null.
- * @return Hexadecimal representation of b. Uppercase A-F, two characters
- * per byte. Empty string on null input.
- */
- public static String bin2hex(final byte[] b) {
- if (b == null) {
- return "";
- }
- StringBuffer sb = new StringBuffer(2 * b.length);
- for (int i = 0; i < b.length; i++) {
- int v = (256 + b[i]) % 256;
- sb.append(hex.charAt((v / 16) & 15));
- sb.append(hex.charAt((v % 16) & 15));
- }
- return sb.toString();
- }
-
- /**
- * Convert hex string to array of bytes.
- *
- * @param s
- * String containing hexadecimal digits. May be null
- * . On odd length leading zero will be assumed.
- * @return Array on bytes, non-null.
- * @throws IllegalArgumentException
- * when string contains non-hex character
- */
- public static byte[] hex2bin(final String s) {
- String m = s;
- if (s == null) {
- // Allow empty input string.
- m = "";
- } else if (s.length() % 2 != 0) {
- // Assume leading zero for odd string length
- m = "0" + s;
- }
- byte r[] = new byte[m.length() / 2];
- for (int i = 0, n = 0; i < m.length(); n++) {
- char h = m.charAt(i++);
- char l = m.charAt(i++);
- r[n] = (byte) (hex2bin(h) * 16 + hex2bin(l));
- }
- return r;
- }
-
- /**
- * Convert hex digit to numerical value.
- *
- * @param c
- * 0-9, a-f, A-F allowd.
- * @return 0-15
- * @throws IllegalArgumentException
- * on non-hex character
- */
- public static int hex2bin(char c) {
- if (c >= '0' && c <= '9') {
- return (c - '0');
- }
- if (c >= 'A' && c <= 'F') {
- return (c - 'A' + 10);
- }
- if (c >= 'a' && c <= 'f') {
- return (c - 'a' + 10);
- }
- throw new IllegalArgumentException("Input string may only contain hex digits, but found '" + c + "'");
- }
-
- public static void main(String[] args) {
- byte b[] = new byte[256];
- byte bb = 0;
- for (int i = 0; i < 256; i++) {
- b[i] = bb++;
- }
- String s = bin2hex(b);
- byte c[] = hex2bin(s);
- String t = bin2hex(c);
- if (!s.equals(t)) {
- throw new AssertionError("Mismatch");
- }
- }
-}
diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/MacBasedPRF.java b/src/main/java/fr/xephi/authme/security/pbkdf2/MacBasedPRF.java
deleted file mode 100644
index 88ff11bfc..000000000
--- a/src/main/java/fr/xephi/authme/security/pbkdf2/MacBasedPRF.java
+++ /dev/null
@@ -1,96 +0,0 @@
-package fr.xephi.authme.security.pbkdf2;
-
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-
-/**
- * - * Default PRF implementation based on standard javax.crypt.Mac mechanisms. - *
- *- * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public class MacBasedPRF implements PRF { - - protected Mac mac; - - protected int hLen; - - protected final String macAlgorithm; - - /** - * Create Mac-based Pseudo Random Function. - * - * @param macAlgorithm Mac algorithm to use, i.e. HMacSHA1 or HMacMD5. - */ - public MacBasedPRF(String macAlgorithm) { - this.macAlgorithm = macAlgorithm; - try { - mac = Mac.getInstance(macAlgorithm); - hLen = mac.getMacLength(); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e); - } - } - - public MacBasedPRF(String macAlgorithm, String provider) { - this.macAlgorithm = macAlgorithm; - try { - mac = Mac.getInstance(macAlgorithm, provider); - hLen = mac.getMacLength(); - } catch (NoSuchAlgorithmException | NoSuchProviderException e) { - throw new RuntimeException(e); - } - } - - @Override - public byte[] doFinal(byte[] M) { - byte[] r = mac.doFinal(M); - return r; - } - - @Override - public int getHLen() { - return hLen; - } - - @Override - public void init(byte[] P) { - try { - mac.init(new SecretKeySpec(P, macAlgorithm)); - } catch (InvalidKeyException e) { - throw new RuntimeException(e); - } - } -} diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2.java deleted file mode 100644 index 59bc96df2..000000000 --- a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2.java +++ /dev/null @@ -1,97 +0,0 @@ -package fr.xephi.authme.security.pbkdf2; - -/** - *- * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public interface PBKDF2 { - - /** - * Convert String-based input to internal byte array, then invoke PBKDF2. - * Desired key length defaults to Pseudo Random Function block size. - * - * @param inputPassword Candidate password to compute the derived key for. - * - * @return internal byte array - */ - byte[] deriveKey(String inputPassword); - - /** - * Convert String-based input to internal byte array, then invoke PBKDF2. - * - * @param inputPassword Candidate password to compute the derived key for. - * @param dkLen Specify desired key length - * - * @return internal byte array - */ - byte[] deriveKey(String inputPassword, int dkLen); - - /** - * Convert String-based input to internal byte arrays, then invoke PBKDF2 - * and verify result against the reference data that is supplied in the - * PBKDF2Parameters. - * - * @param inputPassword Candidate password to compute the derived key for. - * - * @returntrue password match; false incorrect
- * password
- */
- boolean verifyKey(String inputPassword);
-
- /**
- * Allow reading of configured parameters.
