Package io.vertx.reactivex.ext.auth.jdbc
Class JDBCHashStrategy
- java.lang.Object
-
- io.vertx.reactivex.ext.auth.jdbc.JDBCHashStrategy
-
-
Field Summary
Fields Modifier and Type Field Description static TypeArg<JDBCHashStrategy>
__TYPE_ARG
-
Constructor Summary
Constructors Constructor Description JDBCHashStrategy(JDBCHashStrategy delegate)
JDBCHashStrategy(Object delegate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description String
computeHash(String password, String salt, int version)
Deprecated.static JDBCHashStrategy
createPBKDF2(Vertx vertx)
Deprecated.static JDBCHashStrategy
createSHA512(Vertx vertx)
Deprecated.boolean
equals(Object o)
String
generateSalt()
Deprecated.JDBCHashStrategy
getDelegate()
String
getHashedStoredPwd(JsonArray row)
Deprecated.String
getSalt(JsonArray row)
Deprecated.int
hashCode()
static boolean
isEqual(String hasha, String hashb)
Deprecated.static JDBCHashStrategy
newInstance(JDBCHashStrategy arg)
void
setNonces(JsonArray nonces)
Deprecated.String
toString()
-
-
-
Field Detail
-
__TYPE_ARG
public static final TypeArg<JDBCHashStrategy> __TYPE_ARG
-
-
Constructor Detail
-
JDBCHashStrategy
public JDBCHashStrategy(JDBCHashStrategy delegate)
-
JDBCHashStrategy
public JDBCHashStrategy(Object delegate)
-
-
Method Detail
-
getDelegate
public JDBCHashStrategy getDelegate()
-
createSHA512
@Deprecated public static JDBCHashStrategy createSHA512(Vertx vertx)
Deprecated.This is the current backwards compatible hashing implementation, new applications should prefer the PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.- Parameters:
vertx
- the vert.x instance- Returns:
- the implementation.
-
createPBKDF2
@Deprecated public static JDBCHashStrategy createPBKDF2(Vertx vertx)
Deprecated.Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17). New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation). The work factor can be updated by using the nonces json array.- Parameters:
vertx
- the vert.x instance- Returns:
- the implementation.
-
generateSalt
@Deprecated public String generateSalt()
Deprecated.Compute a random salt.- Returns:
- a non null salt value
-
computeHash
@Deprecated public String computeHash(String password, String salt, int version)
Deprecated.Compute the hashed password given the unhashed password and the salt- Parameters:
password
- the unhashed passwordsalt
- the saltversion
- the nonce version to use- Returns:
- the hashed password
-
getHashedStoredPwd
@Deprecated public String getHashedStoredPwd(JsonArray row)
Deprecated.Retrieve the hashed password from the result of the authentication query- Parameters:
row
- the row- Returns:
- the hashed password
-
getSalt
@Deprecated public String getSalt(JsonArray row)
Deprecated.Retrieve the salt from the result of the authentication query- Parameters:
row
- the row- Returns:
- the salt
-
setNonces
@Deprecated public void setNonces(JsonArray nonces)
Deprecated.Sets a ordered list of nonces where each position corresponds to a version. The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach. Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt used during the hashing, for the PBKDF2 they map the number of iterations the algorithm should take- Parameters:
nonces
- a json array.
-
isEqual
@Deprecated public static boolean isEqual(String hasha, String hashb)
Deprecated.Time constant string comparision to avoid timming attacks.- Parameters:
hasha
- hash a to comparehashb
- hash b to compare- Returns:
- true if equal
-
newInstance
public static JDBCHashStrategy newInstance(JDBCHashStrategy arg)
-
-