prosody
646af16a3f32
util/sasl/scram.lua
Software / code / prosody
Comparison
util/sasl/scram.lua @ 10912:646af16a3f32 0.11
util.sasl.scram: Apply saslprep before hashing password, fixes #1560
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 22 May 2020 20:59:01 +0200 |
| parent | 8728:41c959c5c84b |
| child | 10916:c7ed8f754033 |
comparison
equal
deleted
inserted
replaced
| 10843:8fcd46ee9bf5 | 10912:646af16a3f32 |
|---|---|
| 104 return false, "inappropriate argument types" | 104 return false, "inappropriate argument types" |
| 105 end | 105 end |
| 106 if iteration_count < 4096 then | 106 if iteration_count < 4096 then |
| 107 log("warn", "Iteration count < 4096 which is the suggested minimum according to RFC 5802.") | 107 log("warn", "Iteration count < 4096 which is the suggested minimum according to RFC 5802.") |
| 108 end | 108 end |
| 109 password = saslprep(password); | |
| 110 if not password then | |
| 111 return false, "password fails SASLprep"; | |
| 112 end | |
| 109 local salted_password = Hi(password, salt, iteration_count); | 113 local salted_password = Hi(password, salt, iteration_count); |
| 110 local stored_key = sha1(hmac_sha1(salted_password, "Client Key")) | 114 local stored_key = sha1(hmac_sha1(salted_password, "Client Key")) |
| 111 local server_key = hmac_sha1(salted_password, "Server Key"); | 115 local server_key = hmac_sha1(salted_password, "Server Key"); |
| 112 return true, stored_key, server_key | 116 return true, stored_key, server_key |
| 113 end | 117 end |