- *
- * @return Currently set parameters.
- */
- PBKDF2Parameters getParameters();
-
- /**
- * Allow setting of configured parameters.
- *
- * @param parameters PBKDF2Parameters
- */
- void setParameters(PBKDF2Parameters parameters);
-
- /**
- * Get currently set Pseudo Random Function.
- *
- * @return Currently set Pseudo Random Function
- */
- PRF getPseudoRandomFunction();
-
- /**
- * Set the Pseudo Random Function to use. Note that deriveKeys/getPRF does
- * init this object using the supplied candidate password. If this is
- * undesired, one has to override getPRF.
- *
- * @param prf Pseudo Random Function to set.
- */
- void setPseudoRandomFunction(PRF prf);
-}
diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Engine.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Engine.java
deleted file mode 100644
index d32b8752d..000000000
--- a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Engine.java
+++ /dev/null
@@ -1,346 +0,0 @@
-package fr.xephi.authme.security.pbkdf2;
-
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-/**
- * - * Request for Comments: 2898 PKCS #5: Password-Based Cryptography Specification - *
- * Version 2.0 - *
- *- * PBKDF2 (P, S, c, dkLen) - *
- * Options: - *- * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see - * http://www. - * gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - * @see RFC 2898 - */ -public class PBKDF2Engine implements PBKDF2 { - - protected PBKDF2Parameters parameters; - - protected PRF prf; - - /** - * Constructor for PBKDF2 implementation object. PBKDF2 parameters must be - * passed later. - */ - public PBKDF2Engine() { - this.parameters = null; - prf = null; - } - - /** - * Constructor for PBKDF2 implementation object. PBKDF2 parameters are - * passed so that this implementation knows iteration count, method to use - * and String encoding. - * - * @param parameters Data holder for iteration count, method to use et cetera. - */ - public PBKDF2Engine(PBKDF2Parameters parameters) { - this.parameters = parameters; - prf = null; - } - - /** - * Constructor for PBKDF2 implementation object. PBKDF2 parameters are - * passed so that this implementation knows iteration count, method to use - * and String encoding. - * - * @param parameters Data holder for iteration count, method to use et cetera. - * @param prf Supply customer Pseudo Random Function. - */ - public PBKDF2Engine(PBKDF2Parameters parameters, PRF prf) { - this.parameters = parameters; - this.prf = prf; - } - - /** - * Convenience client function. Convert supplied password with random 8-byte - * salt and 1000 iterations using HMacSHA1. Assume that password is in - * ISO-8559-1 encoding. Output result as - * "Salt:iteration-count:PBKDF2" with binary data in hexadecimal - * encoding. - *- * Example: Password "password" (without the quotes) leads to - * 48290A0B96C426C3:1000:973899B1D4AFEB3ED371060D0797E0EE0142BD04 - *
- * @param args Supply the password as argument. - * - * @throws IOException an ioexception occured - * @throws NoSuchAlgorithmException a NoSuchAlgorithmException occured - */ - public static void main(String[] args) - throws IOException, NoSuchAlgorithmException { - String password = "password"; - String candidate = null; - PBKDF2Formatter formatter = new PBKDF2HexFormatter(); - - if (args.length >= 1) { - password = args[0]; - } - if (args.length >= 2) { - candidate = args[1]; - } - if (candidate == null) { - // Creation mode - SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); - byte[] salt = new byte[8]; - sr.nextBytes(salt); - int iterations = 1000; - PBKDF2Parameters p = new