diff --git a/contrib/dolphin/include/plugin_protocol/auth.h b/contrib/dolphin/include/plugin_protocol/auth.h index 1816d9e4cec48fa20a93b2bdfdd3a8d9af50fe78..f71df8ad923572f3fff75f6f0ae9ba506c1f4dce 100644 --- a/contrib/dolphin/include/plugin_protocol/auth.h +++ b/contrib/dolphin/include/plugin_protocol/auth.h @@ -33,17 +33,20 @@ bool tls_secure_initialize(); int TlsSecureOpen(Port* port); extern Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS); +extern void get_parent_directory(char* path); #define SHA256_DIGEST_LENGTH 32 -#define ROUNDS_DEFAULT 5000 -#define ROUNDS_MIN ROUNDS_DEFAULT -#define ROUNDS_MAX (0xFFF * 1000) -#define MIXCHARS 32 -#define CRYPT_SALT_LENGTH 20 -#define CRYPT_MAGIC_LENGTH 3 -#define CRYPT_PARAM_LENGTH 13 -#define SHA256_HASH_LENGTH 43 -#define CRYPT_MAX_PASSWORD_SIZE (CRYPT_SALT_LENGTH + SHA256_HASH_LENGTH + CRYPT_MAGIC_LENGTH + CRYPT_PARAM_LENGTH) +#define DOLPHIN_ROUNDS_DEFAULT 5000 +#define DOLPHIN_ROUNDS_MIN DOLPHIN_ROUNDS_DEFAULT +#define DOLPHIN_ROUNDS_MAX (0xFFF * 1000) +#define DOLPHIN_MIXCHARS 32 +#define DOLPHIN_CRYPT_SALT_LENGTH 20 +#define DOLPHIN_CRYPT_MAGIC_LENGTH 3 +#define DOLPHIN_CRYPT_PARAM_LENGTH 13 +#define DOLPHIN_SHA256_HASH_LENGTH 43 +#define DOLPHIN_CRYPT_MAX_PASSWORD_SIZE \ + (DOLPHIN_CRYPT_SALT_LENGTH + DOLPHIN_SHA256_HASH_LENGTH + \ + DOLPHIN_CRYPT_MAGIC_LENGTH + DOLPHIN_CRYPT_PARAM_LENGTH) #define MAX_PLAINTEXT_LENGTH 256 #define CLIENT_PASSWORD_NATIVE_TOKEN_LEN (20) @@ -55,7 +58,7 @@ extern Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS); typedef struct UserCachedLinesHash { char username[NAMEDATALEN]; - char fastpasswd[CRYPT_MAX_PASSWORD_SIZE]; + char fastpasswd[DOLPHIN_CRYPT_MAX_PASSWORD_SIZE]; } UserCachedLinesHash; UserCachedLinesHash* UserCachedLinesHashTableAccess(HASHACTION action, char* user_name, char* fastpassword); diff --git a/contrib/dolphin/input/b_proto_jdbc_8_0_28.source b/contrib/dolphin/input/b_proto_jdbc_8_0_28.source index cba9b51e0cb8e7e4e021a585894a240937733c3a..4ba69c7941c4f5b6924a28ac8b5c0450c969c980 100644 --- a/contrib/dolphin/input/b_proto_jdbc_8_0_28.source +++ b/contrib/dolphin/input/b_proto_jdbc_8_0_28.source @@ -61,42 +61,39 @@ select * from autocommit_test6; \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER --- -- ************************* The plug-in fails to perform SSL initialization. The caching_sha2_password authentication test cannot be supported ****************************************************************** --- --- -- wrong change authentication for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); --- --- -- normal change authentication for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@456'),E'\n','X'); --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@456 new --- --- select * from t3 order by id; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoCommitTest localhost $dp db_jdbc proto_user Gauss@456 new --- --- select relname from pg_class where relname like '%autocommit_test%' order by relname; --- --- select * from autocommit_test6; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER --- --- -- **************************************************************************************************************************************************************************************************************** --- -- wrong change password for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); --- --- -- normal change password for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@123', 'Gauss@456'),E'\n','X'); --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@123 new --- --- select * from t3 order by id; --- --- select relname from pg_class where relname like '%autocommit_test%' order by relname; --- --- select * from autocommit_test6; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER +-- **************************************************************************************************************************************************************************************************************** +-- wrong change authentication for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); + +-- normal change authentication for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@456'),E'\n','X'); + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@456 new + +select * from t3 order by id; + +select relname from pg_class where relname like '%autocommit_test%' order by relname; + +select * from autocommit_test6; + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER + +-- **************************************************************************************************************************************************************************************************************** +-- wrong change password for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); + +-- normal change password for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@123', 'Gauss@456'),E'\n','X'); + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@123 new + +select * from t3 order by id; + +select relname from pg_class where relname like '%autocommit_test%' order by relname; + +select * from autocommit_test6; + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER RESET ROLE; DROP USER IF EXISTS proto_user CASCADE; diff --git a/contrib/dolphin/make_check_postgresql.conf b/contrib/dolphin/make_check_postgresql.conf index 