com.mysql.cj.sasl

Class ScramSha1SaslClient

java.lang.Object

com.mysql.cj.sasl.ScramShaSaslClient

com.mysql.cj.sasl.ScramSha1SaslClient

All Implemented Interfaces:

javax.security.sasl.SaslClient

public class ScramSha1SaslClient
extends ScramShaSaslClient

A SaslClient implementation for SCRAM-SHA-1, as specified in RFC 5802. The IANA-registered mechanism was renamed to "MYSQLCJ-SCRAM-SHA-1" in order to avoid future conflicts with an officially supported implementation. When there is a Java-supported implementation for SCRAM-SHA-1, it will have to be thoroughly tested with Connector/J and if that works, this code can be obsoleted.

Nested Class Summary

Nested classes/interfaces inherited from class com.mysql.cj.sasl.ScramShaSaslClient

ScramShaSaslClient.ScramExchangeStage

Field Summary

Fields

Modifier and Type	Field and Description
private static java.lang.String	HMAC_SHA1_ALGORITHM
static java.lang.String	IANA_MECHANISM_NAME
static java.lang.String	MECHANISM_NAME
private static java.lang.String	PBKCF2_HMAC_SHA1_ALGORITHM
private static java.lang.String	SHA1_ALGORITHM
private static int	SHA1_HASH_LENGTH

Fields inherited from class com.mysql.cj.sasl.ScramShaSaslClient

authenticationId, authorizationId, CLIENT_KEY, clientFirstMessageBare, cNonce, GS2_CBIND_FLAG, gs2Header, MINIMUM_ITERATIONS, password, scramStage, SERVER_KEY, serverSignature

Constructor Summary

Constructors

Constructor and Description
ScramSha1SaslClient(java.lang.String authorizationId, java.lang.String authenticationId, java.lang.String password)

Method Summary

Modifier and Type	Method and Description
(package private) java.lang.String	getIanaMechanismName() Returns the real IANA-registered mechanism name of this SASL client.
java.lang.String	getMechanismName()
(package private) byte[]	h(byte[] str) The "H(str)" cryptographic hash function as described in RFC 5802, Section 2.2.
(package private) byte[]	hi(java.lang.String str, byte[] salt, int iterations) The "Hi(str, salt, i)" PBKDF2 function as described in RFC 5802, Section 2.2.
(package private) byte[]	hmac(byte[] key, byte[] str) The "HMAC(key, str)" HMAC keyed hash algorithm as described in RFC 5802, Section 2.2.

Methods inherited from class com.mysql.cj.sasl.ScramShaSaslClient

dispose, evaluateChallenge, getNegotiatedProperty, hasInitialResponse, isComplete, unwrap, wrap, xorInPlace

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

IANA_MECHANISM_NAME

public static final java.lang.String IANA_MECHANISM_NAME

See Also:

Constant Field Values

MECHANISM_NAME

public static final java.lang.String MECHANISM_NAME

See Also:

Constant Field Values

SHA1_ALGORITHM

private static final java.lang.String SHA1_ALGORITHM

See Also:

Constant Field Values

HMAC_SHA1_ALGORITHM

private static final java.lang.String HMAC_SHA1_ALGORITHM

See Also:

Constant Field Values

PBKCF2_HMAC_SHA1_ALGORITHM

private static final java.lang.String PBKCF2_HMAC_SHA1_ALGORITHM

See Also:

Constant Field Values

SHA1_HASH_LENGTH

private static final int SHA1_HASH_LENGTH

See Also:

Constant Field Values

Constructor Detail

ScramSha1SaslClient

public ScramSha1SaslClient(java.lang.String authorizationId,
                           java.lang.String authenticationId,
                           java.lang.String password)
                    throws javax.security.sasl.SaslException

Throws:

javax.security.sasl.SaslException

Method Detail

getIanaMechanismName

java.lang.String getIanaMechanismName()

Description copied from class: ScramShaSaslClient

Returns the real IANA-registered mechanism name of this SASL client. This is the same as SaslClient.getMechanismName() except that subclasses may use custom mechanism names to avoid future name clashes.

Specified by:

getIanaMechanismName in class ScramShaSaslClient

Returns:

a non-null string representing the IANA-registered mechanism name.

getMechanismName

public java.lang.String getMechanismName()

h

byte[] h(byte[] str)

The "H(str)" cryptographic hash function as described in RFC 5802, Section 2.2. This implementation corresponds to SHA-1.

Specified by:

h in class ScramShaSaslClient

Parameters:

str - the string to hash.

Returns:

the hash value of the given string.

hmac

byte[] hmac(byte[] key,
            byte[] str)

The "HMAC(key, str)" HMAC keyed hash algorithm as described in RFC 5802, Section 2.2. This implementation corresponds to 'HmacSHA1'.

Specified by:

hmac in class ScramShaSaslClient

Parameters:

key - the hash key.

str - the input string.

Returns:

the hashed value of the given params.

hi

byte[] hi(java.lang.String str,
          byte[] salt,
          int iterations)

The "Hi(str, salt, i)" PBKDF2 function as described in RFC 5802, Section 2.2. This implementation corresponds to 'PBKDF2WithHmacSHA1'.

Specified by:

hi in class ScramShaSaslClient

Parameters:

str - the string value to use as the internal HMAC key.

salt - the input string to hash in the initial iteration.

iterations - the number of iterations to run the algorithm.

Returns:

an hash value with an output length equal to the length of H(str).