mirror of
https://github.com/AuthMe/AuthMeReloaded.git
synced 2025-01-21 23:21:32 +01:00
Minor - rename EncryptedPassword to HashedPassword
- We hash passwords; we don't encrypt them
This commit is contained in:
ljacqu
parent
e85dbe81e5
commit
c0a393b8b3
@ -43,7 +43,7 @@ import fr.xephi.authme.permission.PlayerPermission;
|
||||
import fr.xephi.authme.process.Management;
|
||||
import fr.xephi.authme.security.HashAlgorithm;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.OtherAccounts;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import fr.xephi.authme.settings.Spawn;
|
||||
@ -596,9 +596,9 @@ public class AuthMe extends JavaPlugin {
|
||||
ConsoleLogger.showError("Your HashAlgorithm has been detected as plaintext and is now deprecated; " +
|
||||
"it will be changed and hashed now to the AuthMe default hashing method");
|
||||
for (PlayerAuth auth : database.getAllAuths()) {
|
||||
EncryptedPassword encryptedPassword = passwordSecurity.computeHash(
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(
|
||||
HashAlgorithm.SHA256, auth.getPassword().getHash(), auth.getNickname());
|
||||
auth.setPassword(encryptedPassword);
|
||||
auth.setPassword(hashedPassword);
|
||||
database.updatePassword(auth);
|
||||
}
|
||||
Settings.setValue("settings.security.passwordHash", "SHA256");
|
||||
|
||||
@ -4,7 +4,7 @@ import fr.xephi.authme.AuthMe;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.cache.auth.PlayerCache;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.util.Utils;
|
||||
import org.bukkit.Bukkit;
|
||||
import org.bukkit.Location;
|
||||
@ -134,13 +134,13 @@ public class API {
|
||||
@Deprecated
|
||||
public static boolean registerPlayer(String playerName, String password) {
|
||||
String name = playerName.toLowerCase();
|
||||
EncryptedPassword encryptedPassword = passwordSecurity.computeHash(password, name);
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(password, name);
|
||||
if (isRegistered(name)) {
|
||||
return false;
|
||||
}
|
||||
PlayerAuth auth = PlayerAuth.builder()
|
||||
.name(name)
|
||||
.password(encryptedPassword)
|
||||
.password(hashedPassword)
|
||||
.lastLogin(0)
|
||||
.realName(playerName)
|
||||
.build();
|
||||
|
||||
@ -3,7 +3,7 @@ package fr.xephi.authme.api;
|
||||
import fr.xephi.authme.AuthMe;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.cache.auth.PlayerCache;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.util.Utils;
|
||||
import org.bukkit.Bukkit;
|
||||
import org.bukkit.Location;
|
||||
@ -149,7 +149,7 @@ public class NewAPI {
|
||||
*/
|
||||
public boolean registerPlayer(String playerName, String password) {
|
||||
String name = playerName.toLowerCase();
|
||||
EncryptedPassword result = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
HashedPassword result = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
if (isRegistered(name)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package fr.xephi.authme.cache.auth;
|
||||
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import org.bukkit.Location;
|
||||
|
||||
import static com.google.common.base.Objects.firstNonNull;
|
||||
@ -12,7 +12,7 @@ import static com.google.common.base.Preconditions.checkNotNull;
|
||||
public class PlayerAuth {
|
||||
|
||||
private String nickname;
|
||||
private EncryptedPassword password;
|
||||
private HashedPassword password;
|
||||
private String ip;
|
||||
private long lastLogin;
|
||||
private double x;
|
||||
@ -39,7 +39,7 @@ public class PlayerAuth {
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, String ip, long lastLogin, String realName) {
|
||||
this(nickname, new EncryptedPassword(""), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
this(nickname, new HashedPassword(""), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -53,7 +53,7 @@ public class PlayerAuth {
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, double x, double y, double z, String world, String realName) {
|
||||
this(nickname, new EncryptedPassword(""), -1, "127.0.0.1", System.currentTimeMillis(), x, y, z, world,
|
||||
this(nickname, new HashedPassword(""), -1, "127.0.0.1", System.currentTimeMillis(), x, y, z, world,
|
||||
"your@email.com", realName);
|
||||
}
|
||||
|
||||
@ -67,7 +67,7 @@ public class PlayerAuth {
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String ip, long lastLogin, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
this(nickname, new HashedPassword(hash), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -81,7 +81,7 @@ public class PlayerAuth {
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String ip, long lastLogin, String email, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash), -1, ip, lastLogin, 0, 0, 0, "world", email, realName);
|
||||
this(nickname, new HashedPassword(hash), -1, ip, lastLogin, 0, 0, 0, "world", email, realName);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -95,7 +95,7 @@ public class PlayerAuth {
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String salt, String ip, long lastLogin, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash, salt), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
this(nickname, new HashedPassword(hash, salt), -1, ip, lastLogin, 0, 0, 0, "world", "your@email.com", realName);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -114,7 +114,7 @@ public class PlayerAuth {
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String ip, long lastLogin, double x, double y, double z,
|
||||
String world, String email, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash), -1, ip, lastLogin, x, y, z, world, email, realName);
|
||||
this(nickname, new HashedPassword(hash), -1, ip, lastLogin, x, y, z, world, email, realName);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -134,7 +134,7 @@ public class PlayerAuth {
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String salt, String ip, long lastLogin, double x, double y,
|
||||
double z, String world, String email, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash, salt), -1, ip, lastLogin,
|
||||
this(nickname, new HashedPassword(hash, salt), -1, ip, lastLogin,
|
||||
x, y, z, world, email, realName);
|
||||
}
|
||||
|
||||
@ -151,7 +151,7 @@ public class PlayerAuth {
|
||||
*/
|
||||
public PlayerAuth(String nickname, String hash, String salt, int groupId, String ip,
|
||||
long lastLogin, String realName) {
|
||||
this(nickname, new EncryptedPassword(hash, salt), groupId, ip, lastLogin,
|
||||
this(nickname, new HashedPassword(hash, salt), groupId, ip, lastLogin,
|
||||
0, 0, 0, "world", "your@email.com", realName);
|
||||
}
|
||||
|
||||
@ -170,7 +170,7 @@ public class PlayerAuth {
|
||||
* @param email String
|
||||
* @param realName String
|
||||
*/
|
||||
public PlayerAuth(String nickname, EncryptedPassword password, int groupId, String ip, long lastLogin,
|
||||
public PlayerAuth(String nickname, HashedPassword password, int groupId, String ip, long lastLogin,
|
||||
double x, double y, double z, String world, String email, String realName) {
|
||||
this.nickname = nickname.toLowerCase();
|
||||
this.password = password;
|
||||
@ -280,11 +280,11 @@ public class PlayerAuth {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public EncryptedPassword getPassword() {
|
||||
