diff options
| author | Michael Paquier | 2022-12-19 23:53:22 +0000 |
|---|---|---|
| committer | Michael Paquier | 2022-12-19 23:53:22 +0000 |
| commit | b3bb7d12af97f035c3aa3ad8dd41b44d01e2defa (patch) | |
| tree | aed595d6efcbb3a14d6647100604aaef687a3f32 /src/include | |
| parent | eb60eb08a95eb531f3f2a459c1b623c5ac37ecd3 (diff) | |
Remove hardcoded dependency to cryptohash type in the internals of SCRAM
SCRAM_KEY_LEN was a variable used in the internal routines of SCRAM to
size a set of fixed-sized arrays used in the SHA and HMAC computations
during the SASL exchange or when building a SCRAM password. This had a
hard dependency on SHA-256, reducing the flexibility of SCRAM when it
comes to the addition of more hash methods. A second issue was that
SHA-256 is assumed as the cryptohash method to use all the time.
This commit renames SCRAM_KEY_LEN to a more generic SCRAM_KEY_MAX_LEN,
which is used as the size of the buffers used by the internal routines
of SCRAM. This is aimed at tracking centrally the maximum size
necessary for all the hash methods supported by SCRAM. A global
variable has the advantage of keeping the code in its simplest form,
reducing the need of more alloc/free logic for all the buffers used in
the hash calculations.
A second change is that the key length (SHA digest length) and hash
types are now tracked by the state data in the backend and the frontend,
the common portions being extended to handle these as arguments by the
internal routines of SCRAM. There are a few RFC proposals floating
around to extend the SCRAM protocol, including some to use stronger
cryptohash algorithms, so this lifts some of the existing restrictions
in the code.
The code in charge of parsing and building SCRAM secrets is extended to
rely on the key length and on the cryptohash type used for the exchange,
assuming currently that only SHA-256 is supported for the moment. Note
that the mock authentication simply enforces SHA-256.
Author: Michael Paquier
Reviewed-by: Peter Eisentraut, Jonathan Katz
Discussion: https://postgr.es/m/Y5k3Qiweo/1g9CG6@paquier.xyz
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/common/scram-common.h | 31 | ||||
| -rw-r--r-- | src/include/libpq/scram.h | 6 |
2 files changed, 26 insertions, 11 deletions
diff --git a/src/include/common/scram-common.h b/src/include/common/scram-common.h index 4acf2a78adb..953d30ac549 100644 --- a/src/include/common/scram-common.h +++ b/src/include/common/scram-common.h @@ -21,7 +21,13 @@ #define SCRAM_SHA_256_PLUS_NAME "SCRAM-SHA-256-PLUS" /* with channel binding */ /* Length of SCRAM keys (client and server) */ -#define SCRAM_KEY_LEN PG_SHA256_DIGEST_LENGTH +#define SCRAM_SHA_256_KEY_LEN PG_SHA256_DIGEST_LENGTH + +/* + * Size of buffers used internally by SCRAM routines, that should be the + * maximum of SCRAM_SHA_*_KEY_LEN among the hash methods supported. + */ +#define SCRAM_MAX_KEY_LEN SCRAM_SHA_256_KEY_LEN /* * Size of random nonce generated in the authentication exchange. This @@ -43,17 +49,22 @@ */ #define SCRAM_DEFAULT_ITERATIONS 4096 -extern int scram_SaltedPassword(const char *password, const char *salt, - int saltlen, int iterations, uint8 *result, - const char **errstr); -extern int scram_H(const uint8 *input, int len, uint8 *result, +extern int scram_SaltedPassword(const char *password, + pg_cryptohash_type hash_type, int key_length, + const char *salt, int saltlen, int iterations, + uint8 *result, const char **errstr); +extern int scram_H(const uint8 *input, pg_cryptohash_type hash_type, + int key_length, uint8 *result, const char **errstr); -extern int scram_ClientKey(const uint8 *salted_password, uint8 *result, - const char **errstr); -extern int scram_ServerKey(const uint8 *salted_password, uint8 *result, - const char **errstr); +extern int scram_ClientKey(const uint8 *salted_password, + pg_cryptohash_type hash_type, int key_length, + uint8 *result, const char **errstr); +extern int scram_ServerKey(const uint8 *salted_password, + pg_cryptohash_type hash_type, int key_length, + uint8 *result, const char **errstr); -extern char *scram_build_secret(const char *salt, int saltlen, int iterations, +extern char *scram_build_secret(pg_cryptohash_type hash_type, int key_length, + const char *salt, int saltlen, int iterations, const char *password, const char **errstr); #endif /* SCRAM_COMMON_H */ diff --git a/src/include/libpq/scram.h b/src/include/libpq/scram.h index c51e848c24d..b29501ef969 100644 --- a/src/include/libpq/scram.h +++ b/src/include/libpq/scram.h @@ -13,6 +13,7 @@ #ifndef PG_SCRAM_H #define PG_SCRAM_H +#include "common/cryptohash.h" #include "lib/stringinfo.h" #include "libpq/libpq-be.h" #include "libpq/sasl.h" @@ -22,7 +23,10 @@ extern PGDLLIMPORT const pg_be_sasl_mech pg_be_scram_mech; /* Routines to handle and check SCRAM-SHA-256 secret */ extern char *pg_be_scram_build_secret(const char *password); -extern bool parse_scram_secret(const char *secret, int *iterations, char **salt, +extern bool parse_scram_secret(const char *secret, + int *iterations, + pg_cryptohash_type *hash_type, + int *key_length, char **salt, uint8 *stored_key, uint8 *server_key); extern bool scram_verify_plain_password(const char *username, const char *password, const char *secret); |