On 19 okt. 2015, at 13:40, Thijs Alkemade <m...@thijsalkema.de> wrote:
> 
>> 
>> On 19 okt. 2015, at 08:26, Pa He <pat.herzf...@gmail.com> wrote:
>> 
>> I'm having problems implementing the internal_hashed procedures in ruby. My 
>> setup is the following:
>> 
>> I have a public-facing prosody 9.3 which does not allow inband registration. 
>> I'm writing a Ruby on Rails App
>> which should insert the new users into the postgres DB I setup for prosody 
>> account storage, but I
>> have trouble computing the stored_key and server_key.
>> 
>> AFAIK:
>> iterations is hardcoded to be 4096 for new users, but can be any integer.
>> UUIDs are used as salt.
>> stored_key should be the following: SHA1( clientkey )
>> where clientkey is HMAC (slatedpw, "Client Key")
>> and saltedpw is a PBKDF2-SHA1(userspassword, salt and iterations)
>> serverkey is the same as clientkey, but HMACed with "Server Key" and without 
>> the last SHA1 operation.
>> 
>> Am I missing something here? Because I implemented this procedure with 
>> Rails' integrated OpenSSL
>> module and I am not getting the same hashes as I get when using in-band 
>> registration.
>> 
>> Cheers
>> Patrick
> 
> Hi Patrick,
> 
> Could you post some example outputs? Start with a password salt and i, and
> post the values of saltedpw, clientkey and storedkey you compute.
> 
> (Alternatively you could look at [1], where I've posted all of the
> intermediate values the client computes.)
> 
> Regards,
> Thijs

Where:

[1] = http://wiki.xmpp.org/web/SASLandSCRAM-SHA-1

Thijs

-- 
You received this message because you are subscribed to the Google Groups 
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to prosody-dev+unsubscr...@googlegroups.com.
To post to this group, send email to prosody-dev@googlegroups.com.
Visit this group at http://groups.google.com/group/prosody-dev.
For more options, visit https://groups.google.com/d/optout.

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Reply via email to