public HashedPassword getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(EncryptedPassword password) {
|
||||
public void setPassword(HashedPassword password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
@ -347,7 +347,7 @@ public class PlayerAuth {
|
||||
this.realName = args[1];
|
||||
this.ip = args[2];
|
||||
this.email = args[3];
|
||||
this.password = new EncryptedPassword(args[4], args[5]);
|
||||
this.password = new HashedPassword(args[4], args[5]);
|
||||
this.groupId = Integer.parseInt(args[6]);
|
||||
this.lastLogin = Long.parseLong(args[7]);
|
||||
this.world = args[8];
|
||||
@ -363,7 +363,7 @@ public class PlayerAuth {
|
||||
public static final class Builder {
|
||||
private String name;
|
||||
private String realName;
|
||||
private EncryptedPassword password;
|
||||
private HashedPassword password;
|
||||
private String ip;
|
||||
private String world;
|
||||
private String email;
|
||||
@ -376,7 +376,7 @@ public class PlayerAuth {
|
||||
public PlayerAuth build() {
|
||||
return new PlayerAuth(
|
||||
checkNotNull(name),
|
||||
firstNonNull(password, new EncryptedPassword("")),
|
||||
firstNonNull(password, new HashedPassword("")),
|
||||
groupId,
|
||||
firstNonNull(ip, "127.0.0.1"),
|
||||
lastLogin,
|
||||
@ -397,13 +397,13 @@ public class PlayerAuth {
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder password(EncryptedPassword password) {
|
||||
public Builder password(HashedPassword password) {
|
||||
this.password = password;
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder password(String hash, String salt) {
|
||||
return password(new EncryptedPassword(hash, salt));
|
||||
return password(new HashedPassword(hash, salt));
|
||||
}
|
||||
|
||||
public Builder ip(String ip) {
|
||||
|
||||
@ -7,7 +7,7 @@ import fr.xephi.authme.command.CommandService;
|
||||
import fr.xephi.authme.command.ExecutableCommand;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.output.MessageKey;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import org.bukkit.command.CommandSender;
|
||||
|
||||
@ -67,9 +67,9 @@ public class ChangePasswordAdminCommand implements ExecutableCommand {
|
||||
return;
|
||||
}
|
||||
|
||||
EncryptedPassword encryptedPassword = commandService.getPasswordSecurity()
|
||||
HashedPassword hashedPassword = commandService.getPasswordSecurity()
|
||||
.computeHash(playerPass, playerNameLowerCase);
|
||||
auth.setPassword(encryptedPassword);
|
||||
auth.setPassword(hashedPassword);
|
||||
|
||||
if (!dataSource.updatePassword(auth)) {
|
||||
commandService.send(sender, MessageKey.ERROR);
|
||||
|
||||
@ -5,7 +5,7 @@ import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.command.CommandService;
|
||||
import fr.xephi.authme.command.ExecutableCommand;
|
||||
import fr.xephi.authme.output.MessageKey;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import org.bukkit.Bukkit;
|
||||
import org.bukkit.command.CommandSender;
|
||||
@ -57,12 +57,12 @@ public class RegisterAdminCommand implements ExecutableCommand {
|
||||
commandService.send(sender, MessageKey.NAME_ALREADY_REGISTERED);
|
||||
return;
|
||||
}
|
||||
EncryptedPassword encryptedPassword = commandService.getPasswordSecurity()
|
||||
HashedPassword hashedPassword = commandService.getPasswordSecurity()
|
||||
.computeHash(playerPass, playerNameLowerCase);
|
||||
PlayerAuth auth = PlayerAuth.builder()
|
||||
.name(playerNameLowerCase)
|
||||
.realName(playerName)
|
||||
.password(encryptedPassword)
|
||||
.password(hashedPassword)
|
||||
.build();
|
||||
|
||||
if (!commandService.getDataSource().saveAuth(auth)) {
|
||||
|
||||
@ -8,7 +8,7 @@ import fr.xephi.authme.command.PlayerCommand;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.output.MessageKey;
|
||||
import fr.xephi.authme.security.RandomString;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import fr.xephi.authme.util.StringUtils;
|
||||
import org.bukkit.entity.Player;
|
||||
@ -37,7 +37,7 @@ public class RecoverEmailCommand extends PlayerCommand {
|
||||
}
|
||||
|
||||
String thePass = RandomString.generate(Settings.getRecoveryPassLength);
|
||||
EncryptedPassword hashNew = commandService.getPasswordSecurity().computeHash(thePass, playerName);
|
||||
HashedPassword hashNew = commandService.getPasswordSecurity().computeHash(thePass, playerName);
|
||||
PlayerAuth auth;
|
||||
if (PlayerCache.getInstance().isAuthenticated(playerName)) {
|
||||
auth = PlayerCache.getInstance().getAuth(playerName);
|
||||
|
||||
@ -6,7 +6,7 @@ import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.security.HashAlgorithm;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import org.bukkit.command.CommandSender;
|
||||
|
||||
@ -42,7 +42,7 @@ public class RakamakConverter implements Converter {
|
||||
File source = new File(Settings.PLUGIN_FOLDER, fileName);
|
||||
File ipfiles = new File(Settings.PLUGIN_FOLDER, ipFileName);
|
||||
HashMap<String, String> playerIP = new HashMap<>();
|
||||
HashMap<String, EncryptedPassword> playerPSW = new HashMap<>();
|
||||
HashMap<String, HashedPassword> playerPSW = new HashMap<>();
|
||||
try {
|
||||
BufferedReader users;
|
||||
BufferedReader ipFile;
|
||||
@ -64,15 +64,15 @@ public class RakamakConverter implements Converter {
|
||||
while ((line = users.readLine()) != null) {
|
||||
if (line.contains("=")) {
|
||||
String[] arguments = line.split("=");
|
||||
EncryptedPassword encryptedPassword = passwordSecurity.computeHash(hash, arguments[1], arguments[0]);
|
||||
playerPSW.put(arguments[0], encryptedPassword);
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(hash, arguments[1], arguments[0]);
|
||||
playerPSW.put(arguments[0], hashedPassword);
|
||||
|
||||
}
|
||||
}
|
||||
users.close();
|
||||
for (Entry<String, EncryptedPassword> m : playerPSW.entrySet()) {
|
||||
for (Entry<String, HashedPassword> m : playerPSW.entrySet()) {
|
||||
String playerName = m.getKey();
|
||||
EncryptedPassword psw = playerPSW.get(playerName);
|
||||
HashedPassword psw = playerPSW.get(playerName);
|
||||
String ip = useIP ? playerIP.get(playerName) : "127.0.0.1";
|
||||
PlayerAuth auth = PlayerAuth.builder()
|
||||
.name(playerName)
|
||||
|
||||
@ -2,7 +2,7 @@ package fr.xephi.authme.datasource;
|
||||
|
||||
import fr.xephi.authme.ConsoleLogger;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import fr.xephi.authme.util.StringUtils;
|
||||
|
||||
@ -207,7 +207,7 @@ public class SQLite implements DataSource {
|
||||
public synchronized boolean saveAuth(PlayerAuth auth) {
|
||||
PreparedStatement pst = null;
|
||||
try {
|
||||
EncryptedPassword password = auth.getPassword();
|
||||
HashedPassword password = auth.getPassword();
|
||||
if (columnSalt.isEmpty()) {
|
||||
if (!StringUtils.isEmpty(auth.getPassword().getSalt())) {
|
||||
ConsoleLogger.showError("Warning! Detected hashed password with separate salt but the salt column "
|
||||
@ -253,7 +253,7 @@ public class SQLite implements DataSource {
|
||||
public synchronized boolean updatePassword(PlayerAuth auth) {
|
||||
PreparedStatement pst = null;
|
||||
try {
|
||||
EncryptedPassword password = auth.getPassword();
|
||||
HashedPassword password = auth.getPassword();
|
||||
boolean useSalt = !columnSalt.isEmpty();
|
||||
String sql = "UPDATE " + tableName + " SET " + columnPassword + " = ?"
