Jeycob
diff --git a/‎CHANGES‎
Lines changed: 1 addition & 0 deletions b/‎CHANGES‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Source/MySql.Data/Authentication/CachingSha2AuthenticationPlugin.cs‎
Lines changed: 24 additions & 7 deletions b/‎Source/MySql.Data/Authentication/CachingSha2AuthenticationPlugin.cs‎
Lines changed: 24 additions & 7 deletions
@@ -1,4 +1,5 @@
 6.9.12
+- Updated the RSA key encryption padding to RSA_PKCS1_OAEP_PADDING for the caching_sha2_password authentication plugin when connecting to server 8.0.5 (or later) (WL11618).
 - Added support for the caching_sha2_password authentication plugin introduced in server 8.0.3.
  Added support for RSA key encription in the sha256_password authentication plugin (WL11285).
 - Added support for MySQL 8 server features (WL11325).
 
@@ -120,17 +120,34 @@ private byte[] GetRsaPassword(string password, byte[] seedBytes, byte[] rawPubli
  byte[] obfuscated = GetXor(AliasText.Encoding.Default.GetBytes(password), seedBytes);
 
  // Encrypt the password and send it to the server.
+ if (this.ServerVersion >= new Version("8.0.5"))
+ {
 #if NETSTANDARD1_3
- RSA rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
- if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
+  RSA rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
+  if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
 
- // TODO in MySQL 8.0.3 the RSA_PKCS1_PADDING is used in caching_sha2_password full auth stage but in 8.0.4 it should be changed to RSA_PKCS1_OAEP_PADDING, the same as in sha256_password.
- return rsa.Encrypt(obfuscated, RSAEncryptionPadding.Pkcs1);
+ return rsa.Encrypt(obfuscated, RSAEncryptionPadding.OaepSHA1);
 #else
- RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
- if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
- return rsa.Encrypt(obfuscated, false);
+ RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
+ if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
+
+ return rsa.Encrypt(obfuscated, true);
 #endif
+ }
+ else
+ {
+#if NETSTANDARD1_3
+ RSA rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
+ if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
+
+ return rsa.Encrypt(obfuscated, RSAEncryptionPadding.Pkcs1);
+#else
+ RSACryptoServiceProvider rsa = MySqlPemReader.ConvertPemToRSAProvider(rawPublicKey);
+ if (rsa == null) throw new MySqlException(Resources.UnableToReadRSAKey);
+
+ return rsa.Encrypt(obfuscated, false);
+#endif
+ }
  }
 
  public override object GetPassword()
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`6.9.12`
	`2`	`+- Updated the RSA key encryption padding to RSA_PKCS1_OAEP_PADDING for the caching_sha2_password authentication plugin when connecting to server 8.0.5 (or later) (WL11618).`
`2`	`3`	`- Added support for the caching_sha2_password authentication plugin introduced in server 8.0.3.`
`3`	`4`	`Added support for RSA key encription in the sha256_password authentication plugin (WL11285).`
`4`	`5`	`- Added support for MySQL 8 server features (WL11325).`