Quantcast

pgAdmin4 needs information of v10 SCRAM authentication

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

pgAdmin4 needs information of v10 SCRAM authentication

Akshay Joshi
Hi All

We are into development phase where we are trying to incorporate the v10 changes into pgAdmin4. v10 added support for the SCRAM authentication into database server, so pgAdmin4 needs to incorporate that feature(for 'Change Password'). Now problem I am facing is, unable to find correct set of python api's which I can use to perform SCRAM encryption/decryption through pgAdmin4 (Most of you already know that pgAdmin4 is re-written in Python and Web technologies). 
 
I have googled for how to encrypt password for scram and found https://passlib.readthedocs.io/en/1.6.2/lib/passlib.hash.scram.html?highlight=scram#passlib.hash.scram . I have tried below logic to encrypt the password:
  • from passlib.hash import scram
  • hash = scram.encrypt(data['newPassword']) -- This function provide password for all the supported digest like [md5, sha-1, sha-256, sha-512]. Didn't work I have tried with all the passwords.
  • test = scram.extract_digest_info(hash, "sha-256") -- This function extract info for specified digest "sha-256". I have retrieve the password which was in hexadecimal. Didn't work as well.
Now I am stuck here and no clue how to encrypt/decrypt the password for SCRAM authentication. Can someone guide me out here. 
--
Akshay Joshi
Principal Software Engineer 


Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pgAdmin4 needs information of v10 SCRAM authentication

Michael Paquier
On Fri, Apr 21, 2017 at 3:27 PM, Akshay Joshi
<[hidden email]> wrote:
> from passlib.hash import scram
> hash = scram.encrypt(data['newPassword']) -- This function provide password for all the supported digest like [md5, sha-1, sha-256, sha-512]. Didn't work I have tried with all the passwords.
> test = scram.extract_digest_info(hash, "sha-256") -- This function extract info for specified digest "sha-256". I have retrieve the password which was in hexadecimal. Didn't work as well.
>
> Now I am stuck here and no clue how to encrypt/decrypt the password for SCRAM authentication. Can someone guide me out here.

Here you go:
https://www.postgresql.org/message-id/76ac7e67-4e3a-f4df-e087-fbac90151907@...
--
Michael


--
Sent via pgsql-general mailing list ([hidden email])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pgAdmin4 needs information of v10 SCRAM authentication

Akshay Joshi


On Fri, Apr 21, 2017 at 12:07 PM, Michael Paquier <[hidden email]> wrote:
On Fri, Apr 21, 2017 at 3:27 PM, Akshay Joshi
<[hidden email]> wrote:
> from passlib.hash import scram
> hash = scram.encrypt(data['newPassword']) -- This function provide password for all the supported digest like [md5, sha-1, sha-256, sha-512]. Didn't work I have tried with all the passwords.
> test = scram.extract_digest_info(hash, "sha-256") -- This function extract info for specified digest "sha-256". I have retrieve the password which was in hexadecimal. Didn't work as well.
>
> Now I am stuck here and no clue how to encrypt/decrypt the password for SCRAM authentication. Can someone guide me out here.

Here you go:
https://www.postgresql.org/message-id/76ac7e67-4e3a-f4df-e087-fbac90151907@...

   Thanks Michael, will check this. 

--
Michael



--
Akshay Joshi
Principal Software Engineer 


Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pgAdmin4 needs information of v10 SCRAM authentication

Michael Paquier
On Fri, Apr 21, 2017 at 3:43 PM, Akshay Joshi
<[hidden email]> wrote:
>    Thanks Michael, will check this.

One thing I forgot to mention... Both StoredKey and ServerKey are now
encoded in hex, but there is still an open item related to the
handling of psql's \password on which I have written a patch to switch
their encoding to base64 for simplicity. Not sure what is Heikki's
take on the matter, but I would recommend to be careful about that. My
last set of patches is here:
https://www.postgresql.org/message-id/CAB7nPqSbsCBCxy8-DtwzRxYgTnbGUtY4uFEkLQhG=R=uo=g8Fw@...
--
Michael


--
Sent via pgsql-general mailing list ([hidden email])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pgAdmin4 needs information of v10 SCRAM authentication

Akshay Joshi


On Fri, Apr 21, 2017 at 12:20 PM, Michael Paquier <[hidden email]> wrote:
On Fri, Apr 21, 2017 at 3:43 PM, Akshay Joshi
<[hidden email]> wrote:
>    Thanks Michael, will check this.

One thing I forgot to mention... Both StoredKey and ServerKey are now
encoded in hex, but there is still an open item related to the
handling of psql's \password on which I have written a patch to switch
their encoding to base64 for simplicity. Not sure what is Heikki's
take on the matter, but I would recommend to be careful about that. My
last set of patches is here:
https://www.postgresql.org/message-id/CAB7nPqSbsCBCxy8-DtwzRxYgTnbGUtY4uFEkLQhG=R=uo=g8Fw@...

    Thanks Michael 

--
Michael



--
Akshay Joshi
Principal Software Engineer 


Phone: +91 20-3058-9517
Mobile: +91 976-788-8246
Previous Thread Next Thread
Loading...