b22f26822b
* #1627 Replace BCryptService with Maven dependency - Remove BCryptService in favor of a better BCrypt implementation (Maven dependency) - Introduce BCryptHasher wrapping the dependency with more suitable methods - Fix inaccurate details about salt length in docu annotation: for BCrypt it's always 22 chars - Change phpBB hash to produce 2y hashes instead of 2a * #1627 Use UTF-8 encoding when (dis)assembling Strings * #1627 Small test additions
36 lines
990 B
Java
36 lines
990 B
Java
package fr.xephi.authme.security.crypts;
|
|
|
|
import at.favre.lib.crypto.bcrypt.BCrypt;
|
|
|
|
import java.util.regex.Matcher;
|
|
import java.util.regex.Pattern;
|
|
|
|
public class XfBCrypt extends BCryptBasedHash {
|
|
|
|
public static final String SCHEME_CLASS = "XenForo_Authentication_Core12";
|
|
private static final Pattern HASH_PATTERN = Pattern.compile("\"hash\";s.*\"(.*)?\"");
|
|
|
|
XfBCrypt() {
|
|
super(new BCryptHasher(BCrypt.Version.VERSION_2A, 10));
|
|
}
|
|
|
|
/**
|
|
* Extracts the password hash from the given BLOB.
|
|
*
|
|
* @param blob the blob to process
|
|
* @return the extracted hash
|
|
*/
|
|
public static String getHashFromBlob(byte[] blob) {
|
|
String line = new String(blob);
|
|
Matcher m = HASH_PATTERN.matcher(line);
|
|
if (m.find()) {
|
|
return m.group(1);
|
|
}
|
|
return "*"; // what?
|
|
}
|
|
|
|
public static String serializeHash(String hash) {
|
|
return "a:1:{s:4:\"hash\";s:" + hash.length() + ":\""+hash+"\";}";
|
|
}
|
|
}
|