Class Security

java.lang.Object
com.mysql.cj.protocol.Security

public class Security
extends java.lang.Object
Methods for doing secure authentication with MySQL-4.1 and newer.
  • Method Summary

    Modifier and Type Method Description
    static byte[] scramble411​(byte[] password, byte[] seed)
    Hashing for MySQL-4.1 authentication.
    static byte[] scramble411​(java.lang.String password, byte[] seed, java.lang.String passwordEncoding)  
    static byte[] scrambleCachingSha2​(byte[] password, byte[] seed)
    Scrambling for caching_sha2_password plugin.
    static void xorString​(byte[] from, byte[] to, byte[] scramble, int length)
    Encrypt/Decrypt function used for password encryption in authentication Simple XOR is used here but it is OK as we encrypt random strings

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Method Details

    • xorString

      public static void xorString​(byte[] from, byte[] to, byte[] scramble, int length)
      Encrypt/Decrypt function used for password encryption in authentication Simple XOR is used here but it is OK as we encrypt random strings
      Parameters:
      from - IN Data for encryption
      to - OUT Encrypt data to the buffer (may be the same)
      scramble - IN Scramble used for encryption
      length - IN Length of data to encrypt
    • scramble411

      public static byte[] scramble411​(java.lang.String password, byte[] seed, java.lang.String passwordEncoding)
    • scramble411

      public static byte[] scramble411​(byte[] password, byte[] seed)
      Hashing for MySQL-4.1 authentication. Algorithm is as follows (c.f. sql/auth/password.c):
       SERVER: public_seed=create_random_string()
       send(public_seed)
      
       CLIENT: recv(public_seed)
       hash_stage1=sha1("password")
       hash_stage2=sha1(hash_stage1)
       reply=xor(hash_stage1, sha1(public_seed,hash_stage2))
       send(reply)
       
      Parameters:
      password - password
      seed - seed
      Returns:
      bytes
    • scrambleCachingSha2

      public static byte[] scrambleCachingSha2​(byte[] password, byte[] seed) throws java.security.DigestException
      Scrambling for caching_sha2_password plugin.
       Scramble = XOR(SHA2(password), SHA2(SHA2(SHA2(password)), Nonce))
       
      Parameters:
      password - password
      seed - seed
      Returns:
      bytes
      Throws:
      java.security.DigestException - if an error occurs