diff options
author | Petr Ilin <hevav@hevav.dev> | 2022-02-06 21:30:33 +0300 |
---|---|---|
committer | Petr Ilin <hevav@hevav.dev> | 2022-02-06 21:30:33 +0300 |
commit | 92ff8b7c4d25782d8d192def1eca804e3473c1d7 (patch) | |
tree | b8e320206c99c766d2aae90546a0222a47806174 /src/main/java/net/elytrium | |
parent | d9e7e89acc444e8a991ff00dc2a13ea03ed6ed20 (diff) | |
download | LimboAuth-92ff8b7c4d25782d8d192def1eca804e3473c1d7.tar.gz LimboAuth-92ff8b7c4d25782d8d192def1eca804e3473c1d7.tar.bz2 LimboAuth-92ff8b7c4d25782d8d192def1eca804e3473c1d7.zip |
More migration hash algorithms
Diffstat (limited to 'src/main/java/net/elytrium')
3 files changed, 35 insertions, 6 deletions
diff --git a/src/main/java/net/elytrium/limboauth/Settings.java b/src/main/java/net/elytrium/limboauth/Settings.java index 7903db4..add2ea2 100644 --- a/src/main/java/net/elytrium/limboauth/Settings.java +++ b/src/main/java/net/elytrium/limboauth/Settings.java @@ -68,7 +68,13 @@ public class Settings extends Config { public String ONLINE_MODE_PREFIX = ""; @Comment({ "If you want to migrate your database from another plugin, which is not using BCrypt.", - "You can set an old hash algorithm to migrate from. Currently, only AUTHME is supported yet." + "You can set an old hash algorithm to migrate from.", + "AUTHME - AuthMe SHA256(SHA256(password) + salt) that looks like $SHA$salt$password", + "SHA256_NP - SHA256(password) that looks like SHA$salt$password", + "SHA256_P - SHA256(password) that looks like $SHA$salt$password", + "SHA512_NP - SHA512(password) that looks like SHA$salt$password", + "SHA512_P - SHA512(password) that looks like $SHA$salt$password", + "MD5 - Basic md5 hash" }) public String MIGRATION_HASH = ""; @Comment("Available dimensions: OVERWORLD, NETHER, THE_END") diff --git a/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java b/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java index 9619b2d..88f393d 100644 --- a/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java +++ b/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java @@ -212,7 +212,10 @@ public class AuthSessionHandler implements LimboSessionHandler { } public static boolean checkPassword(String password, RegisteredPlayer player, Dao<RegisteredPlayer, String> playerDao) { - boolean isCorrect = BCrypt.verifyer().verify(password.getBytes(StandardCharsets.UTF_8), player.getHash().getBytes(StandardCharsets.UTF_8)).verified; + boolean isCorrect = BCrypt.verifyer().verify( + password.getBytes(StandardCharsets.UTF_8), + player.getHash().replace("BCRYPT$", "$2a$").getBytes(StandardCharsets.UTF_8) + ).verified; if (!isCorrect && !Settings.IMP.MAIN.MIGRATION_HASH.isEmpty()) { isCorrect = MigrationHash.valueOf(Settings.IMP.MAIN.MIGRATION_HASH).checkPassword(player.getHash(), password); diff --git a/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java b/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java index 5296534..d127b1e 100644 --- a/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java +++ b/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java @@ -22,12 +22,32 @@ import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +@SuppressWarnings("unused") public enum MigrationHash { - @SuppressWarnings("unused") AUTHME((hash, password) -> { String[] arr = hash.split("\\$"); // $SHA$salt$hash - return arr.length == 4 && arr[3].equals(MigrationHash.getSHA256(MigrationHash.getSHA256(password) + arr[2])); + return arr.length == 4 + && arr[3].equals(MigrationHash.getDigest(MigrationHash.getDigest(password, "SHA-256") + arr[2], "SHA-256")); + }), + SHA512_NP((hash, password) -> { + String[] arr = hash.split("\\$"); // SHA$salt$hash + return arr.length == 3 && arr[2].equals(MigrationHash.getDigest(password + arr[1], "SHA-512")); + }), + SHA512_P((hash, password) -> { + String[] arr = hash.split("\\$"); // $SHA$salt$hash + return arr.length == 4 && arr[3].equals(MigrationHash.getDigest(password + arr[2], "SHA-512")); + }), + SHA256_NP((hash, password) -> { + String[] arr = hash.split("\\$"); // SHA$salt$hash + return arr.length == 3 && arr[2].equals(MigrationHash.getDigest(password + arr[1], "SHA-256")); + }), + SHA256_P((hash, password) -> { + String[] arr = hash.split("\\$"); // $SHA$salt$hash + return arr.length == 4 && arr[3].equals(MigrationHash.getDigest(password + arr[2], "SHA-256")); + }), + MD5((hash, password) -> { + return hash.equals(MigrationHash.getDigest(password, "MD5")); }); final MigrationHashVerifier verifier; @@ -40,9 +60,9 @@ public enum MigrationHash { return this.verifier.checkPassword(hash, password); } - private static String getSHA256(String string) { + private static String getDigest(String string, String algo) { try { - MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); + MessageDigest messageDigest = MessageDigest.getInstance(algo); messageDigest.reset(); messageDigest.update(string.getBytes(StandardCharsets.UTF_8)); byte[] array = messageDigest.digest(); |