Fixed bug when connecting to databses using older 11g password verifiers
This commit is contained in:
parent
f7b336dd4b
commit
8377cca488
|
@ -11,6 +11,8 @@ node-oracledb `v6.0.2 <https://github.com/oracle/node-oracledb/compare/v6.0.1...
|
|||
Thin Mode Changes
|
||||
+++++++++++++++++
|
||||
|
||||
#) Fixed bug connecting to databases with older 11g password verifiers.
|
||||
|
||||
#) Fixed bug when the length of a chunk inside a chunked read spans packets.
|
||||
`Issue #1576 <https://github.com/oracle/node-oracledb/issues/1576>`__.
|
||||
|
||||
|
|
|
@ -138,18 +138,30 @@ class EncryptDecrypt {
|
|||
if (newPassword) {
|
||||
newPasswordBytes = Buffer.from(newPassword, 'utf8');
|
||||
}
|
||||
let sessionKeyParta = this._decrypt(passwordHash, encodedServerKey);
|
||||
let sessionKeyPartb = Buffer.alloc(32);
|
||||
crypto.randomFillSync(sessionKeyPartb, 0, 32);
|
||||
let encodedClientKey = this._encrypt(passwordHash, sessionKeyPartb);
|
||||
authObj.sessionKey = encodedClientKey.slice().toString('hex').toUpperCase().slice(0, 64);
|
||||
const sessionKeyParta = this._decrypt(passwordHash, encodedServerKey);
|
||||
const sessionKeyPartb = Buffer.alloc(sessionKeyParta.length);
|
||||
crypto.randomFillSync(sessionKeyPartb);
|
||||
const encodedClientKey = this._encrypt(passwordHash, sessionKeyPartb);
|
||||
|
||||
iterations = Number(sessionData['AUTH_PBKDF2_SDER_COUNT']);
|
||||
let mixingSalt = Buffer.from(sessionData['AUTH_PBKDF2_CSK_SALT'], 'hex');
|
||||
let partABKey = Buffer.concat([sessionKeyPartb.slice(0, keyLen), sessionKeyParta.slice(0, keyLen)]);
|
||||
let partABKeyStr = partABKey.toString('hex').toUpperCase();
|
||||
let partABKeyBuffer = Buffer.from(partABKeyStr, 'utf8');
|
||||
authObj.comboKey = crypto.pbkdf2Sync(partABKeyBuffer, mixingSalt, iterations, keyLen, 'sha512');
|
||||
if (sessionKeyParta.length === 48) {
|
||||
authObj.sessionKey = encodedClientKey.slice().toString('hex').toUpperCase().slice(0, 96);
|
||||
const buf = Buffer.alloc(24);
|
||||
for (let i = 16; i <= 40; i++) {
|
||||
buf[i - 16] = sessionKeyParta[i] ^ sessionKeyPartb[i];
|
||||
}
|
||||
const part1 = crypto.createHash("md5").update(buf.subarray(0, 16)).digest();
|
||||
const part2 = crypto.createHash("md5").update(buf.subarray(16)).digest();
|
||||
authObj.comboKey = Buffer.concat([part1, part2]).slice(0, keyLen);
|
||||
} else {
|
||||
authObj.sessionKey = encodedClientKey.slice().toString('hex').toUpperCase().slice(0, 64);
|
||||
const mixingSalt = Buffer.from(sessionData['AUTH_PBKDF2_CSK_SALT'], 'hex');
|
||||
iterations = Number(sessionData['AUTH_PBKDF2_SDER_COUNT']);
|
||||
const partABKey = Buffer.concat([sessionKeyPartb.slice(0, keyLen), sessionKeyParta.slice(0, keyLen)]);
|
||||
const partABKeyStr = partABKey.toString('hex').toUpperCase();
|
||||
const partABKeyBuffer = Buffer.from(partABKeyStr, 'utf8');
|
||||
authObj.comboKey = crypto.pbkdf2Sync(partABKeyBuffer, mixingSalt,
|
||||
iterations, keyLen, 'sha512');
|
||||
}
|
||||
|
||||
let salt = Buffer.alloc(16);
|
||||
if (!verifier11G) {
|
||||
|
|
Loading…
Reference in New Issue