25#ifndef I_SHA2_PASSWORD_INCLUDED
26#define I_SHA2_PASSWORD_INCLUDED
29#include <unordered_map>
92 bool add(
const std::string authorization_id,
94 bool remove(
const std::string authorization_id);
95 bool search(
const std::string authorization_id,
115 MYSQL_PLUGIN plugin_handle,
size_t stored_digest_rounds,
119 std::pair<bool, bool>
authenticate(
const std::string &authorization_id,
120 const std::string *serialized_string,
121 const std::string &plaintext_password);
123 const unsigned char *random,
124 unsigned int random_length,
128 bool deserialize(
const std::string &serialized_string,
132 const std::string &salt,
const std::string &digest,
137 const std::string &random, std::string *digest,
Class to handle caching_sha2_authentication Provides methods for:
Definition: i_sha2_password.h:112
size_t get_cache_count()
Get cache count.
Definition: sha2_password.cc:688
SHA2_password_cache m_cache
user=>password cache
Definition: i_sha2_password.h:157
std::pair< bool, bool > authenticate(const std::string &authorization_id, const std::string *serialized_string, const std::string &plaintext_password)
Perform slow authentication.
Definition: sha2_password.cc:236
std::pair< bool, bool > fast_authenticate(const std::string &authorization_id, const unsigned char *random, unsigned int random_length, const unsigned char *scramble, bool check_second)
Perform fast authentication.
Definition: sha2_password.cc:351
Digest_info get_digest_type() const
Definition: i_sha2_password.h:142
unsigned int m_fast_digest_rounds
Number of rounds for fast digest.
Definition: i_sha2_password.h:151
bool deserialize(const std::string &serialized_string, Digest_info &digest_type, std::string &salt, std::string &digest, size_t &iterations)
Deserialize obtained hash and retrieve various parts.
Definition: sha2_password.cc:440
size_t get_digest_rounds()
Definition: i_sha2_password.h:143
mysql_rwlock_t m_cache_lock
Lock to protect m_cache.
Definition: i_sha2_password.h:155
void clear_cache()
Clear the password cache.
Definition: sha2_password.cc:695
size_t m_stored_digest_rounds
Number of rounds for stored digest.
Definition: i_sha2_password.h:149
bool generate_fast_digest(const std::string &plaintext_password, sha2_cache_entry &digest, unsigned int loc)
Generate digest based on m_fast_digest_rounds.
Definition: sha2_password.cc:601
bool generate_sha2_multi_hash(const std::string &src, const std::string &random, std::string *digest, unsigned int iterations)
Generate multi-round sha2 hash using source and random string.
Definition: sha2_password.cc:650
Digest_info m_digest_type
Digest type.
Definition: i_sha2_password.h:153
void remove_cached_entry(const std::string authorization_id)
Remove an entry from the cache.
Definition: sha2_password.cc:398
~Caching_sha2_password()
Caching_sha2_password destructor - destroy rw lock.
Definition: sha2_password.cc:210
bool serialize(std::string &serialized_string, const Digest_info &digest_type, const std::string &salt, const std::string &digest, size_t iterations)
Serialize following: a.
Definition: sha2_password.cc:541
bool validate_hash(const std::string serialized_string)
Validate a hash format.
Definition: sha2_password.cc:710
MYSQL_PLUGIN m_plugin_info
Plugin handle.
Definition: i_sha2_password.h:147
Caching_sha2_password(MYSQL_PLUGIN plugin_handle, size_t stored_digest_rounds, unsigned int fast_digest_rounds=DEFAULT_FAST_DIGEST_ROUNDS, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Caching_sha2_password constructor - Initializes rw lock.
Definition: sha2_password.cc:186
Password cache used for caching_sha2_authentication.
Definition: i_sha2_password.h:86
password_cache m_password_cache
Definition: i_sha2_password.h:102
~SHA2_password_cache()
Destructor - Release all memory.
Definition: sha2_password.cc:89
size_t size()
Returns number of cache entries present
Definition: i_sha2_password.h:98
SHA2_password_cache()=default
void clear_cache()
Clear the cache - Release all memory.
Definition: sha2_password.cc:166
bool add(const std::string authorization_id, const sha2_cache_entry &entry_to_be_cached)
Add an entry in cache We manage our own memory.
Definition: sha2_password.cc:107
bool remove(const std::string authorization_id)
Remove an entry from the cache.
Definition: sha2_password.cc:127
bool search(const std::string authorization_id, sha2_cache_entry &cache_entry)
Search an entry from the cache.
Definition: sha2_password.cc:150
std::unordered_map< std::string, sha2_cache_entry > password_cache
Definition: i_sha2_password.h:88
#define MAX_PLAINTEXT_LENGTH
Definition: crypt_genhash_impl.h:41
#define CRYPT_SALT_LENGTH
Definition: crypt_genhash_impl.h:34
#define ROUNDS_DEFAULT
Definition: crypt_genhash_impl.h:30
#define ROUNDS_MIN
Definition: crypt_genhash_impl.h:31
#define ROUNDS_MAX
Definition: crypt_genhash_impl.h:32
Classes for caching_sha2_authentication plugin.
void * MYSQL_PLUGIN
Definition: plugin.h:82
static unsigned int iterations
Definition: mysqlslap.cc:189
Definition: i_sha2_password.h:45
const unsigned int DIGEST_INFO_LENGTH
Definition: i_sha2_password.h:52
const unsigned int CACHING_SHA2_DIGEST_LENGTH
Definition: i_sha2_password_common.h:45
const char DELIMITER
Definition: i_sha2_password.h:66
const unsigned int STORED_SHA256_DIGEST_LENGTH
Definition: i_sha2_password.h:68
Digest_info
Supported digest information.
Definition: i_sha2_password_common.h:51
const unsigned int ITERATION_LENGTH
Definition: i_sha2_password.h:54
const long unsigned int MAX_ITERATIONS
Definition: i_sha2_password.h:58
const size_t CACHING_SHA2_PASSWORD_MAX_PASSWORD_LENGTH
Definition: i_sha2_password.h:74
const unsigned int MAX_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:49
struct sha2_password::sha2_cache_entry sha2_cache_entry
const unsigned int DEFAULT_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:48
const size_t MAX_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:72
const size_t DEFAULT_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:71
const unsigned int MIN_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:47
const unsigned int MAX_PASSWORDS
Definition: i_sha2_password.h:76
const unsigned int SHA256_AUTH_STRING_LEN
Definition: i_sha2_password.h:63
const size_t MIN_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:70
const unsigned int ITERATION_MULTIPLIER
Definition: i_sha2_password.h:56
const unsigned int SALT_LENGTH
Definition: i_sha2_password.h:60
void scramble(char *to, const char *message, const char *password)
Produce an obscure octet sequence from password and random string, received from the server.
Definition: mysql_native_authentication_client.cc:214
Instrumentation helpers for rwlock.
An instrumented rwlock structure.
Definition: mysql_rwlock_bits.h:51
Definition: i_sha2_password.h:78
unsigned char digest_buffer[MAX_PASSWORDS][CACHING_SHA2_DIGEST_LENGTH]
Definition: i_sha2_password.h:79