mysql-server/latest/i__sha2__password__common_8h_source.html

/*

Copyright (c) 2017, 2023, Oracle and/or its affiliates.


This program is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License, version 2.0,

as published by the Free Software Foundation.


This program is also distributed with certain software (including

but not limited to OpenSSL) that is licensed under separate terms,

as designated in a particular file or component or in included license

documentation.  The authors of MySQL hereby grant you an additional

permission to link the program and your derivative works with the

separately licensed software that they have included with MySQL.


This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

GNU General Public License, version 2.0, for more details.


You should have received a copy of the GNU General Public License

along with this program; if not, write to the Free Software

Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */


#ifndef I_SHA2_PASSWORD_COMMON_INCLUDED

#define I_SHA2_PASSWORD_COMMON_INCLUDED


#include <openssl/evp.h>

#include "openssl/ossl_typ.h"

#include "sha2.h" /* SHA256_DIGEST_LENGTH */


#include <string>


/**

  @file sql/auth/i_sha2_password_common.h

  Classes for caching_sha2_authentication plugin

*/


/**

  @defgroup auth_caching_sha2_auth caching_sha2_authentication information

  @{

*/

namespace sha2_password {

/* Digest length for caching_sha2_authentication plugin */

const unsigned int CACHING_SHA2_DIGEST_LENGTH = SHA256_DIGEST_LENGTH;


/**

  Supported digest information

*/


enum class Digest_info { SHA256_DIGEST = 0, DIGEST_LAST };


/**

  Interface for cryptographic digest generation

*/


class Generate_digest {

 public:

  virtual bool update_digest(const void *src, unsigned int length) = 0;

  virtual bool retrieve_digest(unsigned char *digest, unsigned int length) = 0;

  virtual void scrub() = 0;

  virtual ~Generate_digest() = default;

};


/**

  SHA256 digest generator

  @sa Generate_digest

  @sa Digest_info

*/


class SHA256_digest : public Generate_digest {

 public:

  SHA256_digest();

  ~SHA256_digest() override;


  bool update_digest(const void *src, unsigned int length) override;

  bool retrieve_digest(unsigned char *digest, unsigned int length) override;

  void scrub() override;

  bool all_ok() { return m_ok; }


 private:

  void init();

  void deinit();


 private:

  /** Digest output buffer */

  unsigned char m_digest[CACHING_SHA2_DIGEST_LENGTH];

  /** Digest context */

  EVP_MD_CTX *md_context;

  /** Status */

  bool m_ok;

};


/**

  Scramble generator

  Responsible for generating scramble of following format:

  XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))

  @sa SHA256_digest

  @sa Digest_info

*/


class Generate_scramble {

 public:

  Generate_scramble(const std::string source, const std::string rnd,

                    Digest_info digest_type = Digest_info::SHA256_DIGEST);


  ~Generate_scramble();


  bool scramble(unsigned char *scramble, unsigned int scramble_length);


 private:

  /** plaintext source string */

  std::string m_src;

  /** random string */

  std::string m_rnd;

  /** Type of digest */

  Digest_info m_digest_type;

  /** Digest generator class */

  Generate_digest *m_digest_generator;

  /** length of the digest */

  unsigned int m_digest_length;

};


/**

  Scramble validator

  Expects scramble to be:

    XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))

  Validates it against:

    SHA2(SHA2(m_src)) and random string


  @sa Generate_scramble

  @sa SHA256_digest

  @sa Digest_info

*/


class Validate_scramble {

 public:

  Validate_scramble(const unsigned char *scramble, const unsigned char *known,

                    const unsigned char *rnd, unsigned int rnd_length,

                    Digest_info digest_type = Digest_info::SHA256_DIGEST);


  ~Validate_scramble();


  bool validate();


 private:

  /** scramble to be validated */

  const unsigned char *m_scramble;

  /** SHA2(SHA2(plaintext_password)) */

  const unsigned char *m_known;

  /** random string */

  const unsigned char *m_rnd;

  /** random string length*/

  unsigned int m_rnd_length;

  /** Type of digest */

  Digest_info m_digest_type;

  /** Digest generator class */

  Generate_digest *m_digest_generator;

  /** length of the digest */

  unsigned int m_digest_length;

};

}  // namespace sha2_password


/** @} (end of auth_caching_sha2_auth) */


#endif  // !I_SHA2_PASSWORD_INCLUDED

sha2_password::Generate_digest
Interface for cryptographic digest generation.
Definition: i_sha2_password_common.h:56

sha2_password::Generate_digest::retrieve_digest
virtual bool retrieve_digest(unsigned char *digest, unsigned int length)=0

sha2_password::Generate_digest::scrub
virtual void scrub()=0

sha2_password::Generate_digest::~Generate_digest
virtual ~Generate_digest()=default

sha2_password::Generate_digest::update_digest
virtual bool update_digest(const void *src, unsigned int length)=0

sha2_password::Generate_scramble
Scramble generator Responsible for generating scramble of following format: XOR(SHA2(m_src),...
Definition: i_sha2_password_common.h:101

