diff options
| author | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-05 10:02:13 +0300 |
|---|---|---|
| committer | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-05 10:02:13 +0300 |
| commit | 0557a5dc2cf845639d384801b6861ebbd35dc7ee (patch) | |
| tree | 8aed489778bfde59eba1976ede4a78a34a2fb2f3 /src/include/common/scram-common.h | |
| parent | e6e9c4da3a55450b120ad7e3d0be426255850914 (diff) | |
| download | postgresql-0557a5dc2cf845639d384801b6861ebbd35dc7ee.tar.gz postgresql-0557a5dc2cf845639d384801b6861ebbd35dc7ee.zip | |
Make SCRAM salts and nonces longer.
The salt is stored base64-encoded. With the old 10 bytes raw length, it was
always padded to 16 bytes after encoding. We might as well use 12 raw bytes
for the salt, and it's still encoded into 16 bytes.
Similarly for the random nonces, use a raw length that's divisible by 3, so
that there's no padding after base64 encoding. Make the nonces longer while
we're at it. 10 bytes was probably enough to prevent replay attacks, but
there's no reason to be skimpy here.
Per suggestion from Álvaro Hernández Tortosa.
Discussion: https://www.postgresql.org/message-id/df8c6e27-4d8e-5281-96e5-131a4e638fc8@8kdata.com
Diffstat (limited to 'src/include/common/scram-common.h')
| -rw-r--r-- | src/include/common/scram-common.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/include/common/scram-common.h b/src/include/common/scram-common.h index 307f92b54a4..b5d107494c5 100644 --- a/src/include/common/scram-common.h +++ b/src/include/common/scram-common.h @@ -26,10 +26,10 @@ * is in "raw" number of bytes, the actual nonces sent over the wire are * encoded using only ASCII-printable characters. */ -#define SCRAM_RAW_NONCE_LEN 10 +#define SCRAM_RAW_NONCE_LEN 18 /* length of salt when generating new verifiers */ -#define SCRAM_DEFAULT_SALT_LEN 10 +#define SCRAM_DEFAULT_SALT_LEN 12 /* default number of iterations when generating verifier */ #define SCRAM_DEFAULT_ITERATIONS 4096 |