| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SCRAM salt length |
| Date: | 2017-08-17 16:10:09 |
| Message-ID: | bcc38e7d-4a98-7a90-222d-35f198587d59@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 08/17/2017 05:23 PM, Peter Eisentraut wrote:
> On 8/17/17 09:21, Heikki Linnakangas wrote:
>> The RFC doesn't say anything about salt
>> length, but the one example in it uses a 16 byte string as the salt.
>> That's more or less equal to the current default of 12 raw bytes, after
>> base64-encoding.
>
> The example is
>
> S: r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
> s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096
>
> That salt is 24 characters and 16 raw bytes.
Ah, I see, that's from the SCRAM-SHA-256 spec. I was looking at the
example in the original SCRAM-SHA-1 spec:
S: r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,
i=4096
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-08-17 16:15:58 | Re: pl/perl extension fails on Windows |
| Previous Message | Dang Minh Huong | 2017-08-17 15:43:13 | Re: Extra Vietnamese unaccent rules |