password-hash: add rand_core feature (#2126)

tarcieri · web-flow · commit 19aa016b7236 · 2025-12-13T08:36:56.000-07:00
Adds a `PasswordHash::hash_password_with_rng` method gated on the
`rand_core` feature which uses a `TryCryptoRng` to generate a random
salt, analogous to the `getrandom`-based `PasswordHash::hash_password`.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/password-hash/Cargo.toml b/password-hash/Cargo.toml
@@ -19,10 +19,12 @@ as well as a `no_std`-friendly implementation of the PHC string format
 [dependencies]
 getrandom = { version = "0.3", optional = true, default-features = false }
 phc = { version = "0.6.0-rc.0", optional = true, default-features = false }
+rand_core = { version = "0.10.0-rc-2", optional = true, default-features = false }
 
 [features]
 alloc = ["phc?/alloc"]
 getrandom = ["dep:getrandom", "phc?/getrandom"]
+rand_core = ["dep:rand_core", "phc?/rand_core"]
 
 [package.metadata.docs.rs]
 all-features = true
diff --git a/password-hash/src/lib.rs b/password-hash/src/lib.rs
@@ -36,6 +36,9 @@ pub use crate::error::{Error, Result};
 #[cfg(feature = "phc")]
 pub use phc;
 
+#[cfg(feature = "rand_core")]
+pub use rand_core::{self, TryCryptoRng};
+
 /// DEPRECATED: import this as `password_hash::phc::PasswordHash`.
 #[cfg(feature = "phc")]
 #[deprecated(
@@ -71,7 +74,7 @@ pub type Version = u32;
 /// > over exactly 16 bytes). 16 bytes encode as 22 characters in B64.
 ///
 /// [PHC string format specification]: https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md#function-duties
-#[cfg(feature = "getrandom")]
+#[cfg(any(feature = "getrandom", feature = "rand_core"))]
 const RECOMMENDED_SALT_LEN: usize = 16;
 
 /// High-level trait for password hashing functions.
@@ -95,6 +98,21 @@ pub trait PasswordHasher<H> {
         getrandom::fill(&mut salt).map_err(|_| Error::Crypto)?;
         self.hash_password_with_salt(password, &salt)
     }
+
+    /// Compute the hash `H` from the given password, potentially using configuration stored in
+    /// `&self` for the parameters, or otherwise the recommended defaults.
+    ///
+    /// A large random salt will be generated automatically from the provided RNG.
+    #[cfg(feature = "rand_core")]
+    fn hash_password_with_rng<R: TryCryptoRng + ?Sized>(
+        &self,
+        rng: &mut R,
+        password: &[u8],
+    ) -> Result<H> {
+        let mut salt = [0u8; RECOMMENDED_SALT_LEN];
+        rng.try_fill_bytes(&mut salt).map_err(|_| Error::Crypto)?;
+        self.hash_password_with_salt(password, &salt)
+    }
 }
 
 /// Trait for password hashing functions which support customization.
