MySQL 9.0.0
Source Code Documentation
kdf_pbkdf2.h
Go to the documentation of this file.
1/*
2 Copyright (c) 2018, 2024, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is designed to work with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have either included with
14 the program or referenced in the documentation.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24*/
25#ifndef MYSQLROUTER_KDF_PBKDF2_INCLUDED
26#define MYSQLROUTER_KDF_PBKDF2_INCLUDED
27
28#include <cstdint>
29#include <stdexcept>
30#include <string>
31#include <vector>
32
33#include "mcf_error.h"
35
36/**
37 * Key Derivation Function for PBKDF2.
38 *
39 * See: RFC 2898
40 *
41 * while PBKDF2 support several hash-functions, only the most commonly used,
42 * secure variants are exposed:
43 *
44 * - SHA256
45 * - SHA512
46 *
47 * while the insecure ones are not offered:
48 *
49 * - SHA1
50 *
51 * Other HMACs of (https://tools.ietf.org/html/rfc8018#appendix-B.1.2)
52 * may be added:
53 *
54 * - SHA224
55 * - SHA384
56 * - SHA512-224
57 * - SHA512-256
58 */
60 public:
61 enum class Type { Sha_256, Sha_512 };
62 static std::vector<uint8_t> salt();
63 static std::vector<uint8_t> derive(Type type, unsigned long rounds,
64 const std::vector<uint8_t> &salt,
65 const std::string &key);
66};
67
68/**
69 * map the MCF name to internal types.
70 *
71 * MCF-name are taking from passlib:
72 *
73 * https://passlib.readthedocs.io/en/stable/modular_crypt_format.html#application-defined-hashes
74 */
76 public:
78 static constexpr char kTypeSha256[] = "pbkdf2-sha256";
79 static constexpr char kTypeSha512[] = "pbkdf2-sha512";
80
81 static std::pair<bool, std::string> name(Type type) noexcept {
82 switch (type) {
83 case Type::Sha_256:
84 return std::make_pair(true, kTypeSha256);
85 case Type::Sha_512:
86 return std::make_pair(true, kTypeSha512);
87 }
88
89 return std::make_pair(false, std::string{});
90 }
91
92 static std::pair<bool, Type> type(const std::string &name) noexcept {
93 if (name == kTypeSha256) {
94 return std::make_pair(true, Type::Sha_256);
95 } else if (name == kTypeSha512) {
96 return std::make_pair(true, Type::Sha_512);
97 }
98
99 return std::make_pair(false, Type{});
100 }
101
102 static bool supports_name(const std::string &name) noexcept {
103 if (name == kTypeSha256) {
104 return true;
105 } else if (name == kTypeSha512) {
106 return true;
107 }
108
109 return false;
110 }
111};
112
113/**
114 * MCF reader/writer for PBKDF2.
115 */
117 public:
121
122 /**
123 * rounds if no rounds was specified in from_mcf().
124 */
125 static constexpr unsigned long kDefaultRounds = 1000;
126 /**
127 * minimum rounds.
128 */
129 static constexpr unsigned long kMinRounds = 1;
130 /**
131 * maximum rounds.
132 */
133 static constexpr unsigned long kMaxRounds = 999999999;
134 /**
135 * maximum length of the salt.
136 *
137 * only the first kMaxSaltLength bytes of the salt will be used.
138 */
139 static constexpr size_t kMaxSaltLength = 16;
140
141 Pbkdf2McfAdaptor(Type type, unsigned long rounds,
142 const std::vector<uint8_t> &salt,
143 const std::vector<uint8_t> &checksum)
144 : type_{type}, rounds_{rounds}, salt_{salt}, checksum_{checksum} {
145 // limit salt
146 if (salt_.size() > kMaxSaltLength) {
147 salt_.resize(kMaxSaltLength);
148 }
149
150 // limit rounds to allow range
151 if (rounds_ < kMinRounds) rounds_ = kMinRounds;
152 if (rounds_ > kMaxRounds) rounds_ = kMaxRounds;
153 }
154
155 /**
156 * name of the digest according to MCF.
157 *
158 * - pbkdf2_sha256 for SHA256
159 * - pbkdf2_sha512 for SHA512
160 */
161 std::string mcf_id() const {
162 auto r = mcf_type::name(digest());
163 if (r.first) return r.second;
164
165 throw std::invalid_argument("failed to map digest to a name");
166 }
167
168 /**
169 * checksum.
170 *
171 * RFC4648 base64 encoded
172 */
173 std::vector<uint8_t> checksum() const { return checksum_; }
174
175 /**
176 * salt.
177 *
178 * @pre must be [a-z0-9]*
179 */
180 std::vector<uint8_t> salt() const { return salt_; }
181
182 /**
183 *
184 */
185 Type digest() const { return type_; }
186
187 /**
188 * rounds.
189 *
190 * rounds the hash will be applied on itself.
191 */
192 unsigned long rounds() const { return rounds_; }
193
194 /**
195 * build PBKDF2 from a MCF notation.
