On 04/10/2017 09:28 PM, Álvaro Hernández Tortosa wrote:
> On 10/04/17 13:02, Heikki Linnakangas wrote:
>> On 04/10/2017 12:39 PM, Álvaro Hernández Tortosa wrote:
>>> * The nonce length is not specified by the RFC. I see typical
>>> implementations use 24 chars for the client and 18 for the server.
>>> Current code uses 10. I think it should not hurt making it at least 16
>>> or 18.
>>
>> Wouldn't hurt, I guess. IIRC I checked some other implementations,
>> when I picked 10, but I don't remember which ones anymore. Got a
>> reference for 24/18?
>
> First reference is the RFC example itself (non-mandatory, of
> course). But then I saw many followed this. As a quick example, GNU SASL
> defines:
>
> #define SNONCE_ENTROPY_BYTES 18
> https://www.gnu.org/software/gsasl/coverage/lib/scram/server.c.gcov.frameset.html
Ok, I bumped up the nonce lengths to 18 raw bytes. Thanks!
- Heikki