Merge pull request #345 from Drake103/caching-sha2-password-support

Implement caching_sha2_password support.

Author: bgrainger

.ci/docker-run.sh

@@ -49,6 +49,11 @@ for i in `seq 1 30`; do
 		if [ $? -ne 0 ]; then continue; fi
 	fi
 
+	if [[ $FEATURES == *"CachingSha2Password"* ]]; then
+		docker exec -it $NAME bash -c 'mysql -uroot -ptest < /etc/mysql/conf.d/init_caching_sha2.sql' >/dev/null 2>&1
+		if [ $? -ne 0 ]; then continue; fi
+	fi
+
 	# exit if successful
 	docker exec -it $NAME mysql -ussltest -ptest \
 		--ssl-mode=REQUIRED \

.ci/server/init_caching_sha2.sql

@@ -0,0 +1,2 @@
+CREATE USER 'caching-sha2-user'@'%' IDENTIFIED WITH caching_sha2_password BY 'Cach!ng-Sh@2-Pa55';
+GRANT ALL PRIVILEGES ON *.* TO 'caching-sha2-user'@'%';

.travis.yml

@@ -11,7 +11,7 @@ env:
     FEATURES=Json,StoredProcedures,Sha256Password,LargePackets
   - IMAGE=mysql:8.0
     NAME=mysql
-    FEATURES=Json,StoredProcedures,Sha256Password,LargePackets
+    FEATURES=Json,StoredProcedures,Sha256Password,LargePackets,CachingSha2Password
   - IMAGE=percona:5.7
     NAME=percona
     FEATURES=Json,StoredProcedures,Sha256Password,OpenSsl,LargePackets

src/MySqlConnector/Serialization/AuthenticationUtility.cs

@@ -1,4 +1,5 @@
-using System;
+using System;
+using System.Linq;
 using System.Security.Cryptography;
 using System.Text;
 
@@ -39,5 +40,35 @@ public static byte[] HashPassword(byte[] challenge, int offset, string password)
 		}
 
 		static readonly byte[] s_emptyArray = new byte[0];
+
+		public static byte[] CreateScrambleResponse(byte[] nonce, string password)
+		{
+			var scrambleResponse = string.IsNullOrEmpty(password)
+				? s_emptyArray
+				: HashPasswordWithNonce(nonce, password);
+
+			return scrambleResponse;
+		}
+
+		private static byte[] HashPasswordWithNonce(byte[] nonce, string password)
+		{
+			using (var sha256 = SHA256.Create())
+			{
+				var passwordBytes = Encoding.UTF8.GetBytes(password);
+				var hashedPassword = sha256.ComputeHash(passwordBytes);
+
+				var doubleHashedPassword = sha256.ComputeHash(hashedPassword);
+				var combined = new byte[doubleHashedPassword.Length + nonce.Length];
+
+				Buffer.BlockCopy(doubleHashedPassword, 0, combined, 0, doubleHashedPassword.Length);
+				Buffer.BlockCopy(nonce, 0, combined, doubleHashedPassword.Length, nonce.Length);
+
+				var xorBytes = sha256.ComputeHash(combined);
+				for (int i = 0; i < hashedPassword.Length; i++)
+					hashedPassword[i] ^= xorBytes[i];
+
+				return hashedPassword;
+			}
+		}
 	}
 }

src/MySqlConnector/Serialization/CachingSha2ServerResponsePayload.cs

@@ -0,0 +1,32 @@
+namespace MySql.Data.Serialization
+{
+	internal class CachingSha2ServerResponsePayload
+	{
+		public const byte Signature = 0x01;
+
+		public const byte SuccessSignature = 0x03;
+
+		public const byte FullAuthRequiredSignature = 0x04;
+
+		private CachingSha2ServerResponsePayload(bool succeeded, bool fullAuthRequired)
+		{
+			Succeeded = succeeded;
+			FullAuthRequired = fullAuthRequired;
+		}
+
+		public bool Succeeded { get; }
+
+		public bool FullAuthRequired { get; }
+
+		public static CachingSha2ServerResponsePayload Create(PayloadData payload)
+		{
+			var reader = new ByteArrayReader(payload.ArraySegment);
+			reader.ReadByte(Signature);
+			var secondByte = reader.ReadByte();
+
+			return new CachingSha2ServerResponsePayload(
+				secondByte == SuccessSignature,
+				secondByte == FullAuthRequiredSignature);
+		}
+	}
+}

src/MySqlConnector/Serialization/MySqlSession.cs

@@ -216,7 +216,7 @@ public async Task ConnectAsync(ConnectionSettings cs, IOBehavior ioBehavior, Can
 				authPluginName = initialHandshake.AuthPluginName;
 			else
 				authPluginName = (initialHandshake.ProtocolCapabilities & ProtocolCapabilities.SecureConnection) == 0 ? "mysql_old_password" : "mysql_native_password";
-			if (authPluginName != "mysql_native_password" && authPluginName != "sha256_password")
+			if (authPluginName != "mysql_native_password" && authPluginName != "sha256_password" && authPluginName != "caching_sha2_password")
 				throw new NotSupportedException("Authentication method '{0}' is not supported.".FormatInvariant(initialHandshake.AuthPluginName));
 
 			ServerVersion = new ServerVersion(Encoding.ASCII.GetString(initialHandshake.ServerVersion));
@@ -246,8 +246,7 @@ public async Task ConnectAsync(ConnectionSettings cs, IOBehavior ioBehavior, Can
 			// if server doesn't support the authentication fast path, it will send a new challenge
 			if (payload.HeaderByte == AuthenticationMethodSwitchRequestPayload.Signature)
 			{
-				await SwitchAuthenticationAsync(cs, payload, ioBehavior, cancellationToken).ConfigureAwait(false);
-				payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+				payload = await SwitchAuthenticationAsync(cs, payload, ioBehavior, cancellationToken).ConfigureAwait(false);
 			}
 
 			OkPayload.Create(payload);
@@ -283,8 +282,7 @@ public async Task<bool> TryResetConnectionAsync(ConnectionSettings cs, IOBehavio
 					payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
 					if (payload.HeaderByte == AuthenticationMethodSwitchRequestPayload.Signature)
 					{
-						await SwitchAuthenticationAsync(cs, payload, ioBehavior, cancellationToken).ConfigureAwait(false);
-						payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+						payload = await SwitchAuthenticationAsync(cs, payload, ioBehavior, cancellationToken).ConfigureAwait(false);
 					}
 					OkPayload.Create(payload);
 				}
@@ -301,7 +299,7 @@ public async Task<bool> TryResetConnectionAsync(ConnectionSettings cs, IOBehavio
 			return false;
 		}
 
-		private async Task SwitchAuthenticationAsync(ConnectionSettings cs, PayloadData payload, IOBehavior ioBehavior, CancellationToken cancellationToken)
+		private async Task<PayloadData> SwitchAuthenticationAsync(ConnectionSettings cs, PayloadData payload, IOBehavior ioBehavior, CancellationToken cancellationToken)
 		{
 			// if the server didn't support the hashed password; rehash with the new challenge
 			var switchRequest = AuthenticationMethodSwitchRequestPayload.Create(payload);
@@ -312,82 +310,57 @@ private async Task SwitchAuthenticationAsync(ConnectionSettings cs, PayloadData
 				var hashedPassword = AuthenticationUtility.CreateAuthenticationResponse(AuthPluginData, 0, cs.Password);
 				payload = new PayloadData(new ArraySegment<byte>(hashedPassword));
 				await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
-				break;
+				return await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
 
 			case "mysql_clear_password":
 				if (!m_isSecureConnection)
 					throw new MySqlException("Authentication method '{0}' requires a secure connection.".FormatInvariant(switchRequest.Name));
 				payload = new PayloadData(new ArraySegment<byte>(Encoding.UTF8.GetBytes(cs.Password)));
 				await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
-				break;
+				return await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
 
-			case "sha256_password":
-				// add NUL terminator to password
-				var passwordBytes = Encoding.UTF8.GetBytes(cs.Password);
-				Array.Resize(ref passwordBytes, passwordBytes.Length + 1);
+			case "caching_sha2_password":
+				var scrambleBytes = AuthenticationUtility.CreateScrambleResponse(Utility.TrimZeroByte(switchRequest.Data), cs.Password);
+				payload = new PayloadData(new ArraySegment<byte>(scrambleBytes));
+				await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+				payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+
+				var cachingSha2ServerResponsePayload = CachingSha2ServerResponsePayload.Create(payload);
 
