X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordHash.java;h=4de92440dff10febe39a14ac31595c5e9e4446aa;hb=ce67764866690a10ec286f8893fed1e194b2540a;hp=d6b0b9066b7ab11ec72177e883f1156227fc3ce7;hpb=4a16fea18675eaac13439f1dcefede4a49d9164e;p=gigi.git
diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java
index d6b0b906..4de92440 100644
--- a/src/org/cacert/gigi/util/PasswordHash.java
+++ b/src/org/cacert/gigi/util/PasswordHash.java
@@ -1,5 +1,6 @@
package org.cacert.gigi.util;
+import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
@@ -7,9 +8,31 @@ import com.lambdaworks.crypto.SCryptUtil;
public class PasswordHash {
- public static boolean verifyHash(String password, String hash) {
+ /**
+ * Verifies a password hash.
+ *
+ * @param password
+ * The password that should result in the given hash.
+ * @param hash
+ * The hash to verify the password against.
+ * @return
+ * null
, if the password was valid
+ * hash
, if the password is valid and the hash
+ * doesn't need to be updated
+ * - a new hash, if the password is valid but the hash in the
+ * database needs to be updated.
+ *
+ */
+ public static String verifyHash(String password, String hash) {
+ if (password == null || password.isEmpty()) {
+ return null;
+ }
if (hash.contains("$")) {
- return SCryptUtil.check(password, hash);
+ if (SCryptUtil.check(password, hash)) {
+ return hash;
+ } else {
+ return null;
+ }
}
String newhash = sha1(password);
boolean match = true;
@@ -19,13 +42,17 @@ public class PasswordHash {
for (int i = 0; i < newhash.length(); i++) {
match &= newhash.charAt(i) == hash.charAt(i);
}
- return match;
+ if (match) {
+ return hash(password);
+ } else {
+ return null;
+ }
}
- private static String sha1(String password) {
+ public static String sha1(String password) {
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
- byte[] digest = md.digest(password.getBytes());
+ byte[] digest = md.digest(password.getBytes("UTF-8"));
StringBuffer res = new StringBuffer(digest.length * 2);
for (int i = 0; i < digest.length; i++) {
res.append(Integer.toHexString((digest[i] & 0xF0) >> 4));
@@ -34,6 +61,8 @@ public class PasswordHash {
return res.toString();
} catch (NoSuchAlgorithmException e) {
throw new Error(e);
+ } catch (UnsupportedEncodingException e) {
+ throw new Error(e);
}
}