X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordHash.java;h=11e4d34419c78cbc46a6591d4262cfa35ebdf1a8;hb=5296e49740e5bb1c963889a285f561f03dbb4547;hp=1baf13700729b2fb9330dcced7f2dbf32db4e31d;hpb=d0b9305527ebb160decee391df1d189988b09655;p=gigi.git diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java index 1baf1370..11e4d344 100644 --- a/src/org/cacert/gigi/util/PasswordHash.java +++ b/src/org/cacert/gigi/util/PasswordHash.java @@ -3,24 +3,64 @@ package org.cacert.gigi.util; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import com.lambdaworks.crypto.SCryptUtil; + public class PasswordHash { - public static boolean verifyHash(String password, String hash) { - String newhash = sha1(password); - return newhash.equals(hash); - } - private static String sha1(String password) { - try { - MessageDigest md = MessageDigest.getInstance("SHA1"); - byte[] digest = md.digest(password.getBytes()); - StringBuffer res = new StringBuffer(digest.length * 2); - for (int i = 0; i < digest.length; i++) { - res.append(Integer.toHexString((digest[i] & 0xF0) >> 4)); - res.append(Integer.toHexString(digest[i] & 0xF)); - } - return res.toString(); - } catch (NoSuchAlgorithmException e) { - throw new Error(e); - } - } + /** + * Verifies a password hash. + * + * @param password + * The password that should result in the given hash. + * @param hash + * The hash to verify the password against. + * @return
null
, if the password was validhash
, if the password is valid and the hash
+ * doesn't need to be updated