This is a read-only copy of the MariaDB Knowledgebase generated on 2024-11-14. For the latest, interactive version please visit https://mariadb.com/kb/.

Created: 5 years, 1 month ago
Modified: 5 years, 1 month ago
Type: article
Status: active
License: CC BY-SA / Gnu FDL

Attachments

No attachments exist

sha256_password plugin

SHA256 authentication possible exchanges:

if connection use SSL (SSLRequest Packet sent)
- client send a clear password answer
else
- if client doesn't know server RSA public key
  - client sends a public key request
  - server sends a public key response
- client sends an RSA encrypted password
- ends with server sending either OK_Packet , ERR_Packet

Client clear password answer

string<NUL> password without encryption

Public key request

byte<1> fixed 0x01 value

Public key response

byte<1> fixed 0x01 value
byte<EOF> public key data

RSA encrypted password

byte<256> RSA encrypted password

RSA encrypted value of XOR(password, seed) using server public key (RSA_PKCS1_OAEP_PADDING).

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

↑ 1 - Connecting ↑
Connecting
sha256_password plugin
caching_sha2_password authentication plugin

sha256_password plugin

Client clear password answer

Public key request

Public key response

RSA encrypted password

Products

Services

Pricing

Resources

About Us

Download MariaDB