Documentation
¶
Index ¶
- Constants
- func CheckHashingPassword(pwhash []byte, password string, hash string) (bool, error)
- func CheckScrambledPassword(salt, hpwd, auth []byte) bool
- func DecodePassword(pwd string) ([]byte, error)
- func EncodePassword(pwd string) string
- func EncodePasswordBytes(pwd []byte) string
- func NewHashPassword(pwd string, hash string) string
- func NewSM3() hash.Hash
- func Sha1Hash(bs []byte) []byte
- func Sha256Hash(input []byte) []byte
- func Sm3Hash(data []byte) []byte
- type RoleIdentity
- type UserIdentity
Constants ¶
const ( // UserNameMaxLength is the max length of username. UserNameMaxLength = 32 // HostNameMaxLength is the max length of host name. HostNameMaxLength = 255 )
const ( // MIXCHARS is the number of characters to use in the mix MIXCHARS = 32 // SALT_LENGTH is the length of the salt SALT_LENGTH = 20 //nolint: revive // ITERATION_MULTIPLIER is the number of iterations to use ITERATION_MULTIPLIER = 1000 //nolint: revive )
Variables ¶
This section is empty.
Functions ¶
func CheckHashingPassword ¶
CheckHashingPassword checks if a caching_sha2_password or tidb_sm3_password authentication string matches a password
func CheckScrambledPassword ¶
CheckScrambledPassword check scrambled password received from client. The new authentication is performed in following manner:
SERVER: public_seed=create_random_string()
send(public_seed)
CLIENT: recv(public_seed)
hash_stage1=sha1("password")
hash_stage2=sha1(hash_stage1)
reply=xor(hash_stage1, sha1(public_seed,hash_stage2)
// this three steps are done in scramble()
send(reply)
SERVER: recv(reply)
hash_stage1=xor(reply, sha1(public_seed,hash_stage2))
candidate_hash2=sha1(hash_stage1)
check(candidate_hash2==hash_stage2)
// this three steps are done in check_scramble()
func DecodePassword ¶
DecodePassword converts hex string password without prefix '*' to byte array.
func EncodePassword ¶
EncodePassword converts plaintext password(type is string) to hashed hex string.
func EncodePasswordBytes ¶
EncodePasswordBytes converts plaintext password(type is []byte) to hashed hex string.
func NewHashPassword ¶
NewHashPassword creates a new password for caching_sha2_password or tidb_sm3_password
func Sha256Hash ¶
Sha256Hash is an util function to calculate sha256 hash.
Types ¶
type RoleIdentity ¶
RoleIdentity represents a role name.
func (*RoleIdentity) Restore ¶
func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error
Restore implements Node interface.
func (*RoleIdentity) String ¶
func (role *RoleIdentity) String() string
String converts UserIdentity to the format user@host.
type UserIdentity ¶
type UserIdentity struct {
Username string
Hostname string
CurrentUser bool
AuthUsername string // Username matched in privileges system
AuthHostname string // Match in privs system (i.e. could be a wildcard)
AuthPlugin string // The plugin specified in handshake, only used during authentication.
}
UserIdentity represents username and hostname.
func (*UserIdentity) LoginString ¶
func (user *UserIdentity) LoginString() string
LoginString returns matched identity in user@host format It matches the login user.
func (*UserIdentity) Restore ¶
func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error
Restore implements Node interface.
func (*UserIdentity) String ¶
func (user *UserIdentity) String() string
String converts UserIdentity to the format user@host. It defaults to providing the AuthIdentity (the matching entry in priv tables) To use the actual identity use LoginString()
Source Files