Upstream/AuthMeReloaded
1
0
Fork 0
mirror of https://github.com/AuthMe/AuthMeReloaded.git synced 2024-11-05 10:10:08 +01:00
Code Issues Projects Releases Wiki Activity

Minor - clean up bcrypt 2y implementation

Browse Source 
- Update Recommendation annotation
- Add proper length check to hash
- Remove check that is always true
This commit is contained in:
ljacqu 2015-12-28 21:27:47 +01:00
parent 73bc6e286a
commit 9b73475b9a
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/fr/xephi/authme/security/crypts/BCRYPT2Y.java
View File

@ -3,20 +3,25 @@ package fr.xephi.authme.security.crypts;
import fr.xephi.authme.security.crypts.description.Recommendation; import fr.xephi.authme.security.crypts.description.Recommendation;
import fr.xephi.authme.security.crypts.description.Usage; import fr.xephi.authme.security.crypts.description.Usage;
@Recommendation(Usage.DOES_NOT_WORK) @Recommendation(Usage.RECOMMENDED)
public class BCRYPT2Y extends HexSaltedMethod { public class BCRYPT2Y extends HexSaltedMethod {
@Override @Override
public String computeHash(String password, String salt, String name) { public String computeHash(String password, String salt, String name) {
if (salt.length() == 22) if (salt.length() == 22) {
salt = "$2y$10$" + salt; salt = "$2y$10$" + salt;
}
return BCRYPT.hashpw(password, salt); return BCRYPT.hashpw(password, salt);
} }
@Override @Override
public boolean comparePassword(String hash, String password, String salt, String playerName) { public boolean comparePassword(String hash, String password, String unusedSalt, String unusedName) {
String ok = hash.substring(0, 29); if (hash.length() != 60) {
return ok.length() == 29 && hash.equals(computeHash(password, ok, playerName)); return false;
}
// The salt is the first 29 characters of the hash
String salt = hash.substring(0, 29);
return hash.equals(computeHash(password, salt, null));
} }
@Override @Override