mysql_replicator 0.1.0

data/lib/mysql_replicator/binlogs/table_map_event_parser.rb

@@ -0,0 +1,155 @@
+# frozen_string_literal: true
+# rbs_inline: enabled
+
+module MysqlReplicator
+  module Binlogs
+    class TableMapEventParser
+      # @rbs!
+      #   type columnData = {
+      #     ordinal_position: Integer,
+      #     data_type: String,
+      #     column_name: String,
+      #     column_type: String,
+      #     enum_values: Array[String] | nil,
+      #     nullable: bool,
+      #     column_default: String | nil,
+      #     numeric_precision: Integer,
+      #     numeric_scale: Integer,
+      #     character_maximum_length: Integer,
+      #     character_set_name: String,
+      #     collation_name: String,
+      #     primary_key: bool
+      #   }
+
+      # @rbs!
+      #   type execution = {
+      #     database: String | nil,
+      #     table: String | nil,
+      #     table_id: Integer,
+      #     columns: Array[columnData],
+      #     flags: Integer
+      #   }
+
+      # @rbs payload: String
+      # @rbs connection: MysqlReplicator::Connection
+      # @rbs return: execution
+      def self.parse(payload, connection)
+        offset = 0
+
+        # Table ID (6 bytes)
+        table_id = to_little_endian(MysqlReplicator::StringUtil.read_array_from_int8(payload[0, 6]))
+        offset += 6
+
+        # Flags (2 bytes)
+        flags = MysqlReplicator::StringUtil.read_uint16(payload[offset, 2])
+        offset += 2
+
+        # Database name length (1 byte) + database name + null terminator
+        db_name_len = MysqlReplicator::StringUtil.read_uint8(payload[offset, 1])
+        offset += 1
+        database_name = MysqlReplicator::StringUtil.read_str(payload[offset, db_name_len])
+        offset += db_name_len + 1 # +1 for null terminator
+
+        # Table name length (1 byte) + table name + null terminator
+        table_name_len = MysqlReplicator::StringUtil.read_uint8(payload[offset, 1])
+        offset += 1
+        table_name = MysqlReplicator::StringUtil.read_str(payload[offset, table_name_len])
+
+        # Get actual column names from table schema
+        columns = get_table_columns(connection, database_name, table_name)
+
+        {
+          database: database_name,
+          table: table_name,
+          table_id: table_id,
+          columns: columns,
+          flags: flags
+        }
+      end
+
+      # @rbs bytes: Array[Integer]
+      # @rbs return: Integer
+      def self.to_little_endian(bytes)
+        result = 0
+        bytes.each_with_index do |byte, i|
+          result |= (byte << (i * 8))
+        end
+        result
+      end
+
+      # @rbs connection: MysqlReplicator::Connection
+      # @rbs database: String
+      # @rbs table: String
+      # @rbs return: Array[columnData]
+      def self.get_table_columns(connection, database, table)
+        # Create a separate connection to query table structure
+        query_connection = connection.dup
+
+        # Query table structure
+        # IMPORTANT: Column data is stored in ascending order of ORDINAL_POSITION
+        query = <<~SQL
+          SELECT
+            ORDINAL_POSITION,
+            DATA_TYPE,
+            COLUMN_NAME,
+            COLUMN_TYPE,
+            IS_NULLABLE,
+            COLUMN_DEFAULT,
+            NUMERIC_PRECISION,
+            NUMERIC_SCALE,
+            CHARACTER_MAXIMUM_LENGTH,
+            CHARACTER_SET_NAME,
+            COLLATION_NAME,
+            COLUMN_KEY
+          FROM INFORMATION_SCHEMA.COLUMNS
+          WHERE TABLE_SCHEMA = '#{database}'
+            AND TABLE_NAME = '#{table}'
+          ORDER BY ORDINAL_POSITION
+        SQL
+        result = query_connection.query(query)
+
+        # Close the separated connection
+        query_connection.close
+
+        if result.nil? || !result[:rows].is_a?(Array)
+          return []
+        end
+
+        result[:rows].map do |row|
+          {
+            ordinal_position: row[:ordinal_position].to_i,
+            data_type: row[:data_type].to_s,
+            column_name: row[:column_name].to_s,
+            column_type: row[:column_type].to_s,
+            enum_values: extract_enum_from_column_type(row[:data_type].to_s, row[:column_type].to_s),
+            nullable: row[:is_nullable] == 'YES',
+            column_default: row[:column_default],
+            numeric_precision: row[:numeric_precision].to_i,
+            numeric_scale: row[:numeric_scale].to_i,
+            character_maximum_length: row[:character_maximum_length].to_i,
+            character_set_name: row[:character_set_name].to_s,
+            collation_name: row[:collation_name].to_s,
+            primary_key: row[:column_key] == 'PRI'
+          }
+        end
+      end
+
+      # @rbs data_type: String
+      # @rbs column_type: String
+      # @rbs return: Array[String] | nil
+      def self.extract_enum_from_column_type(data_type, column_type)
+        return nil unless data_type.downcase == 'enum'
+
+        # Extract values from ENUM('value1','value2','value3')
+        if column_type =~ /enum\((.*)\)/i
+          enum_string = ::Regexp.last_match(1) || ''
+          # Extract value by arround single quote
+          values = enum_string.scan(/'([^']*)'/).flatten
+          return values
+        end
+
+        nil
+      end
+    end
+  end
+end

data/lib/mysql_replicator/binlogs/xid_event_parser.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+# rbs_inline: enabled
+
+require 'stringio'
+
+module MysqlReplicator
+  module Binlogs
+    class XidEventParser
+      # @rbs!
+      #   type execution = { xid: Integer }
+
+      # @rbs payload: String
+      # @rbs return: execution
+      def self.parse(payload)
+        io = StringIO.new(payload)
+        io.set_encoding(Encoding::BINARY)
+
+        # XID (8 bytes)
+        xid = StringIOUtil.read_uint64(io)
+
+        { xid: xid }
+      end
+    end
+  end
+end

data/lib/mysql_replicator/connection.rb

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+# rbs_inline: enabled
+
+require 'socket'
+
+module MysqlReplicator
+  class Connection
+    # @rbs!
+    #   type packet = {
+    #     length: Integer,
+    #     sequence_id: Integer,
+    #     payload: String
+    #   }
+
+    # @rbs @host: String
+    # @rbs @port: Integer
+    # @rbs @user: String
+    # @rbs @password: String
+    # @rbs @database: String
+    # @rbs @sequence_id: Integer
+    # @rbs @connected: bool
+    # @rbs @socket: TCPSocket
+    # @rbs @handshake_info: MysqlReplicator::Connections::Handshake::handshake
+
+    # @rbs! attr_reader host: String
+    # @rbs! attr_reader port: Integer
+    # @rbs! attr_reader user: String
+    # @rbs! attr_reader password: String
+    # @rbs! attr_reader database: String
+    attr_reader :host, :port, :user, :password, :database
+
+    # @rbs host: String
+    # @rbs port: Integer
+    # @rbs user: String
+    # @rbs password: String
+    # @rbs database: String
+    # @rbs return: void
+    def initialize(host: 'localhost', port: 3306, user: 'root', password: '', database: '')
+      @host = host
+      @port = port
+      @user = user
+      @password = password
+      @database = database
+
+      @sequence_id = 0
+      @connected = false
+    end
+
+    # @rbs return: void
+    def reset_sequence_id
+      @sequence_id = 0
+    end
+
+    # @rbs return: -> bool
+    def connected?
+      @connected
+    end
+
+    # @rbs return: -> void
+    def connect
+      if @connected
+        MysqlReplicator::Logger.warn 'Connection is already connected'
+        return
+      end
+
+      @socket = TCPSocket.new(@host, @port)
+      @socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
+
+      @handshake_info = MysqlReplicator::Connections::Handshake.execute(self)
+      MysqlReplicator::Connections::Auth.execute(self, @user, @password, @database, @handshake_info)
+
+      @connected = true
+      MysqlReplicator::Logger.info "Connected to MySQL server at #{@host}:#{@port}"
+    rescue => e
+      close
+      raise e
+    end
+
+    # @rbs sql: String
+    # @rbs return: MysqlReplicator::Connections::Query::queryResult | nil
+    def query(sql)
+      unless @connected
+        MysqlReplicator::Logger.warn 'Connection is not connected'
+        return
+      end
+
+      reset_sequence_id
+      flush_socket_buffer
+
+      MysqlReplicator::Connections::Query.execute(self, sql)
+    end
+
+    # @rbs return: 'PONG' | 'ERROR'
+    def ping
+      unless @connected
+        MysqlReplicator::Logger.warn 'Connection is not connected'
+        return 'ERROR'
+      end
+
+      reset_sequence_id
+
+      ping_payload = [0x0E].pack('C')
+      send_packet(ping_payload)
+
+      response = read_packet
+      success = MysqlReplicator::StringUtil.read_uint8(response[:payload][0]) == 0x00
+      success ? 'PONG' : 'ERROR'
+    end
+
+    # @rbs return: void
+    def close
+      if !@connected && (@socket.nil? || @socket.closed?)
