MySQL 8.2.0
Source Code Documentation
i_sha2_password_common.h
Go to the documentation of this file.
1/*
2Copyright (c) 2017, 2023, Oracle and/or its affiliates.
3
4This program is free software; you can redistribute it and/or modify
5it under the terms of the GNU General Public License, version 2.0,
6as published by the Free Software Foundation.
7
8This program is also distributed with certain software (including
9but not limited to OpenSSL) that is licensed under separate terms,
10as designated in a particular file or component or in included license
11documentation. The authors of MySQL hereby grant you an additional
12permission to link the program and your derivative works with the
13separately licensed software that they have included with MySQL.
14
15This program is distributed in the hope that it will be useful,
16but WITHOUT ANY WARRANTY; without even the implied warranty of
17MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18GNU General Public License, version 2.0, for more details.
19
20You should have received a copy of the GNU General Public License
21along with this program; if not, write to the Free Software
22Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef I_SHA2_PASSWORD_COMMON_INCLUDED
25#define I_SHA2_PASSWORD_COMMON_INCLUDED
26
27#include <openssl/evp.h>
28#include "openssl/ossl_typ.h"
29#include "sha2.h" /* SHA256_DIGEST_LENGTH */
30
31#include <string>
32
33/**
34 @file sql/auth/i_sha2_password_common.h
35 Classes for caching_sha2_authentication plugin
36*/
37
38/**
39 @defgroup auth_caching_sha2_auth caching_sha2_authentication information
40 @{
41*/
42namespace sha2_password {
43/* Digest length for caching_sha2_authentication plugin */
44const unsigned int CACHING_SHA2_DIGEST_LENGTH = SHA256_DIGEST_LENGTH;
45
46/**
47 Supported digest information
48*/
49
51
52/**
53 Interface for cryptographic digest generation
54*/
55
57 public:
58 virtual bool update_digest(const void *src, unsigned int length) = 0;
59 virtual bool retrieve_digest(unsigned char *digest, unsigned int length) = 0;
60 virtual void scrub() = 0;
61 virtual ~Generate_digest() = default;
62};
63
64/**
65 SHA256 digest generator
66 @sa Generate_digest
67 @sa Digest_info
68*/
69
71 public:
73 ~SHA256_digest() override;
74
75 bool update_digest(const void *src, unsigned int length) override;
76 bool retrieve_digest(unsigned char *digest, unsigned int length) override;
77 void scrub() override;
78 bool all_ok() { return m_ok; }
79
80 private:
81 void init();
82 void deinit();
83
84 private:
85 /** Digest output buffer */
87 /** Digest context */
88 EVP_MD_CTX *md_context;
89 /** Status */
90 bool m_ok;
91};
92
93/**
94 Scramble generator
95 Responsible for generating scramble of following format:
96 XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))
97 @sa SHA256_digest
98 @sa Digest_info
99*/
100
102 public:
103 Generate_scramble(const std::string source, const std::string rnd,
105
107
108 bool scramble(unsigned char *scramble, unsigned int scramble_length);
109
110 private:
111 /** plaintext source string */
112 std::string m_src;
113 /** random string */
114 std::string m_rnd;
115 /** Type of digest */
117 /** Digest generator class */
119 /** length of the digest */
120 unsigned int m_digest_length;
121};
122
123/**
124 Scramble validator
125 Expects scramble to be:
126 XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))
127 Validates it against:
128 SHA2(SHA2(m_src)) and random string
129
130 @sa Generate_scramble
131 @sa SHA256_digest
132 @sa Digest_info
133*/
134
136 public:
137 Validate_scramble(const unsigned char *scramble, const unsigned char *known,
138 const unsigned char *rnd, unsigned int rnd_length,
140
142
143 bool validate();
144
145 private:
146 /** scramble to be validated */
147 const unsigned char *m_scramble;
148 /** SHA2(SHA2(plaintext_password)) */
149 const unsigned char *m_known;
150 /** random string */
151 const unsigned char *m_rnd;
152 /** random string length*/
153 unsigned int m_rnd_length;
154 /** Type of digest */
156 /** Digest generator class */
158 /** length of the digest */
159 unsigned int m_digest_length;
160};
161} // namespace sha2_password
162
163/** @} (end of auth_caching_sha2_auth) */
164
165#endif // !I_SHA2_PASSWORD_INCLUDED
Interface for cryptographic digest generation.
Definition: i_sha2_password_common.h:56
virtual bool retrieve_digest(unsigned char *digest, unsigned int length)=0
virtual ~Generate_digest()=default
virtual bool update_digest(const void *src, unsigned int length)=0
Scramble generator Responsible for generating scramble of following format: XOR(SHA2(m_src),...
Definition: i_sha2_password_common.h:101
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:118
std::string m_rnd
random string
Definition: i_sha2_password_common.h:114
~Generate_scramble()
Generate_scramble destructor.
Definition: sha2_password_common.cc:183
std::string m_src
plaintext source string
Definition: i_sha2_password_common.h:112
bool scramble(unsigned char *scramble, unsigned int scramble_length)
Scramble generation.
Definition: sha2_password_common.cc:205
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:116
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:120
Generate_scramble(const std::string source, const std::string rnd, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Generate_scramble constructor.
Definition: sha2_password_common.cc:164
SHA256 digest generator.
Definition: i_sha2_password_common.h:70
bool update_digest(const void *src, unsigned int length) override
Update digest with plaintext.
Definition: sha2_password_common.cc:71
void deinit()
Release allocated memory for digest context.
Definition: sha2_password_common.cc:151
void scrub() override
Cleanup and reinit.
Definition: sha2_password_common.cc:117
SHA256_digest()
SHA256 digest generator constructor.
Definition: sha2_password_common.cc:52
unsigned char m_digest[CACHING_SHA2_DIGEST_LENGTH]
Digest output buffer.
Definition: i_sha2_password_common.h:86
bool m_ok
Status.
Definition: i_sha2_password_common.h:90
bool retrieve_digest(unsigned char *digest, unsigned int length) override
Retrieve generated digest.
Definition: sha2_password_common.cc:95
bool all_ok()
Definition: i_sha2_password_common.h:78
~SHA256_digest() override
Release acquired memory.
Definition: sha2_password_common.cc:58
void init()
Initialize digest context.
Definition: sha2_password_common.cc:129
EVP_MD_CTX * md_context
Digest context.
Definition: i_sha2_password_common.h:88
Scramble validator Expects scramble to be: XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)),...
Definition: i_sha2_password_common.h:135
~Validate_scramble()
Validate_scramble destructor.
Definition: sha2_password_common.cc:297
const unsigned char * m_rnd
random string
Definition: i_sha2_password_common.h:151
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:157
const unsigned char * m_known
SHA2(SHA2(plaintext_password))
Definition: i_sha2_password_common.h:149
bool validate()
Validate the scramble.
Definition: sha2_password_common.cc:316
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:159
unsigned int m_rnd_length
random string length
Definition: i_sha2_password_common.h:153
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:155
Validate_scramble(const unsigned char *scramble, const unsigned char *known, const unsigned char *rnd, unsigned int rnd_length, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Validate scramble constructor.
Definition: sha2_password_common.cc:274
const unsigned char * m_scramble
scramble to be validated
Definition: i_sha2_password_common.h:147
static int rnd(int max_value)
Definition: hp_test2.cc:550
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:75
Definition: i_sha2_password.h:44
const unsigned int CACHING_SHA2_DIGEST_LENGTH
Definition: i_sha2_password_common.h:44
Digest_info
Supported digest information.
Definition: i_sha2_password_common.h:50
void scramble(char *to, const char *message, const char *password)
Produce an obscure octet sequence from password and random string, received from the server.
Definition: mysql_native_authentication_client.cc:213
repeated Source source
Definition: replication_asynchronous_connection_failover.proto:41