The SCRAM-SHA-1 mechanism is designed to provide (almost) the same capabilities as CRAM-MD5 and DIGEST-MD5 but use modern cryptographic techniques such as HMAC-SHA-1 hashing and PKCS#5 PBKDF2 key derivation. SCRAM-SHA-1 supports authorization identities. Like CRAM-MD5 and DIGEST-MD5, only a hashed password is transferred. Consequently, SCRAM-SHA-1 needs access to the correct password to verify the client response.
In the client, this mechanism is always enabled, and it requires the
GSASL_AUTHID property, and either
GSASL_SCRAM_SALTED_PASSWORD. If set,
be used by the client. To be able to return the proper
GSASL_SCRAM_SALTED_PASSWORD value, the client needs to check
GSASL_SCRAM_SALT values which
are available when the
GSASL_SCRAM_SALTED_PASSWORD property is
In the server, the mechanism will require the
callback property, which may use the
GSASL_AUTHID property to
determine which users' password should be used. The
GSASL_AUTHID will be in normalized form. The server will then
normalize the returned password, and compare the client response with
the computed correct response, and accept the user accordingly. The
server may also set the
GSASL_SCRAM_SALT properties to influence the values to be used
by clients to derive a key from a password.
Currently channel bindings are not supported, so there is no support for SCRAM-SHA-1-PLUS.