X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordHash.java;h=11e4d34419c78cbc46a6591d4262cfa35ebdf1a8;hb=5296e49740e5bb1c963889a285f561f03dbb4547;hp=aaff22686389c974b7b856e9914f11a91d104146;hpb=943d8e7ed0ea5a9d56e7e694a3cbd849c52bad16;p=gigi.git diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java index aaff2268..11e4d344 100644 --- a/src/org/cacert/gigi/util/PasswordHash.java +++ b/src/org/cacert/gigi/util/PasswordHash.java @@ -3,9 +3,33 @@ package org.cacert.gigi.util; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import com.lambdaworks.crypto.SCryptUtil; + public class PasswordHash { - public static boolean verifyHash(String password, String hash) { + /** + * Verifies a password hash. + * + * @param password + * The password that should result in the given hash. + * @param hash + * The hash to verify the password against. + * @return + */ + public static String verifyHash(String password, String hash) { + if (hash.contains("$")) { + if (SCryptUtil.check(password, hash)) { + return hash; + } else { + return null; + } + } String newhash = sha1(password); boolean match = true; if (newhash.length() != hash.length()) { @@ -14,7 +38,11 @@ public class PasswordHash { for (int i = 0; i < newhash.length(); i++) { match &= newhash.charAt(i) == hash.charAt(i); } - return match; + if (match) { + return hash(password); + } else { + return null; + } } private static String sha1(String password) { @@ -33,6 +61,6 @@ public class PasswordHash { } public static String hash(String password) { - return sha1(password); + return SCryptUtil.scrypt(password, 1 << 14, 8, 1); } }