-				if (!m_isSecureConnection && passwordBytes.Length > 1)
+				if (cachingSha2ServerResponsePayload.Succeeded)
+				{
+					return await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+				}
+
+				if (!m_isSecureConnection && cs.Password.Length > 1)
 				{
 #if NET45
 					throw new MySqlException("Authentication method '{0}' requires a secure connection (prior to .NET 4.6).".FormatInvariant(switchRequest.Name));
 #else
-					string publicKey;
-					if (!string.IsNullOrEmpty(cs.ServerRsaPublicKeyFile))
-					{
-						try
-						{
-							publicKey = File.ReadAllText(cs.ServerRsaPublicKeyFile);
-						}
-						catch (IOException ex)
-						{
-							throw new MySqlException("Couldn't load server's RSA public key from '{0}'".FormatInvariant(cs.ServerRsaPublicKeyFile), ex);
-						}
-					}
-					else if (cs.AllowPublicKeyRetrieval)
-					{
-						// request the RSA public key
-						await SendReplyAsync(new PayloadData(new ArraySegment<byte>(new byte[] { 0x01 }, 0, 1)), ioBehavior, cancellationToken).ConfigureAwait(false);
-						payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
-						var publicKeyPayload = AuthenticationMoreDataPayload.Create(payload);
-						publicKey = Encoding.ASCII.GetString(publicKeyPayload.Data);
-					}
-					else
-					{
-						throw new MySqlException("Authentication method '{0}' failed. Either use a secure connection, specify the server's RSA public key with ServerRSAPublicKeyFile, or set AllowPublicKeyRetrieval=True.".FormatInvariant(switchRequest.Name));
-					}
 
-					// load the RSA public key
-					RSA rsa;
-					try
-					{
-						rsa = Utility.DecodeX509PublicKey(publicKey);
-					}
-					catch (Exception ex)
-					{
-						throw new MySqlException("Couldn't load server's RSA public key; try using a secure connection instead.", ex);
-					}
+					var rsaPublicKey = await GetRsaPublicKeyForCachingSha2PasswordAsync(switchRequest.Name, cs, ioBehavior, cancellationToken);
+					return await SendEncryptedPasswordAsync(rsaPublicKey, RSAEncryptionPadding.Pkcs1, cs, ioBehavior, switchRequest, cancellationToken);
+#endif
+				}
+				else
+				{
+					return await SendClearPasswordAsync(cs, ioBehavior, cancellationToken);
+				}
 
-					using (rsa)
-					{
-						// XOR the password bytes with the challenge
-						AuthPluginData = Utility.TrimZeroByte(switchRequest.Data);
-						for (int i = 0; i < passwordBytes.Length; i++)
-							passwordBytes[i] ^= AuthPluginData[i % AuthPluginData.Length];
-
-						// encrypt with RSA public key
-						var encryptedPassword = rsa.Encrypt(passwordBytes, RSAEncryptionPadding.OaepSHA1);
-						payload = new PayloadData(new ArraySegment<byte>(encryptedPassword));
-						await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
-					}
+			case "sha256_password":
+				if (!m_isSecureConnection && cs.Password.Length > 1)
+				{
+#if NET45
+					throw new MySqlException("Authentication method '{0}' requires a secure connection (prior to .NET 4.6).".FormatInvariant(switchRequest.Name));
+#else
+					var publicKey = await GetRsaPublicKeyForSha256PasswordAsync(switchRequest.Name, cs, ioBehavior, cancellationToken);
+					return await SendEncryptedPasswordAsync(publicKey, RSAEncryptionPadding.OaepSHA1, cs, ioBehavior, switchRequest, cancellationToken);
 #endif
 				}
 				else
 				{
-					// send plaintext password
-					payload = new PayloadData(new ArraySegment<byte>(passwordBytes));
-					await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+					return await SendClearPasswordAsync(cs, ioBehavior, cancellationToken);
 				}
-				break;
 
 			case "mysql_old_password":
 				throw new NotSupportedException("'MySQL Server is requesting the insecure pre-4.1 auth mechanism (mysql_old_password). The user password must be upgraded; see https://dev.mysql.com/doc/refman/5.7/en/account-upgrades.html.");
@@ -397,6 +370,126 @@ private async Task SwitchAuthenticationAsync(ConnectionSettings cs, PayloadData
 			}
 		}
 
