MySQL 9.0.0
Source Code Documentation
Functions | Variables
webauthn_client_plugin.cc File Reference
#include <common.h>
#include <my_dbug.h>
#include <mysql.h>
#include <mysql/client_plugin.h>
#include <scope_guard.h>
#include "webauthn_assertion.h"
#include "webauthn_registration.h"

Functions

static bool do_registration ()
 WebAuthN client side registration method. More...
 
static int webauthn_auth_client_plugin_init (char *, size_t, int, va_list)
 authentication_webauthn_client plugin API to initialize More...
 
static int webauthn_auth_client_plugin_option (const char *option, const void *val)
 authentication_webauthn_client plugin API to allow client to pass optional data for plugin to process More...
 
static int webauthn_auth_client_get_plugin_option (const char *option, void *val)
 authentication_webauthn_client plugin API to allow client to get optional data from plugin More...
 
static int webauthn_auth_client (MYSQL_PLUGIN_VIO *vio, MYSQL *)
 WebAuthN client side authentication method. More...
 
 mysql_declare_client_plugin (AUTHENTICATION) "authentication_webauthn_client"
 

Variables

static bool is_fido_testing = false
 
static unsigned char registration_challenge [128] = {0}
 
static unsigned char * registration_challenge_response = nullptr
 
static bool preserve_privacy = false
 
plugin_messages_callback mc = nullptr
 
plugin_messages_callback_get_uint mc_get_uint = nullptr
 
plugin_messages_callback_get_password mc_get_password = nullptr
 
unsigned int libfido_device_id = 0
 The libfido "device" to use. More...
 
 MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE
 
Webauthn Client Authentication Plugin
 
Webauthn Client Authentication GPL
 
Webauthn Client Authentication nullptr
 
Webauthn Client Authentication webauthn_auth_client_plugin_init
 
Webauthn Client Authentication webauthn_auth_client_plugin_deinit ()
 Deinitialize authentication_webauthn_client plugin. More...
 
Webauthn Client Authentication webauthn_auth_client_plugin_option
 
Webauthn Client Authentication webauthn_auth_client_get_plugin_option
 
Webauthn Client Authentication webauthn_auth_client
 
Webauthn Client Authentication mysql_end_client_plugin
 

Function Documentation

◆ do_registration()

static bool do_registration ( )
static

WebAuthN client side registration method.

This method does following:

  1. Receive challenge from server side WebAuthN plugin. This challenge comprises of capability flag, username, salt and relying party name.
  2. Send this challenge to FIDO device and get the signature, authenticator data and x509 certificate generated by device. This along with client data JSON is sent to server as challenge response.
Returns
registration status
Return values
falseSuccessful registration
trueRegistration failure

◆ mysql_declare_client_plugin()

mysql_declare_client_plugin ( AUTHENTICATION  )

◆ webauthn_auth_client()

static int webauthn_auth_client ( MYSQL_PLUGIN_VIO vio,
MYSQL  
)
static

WebAuthN client side authentication method.

This method does following:

  1. Receive challenge from server side FIDO plugin. This challenge comprises of 1 byte capability, salt and relying party name.
  2. Construct client data hash in the form of JSON object comprising of salt, relying party name aka Origin. Set client data hash.
  3. If token device does not have CTAP2.1 protocol support, then request credential ID from server.
  4. Token will sign clientdatahash. Client will send authenticator data, signature and clientDataJSON to server to be verified.
Parameters
[in]vioVirtual I/O interface
Returns
authentication status
Return values
CR_OKSuccessful authentication
trueAuthentication failure

Get the challenge from the MySQL server.

Get the credential ID from MySQL server.

◆ webauthn_auth_client_get_plugin_option()

static int webauthn_auth_client_get_plugin_option ( const char *  option,
void *  val 
)
static

authentication_webauthn_client plugin API to allow client to get optional data from plugin

◆ webauthn_auth_client_plugin_init()

static int webauthn_auth_client_plugin_init ( char *  ,
size_t  ,
int  ,
va_list   
)
static

authentication_webauthn_client plugin API to initialize

◆ webauthn_auth_client_plugin_option()

static int webauthn_auth_client_plugin_option ( const char *  option,
const void *  val 
)
static

authentication_webauthn_client plugin API to allow client to pass optional data for plugin to process

Variable Documentation

◆ GPL

Webauthn Client Authentication GPL

◆ is_fido_testing

bool is_fido_testing = false
static

◆ libfido_device_id

unsigned int libfido_device_id = 0

The libfido "device" to use.

◆ mc

plugin_messages_callback mc = nullptr

◆ mc_get_password

plugin_messages_callback_get_password mc_get_password = nullptr

◆ mc_get_uint

plugin_messages_callback_get_uint mc_get_uint = nullptr

◆ MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE

MYSQL_CLIENT_PLUGIN_AUTHOR_ORACLE

◆ mysql_end_client_plugin

Webauthn Client Authentication mysql_end_client_plugin

◆ nullptr

Webauthn Client Authentication nullptr

◆ Plugin

Webauthn Client Authentication Plugin

◆ preserve_privacy

bool preserve_privacy = false
static

◆ registration_challenge

unsigned char registration_challenge[128] = {0}
static

◆ registration_challenge_response

unsigned char* registration_challenge_response = nullptr
static

◆ webauthn_auth_client

Webauthn Client Authentication webauthn_auth_client

◆ webauthn_auth_client_get_plugin_option

Webauthn Client Authentication webauthn_auth_client_get_plugin_option

◆ webauthn_auth_client_plugin_deinit

static int webauthn_auth_client_plugin_deinit

Deinitialize authentication_webauthn_client plugin.

◆ webauthn_auth_client_plugin_init

Webauthn Client Authentication webauthn_auth_client_plugin_init

◆ webauthn_auth_client_plugin_option

Webauthn Client Authentication webauthn_auth_client_plugin_option