1f11537b85
- Rename getHash() to computeHash(): get.. suggests it's just retrieving some field but it's really doing a computation, which is quite complex depending on the hash algorithm
35 lines
1.2 KiB
Java
35 lines
1.2 KiB
Java
package fr.xephi.authme.security.crypts;
|
|
|
|
import fr.xephi.authme.security.pbkdf2.PBKDF2Engine;
|
|
import fr.xephi.authme.security.pbkdf2.PBKDF2Parameters;
|
|
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.util.Arrays;
|
|
|
|
/**
|
|
*/
|
|
public class CryptPBKDF2 implements EncryptionMethod {
|
|
|
|
@Override
|
|
public String computeHash(String password, String salt, String name)
|
|
throws NoSuchAlgorithmException {
|
|
String result = "pbkdf2_sha256$10000$" + salt + "$";
|
|
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 10000);
|
|
PBKDF2Engine engine = new PBKDF2Engine(params);
|
|
|
|
return result + Arrays.toString(engine.deriveKey(password, 64));
|
|
}
|
|
|
|
@Override
|
|
public boolean comparePassword(String hash, String password,
|
|
String playerName) throws NoSuchAlgorithmException {
|
|
String[] line = hash.split("\\$");
|
|
String salt = line[2];
|
|
String derivedKey = line[3];
|
|
PBKDF2Parameters params = new PBKDF2Parameters("HmacSHA256", "ASCII", salt.getBytes(), 10000, derivedKey.getBytes());
|
|
PBKDF2Engine engine = new PBKDF2Engine(params);
|
|
return engine.verifyKey(password);
|
|
}
|
|
|
|
}
|