PBKDF2Parameters("HmacSHA1", "ISO-8859-1", salt, iterations); - PBKDF2Engine e = new PBKDF2Engine(p); - p.setDerivedKey(e.deriveKey(password)); - candidate = formatter.toString(p); - } else { - // Verification mode - PBKDF2Parameters p = new PBKDF2Parameters(); - p.setHashAlgorithm("HmacSHA1"); - p.setHashCharset("ISO-8859-1"); - if (formatter.fromString(p, candidate)) { - throw new IllegalArgumentException("Candidate data does not have correct format (\"" + candidate + "\")"); - } - PBKDF2Engine e = new PBKDF2Engine(p); - boolean verifyOK = e.verifyKey(password); - System.exit(verifyOK ? 0 : 1); - } - } - - @Override - public byte[] deriveKey(String inputPassword) { - return deriveKey(inputPassword, 0); - } - - @Override - public byte[] deriveKey(String inputPassword, int dkLen) { - byte[] r = null; - byte[] P = null; - String charset = parameters.getHashCharset(); - if (inputPassword == null) { - inputPassword = ""; - } - try { - if (charset == null) { - P = inputPassword.getBytes(); - } else { - P = inputPassword.getBytes(charset); - } - } catch (UnsupportedEncodingException e) { - throw new RuntimeException(e); - } - assertPRF(P); - if (dkLen == 0) { - dkLen = prf.getHLen(); - } - r = PBKDF2(prf, parameters.getSalt(), parameters.getIterationCount(), dkLen); - return r; - } - - @Override - public boolean verifyKey(String inputPassword) { - byte[] referenceKey = getParameters().getDerivedKey(); - if (referenceKey == null || referenceKey.length == 0) { - return false; - } - byte[] inputKey = deriveKey(inputPassword, referenceKey.length); - - if (inputKey == null || inputKey.length != referenceKey.length) { - return false; - } - for (int i = 0; i < inputKey.length; i++) { - if (inputKey[i] != referenceKey[i]) { - return false; - } - } - return true; - } - - /** - * Factory method. Default implementation is (H)MAC-based. To be overridden - * in derived classes. - * - * @param P User-supplied candidate password as array of bytes. - */ - protected void assertPRF(byte[] P) { - if (prf == null) { - prf = new MacBasedPRF(parameters.getHashAlgorithm()); - } - prf.init(P); - } - - @Override - public PRF getPseudoRandomFunction() { - return prf; - } - - @Override - public void setPseudoRandomFunction(PRF prf) { - this.prf = prf; - } - - /** - * Core Password Based Key Derivation Function 2. - * - * @param prf Pseudo Random Function (i.e. HmacSHA1) - * @param S Salt as array of bytes.null means no salt.
- * @param c Iteration count (see RFC 2898 4.2)
- * @param dkLen desired length of derived key.
- *
- * @return internal byte array * @see RFC 2898 5.2
- */
- protected byte[] PBKDF2(PRF prf, byte[] S, int c, int dkLen) {
- if (S == null) {
- S = new byte[0];
- }
- int hLen = prf.getHLen();
- int l = ceil(dkLen, hLen);
- int r = dkLen - (l - 1) * hLen;
- byte T[] = new byte[l * hLen];
- int ti_offset = 0;
- for (int i = 1; i <= l; i++) {
- _F(T, ti_offset, prf, S, c, i);
- ti_offset += hLen;
- }
- if (r < hLen) {
- // Incomplete last block
- byte DK[] = new byte[dkLen];
- System.arraycopy(T, 0, DK, 0, dkLen);
- return DK;
- }
- return T;
- }
-
- /**
- * Integer division with ceiling function.
- *
- * @param a Integer
- * @param b Integer
- *
- * @return ceil(a/b) * @see RFC 2898 5.2 Step
- * 2.
- */
- protected int ceil(int a, int b) {
- int m = 0;
- if (a % b > 0) {
- m = 1;
- }
- return a / b + m;
- }
-
- /**
- * Function F.
- *
- * @param dest Destination byte buffer
- * @param offset Offset into destination byte buffer
- * @param prf Pseudo Random Function
- * @param S Salt as array of bytes
- * @param c Iteration count
- * @param blockIndex Integer
- *
- * @see RFC 2898 5.2 Step
- * 3.
