Classes
Methods
(static) JDBCHashStrategy.createPBKDF2(vertx) → {JDBCHashStrategy}
Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17).
New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation).
The work factor can be updated by using the nonces json array.
Parameters:
| Name | Type | Description |
|---|---|---|
vertx |
Vertx | the vert.x instance |
Returns:
the implementation.
- Type
- JDBCHashStrategy
(static) JDBCHashStrategy.createSHA512(vertx) → {JDBCHashStrategy}
This is the current backwards compatible hashing implementation, new applications should prefer the
PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.
Parameters:
| Name | Type | Description |
|---|---|---|
vertx |
Vertx | the vert.x instance |
Returns:
the implementation.
- Type
- JDBCHashStrategy
(static) JDBCHashStrategy.isEqual(hasha, hashb) → {boolean}
Time constant string comparision to avoid timming attacks.
Parameters:
| Name | Type | Description |
|---|---|---|
hasha |
string | hash a to compare |
hashb |
string | hash b to compare |
Returns:
true if equal
- Type
- boolean