vertx / io.vertx.ext.auth.jdbc / JDBCHashStrategy

JDBCHashStrategy

interface JDBCHashStrategy

Determines how the hashing is computed in the implementation You can implement this to provide a different hashing strategy to the default.

Author
Tim Fox

Functions

computeHash

abstract fun computeHash(password: String, salt: String, version: Int): String

Compute the hashed password given the unhashed password and the salt

generateSalt

abstract fun generateSalt(): String

Compute a random salt.

getHashedStoredPwd

abstract fun getHashedStoredPwd(row: JsonArray): String

Retrieve the hashed password from the result of the authentication query

getSalt

abstract fun getSalt(row: JsonArray): String

Retrieve the salt from the result of the authentication query

setNonces

abstract fun setNonces(nonces: MutableList<String>): Unit

Sets a ordered list of nonces where each position corresponds to a version. The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach.