mysql-server/latest/i__sha2__password__common_8h_source.html

/*

Copyright (c) 2017, 2025, Oracle and/or its affiliates.


This program is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License, version 2.0,

as published by the Free Software Foundation.


This program is designed to work with certain software (including

but not limited to OpenSSL) that is licensed under separate terms,

as designated in a particular file or component or in included license

documentation.  The authors of MySQL hereby grant you an additional

permission to link the program and your derivative works with the

separately licensed software that they have either included with

the program or referenced in the documentation.


This program is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

GNU General Public License, version 2.0, for more details.


You should have received a copy of the GNU General Public License

along with this program; if not, write to the Free Software

Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */


#ifndef I_SHA2_PASSWORD_COMMON_INCLUDED

#define I_SHA2_PASSWORD_COMMON_INCLUDED


#include <openssl/evp.h>

#include "openssl/ossl_typ.h"

#include "sha2.h" /* SHA256_DIGEST_LENGTH */


#include <string>


/**

  @file sql/auth/i_sha2_password_common.h

  Classes for caching_sha2_authentication plugin

*/


/**

  @defgroup auth_caching_sha2_auth caching_sha2_authentication information

  @{

*/

namespace sha2_password {

/* Digest length for caching_sha2_authentication plugin */

const unsigned int CACHING_SHA2_DIGEST_LENGTH = SHA256_DIGEST_LENGTH;


/**

  Supported digest information

*/


enum class Digest_info { SHA256_DIGEST = 0, DIGEST_LAST };


/**

  Interface for cryptographic digest generation

*/


class Generate_digest {

 public:

  virtual bool update_digest(const void *src, unsigned int length) = 0;

  virtual bool retrieve_digest(unsigned char *digest, unsigned int length) = 0;

  virtual void scrub() = 0;

  virtual ~Generate_digest() = default;

};


/**

  SHA256 digest generator

  @sa Generate_digest

  @sa Digest_info

*/


class SHA256_digest : public Generate_digest {

 public:

  SHA256_digest();

  ~SHA256_digest() override;


  bool update_digest(const void *src, unsigned int length) override;

  bool retrieve_digest(unsigned char *digest, unsigned int length) override;

  void scrub() override;

  bool all_ok() { return m_ok; }


 private:

  void init();

  void deinit();


 private:

  /** Digest output buffer */

  unsigned char m_digest[CACHING_SHA2_DIGEST_LENGTH];

  /** Digest context */

  EVP_MD_CTX *md_context;

  /** Status */

  bool m_ok;

};


/**

  Scramble generator

  Responsible for generating scramble of following format:

  XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))

  @sa SHA256_digest

  @sa Digest_info

*/


class Generate_scramble {

 public:

  Generate_scramble(const std::string &source, const std::string &rnd,

                    Digest_info digest_type = Digest_info::SHA256_DIGEST);


  ~Generate_scramble();


  bool scramble(unsigned char *scramble, unsigned int scramble_length);


 private:

  /** plaintext source string */

  std::string m_src;

  /** random string */

  std::string m_rnd;

  /** Type of digest */

  Digest_info m_digest_type;

  /** Digest generator class */

  Generate_digest *m_digest_generator;

  /** length of the digest */

  unsigned int m_digest_length;

};


/**

  Scramble validator

  Expects scramble to be:

    XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)), m_rnd))

  Validates it against:

    SHA2(SHA2(m_src)) and random string


  @sa Generate_scramble

  @sa SHA256_digest

  @sa Digest_info

*/


class Validate_scramble {

 public:

  Validate_scramble(const unsigned char *scramble, const unsigned char *known,

                    const unsigned char *rnd, unsigned int rnd_length,

                    Digest_info digest_type = Digest_info::SHA256_DIGEST);


  ~Validate_scramble();


  bool validate();


 private:

  /** scramble to be validated */

  const unsigned char *m_scramble;

  /** SHA2(SHA2(plaintext_password)) */

  const unsigned char *m_known;

  /** random string */

  const unsigned char *m_rnd;

  /** random string length*/

  unsigned int m_rnd_length;

  /** Type of digest */

  Digest_info m_digest_type;

  /** Digest generator class */

  Generate_digest *m_digest_generator;

  /** length of the digest */

  unsigned int m_digest_length;

};

}  // namespace sha2_password


/** @} (end of auth_caching_sha2_auth) */


#endif  // !I_SHA2_PASSWORD_INCLUDED

sha2_password::Generate_digest
Interface for cryptographic digest generation.
Definition: i_sha2_password_common.h:57

sha2_password::Generate_digest::retrieve_digest
virtual bool retrieve_digest(unsigned char *digest, unsigned int length)=0

sha2_password::Generate_digest::scrub
virtual void scrub()=0

sha2_password::Generate_digest::~Generate_digest
virtual ~Generate_digest()=default

sha2_password::Generate_digest::update_digest
virtual bool update_digest(const void *src, unsigned int length)=0

sha2_password::Generate_scramble
Scramble generator Responsible for generating scramble of following format: XOR(SHA2(m_src),...
Definition: i_sha2_password_common.h:102

sha2_password::Generate_scramble::m_digest_generator
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:119

sha2_password::Generate_scramble::m_rnd
std::string m_rnd
random string
Definition: i_sha2_password_common.h:115

sha2_password::Generate_scramble::~Generate_scramble
~Generate_scramble()
Generate_scramble destructor.
Definition: sha2_password_common.cc:185

sha2_password::Generate_scramble::m_src
std::string m_src
plaintext source string
Definition: i_sha2_password_common.h:113

sha2_password::Generate_scramble::scramble
bool scramble(unsigned char *scramble, unsigned int scramble_length)
Scramble generation.
Definition: sha2_password_common.cc:207

sha2_password::Generate_scramble::m_digest_type
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:117

sha2_password::Generate_scramble::m_digest_length
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:121

sha2_password::Generate_scramble::Generate_scramble
Generate_scramble(const std::string &source, const std::string &rnd, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Generate_scramble constructor.
Definition: sha2_password_common.cc:166

sha2_password::SHA256_digest
SHA256 digest generator.
Definition: i_sha2_password_common.h:71

sha2_password::SHA256_digest::update_digest
bool update_digest(const void *src, unsigned int length) override
Update digest with plaintext.
Definition: sha2_password_common.cc:73

sha2_password::SHA256_digest::deinit
void deinit()
Release allocated memory for digest context.
Definition: sha2_password_common.cc:153

sha2_password::SHA256_digest::scrub
void scrub() override
Cleanup and reinit.
Definition: sha2_password_common.cc:119

sha2_password::SHA256_digest::SHA256_digest
SHA256_digest()
SHA256 digest generator constructor.
Definition: sha2_password_common.cc:54

sha2_password::SHA256_digest::m_digest
unsigned char m_digest[CACHING_SHA2_DIGEST_LENGTH]
Digest output buffer.
Definition: i_sha2_password_common.h:87

sha2_password::SHA256_digest::m_ok
bool m_ok
Status.
Definition: i_sha2_password_common.h:91

sha2_password::SHA256_digest::retrieve_digest
bool retrieve_digest(unsigned char *digest, unsigned int length) override
Retrieve generated digest.
Definition: sha2_password_common.cc:97

sha2_password::SHA256_digest::all_ok
bool all_ok()
Definition: i_sha2_password_common.h:79

sha2_password::SHA256_digest::~SHA256_digest
~SHA256_digest() override
Release acquired memory.
Definition: sha2_password_common.cc:60

sha2_password::SHA256_digest::init
void init()
Initialize digest context.
Definition: sha2_password_common.cc:131

sha2_password::SHA256_digest::md_context
EVP_MD_CTX * md_context
Digest context.
Definition: i_sha2_password_common.h:89

sha2_password::Validate_scramble
Scramble validator Expects scramble to be: XOR(SHA2(m_src), SHA2(SHA2(SHA2(m_src)),...
Definition: i_sha2_password_common.h:136

sha2_password::Validate_scramble::~Validate_scramble
~Validate_scramble()
Validate_scramble destructor.
Definition: sha2_password_common.cc:299

sha2_password::Validate_scramble::m_rnd
const unsigned char * m_rnd
random string
Definition: i_sha2_password_common.h:152

sha2_password::Validate_scramble::m_digest_generator
Generate_digest * m_digest_generator
Digest generator class.
Definition: i_sha2_password_common.h:158

sha2_password::Validate_scramble::m_known
const unsigned char * m_known
SHA2(SHA2(plaintext_password))
Definition: i_sha2_password_common.h:150

sha2_password::Validate_scramble::validate
bool validate()
Validate the scramble.
Definition: sha2_password_common.cc:318

sha2_password::Validate_scramble::m_digest_length
unsigned int m_digest_length
length of the digest
Definition: i_sha2_password_common.h:160

sha2_password::Validate_scramble::m_rnd_length
unsigned int m_rnd_length
random string length
Definition: i_sha2_password_common.h:154

sha2_password::Validate_scramble::m_digest_type
Digest_info m_digest_type
Type of digest.
Definition: i_sha2_password_common.h:156

sha2_password::Validate_scramble::Validate_scramble
Validate_scramble(const unsigned char *scramble, const unsigned char *known, const unsigned char *rnd, unsigned int rnd_length, Digest_info digest_type=Digest_info::SHA256_DIGEST)
Validate scramble constructor.
Definition: sha2_password_common.cc:276

sha2_password::Validate_scramble::m_scramble
const unsigned char * m_scramble
scramble to be validated
Definition: i_sha2_password_common.h:148

rnd
static int rnd(int max_value)
Definition: hp_test2.cc:551

scramble
void scramble(char *to, const char *message, const char *password)
Produce an obscure octet sequence from password and random string, received from the server.
Definition: mysql_native_password.cc:137

gis::length
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:76

sha2_password
Definition: i_sha2_password.h:45

sha2_password::CACHING_SHA2_DIGEST_LENGTH
const unsigned int CACHING_SHA2_DIGEST_LENGTH
Definition: i_sha2_password_common.h:45

sha2_password::Digest_info
Digest_info
Supported digest information.
Definition: i_sha2_password_common.h:51

sha2_password::Digest_info::SHA256_DIGEST
@ SHA256_DIGEST

sha2_password::Digest_info::DIGEST_LAST
@ DIGEST_LAST

source
repeated Source source
Definition: replication_asynchronous_connection_failover.proto:42

sha2.h