From d8f23de97ba48449befae12eda4f6853e74b6a74 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <jack@randombit.net>
Date: Fri, 13 Sep 2019 05:43:31 -0400
Subject: Add a variant of RandomNumberGenerator::random_vec

This avoids the unlock(rng.random_vec(...)) pattern which is
pretty wasteful in terms of heap overhead.
---
 src/lib/passhash/bcrypt/bcrypt.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/lib/passhash')

diff --git a/src/lib/passhash/bcrypt/bcrypt.cpp b/src/lib/passhash/bcrypt/bcrypt.cpp
index 29bcc9d1b..1d28ddfb4 100644
--- a/src/lib/passhash/bcrypt/bcrypt.cpp
+++ b/src/lib/passhash/bcrypt/bcrypt.cpp
@@ -146,7 +146,10 @@ std::string generate_bcrypt(const std::string& pass,
 
    if(version != 'a' && version != 'b' && version != 'y')
       throw Invalid_Argument("Unknown bcrypt version '" + std::string(1, version) + "'");
-   return make_bcrypt(pass, unlock(rng.random_vec(16)), work_factor, version);
+
+   std::vector<uint8_t> salt;
+   rng.random_vec(salt, 16);
+   return make_bcrypt(pass, salt, work_factor, version);
    }
 
 bool check_bcrypt(const std::string& pass, const std::string& hash)
-- 
cgit v1.2.3