+		private async Task<PayloadData> SendClearPasswordAsync(ConnectionSettings cs, IOBehavior ioBehavior, CancellationToken cancellationToken)
+		{
+			// add NUL terminator to password
+			var passwordBytes = Encoding.UTF8.GetBytes(cs.Password);
+			Array.Resize(ref passwordBytes, passwordBytes.Length + 1);
+
+			// send plaintext password
+			var payload = new PayloadData(new ArraySegment<byte>(passwordBytes));
+			await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+			return await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+		}
+
+#if !NET45
+		private async Task<PayloadData> SendEncryptedPasswordAsync(
+			string rsaPublicKey,
+			RSAEncryptionPadding rsaEncryptionPadding,
+			ConnectionSettings cs,
+			IOBehavior ioBehavior,
+			AuthenticationMethodSwitchRequestPayload switchRequest,
+			CancellationToken cancellationToken)
+		{
+			// load the RSA public key
+			RSA rsa;
+			try
+			{
+				rsa = Utility.DecodeX509PublicKey(rsaPublicKey);
+			}
+			catch (Exception ex)
+			{
+				throw new MySqlException("Couldn't load server's RSA public key; try using a secure connection instead.", ex);
+			}
+
+			// add NUL terminator to password
+			var passwordBytes = Encoding.UTF8.GetBytes(cs.Password);
+			Array.Resize(ref passwordBytes, passwordBytes.Length + 1);
+
+			using (rsa)
+			{
+				// XOR the password bytes with the challenge
+				AuthPluginData = Utility.TrimZeroByte(switchRequest.Data);
+				for (var i = 0; i < passwordBytes.Length; i++)
+					passwordBytes[i] ^= AuthPluginData[i % AuthPluginData.Length];
+
+				// encrypt with RSA public key
+				var encryptedPassword = rsa.Encrypt(passwordBytes, rsaEncryptionPadding);
+				var payload = new PayloadData(new ArraySegment<byte>(encryptedPassword));
+				await SendReplyAsync(payload, ioBehavior, cancellationToken).ConfigureAwait(false);
+				return await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+			}
+		}
+#endif
+
+		private async Task<string> GetRsaPublicKeyForSha256PasswordAsync(
+			string switchRequestName,
+			ConnectionSettings cs,
+			IOBehavior ioBehavior,
+			CancellationToken cancellationToken)
+		{
+			if (!string.IsNullOrEmpty(cs.ServerRsaPublicKeyFile))
+			{
+				try
+				{
+					return File.ReadAllText(cs.ServerRsaPublicKeyFile);
+				}
+				catch (IOException ex)
+				{
+					throw new MySqlException(
+						"Couldn't load server's RSA public key from '{0}'".FormatInvariant(cs.ServerRsaPublicKeyFile), ex);
+				}
+			}
+
+			if (cs.AllowPublicKeyRetrieval)
+			{
+				// request the RSA public key
+				await SendReplyAsync(new PayloadData(new ArraySegment<byte>(new byte[] { 0x01 }, 0, 1)), ioBehavior,
+					cancellationToken).ConfigureAwait(false);
+				var payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+				var publicKeyPayload = AuthenticationMoreDataPayload.Create(payload);
+				return Encoding.ASCII.GetString(publicKeyPayload.Data);
+			}
+
+			throw new MySqlException(
+				"Authentication method '{0}' failed. Either use a secure connection, specify the server's RSA public key with ServerRSAPublicKeyFile, or set AllowPublicKeyRetrieval=True."
+					.FormatInvariant(switchRequestName));
+		}
+
+		private async Task<string> GetRsaPublicKeyForCachingSha2PasswordAsync(
+			string switchRequestName,
+			ConnectionSettings cs,
+			IOBehavior ioBehavior,
+			CancellationToken cancellationToken)
+		{
+			if (!string.IsNullOrEmpty(cs.ServerRsaPublicKeyFile))
+			{
+				try
+				{
+					return File.ReadAllText(cs.ServerRsaPublicKeyFile);
+				}
+				catch (IOException ex)
+				{
+					throw new MySqlException(
+						"Couldn't load server's RSA public key from '{0}'".FormatInvariant(cs.ServerRsaPublicKeyFile), ex);
+				}
+			}
+
+			if (cs.AllowPublicKeyRetrieval)
+			{
+				// request the RSA public key
+				await SendReplyAsync(new PayloadData(new ArraySegment<byte>(new byte[] { 0x02 }, 0, 1)), ioBehavior,
+					cancellationToken).ConfigureAwait(false);
+				var payload = await ReceiveReplyAsync(ioBehavior, cancellationToken).ConfigureAwait(false);
+				var publicKeyPayload = AuthenticationMoreDataPayload.Create(payload);
+				return Encoding.ASCII.GetString(publicKeyPayload.Data);
+			}
+
+			throw new MySqlException(
+				"Authentication method '{0}' failed. Either use a secure connection, specify the server's RSA public key with ServerRSAPublicKeyFile, or set AllowPublicKeyRetrieval=True."
+					.FormatInvariant(switchRequestName));
+		}
+
 		public async Task<bool> TryPingAsync(IOBehavior ioBehavior, CancellationToken cancellationToken)
 		{
 			VerifyState(State.Connected);