On 08/17/2017 05:23 PM, Peter Eisentraut wrote:
On 8/17/17 09:21, Heikki Linnakangas wrote:
The RFC doesn't say anything about salt
length, but the one example in it uses a 16 byte string as the salt.
That's more or less equal to the current default of 12 raw bytes, after
base64-encoding.
The example is
S: r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096
That salt is 24 characters and 16 raw bytes.
Ah, I see, that's from the SCRAM-SHA-256 spec. I was looking at the
example in the original SCRAM-SHA-1 spec:
S: r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,
i=4096
- Heikki
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers