Implement parsec authentication #1543
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This adds support for the 'parsec' plugin. Signed-off-by: Bradley Grainger <[email protected]>
Create a new ServerFeature for parsec. Drop netstandard2.0 support. PBKDF2-SHA512 support was only added in .NET Framework 4.7.2 and .NET Standard 2.1. Signed-off-by: Bradley Grainger <[email protected]>
Introduce new IAuthenticationPlugin3 interface and deprecate IAuthenticationPlugin2. Authentication plugins will now compute the password hash and the authentication response in one call, and the session will cache the password hash for later use. Signed-off-by: Bradley Grainger <[email protected]>
There was a problem hiding this comment.
PR Overview
This PR adds support for Parsec authentication in MySqlConnector by implementing a new authentication plugin and extending cryptographic operations using Ed25519. Key changes include:
- Introducing the ParsecAuthenticationPlugin class and its associated installation and response creation methods.
- Updating the Ed25519 and related cryptography files to support the new authentication variant.
- Adjusting interfaces, documentation, and CI pipeline configurations to include Parsec-specific changes.
Reviewed Changes
| File | Description |
|---|---|
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Ed25519.cs | Adds Ed25519 crypto functions with methods for signing and keypair generation. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/CryptoBytes.cs | Introduces secure wiping for byte arrays to clear sensitive data. |
| src/MySqlConnector.Authentication.Ed25519/ParsecAuthenticationPlugin.cs | Implements the new Parsec authentication plugin including response and password hash creation. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Internal/Ed25519Ref10/sign.cs | Adds cryptographic signing operations using SHA512 and scalar operations. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Internal/Ed25519Ref10/keypair.cs | Implements keypair generation with Ed25519 using a seed. |
| src/MySqlConnector/Authentication/IAuthenticationPlugin.cs | Marks IAuthenticationPlugin2 obsolete and introduces IAuthenticationPlugin3. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Internal/Ed25519Ref10/sqrtm1.cs | Adds lookup table for square root of -1. |
| src/MySqlConnector.Authentication.Ed25519/docs/README.md | Updates documentation to list both ed25519 and Parsec plugins. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Internal/Ed25519Ref10/base2.cs | Introduces lookup tables for group element precomputations. |
| src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Internal/Ed25519Ref10/GroupElement.cs | Defines additional internal types for group element caching. |
| src/MySqlConnector.Authentication.Ed25519/Ed25519AuthenticationPlugin.cs | Changes plugin interface implementation from IAuthenticationPlugin2 to IAuthenticationPlugin3. |
| docs/content/home.md | Updates compatibility information for MariaDB versions. |
| azure-pipelines.yml | Updates environment variables to include ParsecAuthentication in unsupported features. |
Copilot reviewed 32 out of 32 changed files in this pull request and generated 1 comment.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1540