Skip to content

Document error kinds and remove dead BcryptError::Io branch #93

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
goto-bus-stop wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Document error kinds and remove dead BcryptError::Io branch #93

goto-bus-stop wants to merge 3 commits into from

Conversation

@goto-bus-stop
Copy link

@goto-bus-stop goto-bus-stop commented Dec 10, 2025

Hi! I was looking into how I should best handle the errors returned by bcrypt in my web service. I especially wasn't sure what conditions some errors could be raised under.

This PR documents whether errors can happen during hashing or verification, so users can more easily decide what they want to do with the different error cases.

Additionally, the BcryptError::Io branch appears to be unused, so I suggest removing it outright 😇

@goto-bus-stop
Delete unused BcrypError::Io variant
7c6d458 
While looking at how best to handle this error, I found that it's
actually not used.
@goto-bus-stop
Document when the errors can occur
1bb100c
goto-bus-stop
goto-bus-stop commented Dec 10, 2025
View reviewed changes
src/errors.rs
Comment on lines +17 to +18
/// Cost is provided as an argument to hashing functions, and extracted from the hash in
/// verification functions.
Copy link
Author

@goto-bus-stop goto-bus-stop Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I pointed out where the cost value comes from because if this error is raised from bcrypt::hash(), it was actually a programmer error, and if you have a hardcoded cost you can just handle that branch with unreachable!(). But during verification it means the hash was malformed which is something you have to deal with always.

Keats
Keats reviewed Dec 11, 2025
View reviewed changes
src/errors.rs Outdated
InvalidHash(String),
/// Raised when verifying against an incorrectly formatted hash.
InvalidSaltLen(usize),
/// Raised when verifying against an incorrectly formatted hash.
Copy link
Owner

@Keats Keats Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All those different errors mapping to the same thing makes me thing it should probably a single error with details in the string

Copy link
Author

@goto-bus-stop goto-bus-stop Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorta thought the same while doing it, I think as a user you wouldn't do different things for these different branches. I didn't change it already because they have different data inside the branch (like the length of the salt for InvalidSaltLen, but that might also not be that useful. I'll change it to a single branch later today so you can see if you like it :)

@goto-bus-stop
Copy link
Author

goto-bus-stop commented Dec 11, 2025
edited
Loading

In the latest commit I've changed the errors that can occur when parsing a hash for verification to be &'static strs. This does mean they have less information than before, but I think in most cases that information was not really actionable for a user to begin with; they just need to know "the hash is malformed", it's not something that you would recover from differently depending on if it's the salt length or the hash base64 that's incorrect.

@tarcieri
Copy link

tarcieri commented Dec 11, 2025

FWIW I recently revamped the error type in the password-hash crate, and also added a variant with &'static str for tracking which field in the params was invalid: https://docs.rs/password-hash/0.6.0-rc.4/password_hash/enum.Error.html

That's trying to be a sort of universal error type for this case, so I'd be curious how well it lines up with yours and what features anyone things are missing.

Also, with the latest prereleases of password-hash and mcf it should now be possible to (optionally) impl the password-hash traits for bcrypt, if that's something you're interested in.

@Keats
Copy link
Owner

Keats commented Dec 15, 2025

I think one variant makes sense.

I'm not familiar with password-hash but i guess once there is a new release we can look at maybe implementing the trait behind a feature

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Keats Keats Keats left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@goto-bus-stop @tarcieri @Keats