Merge pull request #97 from AuthMe-Team/ipb4

IPB4 Support
This commit is contained in:
Gabriele C 2016-02-09 00:14:24 +01:00
commit 07e5a67ad5
3 changed files with 87 additions and 10 deletions

View File

@ -388,7 +388,7 @@ public class BCryptService {
private static String encode_base64(byte d[], int len) private static String encode_base64(byte d[], int len)
throws IllegalArgumentException { throws IllegalArgumentException {
int off = 0; int off = 0;
StringBuffer rs = new StringBuffer(); StringBuilder rs = new StringBuilder();
int c1, c2; int c1, c2;
if (len <= 0 || len > d.length) if (len <= 0 || len > d.length)
@ -441,7 +441,7 @@ public class BCryptService {
*/ */
private static byte[] decode_base64(String s, int maxolen) private static byte[] decode_base64(String s, int maxolen)
throws IllegalArgumentException { throws IllegalArgumentException {
StringBuffer rs = new StringBuffer(); StringBuilder rs = new StringBuilder();
int off = 0, slen = s.length(), olen = 0; int off = 0, slen = s.length(), olen = 0;
byte ret[]; byte ret[];
byte c1, c2, c3, c4, o; byte c1, c2, c3, c4, o;
@ -486,7 +486,7 @@ public class BCryptService {
* @param lr an array containing the two 32-bit half blocks * @param lr an array containing the two 32-bit half blocks
* @param off the position in the array of the blocks * @param off the position in the array of the blocks
*/ */
private final void encipher(int lr[], int off) { private void encipher(int lr[], int off) {
int i, n, l = lr[off], r = lr[off + 1]; int i, n, l = lr[off], r = lr[off + 1];
l ^= P[0]; l ^= P[0];
@ -534,8 +534,8 @@ public class BCryptService {
* Initialise the Blowfish key schedule * Initialise the Blowfish key schedule
*/ */
private void init_key() { private void init_key() {
P = (int[])P_orig.clone(); P = P_orig.clone();
S = (int[])S_orig.clone(); S = S_orig.clone();
} }
/** /**
@ -653,8 +653,8 @@ public class BCryptService {
String real_salt; String real_salt;
byte passwordb[], saltb[], hashed[]; byte passwordb[], saltb[], hashed[];
char minor = (char)0; char minor = (char)0;
int rounds, off = 0; int rounds, off;
StringBuffer rs = new StringBuffer(); StringBuilder rs = new StringBuilder();
if (salt.charAt(0) != '$' || salt.charAt(1) != '2') if (salt.charAt(0) != '$' || salt.charAt(1) != '2')
throw new IllegalArgumentException ("Invalid salt version"); throw new IllegalArgumentException ("Invalid salt version");
@ -684,8 +684,7 @@ public class BCryptService {
saltb = decode_base64(real_salt, BCRYPT_SALT_LEN); saltb = decode_base64(real_salt, BCRYPT_SALT_LEN);
B = new BCryptService(); B = new BCryptService();
hashed = B.crypt_raw(passwordb, saltb, rounds, hashed = B.crypt_raw(passwordb, saltb, rounds, bf_crypt_ciphertext.clone());
(int[])bf_crypt_ciphertext.clone());
rs.append("$2"); rs.append("$2");
if (minor >= 'a') if (minor >= 'a')
@ -714,7 +713,7 @@ public class BCryptService {
* @return an encoded salt value * @return an encoded salt value
*/ */
public static String gensalt(int log_rounds, SecureRandom random) { public static String gensalt(int log_rounds, SecureRandom random) {
StringBuffer rs = new StringBuffer(); StringBuilder rs = new StringBuilder();
byte rnd[] = new byte[BCRYPT_SALT_LEN]; byte rnd[] = new byte[BCRYPT_SALT_LEN];
random.nextBytes(rnd); random.nextBytes(rnd);

View File

@ -0,0 +1,56 @@
package fr.xephi.authme.security.crypts.description;
import fr.xephi.authme.ConsoleLogger;
import fr.xephi.authme.security.crypts.BCryptService;
import fr.xephi.authme.security.crypts.EncryptionMethod;
import fr.xephi.authme.security.crypts.HashedPassword;
import fr.xephi.authme.util.StringUtils;
import java.security.SecureRandom;
@Recommendation(Usage.DOES_NOT_WORK)
@HasSalt(value = SaltType.TEXT)
public class IPB4 implements EncryptionMethod {
SecureRandom random = new SecureRandom();
@Override
public String computeHash(String password, String salt, String name) {
return BCryptService.hashpw(password, "$2a$13$" + salt);
}
@Override
public HashedPassword computeHash(String password, String name) {
String salt = generateSalt();
return new HashedPassword(computeHash(password, salt, name), salt);
}
@Override
public boolean comparePassword(String password, HashedPassword hash, String name) {
try {
return hash.getHash().length() > 3 && BCryptService.checkpw(password, hash.getHash());
} catch (IllegalArgumentException e) {
ConsoleLogger.showError("Bcrypt checkpw() returned " + StringUtils.formatException(e));
}
return false;
}
@Override
public String generateSalt() {
StringBuilder sb = new StringBuilder(22);
for (int i = 0; i < 22; i++) {
char chr;
do {
chr = (char) (random.nextInt((122 - 48) + 1) + 48);
}
while ((chr >= 58 && chr <= 64) || (chr >= 91 && chr <= 96));
sb.append(chr);
}
return sb.toString();
}
@Override
public boolean hasSeparateSalt() {
return true;
}
}

View File

@ -0,0 +1,22 @@
package fr.xephi.authme.security.crypts;
import fr.xephi.authme.security.crypts.description.IPB4;
import fr.xephi.authme.util.WrapperMock;
import org.junit.BeforeClass;
public class IPB4Test extends AbstractEncryptionMethodTest {
@BeforeClass
public static void setUpSettings() {
WrapperMock.createInstance();
}
public IPB4Test() {
super(new IPB4(),
new HashedPassword("$2a$13$leEvXu77OIwPwNvtZIJvaeAx8EItGHuR3nIlq8416g0gXeJaQdrr2", "leEvXu77OIwPwNvtZIJval"), //password
new HashedPassword("$2a$13$xyTTP9zhQQtRRKIJPv5AuuOGJ6Ni9FLbDhcuIAcPjt3XzCxIWe3Uu", "xyTTP9zhQQtRRKIJPv5Au3"), //PassWord1
new HashedPassword("$2a$13$rGBrqErm9DZyzbxIGHlgf.xfA15/4d5Ay/TK.3y9lG3AljcoG9Lsi", "rGBrqErm9DZyzbxIGHlgfN"), //&^%te$t?Pw@_
new HashedPassword("$2a$13$18dKXZLoGpeHHL81edM9HuipiUcMjn5VDJHlxwRUMRXfJ1b.ZQrJ.", "18dKXZLoGpeHHL81edM9H6")); //âË_3(íù*
}
}