Scroll to navigation

gsasl_scram_secrets_from_password(3) gsasl gsasl_scram_secrets_from_password(3)


gsasl_scram_secrets_from_password - API function


#include <gsasl.h>

int gsasl_scram_secrets_from_password(Gsasl_hash hash, const char * password, unsigned int iteration_count, const char * salt, size_t saltlen, char * salted_password, char * client_key, char * server_key, char * stored_key);


a Gsasl_hash element, e.g., GSASL_HASH_SHA256.
input parameter with password.
number of PBKDF2 rounds to apply.
input character array of saltlen length with salt for PBKDF2.
length of salt .
pre-allocated output array with derived salted password.
pre-allocated output array with derived client key.
pre-allocated output array with derived server key.
pre-allocated output array with derived stored key.


Helper function to generate SCRAM secrets from a password. The
salted_password , client_key , server_key , and stored_key buffers must have room to hold digest for given hash , use GSASL_HASH_MAX_SIZE which is sufficient for all hashes.

Return value: Returns GSASL_OK if successful, or error code.




Report bugs to <>.
General guidelines for reporting bugs:
GNU SASL home page:


Copyright © 2002-2021 Simon Josefsson.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.


The full documentation for gsasl is maintained as a Texinfo manual. If the info and gsasl programs are properly installed at your site, the command

info gsasl

should give you access to the complete manual. As an alternative you may obtain the manual from:
1.10.0 gsasl