Package org.apache.derby.iapi.sql.dictionary

Class PasswordHasher

  • public class PasswordHasher
extends java.lang.Object

    This machine performs the hashing of Derby passwords.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private int _iterations  
      private java.lang.String _messageDigestAlgorithm  
      private byte[] _salt  
      private static java.lang.String ENCODING
      The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.
      static java.lang.String ID_PATTERN_CONFIGURABLE_HASH_SCHEME
      Pattern that is prefixed to the stored password in the configurable hash authentication scheme.
      static java.lang.String ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME
      Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied.
      static java.lang.String ID_PATTERN_SHA1_SCHEME
      Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.
      private static char SEPARATOR_CHAR
      Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.

    • Constructor Summary

      Constructors 
      Constructor Description
      PasswordHasher​(java.lang.String hashingScheme)
      Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.
      PasswordHasher​(java.lang.String messageDigestAlgorithm, byte[] salt, int iterations)
      Construct from pieces.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private StandardException badMessageDigest​(java.lang.Throwable t)  
      java.lang.String encodeHashingScheme()
      Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.
      private java.security.MessageDigest getEmptyMessageDigest()  
      private java.lang.String hashAndEncode​(java.lang.String stringDigest)  
      java.lang.String hashAndEncode​(java.lang.String userName, java.lang.String password)
      Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.
      java.lang.String hashPasswordIntoString​(java.lang.String userName, java.lang.String password)
      Produce a hashed password using a plaintext username and password.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • ENCODING

        private static final java.lang.String ENCODING
        The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.
        See Also:
        Constant Field Values

      • ID_PATTERN_SHA1_SCHEME

        public static final java.lang.String ID_PATTERN_SHA1_SCHEME
        Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.
        See Also:
        Constant Field Values

      • ID_PATTERN_CONFIGURABLE_HASH_SCHEME

        public static final java.lang.String ID_PATTERN_CONFIGURABLE_HASH_SCHEME
        Pattern that is prefixed to the stored password in the configurable hash authentication scheme.
        See Also:
        Constant Field Values

      • ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME

        public static final java.lang.String ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME
        Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied. This scheme extends the configurable hash scheme by adding a random salt and applying the hash function multiple times when generating the hashed token.
        See Also:
        Constant Field Values

      • SEPARATOR_CHAR

        private static final char SEPARATOR_CHAR
        Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.
        See Also:
        Constant Field Values

      • _messageDigestAlgorithm

        private java.lang.String _messageDigestAlgorithm

      • _salt

        private byte[] _salt

      • _iterations

        private int _iterations

    • Constructor Detail

      • PasswordHasher

        public PasswordHasher​(java.lang.String messageDigestAlgorithm,
                      byte[] salt,
                      int iterations)

        Construct from pieces. Used for databases at rev level 10.6 or later.

      • PasswordHasher

        public PasswordHasher​(java.lang.String hashingScheme)

        Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.

    • Method Detail

      • hashPasswordIntoString

        public java.lang.String hashPasswordIntoString​(java.lang.String userName,
                                               java.lang.String password)
                                        throws StandardException

        Produce a hashed password using a plaintext username and password. Turn it into a printable string.

        Throws:
        StandardException

      • badMessageDigest

        private StandardException badMessageDigest​(java.lang.Throwable t)

      • encodeHashingScheme

        public java.lang.String encodeHashingScheme()

        Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.

      • hashAndEncode

        public java.lang.String hashAndEncode​(java.lang.String userName,
                                      java.lang.String password)
                               throws StandardException

        Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.

        Throws:
        StandardException

      • hashAndEncode

        private java.lang.String hashAndEncode​(java.lang.String stringDigest)