lower salt randomize level from VeryStrong to Strong
this follows the documentation; the default is for longterm, not short lived per-request/session rng
This commit is contained in:
parent
51b6dc8f3d
commit
367111171f
1 changed files with 1 additions and 1 deletions
|
@ -1,7 +1,7 @@
|
|||
static void salt_password (string password, out string token, out string salt) {
|
||||
const int SALT_BYTES = 8;
|
||||
uchar salt_bytes[SALT_BYTES];
|
||||
GCrypt.Random.randomize (salt_bytes);
|
||||
GCrypt.Random.randomize (salt_bytes, GCrypt.Random.Level.STRONG);
|
||||
uchar salt_chars[2*SALT_BYTES+1];
|
||||
for (int i = 0; i < SALT_BYTES; i += 1) {
|
||||
salt_chars[2*i+0] = "0123456789abcdef"[(salt_bytes[i]>>4)&0xf];
|
||||
|
|
Loading…
Reference in a new issue