-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mike Moran wrote:
> I've been looking into what algorithm MySQL 4.1.7 uses for password
> hashing/encryption, with a view to ascertaining how secure it is. Does
> it conform to any combinations of published Specs e.g. MD5/SHA-1/etc?
>
> I had a look at com.mysql.jdbc.Util#newHash() and #newCrypt() in
> Connector/J 3.0, but the code is somewhat opaque. Is this algorithm
> native to MySQL or is it just an implementation of a published
> algorithm? Is it worth my time trying to track down the intriguing
> 'Monty' code mentioned in Util.java?
>
> Ta,
>
Mike,
MySQL-4.1.7 uses SHA-1. The code you're looking at is for MySQL-4.0 and
older. See MysqlIO.secureAuth411(), which also happens to have the
entire algorithm in a comment block ;)
-Mark
- --
Mark Matthews
MySQL AB, Software Development Manager - Client Connectivity
Office: +1 708 332 0507
www.mysql.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBwE6rtvXNTca6JD8RAoPXAJ94K07bT9Z9PcioDnrLYSgs3SqRoQCeKBu/
DsQkRNkfYRDoahIYMZ1mhuQ=
=fA0E
-----END PGP SIGNATURE-----
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
