From eec7a7f575f3eec4d7428274ecf67a23ed1b7be4 Mon Sep 17 00:00:00 2001 From: Xephi59 Date: Thu, 27 Aug 2015 23:28:12 +0200 Subject: [PATCH] Add SALTEDSHA512 Encryption --- .../xephi/authme/security/HashAlgorithm.java | 1 + .../authme/security/PasswordSecurity.java | 9 ++++-- .../authme/security/crypts/SALTEDSHA512.java | 32 +++++++++++++++++++ 3 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 src/main/java/fr/xephi/authme/security/crypts/SALTEDSHA512.java diff --git a/src/main/java/fr/xephi/authme/security/HashAlgorithm.java b/src/main/java/fr/xephi/authme/security/HashAlgorithm.java index a9fd19e53..312b6df01 100644 --- a/src/main/java/fr/xephi/authme/security/HashAlgorithm.java +++ b/src/main/java/fr/xephi/authme/security/HashAlgorithm.java @@ -29,6 +29,7 @@ public enum HashAlgorithm { ROYALAUTH(fr.xephi.authme.security.crypts.ROYALAUTH.class), CRAZYCRYPT1(fr.xephi.authme.security.crypts.CRAZYCRYPT1.class), BCRYPT2Y(fr.xephi.authme.security.crypts.BCRYPT2Y.class), + SALTEDSHA512(fr.xephi.authme.security.crypts.SALTEDSHA512.class), CUSTOM(Null.class); Class classe; diff --git a/src/main/java/fr/xephi/authme/security/PasswordSecurity.java b/src/main/java/fr/xephi/authme/security/PasswordSecurity.java index bfc2fb2d6..305b89b63 100644 --- a/src/main/java/fr/xephi/authme/security/PasswordSecurity.java +++ b/src/main/java/fr/xephi/authme/security/PasswordSecurity.java @@ -96,7 +96,12 @@ public class PasswordSecurity { userSalt.put(playerName, salt); break; case BCRYPT2Y: - salt = createSalt(22); + salt = createSalt(16); + userSalt.put(playerName, salt); + break; + case SALTEDSHA512: + salt = createSalt(32); + userSalt.put(playerName, salt); break; case MD5: case SHA1: @@ -165,7 +170,7 @@ public class PasswordSecurity { PlayerAuth nAuth = AuthMe.getInstance().database.getAuth(playerName); if (nAuth != null) { nAuth.setHash(getHash(Settings.getPasswordHash, password, playerName)); - nAuth.setSalt(userSalt.get(playerName)); + nAuth.setSalt(userSalt.containsKey(playerName) ? userSalt.get(playerName) : ""); AuthMe.getInstance().database.updatePassword(nAuth); AuthMe.getInstance().database.updateSalt(nAuth); } diff --git a/src/main/java/fr/xephi/authme/security/crypts/SALTEDSHA512.java b/src/main/java/fr/xephi/authme/security/crypts/SALTEDSHA512.java new file mode 100644 index 000000000..0050dd73d --- /dev/null +++ b/src/main/java/fr/xephi/authme/security/crypts/SALTEDSHA512.java @@ -0,0 +1,32 @@ +package fr.xephi.authme.security.crypts; + +import java.math.BigInteger; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import fr.xephi.authme.AuthMe; + +public class SALTEDSHA512 implements EncryptionMethod { + + @Override + public String getHash(String password, String salt, String name) + throws NoSuchAlgorithmException { + return getSHA512(password + salt); + } + + @Override + public boolean comparePassword(String hash, String password, + String playerName) throws NoSuchAlgorithmException { + String salt = AuthMe.getInstance().database.getAuth(playerName).getSalt(); + return hash.equals(getHash(password, salt, "")); + } + + private static String getSHA512(String message) + throws NoSuchAlgorithmException { + MessageDigest sha512 = MessageDigest.getInstance("SHA-512"); + sha512.reset(); + sha512.update(message.getBytes()); + byte[] digest = sha512.digest(); + return String.format("%0" + (digest.length << 1) + "x", new BigInteger(1, digest)); + } +}