Re: SCRAM methods

help-gsasl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SCRAM methods

From:	Jeremy Harris
Subject:	Re: SCRAM methods
Date:	Tue, 31 Dec 2019 18:16:34 +0000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2

Hi,

On 25/12/2019 16:31, Jeremy Harris wrote:
> So, please consider these feature requests:
> 
> - library API returning a salted-password, given password and
>   optional salt, optional iteration-count
> - utility access to that API
> - library acceptance and use, server side, of a salted password.

I have written the code for parts 3 and 1 of the above, and
tested with Exim.  These patches apply cumulatively onto
d5976869c4.

The first patch makes the server-side SCRAM implementation behave like
the client-side, in that it looks for a salted-password property first,
then falling back to the existing use of a plaintext-password property.
The server application must still supply the salt and iteration-count.

The second patch writes a salted-password property, server-side, if the
plaintext source and calculation procedure is followed; this permits an
application to extract the salted-password for storage.

I've not touched the docs.
-- 
Cheers,
  Jeremy

try_salted_password.patch
Description: Text Data

extract_salted_password.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

SCRAM methods, Jeremy Harris, 2019/12/25
- Re: SCRAM methods, Jeremy Harris <=

Prev by Date: Re: scram-sha-1-plus
Previous by thread: SCRAM methods
Next by thread: scram-sha-1-plus
Index(es):
- Date
- Thread