diff --git a/src/main/java/fr/xephi/authme/security/crypts/BCRYPT2Y.java b/src/main/java/fr/xephi/authme/security/crypts/BCRYPT2Y.java index 90901cf9..1b372c4c 100644 --- a/src/main/java/fr/xephi/authme/security/crypts/BCRYPT2Y.java +++ b/src/main/java/fr/xephi/authme/security/crypts/BCRYPT2Y.java @@ -4,19 +4,24 @@ import fr.xephi.authme.security.crypts.description.Recommendation; import fr.xephi.authme.security.crypts.description.Usage; @Recommendation(Usage.DOES_NOT_WORK) -public class BCRYPT2Y implements EncryptionMethod { +public class BCRYPT2Y extends HexSaltedMethod { @Override public String computeHash(String password, String salt, String name) { if (salt.length() == 22) salt = "$2y$10$" + salt; - return (BCRYPT.hashpw(password, salt)); + return BCRYPT.hashpw(password, salt); } @Override - public boolean comparePassword(String hash, String password, String playerName) { + public boolean comparePassword(String hash, String password, String salt, String playerName) { String ok = hash.substring(0, 29); return ok.length() == 29 && hash.equals(computeHash(password, ok, playerName)); } + @Override + public int getSaltLength() { + return 22; + } + } diff --git a/src/test/java/fr/xephi/authme/security/crypts/AbstractEncryptionMethodTest.java b/src/test/java/fr/xephi/authme/security/crypts/AbstractEncryptionMethodTest.java index a169f622..774cb4d9 100644 --- a/src/test/java/fr/xephi/authme/security/crypts/AbstractEncryptionMethodTest.java +++ b/src/test/java/fr/xephi/authme/security/crypts/AbstractEncryptionMethodTest.java @@ -151,7 +151,6 @@ public abstract class AbstractEncryptionMethodTest { NewEncrMethod method1 = null; if (method instanceof NewEncrMethod) { method1 = (NewEncrMethod) method; - if (!method1.hasSeparateSalt()) method1 = null; } @@ -161,9 +160,14 @@ public abstract class AbstractEncryptionMethodTest { delim = "); "; } if (method1 != null) { - HashResult hashResult = method1.computeHash(password, USERNAME); - System.out.println(String.format("\t\tnew HashResult(\"%s\", \"%s\")%s// %s", - hashResult.getHash(), hashResult.getSalt(), delim, password)); + if (method1.hasSeparateSalt()) { + HashResult hashResult = method1.computeHash(password, USERNAME); + System.out.println(String.format("\t\tnew HashResult(\"%s\", \"%s\")%s// %s", + hashResult.getHash(), hashResult.getSalt(), delim, password)); + } else { + System.out.println("\t\t\"" + method1.computeHash(password, USERNAME).getHash() + + "\"" + delim + "// " + password); + } } else { System.out.println("\t\t\"" + method.computeHash(password, null, USERNAME) + "\"" + delim + "// " + password); diff --git a/src/test/java/fr/xephi/authme/security/crypts/BCRYPT2YTest.java b/src/test/java/fr/xephi/authme/security/crypts/BCRYPT2YTest.java index d49c1d3c..ac34dea0 100644 --- a/src/test/java/fr/xephi/authme/security/crypts/BCRYPT2YTest.java +++ b/src/test/java/fr/xephi/authme/security/crypts/BCRYPT2YTest.java @@ -1,23 +1,16 @@ package fr.xephi.authme.security.crypts; -import fr.xephi.authme.security.PasswordSecurity; -import org.junit.Ignore; -import org.junit.Test; - -import java.security.NoSuchAlgorithmException; - /** * Test for {@link BCRYPT2Y}. */ -@Ignore -// TODO #369: Fix hash & add standard test -public class BCRYPT2YTest { +public class BCRYPT2YTest extends AbstractEncryptionMethodTest { - @Test - public void shouldCreateHash() throws NoSuchAlgorithmException { - String salt = PasswordSecurity.createSalt(16); // As defined in PasswordSecurity - EncryptionMethod method = new BCRYPT2Y(); - System.out.println(method.computeHash("password", salt, "testPlayer")); + public BCRYPT2YTest() { + super(new BCRYPT2Y(), + "$2y$10$da641e404b982edf1c7c0uTU9BcKzfA2vWKV05q6r.dCvm/93wqVK", // password + "$2y$10$e52c48a76f5b86f5da899uiK/HYocyPsfQXESNbP278rIz08LKEP2", // PassWord1 + "$2y$10$be6f11548dc5fb4088410ONdC0dXnJ04y1RHcJh5fVF3XK5d.qgqK", // &^%te$t?Pw@_ + "$2y$10$a8097db1fa4423b93f1b2eF6rMAGFkSX178fpROf/OvCFtrDebp6K"); // âË_3(íù* } }