Clean up code.

Signed-off-by: Bradley Grainger <[email protected]>

Author: bgrainger

src/MySqlConnector.Authentication.Ed25519/ParsecAuthenticationPlugin.cs

@@ -8,7 +8,7 @@ namespace MySqlConnector.Authentication.Ed25519;
 /// <summary>
 /// Provides an implementation of the Parsec authentication plugin for MariaDB.
 /// </summary>
-public sealed class ParsecAuthenticationPlugin : IAuthenticationPlugin2
+public sealed class ParsecAuthenticationPlugin : IAuthenticationPlugin
 {
 	/// <summary>
 	/// Registers the Parsec authentication plugin with MySqlConnector. You must call this method once before
@@ -30,10 +30,10 @@ public static void Install()
 	/// </summary>
 	public byte[] CreateResponse(string password, ReadOnlySpan<byte> authenticationData)
 	{
-		// First 32 bytes are server scramble
+		// first 32 bytes are server scramble
 		var serverScramble = authenticationData.Slice(0, 32);
 
-		// Generate client scramble
+		// generate client scramble
 #if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER
 		Span<byte> clientScramble = stackalloc byte[32];
 		RandomNumberGenerator.Fill(clientScramble);
@@ -43,7 +43,7 @@ public byte[] CreateResponse(string password, ReadOnlySpan<byte> authenticationD
 		randomNumberGenerator.GetBytes(clientScramble);
 #endif
 
-		// Parse extended salt from remaining auth data
+		// parse extended salt from remaining authentication data and verify format
 		var extendedSalt = authenticationData.Slice(32);
 		if (extendedSalt[0] != (byte) 'P')
 			throw new ArgumentException("Invalid extended salt", nameof(authenticationData));
@@ -53,71 +53,31 @@ public byte[] CreateResponse(string password, ReadOnlySpan<byte> authenticationD
 		var iterationCount = 1024 << extendedSalt[1];
 		var salt = extendedSalt.Slice(2);
 
-		// Derive private key using PBKDF2-SHA512
+		// derive private key using PBKDF2-SHA512
 		byte[] privateKey;
 #if NET6_0_OR_GREATER
 		privateKey = Rfc2898DeriveBytes.Pbkdf2(Encoding.UTF8.GetBytes(password), salt, iterationCount, HashAlgorithmName.SHA512, 32);
 #else
-		using (var pbkdf2 = new Rfc2898DeriveBytes(
-			Encoding.UTF8.GetBytes(password),
-			salt.ToArray(),
-			iterationCount,
-			HashAlgorithmName.SHA512))
-		{
+		using (var pbkdf2 = new Rfc2898DeriveBytes(Encoding.UTF8.GetBytes(password), salt.ToArray(), iterationCount, HashAlgorithmName.SHA512))
 			privateKey = pbkdf2.GetBytes(32);
-		}
 #endif
+		var expandedPrivateKey = Chaos.NaCl.Ed25519.ExpandedPrivateKeyFromSeed(privateKey);
 
-		// Generate Ed25519 keypair and sign concatenated scrambles
-		// var keyPair = Chaos.NaCl.Ed25519.GenerateKeyPair(privateKey);
+		// generate Ed25519 keypair and sign concatenated scrambles
 		var message = new byte[serverScramble.Length + clientScramble.Length];
 		serverScramble.CopyTo(message);
 		clientScramble.CopyTo(message.AsSpan(serverScramble.Length));
 
-		var expandedPrivateKey = Chaos.NaCl.Ed25519.ExpandedPrivateKeyFromSeed(privateKey);
-
 		var signature = Chaos.NaCl.Ed25519.Sign(message, expandedPrivateKey);
 
-		// Return client scramble followed by signature
+		// return client scramble followed by signature
 		var response = new byte[clientScramble.Length + signature.Length];
 		clientScramble.CopyTo(response.AsSpan());
 		signature.CopyTo(response.AsSpan(clientScramble.Length));
 
 		return response;
 	}
 
-	/// <summary>
-	/// Creates the Parsec password hash.
-	/// </summary>
-	public byte[] CreatePasswordHash(string password, ReadOnlySpan<byte> authenticationData)
-	{
-		// Parse extended salt from auth data
-		var extSalt = Encoding.UTF8.GetString(authenticationData.ToArray());
-		var parts = extSalt.Split(':');
-		
-		// Parse iteration count (P0 = 1024, P1 = 2048, etc)
-		var iterationCount = 1024 << (parts[0][1] - '0');
-		var salt = Convert.FromBase64String(parts[1]);
-
-		// Derive private key using PBKDF2-SHA512
-		var privateKey = new byte[32];
-		using (var pbkdf2 = new Rfc2898DeriveBytes(
-			password,
-			salt,
-			iterationCount,
-			HashAlgorithmName.SHA512))
-		{
-			privateKey = pbkdf2.GetBytes(32);
-		}
-
-		// Generate Ed25519 keypair and get public key
-		Chaos.NaCl.Ed25519.KeyPairFromSeed(out var publicKey, out _, privateKey);
-
-		// Format hash string: P<iter>:<salt-b64>:<pubkey-b64>
-		var hashString = $"{parts[0]}:{parts[1]}:{Convert.ToBase64String(publicKey)}";
-		return Encoding.UTF8.GetBytes(hashString);
-	}
-
 	private ParsecAuthenticationPlugin()
 	{
 	}