authEd25519 does ed25519 authentication used by MariaDB.
(scramble []byte, password string)
| 230 | |
| 231 | // authEd25519 does ed25519 authentication used by MariaDB. |
| 232 | func authEd25519(scramble []byte, password string) ([]byte, error) { |
| 233 | // Derived from https://github.com/MariaDB/server/blob/d8e6bb00888b1f82c031938f4c8ac5d97f6874c3/plugin/auth_ed25519/ref10/sign.c |
| 234 | // Code style is from https://cs.opensource.google/go/go/+/refs/tags/go1.21.5:src/crypto/ed25519/ed25519.go;l=207 |
| 235 | h := sha512.Sum512([]byte(password)) |
| 236 | |
| 237 | s, err := edwards25519.NewScalar().SetBytesWithClamping(h[:32]) |
| 238 | if err != nil { |
| 239 | return nil, err |
| 240 | } |
| 241 | A := (&edwards25519.Point{}).ScalarBaseMult(s) |
| 242 | |
| 243 | mh := sha512.New() |
| 244 | mh.Write(h[32:]) |
| 245 | mh.Write(scramble) |
| 246 | messageDigest := mh.Sum(nil) |
| 247 | r, err := edwards25519.NewScalar().SetUniformBytes(messageDigest) |
| 248 | if err != nil { |
| 249 | return nil, err |
| 250 | } |
| 251 | |
| 252 | R := (&edwards25519.Point{}).ScalarBaseMult(r) |
| 253 | |
| 254 | kh := sha512.New() |
| 255 | kh.Write(R.Bytes()) |
| 256 | kh.Write(A.Bytes()) |
| 257 | kh.Write(scramble) |
| 258 | hramDigest := kh.Sum(nil) |
| 259 | k, err := edwards25519.NewScalar().SetUniformBytes(hramDigest) |
| 260 | if err != nil { |
| 261 | return nil, err |
| 262 | } |
| 263 | |
| 264 | S := k.MultiplyAdd(k, s, r) |
| 265 | |
| 266 | return append(R.Bytes(), S.Bytes()...), nil |
| 267 | } |
| 268 | |
| 269 | func (mc *mysqlConn) sendEncryptedPassword(seed []byte, pub *rsa.PublicKey) error { |
| 270 | enc, err := encryptPassword(mc.cfg.Passwd, seed, pub) |