Re: on using GSASL_SCRAM_SALTED

help-gsasl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: on using GSASL_SCRAM_SALTED_PASSWORD

From:	Simon Josefsson
Subject:	Re: on using GSASL_SCRAM_SALTED_PASSWORD
Date:	Tue, 12 Mar 2013 04:56:19 +0100
User-agent:	Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.2 (gnu/linux)

Marco Maggi <address@hidden> writes:

> Ciao,
>
>   I  am  binding  GSASL  to   a  language;  I  am  not  into
> cryptography; I would like to  stay out of crypto algorithms
> implementation as much as I can.

That is wise.   What language are you targetting?

>   For the purpose of including examples in the documentation
> I  have written  a  pair  of mock  client  and server  using
> SCRAM-SHA-1 and  it seems to  me that they can  correctly do
> their   thing  with   the   client   setting  the   property
> GSASL_PASSWORD.

Great.

>   Questions:
>
> * I  am in  a  bit  of trouble  implementing  an example  of
>   setting the  property GSASL_SCRAM_SALTED_PASSWORD;  is the
>   client application supposed to:
>
>   1.  Retrieve the  property  GSASL_SCRAM_ITER  as a  string
>      holding a  number of iterations,  and convert it  to an
>      actual number "i".
>
>   2. Retrieve  the property GSASL_SCRAM_SALT as  a string in
>      base64 encoding, and decode  it obtaining the vector of
>      octets "salt".
>
>   3.  Take  the  password  in  clear  and  prepare  it  with
>      SASLprep, obtaining the vector of octets "str".
>
>   4. Compute the  function Hi(str, salt, i)  as explained in
>      RFC 5802, obtaining a vector of octets.
>
>   5. Convert  the vector  of octets  from point  4 to  a hex
>      string (it must result of length 40).
>
>   and  the  hex   string  is  the  value   of  the  property
>   GSASL_SCRAM_SALTED_PASSWORD?

Yes I believe this is correct.  Possibly your explanation could be added
to the manual, to explain this, since it is a bit complicated.

> * Given  that to  compute  such property  value  I need  the
>   password in clear, in  which scenario a client application
>   should   use   GSASL_SCRAM_SALTED_PASSWORD   rather   than
>   GSASL_PASSWORD?

Typically when the client is storing the credential on persistant
storage for re-use at a later time.  What is stored on the disk should
then ideally be the salted password instead of the plain password.  Then
anyone getting accessing to the disk will not get the real password, but
just a hashed version of it.

> * Being that, IIUC, GSASL  already implements internally the
>   transformation   from   clear   password   to   value   of
>   GSASL_SCRAM_SALTED_PASSWORD,  is it  possible to  just use
>   GSASL to compute the value of the property?

Not easily -- you can implement PBKDF2 yourself using gsasl_hmac_sha1.
What do you think about a new helper function (in lib/src/crypto.c) to
do this?

Thanks,
/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

on using GSASL_SCRAM_SALTED_PASSWORD, Marco Maggi, 2013/03/07
- Re: on using GSASL_SCRAM_SALTED_PASSWORD, Simon Josefsson <=
  - Re: on using GSASL_SCRAM_SALTED_PASSWORD, Marco Maggi, 2013/03/16

Prev by Date: Re: on bootstrapping the repository
Next by Date: Re: on bootstrapping the repository
Previous by thread: on using GSASL_SCRAM_SALTED_PASSWORD
Next by thread: Re: on using GSASL_SCRAM_SALTED_PASSWORD
Index(es):
- Date
- Thread