|
||||
+ (useSalt ? ", " + columnSalt + " = ?" : "")
|
||||
|
||||
@ -7,7 +7,7 @@ import fr.xephi.authme.ConsoleLogger;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.cache.auth.PlayerCache;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import org.bukkit.entity.Player;
|
||||
import org.bukkit.plugin.messaging.PluginMessageListener;
|
||||
|
||||
@ -67,7 +67,7 @@ public class BungeeCordMessage implements PluginMessageListener {
|
||||
} else if ("changepassword".equals(act)) {
|
||||
final String password = args[2];
|
||||
final String salt = args.length >= 4 ? args[3] : null;
|
||||
auth.setPassword(new EncryptedPassword(password, salt));
|
||||
auth.setPassword(new HashedPassword(password, salt));
|
||||
PlayerCache.getInstance().updatePlayer(auth);
|
||||
dataSource.updatePassword(auth);
|
||||
}
|
||||
|
||||
@ -8,7 +8,7 @@ import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.output.MessageKey;
|
||||
import fr.xephi.authme.output.Messages;
|
||||
import fr.xephi.authme.permission.PlayerPermission;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import org.bukkit.entity.Player;
|
||||
|
||||
@ -97,11 +97,11 @@ public class AsyncRegister {
|
||||
m.send(player, MessageKey.MAX_REGISTER_EXCEEDED);
|
||||
return;
|
||||
}
|
||||
final EncryptedPassword encryptedPassword = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
final HashedPassword hashedPassword = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
PlayerAuth auth = PlayerAuth.builder()
|
||||
.name(name)
|
||||
.realName(player.getName())
|
||||
.password(encryptedPassword)
|
||||
.password(hashedPassword)
|
||||
.ip(ip)
|
||||
.location(player.getLocation())
|
||||
.email(email)
|
||||
@ -120,11 +120,11 @@ public class AsyncRegister {
|
||||
}
|
||||
|
||||
private void passwordRegister() throws Exception {
|
||||
final EncryptedPassword encryptedPassword = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
final HashedPassword hashedPassword = plugin.getPasswordSecurity().computeHash(password, name);
|
||||
PlayerAuth auth = PlayerAuth.builder()
|
||||
.name(name)
|
||||
.realName(player.getName())
|
||||
.password(encryptedPassword)
|
||||
.password(hashedPassword)
|
||||
.ip(ip)
|
||||
.location(player.getLocation())
|
||||
.build();
|
||||
|
||||
@ -3,7 +3,7 @@ package fr.xephi.authme.security;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.events.PasswordEncryptionEvent;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.security.crypts.EncryptionMethod;
|
||||
import org.bukkit.plugin.PluginManager;
|
||||
|
||||
@ -25,11 +25,11 @@ public class PasswordSecurity {
|
||||
this.supportOldAlgorithm = supportOldAlgorithm;
|
||||
}
|
||||
|
||||
public EncryptedPassword computeHash(String password, String playerName) {
|
||||
public HashedPassword computeHash(String password, String playerName) {
|
||||
return computeHash(algorithm, password, playerName);
|
||||
}
|
||||
|
||||
public EncryptedPassword computeHash(HashAlgorithm algorithm, String password, String playerName) {
|
||||
public HashedPassword computeHash(HashAlgorithm algorithm, String password, String playerName) {
|
||||
String playerLowerCase = playerName.toLowerCase();
|
||||
EncryptionMethod method = initializeEncryptionMethod(algorithm, playerLowerCase);
|
||||
return method.computeHash(password, playerLowerCase);
|
||||
@ -44,18 +44,18 @@ public class PasswordSecurity {
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String playerName) {
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String playerName) {
|
||||
EncryptionMethod method = initializeEncryptionMethod(algorithm, playerName);
|
||||
// User is not in data source, so the result will invariably be wrong because an encryption
|
||||
// method with hasSeparateSalt() == true NEEDS the salt to evaluate the password
|
||||
String salt = encryptedPassword.getSalt();
|
||||
String salt = hashedPassword.getSalt();
|
||||
if (method.hasSeparateSalt() && salt == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String playerLowerCase = playerName.toLowerCase();
|
||||
return method.comparePassword(password, encryptedPassword, playerLowerCase)
|
||||
|| supportOldAlgorithm && compareWithAllEncryptionMethods(password, encryptedPassword, playerLowerCase);
|
||||
return method.comparePassword(password, hashedPassword, playerLowerCase)
|
||||
|| supportOldAlgorithm && compareWithAllEncryptionMethods(password, hashedPassword, playerLowerCase);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -64,16 +64,16 @@ public class PasswordSecurity {
|
||||
* will be hashed with the new encryption method and persisted.
|
||||
*
|
||||
* @param password The clear-text password to check
|
||||
* @param encryptedPassword The encrypted password to test the clear-text password against
|
||||
* @param hashedPassword The encrypted password to test the clear-text password against
|
||||
* @param playerName The name of the player
|
||||
* @return True if the
|
||||
*/
|
||||
private boolean compareWithAllEncryptionMethods(String password, EncryptedPassword encryptedPassword,
|
||||
private boolean compareWithAllEncryptionMethods(String password, HashedPassword hashedPassword,
|
||||
String playerName) {
|
||||
for (HashAlgorithm algorithm : HashAlgorithm.values()) {
|
||||
if (!HashAlgorithm.CUSTOM.equals(algorithm)) {
|
||||
EncryptionMethod method = initializeEncryptionMethodWithoutEvent(algorithm);
|
||||
if (method != null && method.comparePassword(password, encryptedPassword, playerName)) {
|
||||
if (method != null && method.comparePassword(password, hashedPassword, playerName)) {
|
||||
hashPasswordForNewAlgorithm(password, playerName);
|
||||
return true;
|
||||
}
|
||||
@ -118,9 +118,9 @@ public class PasswordSecurity {
|
||||
private void hashPasswordForNewAlgorithm(String password, String playerName) {
|
||||
PlayerAuth auth = dataSource.getAuth(playerName);
|
||||
if (auth != null) {
|
||||
EncryptedPassword encryptedPassword = initializeEncryptionMethod(algorithm, playerName)
|
||||
HashedPassword hashedPassword = initializeEncryptionMethod(algorithm, playerName)
|
||||
.computeHash(password, playerName);
|
||||
auth.setPassword(encryptedPassword);
|
||||
auth.setPassword(hashedPassword);
|
||||
dataSource.updatePassword(auth);
|
||||
}
|
||||
}
|
||||
|
||||
@ -520,13 +520,13 @@ public class BCRYPT implements EncryptionMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
String salt = generateSalt();
|
||||
return new EncryptedPassword(hashpw(password, salt), null);
|
||||
return new HashedPassword(hashpw(password, salt), null);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword hash, String name) {
|
||||
public boolean comparePassword(String password, HashedPassword hash, String name) {
|
||||
return checkpw(password, hash.getHash());
|
||||
}
|
||||
|
||||
|
||||
@ -15,7 +15,7 @@ public class BCRYPT2Y extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encrypted, String unusedName) {
|
||||
public boolean comparePassword(String password, HashedPassword encrypted, String unusedName) {
|
||||
String hash = encrypted.getHash();
|
||||
if (hash.length() != 60) {
|
||||
return false;
|
||||
|
||||
@ -28,11 +28,11 @@ public class CRAZYCRYPT1 extends UsernameSaltMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
final String text = "ÜÄaeut//&/=I " + password + "7421€547" + name + "__+IÄIH§%NK " + password;
|
||||
final MessageDigest md = HashUtils.getDigest(MessageDigestAlgorithm.SHA512);
|
||||
md.update(text.getBytes(charset), 0, text.length());
|
||||
return new EncryptedPassword(byteArrayToHexString(md.digest()));
|
||||
return new HashedPassword(byteArrayToHexString(md.digest()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -20,8 +20,8 @@ public class CryptPBKDF2 extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String unusedName) {
|
||||
String[] line = encryptedPassword.getHash().split("\\$");
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String unusedName) {
|
||||
String[] line = hashedPassword.getHash().split("\\$");
|
||||
String salt = line[2];
|
||||
String derivedKey = line[3];
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 10000, derivedKey.getBytes());
|
||||
|
||||
@ -19,8 +19,8 @@ public class CryptPBKDF2Django extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String unusedName) {
|
||||
String[] line = encryptedPassword.getHash().split("\\$");
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String unusedName) {
|
||||
String[] line = hashedPassword.getHash().split("\\$");
|
||||
String salt = line[2];
|
||||
byte[] derivedKey = DatatypeConverter.parseBase64Binary(line[3]);
|
||||
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 15000, derivedKey);
|
||||
|
||||
@ -12,9 +12,9 @@ public interface EncryptionMethod {
|
||||
* @param name The name of the player (sometimes required to generate a salt with)
|
||||
*
|
||||
* @return The hash result for the password.
|
||||
* @see EncryptedPassword
|
||||
* @see HashedPassword
|
||||
*/
|
||||
EncryptedPassword computeHash(String password, String name);
|
||||
HashedPassword computeHash(String password, String name);
|
||||
|
||||
/**
|
||||
* Hash the given password with the given salt for the given player.
|
||||
@ -32,12 +32,12 @@ public interface EncryptionMethod {
|
||||
* Check whether the given hash matches the clear-text password.
|
||||
*
|
||||
* @param password The clear-text password to verify
|
||||
* @param encryptedPassword The hash to check the password against
|
||||
* @param hashedPassword The hash to check the password against
|
||||
* @param name The player name to do the check for (sometimes required for generating the salt)
|
||||
*
|
||||
* @return True if the password matches, false otherwise
|
||||
*/
|
||||
boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name);
|
||||
boolean comparePassword(String password, HashedPassword hashedPassword, String name);
|
||||
|
||||
/**
|
||||
* Generate a new salt to hash a password with.
|
||||
@ -48,7 +48,7 @@ public interface EncryptionMethod {
|
||||
|
||||
/**
|
||||
* Return whether the encryption method requires the salt to be stored separately and
|
||||
* passed again to {@link #comparePassword(String, EncryptedPassword, String)}. Note that
|
||||
* passed again to {@link #comparePassword(String, HashedPassword, String)}. Note that
|
||||
* an encryption method returning {@code false} does not imply that it uses no salt; it
|
||||
* may be embedded into the hash or it may use the username as salt.
|
||||
*
|
||||
|
||||
@ -3,7 +3,7 @@ package fr.xephi.authme.security.crypts;
|
||||
/**
|
||||
* The result of a hash computation. See {@link #salt} for details.
|
||||
*/
|
||||
public class EncryptedPassword {
|
||||
public class HashedPassword {
|
||||
|
||||
/** The generated hash. */
|
||||
private final String hash;
|
||||
@ -23,7 +23,7 @@ public class EncryptedPassword {
|
||||
* @param hash The computed hash
|
||||
* @param salt The generated salt
|
||||
*/
|
||||
public EncryptedPassword(String hash, String salt) {
|
||||
public HashedPassword(String hash, String salt) {
|
||||
this.hash = hash;
|
||||
this.salt = salt;
|
||||
}
|
||||
@ -33,7 +33,7 @@ public class EncryptedPassword {
|
||||
*
|
||||
* @param hash The computed hash
|
||||
*/
|
||||
public EncryptedPassword(String hash) {
|
||||
public HashedPassword(String hash) {
|
||||
this(hash, null);
|
||||
}
|
||||
|
||||
@ -20,13 +20,13 @@ public abstract class HexSaltedMethod implements EncryptionMethod {
|
||||
public abstract String computeHash(String password, String salt, String name);
|
||||
|
||||
@Override
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
String salt = generateSalt();
|
||||
return new EncryptedPassword(computeHash(password, salt, null));
|
||||
return new HashedPassword(computeHash(password, salt, null));
|
||||
}
|
||||
|
||||
@Override
|
||||
public abstract boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name);
|
||||
public abstract boolean comparePassword(String password, HashedPassword hashedPassword, String name);
|
||||
|
||||
@Override
|
||||
public String generateSalt() {
|
||||
|
||||
@ -13,8 +13,8 @@ public class JOOMLA extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String unusedName) {
|
||||
String hash = encryptedPassword.getHash();
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String unusedName) {
|
||||
String hash = hashedPassword.getHash();
|
||||
String[] hashParts = hash.split(":");
|
||||
return hashParts.length == 2 && hash.equals(computeHash(password, hashParts[1], null));
|
||||
}
|
||||
|
||||
@ -10,8 +10,8 @@ public class MD5VB extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
String hash = encryptedPassword.getHash();
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
String hash = hashedPassword.getHash();
|
||||
String[] line = hash.split("\\$");
|
||||
return line.length == 4 && hash.equals(computeHash(password, line[2], name));
|
||||
}
|
||||
|
||||
@ -144,8 +144,8 @@ public class PHPBB extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
return phpbb_check_hash(password, encryptedPassword.getHash());
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
return phpbb_check_hash(password, hashedPassword.getHash());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -14,8 +14,8 @@ public class SHA256 extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String playerName) {
|
||||
String hash = encryptedPassword.getHash();
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String playerName) {
|
||||
String hash = hashedPassword.getHash();
|
||||
String[] line = hash.split("\\$");
|
||||
return line.length == 4 && hash.equals(computeHash(password, line[2], ""));
|
||||
}
|
||||
|
||||
@ -4,8 +4,8 @@ import fr.xephi.authme.security.HashUtils;
|
||||
|
||||
public class SMF extends UsernameSaltMethod {
|
||||
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
return new EncryptedPassword(HashUtils.sha1(name.toLowerCase() + password));
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
return new HashedPassword(HashUtils.sha1(name.toLowerCase() + password));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -12,14 +12,14 @@ public abstract class SeparateSaltMethod implements EncryptionMethod {
|
||||
public abstract String generateSalt();
|
||||
|
||||
@Override
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
String salt = generateSalt();
|
||||
return new EncryptedPassword(computeHash(password, salt, name), salt);
|
||||
return new HashedPassword(computeHash(password, salt, name), salt);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
return encryptedPassword.getHash().equals(computeHash(password, encryptedPassword.getSalt(), null));
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
return hashedPassword.getHash().equals(computeHash(password, hashedPassword.getSalt(), null));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -15,8 +15,8 @@ public abstract class UnsaltedMethod implements EncryptionMethod {
|
||||
public abstract String computeHash(String password);
|
||||
|
||||
@Override
|
||||
public EncryptedPassword computeHash(String password, String name) {
|
||||
return new EncryptedPassword(computeHash(password));
|
||||
public HashedPassword computeHash(String password, String name) {
|
||||
return new HashedPassword(computeHash(password));
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -25,8 +25,8 @@ public abstract class UnsaltedMethod implements EncryptionMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
return encryptedPassword.getHash().equals(computeHash(password));
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
return hashedPassword.getHash().equals(computeHash(password));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -14,11 +14,11 @@ import fr.xephi.authme.security.crypts.description.Usage;
|
||||
public abstract class UsernameSaltMethod implements EncryptionMethod {
|
||||
|
||||
@Override
|
||||
public abstract EncryptedPassword computeHash(String password, String name);
|
||||
public abstract HashedPassword computeHash(String password, String name);
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
return encryptedPassword.getHash().equals(computeHash(password, name).getHash());
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
return hashedPassword.getHash().equals(computeHash(password, name).getHash());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -12,8 +12,8 @@ public class WBB4 extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String playerName) {
|
||||
return BCRYPT.checkpw(password, encryptedPassword.getHash(), 2);
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String playerName) {
|
||||
return BCRYPT.checkpw(password, hashedPassword.getHash(), 2);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -117,8 +117,8 @@ public class WORDPRESS extends UnsaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String name) {
|
||||
String hash = encryptedPassword.getHash();
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String name) {
|
||||
String hash = hashedPassword.getHash();
|
||||
String comparedHash = crypt(password, hash);
|
||||
return comparedHash.equals(hash);
|
||||
}
|
||||
|
||||
@ -23,8 +23,8 @@ public class XAUTH extends HexSaltedMethod {
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean comparePassword(String password, EncryptedPassword encryptedPassword, String playerName) {
|
||||
String hash = encryptedPassword.getHash();
|
||||
public boolean comparePassword(String password, HashedPassword hashedPassword, String playerName) {
|
||||
String hash = hashedPassword.getHash();
|
||||
int saltPos = (password.length() >= hash.length() ? hash.length() - 1 : password.length());
|
||||
String saltFromHash = hash.substring(saltPos, saltPos + 12);
|
||||
return hash.equals(computeHash(password, saltFromHash, null));
|
||||
|
||||
@ -9,7 +9,7 @@ import fr.xephi.authme.cache.auth.PlayerCache;
|
||||
import fr.xephi.authme.output.MessageKey;
|
||||
import fr.xephi.authme.output.Messages;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import org.bukkit.entity.Player;
|
||||
|
||||
@ -35,8 +35,8 @@ public class ChangePasswordTask implements Runnable {
|
||||
final String name = player.getName().toLowerCase();
|
||||
PlayerAuth auth = PlayerCache.getInstance().getAuth(name);
|
||||
if (passwordSecurity.comparePassword(oldPassword, auth.getPassword(), player.getName())) {
|
||||
EncryptedPassword encryptedPassword = passwordSecurity.computeHash(newPassword, name);
|
||||
auth.setPassword(encryptedPassword);
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(newPassword, name);
|
||||
auth.setPassword(hashedPassword);
|
||||
|
||||
if (!plugin.getDataSource().updatePassword(auth)) {
|
||||
m.send(player, MessageKey.ERROR);
|
||||
@ -47,8 +47,8 @@ public class ChangePasswordTask implements Runnable {
|
||||
m.send(player, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
ConsoleLogger.info(player.getName() + " changed his password");
|
||||
if (Settings.bungee) {
|
||||
final String hash = encryptedPassword.getHash();
|
||||
final String salt = encryptedPassword.getSalt();
|
||||
final String hash = hashedPassword.getHash();
|
||||
final String salt = hashedPassword.getSalt();
|
||||
plugin.getServer().getScheduler().scheduleSyncDelayedTask(plugin, new Runnable(){
|
||||
|
||||
@Override
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package fr.xephi.authme.security;
|
||||
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.security.crypts.EncryptionMethod;
|
||||
import fr.xephi.authme.settings.Settings;
|
||||
import fr.xephi.authme.util.StringUtils;
|
||||
@ -49,11 +49,11 @@ public class HashAlgorithmIntegrationTest {
|
||||
for (HashAlgorithm algorithm : HashAlgorithm.values()) {
|
||||
if (!HashAlgorithm.CUSTOM.equals(algorithm)) {
|
||||
EncryptionMethod method = algorithm.getClazz().newInstance();
|
||||
EncryptedPassword encryptedPassword = method.computeHash("pwd", "name");
|
||||
HashedPassword hashedPassword = method.computeHash("pwd", "name");
|
||||
assertThat("Salt should not be null if method.hasSeparateSalt(), and vice versa. Method: '"
|
||||
+ method + "'", StringUtils.isEmpty(encryptedPassword.getSalt()), equalTo(!method.hasSeparateSalt()));
|
||||
+ method + "'", StringUtils.isEmpty(hashedPassword.getSalt()), equalTo(!method.hasSeparateSalt()));
|
||||
assertThat("Hash should not be empty for method '" + method + "'",
|
||||
StringUtils.isEmpty(encryptedPassword.getHash()), equalTo(false));
|
||||
StringUtils.isEmpty(hashedPassword.getHash()), equalTo(false));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,7 +3,7 @@ package fr.xephi.authme.security;
|
||||
import fr.xephi.authme.cache.auth.PlayerAuth;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.events.PasswordEncryptionEvent;
|
||||
import fr.xephi.authme.security.crypts.EncryptedPassword;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.security.crypts.EncryptionMethod;
|
||||
import fr.xephi.authme.security.crypts.JOOMLA;
|
||||
import fr.xephi.authme.security.crypts.PHPBB;
|
||||
@ -64,7 +64,7 @@ public class PasswordSecurityTest {
|
||||
@Test
|
||||
public void shouldReturnPasswordMatch() {
|
||||
// given
|
||||
EncryptedPassword password = new EncryptedPassword("$TEST$10$SOME_HASH", null);
|
||||
HashedPassword password = new HashedPassword("$TEST$10$SOME_HASH", null);
|
||||
String playerName = "Tester";
|
||||
// Calls to EncryptionMethod are always with the lower-case version of the name
|
||||
String playerLowerCase = playerName.toLowerCase();
|
||||
@ -89,7 +89,7 @@ public class PasswordSecurityTest {
|
||||
@Test
|
||||
public void shouldReturnPasswordMismatch() {
|
||||
// given
|
||||
EncryptedPassword password = new EncryptedPassword("$TEST$10$SOME_HASH", null);
|
||||
HashedPassword password = new HashedPassword("$TEST$10$SOME_HASH", null);
|
||||
String playerName = "My_PLayer";
|
||||
String playerLowerCase = playerName.toLowerCase();
|
||||
String clearTextPass = "passw0Rd1";
|
||||
@ -126,24 +126,24 @@ public class PasswordSecurityTest {
|
||||
assertThat(result, equalTo(false));
|
||||
verify(dataSource).getAuth(playerName);
|
||||
verify(pluginManager, never()).callEvent(any(Event.class));
|
||||
verify(method, never()).comparePassword(anyString(), any(EncryptedPassword.class), anyString());
|
||||
verify(method, never()).comparePassword(anyString(), any(HashedPassword.class), anyString());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldTryOtherMethodsForFailedPassword() {
|
||||
// given
|
||||
// BCRYPT hash for "Test"
|
||||
EncryptedPassword password =
|
||||
new EncryptedPassword("$2y$10$2e6d2193f43501c926e25elvWlPmWczmrfrnbZV0dUZGITjYjnkkW");
|
||||
HashedPassword password =
|
||||
new HashedPassword("$2y$10$2e6d2193f43501c926e25elvWlPmWczmrfrnbZV0dUZGITjYjnkkW");
|
||||
String playerName = "somePlayer";
|
||||
String playerLowerCase = playerName.toLowerCase();
|
||||
String clearTextPass = "Test";
|
||||
// MD5 hash for "Test"
|
||||
EncryptedPassword newPassword = new EncryptedPassword("0cbc6611f5540bd0809a388dc95a615b");
|
||||
HashedPassword newPassword = new HashedPassword("0cbc6611f5540bd0809a388dc95a615b");
|
||||
|
||||
PlayerAuth auth = mock(PlayerAuth.class);
|
||||
doCallRealMethod().when(auth).getPassword();
|
||||
doCallRealMethod().when(auth).setPassword(any(EncryptedPassword.class));
|
||||
doCallRealMethod().when(auth).setPassword(any(HashedPassword.class));
|
||||
auth.setPassword(password);
|
||||
given(dataSource.getAuth(argThat(equalToIgnoringCase(playerName)))).willReturn(auth);
|
||||
given(method.comparePassword(clearTextPass, password, playerLowerCase)).willReturn(false);
|
||||
@ -174,15 +174,15 @@ public class PasswordSecurityTest {
|
||||
String password = "MyP@ssword";
|
||||
String username = "theUserInTest";
|
||||
String usernameLowerCase = username.toLowerCase();
|
||||
EncryptedPassword encryptedPassword = new EncryptedPassword("$T$est#Hash", "__someSalt__");
|
||||
given(method.computeHash(password, usernameLowerCase)).willReturn(encryptedPassword);
|
||||
HashedPassword hashedPassword = new HashedPassword("$T$est#Hash", "__someSalt__");
|
||||
given(method.computeHash(password, usernameLowerCase)).willReturn(hashedPassword);
|
||||
PasswordSecurity security = new PasswordSecurity(dataSource, HashAlgorithm.JOOMLA, pluginManager, true);
|
||||
|
||||
// when
|
||||
EncryptedPassword result = security.computeHash(password, username);
|
||||
HashedPassword result = security.computeHash(password, username);
|
||||
|
||||
// then
|
||||
assertThat(result, equalTo(encryptedPassword));
|
||||
assertThat(result, equalTo(hashedPassword));
|
||||
ArgumentCaptor<PasswordEncryptionEvent> captor = ArgumentCaptor.forClass(PasswordEncryptionEvent.class);
|
||||
verify(pluginManager).callEvent(captor.capture());
|
||||
PasswordEncryptionEvent event = captor.getValue();
|
||||
@ -195,15 +195,15 @@ public class PasswordSecurityTest {
|
||||
// given
|
||||
String password = "TopSecretPass#112525";
|
||||
String username = "someone12";
|
||||
EncryptedPassword encryptedPassword = new EncryptedPassword("~T!est#Hash", "__someSalt__");
|
||||
given(method.computeHash(password, username)).willReturn(encryptedPassword);
|
||||
HashedPassword hashedPassword = new HashedPassword("~T!est#Hash", "__someSalt__");
|
||||
given(method.computeHash(password, username)).willReturn(hashedPassword);
|
||||
PasswordSecurity security = new PasswordSecurity(dataSource, HashAlgorithm.JOOMLA, pluginManager, true);
|
||||
|
||||
// when
|
||||
EncryptedPassword result = security.computeHash(HashAlgorithm.PHPBB, password, username);
|
||||
HashedPassword result = security.computeHash(HashAlgorithm.PHPBB, password, username);
|
||||
|
||||
// then
|
||||
assertThat(result, equalTo(encryptedPassword));
|
||||
assertThat(result, equalTo(hashedPassword));
|
||||
ArgumentCaptor<PasswordEncryptionEvent> captor = ArgumentCaptor.forClass(PasswordEncryptionEvent.class);
|
||||
verify(pluginManager).callEvent(captor.capture());
|
||||
PasswordEncryptionEvent event = captor.getValue();
|
||||
@ -216,19 +216,19 @@ public class PasswordSecurityTest {
|
||||
// given
|
||||
String password = "?topSecretPass\\";
|
||||
String username = "someone12";
|
||||
EncryptedPassword encryptedPassword = new EncryptedPassword("~T!est#Hash");
|
||||
given(method.computeHash(password, username)).willReturn(encryptedPassword);
|
||||
HashedPassword hashedPassword = new HashedPassword("~T!est#Hash");
|
||||
given(method.computeHash(password, username)).willReturn(hashedPassword);
|
||||
given(method.hasSeparateSalt()).willReturn(true);
|
||||
PasswordSecurity security = new PasswordSecurity(dataSource, HashAlgorithm.XAUTH, pluginManager, true);
|
||||
|
||||
// when
|
||||
boolean result = security.comparePassword(password, encryptedPassword, username);
|
||||
boolean result = security.comparePassword(password, hashedPassword, username);
|
||||
|
||||
// then
|
||||
assertThat(result, equalTo(false));
|
||||
verify(dataSource, never()).getAuth(anyString());
|
||||
verify(pluginManager).callEvent(any(PasswordEncryptionEvent.class));
|
||||
verify(method, never()).comparePassword(anyString(), any(EncryptedPassword.class), anyString());
|
||||
verify(method, never()).comparePassword(anyString(), any(HashedPassword.class), anyString());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -35,7 +35,7 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
/** The encryption method to test. */
|
||||
private EncryptionMethod method;
|
||||
/** Map with the hashes against which the entries in GIVEN_PASSWORDS are tested. */
|
||||
private Map<String, EncryptedPassword> hashes;
|
||||
private Map<String, HashedPassword> hashes;
|
||||
|
||||
/**
|
||||
* Create a new test for the given encryption method.
