Upstream/AuthMeReloaded
1
0
Fork 0
mirror of https://github.com/AuthMe/AuthMeReloaded.git synced 2025-02-23 15:21:30 +01:00
Code Issues Projects Releases Wiki Activity

Fix Django crypt

Browse Source
This commit is contained in:
bakatrouble 2016-02-15 00:37:37 +03:00
parent b1dd082c5c
commit 189f91611a
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/fr/xephi/authme/security/crypts/CryptPBKDF2Django.java
View File

@ -9,6 +9,7 @@ import java.security.NoSuchAlgorithmException;
/** /**
*/ */
public class CryptPBKDF2Django implements EncryptionMethod { public class CryptPBKDF2Django implements EncryptionMethod {
final Integer DEFAULT_ITERATIONS = 24000;
/** /**
* Method getHash. * Method getHash.
@ -22,8 +23,8 @@ public class CryptPBKDF2Django implements EncryptionMethod {
@Override @Override
public String getHash(String password, String salt, String name) public String getHash(String password, String salt, String name)
throws NoSuchAlgorithmException { throws NoSuchAlgorithmException {
String result = "pbkdf2_sha256$15000$" + salt + "$"; String result = "pbkdf2_sha256$" + DEFAULT_ITERATIONS.toString() + "$" + salt + "$";
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000); PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), DEFAULT_ITERATIONS);
PBKDF2Engine engine = new PBKDF2Engine(params); PBKDF2Engine engine = new PBKDF2Engine(params);
return result + String.valueOf(DatatypeConverter.printBase64Binary(engine.deriveKey(password, 32))); return result + String.valueOf(DatatypeConverter.printBase64Binary(engine.deriveKey(password, 32)));
@ -42,9 +43,10 @@ public class CryptPBKDF2Django implements EncryptionMethod {
public boolean comparePassword(String hash, String password, public boolean comparePassword(String hash, String password,
String playerName) throws NoSuchAlgorithmException { String playerName) throws NoSuchAlgorithmException {
String[] line = hash.split("\\$"); String[] line = hash.split("\\$");
int iterations = Integer.parseInt(line[1]);
String salt = line[2]; String salt = line[2];
byte[] derivedKey = DatatypeConverter.parseBase64Binary(line[3]); byte[] derivedKey = DatatypeConverter.parseBase64Binary(line[3]);
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000, derivedKey); PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), iterations, derivedKey);
PBKDF2Engine engine = new PBKDF2Engine(params); PBKDF2Engine engine = new PBKDF2Engine(params);
return engine.verifyKey(password); return engine.verifyKey(password);
} }