mirror of
https://github.com/postgres/postgres.git
synced 2025-10-18 04:29:09 +03:00
Support SCRAM-SHA-256 authentication (RFC 5802 and 7677).
This introduces a new generic SASL authentication method, similar to the GSS and SSPI methods. The server first tells the client which SASL authentication mechanism to use, and then the mechanism-specific SASL messages are exchanged in AuthenticationSASLcontinue and PasswordMessage messages. Only SCRAM-SHA-256 is supported at the moment, but this allows adding more SASL mechanisms in the future, without changing the overall protocol. Support for channel binding, aka SCRAM-SHA-256-PLUS is left for later. The SASLPrep algorithm, for pre-processing the password, is not yet implemented. That could cause trouble, if you use a password with non-ASCII characters, and a client library that does implement SASLprep. That will hopefully be added later. Authorization identities, as specified in the SCRAM-SHA-256 specification, are ignored. SET SESSION AUTHORIZATION provides more or less the same functionality, anyway. If a user doesn't exist, perform a "mock" authentication, by constructing an authentic-looking challenge on the fly. The challenge is derived from a new system-wide random value, "mock authentication nonce", which is created at initdb, and stored in the control file. We go through these motions, in order to not give away the information on whether the user exists, to unauthenticated users. Bumps PG_CONTROL_VERSION, because of the new field in control file. Patch by Michael Paquier and Heikki Linnakangas, reviewed at different stages by Robert Haas, Stephen Frost, David Steele, Aleksander Alekseev, and many others. Discussion: https://www.postgresql.org/message-id/CAB7nPqRbR3GmFYdedCAhzukfKrgBLTLtMvENOmPrVWREsZkF8g%40mail.gmail.com Discussion: https://www.postgresql.org/message-id/CAB7nPqSMXU35g%3DW9X74HVeQp0uvgJxvYOuA4A-A3M%2B0wfEBv-w%40mail.gmail.com Discussion: https://www.postgresql.org/message-id/55192AFE.6080106@iki.fi
This commit is contained in:
Heikki Linnakangas
19
src/include/common/base64.h
Normal file
19
src/include/common/base64.h
Normal file
@@ -0,0 +1,19 @@
|
||||
/*
|
||||
* base64.h
|
||||
* Encoding and decoding routines for base64 without whitespace
|
||||
* support.
|
||||
*
|
||||
* Portions Copyright (c) 2001-2016, PostgreSQL Global Development Group
|
||||
*
|
||||
* src/include/common/base64.h
|
||||
*/
|
||||
#ifndef BASE64_H
|
||||
#define BASE64_H
|
||||
|
||||
/* base 64 */
|
||||
extern int pg_b64_encode(const char *src, int len, char *dst);
|
||||
extern int pg_b64_decode(const char *src, int len, char *dst);
|
||||
extern int pg_b64_enc_len(int srclen);
|
||||
extern int pg_b64_dec_len(int srclen);
|
||||
|
||||
#endif /* BASE64_H */
|
||||
62
src/include/common/scram-common.h
Normal file
62
src/include/common/scram-common.h
Normal file
@@ -0,0 +1,62 @@
|
||||
/*-------------------------------------------------------------------------
|
||||
*
|
||||
* scram-common.h
|
||||
* Declarations for helper functions used for SCRAM authentication
|
||||
*
|
||||
* Portions Copyright (c) 1996-2016, PostgreSQL Global Development Group
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* src/include/common/relpath.h
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
#ifndef SCRAM_COMMON_H
|
||||
#define SCRAM_COMMON_H
|
||||
|
||||
#include "common/sha2.h"
|
||||
|
||||
/* Length of SCRAM keys (client and server) */
|
||||
#define SCRAM_KEY_LEN PG_SHA256_DIGEST_LENGTH
|
||||
|
||||
/* length of HMAC */
|
||||
#define SHA256_HMAC_B PG_SHA256_BLOCK_LENGTH
|
||||
|
||||
/*
|
||||
* Size of random nonce generated in the authentication exchange. This
|
||||
* is in "raw" number of bytes, the actual nonces sent over the wire are
|
||||
* encoded using only ASCII-printable characters.
|
||||
*/
|
||||
#define SCRAM_RAW_NONCE_LEN 10
|
||||
|
||||
/* length of salt when generating new verifiers */
|
||||
#define SCRAM_SALT_LEN 10
|
||||
|
||||
/* number of bytes used when sending iteration number during exchange */
|
||||
#define SCRAM_ITERATION_LEN 10
|
||||
|
||||
/* default number of iterations when generating verifier */
|
||||
#define SCRAM_ITERATIONS_DEFAULT 4096
|
||||
|
||||
/* Base name of keys used for proof generation */
|
||||
#define SCRAM_SERVER_KEY_NAME "Server Key"
|
||||
#define SCRAM_CLIENT_KEY_NAME "Client Key"
|
||||
|
||||
/*
|
||||
* Context data for HMAC used in SCRAM authentication.
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
pg_sha256_ctx sha256ctx;
|
||||
uint8 k_opad[SHA256_HMAC_B];
|
||||
} scram_HMAC_ctx;
|
||||
|
||||
extern void scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen);
|
||||
extern void scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen);
|
||||
extern void scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx);
|
||||
|
||||
extern void scram_H(const uint8 *str, int len, uint8 *result);
|
||||
extern void scram_ClientOrServerKey(const char *password, const char *salt,
|
||||
int saltlen, int iterations,
|
||||
const char *keystr, uint8 *result);
|
||||
|
||||
#endif /* SCRAM_COMMON_H */
|
||||
Reference in New Issue
Block a user