|
||||
@ -45,7 +45,7 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
*/
|
||||
public AbstractEncryptionMethodTest(EncryptionMethod method, String... computedHashes) {
|
||||
if (method.hasSeparateSalt()) {
|
||||
throw new UnsupportedOperationException("Test must be initialized with EncryptedPassword objects if "
|
||||
throw new UnsupportedOperationException("Test must be initialized with HashedPassword objects if "
|
||||
+ "the salt is stored separately. Use the other constructor");
|
||||
} else if (computedHashes.length != GIVEN_PASSWORDS.length) {
|
||||
throw new UnsupportedOperationException("Expected " + GIVEN_PASSWORDS.length + " hashes");
|
||||
@ -54,12 +54,12 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
|
||||
hashes = new HashMap<>();
|
||||
for (int i = 0; i < GIVEN_PASSWORDS.length; ++i) {
|
||||
hashes.put(GIVEN_PASSWORDS[i], new EncryptedPassword(computedHashes[i]));
|
||||
hashes.put(GIVEN_PASSWORDS[i], new HashedPassword(computedHashes[i]));
|
||||
}
|
||||
}
|
||||
|
||||
public AbstractEncryptionMethodTest(EncryptionMethod method, EncryptedPassword result0, EncryptedPassword result1,
|
||||
EncryptedPassword result2, EncryptedPassword result3) {
|
||||
public AbstractEncryptionMethodTest(EncryptionMethod method, HashedPassword result0, HashedPassword result1,
|
||||
HashedPassword result2, HashedPassword result3) {
|
||||
if (!method.hasSeparateSalt()) {
|
||||
throw new UnsupportedOperationException("Salt is not stored separately, so test should be initialized"
|
||||
+ " with the password hashes only. Use the other constructor");
|
||||
@ -102,7 +102,7 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
for (String password : internalPasswords) {
|
||||
final String salt = method.generateSalt();
|
||||
final String hash = method.computeHash(password, salt, USERNAME);
|
||||
EncryptedPassword encryptedPassword = new EncryptedPassword(hash, salt);
|
||||
HashedPassword hashedPassword = new HashedPassword(hash, salt);
|
||||
|
||||
// Check that the computeHash(password, salt, name) method has the same output for the returned salt
|
||||
if (testHashEqualityForSameSalt()) {
|
||||
@ -111,14 +111,14 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
}
|
||||
|
||||
assertTrue("Generated hash for '" + password + "' should match password (hash = '" + hash + "')",
|
||||
method.comparePassword(password, encryptedPassword, USERNAME));
|
||||
method.comparePassword(password, hashedPassword, USERNAME));
|
||||
if (!password.equals(password.toLowerCase())) {
|
||||
assertFalse("Lower-case of '" + password + "' should not match generated hash '" + hash + "'",
|
||||
method.comparePassword(password.toLowerCase(), encryptedPassword, USERNAME));
|
||||
method.comparePassword(password.toLowerCase(), hashedPassword, USERNAME));
|
||||
}
|
||||
if (!password.equals(password.toUpperCase())) {
|
||||
assertFalse("Upper-case of '" + password + "' should not match generated hash '" + hash + "'",
|
||||
method.comparePassword(password.toUpperCase(), encryptedPassword, USERNAME));
|
||||
method.comparePassword(password.toUpperCase(), hashedPassword, USERNAME));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -143,9 +143,9 @@ public abstract class AbstractEncryptionMethodTest {
|
||||
}
|
||||
|
||||
if (method.hasSeparateSalt()) {
|
||||
EncryptedPassword encryptedPassword = method.computeHash(password, USERNAME);
|
||||
System.out.println(String.format("\t\tnew EncryptedPassword(\"%s\", \"%s\")%s// %s",
|
||||
encryptedPassword.getHash(), encryptedPassword.getSalt(), delim, password));
|
||||
HashedPassword hashedPassword = method.computeHash(password, USERNAME);
|
||||
System.out.println(String.format("\t\tnew HashedPassword(\"%s\", \"%s\")%s// %s",
|
||||
hashedPassword.getHash(), hashedPassword.getSalt(), delim, password));
|
||||
} else {
|
||||
System.out.println("\t\t\"" + method.computeHash(password, USERNAME).getHash()
|
||||
+ "\"" + delim + "// " + password);
|
||||
|
||||
@ -7,10 +7,10 @@ public class IPB3Test extends AbstractEncryptionMethodTest {
|
||||
|
||||
public IPB3Test() {
|
||||
super(new IPB3(),
|
||||
new EncryptedPassword("f8ecea1ce42b5babef369ff7692dbe3f", "1715b"), //password
|
||||
new EncryptedPassword("40a93731a931352e0619cdf09b975040", "ba91c"), //PassWord1
|
||||
new EncryptedPassword("a77ca982373946d5800430bd2947ba11", "a7725"), //&^%te$t?Pw@_
|
||||
new EncryptedPassword("383d7b9e2b707d6e894ec7b30e3032c3", "fa9fd")); //âË_3(íù*
|
||||
new HashedPassword("f8ecea1ce42b5babef369ff7692dbe3f", "1715b"), //password
|
||||
new HashedPassword("40a93731a931352e0619cdf09b975040", "ba91c"), //PassWord1
|
||||
new HashedPassword("a77ca982373946d5800430bd2947ba11", "a7725"), //&^%te$t?Pw@_
|
||||
new HashedPassword("383d7b9e2b707d6e894ec7b30e3032c3", "fa9fd")); //âË_3(íù*
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,10 +7,10 @@ public class MYBBTest extends AbstractEncryptionMethodTest {
|
||||
|
||||
public MYBBTest() {
|
||||
super(new MYBB(),
|
||||
new EncryptedPassword("57c7a16d860833db5030738f5a465d2b", "acdc14e6"), //password
|
||||
new EncryptedPassword("08fbdf721f2c42d9780b7d66df0ba830", "792fd7fb"), //PassWord1
|
||||
new EncryptedPassword("d602f38fb59ad9e185d5604f5d4ddb36", "4b5534a4"), //&^%te$t?Pw@_
|
||||
new EncryptedPassword("b3c39410d0ab8ae2a65c257820797fad", "e5a6cb14")); //âË_3(íù*
|
||||
new HashedPassword("57c7a16d860833db5030738f5a465d2b", "acdc14e6"), //password
|
||||
new HashedPassword("08fbdf721f2c42d9780b7d66df0ba830", "792fd7fb"), //PassWord1
