86 lines
2.7 KiB
Java
86 lines
2.7 KiB
Java
package fr.xephi.authme.security.crypts;
|
|
|
|
import fr.xephi.authme.AuthMe;
|
|
|
|
import javax.crypto.Mac;
|
|
import javax.crypto.spec.SecretKeySpec;
|
|
import java.io.UnsupportedEncodingException;
|
|
import java.math.BigInteger;
|
|
import java.security.InvalidKeyException;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
|
|
/**
|
|
*/
|
|
public class PHPFUSION implements EncryptionMethod {
|
|
|
|
/**
|
|
* Method getSHA1.
|
|
*
|
|
* @param message String
|
|
*
|
|
* @return String * @throws NoSuchAlgorithmException
|
|
*/
|
|
private static String getSHA1(String message)
|
|
throws NoSuchAlgorithmException {
|
|
MessageDigest sha1 = MessageDigest.getInstance("SHA1");
|
|
sha1.reset();
|
|
sha1.update(message.getBytes());
|
|
byte[] digest = sha1.digest();
|
|
return String.format("%0" + (digest.length << 1) + "x", new BigInteger(1, digest));
|
|
}
|
|
|
|
/**
|
|
* Method getHash.
|
|
*
|
|
* @param password String
|
|
* @param salt String
|
|
* @param name String
|
|
*
|
|
* @return String * @throws NoSuchAlgorithmException * @see fr.xephi.authme.security.crypts.EncryptionMethod#getHash(String, String, String)
|
|
*/
|
|
@Override
|
|
public String getHash(String password, String salt, String name)
|
|
throws NoSuchAlgorithmException {
|
|
String digest = null;
|
|
String algo = "HmacSHA256";
|
|
String keyString = getSHA1(salt);
|
|
try {
|
|
SecretKeySpec key = new SecretKeySpec((keyString).getBytes("UTF-8"), algo);
|
|
Mac mac = Mac.getInstance(algo);
|
|
mac.init(key);
|
|
byte[] bytes = mac.doFinal(password.getBytes("ASCII"));
|
|
StringBuffer hash = new StringBuffer();
|
|
for (int i = 0; i < bytes.length; i++) {
|
|
String hex = Integer.toHexString(0xFF & bytes[i]);
|
|
if (hex.length() == 1) {
|
|
hash.append('0');
|
|
}
|
|
hash.append(hex);
|
|
}
|
|
digest = hash.toString();
|
|
} catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException e) {
|
|
//ingore
|
|
}
|
|
|
|
return digest;
|
|
}
|
|
|
|
/**
|
|
* Method comparePassword.
|
|
*
|
|
* @param hash String
|
|
* @param password String
|
|
* @param playerName String
|
|
*
|
|
* @return boolean * @throws NoSuchAlgorithmException * @see fr.xephi.authme.security.crypts.EncryptionMethod#comparePassword(String, String, String)
|
|
*/
|
|
@Override
|
|
public boolean comparePassword(String hash, String password,
|
|
String playerName) throws NoSuchAlgorithmException {
|
|
String salt = AuthMe.getInstance().database.getAuth(playerName).getSalt();
|
|
return hash.equals(getHash(password, salt, ""));
|
|
}
|
|
|
|
}
|