on using GSASL_SCRAM_SALTED_PASSWORD

[Marco Maggi]

Ciao,

  I  am  binding  GSASL  to   a  language;  I  am  not  into
cryptography; I would like to  stay out of crypto algorithms
implementation as much as I can.

  For the purpose of including examples in the documentation
I  have written  a  pair  of mock  client  and server  using
SCRAM-SHA-1 and  it seems to  me that they can  correctly do
their   thing  with   the   client   setting  the   property
GSASL_PASSWORD.

  Questions:

* I  am in  a  bit  of trouble  implementing  an example  of
  setting the  property GSASL_SCRAM_SALTED_PASSWORD;  is the
  client application supposed to:

  1.  Retrieve the  property  GSASL_SCRAM_ITER  as a  string
     holding a  number of iterations,  and convert it  to an
     actual number "i".

  2. Retrieve  the property GSASL_SCRAM_SALT as  a string in
     base64 encoding, and decode  it obtaining the vector of
     octets "salt".

  3.  Take  the  password  in  clear  and  prepare  it  with
     SASLprep, obtaining the vector of octets "str".

  4. Compute the  function Hi(str, salt, i)  as explained in
     RFC 5802, obtaining a vector of octets.

  5. Convert  the vector  of octets  from point  4 to  a hex
     string (it must result of length 40).

  and  the  hex   string  is  the  value   of  the  property
  GSASL_SCRAM_SALTED_PASSWORD?

* Given  that to  compute  such property  value  I need  the
  password in clear, in  which scenario a client application
  should   use   GSASL_SCRAM_SALTED_PASSWORD   rather   than
  GSASL_PASSWORD?

* Being that, IIUC, GSASL  already implements internally the
  transformation   from   clear   password   to   value   of
  GSASL_SCRAM_SALTED_PASSWORD,  is it  possible to  just use
  GSASL to compute the value of the property?

TIA.
-- 
Marco Maggi