Quick Links

Re: SCRAM salt length

From:	Robert Haas <robertmhaas(at)gmail(dot)com>
To:	Heikki Linnakangas <hlinnaka(at)iki(dot)fi>
Cc:	Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: SCRAM salt length
Date:	2017-08-17 14:03:53
Message-ID:	CA+TgmobU87vThH49WZxYxjJjftqggSwS9JJs46+iEjmMt_G6rQ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Thu, Aug 17, 2017 at 9:21 AM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> Different thing. That was the nonce length, now we're talking about salt
> length.

Actually that commit (0557a5dc2cf845639d384801b6861ebbd35dc7ee) changed both:

-#define SCRAM_RAW_NONCE_LEN 10
+#define SCRAM_RAW_NONCE_LEN 18

/* length of salt when generating new verifiers */
-#define SCRAM_DEFAULT_SALT_LEN 10
+#define SCRAM_DEFAULT_SALT_LEN 12

I don't think I understand exactly how they're different; especially,
I don't quite understand how the nonce is used.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Re: SCRAM salt length at 2017-08-17 13:21:43 from Heikki Linnakangas

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Daniel Gustafsson	2017-08-17 14:14:24	Re: Support for Secure Transport SSL library on macOS as OpenSSL alternative
Previous Message	Tom Lane	2017-08-17 13:58:37	Re: pl/perl extension fails on Windows