- */
- protected void _F(byte[] dest, int offset, PRF prf, byte[] S, int c,
- int blockIndex) {
- int hLen = prf.getHLen();
- byte U_r[] = new byte[hLen];
-
- // U0 = S || INT (i);
- byte U_i[] = new byte[S.length + 4];
- System.arraycopy(S, 0, U_i, 0, S.length);
- INT(U_i, S.length, blockIndex);
-
- for (int i = 0; i < c; i++) {
- U_i = prf.doFinal(U_i);
- xor(U_r, U_i);
- }
- System.arraycopy(U_r, 0, dest, offset, hLen);
- }
-
- /**
- * Block-Xor. Xor source bytes into destination byte buffer. Destination
- * buffer must be same length or less than source buffer.
- *
- * @param dest byte array
- * @param src byte array
- */
- protected void xor(byte[] dest, byte[] src) {
- for (int i = 0; i < dest.length; i++) {
- dest[i] ^= src[i];
- }
- }
-
- /**
- * Four-octet encoding of the integer i, most significant octet first.
- *
- * @param dest byte array
- * @param offset Integer
- * @param i Integer
- *
- * @see RFC 2898 5.2 Step
- * 3.
- */
- protected void INT(byte[] dest, int offset, int i) {
- dest[offset] = (byte) (i / (256 * 256 * 256));
- dest[offset + 1] = (byte) (i / (256 * 256));
- dest[offset + 2] = (byte) (i / (256));
- dest[offset + 3] = (byte) (i);
- }
-
- @Override
- public PBKDF2Parameters getParameters() {
- return parameters;
- }
-
- @Override
- public void setParameters(PBKDF2Parameters parameters) {
- this.parameters = parameters;
- }
-}
diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Formatter.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Formatter.java
deleted file mode 100644
index 3916d1c03..000000000
--- a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Formatter.java
+++ /dev/null
@@ -1,56 +0,0 @@
-package fr.xephi.authme.security.pbkdf2;
-
-/**
- * - * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public interface PBKDF2Formatter { - - /** - * Convert parameters to String. - * - * @param p Parameters object to output. - * - * @return String representation - */ - String toString(PBKDF2Parameters p); - - /** - * Convert String to parameters. Depending on actual implementation, it may - * be required to set further fields externally. - * - * @param s String representation of parameters to decode. - * @param p PBKDF2Parameters - * - * @returnfalse syntax OK, true some syntax
- * issue.
- */
- boolean fromString(PBKDF2Parameters p, String s);
-}
diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2HexFormatter.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2HexFormatter.java
deleted file mode 100644
index 54544a4c2..000000000
--- a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2HexFormatter.java
+++ /dev/null
@@ -1,62 +0,0 @@
-package fr.xephi.authme.security.pbkdf2;
-
-/**
- * - * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public class PBKDF2HexFormatter implements PBKDF2Formatter { - - @Override - public boolean fromString(PBKDF2Parameters p, String s) { - if (p == null || s == null) { - return true; - } - - String[] p123 = s.split(":"); - if (p123.length != 3) { - return true; - } - - byte salt[] = BinTools.hex2bin(p123[0]); - int iterationCount = Integer.parseInt(p123[1]); - byte bDK[] = BinTools.hex2bin(p123[2]); - - p.setSalt(salt); - p.setIterationCount(iterationCount); - p.setDerivedKey(bDK); - return false; - } - - @Override - public String toString(PBKDF2Parameters p) { - String s = BinTools.bin2hex(p.getSalt()) + ":" + String.valueOf(p.getIterationCount()) + ":" + BinTools.bin2hex(p.getDerivedKey()); - return s; - } -} diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Parameters.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Parameters.java deleted file mode 100644 index 04abaa9f8..000000000 --- a/src/main/java/fr/xephi/authme/security/pbkdf2/PBKDF2Parameters.java +++ /dev/null @@ -1,139 +0,0 @@ -package fr.xephi.authme.security.pbkdf2; - -/** - *- * Parameter data holder for PBKDF2 configuration. - *
- *- * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public class PBKDF2Parameters { - - protected byte[] salt; - - protected int iterationCount; - - protected String hashAlgorithm; - - protected String hashCharset; - - /** - * The derived key is actually only a convenience to store a reference - * derived key. It is not used during computation. - */ - protected byte[] derivedKey; - - /** - * Constructor. Defaults tonull for byte arrays, UTF-8 as
- * character set and 1000 for iteration count.
- */
- public PBKDF2Parameters() {
- this.hashAlgorithm = null;
- this.hashCharset = "UTF-8";
- this.salt = null;
- this.iterationCount = 1000;
- this.derivedKey = null;
- }
-
- /**
- * Constructor.
