database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-10-18 04:29:09 +03:00
Code Activity

Misc SCRAM code cleanups.

Browse Source 
* Move computation of SaltedPassword to a separate function from
  scram_ClientOrServerKey(). This saves a lot of cycles in libpq, by
  computing SaltedPassword only once per authentication. (Computing
  SaltedPassword is expensive by design.)

* Split scram_ClientOrServerKey() into two functions. Improves
  readability, by making the calling code less verbose.

* Rename "server proof" to "server signature", to better match the
  nomenclature used in RFC 5802.

* Rename SCRAM_SALT_LEN to SCRAM_DEFAULT_SALT_LEN, to make it more clear
  that the salt can be of any length, and the constant only specifies how
  long a salt we use when we generate a new verifier. Also rename
  SCRAM_ITERATIONS_DEFAULT to SCRAM_DEFAULT_ITERATIONS, for consistency.

These things caught my eye while working on other upcoming changes.
This commit is contained in:
Heikki Linnakangas
2017-04-28 15:04:02 +03:00
parent b9a3ef55b2
commit d981074c24
4 changed files with 89 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/include/common/scram-common.h
View File

@@ -29,14 +29,10 @@
#define SCRAM_RAW_NONCE_LEN 10
/* length of salt when generating new verifiers */
#define SCRAM_SALT_LEN 10
#define SCRAM_DEFAULT_SALT_LEN 10
/* default number of iterations when generating verifier */
#define SCRAM_ITERATIONS_DEFAULT 4096
/* Base name of keys used for proof generation */
#define SCRAM_SERVER_KEY_NAME "Server Key"
#define SCRAM_CLIENT_KEY_NAME "Client Key"
#define SCRAM_DEFAULT_ITERATIONS 4096
/*
* Context data for HMAC used in SCRAM authentication.
@@ -51,9 +47,10 @@ extern void scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen);
extern void scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen);
extern void scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx);
extern void scram_SaltedPassword(const char *password, const char *salt,
int saltlen, int iterations, uint8 *result);
extern void scram_H(const uint8 *str, int len, uint8 *result);
extern void scram_ClientOrServerKey(const char *password, const char *salt,
int saltlen, int iterations,
const char *keystr, uint8 *result);
extern void scram_ClientKey(const uint8 *salted_password, uint8 *result);
extern void scram_ServerKey(const uint8 *salted_password, uint8 *result);
#endif /* SCRAM_COMMON_H */