36 const char *salt,
int saltlen,
int iterations,
37 uint8 *result,
const char **errstr)
73 for (
i = 2;
i <= iterations;
i++)
196 const char *
password,
const char **errstr)
204 int encoded_salt_len;
205 int encoded_stored_len;
206 int encoded_server_len;
214 salted_password, errstr) < 0 ||
223 elog(
ERROR,
"could not calculate stored key and server key: %s",
237 maxlen = strlen(
"SCRAM-SHA-256") + 1
239 + encoded_salt_len + 1
240 + encoded_stored_len + 1
241 + encoded_server_len + 1;
247 *errstr =
_(
"out of memory");
254 p = result +
sprintf(result,
"SCRAM-SHA-256$%d:", iterations);
257 encoded_result =
pg_b64_encode(salt, saltlen, p, encoded_salt_len);
258 if (encoded_result < 0)
260 *errstr =
_(
"could not encode salt");
274 if (encoded_result < 0)
276 *errstr =
_(
"could not encode stored key");
291 if (encoded_result < 0)
293 *errstr =
_(
"could not encode server key");
305 Assert(p - result <= maxlen);
int pg_b64_enc_len(int srclen)
int pg_b64_encode(const char *src, int len, char *dst, int dstlen)
int pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
int pg_cryptohash_init(pg_cryptohash_ctx *ctx)
void pg_cryptohash_free(pg_cryptohash_ctx *ctx)
pg_cryptohash_ctx * pg_cryptohash_create(pg_cryptohash_type type)
int pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest, size_t len)
const char * pg_cryptohash_error(pg_cryptohash_ctx *ctx)
pg_hmac_ctx * pg_hmac_create(pg_cryptohash_type type)
const char * pg_hmac_error(pg_hmac_ctx *ctx)
void pg_hmac_free(pg_hmac_ctx *ctx)
int pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
int pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
int pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
Assert(fmt[strlen(fmt) - 1] !='\n')
int scram_SaltedPassword(const char *password, const char *salt, int saltlen, int iterations, uint8 *result, const char **errstr)
int scram_H(const uint8 *input, int len, uint8 *result, const char **errstr)
int scram_ClientKey(const uint8 *salted_password, uint8 *result, const char **errstr)
int scram_ServerKey(const uint8 *salted_password, uint8 *result, const char **errstr)
char * scram_build_secret(const char *salt, int saltlen, int iterations, const char *password, const char **errstr)
#define SCRAM_DEFAULT_ITERATIONS