On Thu, Aug 17, 2017 at 9:21 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> Different thing. That was the nonce length, now we're talking about salt
> length.
Actually that commit (0557a5dc2cf845639d384801b6861ebbd35dc7ee) changed both:
-#define SCRAM_RAW_NONCE_LEN 10
+#define SCRAM_RAW_NONCE_LEN 18
/* length of salt when generating new verifiers */
-#define SCRAM_DEFAULT_SALT_LEN 10
+#define SCRAM_DEFAULT_SALT_LEN 12
I don't think I understand exactly how they're different; especially,
I don't quite understand how the nonce is used.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company