[CDRIVER-2491] SCRAM-SHA-256 Support Created: 02/Feb/18  Updated: 28/Oct/23  Resolved: 01/Jun/18

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.11.0

Type: New Feature Priority: Major - P3
Reporter: Rathi Gnanasekaran Assignee: Kevin Albertson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by CXX-1559 Update SCRAM-SHA-256 implementation a... Closed
is depended on by DRIVERS-439 SCRAM-SHA-256 Support Closed
is depended on by PHPC-1108 SCRAM-SHA-256 Support Closed
Related
is related to CDRIVER-2613 Update SCRAM-SHA-256 implementation a... Closed
Epic Link: CDRIVER MongoDB 4.0 Support

 Description   

The next version of MongoDB will include SCRAM-SHA-256 as an authentication type. This is defined in RFC 7677. The sample conversation from the RFC is:

 This is a simple example of a SCRAM-SHA-256 authentication exchange... The username
   'user' and password 'pencil' are being used
 
   C: n,,n=user,r=rOprNGfwEbeRWgbNEkqO
 
   S: r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
      s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096
 
   C: c=biws,r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,
      p=dHzbZapWIk4jUhN+Ute9ytag9zjfMHgsqmmiz7AndVQ=
 
   S: v=6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4=

In advance of updates to the Auth spec, which will include additional details of mechanism negotiation and user/password normalization (see DRIVERS-444), all drivers should take steps now to ensure their SCRAM libraries are capable of operating in SHA-256 mode, using the sample conversation for verification. (You'll need for force the client nonce to be "rOprNGfwEbeRWgbNEkqO" for the test conversation to work.)



 Comments   
Comment by Githook User [ 01/Jun/18 ]

Author:

{'username': 'kevinAlbs', 'name': 'Kevin Albertson', 'email': 'kevin.albertson@10gen.com'}

Message: CDRIVER-2491 SCRAM-SHA-256 support
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/8d1dbffec34c65e6ed236f3bab097ef8a5e5c2bd

Comment by Githook User [ 30/May/18 ]

Author:

{'username': 'kevinAlbs', 'name': 'Kevin Albertson', 'email': 'kevin.albertson@10gen.com'}

Message: CDRIVER-2491 fix uri parsing for auth source
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/19350ee214f0d90db542f1a7738c5e8b0bde6d43

Comment by Kevin Albertson [ 26/Feb/18 ]

When documenting SCRAM-SHA-256 we should note that SASLPrep requires CMake 3.7 to include libicu, similar to the note about OpenSSL 1.1.0 support on Windows.

Generated at Wed Feb 07 21:15:23 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.