1dac6bd706fcf2005762159b6c915238b78e3171..8659505ecca2fa55874c5fc5906958685b2b6c03 100644 --- a/contrib/dolphin/make_check_postgresql.conf +++ b/contrib/dolphin/make_check_postgresql.conf @@ -45,3 +45,6 @@ unix_socket_directory='/tmp' enable_codegen=on dolphin.nulls_minimal_policy=on enable_record_nettime=off +dolphin.mysql_ca = '../../proto_jdbc/mysql_sslcert/cacert.pem' +dolphin.mysql_server_cert = '../../proto_jdbc/mysql_sslcert/server.crt' +dolphin.mysql_server_key = '../../proto_jdbc/mysql_sslcert/server.key' diff --git a/contrib/dolphin/output/b_proto_jdbc_8_0_28.source b/contrib/dolphin/output/b_proto_jdbc_8_0_28.source index a27a39ee68f67b9772bd47002a5eb371d29b74c3..df20809f7d7498f433fedf35a50886a6be372fe7 100644 --- a/contrib/dolphin/output/b_proto_jdbc_8_0_28.source +++ b/contrib/dolphin/output/b_proto_jdbc_8_0_28.source @@ -225,42 +225,190 @@ select * from autocommit_test6; 2 3 4 --- -- ************************* The plug-in fails to perform SSL initialization. The caching_sha2_password authentication test cannot be supported ****************************************************************** --- --- -- wrong change authentication for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); --- --- -- normal change authentication for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@456'),E'\n','X'); --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@456 new --- --- select * from t3 order by id; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoCommitTest localhost $dp db_jdbc proto_user Gauss@456 new --- --- select relname from pg_class where relname like '%autocommit_test%' order by relname; --- --- select * from autocommit_test6; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER --- --- -- **************************************************************************************************************************************************************************************************************** --- -- wrong change password for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); --- --- -- normal change password for caching_sha2_password_plugin authentication --- select replace(set_caching_sha2_password('proto_user', 'Gauss@123', 'Gauss@456'),E'\n','X'); --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@123 new --- --- select * from t3 order by id; --- --- select relname from pg_class where relname like '%autocommit_test%' order by relname; --- --- select * from autocommit_test6; --- --- \! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER +-- **************************************************************************************************************************************************************************************************************** +-- wrong change authentication for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); +ERROR: Set authentication method verification failed, password does not match original password +CONTEXT: referenced column: replace +-- normal change authentication for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@456'),E'\n','X'); +--?.* +--?.* +--?.* +(1 row) + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@456 new +c1:INT +c2:CHAR +c3:TINYINT +c4:CHAR +c5:SMALLINT +c6:CHAR +c7:BIGINT +c8:CHAR +c9:FLOAT +c10:DOUBLE +c11:BIT +c12:TINYINT +c13:CHAR +c14:CHAR +c15:VARCHAR +c16:VARCHAR +c17:CHAR +c18:CHAR +c19:DATE +c20:TIME +c21:TIMESTAMP +c22:DATETIME +c23:CHAR +c24:BLOB +c25:CHAR +c26:CHAR +c27:GEOMETRY +c28:GEOMETRY +c29:TINYTEXT +c30:DECIMAL +c31:JSON +c32:CHAR +c33:CHAR +QUERY PLAN:TINYTEXT +Hash Join + Hash Cond: (a.c1 = b.c2) + -> Seq Scan on t3 a + -> Hash + -> Seq Scan on t3 b +res_getBoolean: true +res_getInt: 1 +res_getString: 1 +res_getBoolean: false +res_getInt: 0 +res_getString: 0 +1 +mysql +2 +dolphin-server +3 +postgres +select * from t3 order by id; + id | name +----+---------------- + 1 | mysql + 2 | dolphin-server + 3 | postgres +(3 rows) + +select relname from pg_class where relname like '%autocommit_test%' order by relname; + relname +------------------ + autocommit_test2 + autocommit_test3 + autocommit_test5 + autocommit_test6 +(4 rows) + +select * from autocommit_test6; + a +--- + 2 +(1 row) + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER +1 +2 +3 +4 +-- **************************************************************************************************************************************************************************************************************** +-- wrong change password for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@456', 'Gauss@123'),E'\n','X'); +ERROR: Set authentication method verification failed, password does not match original password +CONTEXT: referenced column: replace +-- normal change password for caching_sha2_password_plugin authentication +select replace(set_caching_sha2_password('proto_user', 'Gauss@123', 'Gauss@456'),E'\n','X'); +--?.* +--?.* +--?.