/*
* Copyright 2016 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package com.github.netty.protocol.mysql;
import com.github.netty.protocol.mysql.client.ClientHandshakePacket;
import io.netty.buffer.ByteBuf;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* Calculates a password hash for {@code mysql_native_password} authentication.
*/
public class MysqlNativePasswordUtil {
public static byte[] hashPassword(String password, ByteBuf saltBuf) {
byte[] salt = new byte[saltBuf.readableBytes()];
saltBuf.readBytes(salt);
return hashPassword(password, salt);
}
/**
* Calculates a hash of the user's password.
*
* @param password the user's password
* @param salt the salt send from the server in the {@link ClientHandshakePacket} packet.
* @return the hashed password
*/
public static byte[] hashPassword(String password, byte[] salt) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] hashedPassword = md.digest(password.getBytes());
md.reset();
byte[] doubleHashedPassword = md.digest(hashedPassword);
md.reset();
md.update(salt, 0, 20);
md.update(doubleHashedPassword);
byte[] hash = md.digest();
for (int i = 0; i < hash.length; i++) {
hash[i] = (byte) (hash[i] ^ hashedPassword[i]);
}
return hash;
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
}
