Package com.mysql.cj.protocol.a.authentication

Class Sha256PasswordPlugin

java.lang.Object
com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin
All Implemented Interfaces:
AuthenticationPlugin<NativePacketPayload>
Direct Known Subclasses:
CachingSha2PasswordPlugin
public class Sha256PasswordPlugin
extends java.lang.Object
implements AuthenticationPlugin<NativePacketPayload>

  • Field Details

  • Constructor Details

  • Method Details

    • init

      public void init​(Protocol<NativePacketPayload> prot)
      Description copied from interface: AuthenticationPlugin
      We need direct Protocol reference because it isn't available from Connection before authentication complete.
      Specified by:
      init in interface AuthenticationPlugin<NativePacketPayload>
      Parameters:
      prot - protocol instance

    • destroy

      public void destroy()
      Description copied from interface: AuthenticationPlugin
      Called by the driver when this extension should release any resources it is holding and cleanup internally before the connection is closed.
      Specified by:
      destroy in interface AuthenticationPlugin<NativePacketPayload>

    • getProtocolPluginName

      public java.lang.String getProtocolPluginName()
      Description copied from interface: AuthenticationPlugin
      Returns the name that the MySQL server uses on the wire for this plugin
      Specified by:
      getProtocolPluginName in interface AuthenticationPlugin<NativePacketPayload>
      Returns:
      plugin name

    • requiresConfidentiality

      public boolean requiresConfidentiality()
      Description copied from interface: AuthenticationPlugin
      Does this plugin require the connection itself to be confidential (i.e. tls/ssl)...Highly recommended to return "true" for plugins that return the credentials in the clear.
      Specified by:
      requiresConfidentiality in interface AuthenticationPlugin<NativePacketPayload>
      Returns:
      true if secure connection is required

    • isReusable

      public boolean isReusable()
      Specified by:
      isReusable in interface AuthenticationPlugin<NativePacketPayload>
      Returns:
      true if plugin instance may be reused, false otherwise

    • setAuthenticationParameters

      public void setAuthenticationParameters​(java.lang.String user, java.lang.String password)
      Description copied from interface: AuthenticationPlugin
      This method called from cJ before first nextAuthenticationStep call. Values of user and password parameters are passed from those in MysqlIO.changeUser(String userName, String password, String database) or MysqlIO.doHandshake(String user, String password, String database). Plugin should use these values instead of values from connection properties because parent method may be a changeUser call which saves user and password into connection only after successful handshake.
      Specified by:
      setAuthenticationParameters in interface AuthenticationPlugin<NativePacketPayload>
      Parameters:
      user - user name
      password - user password

    • nextAuthenticationStep

      public boolean nextAuthenticationStep​(NativePacketPayload fromServer, java.util.List<NativePacketPayload> toServer)
      Description copied from interface: AuthenticationPlugin
      Process authentication handshake data from server and optionally produce data to be sent back to the server. The driver will keep calling this method on each new server packet arrival until either an Exception is thrown (authentication failure, please use appropriate SQLStates) or the number of exchange iterations exceeded max limit or an OK packet is sent by server indicating that the connection has been approved. If, on return from this method, toServer is a non-empty list of buffers, then these buffers will be sent to the server in the same order and without any reads in between them. If toServer is an empty list, no data will be sent to server, driver immediately reads the next packet from server. In case of errors the method should throw Exception.
      Specified by:
      nextAuthenticationStep in interface AuthenticationPlugin<NativePacketPayload>
      Parameters:
      fromServer - a buffer containing handshake data payload from server (can be empty).
      toServer - list of buffers with data to be sent to the server (the list can be empty, but buffers in the list should contain data).
      Returns:
      return value is ignored.

    • encryptPassword

      protected byte[] encryptPassword()

    • encryptPassword

      protected byte[] encryptPassword​(java.lang.String transformation)

    • readRSAKey

      protected static java.lang.String readRSAKey​(java.lang.String pkPath, PropertySet propertySet, ExceptionInterceptor exceptionInterceptor)