41 uint8 *result,
const char **errstr)
74 memcpy(result, Ui_prev, key_length);
96 for (
j = 0;
j < key_length;
j++)
98 memcpy(Ui_prev, Ui, key_length);
113 uint8 *result,
const char **errstr)
144 uint8 *result,
const char **errstr)
154 if (
pg_hmac_init(ctx, salted_password, key_length) < 0 ||
174 uint8 *result,
const char **errstr)
184 if (
pg_hmac_init(ctx, salted_password, key_length) < 0 ||
211 const char *salt,
int saltlen,
int iterations,
212 const char *
password,
const char **errstr)
220 int encoded_salt_len;
221 int encoded_stored_len;
222 int encoded_server_len;
233 salted_password, errstr) < 0 ||
235 stored_key, errstr) < 0 ||
236 scram_H(stored_key, hash_type, key_length,
237 stored_key, errstr) < 0 ||
239 server_key, errstr) < 0)
245 elog(
ERROR,
"could not calculate stored key and server key: %s",
259 maxlen = strlen(
"SCRAM-SHA-256") + 1
261 + encoded_salt_len + 1
262 + encoded_stored_len + 1
263 + encoded_server_len + 1;
269 *errstr =
_(
"out of memory");
279 encoded_result =
pg_b64_encode(salt, saltlen, p, encoded_salt_len);
280 if (encoded_result < 0)
282 *errstr =
_(
"could not encode salt");
294 encoded_result =
pg_b64_encode((
char *) stored_key, key_length, p,
296 if (encoded_result < 0)
298 *errstr =
_(
"could not encode stored key");
311 encoded_result =
pg_b64_encode((
char *) server_key, key_length, p,
313 if (encoded_result < 0)
315 *errstr =
_(
"could not encode server key");
327 Assert(p - result <= maxlen);
int pg_b64_enc_len(int srclen)
int pg_b64_encode(const char *src, int len, char *dst, int dstlen)
#define Assert(condition)
int pg_cryptohash_update(pg_cryptohash_ctx *ctx, const uint8 *data, size_t len)
int pg_cryptohash_init(pg_cryptohash_ctx *ctx)
void pg_cryptohash_free(pg_cryptohash_ctx *ctx)
pg_cryptohash_ctx * pg_cryptohash_create(pg_cryptohash_type type)
int pg_cryptohash_final(pg_cryptohash_ctx *ctx, uint8 *dest, size_t len)
const char * pg_cryptohash_error(pg_cryptohash_ctx *ctx)
pg_hmac_ctx * pg_hmac_create(pg_cryptohash_type type)
const char * pg_hmac_error(pg_hmac_ctx *ctx)
void pg_hmac_free(pg_hmac_ctx *ctx)
int pg_hmac_update(pg_hmac_ctx *ctx, const uint8 *data, size_t len)
int pg_hmac_init(pg_hmac_ctx *ctx, const uint8 *key, size_t len)
int pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
#define CHECK_FOR_INTERRUPTS()
int scram_ServerKey(const uint8 *salted_password, pg_cryptohash_type hash_type, int key_length, uint8 *result, const char **errstr)
int scram_SaltedPassword(const char *password, pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, uint8 *result, const char **errstr)
int scram_ClientKey(const uint8 *salted_password, pg_cryptohash_type hash_type, int key_length, uint8 *result, const char **errstr)
char * scram_build_secret(pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, const char *password, const char **errstr)
int scram_H(const uint8 *input, pg_cryptohash_type hash_type, int key_length, uint8 *result, const char **errstr)
#define SCRAM_MAX_KEY_LEN