48 #define DEFAULT_SALT_BYTES 12
49 #define SNONCE_ENTROPY_BYTES 18
74 scram_start (
Gsasl_session *sctx _GL_UNUSED,
void **mech_data,
115 #ifdef USE_SCRAM_SHA1
117 _gsasl_scram_sha1_server_start (
Gsasl_session *sctx,
void **mech_data)
123 _gsasl_scram_sha1_plus_server_start (
Gsasl_session *sctx,
void **mech_data)
129 #ifdef USE_SCRAM_SHA256
131 _gsasl_scram_sha256_server_start (
Gsasl_session *sctx,
void **mech_data)
137 _gsasl_scram_sha256_plus_server_start (
Gsasl_session *sctx,
void **mech_data)
145 const char *b64,
char *buf)
161 memcpy (buf, bin, binlen);
172 size_t input_len,
char **output,
size_t *output_len)
199 if (strcmp (state->
cf.
cbname,
"tls-exporter") == 0)
205 else if (strcmp (state->
cf.
cbname,
"tls-unique") == 0)
245 p = memchr (input,
',', input_len);
249 p = memchr (p,
',', input_len - (p - input));
254 state->
gs2header = malloc (p - input + 1);
257 memcpy (state->
gs2header, input, p - input);
260 state->
cfmb_str = malloc (input_len - (p - input) + 1);
263 memcpy (state->
cfmb_str, p, input_len - (p - input));
264 state->
cfmb_str[input_len - (p - input)] =
'\0';
270 size_t snlen = strlen (state->
snonce);
272 state->
sf.
nonce = malloc (cnlen + snlen + 1);
278 state->
sf.
nonce[cnlen + snlen] =
'\0';
292 state->
sf.
iter = strtoul (p, NULL, 10);
293 if (!p || state->
sf.
iter == 0 || state->
sf.
iter == ULONG_MAX)
301 n = asprintf (&str,
"%zu", state->
sf.
iter);
302 if (n < 0 || str == NULL)
316 state->
sf.
salt = strdup (p);
331 *output = strdup (state->
sf_str);
334 *output_len = strlen (*output);
356 &state->
cbind, &len);
406 rc = extract_serverkey (state, p, state->
serverkey);
409 rc = extract_serverkey (state, q, state->
storedkey);
422 char *binsaltedpassword;
436 (state->
hash, binsaltedpassword,
500 p = memmem (input, input_len,
",p=", 3);
566 *output_len = strlen (*output);
int gsasl_base64_from(const char *in, size_t inlen, char **out, size_t *outlen)
int gsasl_base64_to(const char *in, size_t inlen, char **out, size_t *outlen)
int gsasl_hex_from(const char *in, char **out, size_t *outlen)
size_t gsasl_hash_length(Gsasl_hash hash)
int gsasl_scram_secrets_from_salted_password(Gsasl_hash hash, const char *salted_password, char *client_key, char *server_key, char *stored_key)
int gsasl_nonce(char *data, size_t datalen)
int gsasl_scram_secrets_from_password(Gsasl_hash hash, const char *password, unsigned int iteration_count, const char *salt, size_t saltlen, char *salted_password, char *client_key, char *server_key, char *stored_key)
@ GSASL_NO_CB_TLS_EXPORTER
@ GSASL_AUTHENTICATION_ERROR
@ GSASL_MECHANISM_CALLED_TOO_MANY_TIMES
@ GSASL_MECHANISM_PARSE_ERROR
_GSASL_API int gsasl_property_set(Gsasl_session *sctx, Gsasl_property prop, const char *data)
_GSASL_API const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
@ GSASL_SCRAM_SALTED_PASSWORD
_GSASL_API int gsasl_saslprep(const char *in, Gsasl_saslprep_flags flags, char **out, int *stringpreprc)
int scram_parse_client_final(const char *str, size_t len, struct scram_client_final *cl)
int scram_parse_client_first(const char *str, size_t len, struct scram_client_first *cf)
int scram_print_server_final(struct scram_server_final *sl, char **out)
int scram_print_server_first(struct scram_server_first *sf, char **out)
void _gsasl_scram_server_finish(Gsasl_session *sctx _GL_UNUSED, void *mech_data)
#define DEFAULT_SALT_BYTES
#define SNONCE_ENTROPY_BYTES
int _gsasl_scram_server_step(Gsasl_session *sctx, void *mech_data, const char *input, size_t input_len, char **output, size_t *output_len)
void gsasl_free(void *ptr)
char serverkey[GSASL_HASH_MAX_SIZE]
char storedkey[GSASL_HASH_MAX_SIZE]
struct scram_server_final sl
struct scram_server_first sf
struct scram_client_first cf
struct scram_client_final cl
void scram_free_server_first(struct scram_server_first *sf)
void scram_free_client_first(struct scram_client_first *cf)
void scram_free_server_final(struct scram_server_final *sl)
void scram_free_client_final(struct scram_client_final *cl)