+        MysqlReplicator::Logger.warn 'Connection is not connected'
+        return
+      end
+
+      reset_sequence_id
+
+      if @connected
+        quit_payload = [0x01].pack('C')
+        send_packet(quit_payload)
+      end
+
+      @socket.close unless @socket.closed?
+
+      @connected = false
+      MysqlReplicator::Logger.info "Disconnected to MySQL server at #{@host}:#{@port}"
+    end
+
+    # @rbs return: packet
+    def read_packet
+      if @socket.nil?
+        raise MysqlReplicator::Error, 'TCPSocket is nil'
+      end
+
+      header = @socket.read(4)
+      if header.nil? || header.length != 4
+        raise MysqlReplicator::Error, 'Failed to read packet header'
+      end
+
+      # Little-endian 24-bit
+      packet_length = MysqlReplicator::StringUtil.read_uint8(header[0]) |
+                      (MysqlReplicator::StringUtil.read_uint8(header[1]) << 8) |
+                      (MysqlReplicator::StringUtil.read_uint8(header[2]) << 16)
+      sequence_id = MysqlReplicator::StringUtil.read_uint8(header[3])
+
+      payload = @socket.read(packet_length)
+      if payload.nil? || payload.length != packet_length
+        raise MysqlReplicator::Error,
+              "Failed to read packet payload: expected #{packet_length} bytes, got #{payload&.length || 0}"
+      end
+
+      packet = { length: packet_length, sequence_id: sequence_id, payload: payload }
+      MysqlReplicator::Logger.debug "Received packet: #{packet.inspect}"
+
+      # Update to next expected sequence ID
+      @sequence_id = (sequence_id + 1) % 256
+
+      {
+        length: packet_length,
+        sequence_id: sequence_id,
+        payload: payload
+      }
+    end
+
+    # @rbs payload: String
+    # @rbs return: void
+    def send_packet(payload)
+      if @socket.nil?
+        raise MysqlReplicator::Error, 'TCPSocket is nil'
+      end
+
+      packet_length = payload.length
+      header = ([packet_length].pack('V')[0..2] || '') + [@sequence_id].pack('C').to_s
+      @socket.write(header + payload)
+
+      packet = { length: packet_length, sequence_id: @sequence_id, payload: payload }
+      MysqlReplicator::Logger.debug "Sent packet: #{packet.inspect}"
+    end
+
+    # @rbs return: void
+    def flush_socket_buffer
+      return if @socket.nil?
+
+      flushed_data = ''
+
+      begin
+        # Read all unread data in non-blocking mode
+        while @socket.ready?
+          data = @socket.read_nonblock(1024)
+          flushed_data += data
+          MysqlReplicator::Logger.debug \
+            "Found unread data: #{MysqlReplicator::StringUtil.read_array_from_int8(data).map { |b| format('%02X', b) }.join(' ')}"
+        end
+
+        sleep 0.1
+      rescue IO::WaitReadable
+        # Not at all if no data
+      rescue => e
+        MysqlReplicator::Logger.error "Buffer clear error: #{e.message}"
+      end
+
+      return if flushed_data.empty?
