Home Explore Help
Register Sign In
i2
/
cmd
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0b0b6d8946
Branches Tags
cmd
/
xorm
/
vendor
/
github.com
/
ziutek
/
mymysql
/
native
/
passwd.go

passwd.go 2.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 
  1. package native
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/sha1"
    5. 

  5. 	"math"
    6. 

  6. )
    7. 

  7. 

  8. // Borrowed from GoMySQL
    9. 

  9. // SHA1(SHA1(SHA1(password)), scramble) XOR SHA1(password)
    10. 

  10. func encryptedPasswd(password string, scramble []byte) (out []byte) {
    11. 

  11. 	if len(password) == 0 {
    12. 

  12. 		return
    13. 

  13. 	}
    14. 

  14. 	// stage1_hash = SHA1(password)
    15. 

  15. 	// SHA1 encode
    16. 

  16. 	crypt := sha1.New()
    17. 

  17. 	crypt.Write([]byte(password))
    18. 

  18. 	stg1Hash := crypt.Sum(nil)
    19. 

  19. 	// token = SHA1(SHA1(stage1_hash), scramble) XOR stage1_hash
    20. 

  20. 	// SHA1 encode again
    21. 

  21. 	crypt.Reset()
    22. 

  22. 	crypt.Write(stg1Hash)
    23. 

  23. 	stg2Hash := crypt.Sum(nil)
    24. 

  24. 	// SHA1 2nd hash and scramble
    25. 

  25. 	crypt.Reset()
    26. 

  26. 	crypt.Write(scramble)
    27. 

  27. 	crypt.Write(stg2Hash)
    28. 

  28. 	stg3Hash := crypt.Sum(nil)
    29. 

  29. 	// XOR with first hash
    30. 

  30. 	out = make([]byte, len(scramble))
    31. 

  31. 	for ii := range scramble {
    32. 

  32. 		out[ii] = stg3Hash[ii] ^ stg1Hash[ii]
    33. 

  33. 	}
    34. 

  34. 	return
    35. 

  35. }
    36. 

  36. 

  37. // Old password handling based on translating to Go some functions from
    38. 

  38. // libmysql
    39. 

  39. 

  40. // The main idea is that no password are sent between client & server on
    41. 

  41. // connection and that no password are saved in mysql in a decodable form.
    42. 

  42. //
    43. 

  43. // On connection a random string is generated and sent to the client.
    44. 

  44. // The client generates a new string with a random generator inited with
    45. 

  45. // the hash values from the password and the sent string.
    46. 

  46. // This 'check' string is sent to the server where it is compared with
    47. 

  47. // a string generated from the stored hash_value of the password and the
    48. 

  48. // random string.
    49. 

  49. 

  50. // libmysql/my_rnd.c
    51. 

  51. type myRnd struct {
    52. 

  52. 	seed1, seed2 uint32
    53. 

  53. }
    54. 

  54. 

  55. const myRndMaxVal = 0x3FFFFFFF
    56. 

  56. 

  57. func newMyRnd(seed1, seed2 uint32) *myRnd {
    58. 

  58. 	r := new(myRnd)
    59. 

  59. 	r.seed1 = seed1 % myRndMaxVal
    60. 

  60. 	r.seed2 = seed2 % myRndMaxVal
    61. 

  61. 	return r
    62. 

  62. }
    63. 

  63. 

  64. func (r *myRnd) Float64() float64 {
    65. 

  65. 	r.seed1 = (r.seed1*3 + r.seed2) % myRndMaxVal
    66. 

  66. 	r.seed2 = (r.seed1 + r.seed2 + 33) % myRndMaxVal
    67. 

  67. 	return float64(r.seed1) / myRndMaxVal
    68. 

  68. }
    69. 

  69. 

  70. // libmysql/password.c
    71. 

  71. func pwHash(password []byte) (result [2]uint32) {
    72. 

  72. 	var nr, add, nr2, tmp uint32
    73. 

  73. 	nr, add, nr2 = 1345345333, 7, 0x12345671
    74. 

  74. 

  75. 	for _, c := range password {
    76. 

  76. 		if c == ' ' || c == '\t' {
    77. 

  77. 			continue // skip space in password
    78. 

  78. 		}
    79. 

  79. 

  80. 		tmp = uint32(c)
    81. 

  81. 		nr ^= (((nr & 63) + add) * tmp) + (nr << 8)
    82. 

  82. 		nr2 += (nr2 << 8) ^ nr
    83. 

  83. 		add += tmp
    84. 

  84. 	}
    85. 

  85. 

  86. 	result[0] = nr & ((1 << 31) - 1) // Don't use sign bit (str2int)
    87. 

  87. 	result[1] = nr2 & ((1 << 31) - 1)
    88. 

  88. 	return
    89. 

  89. }
    90. 

  90. 

  91. func encryptedOldPassword(password string, scramble []byte) []byte {
    92. 

  92. 	if len(password) == 0 {
    93. 

  93. 		return nil
    94. 

  94. 	}
    95. 

  95. 	scramble = scramble[:8]
    96. 

  96. 	hashPw := pwHash([]byte(password))
    97. 

  97. 	hashSc := pwHash(scramble)
    98. 

  98. 	r := newMyRnd(hashPw[0]^hashSc[0], hashPw[1]^hashSc[1])
    99. 

  99. 	var out [8]byte
    100. 

  100. 	for i := range out {
    101. 

  101. 		out[i] = byte(math.Floor(r.Float64()*31) + 64)
    102. 

  102. 	}
    103. 

  103. 	extra := byte(math.Floor(r.Float64() * 31))
    104. 

  104. 	for i := range out {
    105. 

  105. 		out[i] ^= extra
    106. 

  106. 	}
    107. 

  107. 	return out[:]
    108. 

  108. }
    109.