as_bytes(), &hash), Ok(())); } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] #[test] -fn simple_reject_incorrect_password() { +fn password_hash_reject_incorrect_password() { let hash = PasswordHash::new(EXAMPLE_PASSWORD_HASH).unwrap(); assert!(Scrypt.verify_password(b"invalid", &hash).is_err()); } diff --git a/sha-crypt/Cargo.toml b/sha-crypt/Cargo.toml index 623a7968..4e3d8d2c 100644 --- a/sha-crypt/Cargo.toml +++ b/sha-crypt/Cargo.toml @@ -26,9 +26,10 @@ password-hash = { version = "0.6.0-rc.4", optional = true, default-features = fa subtle = { version = "2", optional = true, default-features = false } [features] -default = ["simple"] -getrandom = ["password-hash/getrandom", "simple"] -simple = ["dep:mcf", "dep:password-hash", "dep:subtle"] +default = ["password-hash"] +getrandom = ["password-hash/getrandom", "password-hash"] +rand_core = ["password-hash/rand_core"] +password-hash = ["dep:mcf", "dep:password-hash", "dep:subtle"] [package.metadata.docs.rs] all-features = true diff --git a/sha-crypt/src/errors.rs b/sha-crypt/src/errors.rs index 4dcb9b4e..945cc443 100644 --- a/sha-crypt/src/errors.rs +++ b/sha-crypt/src/errors.rs @@ -29,7 +29,7 @@ impl fmt::Display for Error { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl From for password_hash::Error { fn from(err: Error) -> Self { match err { diff --git a/sha-crypt/src/lib.rs b/sha-crypt/src/lib.rs index 996bdf6d..aef7a028 100644 --- a/sha-crypt/src/lib.rs +++ b/sha-crypt/src/lib.rs @@ -33,18 +33,20 @@ extern crate alloc; mod errors; mod params; -#[cfg(feature = "simple")] -mod simple; + +#[cfg(feature = "password-hash")] +mod mcf; pub use crate::{ errors::{Error, Result}, params::Params, }; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] pub use { - crate::simple::{SHA256_CRYPT, SHA512_CRYPT, ShaCrypt, ShaCryptCore}, - mcf::{self, PasswordHash}, + crate::mcf::{ + PasswordHash, PasswordHashRef, SHA256_CRYPT, SHA512_CRYPT, ShaCrypt, ShaCryptCore, + }, password_hash::{self, CustomizedPasswordHasher, PasswordHasher, PasswordVerifier}, }; diff --git a/sha-crypt/src/simple.rs b/sha-crypt/src/mcf.rs similarity index 98% rename from sha-crypt/src/simple.rs rename to sha-crypt/src/mcf.rs index 37daeab1..07297859 100644 --- a/sha-crypt/src/simple.rs +++ b/sha-crypt/src/mcf.rs @@ -1,9 +1,11 @@ //! Implementation of the `password-hash` crate API. +pub use mcf::{PasswordHash, PasswordHashRef}; + use crate::{BLOCK_SIZE_SHA256, BLOCK_SIZE_SHA512, Params, sha256_crypt, sha512_crypt}; use base64ct::{Base64ShaCrypt, Encoding}; use core::{marker::PhantomData, str::FromStr}; -use mcf::{Base64, PasswordHash, PasswordHashRef}; +use mcf::Base64; use password_hash::{ CustomizedPasswordHasher, Error, PasswordHasher, PasswordVerifier, Result, Version, }; diff --git a/sha-crypt/tests/simple.rs b/sha-crypt/tests/mcf.rs similarity index 98% rename from sha-crypt/tests/simple.rs rename to sha-crypt/tests/mcf.rs index 4225bc22..ef6a89ed 100644 --- a/sha-crypt/tests/simple.rs +++ b/sha-crypt/tests/mcf.rs @@ -1,4 +1,4 @@ -#![cfg(feature = "simple")] +#![cfg(feature = "password-hash")] use base64ct::{Base64ShaCrypt, Encoding}; use mcf::PasswordHash; @@ -195,7 +195,7 @@ fn verify_sha512_crypt() { ); } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] #[test] fn test_sha256_wrong_id() { let passwd = b"foobar"; @@ -206,7 +206,7 @@ fn test_sha256_wrong_id() { assert_eq!(res, Err(Error::Algorithm)); } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] #[test] fn test_sha512_wrong_id() { let passwd = b"foobar"; diff --git a/yescrypt/Cargo.toml b/yescrypt/Cargo.toml index 4670554a..32c4b367 100644 --- a/yescrypt/Cargo.toml +++ b/yescrypt/Cargo.toml @@ -29,8 +29,9 @@ hex-literal = "1" [features] default = ["getrandom"] -getrandom = ["simple", "password-hash/getrandom"] -simple = ["dep:mcf", "dep:password-hash"] +getrandom = ["password-hash", "password-hash/getrandom"] +rand_core = ["password-hash/rand_core"] +password-hash = ["dep:mcf", "dep:password-hash"] [package.metadata.docs.rs] all-features = true diff --git a/yescrypt/src/error.rs b/yescrypt/src/error.rs index afeeddae..60f9918e 100644 --- a/yescrypt/src/error.rs +++ b/yescrypt/src/error.rs @@ -37,7 +37,7 @@ impl From for Error { } } -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] impl From for password_hash::Error { fn from(err: Error) -> Self { match err { diff --git a/yescrypt/src/lib.rs b/yescrypt/src/lib.rs index 6a11d8a1..35df40ba 100644 --- a/yescrypt/src/lib.rs +++ b/yescrypt/src/lib.rs @@ -68,22 +68,22 @@ mod mode; mod params; mod pwxform; mod salsa20; -#[cfg(feature = "simple")] -mod simple; mod smix; mod util; +#[cfg(feature = "password-hash")] +mod mcf; + pub use crate::{ error::{Error, Result}, mode::Mode, params::Params, }; -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] pub use { - mcf::{PasswordHash, PasswordHashRef}, + crate::mcf::{PasswordHash, PasswordHashRef, Yescrypt}, password_hash::{self, CustomizedPasswordHasher, PasswordHasher, PasswordVerifier}, - simple::Yescrypt, }; use alloc::vec; diff --git a/yescrypt/src/simple.rs b/yescrypt/src/mcf.rs similarity index 97% rename from yescrypt/src/simple.rs rename to yescrypt/src/mcf.rs index 53fa9c21..b1ba9e5a 100644 --- a/yescrypt/src/simple.rs +++ b/yescrypt/src/mcf.rs @@ -1,14 +1,16 @@ //! Implementation of the `password-hash` crate API. +pub use mcf::{PasswordHash, PasswordHashRef}; + use crate::{Params, yescrypt}; use alloc::vec; -use mcf::{Base64, PasswordHash, PasswordHashRef}; +use mcf::Base64; use password_hash::{ CustomizedPasswordHasher, Error, PasswordHasher, PasswordVerifier, Result, Version, }; /// Identifier for yescrypt when encoding to the Modular Crypt Format, i.e. `$y$` -#[cfg(feature = "simple")] +#[cfg(feature = "password-hash")] const YESCRYPT_MCF_ID: &str = "y"; /// Base64 variant used by yescrypt. diff --git a/yescrypt/tests/simple.rs b/yescrypt/tests/mcf.rs similarity index 98% rename from yescrypt/tests/simple.rs rename to yescrypt/tests/mcf.rs index 0b25bc1f..7ffee85f 100644 --- a/yescrypt/tests/simple.rs +++ b/yescrypt/tests/mcf.rs @@ -1,6 +1,6 @@ //! Tests for encoding password hash strings in Modular Crypt Format (MCF). -#![cfg(feature = "simple")] +#![cfg(feature = "password-hash")] #![allow(non_snake_case)] use yescrypt::{