vendor/github.com/Shopify/sarama/scram_formatter.go - voltha-go - Gitiles

 package sarama

 import (
 	"crypto/hmac"
 	"crypto/sha256"
 	"crypto/sha512"
 	"hash"
 )

 // ScramFormatter implementation
 // @see: https://github.com/apache/kafka/blob/99b9b3e84f4e98c3f07714e1de6a139a004cbc5b/clients/src/main/java/org/apache/kafka/common/security/scram/internals/ScramFormatter.java#L93
 type scramFormatter struct {
 	mechanism ScramMechanismType
 }

 func (s scramFormatter) mac(key []byte) (hash.Hash, error) {
 	var m hash.Hash

 	switch s.mechanism {
 	case SCRAM_MECHANISM_SHA_256:
 		m = hmac.New(sha256.New, key)

 	case SCRAM_MECHANISM_SHA_512:
 		m = hmac.New(sha512.New, key)
 	default:
 		return nil, ErrUnknownScramMechanism
 	}

 	return m, nil
 }

 func (s scramFormatter) hmac(key []byte, extra []byte) ([]byte, error) {
 	mac, err := s.mac(key)
 	if err != nil {
 		return nil, err
 	}

 	if _, err := mac.Write(extra); err != nil {
 		return nil, err
 	}
 	return mac.Sum(nil), nil
 }

 func (s scramFormatter) xor(result []byte, second []byte) {
 	for i := 0; i < len(result); i++ {
 		result[i] = result[i] ^ second[i]
 	}
 }

 func (s scramFormatter) saltedPassword(password []byte, salt []byte, iterations int) ([]byte, error) {
 	mac, err := s.mac(password)
 	if err != nil {
 		return nil, err
 	}

 	if _, err := mac.Write(salt); err != nil {
 		return nil, err
 	}
 	if _, err := mac.Write([]byte{0, 0, 0, 1}); err != nil {
 		return nil, err
 	}

 	u1 := mac.Sum(nil)
 	prev := u1
 	result := u1

 	for i := 2; i <= iterations; i++ {
 		ui, err := s.hmac(password, prev)
 		if err != nil {
 			return nil, err
 		}

 		s.xor(result, ui)
 		prev = ui
 	}

 	return result, nil
 }
	package sarama

	import (
	"crypto/hmac"
	"crypto/sha256"
	"crypto/sha512"
	"hash"
	)

	// ScramFormatter implementation
	// @see: https://github.com/apache/kafka/blob/99b9b3e84f4e98c3f07714e1de6a139a004cbc5b/clients/src/main/java/org/apache/kafka/common/security/scram/internals/ScramFormatter.java#L93
	type scramFormatter struct {
	mechanism ScramMechanismType
	}

	func (s scramFormatter) mac(key []byte) (hash.Hash, error) {
	var m hash.Hash

	switch s.mechanism {
	case SCRAM_MECHANISM_SHA_256:
	m = hmac.New(sha256.New, key)

	case SCRAM_MECHANISM_SHA_512:
	m = hmac.New(sha512.New, key)
	default:
	return nil, ErrUnknownScramMechanism
	}

	return m, nil
	}

	func (s scramFormatter) hmac(key []byte, extra []byte) ([]byte, error) {
	mac, err := s.mac(key)
	if err != nil {
	return nil, err
	}

	if _, err := mac.Write(extra); err != nil {
	return nil, err
	}
	return mac.Sum(nil), nil
	}

	func (s scramFormatter) xor(result []byte, second []byte) {
	for i := 0; i < len(result); i++ {
	result[i] = result[i] ^ second[i]
	}
	}

	func (s scramFormatter) saltedPassword(password []byte, salt []byte, iterations int) ([]byte, error) {
	mac, err := s.mac(password)
	if err != nil {
	return nil, err
	}

	if _, err := mac.Write(salt); err != nil {
	return nil, err
	}
	if _, err := mac.Write([]byte{0, 0, 0, 1}); err != nil {
	return nil, err
	}

	u1 := mac.Sum(nil)
	prev := u1
	result := u1

	for i := 2; i <= iterations; i++ {
	ui, err := s.hmac(password, prev)
	if err != nil {
	return nil, err
	}

	s.xor(result, ui)
	prev = ui
	}

	return result, nil
	}