Meishin/LoginSystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,687 Commits 10 Branches 53 Tags
Commit Graph

61 Commits

Author SHA1 Message Date
DNx5
da5de58afb Rename XF class into XFBCRYPT. 2016-01-07 06:15:39 +07:00
DNx5
e0c3affa33 Merge branch 'master' into 137-xenforo-support 
Conflicts:
	src/main/java/fr/xephi/authme/datasource/CacheDataSource.java
	src/main/java/fr/xephi/authme/datasource/DataSource.java
	src/main/java/fr/xephi/authme/datasource/SQLite.java
	src/main/java/fr/xephi/authme/security/crypts/BCRYPT.java
 2016-01-06 12:15:27 +07:00
ljacqu
6475cecd79 Add tools task to generate an encryption algorithm overview 2015-12-31 13:33:00 +01:00
ljacqu
a0da423a7b Minor - Javadoc changes 
- Add/replace/improve javadoc in the commands and encryption section
- Note: A simple <p> is the javadoc way to make a new paragraph
http://www.oracle.com/technetwork/java/javase/documentation/index-137868.html#format
- Note: Do not escape '<' and '>' inside of {@code }
- Note: '>' does not need to be escaped
 2015-12-31 13:32:41 +01:00
DNx5
bd5d341e67 Xenforo support. 
- Added getPassword method in DataSource and all implementations.
 2015-12-31 11:05:18 +07:00
Xephi59
e1a84448a2 Fix the whole Javadoc syntax 2015-12-31 01:06:09 +01:00
ljacqu
aed23cb1ef Revert removal of XENFORO enum, hash class and custom SQL 
- Undo commits 121d323 and 1c12278
- Add TODO's with issue number
- Add slight, necessary adjustments for code changes since the reverted commits
 2015-12-31 00:36:08 +01:00
ljacqu
eea3697fa4 #364 Add test for bogus hashes 
- Verify that a "hash" in the wrong format doesn't throw exception (this is relevant when the supportOldPasswordHash setting is enabled)
 2015-12-30 23:24:36 +01:00
ljacqu
c0a393b8b3 Minor - rename EncryptedPassword to HashedPassword 
- We hash passwords; we don't encrypt them
 2015-12-30 22:51:59 +01:00
Gabriele C
300a621e1c cleanup 2015-12-30 22:28:45 +01:00
ljacqu
a3402d573f #358 Handle hash + salt as one "unit" 
- Rename HashResult to EncryptedPassword to reflect its broader use
- Use EncryptedPassword in methods that require the hash and the salt, instead of passing them as strings separately
- Store EncryptedPassword as field in PlayerAuth; updatePassword() thus processes the entire data in the EncryptedPassword object
 2015-12-30 17:56:22 +01:00
ljacqu
9c4a578bec #358 Remove old methods on PasswordSecurity, unify hash + salt 
- For encryption methods with a separate salt, the hash is useless without the salt, so hash and salt should always be persisted and retrieved together
 2015-12-30 15:43:25 +01:00
ljacqu
922082f312 #364 Add HashAlgorithm integration test, fix failing tests 
- Create integration test for the HashAlgorithm enum
- Create AsciiRestricted annotation and make test aware of it
- Add option to skip "same hash for same salt" test (for wordpress)
- Change some EncryptionMethods to extend from a common superclass
 2015-12-29 13:29:26 +01:00
ljacqu
531327dd9b Minor - make AuthMe.database private 
- In favor of AuthMe.getDataSource()
 2015-12-29 11:55:57 +01:00
ljacqu
121d323221 #369 Delete Xenforo (XF) encryption algorithm 
Rationale:
- Seems not to have been working since it was added to the codebase
- Seems not to correspond to the actual Xenforo password hashing (class does some sort of JSON extraction?)
