Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-663

Implement caching_sha2_password plugin

    Details

      Description

      MySQL 8.0 introduced a new authentication plugin "caching_sha2_password" plugin, which is enabled by default and will be used as standard plugin:

      Workflow:

      1) Server sends scramble packet
      2) Clients generates a sha256 hashed authentication string with the following mechanism:

      digest1= sha256(password)
      digest2= sha256(digest1)
      digest3= sha256(digest2, scramble)
      digest4= xor(digest1, digest3)
      3) Client sends digest4 as authentication string

      On success server sends a packet with length=1 and content=3. In case the password was not cached, server requires same authentication mechanism as in sha256_password with a little difference, the padding algorithm is PKCS1 v1.5 padding instead of OAEP.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                diego dupin Diego Dupin
                Reporter:
                ryantheleach Ryan Leach
              • Votes:
                4 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: