com.mysql.cj.protocol.a.authentication.MysqlOldPasswordPlugin Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of mysql-connector-j Show documentation
Show all versions of mysql-connector-j Show documentation
JDBC Type 4 driver for MySQL.
/*
* Copyright (c) 2012, 2024, Oracle and/or its affiliates.
*
* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License, version 2.0, as published by
* the Free Software Foundation.
*
* This program is designed to work with certain software that is licensed under separate terms, as designated in a particular file or component or in
* included license documentation. The authors of MySQL hereby grant you an additional permission to link the program and your derivative works with the
* separately licensed software that they have either included with the program or referenced in the documentation.
*
* Without limiting anything contained in the foregoing, this file, which is part of MySQL Connector/J, is also subject to the Universal FOSS Exception,
* version 1.0, a copy of which can be found at http://oss.oracle.com/licenses/universal-foss-exception.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License, version 2.0, for more details.
*
* You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
package com.mysql.cj.protocol.a.authentication;
import java.io.UnsupportedEncodingException;
import java.util.List;
import com.mysql.cj.callback.MysqlCallbackHandler;
import com.mysql.cj.callback.UsernameCallback;
import com.mysql.cj.protocol.AuthenticationPlugin;
import com.mysql.cj.protocol.Protocol;
import com.mysql.cj.protocol.a.NativeConstants.IntegerDataType;
import com.mysql.cj.protocol.a.NativeConstants.StringSelfDataType;
import com.mysql.cj.protocol.a.NativePacketPayload;
import com.mysql.cj.util.StringUtils;
/**
* MySQL Native Old-Password Authentication Plugin
*/
public class MysqlOldPasswordPlugin implements AuthenticationPlugin {
public static String PLUGIN_NAME = "mysql_old_password";
private Protocol protocol = null;
private MysqlCallbackHandler usernameCallbackHandler = null;
private String password = null;
@Override
public void init(Protocol prot, MysqlCallbackHandler cbh) {
this.protocol = prot;
this.usernameCallbackHandler = cbh;
}
@Override
public void destroy() {
reset();
this.protocol = null;
this.usernameCallbackHandler = null;
this.password = null;
}
@Override
public String getProtocolPluginName() {
return PLUGIN_NAME;
}
@Override
public boolean requiresConfidentiality() {
return false;
}
@Override
public boolean isReusable() {
return true;
}
@Override
public void setAuthenticationParameters(String user, String password) {
this.password = password;
if (user == null && this.usernameCallbackHandler != null) {
// Fall back to system login user.
this.usernameCallbackHandler.handle(new UsernameCallback(System.getProperty("user.name")));
}
}
@Override
public boolean nextAuthenticationStep(NativePacketPayload fromServer, List toServer) {
toServer.clear();
NativePacketPayload packet = null;
String pwd = this.password;
if (fromServer == null || pwd == null || pwd.length() == 0) {
packet = new NativePacketPayload(new byte[0]);
} else {
packet = new NativePacketPayload(StringUtils.getBytes(newCrypt(pwd, fromServer.readString(StringSelfDataType.STRING_TERM, null).substring(0, 8),
this.protocol.getServerSession().getCharsetSettings().getPasswordCharacterEncoding())));
packet.setPosition(packet.getPayloadLength());
packet.writeInteger(IntegerDataType.INT1, 0);
packet.setPosition(0);
}
toServer.add(packet);
return true;
}
// Right from Monty's code
private static String newCrypt(String password, String seed, String encoding) {
byte b;
double d;
if (password == null || password.length() == 0) {
return password;
}
long[] pw = newHash(seed.getBytes());
long[] msg = hashPre41Password(password, encoding);
long max = 0x3fffffffL;
long seed1 = (pw[0] ^ msg[0]) % max;
long seed2 = (pw[1] ^ msg[1]) % max;
char[] chars = new char[seed.length()];
for (int i = 0; i < seed.length(); i++) {
seed1 = (seed1 * 3 + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor(d * 31 + 64);
chars[i] = (char) b;
}
seed1 = (seed1 * 3 + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor(d * 31);
for (int i = 0; i < seed.length(); i++) {
chars[i] ^= (char) b;
}
return new String(chars);
}
private static long[] hashPre41Password(String password, String encoding) {
// remove white spaces and convert to bytes
try {
return newHash(password.replaceAll("\\s", "").getBytes(encoding));
} catch (UnsupportedEncodingException e) {
return new long[0];
}
}
private static long[] newHash(byte[] password) {
long nr = 1345345333L;
long add = 7;
long nr2 = 0x12345671L;
long tmp;
for (byte b : password) {
tmp = 0xff & b;
nr ^= ((nr & 63) + add) * tmp + (nr << 8);
nr2 += nr2 << 8 ^ nr;
add += tmp;
}
long[] result = new long[2];
result[0] = nr & 0x7fffffffL;
result[1] = nr2 & 0x7fffffffL;
return result;
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy