MySQL 8.0.39
Source Code Documentation
password.cc File Reference
#include <string.h>
#include <sys/types.h>
#include "crypt_genhash_impl.h"
#include "m_string.h"
#include "my_inttypes.h"
#include "my_macros.h"
#include "mysql_com.h"
#include "sha1.h"

Macros

#define PVERSION41_CHAR   '*'
 

Functions

void randominit (struct rand_struct *rand_st, ulong seed1, ulong seed2)
 
void hash_password (ulong *result, const char *password, uint password_len)
 
static uint8 char_val (uint8 X)
 
char * octet2hex (char *to, const char *str, uint len)
 
static void hex2octet (uint8 *to, const char *str, uint len)
 
static void my_crypt (char *to, const uchar *s1, const uchar *s2, uint len)
 
void my_make_scrambled_password (char *to, const char *password, size_t pass_len)
 
static void compute_two_stage_sha1_hash (const char *password, size_t pass_len, uint8 *hash_stage1, uint8 *hash_stage2)
 Compute two stage SHA1 hash of the password : More...
 
void my_make_scrambled_password_sha1 (char *to, const char *password, size_t pass_len)
 
void make_scrambled_password (char *to, const char *password)
 
void scramble (char *to, const char *message, const char *password)
 Produce an obscure octet sequence from password and random string, received from the server. More...
 
static bool check_scramble_sha1 (const uchar *scramble_arg, const char *message, const uint8 *hash_stage2)
 Check that scrambled message corresponds to the password. More...
 
bool check_scramble (const uchar *scramble_arg, const char *message, const uint8 *hash_stage2)
 
void get_salt_from_password (uint8 *hash_stage2, const char *password)
 
void make_password_from_salt (char *to, const uint8 *hash_stage2)
 Convert scrambled password from binary form to asciiz hex string. More...
 

Macro Definition Documentation

◆ PVERSION41_CHAR

#define PVERSION41_CHAR   '*'

Function Documentation

◆ char_val()

static uint8 char_val ( uint8  X)
inlinestatic

◆ check_scramble()

bool check_scramble ( const uchar scramble_arg,
const char *  message,
const uint8 hash_stage2 
)

◆ check_scramble_sha1()

static bool check_scramble_sha1 ( const uchar scramble_arg,
const char *  message,
const uint8 hash_stage2 
)
static

Check that scrambled message corresponds to the password.

The function is used by server to check that received reply is authentic. This function does not check lengths of given strings: message must be null-terminated, reply and hash_stage2 must be at least SHA1_HASH_SIZE long (if not, something fishy is going on).

Parameters
scramble_argclients' reply, presumably produced by scramble()
messageoriginal random string, previously sent to client (presumably second argument of scramble()), must be exactly SCRAMBLE_LENGTH long and NULL-terminated.
hash_stage2hex2octet-decoded database entry
Return values
falsepassword is correct Wretval true password is invalid

◆ compute_two_stage_sha1_hash()

static void compute_two_stage_sha1_hash ( const char *  password,
size_t  pass_len,
uint8 hash_stage1,
uint8 hash_stage2 
)
inlinestatic

Compute two stage SHA1 hash of the password :

hash_stage1=sha1("password") hash_stage2=sha1(hash_stage1)

Parameters
[in]passwordPassword string.
[in]pass_lenLength of the password.
[out]hash_stage1sha1(password)
[out]hash_stage2sha1(hash_stage1)

◆ get_salt_from_password()

void get_salt_from_password ( uint8 hash_stage2,
const char *  password 
)

◆ hash_password()

void hash_password ( ulong *  result,
const char *  password,
uint  password_len 
)

◆ hex2octet()

static void hex2octet ( uint8 to,
const char *  str,
uint  len 
)
static

◆ make_password_from_salt()

void make_password_from_salt ( char *  to,
const uint8 hash_stage2 
)

Convert scrambled password from binary form to asciiz hex string.

Parameters
[out]tostore resulting string here, 2*SHA1_HASH_SIZE+2 bytes
hash_stage2password in salt format

◆ make_scrambled_password()

void make_scrambled_password ( char *  to,
const char *  password 
)

◆ my_crypt()

static void my_crypt ( char *  to,
const uchar s1,
const uchar s2,
uint  len 
)
static

◆ my_make_scrambled_password()

void my_make_scrambled_password ( char *  to,
const char *  password,
size_t  pass_len 
)

◆ my_make_scrambled_password_sha1()

void my_make_scrambled_password_sha1 ( char *  to,
const char *  password,
size_t  pass_len 
)

◆ octet2hex()

char * octet2hex ( char *  to,
const char *  str,
uint  len 
)

◆ randominit()

void randominit ( struct rand_struct rand_st,
ulong  seed1,
ulong  seed2 
)

◆ scramble()

void scramble ( char *  to,
const char *  message,
const char *  password 
)

Produce an obscure octet sequence from password and random string, received from the server.

This sequence corresponds to the password, but password can not be easily restored from it. The sequence is then sent to the server for validation. Trailing zero is not stored in the buf as it is not needed. This function is used by client to create authenticated reply to the server's greeting.

Parameters
[out]tostore scrambled string here. The buf must be at least SHA1_HASH_SIZE bytes long.
messagerandom message, must be exactly SCRAMBLE_LENGTH long and NULL-terminated.
passwordusers' password, NULL-terminated