Class: VertxAuthJdbc::JDBCHashStrategy
- Inherits:
-
Object
- Object
- VertxAuthJdbc::JDBCHashStrategy
show all
- Defined in:
- /Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb
Overview
Determines how the hashing is computed in the implementation
You can implement this to provide a different hashing strategy to the default.
Constant Summary
- @@j_api_type =
Object.new
Class Method Summary
(collapse)
Instance Method Summary
(collapse)
Class Method Details
+ (Boolean) accept?(obj)
21
22
23
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 21
def @@j_api_type.accept?(obj)
obj.class == JDBCHashStrategy
end
|
Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17).
New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation).
The work factor can be updated by using the nonces json array.
155
156
157
158
159
160
161
162
163
164
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 155
def self.create_pbkdf2(*args)
if args[0].class.method_defined?(:j_del) && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createPBKDF2, [Java::IoVertxCore::Vertx.java_class]).call(args[0].j_del),::VertxAuthJdbc::JDBCHashStrategy)
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling create_pbkdf2(#{args[0]})"
end
end
|
This is the current backwards compatible hashing implementation, new applications should prefer the
PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.
41
42
43
44
45
46
47
48
49
50
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 41
def self.create_sha512(*args)
if args[0].class.method_defined?(:j_del) && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createSHA512, [Java::IoVertxCore::Vertx.java_class]).call(args[0].j_del),::VertxAuthJdbc::JDBCHashStrategy)
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling create_sha512(#{args[0]})"
end
end
|
+ (true, false) isEqual(hasha, hashb)
Time constant string comparision to avoid timming attacks.
83
84
85
86
87
88
89
90
91
92
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 83
def self.equal?(*args)
if args[0].class == String && args[1].class == String && !block_given?
return Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:isEqual, [Java::java.lang.String.java_class,Java::java.lang.String.java_class]).call(args[0],args[1])
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling equal?(#{args[0]},#{args[1]})"
end
end
|
+ (Object) j_api_type
30
31
32
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 30
def self.j_api_type
@@j_api_type
end
|
+ (Object) j_class
33
34
35
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 33
def self.j_class
Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_class
end
|
+ (Object) unwrap(obj)
27
28
29
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 27
def @@j_api_type.unwrap(obj)
obj.j_del
end
|
+ (Object) wrap(obj)
24
25
26
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 24
def @@j_api_type.wrap(obj)
JDBCHashStrategy.new(obj)
end
|
Instance Method Details
- (String) computeHash(password, salt, version)
Compute the hashed password given the unhashed password and the salt
137
138
139
140
141
142
143
144
145
146
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 137
def compute_hash(*args)
if args[0].class == String && args[1].class == String && args[2].class == Fixnum && !block_given?
return @j_del.java_method(:computeHash, [Java::java.lang.String.java_class,Java::java.lang.String.java_class,Java::int.java_class]).call(args[0],args[1],args[2])
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling compute_hash(#{args[0]},#{args[1]},#{args[2]})"
end
end
|
- (String) generateSalt
68
69
70
71
72
73
74
75
76
77
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 68
def generate_salt
if !block_given?
return @j_del.java_method(:generateSalt, []).call()
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling generate_salt()"
end
end
|
- (String) getHashedStoredPwd(row)
Retrieve the hashed password from the result of the authentication query
55
56
57
58
59
60
61
62
63
64
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 55
def get_hashed_stored_pwd(*args)
if args[0].class == Array && !block_given?
return @j_del.java_method(:getHashedStoredPwd, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(args[0]))
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling get_hashed_stored_pwd(#{args[0]})"
end
end
|
- (String) getSalt(row)
Retrieve the salt from the result of the authentication query
121
122
123
124
125
126
127
128
129
130
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 121
def get_salt(*args)
if args[0].class == Array && !block_given?
return @j_del.java_method(:getSalt, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(args[0]))
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling get_salt(#{args[0]})"
end
end
|
- (void) setNonces(nonces)
This method returns an undefined value.
Sets a ordered list of nonces where each position corresponds to a version.
The nonces are supposed not to be stored in the underlying jdbc storage but to
be provided as a application configuration. The idea is to add one extra variable
to the hash function in order to make breaking the passwords using rainbow tables
or precomputed hashes harder. Leaving the attacker only with the brute force
approach.
Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt
used during the hashing, for the PBKDF2 they map the number of iterations the algorithm
should take
107
108
109
110
111
112
113
114
115
116
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 107
def set_nonces(*args)
if args[0].class == Array && !block_given?
return @j_del.java_method(:setNonces, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(args[0]))
end
if defined?(super)
super
else
raise ArgumentError, "Invalid arguments when calling set_nonces(#{args[0]})"
end
end
|