Security

java.lang.Object
- com.mysql.jdbc.Security

```
public class Security
extends java.lang.Object
```
Methods for doing secure authentication with MySQL-4.1 and newer.

Method Summary

Methods
Modifier and Type	Method and Description
`(package private) static byte[]`	`createKeyFromOldPassword(java.lang.String passwd)` Creates key from old password to decode scramble Used in 4.1 authentication with passwords stored pre-4.1 hashing.
`(package private) static byte[]`	`getBinaryPassword(int[] salt, boolean usingNewPasswords)`
`(package private) static java.lang.String`	`makeScrambledPassword(java.lang.String password)` Creates password to be stored in user database from raw string.
`(package private) static byte[]`	`passwordHashStage1(java.lang.String password)` Stage one password hashing, used in MySQL 4.1 password handling
`(package private) static byte[]`	`passwordHashStage2(byte[] hashedPassword, byte[] salt)` Stage two password hashing used in MySQL 4.1 password handling
`static byte[]`	`scramble411(java.lang.String password, java.lang.String seed, java.lang.String passwordEncoding)`
`static void`	`xorString(byte[] from, byte[] to, byte[] scramble, int length)` Encrypt/Decrypt function used for password encryption in authentication Simple XOR is used here but it is OK as we crypt random strings

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - createKeyFromOldPassword
```
static byte[] createKeyFromOldPassword(java.lang.String passwd)
                                throws java.security.NoSuchAlgorithmException
```
    Creates key from old password to decode scramble Used in 4.1 authentication with passwords stored pre-4.1 hashing.
    
    Parameters:
    passwd - the password to create the key from
    
    Returns:
    20 byte generated key
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the message digest 'SHA-1' is not available.
  - getBinaryPassword
```
static byte[] getBinaryPassword(int[] salt,
                       boolean usingNewPasswords)
                         throws java.security.NoSuchAlgorithmException
```
    Parameters:
    salt -
    usingNewPasswords -
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the message digest 'SHA-1' is not available.
  - makeScrambledPassword
```
static java.lang.String makeScrambledPassword(java.lang.String password)
                                       throws java.security.NoSuchAlgorithmException
```
    Creates password to be stored in user database from raw string. Handles Pre-MySQL 4.1 passwords.
    
    Parameters:
    password - plaintext password
    
    Returns:
    scrambled password
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the message digest 'SHA-1' is not available.
  - xorString
```
public static void xorString(byte[] from,
             byte[] to,
             byte[] scramble,
             int length)
```
    Encrypt/Decrypt function used for password encryption in authentication Simple XOR is used here but it is OK as we crypt random strings
    
    Parameters:
    from - IN Data for encryption
    to - OUT Encrypt data to the buffer (may be the same)
    scramble - IN Scramble used for encryption
    length - IN Length of data to encrypt
  - passwordHashStage1
```
static byte[] passwordHashStage1(java.lang.String password)
                          throws java.security.NoSuchAlgorithmException
```
    Stage one password hashing, used in MySQL 4.1 password handling
    
    Parameters:
    password - plaintext password
    
    Returns:
    stage one hash of password
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the message digest 'SHA-1' is not available.
  - passwordHashStage2
```
static byte[] passwordHashStage2(byte[] hashedPassword,
                        byte[] salt)
                          throws java.security.NoSuchAlgorithmException
```
    Stage two password hashing used in MySQL 4.1 password handling
    
    Parameters:
    hash - from passwordHashStage1
    salt - salt used for stage two hashing
    
    Returns:
    result of stage two password hash
    
    Throws:
    
    java.security.NoSuchAlgorithmException - if the message digest 'SHA-1' is not available.
  - scramble411
```
public static byte[] scramble411(java.lang.String password,
                 java.lang.String seed,
                 java.lang.String passwordEncoding)
                          throws java.security.NoSuchAlgorithmException,
                                 java.io.UnsupportedEncodingException
```
    Throws:
    
    java.security.NoSuchAlgorithmException
    
    java.io.UnsupportedEncodingException

Class Security

Method Summary

Methods inherited from class java.lang.Object

Method Detail

createKeyFromOldPassword

getBinaryPassword

makeScrambledPassword

xorString

passwordHashStage1

passwordHashStage2

scramble411