scram: generate random nonce with one call (#182)

serprex · web-flow · commit 2f4ee5f19fbd · 2024-06-01T13:50:19.000-07:00
This has two benefits:
1. takes 1 lock instead of 18
2. generates multiple bytes per internal random invocation
diff --git a/examples/scram.rs b/examples/scram.rs
@@ -36,11 +36,7 @@ impl SimpleQueryHandler for DummyProcessor {
 }
 
 pub fn random_salt() -> Vec<u8> {
-    let mut buf = vec![0u8; 10];
-    for v in buf.iter_mut() {
-        *v = rand::random::<u8>();
-    }
-    buf
+    Vec::from(rand::random::<[u8; 10]>())
 }
 
 const ITERATIONS: usize = 4096;
diff --git a/src/api/auth/scram.rs b/src/api/auth/scram.rs
@@ -63,12 +63,7 @@ pub fn gen_salted_password(password: &str, salt: &[u8], iters: usize) -> Vec<u8>
 }
 
 pub fn random_nonce() -> String {
-    let mut buf = [0u8; 18];
-    for v in buf.iter_mut() {
-        *v = rand::random::<u8>();
-    }
-
-    STANDARD.encode(buf)
+    STANDARD.encode(rand::random::<[u8; 18]>())
 }
 
 impl<A, P> SASLScramAuthStartupHandler<A, P> {

Original file line number	Diff line number	Diff line change
`@@ -36,11 +36,7 @@ impl SimpleQueryHandler for DummyProcessor {`
`36`	`36`	`}`
`37`	`37`
`38`	`38`	`pub fn random_salt() -> Vec<u8> {`
`39`		`- let mut buf = vec![0u8; 10];`
`40`		`- for v in buf.iter_mut() {`
`41`		`- *v = rand::random::<u8>();`
`42`		`- }`
`43`		`- buf`
	`39`	`+ Vec::from(rand::random::<[u8; 10]>())`
`44`	`40`	`}`
`45`	`41`
`46`	`42`	`const ITERATIONS: usize = 4096;`
Original file line number	Diff line number	Diff line change
`@@ -63,12 +63,7 @@ pub fn gen_salted_password(password: &str, salt: &[u8], iters: usize) -> Vec<u8>`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`pub fn random_nonce() -> String {`
`66`		`- let mut buf = [0u8; 18];`
`67`		`- for v in buf.iter_mut() {`
`68`		`- *v = rand::random::<u8>();`
`69`		`- }`
`70`		`-`
`71`		`- STANDARD.encode(buf)`
	`66`	`+ STANDARD.encode(rand::random::<[u8; 18]>())`
`72`	`67`	`}`
`73`	`68`
`74`	`69`	`impl<A, P> SASLScramAuthStartupHandler<A, P> {`