🔒 Support `SCRAM-*-PLUS` with channel binding

[nevans]

To use channel binding and SCRAM-SHA-256-PLUS, I just made the following subclass. Sharing in case helpful for a broader implementation of -PLUS authenticators.

class ScramSHA256PlusAuthenticator < Net::IMAP::SASL::ScramSHA256Authenticator
  def initialize(*args, **options)
    super(*args, **options)
    @ssl_cert = options[:ssl_cert]
  end

  def gs2_cb_flag
    "p=tls-server-end-point"
  end

  def cbind_input
    cert_algo_raw = @ssl_cert.signature_algorithm
    cert_algo = OpenSSL::Digest.new(cert_algo_raw).name # standardize e.g. sha256WithRSAEncryption to SHA256
    sasl_algo = cert_algo == "MD5" || cert_algo == "SHA1" ? "SHA256" : cert_algo
    hash = OpenSSL::Digest.digest(sasl_algo, @ssl_cert.to_der)
    "#{gs2_header}#{hash}"
  end
end

The ssl_cert option to ScramSHA256PlusAuthenticator.new should be passed ssl_server_socket.peer_cert.

Originally posted by @jawj in #54

[Neustradamus]

Linked to:

• State of Play scram-sasl/info#1

[Neustradamus]

@nevans; Have you progressed?

Little details, to know easily:

• tls-unique for TLS =< 1.2 (RFC5929)
• tls-server-end-point =< 1.2 + 1.3 (RFC5929)
• tls-exporter for TLS = 1.3 (RFC9266)