vertx / io.vertx.reactivex.ext.auth.jdbc / JDBCHashStrategy

JDBCHashStrategy

open class JDBCHashStrategy

Determines how the hashing is computed in the implementation You can implement this to provide a different hashing strategy to the default. NOTE: This class has been automatically generated from the io.vertx.ext.auth.jdbc.JDBCHashStrategy non RX-ified interface using Vert.x codegen.

Constructors

<init>

JDBCHashStrategy(delegate: JDBCHashStrategy)

Properties

__TYPE_ARG

static val __TYPE_ARG: TypeArg<JDBCHashStrategy>

Functions

computeHash

open fun computeHash(password: String, salt: String, version: Int): String

Compute the hashed password given the unhashed password and the salt

createPBKDF2

open static fun createPBKDF2(vertx: Vertx): JDBCHashStrategy

Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17). New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation). The work factor can be updated by using the nonces json array.

createSHA512

open static fun createSHA512(vertx: Vertx): JDBCHashStrategy

This is the current backwards compatible hashing implementation, new applications should prefer the PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.

equals

open fun equals(other: Any?): Boolean

generateSalt

open fun generateSalt(): String

Compute a random salt.

getDelegate

open fun getDelegate(): JDBCHashStrategy

getHashedStoredPwd

open fun getHashedStoredPwd(row: JsonArray): String

Retrieve the hashed password from the result of the authentication query

getSalt

open fun getSalt(row: JsonArray): String

Retrieve the salt from the result of the authentication query

hashCode

open fun hashCode(): Int

isEqual

open static fun isEqual(hasha: String, hashb: String): Boolean

Time constant string comparision to avoid timming attacks.

newInstance

open static fun newInstance(arg: JDBCHashStrategy): JDBCHashStrategy

setNonces

open fun setNonces(nonces: JsonArray): Unit

Sets a ordered list of nonces where each position corresponds to a version. The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach. Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt used during the hashing, for the PBKDF2 they map the number of iterations the algorithm should take

toString

open fun toString(): String