PostgreSQL Source Code
git master
|
#include "postgres_fe.h"
#include "common/base64.h"
#include "common/hmac.h"
#include "common/saslprep.h"
#include "common/scram-common.h"
#include "fe-auth.h"
Go to the source code of this file.
Data Structures | |
struct | fe_scram_state |
Enumerations | |
enum | fe_scram_state_enum { FE_SCRAM_INIT , FE_SCRAM_NONCE_SENT , FE_SCRAM_PROOF_SENT , FE_SCRAM_FINISHED } |
Functions | |
static void * | scram_init (PGconn *conn, const char *password, const char *sasl_mechanism) |
static SASLStatus | scram_exchange (void *opaq, char *input, int inputlen, char **output, int *outputlen) |
static bool | scram_channel_bound (void *opaq) |
static void | scram_free (void *opaq) |
static bool | read_server_first_message (fe_scram_state *state, char *input) |
static bool | read_server_final_message (fe_scram_state *state, char *input) |
static char * | build_client_first_message (fe_scram_state *state) |
static char * | build_client_final_message (fe_scram_state *state) |
static bool | verify_server_signature (fe_scram_state *state, bool *match, const char **errstr) |
static bool | calculate_client_proof (fe_scram_state *state, const char *client_final_message_without_proof, uint8 *result, const char **errstr) |
static char * | read_attr_value (char **input, char attr, PQExpBuffer errorMessage) |
char * | pg_fe_scram_build_secret (const char *password, int iterations, const char **errstr) |
Variables | |
const pg_fe_sasl_mech | pg_scram_mech |
enum fe_scram_state_enum |
Enumerator | |
---|---|
FE_SCRAM_INIT | |
FE_SCRAM_NONCE_SENT | |
FE_SCRAM_PROOF_SENT | |
FE_SCRAM_FINISHED |
Definition at line 43 of file fe-auth-scram.c.
|
static |
Definition at line 450 of file fe-auth-scram.c.
References appendPQExpBuffer(), appendPQExpBufferStr(), buf, calculate_client_proof(), pg_conn::channel_binding, conn, enlargePQExpBuffer(), pg_conn::errorMessage, free, initPQExpBuffer(), libpq_append_conn_error(), malloc, pg_b64_enc_len(), pg_b64_encode(), pgtls_get_peer_certificate_hash(), PQExpBufferDataBroken, SCRAM_MAX_KEY_LEN, SCRAM_SHA_256_PLUS_NAME, pg_conn::ssl_in_use, and termPQExpBuffer().
Referenced by scram_exchange().
|
static |
Definition at line 345 of file fe-auth-scram.c.
References appendPQExpBuffer(), appendPQExpBufferChar(), appendPQExpBufferStr(), Assert, buf, pg_conn::channel_binding, conn, initPQExpBuffer(), libpq_append_conn_error(), malloc, pg_b64_enc_len(), pg_b64_encode(), pg_strong_random(), PQExpBufferDataBroken, SCRAM_RAW_NONCE_LEN, SCRAM_SHA_256_PLUS_NAME, pg_conn::ssl_in_use, and termPQExpBuffer().
Referenced by scram_exchange().
|
static |
Definition at line 761 of file fe-auth-scram.c.
References i, pg_hmac_create(), pg_hmac_error(), pg_hmac_final(), pg_hmac_free(), pg_hmac_init(), pg_hmac_update(), scram_ClientKey(), scram_H(), SCRAM_MAX_KEY_LEN, and scram_SaltedPassword().
Referenced by build_client_final_message().
char* pg_fe_scram_build_secret | ( | const char * | password, |
int | iterations, | ||
const char ** | errstr | ||
) |
Definition at line 892 of file fe-auth-scram.c.
References free, iterations, libpq_gettext, password, pg_saslprep(), PG_SHA256, pg_strong_random(), SASLPREP_OOM, SASLPREP_SUCCESS, scram_build_secret(), SCRAM_DEFAULT_SALT_LEN, and SCRAM_SHA_256_KEY_LEN.
Referenced by PQencryptPasswordConn().
|
static |
Definition at line 303 of file fe-auth-scram.c.
References input, and libpq_append_error().
Referenced by read_server_final_message(), and read_server_first_message().
|
static |
Definition at line 688 of file fe-auth-scram.c.
References conn, errmsg(), pg_conn::errorMessage, free, input, libpq_append_conn_error(), malloc, pg_b64_dec_len(), pg_b64_decode(), and read_attr_value().
Referenced by scram_exchange().
|
static |
Definition at line 602 of file fe-auth-scram.c.
References conn, pg_conn::errorMessage, input, libpq_append_conn_error(), malloc, pg_b64_dec_len(), pg_b64_decode(), and read_attr_value().
Referenced by scram_exchange().
|
static |
Definition at line 154 of file fe-auth-scram.c.
References FE_SCRAM_FINISHED, and SCRAM_SHA_256_PLUS_NAME.
|
static |
Definition at line 205 of file fe-auth-scram.c.
References build_client_final_message(), build_client_first_message(), conn, FE_SCRAM_FINISHED, FE_SCRAM_INIT, FE_SCRAM_NONCE_SENT, FE_SCRAM_PROOF_SENT, input, libpq_append_conn_error(), output, read_server_final_message(), read_server_first_message(), SASL_COMPLETE, SASL_CONTINUE, SASL_FAILED, and verify_server_signature().
|
static |
|
static |
Definition at line 96 of file fe-auth-scram.c.
References Assert, conn, FE_SCRAM_INIT, free, malloc, password, pg_saslprep(), PG_SHA256, SASLPREP_OOM, SASLPREP_SUCCESS, and SCRAM_SHA_256_KEY_LEN.
|
static |
Definition at line 830 of file fe-auth-scram.c.
References pg_hmac_create(), pg_hmac_error(), pg_hmac_final(), pg_hmac_free(), pg_hmac_init(), pg_hmac_update(), SCRAM_MAX_KEY_LEN, and scram_ServerKey().
Referenced by scram_exchange().
const pg_fe_sasl_mech pg_scram_mech |
Definition at line 32 of file fe-auth-scram.c.
Referenced by pg_SASL_init().