+
+      MysqlReplicator::Logger.debug "#{flushed_data.length} bytes of unread data cleared"
+    end
+
+    # @rbs return: Integer
+    def connection_id
+      @handshake_info[:connection_id]
+    end
+
+    # @rbs return: MysqlReplicator::Connection
+    def dup
+      new_connection = self.class.new(
+        host: @host,
+        port: @port,
+        user: @user,
+        password: @password,
+        database: @database
+      )
+      new_connection.connect
+      new_connection
+    end
+  end
+end

data/lib/mysql_replicator/connections/auth.rb

@@ -0,0 +1,303 @@
+# frozen_string_literal: true
+# rbs_inline: enabled
+
+require 'digest'
+require 'openssl'
+
+module MysqlReplicator
+  module Connections
+    class Auth
+      CLIENT_PLUGIN_AUTH = 0x00080000 #: Integer
+      CLIENT_SECURE_CONNECTION = 0x00008000 #: Integer
+      CLIENT_PROTOCOL_41 = 0x00000200 #: Integer
+      CLIENT_CONNECT_WITH_DB = 0x00000008 #: Integer
+      CLIENT_MULTI_STATEMENTS = 0x00010000 #: Integer
+      CLIENT_MULTI_RESULTS = 0x00020000 #: Integer
+
+      # @rbs connection: MysqlReplicator::Connection
+      # @rbs user: String
+      # @rbs password: String
+      # @rbs database: String
+      # @rbs handshake_info: MysqlReplicator::Connections::Handshake::handshake
+      # @rbs return: void
+      def self.execute(connection, user, password, database, handshake_info)
+        auth_plugin_name = handshake_info[:auth_plugin_name]
+
+        case auth_plugin_name
+        when 'caching_sha2_password'
+          caching_sha2_password_auth(connection, user, password, database, handshake_info)
+          MysqlReplicator::Logger.debug 'Authentication by caching_sha2_password is successful!'
+        when 'mysql_native_password'
+          mysql_native_password_auth(connection, password, handshake_info)
+          MysqlReplicator::Logger.debug 'Authentication by mysql_native_password is successful!'
+        else
+          raise MysqlReplicator::Error, "Unsupported auth plugin name: #{auth_plugin_name}"
+        end
+
+        # Clear EOF packet (at finish)
+        connection.flush_socket_buffer
+      end
+
+      # @rbs connection: MysqlReplicator::Connection
+      # @rbs user: String
+      # @rbs password: String
+      # @rbs database: String
+      # @rbs handshake_info: MysqlReplicator::Connections::Handshake::handshake
+      # @rbs return: void
+      def self.caching_sha2_password_auth(connection, user, password, database, handshake_info)
+        auth_payload = build_caching_sha2_password_payload(user, password, database, handshake_info)
+        debug_caching_sha2_password_payload(auth_payload, !database.empty?)
+        connection.send_packet(auth_payload)
+
+        auth_response_packet = connection.read_packet
+        if handle_caching_sha2_password_response(auth_response_packet) == :success
+          return
+        end
+
+        MysqlReplicator::Logger.debug 'Trying RSA encryption authentication...'
+
+        # Request public key for RSA encryption
+        public_key_payload = [0x02].pack('C')
+        connection.send_packet(public_key_payload)
+
+        public_key_response_packet = connection.read_packet
+        if MysqlReplicator::StringUtil.read_uint8(public_key_response_packet[:payload][0]) != 0x01
+          raise MysqlReplicator::Error, 'Failed to retrieve public key'
+        end
+
+        # Auth with RSA encryption
+        public_key = MysqlReplicator::StringUtil.read_str(public_key_response_packet[:payload][1..])
