110 local server_key = HMAC(salted_password, "Server Key"); |
110 local server_key = HMAC(salted_password, "Server Key"); |
111 return true, stored_key, server_key |
111 return true, stored_key, server_key |
112 end |
112 end |
113 end |
113 end |
114 |
114 |
115 local function scram_gen(hash_name, H_f, HMAC_f, get_auth_db) |
115 local function scram_gen(hash_name, H_f, HMAC_f, get_auth_db, expect_cb) |
116 local profile_name = "scram_" .. hashprep(hash_name); |
116 local profile_name = "scram_" .. hashprep(hash_name); |
117 local function scram_hash(self, message) |
117 local function scram_hash(self, message) |
118 local support_channel_binding = false; |
118 local support_channel_binding = false; |
119 if self.profile.cb then support_channel_binding = true; end |
119 if self.profile.cb then support_channel_binding = true; end |
120 |
120 |
139 return "failure", "malformed-request"; |
139 return "failure", "malformed-request"; |
140 end |
140 end |
141 |
141 |
142 if gs2_cbind_flag == "n" then |
142 if gs2_cbind_flag == "n" then |
143 -- "n" -> client doesn't support channel binding. |
143 -- "n" -> client doesn't support channel binding. |
|
144 if expect_cb then |
|
145 log("debug", "Client unexpectedly doesn't support channel binding"); |
|
146 -- XXX Is it sensible to abort if the client starts -PLUS but doesn't use channel binding? |
|
147 end |
144 support_channel_binding = false; |
148 support_channel_binding = false; |
145 end |
149 end |
146 |
150 |
147 if support_channel_binding and gs2_cbind_flag == "p" then |
151 if support_channel_binding and gs2_cbind_flag == "p" then |
148 -- check whether we support the proposed channel binding type |
152 -- check whether we support the proposed channel binding type |
258 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db)); |
262 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db)); |
259 |
263 |
260 -- register channel binding equivalent |
264 -- register channel binding equivalent |
261 registerMechanism("SCRAM-"..hash_name.."-PLUS", |
265 registerMechanism("SCRAM-"..hash_name.."-PLUS", |
262 {"plain", "scram_"..(hashprep(hash_name))}, |
266 {"plain", "scram_"..(hashprep(hash_name))}, |
263 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db), {"tls-unique"}); |
267 scram_gen(hash_name:lower(), hash, hmac_hash, get_auth_db, true), {"tls-unique"}); |
264 end |
268 end |
265 |
269 |
266 registerSCRAMMechanism("SHA-1", hashes.sha1, hashes.hmac_sha1, hashes.pbkdf2_hmac_sha1); |
270 registerSCRAMMechanism("SHA-1", hashes.sha1, hashes.hmac_sha1, hashes.pbkdf2_hmac_sha1); |
267 registerSCRAMMechanism("SHA-256", hashes.sha256, hashes.hmac_sha256, hashes.pbkdf2_hmac_sha256); |
271 registerSCRAMMechanism("SHA-256", hashes.sha256, hashes.hmac_sha256, hashes.pbkdf2_hmac_sha256); |
268 end |
272 end |