def _get_client_final(hf, password, salt_str, iterations, nonce, auth_msg_str):
salt = b64dec(salt_str)
salted_password = _make_salted_password(hf, password, salt, iterations)
client_key, stored_key, server_key = _c_key_stored_key_s_key(
hf, salted_password)
auth_msg = uenc(auth_msg_str)
client_signature = hmac(hf, stored_key, auth_msg)
client_proof = xor(client_key, client_signature)
server_signature = hmac(hf, server_key, auth_msg)
msg = ['c=' + b64enc(b'n,,'), 'r=' + nonce, 'p=' + b64enc(client_proof)]
return b64enc(server_signature), ','.join(msg)
def _check_client_key(hf, stored_key, auth_msg, proof):
client_signature = hmac(hf, stored_key, auth_msg)
client_key = xor(client_signature, b64dec(proof))
key = h(hf, client_key)
if key != stored_key:
raise ScramException("The client keys don't match.")
def _get_client_final(hf, password, salt_str, iterations, nonce, auth_msg_str,
cbind_data):
salt = b64dec(salt_str)
salted_password = _make_salted_password(hf, password, salt, iterations)
client_key, stored_key, server_key = _c_key_stored_key_s_key(
hf, salted_password)
auth_msg = uenc(auth_msg_str)
client_signature = hmac(hf, stored_key, auth_msg)
client_proof = xor(client_key, client_signature)
server_signature = hmac(hf, server_key, auth_msg)
cbind_input = _make_cbind_input(cbind_data)
msg = [
"c=" + b64enc(cbind_input), "r=" + nonce, "p=" + b64enc(client_proof)
]
return b64enc(server_signature), ",".join(msg)
def _set_client_final(
hf, client_final, s_nonce, stored_key, server_key, auth_msg_str):
auth_msg = uenc(auth_msg_str)
msg = _parse_message(client_final)
nonce = msg['r']
proof = msg['p']
if not nonce.endswith(s_nonce):
raise ScramException("Server nonce doesn't match.")
_check_client_key(hf, stored_key, auth_msg, proof)
sig = hmac(hf, server_key, auth_msg)
return b64enc(sig)
def _set_client_final(
hf, client_final, s_nonce, stored_key, server_key, auth_msg_str,
cbind_data):
auth_msg = uenc(auth_msg_str)
msg = _parse_message(client_final)
nonce = msg['r']
proof = msg['p']
channel_binding = msg['c']
if not b64dec(channel_binding) == _make_cbind_input(cbind_data):
raise ScramException("The channel bindings don't match.")
if not nonce.endswith(s_nonce):
raise ScramException("Server nonce doesn't match.")
_check_client_key(hf, stored_key, auth_msg, proof)
sig = hmac(hf, server_key, auth_msg)
return b64enc(sig)
def _set_client_final(hf, client_final, s_nonce, stored_key, server_key,
auth_msg_str, cbind_data):
auth_msg = uenc(auth_msg_str)
msg = _parse_message(client_final)
nonce = msg["r"]
proof = msg["p"]
channel_binding = msg["c"]
if not b64dec(channel_binding) == _make_cbind_input(cbind_data):
raise ScramException(
"The channel bindings don't match.",
SERVER_ERROR_CHANNEL_BINDINGS_DONT_MATCH,
)
if not nonce.endswith(s_nonce):
raise ScramException("Server nonce doesn't match.",
SERVER_ERROR_OTHER_ERROR)
_check_client_key(hf, stored_key, auth_msg, proof)
sig = hmac(hf, server_key, auth_msg)
return b64enc(sig)
def _c_key_stored_key_s_key(hf, salted_password):
client_key = hmac(hf, salted_password, b"Client Key")
stored_key = h(hf, client_key)
server_key = hmac(hf, salted_password, b"Server Key")
return client_key, stored_key, server_key
