// Iterate the hash function to generate SaltedPassword void generateSaltedPassword(const StringData& password, const unsigned char* salt, const int saltLen, const int iterationCount, unsigned char saltedPassword[hashSize]) { // saltedPassword = Hi(password, salt) HMACIteration(reinterpret_cast<const unsigned char*>(password.rawData()), password.size(), salt, saltLen, iterationCount, saltedPassword); }
/* Compute the SCRAM secrets storedKey and serverKey * as defined in RFC5802 */ void computeSCRAMProperties(const std::string& password, const unsigned char salt[], size_t saltLen, size_t iterationCount, unsigned char storedKey[scramHashSize], unsigned char serverKey[scramHashSize]) { #ifndef MONGO_SSL fassertFailed(17496); #else unsigned char saltedPassword[scramHashSize]; unsigned char clientKey[scramHashSize]; unsigned int hashLen = 0; // saltedPassword = Hi(password, salt) HMACIteration(reinterpret_cast<const unsigned char*>(password.data()), password.size(), salt, saltLen, iterationCount, saltedPassword); // clientKey = HMAC(saltedPassword, "Client Key") const std::string clientKeyConst = "Client Key"; fassert(17498, HMAC(EVP_sha1(), saltedPassword, scramHashSize, reinterpret_cast<const unsigned char*>(clientKeyConst.data()), clientKeyConst.size(), clientKey, &hashLen)); // storedKey = H(clientKey) fassert(17499, SHA1(clientKey, scramHashSize, storedKey)); // serverKey = HMAC(saltedPassword, "Server Key") const std::string serverKeyConst = "Server Key"; fassert(17500, HMAC(EVP_sha1(), saltedPassword, scramHashSize, reinterpret_cast<const unsigned char*>(serverKeyConst.data()), serverKeyConst.size(), serverKey, &hashLen)); #endif //MONGO_SSL }