- It would be easier to rewrite it from scratch if someone requests it later
 2015-12-28 22:32:24 +01:00
ljacqu
47f4275225 #358 Update EncryptionMethod to new interface 
- Add new methods to the EncryptionMethod interface
- Delete temporary interface (NewEncrMethod)
- Remove temporary checks and casts to NewEncrMethod
 2015-12-28 22:00:43 +01:00
ljacqu
9b73475b9a Minor - clean up bcrypt 2y implementation 
- Update Recommendation annotation
- Add proper length check to hash
- Remove check that is always true
 2015-12-28 21:27:47 +01:00
ljacqu
73bc6e286a #369 Fix bcrypt 2y implementation 
- Change salt length to 22: it was once changed on accident during some other commit
 2015-12-28 21:03:33 +01:00
ljacqu
48d0a65724 #358 Create encryption method supertypes, add new methods 2015-12-28 20:10:45 +01:00
ljacqu
31730699ac #358 Start refactoring PasswordSecurity 
- Add new methods temporarily to NewEncrMethod interface
   - No data source access within EncryptionMethod implementations
   - Generate the salt within the EncryptionMethod implementation
- Deprecate static methods on PasswordSecurity
- Adjust AbstractEncryptionMethodTest to test the classes with the new interface
- Add getter for data source instead of accessing field directly
 2015-12-28 16:23:08 +01:00
ljacqu
513ff9a928 #358 Make RandomString static & generate all rand. strings with it 
- Remove dubious random String generator on HashUtils
- Make further hash classes use HashUtils
 2015-12-27 22:16:16 +01:00
ljacqu
90a0325194 #358 Add future interface methods, remove exception throwing 
- Create Utils class for a common implementation of md5/sha1
- Create "foolproof" way of getting the MessageDigest for md5 etc. (MessageDigestAlgorithm enum)
- Create description annotations to annotate algorithms with usage recommendation and salt type
 2015-12-26 23:59:32 +01:00
ljacqu
1f11537b85 #364 Add more tests for encryption algorithms 
- Rename getHash() to computeHash(): get.. suggests it's just retrieving some field but it's really doing a computation, which is quite complex depending on the hash algorithm
 2015-12-20 23:43:54 +01:00
ljacqu
bf7a0c5a49 #364 Create first EncryptionMethod tests 2015-12-20 00:51:15 +01:00
ljacqu
7b2be4ca47 Remove redundant JavaDoc in security package 
- Remove all JavaDoc in security package that has no additional information than in the code
- Reduce visibility of class members where appropriate
 2015-12-19 09:53:52 +01:00
Tim Visée
09067ddbd1 Removed redundant code, fixed some warnings, other minor fixes 2015-11-23 22:18:04 +01:00
Tim Visée
82bf0f45ca Finalized some fields, removed redundant code, various other fixes 2015-11-23 22:14:03 +01:00
Tim Visée
83e5d726af Improved various code bits 2015-11-23 22:12:01 +01:00
Tim Visée
36c50c4507 Reformatted code with new code style 2015-11-23 21:46:34 +01:00
Tim Visée
53117928f5 Reformatted all files once again 2015-11-23 21:40:11 +01:00
Tim Visée
2e868c7492 Reformatted all code files, cleaned up the project 2015-11-23 21:33:08 +01:00
AuthMe-Team
9ec2d6d059 Stuff from the common floobits workspace 
Author:    AuthMe-Team <AuthMeTeam@123NoEmail.com>
 2015-11-23 20:23:52 +01:00
Gabriele C
bd1f868c6d standard javadoc 2015-11-21 01:31:18 +01:00
Gabriele C
118c79401a Prepare the project for javadocs 2015-11-21 01:27:06 +01:00
Gabriele C
adcd70b91d auto cleanup 2015-11-21 01:15:52 +01:00
Gabriele C
3567fc909d Organize imports 2015-10-09 19:18:24 +02:00
games647
e9f299fca8 Fix PlayerAuth constructor calls 2015-10-03 18:22:13 +02:00
DNx5
350ab53563 update base64 2015-09-20 08:44:30 +07:00
DNx5
b5546c07b4 cleanup string concatenates 2015-09-16 11:37:18 +07:00
DNx5
cdfdc06312 revert logger 2015-09-15 23:37:33 +07:00
DNx5
1de2705840 remove constant check 2015-09-15 23:20:26 +07:00
DNx5
221b32744c fix string concatenates performance 2015-09-15 22:44:40 +07:00
Gabriele C
65bb488f4c PBKDF2DJANGO Hash 2015-09-07 14:30:56 +02:00
DmitryRendov
7c2649abf5 Fix 2015-09-06 20:32:58 +00:00
DmitryRendov
495dd35b48 Updated PBKDF2 hasher to support Django 1.7+ 2015-09-06 20:28:25 +00:00
Xephi59
eec7a7f575 Add SALTEDSHA512 Encryption 2015-08-27 23:28:12 +02:00
Xephi59
0c20101947 Bcrypt only support $2a previously 2015-08-01 03:03:54 +02:00
Xephi59
30564fad6e nice fail 2015-08-01 02:57:25 +02:00
Xephi59
fa831700a2 Add bcrypt_2y for new phpbb system 2015-07-31 01:11:34 +02:00
Xephi59
480db6816f Synax 2015-07-20 02:41:14 +02:00