+        encrypted_password_payload = build_rsa_encrypt_password_payload(password, public_key, handshake_info[:auth_plugin_data])
+        connection.send_packet(encrypted_password_payload)
+
+        final_auth_response_packet = connection.read_packet
+        return unless MysqlReplicator::StringUtil.read_uint8(final_auth_response_packet[:payload][0]) != 0x00
+
+        raise MysqlReplicator::Error, 'RSA encryption authentication failed'
+      end
+
+      # @rbs packet: MysqlReplicator::Connection::packet
+      # @rbs return: :success | :challenge
+      def self.handle_caching_sha2_password_response(packet)
+        payload = packet[:payload]
+
+        # First byte of the response is result type
+        first_byte = MysqlReplicator::StringUtil.read_uint8(payload[0])
+        case first_byte
+        when 0x00
+          :success
+        when 0x01
+          more_data = payload[1..] || ['']
+          command = MysqlReplicator::StringUtil.read_uint8(more_data[0])
+          case command
+          when 0x03
+            :success
+          when 0x04
+            :challenge
+          else
+            raise MysqlReplicator::Error, "Unexpected command: #{format('%02X', command)}"
+          end
+        else
+          raise MysqlReplicator::Error,
+            'Authentication Error: ' \
+            "first_byte = #{first_byte}, " \
+            "code = #{(payload[1..2] || '').unpack('v')[0]}, " \
+            "sql_state_marker = #{(payload[3] || '').chr}, " \
+            "sql_state = #{payload[4..8]}, " \
+            "message = #{payload[9..]}"
+        end
+      end
+
+      # @rbs user: String
+      # @rbs password: String
+      # @rbs database: String
+      # @rbs handshake_info: MysqlReplicator::Connections::Handshake::handshake
+      # @rbs return: String
+      def self.build_caching_sha2_password_payload(user, password, database, handshake_info)
+        # Client feature flag
+        client_flags = CLIENT_PROTOCOL_41 |
+                       CLIENT_SECURE_CONNECTION |
+                       CLIENT_PLUGIN_AUTH |
+                       CLIENT_MULTI_STATEMENTS |
+                       CLIENT_MULTI_RESULTS
+        client_flags |= CLIENT_CONNECT_WITH_DB if database && !database.empty?
+
+        # Max packet size (4 bytes)
+        max_packet_size = 0x01000000
+
+        # Character set
+        # MySQL 8.0 uses utf8mb4_0900_ai_ci as the default character set
+        charset = handshake_info[:charset]
+
+        # Reserved (23 bytes)
+        reserved_data = "\x00" * 23
+
+        # Username
+        username_data = user + "\x00"
+
+        # Hash for caching_sha2_password
+        challenge_hash = build_caching_sha2_password_hash(password, handshake_info[:auth_plugin_data])
+
+        # Database (optional)
+        database_data = database && !database.empty? ? database + "\x00" : ''
+
+        # Authentication plugin name
+        auth_plugin_name_data = handshake_info[:auth_plugin_name].to_s + "\x00"
+
+        # Payload of packet
+        [client_flags].pack('V') +
+          [max_packet_size].pack('V') +
+          [charset].pack('C') +
+          reserved_data +
+          username_data +
+          [challenge_hash.length].pack('C') + challenge_hash +
+          database_data +
+          auth_plugin_name_data
+      end
+
+      # Hash value for caching_sha2_password
+      # SHA256(password) XOR SHA256(SHA256(SHA256(password)) + salt)
+      #
+      # @rbs password: String
+      # @rbs salt: String
+      # @rbs return: String
+      def self.build_caching_sha2_password_hash(password, salt)
+        return '' if password.empty?
+
+        # SHA256(password)
+        hash1 = Digest::SHA256.digest(password.encode('utf-8'))
+        # SHA256(SHA256(password))
+        hash2 = Digest::SHA256.digest(hash1)
+        # SHA256(SHA256(SHA256(password)), salt)
+        hash3 = Digest::SHA256.digest(hash2 + salt)
+
+        # XOR hash1 and hash3
+        payload = ''
+        hash1.each_byte.with_index do |byte, i|
+          payload += (byte ^ hash3[i].to_s.ord).chr
+        end
+        payload
+      end
+
+      # @rbs password: String
+      # @rbs public_key: String
+      # @rbs scramble: String
+      # @rbs return: String
+      def self.build_rsa_encrypt_password_payload(password, public_key, scramble)
+        rsa_public_key = OpenSSL::PKey::RSA.new(public_key)
+
+        # Password is null-terminated string
+        password_with_null = password + "\x00"
+
+        password_bytes = password_with_null.encode(Encoding::UTF_8).bytes
