Package org.mariadb.jdbc.plugin.authentication.standard

Class CachingSha2PasswordPlugin

java.lang.Object

org.mariadb.jdbc.plugin.authentication.standard.CachingSha2PasswordPlugin

All Implemented Interfaces:

AuthenticationPlugin

public class CachingSha2PasswordPlugin
extends Object
implements AuthenticationPlugin

Mysql caching sha2 password plugin

Field Summary

Fields

Modifier and Type	Field	Description
static final String	TYPE	plugin name

Constructor Summary

Constructors

Constructor	Description
CachingSha2PasswordPlugin(String authenticationData, byte[] seed, Configuration conf, HostAddress hostAddress)

Method Summary

Modifier and Type	Method	Description
static byte[]	encrypt(PublicKey publicKey, String password, byte[] seed)	Encode password with seed and public key.
static PublicKey	generatePublicKey(byte[] publicKeyBytes)	Read public pem key from String.
void	initialize(String authenticationData, byte[] seed, Configuration conf, HostAddress hostAddress)	Initialized data.
org.mariadb.jdbc.client.ReadableByteBuf	process(Writer out, Reader in, org.mariadb.jdbc.client.Context context)	Process native password plugin authentication.
static PublicKey	readPublicKeyFromFile(String serverRsaPublicKeyFile)	Read public Key from file.
static byte[]	sha256encryptPassword(CharSequence password, byte[] seed)	Send an SHA-2 encrypted password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.mariadb.jdbc.plugin.AuthenticationPlugin

hash, isMitMProof

Field Details

TYPE

public static final String TYPE

plugin name

See Also:

• Constant Field Values

Constructor Details

CachingSha2PasswordPlugin

public CachingSha2PasswordPlugin(String authenticationData,
 byte[] seed,
 Configuration conf,
 HostAddress hostAddress)

Method Details

sha256encryptPassword

public static byte[] sha256encryptPassword(CharSequence password,
 byte[] seed)

Send an SHA-2 encrypted password. encryption XOR(SHA256(password), SHA256(seed, SHA256(SHA256(password))))

Parameters:

password - password

seed - seed

Returns:

encrypted pwd

readPublicKeyFromFile

public static PublicKey readPublicKeyFromFile(String serverRsaPublicKeyFile)
                                       throws SQLException

Read public Key from file.

Parameters:

serverRsaPublicKeyFile - RSA public key file

Returns:

public key

Throws:

SQLException - if having an error reading file or file content is not a public key.

generatePublicKey

public static PublicKey generatePublicKey(byte[] publicKeyBytes)
                                   throws SQLException

Read public pem key from String.

Parameters:

publicKeyBytes - public key bytes value

Returns:

public key

Throws:

SQLException - if key cannot be parsed

encrypt

public static byte[] encrypt(PublicKey publicKey,
 String password,
 byte[] seed)
                      throws SQLException

Encode password with seed and public key.

Parameters:

publicKey - public key

password - password

seed - seed

Returns:

encoded password

Throws:

SQLException - if cannot encode password

initialize

public void initialize(String authenticationData,
 byte[] seed,
 Configuration conf,
 HostAddress hostAddress)

Initialized data.

Parameters:

authenticationData - authentication data (password/token)

seed - server provided seed

conf - Connection string options

hostAddress - host information

process

public org.mariadb.jdbc.client.ReadableByteBuf process(Writer out,
 Reader in,
 org.mariadb.jdbc.client.Context context)
                                                throws IOException,
SQLException

Process native password plugin authentication. see https://mariadb.com/kb/en/library/authentication-plugin-mysql_native_password/

Specified by:

process in interface AuthenticationPlugin

Parameters:

out - out stream

in - in stream

context - connection context

Returns:

response packet

Throws:

IOException - if socket error

SQLException - if plugin exception