MySQL 8.0.29
Source Code Documentation
fido_client_plugin.cc File Reference
#include <mysql.h>
#include <mysql/client_plugin.h>
#include "my_dbug.h"
#include "fido_assertion.h"
#include "fido_common.h"
#include "fido_registration.h"

Functions

static bool do_registration ()
 FIDO client side registration method. More...
 
void get_plugin_messages (const std::string &msg, message_type type)
 
static int fido_auth_client_plugin_init (char *, size_t, int, va_list)
 authentication_fido_client plugin API to initialize More...
 
static int fido_auth_client_plugin_option (const char *option, const void *val)
 authentication_fido_client plugin API to allow server to pass optional data for plugin to process More...
 
static int fido_auth_client_get_plugin_option (const char *option, void *val)
 authentication_fido_client plugin API to allow server to get optional data from plugin More...
 
static int fido_auth_client (MYSQL_PLUGIN_VIO *vio, MYSQL *)
 FIDO client side authentication method. More...
 
 mysql_declare_client_plugin (AUTHENTICATION) "authentication_fido_client"
 

Variables

static bool is_fido_testing = false
 
static unsigned char registration_challenge [128] = {0}
 
static unsigned char * registration_challenge_response = nullptr
 
plugin_messages_callback mc = nullptr
 
 MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE
 
Fido Client Authentication Plugin
 
Fido Client Authentication GPL
 
Fido Client Authentication nullptr
 
Fido Client Authentication fido_auth_client_plugin_init
 
Fido Client Authentication fido_auth_client_plugin_deinit ()
 Deinitialize authentication_fido_client plugin. More...
 
Fido Client Authentication fido_auth_client_plugin_option
 
Fido Client Authentication fido_auth_client_get_plugin_option
 
Fido Client Authentication fido_auth_client
 
Fido Client Authentication mysql_end_client_plugin
 

Function Documentation

◆ do_registration()

static bool do_registration ( )
static

FIDO client side registration method.

This method does following:

  1. Receive challenge from server side FIDO plugin. This challenge comprises of username, salt and relying party name.
  2. Send this challenge to FIDO device and get the signature, authenticator data and x509 certificate generated by device. This is sent to server as challenge reponse.
Returns
registration status
Return values
falseSuccessful registration
trueRegistration failure

◆ fido_auth_client()

static int fido_auth_client ( MYSQL_PLUGIN_VIO vio,
MYSQL  
)
static

FIDO client side authentication method.

This method does following:

  1. Receive challenge from server side FIDO plugin. This challenge comprises of salt, relying party name.
  2. Send this challenge to FIDO device and get the signed challenge. Signed challenge includes signature and authenticator data, which is to be verified by server side plugin with public key.
Parameters
[in]vioVirtual I/O interface
Returns
authentication status
Return values
CR_OKSuccessful authentication
trueAuthentication failure

Get the challenge from the MySQL server.

◆ fido_auth_client_get_plugin_option()

static int fido_auth_client_get_plugin_option ( const char *  option,
void *  val 
)
static

authentication_fido_client plugin API to allow server to get optional data from plugin

◆ fido_auth_client_plugin_init()

static int fido_auth_client_plugin_init ( char *  ,
size_t  ,
int  ,
va_list   
)
static

authentication_fido_client plugin API to initialize

◆ fido_auth_client_plugin_option()

static int fido_auth_client_plugin_option ( const char *  option,
const void *  val 
)
static

authentication_fido_client plugin API to allow server to pass optional data for plugin to process

◆ get_plugin_messages()

void get_plugin_messages ( const std::string &  msg,
message_type  type 
)

◆ mysql_declare_client_plugin()

mysql_declare_client_plugin ( AUTHENTICATION  )

Variable Documentation

◆ fido_auth_client

Fido Client Authentication fido_auth_client

◆ fido_auth_client_get_plugin_option

Fido Client Authentication fido_auth_client_get_plugin_option

◆ fido_auth_client_plugin_deinit

static int fido_auth_client_plugin_deinit

Deinitialize authentication_fido_client plugin.

◆ fido_auth_client_plugin_init

Fido Client Authentication fido_auth_client_plugin_init

◆ fido_auth_client_plugin_option

Fido Client Authentication fido_auth_client_plugin_option

◆ GPL

Fido Client Authentication GPL

◆ is_fido_testing

bool is_fido_testing = false
static

◆ mc

◆ MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE

MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE

◆ mysql_end_client_plugin

Fido Client Authentication mysql_end_client_plugin

◆ nullptr

Dialog Client Authentication nullptr

◆ Plugin

Fido Client Authentication Plugin

◆ registration_challenge

unsigned char registration_challenge[128] = {0}
static

◆ registration_challenge_response

unsigned char* registration_challenge_response = nullptr
static