- *
- * @param hashAlgorithm for example HMacSHA1 or HMacMD5
- * @param hashCharset for example UTF-8
- * @param salt Salt as byte array, may be null (not recommended)
- * @param iterationCount Number of iterations to execute. Recommended value 1000.
- */
- public PBKDF2Parameters(String hashAlgorithm, String hashCharset,
- byte[] salt, int iterationCount) {
- this.hashAlgorithm = hashAlgorithm;
- this.hashCharset = hashCharset;
- this.salt = salt;
- this.iterationCount = iterationCount;
- this.derivedKey = null;
- }
-
- /**
- * Constructor.
- *
- * @param hashAlgorithm for example HMacSHA1 or HMacMD5
- * @param hashCharset for example UTF-8
- * @param salt Salt as byte array, may be null (not recommended)
- * @param iterationCount Number of iterations to execute. Recommended value 1000.
- * @param derivedKey Convenience data holder, not used during computation.
- */
- public PBKDF2Parameters(String hashAlgorithm, String hashCharset,
- byte[] salt, int iterationCount, byte[] derivedKey) {
- this.hashAlgorithm = hashAlgorithm;
- this.hashCharset = hashCharset;
- this.salt = salt;
- this.iterationCount = iterationCount;
- this.derivedKey = derivedKey;
- }
-
- public int getIterationCount() {
- return iterationCount;
- }
-
- public void setIterationCount(int iterationCount) {
- this.iterationCount = iterationCount;
- }
-
- public byte[] getSalt() {
- return salt;
- }
-
- public void setSalt(byte[] salt) {
- this.salt = salt;
- }
-
- public byte[] getDerivedKey() {
- return derivedKey;
- }
-
- public void setDerivedKey(byte[] derivedKey) {
- this.derivedKey = derivedKey;
- }
-
- public String getHashAlgorithm() {
- return hashAlgorithm;
- }
-
- public void setHashAlgorithm(String hashAlgorithm) {
- this.hashAlgorithm = hashAlgorithm;
- }
-
- public String getHashCharset() {
- return hashCharset;
- }
-
- public void setHashCharset(String hashCharset) {
- this.hashCharset = hashCharset;
- }
-}
diff --git a/src/main/java/fr/xephi/authme/security/pbkdf2/PRF.java b/src/main/java/fr/xephi/authme/security/pbkdf2/PRF.java
deleted file mode 100644
index af40e171d..000000000
--- a/src/main/java/fr/xephi/authme/security/pbkdf2/PRF.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package fr.xephi.authme.security.pbkdf2;
-
-/**
- * - * A free Java implementation of Password Based Key Derivation Function 2 as - * defined by RFC 2898. Copyright (c) 2007 Matthias Gärtner - *
- *- * This library is free software; you can redistribute it and/or modify it under - * the terms of the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 2.1 of the License, or (at your option) - * any later version. - *
- *- * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more - * details. - *
- *- * You should have received a copy of the GNU Lesser General Public License - * along with this library; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - *
- *- * For Details, see http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. - *
- * - * @author Matthias Gärtner - * @version 1.0 - */ -public interface PRF { - - /** - * Initialize this instance with the user-supplied password. - * - * @param P The password supplied as array of bytes. It is the caller's - * task to convert String passwords to bytes as appropriate. - */ - void init(byte[] P); - - /** - * Pseudo Random Function - * - * @param M Input data/message etc. Together with any data supplied during - * initilization. - * - * @return Random bytes of hLen length. - */ - byte[] doFinal(byte[] M); - - /** - * Query block size of underlying algorithm/mechanism. - * - * @return block size - */ - int getHLen(); -} diff --git a/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java b/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java index 3711715d0..5bad44b07 100644 --- a/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java +++ b/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java @@ -64,9 +64,10 @@ public class SecuritySettings implements SettingsHolder { newProperty("settings.security.unLoggedinGroup", "unLoggedinGroup"); @Comment({ - "Possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB,", - "MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512,", - "DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM (for developers only)" + "Possible values: SHA256, BCRYPT, BCRYPT2Y, PBKDF2, SALTEDSHA512, WHIRLPOOL,", + "MYBB, IPB3, PHPBB, PHPFUSION, SMF, XENFORO, XAUTH, JOOMLA, WBB3, WBB4, MD5VB,", + "PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM (for developers only). See full list at", + "https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/hash_algorithms.md" }) public static final Property