password-hash: error handling problems #547
Labels
Comments
tarcieri
added a commit
that referenced
this issue
Apr 25, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547) - TBD
tarcieri
added a commit
that referenced
this issue
Apr 25, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547) - TBD
tarcieri
added a commit
that referenced
this issue
Apr 28, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow specifying output length and version with params (#505) - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547)
tarcieri
added a commit
that referenced
this issue
Apr 28, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow specifying output length and version with params (#505) - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547)
tarcieri
added a commit
that referenced
this issue
Apr 28, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow specifying output length and version with params (#505) - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547)
tarcieri
added a commit
that referenced
this issue
Apr 28, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow specifying output length and version with params (#505) - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547)
tarcieri
added a commit
that referenced
this issue
Apr 28, 2021
This commit contains a set of breaking changes intended to be released as part of `password-hash` v0.2, addressing a number of currently open issues about the crate discovered when integrating it into the crates in the https://github.com/RustCrypto/password-hashes repo. This includes: - Allow specifying output length and version with params (#505) - Allow passing `&str`, `&Salt`, or `&SaltString` as salt (#529) - Simplify error handling (#547)
|
Fixed in #615 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current error handling situation in the
password-hashcrate seems both overcomplicated and has other issues which limit the ability to easily map between error types in important scenarios.This actually ended up indirectly leading to a panic in the
argon2crate (RustCrypto/password-hashes#135) due to anunimplemented!()macro triggered by an unexpected error when an appropriate conversion wasn't possible.Looking at that issue and the comments I brought up, here are some high-level concerns it raised:
HasherErrordoes not have a way to provide salt-related errors (this is a result of some refactoring work where salt-related error types were lost)password_hash::Output::init_withAPI is problematic because it uses a closure and mandates the use ofOutputErrorfrom that closure. It could perhaps be improved by being generic over the error type, since in practical contexts a user will almost always wantHasherError, but in other cases may want a concrete crate-level error type. Another solution might be to find a way to avoid using a closure entirely.The text was updated successfully, but these errors were encountered: