Upstream
/
AuthMeReloaded
mirror of https://github.com/AuthMe/AuthMeReloaded.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,615 Commits 49 Branches 7 Tags 106 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
ljacqu b22f26822b
#1627 Replace BCryptService with Maven dependency (#1629) 
* #1627 Replace BCryptService with Maven dependency
- Remove BCryptService in favor of a better BCrypt implementation (Maven dependency)
- Introduce BCryptHasher wrapping the dependency with more suitable methods
- Fix inaccurate details about salt length in docu annotation: for BCrypt it's always 22 chars
- Change phpBB hash to produce 2y hashes instead of 2a

* #1627 Use UTF-8 encoding when (dis)assembling Strings

* #1627 Small test additions
 2018-09-03 23:13:48 +02:00
ljacqu d55b4bb3b5 #1561 Fix timing attacks by comparing hashes in constant time (#1563) 
* #1561 Fix timing attacks by comparing hashes in constant time

* #1561 Fix timing attacks in phpBB fallback hashes
- As noted by @games647
 2018-04-22 21:27:38 +02:00
ljacqu 7f3c308009 #848 Prevent "invalid salt version" when hash format is clearly not BCrypt 2016-08-13 20:10:38 +02:00
ljacqu 3c6415a6a4 #432 Use injector instantiate hash algorithms 2016-04-30 12:17:18 +02:00
ljacqu c079692f1d Minor - code householding (tests) 
- Remove redundant uses of WrapperMock
- Use assertThat() from JUnit, not hamcrest
- Use hamcrest Matchers everywhere (not BaseMatchers etc.)
- Favor Mockito's argThat() over using ArgumentCaptor (more succinct)
- Delete useless test classes
 2016-04-03 07:38:13 +02:00
ljacqu 804a670e08 Create test for HashUtils and RandomString 2015-12-27 23:37:07 +01:00