Class NativePasswordPlugin

java.lang.Object
org.mariadb.jdbc.plugin.authentication.standard.NativePasswordPlugin
All Implemented Interfaces:
AuthenticationPlugin

public class NativePasswordPlugin extends Object implements AuthenticationPlugin
Native password implementation
  • Field Details

    • TYPE

      public static final String TYPE
      plugin name
      See Also:
    • authenticationData

      private String authenticationData
    • seed

      private byte[] seed
  • Constructor Details

    • NativePasswordPlugin

      public NativePasswordPlugin()
  • Method Details

    • encryptPassword

      public static byte[] encryptPassword(CharSequence password, byte[] seed)
      Encrypts a password.

      protocol for authentication is like this:

      • Server sends a random array of bytes (the seed)
      • client makes a sha1 digest of the password
      • client hashes the output of 2
      • client digests the seed
      • client updates the digest with the output from 3
      • an xor of the output of 5 and 2 is sent to server
      • server does the same thing and verifies that the scrambled passwords match
      Parameters:
      password - the password to encrypt
      seed - the seed to use
      Returns:
      a scrambled password
    • type

      public String type()
      Description copied from interface: AuthenticationPlugin
      Authentication plugin type.
      Specified by:
      type in interface AuthenticationPlugin
      Returns:
      authentication plugin type. ex: mysql_native_password
    • initialize

      public void initialize(String authenticationData, byte[] seed, Configuration conf)
      Initialized data.
      Specified by:
      initialize in interface AuthenticationPlugin
      Parameters:
      authenticationData - authentication data (password/token)
      seed - server provided seed
      conf - Connection string options
    • process

      public ReadableByteBuf process(Writer out, Reader in, Context context) throws IOException
      Process native password plugin authentication. see https://mariadb.com/kb/en/library/authentication-plugin-mysql_native_password/
      Specified by:
      process in interface AuthenticationPlugin
      Parameters:
      out - out stream
      in - in stream
      context - connection context
      Returns:
      response packet
      Throws:
      IOException - if socket error
    • isMitMProof

      public boolean isMitMProof()
      Description copied from interface: AuthenticationPlugin
      Can plugins is MitM-proof, permitting returning HASH
      Specified by:
      isMitMProof in interface AuthenticationPlugin
      Returns:
      true if permitted
    • hash

      public byte[] hash(Credential credential)
      Return Hash
      Specified by:
      hash in interface AuthenticationPlugin
      Parameters:
      credential - Credential
      Returns:
      hash