sha2_password::Generate_scramble::m_digest_generator
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:118

sha2_password::Generate_scramble::m_rnd
std::string m_rnd
random string
Definition: i_sha2_password_common.h:114

sha2_password::Generate_scramble::~Generate_scramble
~Generate_scramble()
Generate_scramble destructor.
Definition: sha2_password_common.cc:183

sha2_password::Generate_scramble::m_src
std::string m_src
plaintext source string
Definition: i_sha2_password_common.h:112

sha2_password::Generate_scramble::scramble
bool scramble(unsigned char *scramble, unsigned int scramble_length)
Scramble generation.
Definition: sha2_password_common.cc:205

sha2_password::Generate_scramble::m_digest_type
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:116

sha2_password::Generate_scramble::m_digest_length
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:120

sha2_password::Generate_scramble::Generate_scramble
Generate_scramble(const std::string source, const std::string rnd, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Generate_scramble constructor.
Definition: sha2_password_common.cc:164

sha2_password::SHA256_digest
SHA256 digest generator.
Definition: i_sha2_password_common.h:70

sha2_password::SHA256_digest::update_digest
bool update_digest(const void *src, unsigned int length) override
Update digest with plaintext.
Definition: sha2_password_common.cc:71

sha2_password::SHA256_digest::deinit
void deinit()
Release allocated memory for digest context.
Definition: sha2_password_common.cc:151

sha2_password::SHA256_digest::scrub
void scrub() override
Cleanup and reinit.
Definition: sha2_password_common.cc:117

sha2_password::SHA256_digest::SHA256_digest
SHA256_digest()
SHA256 digest generator constructor.
Definition: sha2_password_common.cc:52

sha2_password::SHA256_digest::m_digest
unsigned char m_digest[CACHING_SHA2_DIGEST_LENGTH]
Digest output buffer.
Definition: i_sha2_password_common.h:86

sha2_password::SHA256_digest::m_ok
bool m_ok
Status.
Definition: i_sha2_password_common.h:90

sha2_password::SHA256_digest::retrieve_digest
bool retrieve_digest(unsigned char *digest, unsigned int length) override
Retrieve generated digest.
Definition: sha2_password_common.cc:95

sha2_password::SHA256_digest::all_ok
bool all_ok()
Definition: i_sha2_password_common.h:78

sha2_password::SHA256_digest::~SHA256_digest
~SHA256_digest() override
Release acquired memory.
Definition: sha2_password_common.cc:58

sha2_password::SHA256_digest::init
void init()
Initialize digest context.
Definition: sha2_password_common.cc:129

sha2_password::SHA256_digest::md_context
EVP_MD_CTX * md_context
Digest context.
Definition: i_sha2_password_common.h:88

sha2_password::Validate_scramble
Scramble validator Expects scramble to be: XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)),...
Definition: i_sha2_password_common.h:135

sha2_password::Validate_scramble::~Validate_scramble
~Validate_scramble()
Validate_scramble destructor.
Definition: sha2_password_common.cc:297

sha2_password::Validate_scramble::m_rnd
const unsigned char * m_rnd
random string
Definition: i_sha2_password_common.h:151

sha2_password::Validate_scramble::m_digest_generator
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:157

sha2_password::Validate_scramble::m_known
const unsigned char * m_known
SHA2(SHA2(plaintext_password))
Definition: i_sha2_password_common.h:149

sha2_password::Validate_scramble::validate
bool validate()
Validate the scramble.
Definition: sha2_password_common.cc:316

sha2_password::Validate_scramble::m_digest_length
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:159

sha2_password::Validate_scramble::m_rnd_length
unsigned int m_rnd_length
random string length
Definition: i_sha2_password_common.h:153

sha2_password::Validate_scramble::m_digest_type
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:155

sha2_password::Validate_scramble::Validate_scramble
Validate_scramble(const unsigned char *scramble, const unsigned char *known, const unsigned char *rnd, unsigned int rnd_length, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Validate scramble constructor.
Definition: sha2_password_common.cc:274

sha2_password::Validate_scramble::m_scramble
const unsigned char * m_scramble
scramble to be validated
Definition: i_sha2_password_common.h:147

rnd
static int rnd(int max_value)
Definition: hp_test2.cc:547

scramble
void scramble(char *to, const char *message, const char *password)
Produce an obscure octet sequence from password and random string, received from the server.
Definition: password.cc:270

gis::length
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:75

sha2_password
Definition: i_sha2_password.h:44

sha2_password::CACHING_SHA2_DIGEST_LENGTH
const unsigned int CACHING_SHA2_DIGEST_LENGTH
Definition: i_sha2_password_common.h:44

sha2_password::Digest_info
Digest_info
Supported digest information.
Definition: i_sha2_password_common.h:50

sha2_password::Digest_info::SHA256_DIGEST
@ SHA256_DIGEST

sha2_password::Digest_info::DIGEST_LAST
@ DIGEST_LAST

source
repeated Source source
Definition: replication_asynchronous_connection_failover.proto:41

sha2.h