+        scramble_bytes = scramble.bytes
+
+        xor_result = []
+        password_bytes.each_with_index do |byte, index|
+          scramble_byte = scramble_bytes[index % scramble_bytes.length]
+          xor_result << (byte ^ scramble_byte)
+        end
+        data_to_encrypt = xor_result.pack('C*')
+
+        begin
+          # First, try OAEP padding (MySQL 8.0.5+)
+          rsa_public_key.public_encrypt(data_to_encrypt, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+        rescue OpenSSL::PKey::RSAError
+          # If OAEP fails, use PKCS#1 (MySQL 8.0.4 and earlier)
+          rsa_public_key.public_encrypt(data_to_encrypt, OpenSSL::PKey::RSA::PKCS1_PADDING)
+        end
+      end
+
+      # @rbs payload: String
+      # @rbs with_database: bool
+      # @rbs return: void
+      def self.debug_caching_sha2_password_payload(payload, with_database)
+        offset = 0
+
+        client_flags = MysqlReplicator::StringUtil.read_uint32(payload[offset..(offset + 3)])
+        offset += 4
+
+        max_packet_size = MysqlReplicator::StringUtil.read_uint32(payload[offset..(offset + 3)])
+        offset += 4
+
+        character_set = MysqlReplicator::StringUtil.read_uint8(payload[offset])
+        offset += 1
+
+        reserved = MysqlReplicator::StringUtil.read_str(payload[offset..(offset + 22)])
+        offset += 23
+
+        null_pos = payload.index("\x00", offset).to_i
+        user = MysqlReplicator::StringUtil.read_str(payload[offset...null_pos])
+        offset = null_pos + 1
+
+        challenge_hash_length = MysqlReplicator::StringUtil.read_uint8(payload[offset])
+        offset += 1
+        if challenge_hash_length > 0
+          challenge_hash_data = MysqlReplicator::StringUtil.read_str(payload[offset..(offset + challenge_hash_length - 1)])
+          offset += challenge_hash_length
+        end
+
+        if with_database
+          db_null_pos = payload.index("\x00", offset).to_i
+          database = MysqlReplicator::StringUtil.read_str(payload[offset...db_null_pos])
+          offset = db_null_pos + 1
+        end
+
+        plugin_null_pos = payload.index("\x00", offset).to_i
+        plugin_name = MysqlReplicator::StringUtil.read_str(payload[offset...plugin_null_pos]) if plugin_null_pos
+
+        MysqlReplicator::Logger.debug \
+          "===== Start Auth Payload =====\n" \
+          "Client flags: #{client_flags.to_i.to_s(16)}\n" \
+          "Max packet size: #{max_packet_size}\n" \
+          "Character set: #{character_set}\n" \
+          "Reserved: #{MysqlReplicator::StringUtil.read_array_from_int8(reserved).all?(&:zero?) ? 'All zero' : 'None zero'}\n" \
+          "User: #{user}\n" \
+          "Challenge hash length: #{challenge_hash_length}\n" \
+          "Challenge hash data: #{MysqlReplicator::StringUtil.read_array_from_int8(challenge_hash_data).map { |b| format('%02X', b) }.join(' ')}\n" \
+          "Database name: #{database}\n" \
+          "Auth plugin name: #{plugin_name}\n" \
+          '===== End Auth Payload ====='
+      end
+
+      # @rbs connection: MysqlReplicator::Connection
+      # @rbs password: String
+      # @rbs handshake_info: MysqlReplicator::Connections::Handshake::handshake
+      # @return: void
+      def self.mysql_native_password_auth(connection, password, handshake_info)
+        auth_payload = build_mysql_native_password_payload(password, handshake_info[:auth_plugin_data])
+        connection.send_packet(auth_payload)
+
+        auth_response_packet = connection.read_packet
+
+        return unless MysqlReplicator::StringUtil.read_uint8(auth_response_packet[:payload][0]) != 0x00
+
+        raise MysqlReplicator::Error,
+          'mysql_native_password authentication failed: ' \
+          "Payload = #{MysqlReplicator::StringUtil.read_array_from_int8(auth_response_packet[:payload]).map { |b| format('%02X', b) }.join(' ')}"
+      end
+
+      # @rbs password: String
+      # @rbs salt: String
+      # @rbs return: String
+      def self.build_mysql_native_password_payload(password, salt)
+        return '' if password.empty?
+
+        # SHA1(password)
+        hash1 = Digest::SHA1.digest(password.encode('utf-8'))
+        # SHA1(SHA1(password))
+        hash2 = Digest::SHA1.digest(hash1)
+        # SHA1(salt + SHA1(SHA1(password)))
+        hash3 = Digest::SHA1.digest(salt + hash2)
+
+        # XOR hash1 and hash3
+        payload = ''
+        hash1.each_byte.with_index do |byte, i|
+          payload += (byte ^ (hash3[i] || '').ord).chr
+        end
+
+        payload
+      end
+    end
+  end
+end