On 19 okt. 2015, at 13:40, Thijs Alkemade <m...@thijsalkema.de> wrote: > >> >> On 19 okt. 2015, at 08:26, Pa He <pat.herzf...@gmail.com> wrote: >> >> I'm having problems implementing the internal_hashed procedures in ruby. My >> setup is the following: >> >> I have a public-facing prosody 9.3 which does not allow inband registration. >> I'm writing a Ruby on Rails App >> which should insert the new users into the postgres DB I setup for prosody >> account storage, but I >> have trouble computing the stored_key and server_key. >> >> AFAIK: >> iterations is hardcoded to be 4096 for new users, but can be any integer. >> UUIDs are used as salt. >> stored_key should be the following: SHA1( clientkey ) >> where clientkey is HMAC (slatedpw, "Client Key") >> and saltedpw is a PBKDF2-SHA1(userspassword, salt and iterations) >> serverkey is the same as clientkey, but HMACed with "Server Key" and without >> the last SHA1 operation. >> >> Am I missing something here? Because I implemented this procedure with >> Rails' integrated OpenSSL >> module and I am not getting the same hashes as I get when using in-band >> registration. >> >> Cheers >> Patrick > > Hi Patrick, > > Could you post some example outputs? Start with a password salt and i, and > post the values of saltedpw, clientkey and storedkey you compute. > > (Alternatively you could look at , where I've posted all of the > intermediate values the client computes.) > > Regards, > Thijs
Where:  = http://wiki.xmpp.org/web/SASLandSCRAM-SHA-1 Thijs -- You received this message because you are subscribed to the Google Groups "prosody-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to prosody-dev+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. Visit this group at http://groups.google.com/group/prosody-dev. For more options, visit https://groups.google.com/d/optout.
Description: Message signed with OpenPGP using GPGMail