| 1 | /*------------------------------------------------------------------------- |
|---|---|
| 2 | * |
| 3 | * scram-common.h |
| 4 | * Declarations for helper functions used for SCRAM authentication |
| 5 | * |
| 6 | * Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group |
| 7 | * Portions Copyright (c) 1994, Regents of the University of California |
| 8 | * |
| 9 | * src/include/common/scram-common.h |
| 10 | * |
| 11 | *------------------------------------------------------------------------- |
| 12 | */ |
| 13 | #ifndef SCRAM_COMMON_H |
| 14 | #define SCRAM_COMMON_H |
| 15 | |
| 16 | #include "common/sha2.h" |
| 17 | |
| 18 | /* Name of SCRAM mechanisms per IANA */ |
| 19 | #define SCRAM_SHA_256_NAME "SCRAM-SHA-256" |
| 20 | #define SCRAM_SHA_256_PLUS_NAME "SCRAM-SHA-256-PLUS" /* with channel binding */ |
| 21 | |
| 22 | /* Length of SCRAM keys (client and server) */ |
| 23 | #define SCRAM_KEY_LEN PG_SHA256_DIGEST_LENGTH |
| 24 | |
| 25 | /* length of HMAC */ |
| 26 | #define SHA256_HMAC_B PG_SHA256_BLOCK_LENGTH |
| 27 | |
| 28 | /* |
| 29 | * Size of random nonce generated in the authentication exchange. This |
| 30 | * is in "raw" number of bytes, the actual nonces sent over the wire are |
| 31 | * encoded using only ASCII-printable characters. |
| 32 | */ |
| 33 | #define SCRAM_RAW_NONCE_LEN 18 |
| 34 | |
| 35 | /* |
| 36 | * Length of salt when generating new verifiers, in bytes. (It will be stored |
| 37 | * and sent over the wire encoded in Base64.) 16 bytes is what the example in |
| 38 | * RFC 7677 uses. |
| 39 | */ |
| 40 | #define SCRAM_DEFAULT_SALT_LEN 16 |
| 41 | |
| 42 | /* |
| 43 | * Default number of iterations when generating verifier. Should be at least |
| 44 | * 4096 per RFC 7677. |
| 45 | */ |
| 46 | #define SCRAM_DEFAULT_ITERATIONS 4096 |
| 47 | |
| 48 | /* |
| 49 | * Context data for HMAC used in SCRAM authentication. |
| 50 | */ |
| 51 | typedef struct |
| 52 | { |
| 53 | pg_sha256_ctx sha256ctx; |
| 54 | uint8 k_opad[SHA256_HMAC_B]; |
| 55 | } scram_HMAC_ctx; |
| 56 | |
| 57 | extern void scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen); |
| 58 | extern void scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen); |
| 59 | extern void scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx); |
| 60 | |
| 61 | extern void scram_SaltedPassword(const char *password, const char *salt, |
| 62 | int saltlen, int iterations, uint8 *result); |
| 63 | extern void scram_H(const uint8 *str, int len, uint8 *result); |
| 64 | extern void scram_ClientKey(const uint8 *salted_password, uint8 *result); |
| 65 | extern void scram_ServerKey(const uint8 *salted_password, uint8 *result); |
| 66 | |
| 67 | extern char *scram_build_verifier(const char *salt, int saltlen, int iterations, |
| 68 | const char *password); |
| 69 | |
| 70 | #endif /* SCRAM_COMMON_H */ |
| 71 |
Generated while processing PostgreSQL/src/backend/libpq/auth-scram.c
Generated on 2019-Nov-14 from project PostgreSQL revision 12.0
Powered by 
Code Browser 2.1
Generator usage only permitted with license.