UtilPack.Cryptography.SASL.SCRAM 2.0.0

.NET Standard 1.0 .NET Framework 4.0
dotnet add package UtilPack.Cryptography.SASL.SCRAM --version 2.0.0
NuGet\Install-Package UtilPack.Cryptography.SASL.SCRAM -Version 2.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="UtilPack.Cryptography.SASL.SCRAM" Version="2.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add UtilPack.Cryptography.SASL.SCRAM --version 2.0.0
#r "nuget: UtilPack.Cryptography.SASL.SCRAM, 2.0.0"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install UtilPack.Cryptography.SASL.SCRAM as a Cake Addin
#addin nuget:?package=UtilPack.Cryptography.SASL.SCRAM&version=2.0.0

// Install UtilPack.Cryptography.SASL.SCRAM as a Cake Tool
#tool nuget:?package=UtilPack.Cryptography.SASL.SCRAM&version=2.0.0


This is library implementing SCRAM-(SHA-1|SHA-256|SHA-512) protocol without dynamically allocating any strings. The SCRAM protocol handlers are accessible via extension methods for BlockDigestAlgorithm interface of UtilPack.Cryptography.Digest project.

Here is an example for authenticating as a client:

using UtilPack.Cryptography.Digest;

// Example of using SCRAM-SHA-256
// Variables username, password, and stream are assumed to be coming from elsewhere in this example.
using ( var client = new SHA256().CreateSASLClientSCRAM() )
  var encoding = new UTF8Encoding( false, false ).CreateDefaultEncodingInfo();
  var writeArray = new ResizableArray<Byte>();
  var credentials = new SASLCredentialsSCRAMForClient(
    password // password may be clear-text password as string, or result of PBKDF2 iteration as byte array.

  // Create client-first message
  (var bytesWritten, var challengeResult) = await client.ChallengeOrThrowOnErrorAsync( credentials.CreateChallengeArguments(
    null, // Initial phase does not read anything
    ) );

  // Write client-first message
  await stream.WriteAsync( writeArray.Array, 0, bytesWritten );

  // Read server-first message
  var readBytes = new Byte[10000]; // Assume static max size for this small example
  var readCount = await stream.ReadAsync( readBytes, 0, readBytes.Length ); // Assume this simple and naïve read for this small example

  // Create client-final message
  (bytesWritten, challengeResult) = await client.ChallengeOrThrowOnErrorAsync( credentials.CreateChallengeArguments(
    ) );

  // At this point, credentials.PasswordDigest will contain result of PBKDF2 iteration, if cleartext password was specified earlier

  // Write client-final message
  await stream.WriteAsync( writeArray.Array, 0, bytesWritten );

  // Read server-final message
  var readCount = await stream.ReadAsync(readBytes, 0, readBytes.Length );
  // Validate server-final message
  (bytesWritten, challengeResult) = await client.ChallengeOrThrowOnErrorAsync( credentials.CreateChallengeArguments(
    ) );

  // Now bytesWritten will be 0, and challengeResult will be SASLChallengeResult.Completed.
  // An exception will be thrown on authentication error, or if server sents wrong messaage.


See NuGet package for binary distribution.


Modify code as needed after starting to use Span<T> (currently, the code for client and server SCRAM not the prettiest code there is). This will require a polyfill (in UtilPack, most likely) for .NET 4.0.

Product Versions
.NET net5.0 net5.0-windows net6.0 net6.0-android net6.0-ios net6.0-maccatalyst net6.0-macos net6.0-tvos net6.0-windows net7.0 net7.0-android net7.0-ios net7.0-maccatalyst net7.0-macos net7.0-tvos net7.0-windows
.NET Core netcoreapp1.0 netcoreapp1.1 netcoreapp2.0 netcoreapp2.1 netcoreapp2.2 netcoreapp3.0 netcoreapp3.1
.NET Standard netstandard1.0 netstandard1.1 netstandard1.2 netstandard1.3 netstandard1.4 netstandard1.5 netstandard1.6 netstandard2.0 netstandard2.1
.NET Framework net40 net403 net45 net451 net452 net46 net461 net462 net463 net47 net471 net472 net48
MonoAndroid monoandroid
MonoMac monomac
MonoTouch monotouch
Tizen tizen30 tizen40 tizen60
Universal Windows Platform uap uap10.0
Windows Phone wp8 wp81 wpa81
Windows Store netcore netcore45 netcore451
Xamarin.iOS xamarinios
Xamarin.Mac xamarinmac
Xamarin.TVOS xamarintvos
Xamarin.WatchOS xamarinwatchos
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on UtilPack.Cryptography.SASL.SCRAM:

Package Downloads

The Connection-Based Asynchronous Messaging (CBAM) SQL.PostgreSQL.Implementation assembly provides implementation and API in order to create connection pools which can create connections to PostgreSQL database backend. A good starting point is PgSQLConnectionPool class.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
2.0.0 7,722 5/26/2018
1.0.0-RC1 1,199 10/29/2017

Updating to newer version of UtilPack.Cryptography.Digest. This introduces binary-incompatible change, resulting in major version number increase.