aboutsummaryrefslogtreecommitdiff
path: root/mysql/sql/auth/password.c
diff options
context:
space:
mode:
Diffstat (limited to 'mysql/sql/auth/password.c')
-rw-r--r--mysql/sql/auth/password.c378
1 files changed, 378 insertions, 0 deletions
diff --git a/mysql/sql/auth/password.c b/mysql/sql/auth/password.c
new file mode 100644
index 0000000..1f93350
--- /dev/null
+++ b/mysql/sql/auth/password.c
@@ -0,0 +1,378 @@
+/*
+ Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+/* password checking routines */
+/*****************************************************************************
+ The main idea is that no password are sent between client & server on
+ connection and that no password are saved in mysql in a decodable form.
+
+ On connection a random string is generated and sent to the client.
+ The client generates a new string with a random generator inited with
+ the hash values from the password and the sent string.
+ This 'check' string is sent to the server where it is compared with
+ a string generated from the stored hash_value of the password and the
+ random string.
+
+ The password is saved (in user.password) by using the PASSWORD() function in
+ mysql.
+
+ This is .c file because it's used in libmysqlclient, which is entirely in C.
+ (we need it to be portable to a variety of systems).
+ Example:
+ update user set password=PASSWORD("hello") where user="test"
+ This saves a hashed number as a string in the password field.
+
+ The new authentication is performed in following manner:
+
+ SERVER: public_seed=generate_user_salt()
+ send(public_seed)
+
+ CLIENT: recv(public_seed)
+ hash_stage1=sha1("password")
+ hash_stage2=sha1(hash_stage1)
+ reply=xor(hash_stage1, sha1(public_seed,hash_stage2)
+
+ // this three steps are done in scramble()
+
+ send(reply)
+
+
+ SERVER: recv(reply)
+ hash_stage1=xor(reply, sha1(public_seed,hash_stage2))
+ candidate_hash2=sha1(hash_stage1)
+ check(candidate_hash2==hash_stage2)
+
+ // this three steps are done in check_scramble()
+
+*****************************************************************************/
+
+#include <password.h>
+#include <my_global.h>
+#include <my_sys.h>
+#include <m_string.h>
+#include <sha1.h>
+#include <my_rnd.h>
+#include "mysql.h"
+#include "crypt_genhash_impl.h"
+
+void randominit(struct rand_struct *rand_st, ulong seed1, ulong seed2)
+{ /* For mysql 3.21.# */
+ rand_st->max_value= 0x3FFFFFFFL;
+ rand_st->max_value_dbl=(double) rand_st->max_value;
+ rand_st->seed1=seed1%rand_st->max_value ;
+ rand_st->seed2=seed2%rand_st->max_value;
+}
+
+/*
+ Generate binary hash from raw text string
+ Used for Pre-4.1 password handling
+ SYNOPSIS
+ hash_password()
+ result OUT store hash in this location
+ password IN plain text password to build hash
+ password_len IN password length (password may be not null-terminated)
+*/
+
+void hash_password(ulong *result, const char *password, uint password_len)
+{
+ ulong nr=1345345333L, add=7, nr2=0x12345671L;
+ ulong tmp;
+ const char *password_end= password + password_len;
+ for (; password < password_end; password++)
+ {
+ if (*password == ' ' || *password == '\t')
+ continue; /* skip space in password */
+ tmp= (ulong) (uchar) *password;
+ nr^= (((nr & 63)+add)*tmp)+ (nr << 8);
+ nr2+=(nr2 << 8) ^ nr;
+ add+=tmp;
+ }
+ result[0]=nr & (((ulong) 1L << 31) -1L); /* Don't use sign bit (str2int) */;
+ result[1]=nr2 & (((ulong) 1L << 31) -1L);
+}
+
+static inline uint8 char_val(uint8 X)
+{
+ return (uint) (X >= '0' && X <= '9' ? X - '0' :
+ X >= 'A' && X <= 'Z' ? X - 'A' + 10 : X - 'a' + 10);
+}
+
+/* Character to use as version identifier for version 4.1 */
+
+#define PVERSION41_CHAR '*'
+
+
+/*
+ Convert given octet sequence to asciiz string of hex characters;
+ str..str+len and 'to' may not overlap.
+ SYNOPSIS
+ octet2hex()
+ buf OUT output buffer. Must be at least 2*len+1 bytes
+ str, len IN the beginning and the length of the input string
+
+ RETURN
+ buf+len*2
+*/
+
+char *octet2hex(char *to, const char *str, uint len)
+{
+ const char *str_end= str + len;
+ for (; str != str_end; ++str)
+ {
+ *to++= _dig_vec_upper[((uchar) *str) >> 4];
+ *to++= _dig_vec_upper[((uchar) *str) & 0x0F];
+ }
+ *to= '\0';
+ return to;
+}
+
+
+/*
+ Convert given asciiz string of hex (0..9 a..f) characters to octet
+ sequence.
+ SYNOPSIS
+ hex2octet()
+ to OUT buffer to place result; must be at least len/2 bytes
+ str, len IN begin, length for character string; str and to may not
+ overlap; len % 2 == 0
+*/
+
+static void
+hex2octet(uint8 *to, const char *str, uint len)
+{
+ const char *str_end= str + len;
+ while (str < str_end)
+ {
+ char tmp= char_val(*str++);
+ *to++= (tmp << 4) | char_val(*str++);
+ }
+}
+
+
+/*
+ Encrypt/Decrypt function used for password encryption in authentication.
+ Simple XOR is used here but it is OK as we crypt random strings. Note,
+ that XOR(s1, XOR(s1, s2)) == s2, XOR(s1, s2) == XOR(s2, s1)
+ SYNOPSIS
+ my_crypt()
+ to OUT buffer to hold crypted string; must be at least len bytes
+ long; to and s1 (or s2) may be the same.
+ s1, s2 IN input strings (of equal length)
+ len IN length of s1 and s2
+*/
+
+static void
+my_crypt(char *to, const uchar *s1, const uchar *s2, uint len)
+{
+ const uint8 *s1_end= s1 + len;
+ while (s1 < s1_end)
+ *to++= *s1++ ^ *s2++;
+}
+
+#if defined(HAVE_OPENSSL)
+void my_make_scrambled_password(char *to, const char *password,
+ size_t pass_len)
+{
+
+ char salt[CRYPT_SALT_LENGTH + 1];
+
+ generate_user_salt(salt, CRYPT_SALT_LENGTH + 1);
+ my_crypt_genhash(to,
+ CRYPT_MAX_PASSWORD_SIZE,
+ password,
+ pass_len,
+ salt,
+ 0);
+
+}
+#endif
+/**
+ Compute two stage SHA1 hash of the password :
+
+ hash_stage1=sha1("password")
+ hash_stage2=sha1(hash_stage1)
+
+ @param password [IN] Password string.
+ @param pass_len [IN] Length of the password.
+ @param hash_stage1 [OUT] sha1(password)
+ @param hash_stage2 [OUT] sha1(hash_stage1)
+*/
+
+inline static
+void compute_two_stage_sha1_hash(const char *password, size_t pass_len,
+ uint8 *hash_stage1, uint8 *hash_stage2)
+{
+ /* Stage 1: hash password */
+ compute_sha1_hash(hash_stage1, password, pass_len);
+
+ /* Stage 2 : hash first stage's output. */
+ compute_sha1_hash(hash_stage2, (const char *) hash_stage1, SHA1_HASH_SIZE);
+}
+
+
+/*
+ MySQL 4.1.1 password hashing: SHA conversion (see RFC 2289, 3174) twice
+ applied to the password string, and then produced octet sequence is
+ converted to hex string.
+ The result of this function is used as return value from PASSWORD() and
+ is stored in the database.
+ SYNOPSIS
+ my_make_scrambled_password_sha1()
+ buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
+ password IN password string
+ pass_len IN length of password string
+*/
+
+void my_make_scrambled_password_sha1(char *to, const char *password,
+ size_t pass_len)
+{
+ uint8 hash_stage2[SHA1_HASH_SIZE];
+
+ /* Two stage SHA1 hash of the password. */
+ compute_two_stage_sha1_hash(password, pass_len, (uint8 *) to, hash_stage2);
+
+ /* convert hash_stage2 to hex string */
+ *to++= PVERSION41_CHAR;
+ octet2hex(to, (const char*) hash_stage2, SHA1_HASH_SIZE);
+}
+
+
+/*
+ Wrapper around my_make_scrambled_password() to maintain client lib ABI
+ compatibility.
+ In server code usage of my_make_scrambled_password() is preferred to
+ avoid strlen().
