1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
;;; sasl-scram-sha256.el --- SCRAM-SHA-256 module for the SASL client framework -*- lexical-binding: t; -*-
;; Copyright (C) 2020-2025 Free Software Foundation, Inc.
;; Author: Simon Josefsson <simon@josefsson.org>
;; Package: sasl
;; This file is part of GNU Emacs.
;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.
;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs. If not, see <https://www.gnu.org/licenses/>.
;;; Commentary:
;; Implement the SCRAM-SHA-256 mechanism from RFC 7677.
;;; Code:
(require 'cl-lib)
(require 'sasl)
(require 'hex-util)
(require 'rfc2104)
(require 'sasl-scram-rfc)
;;; SCRAM-SHA-256
(defconst sasl-scram-sha-256-steps
'(sasl-scram-client-first-message
sasl-scram-sha-256-client-final-message
sasl-scram-sha-256-authenticate-server))
(defun sasl-scram-sha256 (object &optional start end binary)
(secure-hash 'sha256 object start end binary))
(defun sasl-scram-sha-256-client-final-message (client step)
(sasl-scram--client-final-message
;; HMAC-SHA256 uses block length 64 and hash length 32; see RFC 4634.
'sasl-scram-sha256 64 32 client step))
(defun sasl-scram-sha-256-authenticate-server (client step)
(sasl-scram--authenticate-server
'sasl-scram-sha256 64 32 client step))
(put 'sasl-scram-sha256 'sasl-mechanism
(sasl-make-mechanism "SCRAM-SHA-256" sasl-scram-sha-256-steps))
(provide 'sasl-scram-sha256)
;;; sasl-scram-sha256.el ends here
|
