Class NativePasswordPlugin
java.lang.Object
org.mariadb.jdbc.plugin.authentication.standard.NativePasswordPlugin
- All Implemented Interfaces:
AuthenticationPlugin
Native password implementation
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic byte[]
encryptPassword
(CharSequence password, byte[] seed) Encrypts a password.byte[]
hash
(Credential credential) Return Hashvoid
initialize
(String authenticationData, byte[] seed, Configuration conf, HostAddress hostAddress) Initialized data.boolean
Can plugins is MitM-proof, permitting returning HASHProcess native password plugin authentication.type()
Authentication plugin type.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.mariadb.jdbc.plugin.AuthenticationPlugin
requireSsl
-
Field Details
-
TYPE
plugin name- See Also:
-
authenticationData
-
seed
private byte[] seed
-
-
Constructor Details
-
NativePasswordPlugin
public NativePasswordPlugin()
-
-
Method Details
-
encryptPassword
Encrypts a password.protocol for authentication is like this:
- Server sends a random array of bytes (the seed)
- client makes a sha1 digest of the password
- client hashes the output of 2
- client digests the seed
- client updates the digest with the output from 3
- an xor of the output of 5 and 2 is sent to server
- server does the same thing and verifies that the scrambled passwords match
- Parameters:
password
- the password to encryptseed
- the seed to use- Returns:
- a scrambled password
-
type
Description copied from interface:AuthenticationPlugin
Authentication plugin type.- Specified by:
type
in interfaceAuthenticationPlugin
- Returns:
- authentication plugin type. ex: mysql_native_password
-
initialize
public void initialize(String authenticationData, byte[] seed, Configuration conf, HostAddress hostAddress) Initialized data.- Specified by:
initialize
in interfaceAuthenticationPlugin
- Parameters:
authenticationData
- authentication data (password/token)seed
- server provided seedconf
- Connection string optionshostAddress
- host information
-
process
Process native password plugin authentication. see https://mariadb.com/kb/en/library/authentication-plugin-mysql_native_password/- Specified by:
process
in interfaceAuthenticationPlugin
- Parameters:
out
- out streamin
- in streamcontext
- connection context- Returns:
- response packet
- Throws:
IOException
- if socket error
-
isMitMProof
public boolean isMitMProof()Description copied from interface:AuthenticationPlugin
Can plugins is MitM-proof, permitting returning HASH- Specified by:
isMitMProof
in interfaceAuthenticationPlugin
- Returns:
- true if permitted
-
hash
Return Hash- Specified by:
hash
in interfaceAuthenticationPlugin
- Parameters:
credential
- Credential- Returns:
- hash
-