+ SYNOPSIS
+ make_scrambled_password()
+ buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
+ password IN NULL-terminated password string
+*/
+
+void make_scrambled_password(char *to, const char *password)
+{
+ my_make_scrambled_password_sha1(to, password, strlen(password));
+}
+
+
+/*
+ Produce an obscure octet sequence from password and random
+ string, received from the server. This sequence corresponds to the
+ password, but password can not be easily restored from it. The sequence
+ is then sent to the server for validation. Trailing zero is not stored
+ in the buf as it is not needed.
+ This function is used by client to create authenticated reply to the
+ server's greeting.
+ SYNOPSIS
+ scramble()
+ buf OUT store scrambled string here. The buf must be at least
+ SHA1_HASH_SIZE bytes long.
+ message IN random message, must be exactly SCRAMBLE_LENGTH long and
+ NULL-terminated.
+ password IN users' password
+*/
+
+void
+scramble(char *to, const char *message, const char *password)
+{
+ uint8 hash_stage1[SHA1_HASH_SIZE];
+ uint8 hash_stage2[SHA1_HASH_SIZE];
+
+ /* Two stage SHA1 hash of the password. */
+ compute_two_stage_sha1_hash(password, strlen(password), hash_stage1,
+ hash_stage2);
+
+ /* create crypt string as sha1(message, hash_stage2) */;
+ compute_sha1_hash_multi((uint8 *) to, message, SCRAMBLE_LENGTH,
+ (const char *) hash_stage2, SHA1_HASH_SIZE);
+ my_crypt(to, (const uchar *) to, hash_stage1, SCRAMBLE_LENGTH);
+}
+
+
+/*
+ Check that scrambled message corresponds to the password; the function
+ is used by server to check that received reply is authentic.
+ This function does not check lengths of given strings: message must be
+ null-terminated, reply and hash_stage2 must be at least SHA1_HASH_SIZE
+ long (if not, something fishy is going on).
+ SYNOPSIS
+ check_scramble_sha1()
+ scramble clients' reply, presumably produced by scramble()
+ message original random string, previously sent to client
+ (presumably second argument of scramble()), must be
+ exactly SCRAMBLE_LENGTH long and NULL-terminated.
+ hash_stage2 hex2octet-decoded database entry
+ All params are IN.
+
+ RETURN VALUE
+ 0 password is correct
+ !0 password is invalid
+*/
+
+my_bool
+check_scramble_sha1(const uchar *scramble_arg, const char *message,
+ const uint8 *hash_stage2)
+{
+ uint8 buf[SHA1_HASH_SIZE];
+ uint8 hash_stage2_reassured[SHA1_HASH_SIZE];
+
+ /* create key to encrypt scramble */
+ compute_sha1_hash_multi(buf, message, SCRAMBLE_LENGTH,
+ (const char *) hash_stage2, SHA1_HASH_SIZE);
+ /* encrypt scramble */
+ my_crypt((char *) buf, buf, scramble_arg, SCRAMBLE_LENGTH);
+
+ /* now buf supposedly contains hash_stage1: so we can get hash_stage2 */
+ compute_sha1_hash(hash_stage2_reassured, (const char *) buf, SHA1_HASH_SIZE);
+
+ return MY_TEST(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
+}
+
+my_bool
+check_scramble(const uchar *scramble_arg, const char *message,
+ const uint8 *hash_stage2)
+{
+ return check_scramble_sha1(scramble_arg, message, hash_stage2);
+}
+
+/*
+ Convert scrambled password from asciiz hex string to binary form.
+
+ SYNOPSIS
+ get_salt_from_password()
+ res OUT buf to hold password. Must be at least SHA1_HASH_SIZE
+ bytes long.
+ password IN 4.1.1 version value of user.password
+*/
+
+void get_salt_from_password(uint8 *hash_stage2, const char *password)
+{
+ hex2octet(hash_stage2, password+1 /* skip '*' */, SHA1_HASH_SIZE * 2);
+}
+
+/*
+ Convert scrambled password from binary form to asciiz hex string.
+ SYNOPSIS
+ make_password_from_salt()
+ to OUT store resulting string here, 2*SHA1_HASH_SIZE+2 bytes
+ salt IN password in salt format
+*/
+
+void make_password_from_salt(char *to, const uint8 *hash_stage2)
+{
+ *to++= PVERSION41_CHAR;
+ octet2hex(to, (const char*) hash_stage2, SHA1_HASH_SIZE);
+}
+
generated by cgit v1.1 at 2024-04-19 13:09:30 +0000