24#ifndef I_SHA2_PASSWORD_INCLUDED
25#define I_SHA2_PASSWORD_INCLUDED
28#include <unordered_map>
91 bool add(
const std::string authorization_id,
93 bool remove(
const std::string authorization_id);
94 bool search(
const std::string authorization_id,
114 MYSQL_PLUGIN plugin_handle,
size_t stored_digest_rounds,
118 std::pair<bool, bool>
authenticate(
const std::string &authorization_id,
119 const std::string *serialized_string,
120 const std::string &plaintext_password);
122 const unsigned char *random,
123 unsigned int random_length,
127 bool deserialize(
const std::string &serialized_string,
131 const std::string &salt,
const std::string &digest,
136 const std::string &random, std::string *digest,
Class to handle caching_sha2_authentication Provides methods for:
Definition: i_sha2_password.h:111
size_t get_cache_count()
Get cache count.
Definition: sha2_password.cc:687
SHA2_password_cache m_cache
user=>password cache
Definition: i_sha2_password.h:156
std::pair< bool, bool > authenticate(const std::string &authorization_id, const std::string *serialized_string, const std::string &plaintext_password)
Perform slow authentication.
Definition: sha2_password.cc:235
std::pair< bool, bool > fast_authenticate(const std::string &authorization_id, const unsigned char *random, unsigned int random_length, const unsigned char *scramble, bool check_second)
Perform fast authentication.
Definition: sha2_password.cc:350
Digest_info get_digest_type() const
Definition: i_sha2_password.h:141
unsigned int m_fast_digest_rounds
Number of rounds for fast digest.
Definition: i_sha2_password.h:150
bool deserialize(const std::string &serialized_string, Digest_info &digest_type, std::string &salt, std::string &digest, size_t &iterations)
Deserialize obtained hash and retrieve various parts.
Definition: sha2_password.cc:439
size_t get_digest_rounds()
Definition: i_sha2_password.h:142
mysql_rwlock_t m_cache_lock
Lock to protect m_cache.
Definition: i_sha2_password.h:154
void clear_cache()
Clear the password cache.
Definition: sha2_password.cc:694
size_t m_stored_digest_rounds
Number of rounds for stored digest.
Definition: i_sha2_password.h:148
bool generate_fast_digest(const std::string &plaintext_password, sha2_cache_entry &digest, unsigned int loc)
Generate digest based on m_fast_digest_rounds.
Definition: sha2_password.cc:600
bool generate_sha2_multi_hash(const std::string &src, const std::string &random, std::string *digest, unsigned int iterations)
Generate multi-round sha2 hash using source and random string.
Definition: sha2_password.cc:649
Digest_info m_digest_type
Digest type.
Definition: i_sha2_password.h:152
void remove_cached_entry(const std::string authorization_id)
Remove an entry from the cache.
Definition: sha2_password.cc:397
~Caching_sha2_password()
Caching_sha2_password destructor - destroy rw lock.
Definition: sha2_password.cc:209
bool serialize(std::string &serialized_string, const Digest_info &digest_type, const std::string &salt, const std::string &digest, size_t iterations)
Serialize following: a.
Definition: sha2_password.cc:540
bool validate_hash(const std::string serialized_string)
Validate a hash format.
Definition: sha2_password.cc:709
MYSQL_PLUGIN m_plugin_info
Plugin handle.
Definition: i_sha2_password.h:146
Caching_sha2_password(MYSQL_PLUGIN plugin_handle, size_t stored_digest_rounds, unsigned int fast_digest_rounds=DEFAULT_FAST_DIGEST_ROUNDS, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Caching_sha2_password constructor - Initializes rw lock.
Definition: sha2_password.cc:185
Password cache used for caching_sha2_authentication.
Definition: i_sha2_password.h:85
password_cache m_password_cache
Definition: i_sha2_password.h:101
~SHA2_password_cache()
Destructor - Release all memory.
Definition: sha2_password.cc:88
size_t size()
Returns number of cache entries present
Definition: i_sha2_password.h:97
SHA2_password_cache()=default
void clear_cache()
Clear the cache - Release all memory.
Definition: sha2_password.cc:165
bool add(const std::string authorization_id, const sha2_cache_entry &entry_to_be_cached)
Add an entry in cache We manage our own memory.
Definition: sha2_password.cc:106
bool remove(const std::string authorization_id)
Remove an entry from the cache.
Definition: sha2_password.cc:126
bool search(const std::string authorization_id, sha2_cache_entry &cache_entry)
Search an entry from the cache.
Definition: sha2_password.cc:149
std::unordered_map< std::string, sha2_cache_entry > password_cache
Definition: i_sha2_password.h:87
#define MAX_PLAINTEXT_LENGTH
Definition: crypt_genhash_impl.h:40
#define CRYPT_SALT_LENGTH
Definition: crypt_genhash_impl.h:33
#define ROUNDS_DEFAULT
Definition: crypt_genhash_impl.h:29
#define ROUNDS_MIN
Definition: crypt_genhash_impl.h:30
#define ROUNDS_MAX
Definition: crypt_genhash_impl.h:31
Classes for caching_sha2_authentication plugin.
void * MYSQL_PLUGIN
Definition: plugin.h:81
void scramble(char *to, const char *message, const char *password)
Produce an obscure octet sequence from password and random string, received from the server.
Definition: password.cc:270
static unsigned int iterations
Definition: mysqlslap.cc:188
Definition: i_sha2_password.h:44
const unsigned int DIGEST_INFO_LENGTH
Definition: i_sha2_password.h:51
const unsigned int CACHING_SHA2_DIGEST_LENGTH
Definition: i_sha2_password_common.h:44
const char DELIMITER
Definition: i_sha2_password.h:65
const unsigned int STORED_SHA256_DIGEST_LENGTH
Definition: i_sha2_password.h:67
Digest_info
Supported digest information.
Definition: i_sha2_password_common.h:50
const unsigned int ITERATION_LENGTH
Definition: i_sha2_password.h:53
const long unsigned int MAX_ITERATIONS
Definition: i_sha2_password.h:57
const size_t CACHING_SHA2_PASSWORD_MAX_PASSWORD_LENGTH
Definition: i_sha2_password.h:73
const unsigned int MAX_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:48
struct sha2_password::sha2_cache_entry sha2_cache_entry
const unsigned int DEFAULT_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:47
const size_t MAX_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:71
const size_t DEFAULT_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:70
const unsigned int MIN_FAST_DIGEST_ROUNDS
Definition: i_sha2_password.h:46
const unsigned int MAX_PASSWORDS
Definition: i_sha2_password.h:75
const unsigned int SHA256_AUTH_STRING_LEN
Definition: i_sha2_password.h:62
const size_t MIN_STORED_DIGEST_ROUNDS
Definition: i_sha2_password.h:69
const unsigned int ITERATION_MULTIPLIER
Definition: i_sha2_password.h:55
const unsigned int SALT_LENGTH
Definition: i_sha2_password.h:59
Instrumentation helpers for rwlock.
An instrumented rwlock structure.
Definition: mysql_rwlock_bits.h:50
Definition: i_sha2_password.h:77
unsigned char digest_buffer[MAX_PASSWORDS][CACHING_SHA2_DIGEST_LENGTH]
Definition: i_sha2_password.h:78