* +(1 row) + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcTest localhost $dp db_jdbc proto_user Gauss@123 new +c1:INT +c2:CHAR +c3:TINYINT +c4:CHAR +c5:SMALLINT +c6:CHAR +c7:BIGINT +c8:CHAR +c9:FLOAT +c10:DOUBLE +c11:BIT +c12:TINYINT +c13:CHAR +c14:CHAR +c15:VARCHAR +c16:VARCHAR +c17:CHAR +c18:CHAR +c19:DATE +c20:TIME +c21:TIMESTAMP +c22:DATETIME +c23:CHAR +c24:BLOB +c25:CHAR +c26:CHAR +c27:GEOMETRY +c28:GEOMETRY +c29:TINYTEXT +c30:DECIMAL +c31:JSON +c32:CHAR +c33:CHAR +QUERY PLAN:TINYTEXT +Hash Join + Hash Cond: (a.c1 = b.c2) + -> Seq Scan on t3 a + -> Hash + -> Seq Scan on t3 b +res_getBoolean: true +res_getInt: 1 +res_getString: 1 +res_getBoolean: false +res_getInt: 0 +res_getString: 0 +1 +mysql +2 +dolphin-server +3 +postgres +select * from t3 order by id; + id | name +----+---------------- + 1 | mysql + 2 | dolphin-server + 3 | postgres +(3 rows) + +select relname from pg_class where relname like '%autocommit_test%' order by relname; + relname +------------------ + autocommit_test2 + autocommit_test3 + autocommit_test5 + autocommit_test6 +(4 rows) + +select * from autocommit_test6; + a +--- + 2 +(1 row) + +\! @abs_bindir@/../jre/bin/java -cp $CLASSPATH:@abs_builddir@/proto_jdbc/class/mysql-connector-java-8.0.28.jar:@abs_builddir@/proto_jdbc/class/junixsocket-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-mysql-2.6.2.jar:@abs_builddir@/proto_jdbc/class/junixsocket-native-common-2.6.2.jar:@abs_builddir@/proto_jdbc/class/. MySQLJdbcAutoIncrementTest $dp db_uds $USER +1 +2 +3 +4 RESET ROLE; DROP USER IF EXISTS proto_user CASCADE; \! rm @abs_builddir@/proto_jdbc/class/*.class \ No newline at end of file diff --git a/contrib/dolphin/plugin_protocol/auth.cpp b/contrib/dolphin/plugin_protocol/auth.cpp index e5222090bb0c3bee35cfe20e7462001975f49846..672670875cb4e3e9ffedcb7e8a775a5c8ace454c 100644 --- a/contrib/dolphin/plugin_protocol/auth.cpp +++ b/contrib/dolphin/plugin_protocol/auth.cpp @@ -456,7 +456,7 @@ static bool search_cached(char *user, char **cachedpassword) static bool deserialize(const char*serialized_string, char*salt, char*digest, unsigned long *iterations) { - char parts[PARAMNUM_3][CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + char parts[PARAMNUM_3][DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; int num_parts = 0; errno_t rc = 0; char *str_text = (char *)palloc(strlen(serialized_string) + 1); @@ -464,20 +464,21 @@ static bool deserialize(const char*serialized_string, char*salt, char*digest, un securec_check(rc, "\0", "\0"); char *token = strtok(str_text, "$"); while (token != NULL && num_parts < PARAMNUM_3) { - rc = strncpy_s(parts[num_parts], CRYPT_MAX_PASSWORD_SIZE, token, strlen(token)); + rc = strncpy_s(parts[num_parts], DOLPHIN_CRYPT_MAX_PASSWORD_SIZE, token, strlen(token)); securec_check(rc, "\0", "\0"); num_parts++; token = strtok(NULL, "$"); } *iterations = atol(parts[PARAMNUM_1]) * DEFAULTMULTIPLE; - rc = strncpy_s(salt, SHA1_HASH_SIZE + 1, parts[PARAMNUM_2], CRYPT_SALT_LENGTH); + rc = strncpy_s(salt, SHA1_HASH_SIZE + 1, parts[PARAMNUM_2], DOLPHIN_CRYPT_SALT_LENGTH); securec_check(rc, "\0", "\0"); - rc = strncpy_s(digest, CRYPT_MAX_PASSWORD_SIZE + 1, (parts[PARAMNUM_3] + CRYPT_SALT_LENGTH), SHA256_HASH_LENGTH); + rc = strncpy_s(digest, DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1, + (parts[PARAMNUM_2] + DOLPHIN_CRYPT_SALT_LENGTH), DOLPHIN_SHA256_HASH_LENGTH); securec_check(rc, "\0", "\0"); int salt_len = strlen(salt); int digest_len = strlen(digest); pfree(str_text); - if (salt_len == CRYPT_SALT_LENGTH && digest_len == SHA256_HASH_LENGTH) { + if (salt_len == DOLPHIN_CRYPT_SALT_LENGTH && digest_len == DOLPHIN_SHA256_HASH_LENGTH) { return TRUE; } return FALSE; @@ -487,8 +488,8 @@ static bool full_authenticate_mysql_caching_sha2(const char* stored_password, Po { char *fast_passwd = (char*)palloc(SHA2_HASH_SIZE * 2 + 1); char salt[SHA1_HASH_SIZE + 1] = { 0 }; - char digest[CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; - char store_digest[CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + char digest[DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + char store_digest[DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; unsigned long iterations = 0; char *plaintext_passwd = NULL; StringInfo buf = makeStringInfo(); @@ -511,8 +512,9 @@ static bool full_authenticate_mysql_caching_sha2(const char* stored_password, Po plaintext_passwd = dq_get_string_null(buf); char *full_passwd = TextDatumGetCString(DirectFunctionCall2(make_scrambled_full_password_sha2, PointerGetDatum(plaintext_passwd), PointerGetDatum(salt))); - rc = strcpy_s(digest, CRYPT_MAX_PASSWORD_SIZE + 1, - full_passwd + (CRYPT_MAGIC_LENGTH + CRYPT_MAGIC_LENGTH + 1 + CRYPT_SALT_LENGTH)); + rc = strcpy_s(digest, DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1, + full_passwd + + (DOLPHIN_CRYPT_MAGIC_LENGTH + DOLPHIN_CRYPT_MAGIC_LENGTH + 1 + DOLPHIN_CRYPT_SALT_LENGTH)); securec_check(rc, "\0", "\0"); if (memcmp(store_digest, (const uint8 *)digest, strlen(digest)) == 0) { //fast authentication @@ -845,7 +847,7 @@ static bool tls_secure_ctx(SSL_CTX** ssl_ctx) int verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; char file_path[MAXPGPATH] = {0}; - char* data_path = pstrdup(t_thrd.proc_cxt.DataDir); + char* data_path = NULL; appendBinaryStringInfo(mtsql_cioher_list, tls_cipher_blocked, strlen(tls_cipher_blocked)); appendBinaryStringInfo(mtsql_cioher_list, ":", strlen(":")); @@ -861,49 +863,51 @@ static bool tls_secure_ctx(SSL_CTX** ssl_ctx) ereport(WARNING, (errmsg("SSL environment initialization failed,%s", SSLerrmessage()))); break; } - rc = sprintf_s(file_path, MAXPGPATH, "%s/%s.cipher", data_path, g_proto_ctx.mysql_server_key); + if (is_absolute_path(g_proto_ctx.mysql_server_key)) { + data_path = pstrdup(g_proto_ctx.mysql_server_key); + get_parent_directory(data_path); + } else { + rc = sprintf_s(file_path, MAXPGPATH, "%s/%s", t_thrd.proc_cxt.DataDir, g_proto_ctx.mysql_server_key); + securec_check_ss(rc, "\0", "\0"); + data_path = pstrdup(file_path); + get_parent_directory(data_path); + } + rc = sprintf_s(file_path, MAXPGPATH, "%s/server.key.cipher", data_path); securec_check_ss(rc, "\0", "\0"); if (stat(file_path, &buf) < 0) { ereport(WARNING, (errmsg("could not open file \"%s\": No such file or directory", file_path))); - break; + } else { + decode_cipher_files(keymode, NULL, data_path, serverkey); + SSL_CTX_set_default_passwd_cb_userdata(*ssl_ctx, (char*)serverkey); } - decode_cipher_files(keymode, NULL, data_path, serverkey); - SSL_CTX_set_default_passwd_cb_userdata(*ssl_ctx, (char*)serverkey); - /* Specify encryption algorithm */ if (SSL_CTX_set_cipher_list(*ssl_ctx, mtsql_cioher_list->data) == 0) { ereport(WARNING, (errmsg("Failed to specify encryption algorithm,%s", SSLerrmessage()))); break; } /* Load CA certificate */ - rc = sprintf_s(file_path, MAXPGPATH, "%s/%s", data_path, g_proto_ctx.mysql_ca); - securec_check_ss(rc, "\0", "\0"); - if (stat(file_path, &buf) != 0) { + if (stat(g_proto_ctx.mysql_ca, &buf) != 0) { ereport(WARNING, (errmsg("could not open file \"%s\": No such file or directory", file_path))); break; } - if (SSL_CTX_load_verify_locations(*ssl_ctx, file_path, NULL) <= 0) { + if (SSL_CTX_load_verify_locations(*ssl_ctx, g_proto_ctx.mysql_ca, NULL) <= 0) { ereport(WARNING, (errmsg("Failed to load CA certificate,%s", SSLerrmessage()))); break; } /* Load server certificate */ - rc = sprintf_s(file_path, MAXPGPATH, "%s/%s", data_path, g_proto_ctx.mysql_server_cert); - securec_check_ss(rc, "\0", "\0"); - if (stat(file_path, &buf) != 0) { + if (stat(g_proto_ctx.mysql_server_cert, &buf) != 0) { ereport(WARNING, (errmsg("could not open file \"%s\": No such file or directory", file_path))); break; } - if (SSL_CTX_use_certificate_file(*ssl_ctx, file_path, SSL_FILETYPE_PEM) <= 0) { + if (SSL_CTX_use_certificate_file(*ssl_ctx, g_proto_ctx.mysql_server_cert, SSL_FILETYPE_PEM) <= 0) { ereport(WARNING, (errmsg("Failed to load server certificate,%s", SSLerrmessage()))); break; } - rc = sprintf_s(file_path, MAXPGPATH, "%s/%s", data_path, g_proto_ctx.mysql_server_key); - securec_check_ss(rc, "\0", "\0"); - if (stat(file_path, &buf) != 0) { + if (stat(g_proto_ctx.mysql_server_key, &buf) != 0) { ereport(WARNING, (errmsg("could not open file \"%s\": No such file or directory", file_path))); break; } - if (SSL_CTX_use_PrivateKey_file(*ssl_ctx, file_path, SSL_FILETYPE_PEM) <= 0) { + if (SSL_CTX_use_PrivateKey_file(*ssl_ctx, g_proto_ctx.mysql_server_key, SSL_FILETYPE_PEM) <= 0) { ereport(WARNING, (errmsg("Failed to load server private key,%s", SSLerrmessage()))); break; } @@ -932,6 +936,7 @@ static bool tls_secure_ctx(SSL_CTX** ssl_ctx) SSL_CTX_set_verify(*ssl_ctx, verify, NULL); DestroyStringInfo(mtsql_cioher_list); Dophin_Flags = DOPHIN_DEFAULT_FLAGS | CLIENT_SSL; + ereport(LOG, (errmsg("Dolphin plugin successfully initialized SSL information !"))); return TRUE; } while (0); diff --git a/contrib/dolphin/plugin_protocol/password.cpp b/contrib/dolphin/plugin_protocol/password.cpp index a3d7184fac7229f46ceacc5148b3019eb869018c..0e000d042f92738b2852246cd5706bdf61b051f4 100644 --- a/contrib/dolphin/plugin_protocol/password.cpp +++ b/contrib/dolphin/plugin_protocol/password.cpp @@ -235,7 +235,7 @@ bool check_password(HeapTuple tuple, text* role, text* input_password) if (stored_password[0] == '$') { char salt[SHA1_HASH_SIZE + 1] = { 0 }; char* plaintext = text_to_cstring(input_password); - char parts[PARAMNUM_3][CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + char parts[PARAMNUM_3][DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; int num_parts = 0; errno_t rc = 0; char *str_text = (char *)palloc(strlen(stored_password) + 1); @@ -243,12 +243,12 @@ bool check_password(HeapTuple tuple, text* role, text* input_password) securec_check(rc, "\0", "\0"); char *token = strtok(str_text, "$"); while (token != NULL && num_parts < PARAMNUM_3) { - rc = strncpy_s(parts[num_parts], CRYPT_MAX_PASSWORD_SIZE, token, strlen(token)); + rc = strncpy_s(parts[num_parts], DOLPHIN_CRYPT_MAX_PASSWORD_SIZE, token, strlen(token)); securec_check(rc, "\0", "\0"); num_parts++; token = strtok(NULL, "$"); } - rc = strncpy_s(salt, SHA1_HASH_SIZE + 1, parts[PARAMNUM_2], CRYPT_SALT_LENGTH); + rc = strncpy_s(salt, SHA1_HASH_SIZE + 1, parts[PARAMNUM_2], DOLPHIN_CRYPT_SALT_LENGTH); securec_check(rc, "\0", "\0"); pfree(str_text); Datum sha2_password = DirectFunctionCall2(make_scrambled_full_password_sha2, diff --git a/contrib/dolphin/plugin_protocol/server_startup.cpp b/contrib/dolphin/plugin_protocol/server_startup.cpp index 403b3bd971125641083f55f73c9f491c4a4264b5..89bf7112ab4bf6ac3dd084524d66d5946089a148 100644 --- a/contrib/dolphin/plugin_protocol/server_startup.cpp +++ b/contrib/dolphin/plugin_protocol/server_startup.cpp @@ -476,7 +476,7 @@ UserCachedLinesHash* UserCachedLinesHashTableAccess(HASHACTION action, char* use result = (UserCachedLinesHash*)hash_search(b_UserCachedLinesHash, user_name, action, &found); if (action == HASH_ENTER) { Assert(!found); - errno_t rc = strcpy_s(result->fastpasswd, CRYPT_MAX_PASSWORD_SIZE, fastpassword); + errno_t rc = strcpy_s(result->fastpasswd, DOLPHIN_CRYPT_MAX_PASSWORD_SIZE, fastpassword); securec_check(rc, "\0", "\0"); return result; } else if (action == HASH_FIND) { diff --git