Class: VertxAuthJdbc::JDBCHashStrategy

Inherits:
Object
  • Object
show all
Defined in:
/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb

Overview

Determines how the hashing is computed in the implementation You can implement this to provide a different hashing strategy to the default.

Constant Summary

@@j_api_type =
Object.new

Class Method Summary (collapse)

Instance Method Summary (collapse)

Class Method Details

+ (Boolean) accept?(obj)

Returns:

  • (Boolean)

20
21
22
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 20

def @@j_api_type.accept?(obj)
  obj.class == JDBCHashStrategy
end

+ (::VertxAuthJdbc::JDBCHashStrategy) create_pbkdf2(vertx = nil)

Implements a Hashing Strategy as per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet (2018-01-17). New deployments should use this strategy instead of the default one (which was the previous OWASP recommendation). The work factor can be updated by using the nonces json array.

Parameters:

Returns:

Raises:

  • (ArgumentError)

52
53
54
55
56
57
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 52

def self.create_pbkdf2(vertx=nil)
  if vertx.class.method_defined?(:j_del) && !block_given?
    return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createPBKDF2, [Java::IoVertxCore::Vertx.java_class]).call(vertx.j_del),::VertxAuthJdbc::JDBCHashStrategy)
  end
  raise ArgumentError, "Invalid arguments when calling create_pbkdf2(#{vertx})"
end

+ (::VertxAuthJdbc::JDBCHashStrategy) create_sha512(vertx = nil)

This is the current backwards compatible hashing implementation, new applications should prefer the PBKDF2 implementation, unless the tradeoff between security and CPU usage is an option.

Parameters:

Returns:

Raises:

  • (ArgumentError)

39
40
41
42
43
44
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 39

def self.create_sha512(vertx=nil)
  if vertx.class.method_defined?(:j_del) && !block_given?
    return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:createSHA512, [Java::IoVertxCore::Vertx.java_class]).call(vertx.j_del),::VertxAuthJdbc::JDBCHashStrategy)
  end
  raise ArgumentError, "Invalid arguments when calling create_sha512(#{vertx})"
end

+ (true, false) equal?(hasha = nil, hashb = nil)

Time constant string comparision to avoid timming attacks.

Parameters:

  • hasha (String) (defaults to: nil)
    hash a to compare
  • hashb (String) (defaults to: nil)
    hash b to compare

Returns:

  • (true, false)
    true if equal

Raises:

  • (ArgumentError)

118
119
120
121
122
123
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 118

def self.equal?(hasha=nil,hashb=nil)
  if hasha.class == String && hashb.class == String && !block_given?
    return Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_method(:isEqual, [Java::java.lang.String.java_class,Java::java.lang.String.java_class]).call(hasha,hashb)
  end
  raise ArgumentError, "Invalid arguments when calling equal?(#{hasha},#{hashb})"
end

+ (Object) j_api_type


29
30
31
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 29

def self.j_api_type
  @@j_api_type
end

+ (Object) j_class


32
33
34
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 32

def self.j_class
  Java::IoVertxExtAuthJdbc::JDBCHashStrategy.java_class
end

+ (Object) unwrap(obj)


26
27
28
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 26

def @@j_api_type.unwrap(obj)
  obj.j_del
end

+ (Object) wrap(obj)


23
24
25
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 23

def @@j_api_type.wrap(obj)
  JDBCHashStrategy.new(obj)
end

Instance Method Details

- (String) compute_hash(password = nil, salt = nil, version = nil)

Compute the hashed password given the unhashed password and the salt

Parameters:

  • password (String) (defaults to: nil)
    the unhashed password
  • salt (String) (defaults to: nil)
    the salt
  • version (Fixnum) (defaults to: nil)
    the nonce version to use

Returns:

  • (String)
    the hashed password

Raises:

  • (ArgumentError)

71
72
73
74
75
76
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 71

def compute_hash(password=nil,salt=nil,version=nil)
  if password.class == String && salt.class == String && version.class == Fixnum && !block_given?
    return @j_del.java_method(:computeHash, [Java::java.lang.String.java_class,Java::java.lang.String.java_class,Java::int.java_class]).call(password,salt,version)
  end
  raise ArgumentError, "Invalid arguments when calling compute_hash(#{password},#{salt},#{version})"
end

- (String) generate_salt

Compute a random salt.

Returns:

  • (String)
    a non null salt value

Raises:

  • (ArgumentError)

60
61
62
63
64
65
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 60

def generate_salt
  if !block_given?
    return @j_del.java_method(:generateSalt, []).call()
  end
  raise ArgumentError, "Invalid arguments when calling generate_salt()"
end

- (String) get_hashed_stored_pwd(row = nil)

Retrieve the hashed password from the result of the authentication query

Parameters:

  • row (Array<String,Object>) (defaults to: nil)
    the row

Returns:

  • (String)
    the hashed password

Raises:

  • (ArgumentError)

80
81
82
83
84
85
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 80

def get_hashed_stored_pwd(row=nil)
  if row.class == Array && !block_given?
    return @j_del.java_method(:getHashedStoredPwd, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(row))
  end
  raise ArgumentError, "Invalid arguments when calling get_hashed_stored_pwd(#{row})"
end

- (String) get_salt(row = nil)

Retrieve the salt from the result of the authentication query

Parameters:

  • row (Array<String,Object>) (defaults to: nil)
    the row

Returns:

  • (String)
    the salt

Raises:

  • (ArgumentError)

89
90
91
92
93
94
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 89

def get_salt(row=nil)
  if row.class == Array && !block_given?
    return @j_del.java_method(:getSalt, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(row))
  end
  raise ArgumentError, "Invalid arguments when calling get_salt(#{row})"
end

- (void) set_nonces(nonces = nil)

This method returns an undefined value.

Sets a ordered list of nonces where each position corresponds to a version. The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach. Nonces are dependent on the implementation. E.g.: for the SHA512 they are extra salt used during the hashing, for the PBKDF2 they map the number of iterations the algorithm should take

Parameters:

  • nonces (Array<String,Object>) (defaults to: nil)
    a json array.

Raises:

  • (ArgumentError)

108
109
110
111
112
113
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-auth-jdbc/jdbc_hash_strategy.rb', line 108

def set_nonces(nonces=nil)
  if nonces.class == Array && !block_given?
    return @j_del.java_method(:setNonces, [Java::IoVertxCoreJson::JsonArray.java_class]).call(::Vertx::Util::Utils.to_json_array(nonces))
  end
  raise ArgumentError, "Invalid arguments when calling set_nonces(#{nonces})"
end