Merge pull request #97 from AuthMe-Team/ipb4

IPB4 Support
2024-11-18 08:15:12 +01:00 · 2016-02-09 00:14:24 +01:00 · 2016-02-09 00:14:24 +01:00 · 07e5a67ad5
commit 07e5a67ad5
parent e5fd0d2025 8e38384a0d
3 changed files with 87 additions and 10 deletions
--- a/src/main/java/fr/xephi/authme/security/crypts/BCryptService.java
+++ b/src/main/java/fr/xephi/authme/security/crypts/BCryptService.java
@ -388,7 +388,7 @@ public class BCryptService {
    private static String encode_base64(byte d[], int len)
        throws IllegalArgumentException {
        int off = 0;
-        StringBuffer rs = new StringBuffer();
+        StringBuilder rs = new StringBuilder();
        int c1, c2;

        if (len <= 0 || len > d.length)
@ -441,7 +441,7 @@ public class BCryptService {
     */
    private static byte[] decode_base64(String s, int maxolen)
        throws IllegalArgumentException {
-        StringBuffer rs = new StringBuffer();
+        StringBuilder rs = new StringBuilder();
        int off = 0, slen = s.length(), olen = 0;
        byte ret[];
        byte c1, c2, c3, c4, o;
@ -486,7 +486,7 @@ public class BCryptService {
     * @param lr	an array containing the two 32-bit half blocks
     * @param off	the position in the array of the blocks
     */
-    private final void encipher(int lr[], int off) {
+    private void encipher(int lr[], int off) {
        int i, n, l = lr[off], r = lr[off + 1];

        l ^= P[0];
@ -534,8 +534,8 @@ public class BCryptService {
     * Initialise the Blowfish key schedule
     */
    private void init_key() {
-        P = (int[])P_orig.clone();
-        S = (int[])S_orig.clone();
+        P = P_orig.clone();
+        S = S_orig.clone();
    }

    /**
@ -653,8 +653,8 @@ public class BCryptService {
        String real_salt;
        byte passwordb[], saltb[], hashed[];
        char minor = (char)0;
-        int rounds, off = 0;
-        StringBuffer rs = new StringBuffer();
+        int rounds, off;
+        StringBuilder rs = new StringBuilder();

        if (salt.charAt(0) != '$' || salt.charAt(1) != '2')
            throw new IllegalArgumentException ("Invalid salt version");
@ -684,8 +684,7 @@ public class BCryptService {
        saltb = decode_base64(real_salt, BCRYPT_SALT_LEN);

        B = new BCryptService();
-        hashed = B.crypt_raw(passwordb, saltb, rounds,
-            (int[])bf_crypt_ciphertext.clone());
+        hashed = B.crypt_raw(passwordb, saltb, rounds, bf_crypt_ciphertext.clone());

        rs.append("$2");
        if (minor >= 'a')
@ -714,7 +713,7 @@ public class BCryptService {
     * @return	an encoded salt value
     */
    public static String gensalt(int log_rounds, SecureRandom random) {
-        StringBuffer rs = new StringBuffer();
+        StringBuilder rs = new StringBuilder();
        byte rnd[] = new byte[BCRYPT_SALT_LEN];

        random.nextBytes(rnd);
--- a/src/main/java/fr/xephi/authme/security/crypts/description/IPB4.java
+++ b/src/main/java/fr/xephi/authme/security/crypts/description/IPB4.java
@ -0,0 +1,56 @@
+package fr.xephi.authme.security.crypts.description;
+
+import fr.xephi.authme.ConsoleLogger;
+import fr.xephi.authme.security.crypts.BCryptService;
+import fr.xephi.authme.security.crypts.EncryptionMethod;
+import fr.xephi.authme.security.crypts.HashedPassword;
+import fr.xephi.authme.util.StringUtils;
+
+import java.security.SecureRandom;
+
+
+@Recommendation(Usage.DOES_NOT_WORK)
+@HasSalt(value = SaltType.TEXT)
+public class IPB4 implements EncryptionMethod {
+    SecureRandom random = new SecureRandom();
+
+    @Override
+    public String computeHash(String password, String salt, String name) {
+        return BCryptService.hashpw(password, "$2a$13$" + salt);
+    }
+
+    @Override
+    public HashedPassword computeHash(String password, String name) {
+        String salt = generateSalt();
+        return new HashedPassword(computeHash(password, salt, name), salt);
+    }
+
+    @Override
+    public boolean comparePassword(String password, HashedPassword hash, String name) {
+        try {
+            return hash.getHash().length() > 3 && BCryptService.checkpw(password, hash.getHash());
+        } catch (IllegalArgumentException e) {
+            ConsoleLogger.showError("Bcrypt checkpw() returned " + StringUtils.formatException(e));
+        }
+        return false;
+    }
+
+    @Override
+    public String generateSalt() {
+        StringBuilder sb = new StringBuilder(22);
+        for (int i = 0; i < 22; i++) {
+            char chr;
+            do {
+                chr = (char) (random.nextInt((122 - 48) + 1) + 48);
+            }
+            while ((chr >= 58 && chr <= 64) || (chr >= 91 && chr <= 96));
+            sb.append(chr);
+        }
+        return sb.toString();
+    }
+
+    @Override
+    public boolean hasSeparateSalt() {
+        return true;
+    }
+}
--- a/src/test/java/fr/xephi/authme/security/crypts/IPB4Test.java
+++ b/src/test/java/fr/xephi/authme/security/crypts/IPB4Test.java
@ -0,0 +1,22 @@
+package fr.xephi.authme.security.crypts;
+
+import fr.xephi.authme.security.crypts.description.IPB4;
+import fr.xephi.authme.util.WrapperMock;
+import org.junit.BeforeClass;
+
+public class IPB4Test extends AbstractEncryptionMethodTest {
+
+    @BeforeClass
+    public static void setUpSettings() {
+        WrapperMock.createInstance();
+    }
+
+    public IPB4Test() {
+        super(new IPB4(),
+            new HashedPassword("$2a$13$leEvXu77OIwPwNvtZIJvaeAx8EItGHuR3nIlq8416g0gXeJaQdrr2", "leEvXu77OIwPwNvtZIJval"),  //password
+            new HashedPassword("$2a$13$xyTTP9zhQQtRRKIJPv5AuuOGJ6Ni9FLbDhcuIAcPjt3XzCxIWe3Uu", "xyTTP9zhQQtRRKIJPv5Au3"),  //PassWord1
+            new HashedPassword("$2a$13$rGBrqErm9DZyzbxIGHlgf.xfA15/4d5Ay/TK.3y9lG3AljcoG9Lsi", "rGBrqErm9DZyzbxIGHlgfN"),  //&^%te$t?Pw@_
+            new HashedPassword("$2a$13$18dKXZLoGpeHHL81edM9HuipiUcMjn5VDJHlxwRUMRXfJ1b.ZQrJ.", "18dKXZLoGpeHHL81edM9H6")); //âË_3(íù*
+    }
+
+}