mirror of
https://github.com/AuthMe/AuthMeReloaded.git
synced 2024-09-19 02:11:55 +02:00
PBKDF2DJANGO Hash
This commit is contained in:
parent
7d8ef95a22
commit
65bb488f4c
@ -520,6 +520,7 @@ public class AdminCommand implements CommandExecutor {
|
||||
m.send(sender, "error");
|
||||
return true;
|
||||
}
|
||||
@SuppressWarnings("deprecation")
|
||||
Player target = Bukkit.getPlayer(name);
|
||||
PlayerCache.getInstance().removePlayer(name);
|
||||
Utils.getInstance().setGroup(name, groupType.UNREGISTERED);
|
||||
@ -602,6 +603,7 @@ public class AdminCommand implements CommandExecutor {
|
||||
sender.sendMessage("Usage: /authme getip <onlineplayername>");
|
||||
return true;
|
||||
}
|
||||
@SuppressWarnings("deprecation")
|
||||
Player player = Bukkit.getPlayer(args[1]);
|
||||
if (player == null) {
|
||||
sender.sendMessage("This player is not actually online");
|
||||
@ -617,6 +619,7 @@ public class AdminCommand implements CommandExecutor {
|
||||
return true;
|
||||
}
|
||||
try {
|
||||
@SuppressWarnings("deprecation")
|
||||
Player player = Bukkit.getPlayer(args[1]);
|
||||
if (player == null || !player.isOnline()) {
|
||||
sender.sendMessage("Player needs to be online!");
|
||||
|
@ -25,6 +25,7 @@ public enum HashAlgorithm {
|
||||
SHA512(fr.xephi.authme.security.crypts.SHA512.class),
|
||||
DOUBLEMD5(fr.xephi.authme.security.crypts.DOUBLEMD5.class),
|
||||
PBKDF2(fr.xephi.authme.security.crypts.CryptPBKDF2.class),
|
||||
PBKDF2DJANGO(fr.xephi.authme.security.crypts.CryptPBKDF2Django.class),
|
||||
WORDPRESS(fr.xephi.authme.security.crypts.WORDPRESS.class),
|
||||
ROYALAUTH(fr.xephi.authme.security.crypts.ROYALAUTH.class),
|
||||
CRAZYCRYPT1(fr.xephi.authme.security.crypts.CRAZYCRYPT1.class),
|
||||
|
@ -4,18 +4,17 @@ import java.security.NoSuchAlgorithmException;
|
||||
|
||||
import fr.xephi.authme.security.pbkdf2.PBKDF2Engine;
|
||||
import fr.xephi.authme.security.pbkdf2.PBKDF2Parameters;
|
||||
import javax.xml.bind.DatatypeConverter;
|
||||
|
||||
public class CryptPBKDF2 implements EncryptionMethod {
|
||||
|
||||
@Override
|
||||
public String getHash(String password, String salt, String name)
|
||||
throws NoSuchAlgorithmException {
|
||||
String result = "pbkdf2_sha256$15000$" + salt + "$";
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000);
|
||||
String result = "pbkdf2_sha256$10000$" + salt + "$";
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 10000);
|
||||
PBKDF2Engine engine = new PBKDF2Engine(params);
|
||||
|
||||
return result + String.valueOf(DatatypeConverter.printBase64Binary(engine.deriveKey(password, 32)));
|
||||
return result + String.valueOf(engine.deriveKey(password, 64));
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -23,8 +22,8 @@ public class CryptPBKDF2 implements EncryptionMethod {
|
||||
String playerName) throws NoSuchAlgorithmException {
|
||||
String[] line = hash.split("\\$");
|
||||
String salt = line[2];
|
||||
byte[] derivedKey = DatatypeConverter.parseBase64Binary(line[3]);
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000, derivedKey);
|
||||
String derivedKey = line[3];
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 10000, derivedKey.getBytes());
|
||||
PBKDF2Engine engine = new PBKDF2Engine(params);
|
||||
return engine.verifyKey(password);
|
||||
}
|
||||
|
@ -0,0 +1,32 @@
|
||||
package fr.xephi.authme.security.crypts;
|
||||
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
import fr.xephi.authme.security.pbkdf2.PBKDF2Engine;
|
||||
import fr.xephi.authme.security.pbkdf2.PBKDF2Parameters;
|
||||
import javax.xml.bind.DatatypeConverter;
|
||||
|
||||
public class CryptPBKDF2Django implements EncryptionMethod {
|
||||
|
||||
@Override
|
||||
public String getHash(String password, String salt, String name)
|
||||
throws NoSuchAlgorithmException {
|
||||
String result = "pbkdf2_sha256$15000$" + salt + "$";
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000);
|
||||
PBKDF2Engine engine = new PBKDF2Engine(params);
|
||||
|
||||
return result + String.valueOf(DatatypeConverter.printBase64Binary(engine.deriveKey(password, 32)));
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String hash, String password,
|
||||
String playerName) throws NoSuchAlgorithmException {
|
||||
String[] line = hash.split("\\$");
|
||||
String salt = line[2];
|
||||
byte[] derivedKey = DatatypeConverter.parseBase64Binary(line[3]);
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000, derivedKey);
|
||||
PBKDF2Engine engine = new PBKDF2Engine(params);
|
||||
return engine.verifyKey(password);
|
||||
}
|
||||
|
||||
}
|
@ -200,7 +200,7 @@ settings:
|
||||
# possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB,
|
||||
# PLAINTEXT ( unhashed password),
|
||||
# MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512,
|
||||
# DOUBLEMD5, PBKDF2, WORDPRESS, ROYALAUTH, CUSTOM(for developpers only)
|
||||
# DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM(for developpers only)
|
||||
passwordHash: SHA256
|
||||
# salt length for the SALTED2MD5 MD5(MD5(password)+salt)
|
||||
doubleMD5SaltLength: 8
|
||||
|
Loading…
Reference in New Issue
Block a user