apewer
/
apewer-dotnet
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
123 Commits
2 Branches
0 Tags
3.7 MiB
Tree: f65f1c0e1c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f65f1c0e1c'
${ noResults }
apewer-dotnet/Apewer.Source/Externals/MySql.Data-6.10.9/MySqlClient/Authentication/Sha256AuthenticationPlugin.cs

140 lines
5.3 KiB
Raw Normal View History

Apewer-6.4.0
4 years ago
  1. #if MYSQL_6_10
  3. // Copyright © 2013, 2018, Oracle and/or its affiliates. All rights reserved.
  4. //
  5. // MySQL Connector/NET is licensed under the terms of the GPLv2
  6. // <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>, like most
  7. // MySQL Connectors. There are special exceptions to the terms and
  8. // conditions of the GPLv2 as it is applied to this software, see the
  9. // FLOSS License Exception
  10. // <http://www.mysql.com/about/legal/licensing/foss-exception.html>.
  11. //
  12. // This program is free software; you can redistribute it and/or modify
  13. // it under the terms of the GNU General Public License as published
  14. // by the Free Software Foundation; version 2 of the License.
  15. //
  16. // This program is distributed in the hope that it will be useful, but
  17. // WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  18. // or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
  19. // for more details.
  20. //
  21. // You should have received a copy of the GNU General Public License along
  22. // with this program; if not, write to the Free Software Foundation, Inc.,
  23. // 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  25. using System;
  26. using System.Collections.Generic;
  27. using System.IO;
  28. using System.Text;
  29. using System.Security.Cryptography;
  30. #if NETSTANDARD1_3
  31. using AliasText = Externals.MySql.Data.MySqlClient.Framework.NetStandard1_3;
  32. #else
  33. using AliasText = System.Text;
  34. #endif
  36. namespace Externals.MySql.Data.MySqlClient.Authentication
  37. {
  38. /// <summary>
  39. /// The implementation of the sha256_password authentication plugin.
  40. /// </summary>
  41. internal class Sha256AuthenticationPlugin : MySqlAuthenticationPlugin
  42. {
  43. /// <summary>
  44. /// The byte array representation of the public key provided by the server.
  45. /// </summary>
  46. protected byte[] rawPubkey;
  48. public override string PluginName => "sha256_password";
  50. protected override byte[] MoreData(byte[] data)
  51. {
  52. rawPubkey = data;
  53. byte[] buffer = GetNonLengthEncodedPassword();
  54. return buffer;
  55. }
  57. public override object GetPassword()
  58. {
  59. if (Settings.SslMode != MySqlSslMode.None)
  60. {
  61. byte[] passBytes = Encoding.GetBytes(Settings.Password);
  62. byte[] buffer = new byte[passBytes.Length + 2];
  63. Array.Copy(passBytes, 0, buffer, 1, passBytes.Length);
  64. buffer[0] = (byte)(passBytes.Length + 1);
  65. buffer[buffer.Length - 1] = 0x00;
  66. return buffer;
  67. }
  68. else
  69. {
  70. if (Settings.Password.Length == 0) return new byte[1];
  71. // Send RSA encrypted, since the channel is not protected.
  72. else if (rawPubkey == null) return new byte[] { 0x01 };
  73. else if (!Settings.AllowPublicKeyRetrieval)
  74. throw new MySqlException(Resources.RSAPublicKeyRetrievalNotEnabled);
  75. else
  76. {
  77. byte[] bytes = GetRsaPassword(Settings.Password, AuthenticationData, rawPubkey);
  78. if (bytes != null && bytes.Length == 1 && bytes[0] == 0) return null;
  79. return bytes;
  80. }
  81. }
  82. }
  84. private byte[] GetNonLengthEncodedPassword()
  85. {
  86. // Required for AuthChange requests.
  87. if (Settings.SslMode != MySqlSslMode.None)
  88. {
  89. // Send as clear text, since the channel is already encrypted.
  90. byte[] passBytes = Encoding.GetBytes(Settings.Password);
  91. byte[] buffer = new byte[passBytes.Length + 1];
  92. Array.Copy(passBytes, 0, buffer, 0, passBytes.Length);
  93. buffer[passBytes.Length] = 0;
  94. return buffer;
  95. }
  96. else return GetPassword() as byte[];
  97. }
  99. private byte[] GetRsaPassword(string password, byte[] seedBytes, byte[] rawPublicKey)
  100. {
  101. if (password.Length == 0) return new byte[1];
  103. // Obfuscate the plain text password with the session scramble.
  104. byte[] obfuscated = GetXor(AliasText.Encoding.Default.GetBytes(password), seedBytes);
  106. // Encrypt the password and send it to the server.
  107. #if NETSTANDARD1_3
  108. RSA rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
  109. if (rsa == null)
  110. throw new MySqlException(Resources.UnableToReadRSAKey);
  111. return rsa.Encrypt(obfuscated, RSAEncryptionPadding.OaepSHA1);
  112. #else
  113. RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
  114. if (rsa == null)
  115. throw new MySqlException(Resources.UnableToReadRSAKey);
  117. return rsa.Encrypt(obfuscated, true);
  118. #endif
  119. }
  121. /// <summary>
  122. /// Applies XOR to the byte arrays provided as input.
  123. /// </summary>
  124. /// <returns>A byte array that contains the results of the XOR operation.</returns>
  125. protected byte[] GetXor(byte[] src, byte[] pattern)
  126. {
  127. byte[] src2 = new byte[src.Length + 1];
  128. Array.Copy(src, 0, src2, 0, src.Length);
  129. src2[src.Length] = 0;
  130. byte[] result = new byte[src2.Length];
  131. for (int i = 0; i < src2.Length; i++)
  132. {
  133. result[i] = (byte)(src2[i] ^ (pattern[i % pattern.Length]));
  134. }
  135. return result;
  136. }
  137. }
  138. }
  140. #endif