|
||||
new HashedPassword("d602f38fb59ad9e185d5604f5d4ddb36", "4b5534a4"), //&^%te$t?Pw@_
|
||||
new HashedPassword("b3c39410d0ab8ae2a65c257820797fad", "e5a6cb14")); //âË_3(íù*
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,10 +7,10 @@ public class PHPFUSIONTest extends AbstractEncryptionMethodTest {
|
||||
|
||||
public PHPFUSIONTest() {
|
||||
super(new PHPFUSION(),
|
||||
new EncryptedPassword("f7a606c4eb3fcfbc382906476e05b06f21234a77d1a4eacc0f93f503deb69e70", "6cd1c97c55cb"), // password
|
||||
new EncryptedPassword("8a9b7bb706a3347e5f684a7cb905bfb26b9a0d099358064139ab3ed1a66aeb2b", "d6012370b73f"), // PassWord1
|
||||
new EncryptedPassword("43f2f23f44c8f89e2dbf06050bc8c77dbcdf71a7b5d28c87ec657d474e63d62d", "f75400a209a4"), // &^%te$t?Pw@_
|
||||
new EncryptedPassword("4e7f4eb7e3653d7460f1cf590def4153c6fcdf8b8e16fb95538fdf9e54a95245", "d552e0f5b23a")); // âË_3(íù*
|
||||
new HashedPassword("f7a606c4eb3fcfbc382906476e05b06f21234a77d1a4eacc0f93f503deb69e70", "6cd1c97c55cb"), // password
|
||||
new HashedPassword("8a9b7bb706a3347e5f684a7cb905bfb26b9a0d099358064139ab3ed1a66aeb2b", "d6012370b73f"), // PassWord1
|
||||
new HashedPassword("43f2f23f44c8f89e2dbf06050bc8c77dbcdf71a7b5d28c87ec657d474e63d62d", "f75400a209a4"), // &^%te$t?Pw@_
|
||||
new HashedPassword("4e7f4eb7e3653d7460f1cf590def4153c6fcdf8b8e16fb95538fdf9e54a95245", "d552e0f5b23a")); // âË_3(íù*
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -17,10 +17,10 @@ public class SALTED2MD5Test extends AbstractEncryptionMethodTest {
|
||||
|
||||
public SALTED2MD5Test() {
|
||||
super(new SALTED2MD5(),
|
||||
new EncryptedPassword("9f3d13dc01a6fe61fd669954174399f3", "9b5f5749"), // password
|
||||
new EncryptedPassword("b28c32f624a4eb161d6adc9acb5bfc5b", "f750ba32"), // PassWord1
|
||||
new EncryptedPassword("38dcb83cc68424afe3cda012700c2bb1", "eb2c3394"), // &^%te$t?Pw@_
|
||||
new EncryptedPassword("ad25606eae5b760c8a2469d65578ac39", "04eee598")); // âË_3(íù*)
|
||||
new HashedPassword("9f3d13dc01a6fe61fd669954174399f3", "9b5f5749"), // password
|
||||
new HashedPassword("b28c32f624a4eb161d6adc9acb5bfc5b", "f750ba32"), // PassWord1
|
||||
new HashedPassword("38dcb83cc68424afe3cda012700c2bb1", "eb2c3394"), // &^%te$t?Pw@_
|
||||
new HashedPassword("ad25606eae5b760c8a2469d65578ac39", "04eee598")); // âË_3(íù*)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,10 +7,10 @@ public class SALTEDSHA512Test extends AbstractEncryptionMethodTest {
|
||||
|
||||
public SALTEDSHA512Test() {
|
||||
super(new SALTEDSHA512(),
|
||||
new EncryptedPassword("dea7a37cecf5384ae8e347fd1411efb51364b6ba1b328695de3b354612c1d7010807e8b7051c40f740e498490e1f133e2c2408327d13fbdd68e1b1f6d548e624", "29f8a3c52147f987fee7ba3e0fb311bd"), // password
|
||||
new EncryptedPassword("7c06225aac574d2dc7c81a2ed306637adf025715f52083e05bdab014faaa234e24a97d0e69ea0108dfa77cc9228e58be319ee677e679b5d1ad168d40e50a42f6", "8ea37b85d020b98f60c0fe9b8ec9296c"), // PassWord1
|
||||
new EncryptedPassword("55711adbe03c9616f3505f0d57077fdd528c32243eb6f9840c1a6ff9e553940d6b89790750ebd52ebda63ca793fbe9980d54057af40836820c648750fe22d49c", "9f58079631ef21d32b4710694f1f461b"), // &^%te$t?Pw@_
|
||||
new EncryptedPassword("29dc5be8702975ea4563ed3de5b145e2d2f1c37ae661bbe0d3e94d964402cf09d539d65f3b90ff6921ea3d40727f76fb38fb34d1e5c2d62238c4e0203efc372f", "048bb76168265d906f1fd1f81d0616a9")); // âË_3(íù*
|
||||
new HashedPassword("dea7a37cecf5384ae8e347fd1411efb51364b6ba1b328695de3b354612c1d7010807e8b7051c40f740e498490e1f133e2c2408327d13fbdd68e1b1f6d548e624", "29f8a3c52147f987fee7ba3e0fb311bd"), // password
|
||||
new HashedPassword("7c06225aac574d2dc7c81a2ed306637adf025715f52083e05bdab014faaa234e24a97d0e69ea0108dfa77cc9228e58be319ee677e679b5d1ad168d40e50a42f6", "8ea37b85d020b98f60c0fe9b8ec9296c"), // PassWord1
|
||||
new HashedPassword("55711adbe03c9616f3505f0d57077fdd528c32243eb6f9840c1a6ff9e553940d6b89790750ebd52ebda63ca793fbe9980d54057af40836820c648750fe22d49c", "9f58079631ef21d32b4710694f1f461b"), // &^%te$t?Pw@_
|
||||
new HashedPassword("29dc5be8702975ea4563ed3de5b145e2d2f1c37ae661bbe0d3e94d964402cf09d539d65f3b90ff6921ea3d40727f76fb38fb34d1e5c2d62238c4e0203efc372f", "048bb76168265d906f1fd1f81d0616a9")); // âË_3(íù*
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,10 +7,10 @@ public class WBB3Test extends AbstractEncryptionMethodTest {
|
||||
|
||||
public WBB3Test() {
|
||||
super(new WBB3(),
|
||||
new EncryptedPassword("8df818ef7d56075ab2744f74b98ad68a375ccac4", "b7415b355492ea60314f259a35733a3092c03e3f"), // password
|
||||
new EncryptedPassword("106da5cf5df92cb845e12cf62cbdb5235b6dc693", "6110f19b2b52910dccf592a19c59126873f42e69"), // PassWord1
|
||||
new EncryptedPassword("940a9fb7acec0178c6691e8b3c14bd7d789078b1", "f9dd501ff3d1bf74904f9e89649e378429af56e7"), // &^%te$t?Pw@_
|
||||
new EncryptedPassword("0fa12e8d96c9e95f73aa91f3b76f8cdc815ec8a5", "736be8669f6159ddb2d5b47a3e6428cdb8b324de")); // âË_3(íù*
|
||||
new HashedPassword("8df818ef7d56075ab2744f74b98ad68a375ccac4", "b7415b355492ea60314f259a35733a3092c03e3f"), // password
|
||||
new HashedPassword("106da5cf5df92cb845e12cf62cbdb5235b6dc693", "6110f19b2b52910dccf592a19c59126873f42e69"), // PassWord1
|
||||
new HashedPassword("940a9fb7acec0178c6691e8b3c14bd7d789078b1", "f9dd501ff3d1bf74904f9e89649e378429af56e7"), // &^%te$t?Pw@_
|
||||
new HashedPassword("0fa12e8d96c9e95f73aa91f3b76f8cdc815ec8a5", "736be8669f6159ddb2d5b47a3e6428cdb8b324de")); // âË_3(íù*
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user