diff options
Diffstat (limited to 'node_modules/mysql2/lib/auth_plugins/sha256_password.js')
-rw-r--r-- | node_modules/mysql2/lib/auth_plugins/sha256_password.js | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/node_modules/mysql2/lib/auth_plugins/sha256_password.js b/node_modules/mysql2/lib/auth_plugins/sha256_password.js new file mode 100644 index 0000000..08a41bb --- /dev/null +++ b/node_modules/mysql2/lib/auth_plugins/sha256_password.js @@ -0,0 +1,60 @@ +'use strict'; + +const PLUGIN_NAME = 'sha256_password'; +const crypto = require('crypto'); +const { xor } = require('../auth_41'); + +const REQUEST_SERVER_KEY_PACKET = Buffer.from([1]); + +const STATE_INITIAL = 0; +const STATE_WAIT_SERVER_KEY = 1; +const STATE_FINAL = -1; + +function encrypt(password, scramble, key) { + const stage1 = xor( + Buffer.from(`${password}\0`, 'utf8').toString('binary'), + scramble.toString('binary') + ); + return crypto.publicEncrypt(key, stage1); +} + +module.exports = (pluginOptions = {}) => ({ connection }) => { + let state = 0; + let scramble = null; + + const password = connection.config.password; + + const authWithKey = serverKey => { + const _password = encrypt(password, scramble, serverKey); + state = STATE_FINAL; + return _password; + }; + + return data => { + switch (state) { + case STATE_INITIAL: + scramble = data.slice(0, 20); + // if client provides key we can save one extra roundrip on first connection + if (pluginOptions.serverPublicKey) { + return authWithKey(pluginOptions.serverPublicKey); + } + + state = STATE_WAIT_SERVER_KEY; + return REQUEST_SERVER_KEY_PACKET; + + case STATE_WAIT_SERVER_KEY: + if (pluginOptions.onServerPublicKey) { + pluginOptions.onServerPublicKey(data); + } + return authWithKey(data); + case STATE_FINAL: + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in STATE_FINAL state.` + ); + } + + throw new Error( + `Unexpected data in AuthMoreData packet received by ${PLUGIN_NAME} plugin in state ${state}` + ); + }; +}; |