Question: Both ScramClient and ScramServer require password?

tlocke / scramp

Python implementation of the SCRAM protocol

MIT No Attribution

28 stars 5 forks source link

Question: Both ScramClient and ScramServer require password? #2

Closed futursolo closed 4 years ago

futursolo commented 4 years ago

Not sure if this is the right place to ask this question.

According to the example in README, both ScramServer and ScramClient required password to perform handshake. But I thought that SCRAM only passes hashes during handshakes.

Is this intended? Or am I missing something?

tlocke commented 4 years ago

Hi @futursolo, looking at https://tools.ietf.org/html/rfc5802 both sides only need the hashed forms of the password. In the Scramp library these are created at the beginning each time from the password. It would probably be a good idea to modify the library to accept pre-calculated hashes on either side. Would that be useful to you?

futursolo commented 4 years ago

It would be very useful as I am trying to create a web application using SCRAM as the authentication mechanism.

It would be even better if scramp could support extracted hashes from passlib.hash.scram as I am planning to use passlib to generate hashes with potential support for multiple algorithm.

https://passlib.readthedocs.io/en/stable/lib/passlib.hash.scram.html

tlocke commented 4 years ago

Hi, I've created a new branch which refactors the code to allow a separate authentication database:

https://github.com/tlocke/scramp/tree/test

I've updated the examples as well. What do you think? Also, did you have any thoughts about how passlib could be integrated?

futursolo commented 4 years ago

I think it looks good. Although, maybe not necessary to break backward compatibility.

I think as for passlib integration, the library should also accept hashes in binary format.

Since scram.extract_digest_info(hash, alg) returns (salt, round, spassword), which can be used to derive store_key and server_key. Maybe auth_fn return argument can be made to match that format?

Or users can calculate store_key and server_key in auth_fn themselves. Either way is fine for me.

tlocke commented 4 years ago

I've made a few alterations following your suggestions, see https://github.com/tlocke/scramp/tree/test

The salt, stored_key and server_key authentication values are now in binary rather than string form. This gives better performance and also makes it easier to integrate with passlib.
I've given an example of using Scramp with passlib https://github.com/tlocke/scramp/tree/test#server-only-with-passlib It uses a new method of ScramMechanism make_stored_server_keys.

On the question of breaking backward compatibility, with this new branch the client is backwardly compatible, it's only the server that's changing, and I don't think many people (if any) are using the server side at the moment.

Any thoughts?

futursolo commented 4 years ago

Thanks, it works like a charm.

tlocke commented 4 years ago

Great, I've done a new release: https://pypi.org/project/scramp/

Thanks for your help @futursolo :-)