Implement MySQL authentication handshake, challenge, and response protocol

[Copilot]

This PR implements a complete MySQL authentication system following the MySQL protocol specification. The implementation provides the foundation for building MySQL-compatible servers using SuperSocket.

Overview

Adds MySQL protocol authentication with the standard handshake flow:

1. Server Hello: Initial handshake packet with protocol version, server version, connection ID, and 20-byte authentication challenge
2. Client Authentication: Handshake response with username, scrambled password, and connection parameters
3. Server Response: OK packet (success) or ERR packet (failure) based on credential validation

Key Components

Core Authentication Classes

• MySQLHandshakePacket: Generates protocol-compliant initial handshake packets with random salt generation
• MySQLHandshakeResponsePacket: Parses client authentication responses from binary data
• MySQLAuthenticationHandler: Coordinates authentication flow with MySQL native password scrambling (SHA1-based)
• MySQLSession: SuperSocket session that automatically handles authentication on connection
• MySQLHandshakeResponseFilter: Integrates with SuperSocket's PackagePartsPipelineFilter system

Protocol Implementation

// Example usage
var authHandler = new MySQLAuthenticationHandler();
var handshake = authHandler.CreateHandshake();
var handshakeBytes = handshake.ToBytes();

// Client responds with credentials
var response = MySQLHandshakeResponsePacket.ParseFromBytes(clientData, 0, clientData.Length);
var salt = handshake.GetFullSalt();
bool isValid = authHandler.ValidateCredentials(response, salt);

if (isValid)
    await session.SendAsync(authHandler.CreateOkPacket());
else
    await session.SendAsync(authHandler.CreateErrorPacket(1045, "Access denied"));

SuperSocket Integration

The implementation seamlessly integrates with SuperSocket:

var host = SuperSocketHostBuilder
    .Create<MySQLHandshakeResponsePacket, MySQLHandshakeResponseFilter>()
    .UseSession<MySQLSession>()
    .Build();

Security Features

• Cryptographically secure salt generation using RandomNumberGenerator
• MySQL native password scrambling: SHA1(password) XOR SHA1(salt + SHA1(SHA1(password)))
• Protocol-compliant packet structures following MySQL 8.0 specification
• Proper error handling with standard MySQL error codes

Testing

Includes comprehensive test suite validating:

• Handshake packet generation and parsing
• Password scrambling algorithm correctness
• OK/ERR packet creation
• End-to-end authentication flow

Documentation

• Complete technical documentation in AUTHENTICATION.md
• Integration examples showing connection with existing QueryResultFilter
• Protocol reference and security considerations
• Usage examples and configuration options

Current Limitations

This is a minimal but complete implementation:

• Hardcoded credentials (username: "test", password: "test") - suitable for development/testing
• No SSL/TLS support (can be added via SuperSocket configuration)
• Authentication only - query processing would use existing QueryResultFilter

Future Integration

The authentication system is designed to work seamlessly with the existing QueryResult and QueryResultFilter classes for full MySQL server functionality:

1. Client connects and authenticates using this implementation
2. After successful authentication, switch to QueryResultFilter for SQL processing
3. Use existing QueryResult classes for response formatting

Testing with MySQL Client

# After running the server
mysql -h 127.0.0.1 -u test -p
# Password: test

This implementation provides the authentication foundation needed for a production-ready MySQL-compatible server built on SuperSocket.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.