aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/net/elytrium/limboauth/Settings.java8
-rw-r--r--src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java5
-rw-r--r--src/main/java/net/elytrium/limboauth/migration/MigrationHash.java28
3 files changed, 35 insertions, 6 deletions
diff --git a/src/main/java/net/elytrium/limboauth/Settings.java b/src/main/java/net/elytrium/limboauth/Settings.java
index 7903db4..add2ea2 100644
--- a/src/main/java/net/elytrium/limboauth/Settings.java
+++ b/src/main/java/net/elytrium/limboauth/Settings.java
@@ -68,7 +68,13 @@ public class Settings extends Config {
public String ONLINE_MODE_PREFIX = "";
@Comment({
"If you want to migrate your database from another plugin, which is not using BCrypt.",
- "You can set an old hash algorithm to migrate from. Currently, only AUTHME is supported yet."
+ "You can set an old hash algorithm to migrate from.",
+ "AUTHME - AuthMe SHA256(SHA256(password) + salt) that looks like $SHA$salt$password",
+ "SHA256_NP - SHA256(password) that looks like SHA$salt$password",
+ "SHA256_P - SHA256(password) that looks like $SHA$salt$password",
+ "SHA512_NP - SHA512(password) that looks like SHA$salt$password",
+ "SHA512_P - SHA512(password) that looks like $SHA$salt$password",
+ "MD5 - Basic md5 hash"
})
public String MIGRATION_HASH = "";
@Comment("Available dimensions: OVERWORLD, NETHER, THE_END")
diff --git a/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java b/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java
index 9619b2d..88f393d 100644
--- a/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java
+++ b/src/main/java/net/elytrium/limboauth/handler/AuthSessionHandler.java
@@ -212,7 +212,10 @@ public class AuthSessionHandler implements LimboSessionHandler {
}
public static boolean checkPassword(String password, RegisteredPlayer player, Dao<RegisteredPlayer, String> playerDao) {
- boolean isCorrect = BCrypt.verifyer().verify(password.getBytes(StandardCharsets.UTF_8), player.getHash().getBytes(StandardCharsets.UTF_8)).verified;
+ boolean isCorrect = BCrypt.verifyer().verify(
+ password.getBytes(StandardCharsets.UTF_8),
+ player.getHash().replace("BCRYPT$", "$2a$").getBytes(StandardCharsets.UTF_8)
+ ).verified;
if (!isCorrect && !Settings.IMP.MAIN.MIGRATION_HASH.isEmpty()) {
isCorrect = MigrationHash.valueOf(Settings.IMP.MAIN.MIGRATION_HASH).checkPassword(player.getHash(), password);
diff --git a/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java b/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java
index 5296534..d127b1e 100644
--- a/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java
+++ b/src/main/java/net/elytrium/limboauth/migration/MigrationHash.java
@@ -22,12 +22,32 @@ import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+@SuppressWarnings("unused")
public enum MigrationHash {
- @SuppressWarnings("unused")
AUTHME((hash, password) -> {
String[] arr = hash.split("\\$"); // $SHA$salt$hash
- return arr.length == 4 && arr[3].equals(MigrationHash.getSHA256(MigrationHash.getSHA256(password) + arr[2]));
+ return arr.length == 4
+ && arr[3].equals(MigrationHash.getDigest(MigrationHash.getDigest(password, "SHA-256") + arr[2], "SHA-256"));
+ }),
+ SHA512_NP((hash, password) -> {
+ String[] arr = hash.split("\\$"); // SHA$salt$hash
+ return arr.length == 3 && arr[2].equals(MigrationHash.getDigest(password + arr[1], "SHA-512"));
+ }),
+ SHA512_P((hash, password) -> {
+ String[] arr = hash.split("\\$"); // $SHA$salt$hash
+ return arr.length == 4 && arr[3].equals(MigrationHash.getDigest(password + arr[2], "SHA-512"));
+ }),
+ SHA256_NP((hash, password) -> {
+ String[] arr = hash.split("\\$"); // SHA$salt$hash
+ return arr.length == 3 && arr[2].equals(MigrationHash.getDigest(password + arr[1], "SHA-256"));
+ }),
+ SHA256_P((hash, password) -> {
+ String[] arr = hash.split("\\$"); // $SHA$salt$hash
+ return arr.length == 4 && arr[3].equals(MigrationHash.getDigest(password + arr[2], "SHA-256"));
+ }),
+ MD5((hash, password) -> {
+ return hash.equals(MigrationHash.getDigest(password, "MD5"));
});
final MigrationHashVerifier verifier;
@@ -40,9 +60,9 @@ public enum MigrationHash {
return this.verifier.checkPassword(hash, password);
}
- private static String getSHA256(String string) {
+ private static String getDigest(String string, String algo) {
try {
- MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
+ MessageDigest messageDigest = MessageDigest.getInstance(algo);
messageDigest.reset();
messageDigest.update(string.getBytes(StandardCharsets.UTF_8));
byte[] array = messageDigest.digest();