https://github.com/sea-boat/mysql-protocol
개요
Mysql 클라이언트가 mysql 서버에 로그인하려면 먼저 서버가 클라이언트에 초기 핸드셰이크 패킷을 전송하고, 클라이언트는 서버에 인증 패킷을 반환합니다. . 여기서는 인증패키지를 다음과 같이 분석한다.
client server |-------connect------>| | | |<-----handshake------| | | |---authentication--->| | |
4 capability flags, CLIENT_PROTOCOL_41 always set
4 max-packet size
1 character set
string[23] reserved (all [0])
string[NUL] username
if capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA {
lenenc-int length of auth-response
string[n] auth-response
} else if capabilities & CLIENT_SECURE_CONNECTION {
1 length of auth-response
string[n] auth-response
} else {
string[NUL] auth-response
}
if capabilities & CLIENT_CONNECT_WITH_DB {
string[NUL] database
}
if capabilities & CLIENT_PLUGIN_AUTH {
string[NUL] auth plugin name
}
if capabilities & CLIENT_CONNECT_ATTRS {
lenenc-int length of all key-values
lenenc-str key
lenenc-str value
if-more data in 'length of all key-values', more keys and value pairs
}자세한 내용: http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::HandshakeResponse
1. 인증 패키지 유형
/** * * @author seaboat * @date 2016-09-25 * @version 1.0 * <pre class="brush:php;toolbar:false"><b>email: </b>849586227@qq.com
<b>blog: </b>http://www.php.cn/;/pre>
* <p>mysql auth packet.</p>
*/public class AuthPacket extends MySQLPacket {
private static final byte[] FILLER = new byte[23];
public long clientFlags;
public long maxPacketSize;
public int charsetIndex;
public byte[] extra;
public String user;
public byte[] password;
public String database;
public void read(byte[] data) {
MySQLMessage mm = new MySQLMessage(data);
packetLength = mm.readUB3();
packetId = mm.read();
clientFlags = mm.readUB4();
maxPacketSize = mm.readUB4();
charsetIndex = (mm.read() & 0xff);
int current = mm.position();
int len = (int) mm.readLength();
if (len > 0 && len < FILLER.length) {
byte[] ab = new byte[len];
System.arraycopy(mm.bytes(), mm.position(), ab, 0, len);
this.extra = ab;
}
mm.position(current + FILLER.length);
user = mm.readStringWithNull();
password = mm.readBytesWithLength();
if (((clientFlags & Capabilities.CLIENT_CONNECT_WITH_DB) != 0)
&& mm.hasRemaining()) {
database = mm.readStringWithNull();
}
} public void write(ByteBuffer buffer) throws IOException {
BufferUtil.writeUB3(buffer, calcPacketSize());
buffer.put(packetId);
BufferUtil.writeUB4(buffer, clientFlags);
BufferUtil.writeUB4(buffer, maxPacketSize);
buffer.put((byte) charsetIndex);
buffer.put(FILLER); if (user == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithNull(buffer, user.getBytes());
} if (password == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithLength(buffer, password);
} if (database == null) {
buffer.put((byte) 0);
} else {
BufferUtil.writeWithNull(buffer, database.getBytes());
}
} @Override
public int calcPacketSize() {
int size = 32;// 4+4+1+23;
size += (user == null) ? 1 : user.length() + 1;
size += (password == null) ? 1 : BufferUtil.getLength(password);
size += (database == null) ? 1 : database.length() + 1;
return size;
} @Override
protected String getPacketInfo() {
return "MySQL Authentication Packet";
}
}암호화 및 복호화 도구
/** * * @author seaboat * @date 2016-09-25 * @version 1.0 * <pre class="brush:php;toolbar:false"><b>email: </b>849586227@qq.com
<b>blog: </b>http://www.php.cn/;/pre>
* <p>a security util .</p>
*/public class SecurityUtil {
public static final byte[] scramble411(byte[] pass, byte[] seed)
throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] pass1 = md.digest(pass);
md.reset();
byte[] pass2 = md.digest(pass1);
md.reset();
md.update(seed);
byte[] pass3 = md.digest(pass2);
for (int i = 0; i < pass3.length; i++) {
pass3[i] = (byte) (pass3[i] ^ pass1[i]);
} return pass3;
} public static final String scramble323(String pass, String seed) {
if ((pass == null) || (pass.length() == 0)) {
return pass;
}
byte b;
double d;
long[] pw = hash(seed);
long[] msg = hash(pass);
long max = 0x3fffffffL;
long seed1 = (pw[0] ^ msg[0]) % max;
long seed2 = (pw[1] ^ msg[1]) % max;
char[] chars = new char[seed.length()];
for (int i = 0; i < seed.length(); i++) {
seed1 = ((seed1 * 3) + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor((d * 31) + 64);
chars[i] = (char) b;
}
seed1 = ((seed1 * 3) + seed2) % max;
seed2 = (seed1 + seed2 + 33) % max;
d = (double) seed1 / (double) max;
b = (byte) java.lang.Math.floor(d * 31);
for (int i = 0; i < seed.length(); i++) {
chars[i] ^= (char) b;
} return new String(chars);
} private static long[] hash(String src) {
long nr = 1345345333L;
long add = 7;
long nr2 = 0x12345671L;
long tmp;
for (int i = 0; i < src.length(); ++i) {
switch (src.charAt(i)) {
case ' ':
case '\t':
continue;
default:
tmp = (0xff & src.charAt(i));
nr ^= ((((nr & 63) + add) * tmp) + (nr << 8));
nr2 += ((nr2 << 8) ^ nr);
add += tmp;
}
}
long[] result = new long[2];
result[0] = nr & 0x7fffffffL;
result[1] = nr2 & 0x7fffffffL;
return result;
}
}테스트 수업
위 내용은 mysql 프로토콜의 인증 패키지 및 코드에 대한 자세한 소개의 상세 내용입니다. 자세한 내용은 PHP 중국어 웹사이트의 기타 관련 기사를 참조하세요!
![[웹 프런트엔드] Node.js 빠른 시작](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
