diff options
Diffstat (limited to 'src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/xdg/scram/common.go')
-rw-r--r-- | src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/xdg/scram/common.go | 97 |
1 files changed, 0 insertions, 97 deletions
diff --git a/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/xdg/scram/common.go b/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/xdg/scram/common.go deleted file mode 100644 index cb705cb74ec..00000000000 --- a/src/mongo/gotools/src/github.com/mongodb/mongo-tools/vendor/github.com/xdg/scram/common.go +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2018 by David A. Golden. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 - -package scram - -import ( - "crypto/hmac" - "crypto/rand" - "encoding/base64" - "strings" -) - -// NonceGeneratorFcn defines a function that returns a string of high-quality -// random printable ASCII characters EXCLUDING the comma (',') character. The -// default nonce generator provides Base64 encoding of 24 bytes from -// crypto/rand. -type NonceGeneratorFcn func() string - -// derivedKeys collects the three cryptographically derived values -// into one struct for caching. -type derivedKeys struct { - ClientKey []byte - StoredKey []byte - ServerKey []byte -} - -// KeyFactors represent the two server-provided factors needed to compute -// client credentials for authentication. Salt is decoded bytes (i.e. not -// base64), but in string form so that KeyFactors can be used as a map key for -// cached credentials. -type KeyFactors struct { - Salt string - Iters int -} - -// StoredCredentials are the values that a server must store for a given -// username to allow authentication. They include the salt and iteration -// count, plus the derived values to authenticate a client and for the server -// to authenticate itself back to the client. -// -// NOTE: these are specific to a given hash function. To allow a user to -// authenticate with either SCRAM-SHA-1 or SCRAM-SHA-256, two sets of -// StoredCredentials must be created and stored, one for each hash function. -type StoredCredentials struct { - KeyFactors - StoredKey []byte - ServerKey []byte -} - -// CredentialLookup is a callback to provide StoredCredentials for a given -// username. This is used to configure Server objects. -// -// NOTE: these are specific to a given hash function. The callback provided -// to a Server with a given hash function must provide the corresponding -// StoredCredentials. -type CredentialLookup func(string) (StoredCredentials, error) - -func defaultNonceGenerator() string { - raw := make([]byte, 24) - nonce := make([]byte, base64.StdEncoding.EncodedLen(len(raw))) - rand.Read(raw) - base64.StdEncoding.Encode(nonce, raw) - return string(nonce) -} - -func encodeName(s string) string { - return strings.Replace(strings.Replace(s, "=", "=3D", -1), ",", "=2C", -1) -} - -func decodeName(s string) (string, error) { - // TODO Check for = not followed by 2C or 3D - return strings.Replace(strings.Replace(s, "=2C", ",", -1), "=3D", "=", -1), nil -} - -func computeHash(hg HashGeneratorFcn, b []byte) []byte { - h := hg() - h.Write(b) - return h.Sum(nil) -} - -func computeHMAC(hg HashGeneratorFcn, key, data []byte) []byte { - mac := hmac.New(hg, key) - mac.Write(data) - return mac.Sum(nil) -} - -func xorBytes(a, b []byte) []byte { - // TODO check a & b are same length, or just xor to smallest - xor := make([]byte, len(a)) - for i := range a { - xor[i] = a[i] ^ b[i] - } - return xor -} |