caching_sha2_password authentication plugin
Caching SHA256 first send a SHA256 encrypted password. MySQL server has an in-memory cache of SHA256 key for successful authentication. When a cache hit occur, the connection is validated, if not, using some more steps to a process similar to sha256_password.
Caching SHA256 authentication possible exchanges:
- client send a SHA-2 encrypted password
- server result in either OK_Packet , ERR_Packet or "fast" authentication result
- if fast authentication result
SHA-2 encrypted password
Encryption is XOR(SHA256(password), SHA256(seed, SHA256(SHA256(password))))
"fast" authentication result
result of fast authentication.
0x03 value means success authentication. 0x04 value means continue
Client clear password answer
Public key request
Value send is not 0x01 like sha256_password use, but 0x02
Public key response
RSA encrypted password
RSA encrypted value of XOR(password, seed) using server public key (RSA_PKCS1_OAEP_PADDING).