Class: VertxAuthJdbc::JDBCHashStrategy
- Inherits:
-
Object
- Object
- VertxAuthJdbc::JDBCHashStrategy
show all
- Defined in:
- /Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb
Overview
Determines how the hashing is computed in the implementation
You can implement this to provide a different hashing strategy to the default.
Constant Summary
- @@j_api_type =
Object.new
Class Method Summary
(collapse)
Instance Method Summary
(collapse)
Class Method Details
+ (Boolean) accept?(obj)
20
21
22
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 20
def @@j_api_type.accept?(obj)
obj.class == JDBCHashStrategy
end
|
Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17).
New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation).
The work factor can be updated by using the nonces json array.
52
53
54
55
56
57
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 52
def self.create_pbkdf2(vertx=nil)
if vertx.class.method_defined?(:j_del) && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createPBKDF2, [Java::IoVertxCore::Vertx.java_class]).call(vertx.j_del),::VertxAuthJdbc::JDBCHashStrategy)
end
raise ArgumentError, "Invalid arguments when calling create_pbkdf2(#{vertx})"
end
|
This is the current backwards compatible hashing implementation, new applications should prefer the
PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.
39
40
41
42
43
44
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 39
def self.create_sha512(vertx=nil)
if vertx.class.method_defined?(:j_del) && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createSHA512, [Java::IoVertxCore::Vertx.java_class]).call(vertx.j_del),::VertxAuthJdbc::JDBCHashStrategy)
end
raise ArgumentError, "Invalid arguments when calling create_sha512(#{vertx})"
end
|
+ (true, false) equal?(hasha = nil, hashb = nil)
Time constant string comparision to avoid timming attacks.
118
119
120
121
122
123
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 118
def self.equal?(hasha=nil,hashb=nil)
if hasha.class == String && hashb.class == String && !block_given?
return Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:isEqual, [Java::java.lang.String.java_class,Java::java.lang.String.java_class]).call(hasha,hashb)
end
raise ArgumentError, "Invalid arguments when calling equal?(#{hasha},#{hashb})"
end
|
+ (Object) j_api_type
29
30
31
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 29
def self.j_api_type
@@j_api_type
end
|
+ (Object) j_class
32
33
34
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 32
def self.j_class
Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_class
end
|
+ (Object) unwrap(obj)
26
27
28
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 26
def @@j_api_type.unwrap(obj)
obj.j_del
end
|
+ (Object) wrap(obj)
23
24
25
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 23
def @@j_api_type.wrap(obj)
JDBCHashStrategy.new(obj)
end
|
Instance Method Details
- (String) compute_hash(password = nil, salt = nil, version = nil)
Compute the hashed password given the unhashed password and the salt
71
72
73
74
75
76
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 71
def compute_hash(password=nil,salt=nil,version=nil)
if password.class == String && salt.class == String && version.class == Fixnum && !block_given?
return @j_del.java_method(:computeHash, [Java::java.lang.String.java_class,Java::java.lang.String.java_class,Java::int.java_class]).call(password,salt,version)
end
raise ArgumentError, "Invalid arguments when calling compute_hash(#{password},#{salt},#{version})"
end
|
- (String) generate_salt
60
61
62
63
64
65
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 60
def generate_salt
if !block_given?
return @j_del.java_method(:generateSalt, []).call()
end
raise ArgumentError, "Invalid arguments when calling generate_salt()"
end
|
- (String) get_hashed_stored_pwd(row = nil)
Retrieve the hashed password from the result of the authentication query
80
81
82
83
84
85
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 80
def get_hashed_stored_pwd(row=nil)
if row.class == Array && !block_given?
return @j_del.java_method(:getHashedStoredPwd, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(row))
end
raise ArgumentError, "Invalid arguments when calling get_hashed_stored_pwd(#{row})"
end
|
- (String) get_salt(row = nil)
Retrieve the salt from the result of the authentication query
89
90
91
92
93
94
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 89
def get_salt(row=nil)
if row.class == Array && !block_given?
return @j_del.java_method(:getSalt, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(row))
end
raise ArgumentError, "Invalid arguments when calling get_salt(#{row})"
end
|
- (void) set_nonces(nonces = nil)
This method returns an undefined value.
Sets a ordered list of nonces where each position corresponds to a version.
The nonces are supposed not to be stored in the underlying jdbc storage but to
be provided as a application configuration. The idea is to add one extra variable
to the hash function in order to make breaking the passwords using rainbow tables
or precomputed hashes harder. Leaving the attacker only with the brute force
approach.
Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt
used during the hashing, for the PBKDF2 they map the number of iterations the algorithm
should take
108
109
110
111
112
113
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 108
def set_nonces(nonces=nil)
if nonces.class == Array && !block_given?
return @j_del.java_method(:setNonces, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(nonces))
end
raise ArgumentError, "Invalid arguments when calling set_nonces(#{nonces})"
end
|