public class Security
extends java.lang.Object
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
scramble411(byte[] password,
byte[] seed)
Hashing for MySQL-4.1 authentication.
|
static byte[] |
scramble411(java.lang.String password,
byte[] seed,
java.lang.String passwordEncoding) |
static byte[] |
scrambleCachingSha2(byte[] password,
byte[] seed)
Scrambling for caching_sha2_password plugin.
|
static void |
xorString(byte[] from,
byte[] to,
byte[] scramble,
int length)
Encrypt/Decrypt function used for password encryption in authentication
Simple XOR is used here but it is OK as we encrypt random strings
|
public static void xorString(byte[] from,
byte[] to,
byte[] scramble,
int length)
from - IN Data for encryptionto - OUT Encrypt data to the buffer (may be the same)scramble - IN Scramble used for encryptionlength - IN Length of data to encryptpublic static byte[] scramble411(java.lang.String password,
byte[] seed,
java.lang.String passwordEncoding)
public static byte[] scramble411(byte[] password,
byte[] seed)
SERVER: public_seed=create_random_string()
send(public_seed)
CLIENT: recv(public_seed)
hash_stage1=sha1("password")
hash_stage2=sha1(hash_stage1)
reply=xor(hash_stage1, sha1(public_seed,hash_stage2))
send(reply)
password - passwordseed - seedpublic static byte[] scrambleCachingSha2(byte[] password,
byte[] seed)
throws java.security.DigestException
Scramble = XOR(SHA2(password), SHA2(SHA2(SHA2(password)), Nonce))
password - passwordseed - seedjava.security.DigestException - if an error occurs