org.apache.derby.iapi.sql.dictionary
Class PasswordHasher

java.lang.Object
  org.apache.derby.iapi.sql.dictionary.PasswordHasher

public class PasswordHasher
extends java.lang.Object

This machine performs the hashing of Derby passwords.

Field Summary

private int	_iterations
private java.lang.String	_messageDigestAlgorithm
private byte[]	_salt
private static java.lang.String	ENCODING The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.
static java.lang.String	ID_PATTERN_CONFIGURABLE_HASH_SCHEME Pattern that is prefixed to the stored password in the configurable hash authentication scheme.
static java.lang.String	ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied.
static java.lang.String	ID_PATTERN_SHA1_SCHEME Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.
private static char	SEPARATOR_CHAR Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.

Constructor Summary

PasswordHasher(java.lang.String hashingScheme)
Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.

PasswordHasher(java.lang.String messageDigestAlgorithm, byte[] salt, int iterations)
Construct from pieces.

Method Summary

private StandardException	badMessageDigest(java.lang.Throwable t)
java.lang.String	encodeHashingScheme() Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.
private java.security.MessageDigest	getEmptyMessageDigest()
private java.lang.String	hashAndEncode(java.lang.String stringDigest)
java.lang.String	hashAndEncode(java.lang.String userName, java.lang.String password) Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.
java.lang.String	hashPasswordIntoString(java.lang.String userName, java.lang.String password) Produce a hashed password using a plaintext username and password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ENCODING

private static final java.lang.String ENCODING

The encoding to use when converting the credentials to a byte array that can be passed to the hash function in the configurable hash scheme.

See Also:

Constant Field Values

ID_PATTERN_SHA1_SCHEME

public static final java.lang.String ID_PATTERN_SHA1_SCHEME

Pattern that is prefixed to the stored password in the SHA-1 authentication scheme.

See Also:

Constant Field Values

ID_PATTERN_CONFIGURABLE_HASH_SCHEME

public static final java.lang.String ID_PATTERN_CONFIGURABLE_HASH_SCHEME

Pattern that is prefixed to the stored password in the configurable hash authentication scheme.

See Also:

Constant Field Values

ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME

public static final java.lang.String ID_PATTERN_CONFIGURABLE_STRETCHED_SCHEME

Pattern that is prefixed to the stored password in the configurable hash authentication scheme if key stretching has been applied. This scheme extends the configurable hash scheme by adding a random salt and applying the hash function multiple times when generating the hashed token.

See Also:

Constant Field Values

SEPARATOR_CHAR

private static final char SEPARATOR_CHAR

Character that separates the hash value from the name of the hash algorithm in the stored password generated by the configurable hash authentication scheme.

See Also:

Constant Field Values

_messageDigestAlgorithm

private java.lang.String _messageDigestAlgorithm

_salt

private byte[] _salt

_iterations

private int _iterations

Constructor Detail

PasswordHasher

public PasswordHasher(java.lang.String messageDigestAlgorithm,
                      byte[] salt,
                      int iterations)

Construct from pieces. Used for databases at rev level 10.6 or later.

PasswordHasher

public PasswordHasher(java.lang.String hashingScheme)

Construct from a hashed BUILTIN password stored in the PropertyConglomerate or from a SYSUSERS.HASHINGSCHEME column.

Method Detail

hashPasswordIntoString

public java.lang.String hashPasswordIntoString(java.lang.String userName,
                                               java.lang.String password)
                                        throws StandardException

Produce a hashed password using a plaintext username and password. Turn it into a printable string.

Throws:

StandardException

getEmptyMessageDigest

private java.security.MessageDigest getEmptyMessageDigest()
                                                   throws StandardException

Throws:

StandardException

badMessageDigest

private StandardException badMessageDigest(java.lang.Throwable t)

encodeHashingScheme

public java.lang.String encodeHashingScheme()

Encodes the hashing algorithm in a string suitable for storing in SYSUSERS.HASHINGSCHEME.

hashAndEncode

public java.lang.String hashAndEncode(java.lang.String userName,
                                      java.lang.String password)
                               throws StandardException

Hash a username/password pair and return an encoded representation suitable for storing as a BUILTIN password value in the PropertyConglomerate.

Throws:

StandardException

hashAndEncode

private java.lang.String hashAndEncode(java.lang.String stringDigest)