a/contrib/dolphin/plugin_utils/adt/varlena.cpp b/contrib/dolphin/plugin_utils/adt/varlena.cpp index 4b0a7802776ad4f22024cc6ad3cf72feab14e14c..a5fe01e8e40fb7b46697a8f7a6c51961bbde2554 100644 --- a/contrib/dolphin/plugin_utils/adt/varlena.cpp +++ b/contrib/dolphin/plugin_utils/adt/varlena.cpp @@ -6324,17 +6324,17 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) uint8 B[SHA256_DIGEST_LENGTH] = { 0 }; uint8 DP[SHA256_DIGEST_LENGTH] = { 0 }; uint8 DS[SHA256_DIGEST_LENGTH] = { 0 }; - char ctbuffer[CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; - uint64_t ctbufflen = CRYPT_MAX_PASSWORD_SIZE; + char ctbuffer[DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + uint64_t ctbufflen = DOLPHIN_CRYPT_MAX_PASSWORD_SIZE; EVP_MD_CTX *ctxA = NULL, *ctxB = NULL, *ctxC = NULL, *ctxDP = NULL, *ctxDS = NULL; - char digest[CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; + char digest[DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1] = { 0 }; StringInfo passwdbuffer = makeStringInfo(); char* plaintext = PG_GETARG_CSTRING(ARG_0); size_t plaintext_len = strlen(plaintext); char* salt = PG_GETARG_CSTRING(ARG_1); - uint32 rounds = ROUNDS_DEFAULT; + uint32 rounds = DOLPHIN_ROUNDS_DEFAULT; int32 srounds = 0; bool custom_rounds = false; char *p = NULL, *P = NULL, *Pp = NULL, *S = NULL, *Sp = NULL; @@ -6352,7 +6352,7 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) srounds = getrounds(salt); if (srounds != 0) { - rounds = MAX(ROUNDS_MIN, MIN(srounds, ROUNDS_MAX)); + rounds = MAX(DOLPHIN_ROUNDS_MIN, MIN(srounds, DOLPHIN_ROUNDS_MAX)); custom_rounds = true; p = strchr(salt, '$'); if (p != NULL) { @@ -6360,7 +6360,7 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) } } - salt_len = MIN(strcspn(salt, "$"), CRYPT_SALT_LENGTH); + salt_len = MIN(strcspn(salt, "$"), DOLPHIN_CRYPT_SALT_LENGTH); /* 1. */ EVP_DigestInit_ex(ctxA, EVP_sha256(), NULL); @@ -6378,8 +6378,8 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) EVP_DigestFinal_ex(ctxB, B, NULL); /* 9. - 10. */ - for (i = plaintext_len; i > MIXCHARS; i -= MIXCHARS) - EVP_DigestUpdate(ctxA, B, MIXCHARS); + for (i = plaintext_len; i > DOLPHIN_MIXCHARS; i -= DOLPHIN_MIXCHARS) + EVP_DigestUpdate(ctxA, B, DOLPHIN_MIXCHARS); EVP_DigestUpdate(ctxA, B, i); /* 11. */ @@ -6387,7 +6387,7 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) { if ((i & 1) != 0) { - EVP_DigestUpdate(ctxA, B, MIXCHARS); + EVP_DigestUpdate(ctxA, B, DOLPHIN_MIXCHARS); } else { @@ -6405,11 +6405,11 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) /* 16. */ Pp = P = (char *)palloc(plaintext_len); - for (i = plaintext_len; i >= MIXCHARS; i -= MIXCHARS) + for (i = plaintext_len; i >= DOLPHIN_MIXCHARS; i -= DOLPHIN_MIXCHARS) { - rc = memcpy_s(Pp, MIXCHARS, DP, MIXCHARS); + rc = memcpy_s(Pp, DOLPHIN_MIXCHARS, DP, DOLPHIN_MIXCHARS); securec_check(rc, "\0", "\0"); - Pp += MIXCHARS; + Pp += DOLPHIN_MIXCHARS; } rc = memcpy_s(Pp, i, DP, i); securec_check(rc, "\0", "\0"); @@ -6422,11 +6422,11 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) /* 20. */ Sp = S = (char *)palloc(salt_len); - for (i = salt_len; i >= MIXCHARS; i -= MIXCHARS) + for (i = salt_len; i >= DOLPHIN_MIXCHARS; i -= DOLPHIN_MIXCHARS) { - rc = memcpy_s(Sp, MIXCHARS, DS, MIXCHARS); + rc = memcpy_s(Sp, DOLPHIN_MIXCHARS, DS, DOLPHIN_MIXCHARS); securec_check(rc, "\0", "\0"); - Sp += MIXCHARS; + Sp += DOLPHIN_MIXCHARS; } rc = memcpy_s(Sp, i, DS, i); securec_check(rc, "\0", "\0"); @@ -6443,9 +6443,9 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) else { if (i == 0) - EVP_DigestUpdate(ctxC, A, MIXCHARS); + EVP_DigestUpdate(ctxC, A, DOLPHIN_MIXCHARS); else - EVP_DigestUpdate(ctxC, DP, MIXCHARS); + EVP_DigestUpdate(ctxC, DP, DOLPHIN_MIXCHARS); } if (i % 3 != 0) @@ -6461,9 +6461,9 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) if ((i & 1) != 0) { if (i == 0) - EVP_DigestUpdate(ctxC, A, MIXCHARS); + EVP_DigestUpdate(ctxC, A, DOLPHIN_MIXCHARS); else - EVP_DigestUpdate(ctxC, DP, MIXCHARS); + EVP_DigestUpdate(ctxC, DP, DOLPHIN_MIXCHARS); } else { @@ -6521,7 +6521,7 @@ Datum make_scrambled_full_password_sha2(PG_FUNCTION_ARGS) EVP_MD_CTX_destroy(ctxDS); ctxDS = NULL; - rc = strcpy_s(digest, CRYPT_MAX_PASSWORD_SIZE + 1, ctbuffer + (CRYPT_MAGIC_LENGTH + CRYPT_SALT_LENGTH + 1)); + rc = strcpy_s(digest, DOLPHIN_CRYPT_MAX_PASSWORD_SIZE + 1, ctbuffer + (DOLPHIN_CRYPT_MAGIC_LENGTH + DOLPHIN_CRYPT_SALT_LENGTH + 1)); securec_check(rc, "\0", "\0"); appendBinaryStringInfo(passwdbuffer, "$A$005$", strlen("$A$005$")); appendBinaryStringInfo(passwdbuffer, salt, strlen(salt)); diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/cacert.pem b/contrib/dolphin/proto_jdbc/mysql_sslcert/cacert.pem new file mode 100644 index 0000000000000000000000000000000000000000..58477e2850552b026fe101fc5129d93ceea72d0a --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/cacert.pem @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=root + Validity + Not Before: Aug 12 10:26:37 2024 GMT + Not After : Jul 19 10:26:37 2124 GMT + Subject: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=root + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:d5:34:74:d2:19:c3:32:5e:29:69:0e:20:26: + fa:61:61:8c:95:3a:a4:10:65:92:bc:af:9d:1d:8f: + 1c:98:fd:17:ba:20:bb:e1:47:ac:b1:a0:3d:67:de: + 3a:3f:d2:46:60:76:b3:fc:cf:0f:9e:27:92:c4:a8: + 77:1c:1d:2c:db:e5:9b:f4:cb:a6:a9:1f:a3:2a:59: + f5:94:53:72:28:7e:9a:0c:2b:01:f2:5c:d1:fc:88: + ef:02:c8:c9:92:96:87:76:10:da:1d:54:ce:5d:b1: + 16:88:15:db:24:0b:74:ee:e3:ec:f0:f1:84:5c:05: + b4:12:6e:6a:26:49:3e:c3:12:68:82:39:cb:8c:1b: + e4:26:9b:b4:79:1e:ef:b2:1d:be:a9:98:e6:d1:bf: + bd:b0:94:38:6f:27:58:9c:7c:43:7a:3d:f5:41:00: + 04:78:0f:fc:3e:f4:79:26:c4:6a:1c:ac:cc:60:45: + d7:8c:65:5b:08:41:0c:36:71:8f:c7:e3:26:89:d2: + 46:a0:18:e0:6c:25:c4:ac:c6:3e:ce:a3:6b:33:b1: + 1a:a4:e5:5c:60:03:51:c3:e3:1d:6a:26:01:d0:86: + dc:a6:f9:35:85:4d:e7:ad:25:08:cb:0b:a4:15:f5: + 45:0e:16:bc:73:aa:e0:0b:24:fe:57:63:fc:ec:b7: + e4:bf + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + 2D:12:8D:24:AD:F3:CA:2C:F3:AB:0D:10:34:84:55:75:35:A5:D1:AE + X509v3 Authority Key Identifier: + keyid:2D:12:8D:24:AD:F3:CA:2C:F3:AB:0D:10:34:84:55:75:35:A5:D1:AE + + Signature Algorithm: sha256WithRSAEncryption + bd:0c:0e:a9:fd:61:c1:e9:8f:e5:22:c2:c5:43:28:66:fb:7b: + 4c:ca:d6:c6:9c:2d:a2:de:e5:c4:c9:41:ba:2f:73:ff:9a:66: + 34:25:9a:a3:a7:ba:5b:48:8e:4a:aa:39:bd:3c:28:77:0d:2c: + 75:c4:cb:18:02:95:6a:39:67:69:e2:e5:8b:17:29:5d:5a:06: + ba:c8:7c:20:ca:d6:60:24:c0:81:97:ee:5e:40:33:8c:98:1c: + d3:34:c2:7c:81:4b:43:af:58:03:53:58:86:32:af:04:e0:08: + 9f:1d:0c:ca:50:a9:c3:1c:e9:d1:53:d1:7f:51:4f:ab:9d:12: + 73:ec:d0:8f:e9:c8:ff:f1:27:07:f1:3f:34:d5:ea:df:d1:57: + b0:5c:bc:26:77:1b:9e:e3:59:2b:85:4f:53:26:64:89:a7:7c: + e9:84:e2:76:69:c6:95:82:21:63:25:57:e7:39:1a:76:15:40: + e7:e9:c4:5a:d7:4f:55:51:37:c2:a0:2d:45:b5:4b:fd:a0:78: + e8:3e:b7:b3:42:eb:83:20:36:1c:96:0e:b4:43:2e:21:d8:c4: + c9:f9:7c:ae:65:56:dd:82:e7:f7:9c:14:54:5b:89:ee:39:0b: + 8e:5f:a6:97:28:b6:64:77:df:e9:9a:fb:0e:d5:cf:f0:e2:20: + 53:73:63:b5 +-----BEGIN CERTIFICATE----- +MIIDmTCCAoGgAwIBAgIBATANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJDTjEQ +MA4GA1UECAwHQmVpamluZzEPMA0GA1UECgwGaHVhd2VpMQ4wDAYDVQQLDAVnYXVz +czENMAsGA1UEAwwEcm9vdDAgFw0yNDA4MTIxMDI2MzdaGA8yMTI0MDcxOTEwMjYz +N1owTzELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaWppbmcxDzANBgNVBAoMBmh1 +YXdlaTEOMAwGA1UECwwFZ2F1c3MxDTALBgNVBAMMBHJvb3QwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDJ1TR00hnDMl4paQ4gJvphYYyVOqQQZZK8r50d +jxyY/Re6ILvhR6yxoD1n3jo/0kZgdrP8zw+eJ5LEqHccHSzb5Zv0y6apH6MqWfWU +U3IofpoMKwHyXNH8iO8CyMmSlod2ENodVM5dsRaIFdskC3Tu4+zw8YRcBbQSbmom +ST7DEmiCOcuMG+Qmm7R5Hu+yHb6pmObRv72wlDhvJ1icfEN6PfVBAAR4D/w+9Hkm +xGocrMxgRdeMZVsIQQw2cY/H4yaJ0kagGOBsJcSsxj7Oo2szsRqk5VxgA1HD4x1q +JgHQhtym+TWFTeetJQjLC6QV9UUOFrxzquALJP5XY/zst+S/AgMBAAGjfjB8MAwG +A1UdEwQFMAMBAf8wLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl +cnRpZmljYXRlMB0GA1UdDgQWBBQtEo0krfPKLPOrDRA0hFV1NaXRrjAfBgNVHSME +GDAWgBQtEo0krfPKLPOrDRA0hFV1NaXRrjANBgkqhkiG9w0BAQsFAAOCAQEAvQwO +qf1hwemP5SLCxUMoZvt7TMrWxpwtot7lxMlBui9z/5pmNCWao6e6W0iOSqo5vTwo +dw0sdcTLGAKVajlnaeLlixcpXVoGush8IMrWYCTAgZfuXkAzjJgc0zTCfIFLQ69Y +A1NYhjKvBOAInx0MylCpwxzp0VPRf1FPq50Sc+zQj+nI//EnB/E/NNXq39FXsFy8 +JncbnuNZK4VPUyZkiad86YTidmnGlYIhYyVX5zkadhVA5+nEWtdPVVE3wqAtRbVL +/aB46D63s0LrgyA2HJYOtEMuIdjEyfl8rmVW3YLn95wUVFuJ7jkLjl+mlyi2ZHff +6Zr7DtXP8OIgU3NjtQ== +-----END CERTIFICATE----- diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/client.crt b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.crt new file mode 100644 index 0000000000000000000000000000000000000000..f31dd5887d63dcecc0ae2625cbddcb70f0cfc8fe --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 3 (0x3) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=root + Validity + Not Before: Aug 12 10:26:37 2024 GMT + Not After : Jul 19 10:26:37 2124 GMT + Subject: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=client + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c4:6c:8e:1b:fa:0a:3e:9c:aa:74:34:8f:ea:ba: + 35:18:f5:41:4d:75:9f:ad:7f:64:56:cc:61:e6:c3: + 06:08:cf:54:02:8e:dc:25:e2:18:80:40:53:31:a8: + f5:27:11:8e:49:ae:d7:9e:1f:3d:2e:98:dc:7b:4d: + 84:9f:43:34:79:8c:14:9d:be:33:d1:df:9a:31:f8: + e7:c7:a6:3b:0c:ba:dd:92:e4:6b:ac:da:c2:4f:c6: + b5:ff:70:f7:64:4b:de:07:6d:c1:c7:02:67:86:d7: + bc:25:80:d9:fa:61:b9:a9:e4:17:3b:39:30:b4:71: + 7c:0d:c9:96:67:1f:db:df:4d:da:54:10:2e:11:9e: + 2e:1a:d3:ac:df:6c:ca:af:74:82:3c:e3:ae:14:f8: + f6:71:7f:a7:aa:1c:50:e2:51:ca:bb:c5:22:25:78: + 19:77:48:5b:5b:3b:82:eb:20:9d:21:12:07:6e:9b: + 27:82:a5:4b:37:a6:73:0a:89:2c:8b:83:81:64:b3: + a7:bb:10:2f:f7:48:14:dc:57:c5:2e:b7:1f:63:cd: + b0:48:34:7a:b8:93:0a:28:7b:c8:fd:6f:7d:fb:df: + 89:de:04:2c:4d:5a:7c:b0:90:4e:49:3b:40:22:33: + 4f:cf:60:73:c6:df:31:cc:a9:82:19:d1:a1:5c:8c: + 27:99 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + 81:BC:3D:49:C1:2F:39:19:E0:AB:1A:CD:61:12:B4:F6:67:A9:27:2A + X509v3 Authority Key Identifier: + keyid:2D:12:8D:24:AD:F3:CA:2C:F3:AB:0D:10:34:84:55:75:35:A5:D1:AE + + Signature Algorithm: sha256WithRSAEncryption + 75:5e:b1:79:70:41:bd:e6:02:97:0f:0c:c0:75:4a:4e:f1:43: + 3f:95:3d:48:bc:e7:d3:67:16:cd:59:7b:65:fe:c7:07:76:a5: + 05:30:33:a0:30:4a:ae:b9:f9:f6:c7:8c:66:d9:bb:3f:41:11: + e3:88:3f:58:08:0d:96:b1:2f:97:55:b8:61:7e:5e:56:a0:a5: + f1:fb:2a:8e:06:35:f9:72:32:9e:a7:4a:68:2f:60:82:37:f5: + d1:af:e3:eb:50:4d:7d:b0:5c:ac:57:7c:e9:e9:4e:01:c8:84: + ad:04:76:f7:46:f3:5a:73:eb:d6:21:95:a4:54:e7:42:c0:8b: + b9:3f:a6:9d:9d:ed:b5:1a:91:ba:48:88:25:eb:f4:e1:07:7b: + 20:ea:08:7a:cf:9f:19:26:a3:95:15:01:61:f6:db:1a:f6:ab: + 38:70:22:30:79:5d:13:05:61:8c:14:db:32:75:7e:a0:dc:ca: + 70:1c:78:ff:2c:e1:7f:7b:c5:cc:51:2c:c7:e9:e4:ed:ab:d3: + 34:32:3e:cd:dc:b5:60:f2:3d:1b:4f:cf:8f:7a:8e:a3:13:87: + a4:47:fa:ff:7c:cf:cc:10:b8:a2:c4:2f:0f:0b:c9:f0:ca:dc: + 2c:e8:09:ea:e1:3f:8b:6f:99:3d:cd:b1:e6:b6:ac:c5:ec:ff: + e0:0a:fe:6d +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJDTjEQ +MA4GA1UECAwHQmVpamluZzEPMA0GA1UECgwGaHVhd2VpMQ4wDAYDVQQLDAVnYXVz +czENMAsGA1UEAwwEcm9vdDAgFw0yNDA4MTIxMDI2MzdaGA8yMTI0MDcxOTEwMjYz +N1owUTELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaWppbmcxDzANBgNVBAoMBmh1 +YXdlaTEOMAwGA1UECwwFZ2F1c3MxDzANBgNVBAMMBmNsaWVudDCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMRsjhv6Cj6cqnQ0j+q6NRj1QU11n61/ZFbM +YebDBgjPVAKO3CXiGIBAUzGo9ScRjkmu154fPS6Y3HtNhJ9DNHmMFJ2+M9HfmjH4 +58emOwy63ZLka6zawk/Gtf9w92RL3gdtwccCZ4bXvCWA2fphuankFzs5MLRxfA3J +lmcf299N2lQQLhGeLhrTrN9syq90gjzjrhT49nF/p6ocUOJRyrvFIiV4GXdIW1s7 +gusgnSESB26bJ4KlSzemcwqJLIuDgWSzp7sQL/dIFNxXxS63H2PNsEg0eriTCih7 +yP1vffvfid4ELE1afLCQTkk7QCIzT89gc8bfMcypghnRoVyMJ5kCAwEAAaN7MHkw +CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy +dGlmaWNhdGUwHQYDVR0OBBYEFIG8PUnBLzkZ4KsazWEStPZnqScqMB8GA1UdIwQY +MBaAFC0SjSSt88os86sNEDSEVXU1pdGuMA0GCSqGSIb3DQEBCwUAA4IBAQB1XrF5 +cEG95gKXDwzAdUpO8UM/lT1IvOfTZxbNWXtl/scHdqUFMDOgMEquufn2x4xm2bs/ +QRHjiD9YCA2WsS+XVbhhfl5WoKXx+yqOBjX5cjKep0poL2CCN/XRr+PrUE19sFys +V3zp6U4ByIStBHb3RvNac+vWIZWkVOdCwIu5P6adne21GpG6SIgl6/ThB3sg6gh6 +z58ZJqOVFQFh9tsa9qs4cCIweV0TBWGMFNsydX6g3MpwHHj/LOF/e8XMUSzH6eTt +q9M0Mj7N3LVg8j0bT8+Peo6jE4ekR/r/fM/MELiixC8PC8nwytws6Anq4T+Lb5k9 +zbHmtqzF7P/gCv5t +-----END CERTIFICATE----- diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key new file mode 100644 index 0000000000000000000000000000000000000000..81564b6534688346b9926c1a8ae07c05eb403cf2 --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2FF626FAF26A138F557B4EAD1713045 + +z9eL4bN3tUsLhTH3pE8y56YUrPg2CbF+P4MrxGeptbsD/jVHpONsJ5eoZqQJ7PuM +otjK4PR/+GL43hBj6oI8XEtmNFrunf0EVkBTsp/zBYB+dsYj0B86eufry2/AlS/R +1KmWgkE/0nfRlK+0LZy3yegoHzK0nOoSZAE9nPa9n/2+Dqd23cIoUTTUjXEo5VoA +X4nJZaAi9Wm0xC2lXMGH3Vpu/Fr6Hg/foY8GyMDgUVTo9AQI06KLJzTKYChqnwGP +VWq020HIIGxglqo44pLOPxm+RlLCRtNIeE3pCa1dfL72jDficF2NQ++YVX88LHNK +ntiR9ZNuMdjR9RY6ZKIk1ZWxRchR4rxbU2GmJLZh0TrxyuAB+IUQzcKnV8IuHr3l +xf7bY9dOLNMXJ4WF8kFOzgtttq5Sk1x1xVffEfzxN484TxjViMzW5A7eZPCjb+W2 +sgfqRrZ2aN1Qv2Qv6/4VVakT/W5x4MVPQc6naMU+WwqEuQtUJg83jQYEGoqFpTDs +5IDeyEmAdhKQBNUDeBCtP/wJx96r73yvYwGf9okYpfM6QVWSgzuHZi6165ji5xhl +Vbw7g0XDNJSUnxvr2CvxwEhHUuhXzQUbCc0pDsACQG3Rtp8zotGIrG7C8a9sVXcb +BrMxXqgrLZNy88Wg7Uhza9bfAEp3YbWtMYTDhAo+S8axZUgOoO2QefHDd+3kWnGj +XnjnzOdgpVy4UEV6BnBeAN1MBclvdCYHp+IGHXyynq3FS99Am61WsLDeJQJwdF3K +8nMw1UJOrM26CsIsbb6iHRZzp+950Gert97GGf/2qlaSVvdoCYkxD1q6d+LtWZTF +0kJTvoLGq/5jwvUYvIjhaMGfc10X6JDIsrlGp0QR6fZDZdobyFDGv0Qy4oAw9ckR +btVj+4BwEa7rR4fFPGiK3UpxyTygboVAqiSJtTk3xseEoy05eDao3vVn4wTsQe7V +WJ+3zqASqeb2IcuzoKuEblL6TOx69fhD7ygOIMGyTtbXzGRavQJDs6o2HzoFBz9M +OvhTiU0qass49hUZ0fYj2tqomIBB+4sRoR+2BMOmlyW1gIaspBStQNgd+Nwu4MXT +bi9+4/95a3CvYRqwJM3hks1fnc68tLq0lWOu2Yhf1rycVxkuQWFP7QPfCflILns0 +jH6Xd4EJfOouanAQtxxsVsbQheQb6yC/sSTOnb2jlK/RS1QxPK77kOmJ3m+RSF0f +Dgmx7ks5BaXqfm36APdRfsGRpovNrFAp5HtDJ/yALen9BCydPVCikuwrKmtYQ9C8 +r0JnfPNQ45bxuDgWb4Hq6mtmVto/Eg9mjhDqETRVxPROrZNGfWFFlun3Mpmn3pHs +3PBQkJWy4sCIO0l7Myd/UvOoe+RdysBYeFmAZwi+W1yBMHxdWcGOvynR0yYJz/pQ +6AY3aHyMZ6XTlJmrnGiCAm8PY+Iqdg6xpGFitX9Lu+N6CgsCONKsecLMFVHr/DOI +FodIcB8wm2zEn1s876zkQJJ94TDJlWPkQ/X7RCOAizztARRZkwq/cA4RPAq+zoj4 +c93tg1VHbCm6mp+C2BWcN9rb49yy+Z3dPbe8SM/orxI1KsFrD6CB5m86KnkEapHh +-----END RSA PRIVATE KEY----- diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.cipher b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.cipher new file mode 100644 index 0000000000000000000000000000000000000000..2dbfd5b7c5afc1d45f62580fc252d06bb01a31f3 --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.cipher @@ -0,0 +1 @@ +1Nrj$%:%T}?4eu!3ʠB~Yꨥ \ No newline at end of file diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.pk8 b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.pk8 new file mode 100644 index 0000000000000000000000000000000000000000..44f599733653ba6f8449506300eaba24f9a010da Binary files /dev/null and b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.pk8 differ diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.rand b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.rand new file mode 100644 index 0000000000000000000000000000000000000000..4cf6f5498380a9e0f85fe9cb2d9c45de4cabd1ae Binary files /dev/null and b/contrib/dolphin/proto_jdbc/mysql_sslcert/client.key.rand differ diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/server.crt b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.crt new file mode 100644 index 0000000000000000000000000000000000000000..8b39aeaa67a6bc3a00074981fa4f3c1db345edcb --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 2 (0x2) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=root + Validity + Not Before: Aug 12 10:26:37 2024 GMT + Not After : Jul 19 10:26:37 2124 GMT + Subject: C=CN, ST=Beijing, O=huawei, OU=gauss, CN=server + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b7:68:bb:77:bf:0a:0b:1f:7a:ac:b7:40:45:12: + 03:d5:ba:5c:41:0b:81:76:26:f2:67:75:52:cd:74: + 0c:d6:18:09:bd:25:2b:48:1b:37:8d:b0:78:7f:21: + 0c:59:3c:94:f8:de:03:db:c6:e4:7c:ca:d5:c9:2f: + 8a:53:f4:08:cd:cb:ca:96:2b:e6:e1:e2:3f:2f:86: + 49:45:11:3e:b5:b6:a2:23:6c:68:1e:fe:11:6c:8b: + 89:13:d3:74:4e:51:63:31:2f:2e:c4:d2:ec:12:12: + b9:28:50:bc:72:70:6b:52:85:5b:33:b6:db:98:c9: + 32:36:e8:40:74:20:0e:d3:f2:1c:89:ee:50:e5:9a: + e3:5f:d0:3d:72:73:ce:4a:dd:2c:7f:70:f5:86:f7: + a1:31:9f:09:02:58:1b:ad:6a:dc:b0:88:eb:98:1b: + d5:02:74:f3:35:59:95:d6:f4:e2:5d:54:17:f6:e2: + 6b:fe:0a:2c:d2:43:fc:40:d7:1b:11:91:4f:96:92: + bf:77:81:03:52:8f:bd:c2:5f:00:bb:1c:41:12:9c: + 2a:7d:86:cd:c7:10:29:bd:b2:da:60:04:82:3a:3c: + 84:fc:db:64:2f:d7:a7:e0:54:ad:65:24:71:a7:ef: + 0b:b6:c5:3c:b4:ae:e5:3d:af:20:2e:08:ef:c6:ce: + b3:65 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + 1A:FF:59:CD:53:B0:26:E9:F6:18:E7:73:E1:54:3F:04:6D:B2:4A:72 + X509v3 Authority Key Identifier: + keyid:2D:12:8D:24:AD:F3:CA:2C:F3:AB:0D:10:34:84:55:75:35:A5:D1:AE + + Signature Algorithm: sha256WithRSAEncryption + 7f:31:03:83:0d:72:77:b2:e4:68:6e:58:b4:cd:3d:24:1d:e3: + 7b:0e:0e:9f:ab:f9:c0:d9:33:f8:61:c8:da:71:9b:f3:1c:65: + 0c:2d:c0:74:e1:68:6e:3b:e9:1a:1b:1d:9a:10:52:ca:cd:24: + 71:3c:a4:aa:d8:b9:6e:74:96:ab:3d:6d:ab:b5:19:52:4b:50: + 25:7b:0d:33:94:1d:48:5d:bb:c1:80:19:fd:19:d2:23:11:f4: + a7:27:b2:b0:08:63:3d:17:b2:7b:f6:9a:0c:39:94:23:4f:83: + 5c:cb:6a:ba:05:ed:89:c9:fc:9c:02:bc:58:31:d4:e5:89:cd: + e0:df:88:53:53:86:52:42:2a:e2:cd:f9:ad:c5:36:08:f2:04: + 89:f6:0f:51:a2:07:dd:e7:fc:6c:56:a3:94:38:45:f4:b2:b2: + 62:4f:24:2f:f4:93:42:cd:8b:56:c2:8e:86:c0:5d:5c:2e:cd: + 4b:0a:40:33:2c:14:e9:bf:73:c0:01:07:94:56:f9:ae:fa:e5: + 0d:26:bf:85:c7:98:fa:72:5d:4b:b3:ca:cc:85:c7:ec:e4:64: + 2a:70:2f:30:e2:43:1d:f5:24:15:d3:61:35:45:35:5b:4f:1d: + d0:fb:63:15:86:7b:11:88:33:4e:63:3b:ba:9b:04:51:3a:93: + 9d:c8:02:dc +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJDTjEQ +MA4GA1UECAwHQmVpamluZzEPMA0GA1UECgwGaHVhd2VpMQ4wDAYDVQQLDAVnYXVz +czENMAsGA1UEAwwEcm9vdDAgFw0yNDA4MTIxMDI2MzdaGA8yMTI0MDcxOTEwMjYz +N1owUTELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaWppbmcxDzANBgNVBAoMBmh1 +YXdlaTEOMAwGA1UECwwFZ2F1c3MxDzANBgNVBAMMBnNlcnZlcjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBALdou3e/Cgsfeqy3QEUSA9W6XEELgXYm8md1 +Us10DNYYCb0lK0gbN42weH8hDFk8lPjeA9vG5HzK1ckvilP0CM3LypYr5uHiPy+G +SUURPrW2oiNsaB7+EWyLiRPTdE5RYzEvLsTS7BISuShQvHJwa1KFWzO225jJMjbo +QHQgDtPyHInuUOWa41/QPXJzzkrdLH9w9Yb3oTGfCQJYG61q3LCI65gb1QJ08zVZ +ldb04l1UF/bia/4KLNJD/EDXGxGRT5aSv3eBA1KPvcJfALscQRKcKn2GzccQKb2y +2mAEgjo8hPzbZC/Xp+BUrWUkcafvC7bFPLSu5T2vIC4I78bOs2UCAwEAAaN7MHkw +CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy +dGlmaWNhdGUwHQYDVR0OBBYEFBr/Wc1TsCbp9hjnc+FUPwRtskpyMB8GA1UdIwQY +MBaAFC0SjSSt88os86sNEDSEVXU1pdGuMA0GCSqGSIb3DQEBCwUAA4IBAQB/MQOD +DXJ3suRobli0zT0kHeN7Dg6fq/nA2TP4YcjacZvzHGUMLcB04WhuO+kaGx2aEFLK +zSRxPKSq2LludJarPW2rtRlSS1Alew0zlB1IXbvBgBn9GdIjEfSnJ7KwCGM9F7J7 +9poMOZQjT4Ncy2q6Be2JyfycArxYMdTlic3g34hTU4ZSQirizfmtxTYI8gSJ9g9R +ogfd5/xsVqOUOEX0srJiTyQv9JNCzYtWwo6GwF1cLs1LCkAzLBTpv3PAAQeUVvmu ++uUNJr+Fx5j6cl1Ls8rMhcfs5GQqcC8w4kMd9SQV02E1RTVbTx3Q+2MVhnsRiDNO +Yzu6mwRROpOdyALc +-----END CERTIFICATE----- diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key new file mode 100644 index 0000000000000000000000000000000000000000..94f2234a6f5419c432c4957a9b997a724f0cfa09 --- /dev/null +++ b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,E337C25077B90AD764A3DCED4755FE8A + +/hLpAecDa5naKKGDVKfRA9krDrBpiYbXwcZgQaOXPevhjQqt52o/IdQM7w+XAN4i +vOXBy/scpT9FpaAM/yUQ7CeQjfqrZgH8ZFmecEcjMmeobDOsbOemsTIWJu+numFW +7YA8Iw3SJ95cnfICV4CriDKVB5GjjHil4NwDgyEpdtFkjU+xv9nuv9MieuB8If6U +S2TOgH5nJ40CjhMR+Rwi34YIqnvxTstNyNX40We6UCguDAq5xC+UjB1Cck9oa/Nt +Y+ng/juWE9Yw5AQ8ljlLpsJyPnrNXjE7Kier+iyciA6zpFZz/rDdnef3sky/kYnz +xUV8AbhD6UFsVbvdTNlHvYmMIwUSIn4lR2aTxdg95u9xVp/ta7WYPtQRq1CrvOLs +pLoBlVO/PhpQUXdQy4Glu3lI9xzeKAH/Lc6IMegmxV/UQyI+VYwkwwYjmnjQ8sq5 +WJHz61VgMMJZ5ObSlUkgMAAWYpxKICFsvseycrJkIv1M9B0FrL0M8/U7BgpT0cUd +MsxtPpiFAkkPpCEdhisw6+clKx68kN95a73IrePrhegy+M9tgM9AWnWHTRGBnAk5 +fxOwNi4GvybgfhlSCWMpjnbk+upSDyFapBl5CWBxa4y+0dECbIqJz+K9vCsPmEVg +jebO/weA8hnbVlasTp4d+L2EQLdjISJJNljh9P4NHlRb70PaVWfBP717FFjlh66l +8m3z5wOn6/Bwg6T+Lsm6ddl5lqYApwhe5FrTEjV/BzjeVI0uoP2GqD+nbqte6z83 +c7sVKYrjnxh+vWvksj7lrOssmA9dczvazbrMPvUDG12tVrIfK3JR82ACTQvZp5kW +88LoHvHduWNNeYi/8Q6K0wBdRYyttBNWXwB8NV6bxkrTzZIeLHVHHiYpj22UF3Oj +t8D/y2r6mcY+Z6w6QenPqTLVUXkSeB12xMNmtp+Nd2hp8//pNa08zb4NSkF1yYRr +7j6VomoedYmDaKb5FuFfNIuIdAY3NWcjYnipV6XyikgDegDAI0L4MJU1sbwQlnOj +XT8/vEVK5tSPTnKVw/mNvLQ5ZMcz5Weoj3zlA6F1jXAMqXfo8mqDn3ElgtRv9zKC +lX0URaj5H/Oh4Y4+s9ax5LXwvWb9ubCBoRalTE+cqKDfiMhuLCgxBrN6wc+TKSGM +lso9ZI+kRT2kf2zy4mFZ5EZW3onuh3tUTxsgOn/obsVXPH9pzc78LhNQqJp6G6Nu +pwrUe2S7GaUcd0pJ8vLLJPOAiZrcqQEpaRIWgfD/705p1vNEGBKmanCZDs3Ec1pJ +ch2tfD1ge0DOiO8ZTVcbAXkjJcCumQylTO083myJi0aqrYUEwfLQx6HjSOb8mGq0 +XMPkJlIDdAcRATyt4RVmzAi10y20g+y/Y4ON5AkvKKlUcko2RPC13Pb9+OaKbS8L +V7/g9MurgMvqbDeBWMgmd3ANonI6zm6CEz1I/VD3aAbsgu4+edeoKIwUrySwcYLX +VqxmFrg8JwHKXwCWlW/vfP3V6AdYIT/HlqgUGLXKxQdjn7dvFstn2wOfhIGXSUtQ +TVVXxFgppFKhBTxjm+u9IiMuD0KW7r9MVw17mGBxJYUU1ATHb+Fp/eD3hGw8N6aQ +-----END RSA PRIVATE KEY----- diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.cipher b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.cipher new file mode 100644 index 0000000000000000000000000000000000000000..616bf8c7aa61941ddea61298ece359bfbe8595d0 Binary files /dev/null and b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.cipher differ diff --git a/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.rand b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.rand new file mode 100644 index 0000000000000000000000000000000000000000..0ca0ab04d6ef27800d03e7c9171a37cfe1d5280c Binary files /dev/null and b/contrib/dolphin/proto_jdbc/mysql_sslcert/server.key.rand differ