196 *
197 * - ${prefix}${rounds}${salt}${checksum}
198 * - ${prefix}${rounds}${salt}
199 *
200 * prefix
201 * : pbkdf2_sha256|pbkdf2_sha512
202 *
203 * rounds
204 * : [1-9][0-9]*
205 *
206 * salt
207 * : [^$]*
208 *
209 * checksum
210 * : [./a-zA-Z0-0]*
211 */
212 static Pbkdf2McfAdaptor from_mcf(const std::string &data);
213
214 /**
215 * encode to MCF.
216 *
217 * MCF (Modular Crypt Format)
218 */
219 std::string to_mcf() const;
220
221 /**
222 * Base64 encode.
223 *
224 * Variant of RFC... with a different alphabet
225 *
226 * - no whitespace
227 * - no padding
228 * - . and / as altchars instead of + and /
229 */
230 static std::vector<uint8_t> base64_decode(const std::string &binary);
231
232 /**
233 * Base64 decode.
234 *
235 * Variant of RFC... with a different alphabet
236 */
237 static std::string base64_encode(const std::vector<uint8_t> &encoded);
238
239 /**
240 * derive a checksum from a key.
241 *
242 * updates checksum
243 */
244 void derive(const std::string &key) {
245 checksum_ = kdf_type::derive(type_, rounds(), salt(), key);
246 }
247
248 static bool supports_mcf_id(const std::string mcf_id) {
249 return mcf_type::supports_name(mcf_id);
250 }
251
252 static std::error_code validate(const std::string &mcf_line,
253 const std::string &password) {
254 try {
255 auto mcf = from_mcf(mcf_line);
256 if (kdf_type::derive(mcf.digest(), mcf.rounds(), mcf.salt(), password) ==
257 mcf.checksum()) {
258 return {};
259 } else {
261 }
262 } catch (const std::exception &) {
263 // whatever the exception was, make it a parse-error
265 }
266 }
267
268 private:
270 unsigned long rounds_;
271 std::vector<uint8_t> salt_;
272 std::vector<uint8_t> checksum_;
273};
274
275#endif
MCF reader/writer for PBKDF2.
Definition: kdf_pbkdf2.h:116
std::vector< uint8_t > checksum() const
checksum.
Definition: kdf_pbkdf2.h:173
void derive(const std::string &key)
derive a checksum from a key.
Definition: kdf_pbkdf2.h:244
unsigned long rounds_
Definition: kdf_pbkdf2.h:270
static std::error_code validate(const std::string &mcf_line, const std::string &password)
Definition: kdf_pbkdf2.h:252
std::vector< uint8_t > salt() const
salt.
Definition: kdf_pbkdf2.h:180
std::vector< uint8_t > salt_
Definition: kdf_pbkdf2.h:271
unsigned long rounds() const
rounds.
Definition: kdf_pbkdf2.h:192
std::vector< uint8_t > checksum_
Definition: kdf_pbkdf2.h:272
std::string mcf_id() const
name of the digest according to MCF.
Definition: kdf_pbkdf2.h:161
static bool supports_mcf_id(const std::string mcf_id)
Definition: kdf_pbkdf2.h:248
Type digest() const
Definition: kdf_pbkdf2.h:185
Type type_
Definition: kdf_pbkdf2.h:269
Pbkdf2McfAdaptor(Type type, unsigned long rounds, const std::vector< uint8_t > &salt, const std::vector< uint8_t > &checksum)
Definition: kdf_pbkdf2.h:141
map the MCF name to internal types.
Definition: kdf_pbkdf2.h:75
static bool supports_name(const std::string &name) noexcept
Definition: kdf_pbkdf2.h:102
static constexpr char kTypeSha256[]
Definition: kdf_pbkdf2.h:78
static std::pair< bool, std::string > name(Type type) noexcept
Definition: kdf_pbkdf2.h:81
static std::pair< bool, Type > type(const std::string &name) noexcept
Definition: kdf_pbkdf2.h:92
static constexpr char kTypeSha512[]
Definition: kdf_pbkdf2.h:79
Key Derivation Function for PBKDF2.
Definition: kdf_pbkdf2.h:59
Type
Definition: kdf_pbkdf2.h:61
#define HTTP_AUTH_BACKEND_LIB_EXPORT
Definition: http_auth_backend_lib_export.h:15
static int64 base64_decode(const char *src_base, size_t len, void *dst, const char **end_ptr, int flags)
Decode a base64 string The base64-encoded data in the range ['src','*end_ptr') will be decoded and st...
Definition: base64.h:304
static int base64_encode(const void *src, size_t src_len, char *dst)
Definition: base64.h:243
@ kPasswordNotMatched
static char * password
Definition: mysql_secure_installation.cc:58
constexpr value_type binary
Definition: classic_protocol_constants.h:275
std::error_code make_error_code(DynamicLoaderErrc ec)
make error_code from a DynamicLoaderErrc.
Definition: dynamic_loader.cc:79
Type
Definition: resource_group_basic_types.h:33
const mysql_service_registry_t * r
Definition: pfs_example_plugin_employee.cc:86
required string key
Definition: replication_asynchronous_connection_failover.proto:60
required string type
Definition: replication_group_member_actions.proto:34
case opt name
Definition: sslopt-case.h:29