| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Álvaro Hernández Tortosa <aht(at)8kdata(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Some thoughts about SCRAM implementation |
| Date: | 2017-05-05 07:15:05 |
| Message-ID: | 859a8b62-da9c-120d-618a-f30e7b7854e2@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 04/10/2017 09:28 PM, Álvaro Hernández Tortosa wrote:
> On 10/04/17 13:02, Heikki Linnakangas wrote:
>> On 04/10/2017 12:39 PM, Álvaro Hernández Tortosa wrote:
>>> * The nonce length is not specified by the RFC. I see typical
>>> implementations use 24 chars for the client and 18 for the server.
>>> Current code uses 10. I think it should not hurt making it at least 16
>>> or 18.
>>
>> Wouldn't hurt, I guess. IIRC I checked some other implementations,
>> when I picked 10, but I don't remember which ones anymore. Got a
>> reference for 24/18?
>
> First reference is the RFC example itself (non-mandatory, of
> course). But then I saw many followed this. As a quick example, GNU SASL
> defines:
>
> #define SNONCE_ENTROPY_BYTES 18
> https://www.gnu.org/software/gsasl/coverage/lib/scram/server.c.gcov.frameset.html
Ok, I bumped up the nonce lengths to 18 raw bytes. Thanks!
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2017-05-05 07:15:17 | Re: Authentication tests, and plain 'password' authentication with a SCRAM verifier |
| Previous Message | Noah Misch | 2017-05-05 07:11:42 | Re: Logical replication - TRAP: FailedAssertion in pgstat.c |