X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordHash.java;h=11e4d34419c78cbc46a6591d4262cfa35ebdf1a8;hb=c04b3a17afacfe6e8baf611ade855de146c00de0;hp=edc1ad53a927782018c31e883be15a847192a243;hpb=b0ab4664edfc6ee90b658bfa662a54dec42879b3;p=gigi.git diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java index edc1ad53..11e4d344 100644 --- a/src/org/cacert/gigi/util/PasswordHash.java +++ b/src/org/cacert/gigi/util/PasswordHash.java @@ -3,28 +3,64 @@ package org.cacert.gigi.util; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import com.lambdaworks.crypto.SCryptUtil; + public class PasswordHash { - public static boolean verifyHash(String password, String hash) { - String newhash = sha1(password); - return newhash.equals(hash); - } - private static String sha1(String password) { - try { - MessageDigest md = MessageDigest.getInstance("SHA1"); - byte[] digest = md.digest(password.getBytes()); - StringBuffer res = new StringBuffer(digest.length * 2); - for (int i = 0; i < digest.length; i++) { - res.append(Integer.toHexString((digest[i] & 0xF0) >> 4)); - res.append(Integer.toHexString(digest[i] & 0xF)); - } - return res.toString(); - } catch (NoSuchAlgorithmException e) { - throw new Error(e); - } - } + /** + * Verifies a password hash. + * + * @param password + * The password that should result in the given hash. + * @param hash + * The hash to verify the password against. + * @return
null
, if the password was validhash
, if the password is valid and the hash
+ * doesn't need to be updated