X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordHash.java;h=6d598e77575f706fb8d6804eb9dcab748394b408;hb=e443f19911df6a30ab07ef70d23970bda671b194;hp=71f7547979c9ae06c5a83ca2530fd0d9ca4763be;hpb=1da751bbdb4c7146cfa257c8eeb12e9a96d1b9ff;p=gigi.git diff --git a/src/org/cacert/gigi/util/PasswordHash.java b/src/org/cacert/gigi/util/PasswordHash.java index 71f75479..6d598e77 100644 --- a/src/org/cacert/gigi/util/PasswordHash.java +++ b/src/org/cacert/gigi/util/PasswordHash.java @@ -1,37 +1,73 @@ package org.cacert.gigi.util; +import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import com.lambdaworks.crypto.SCryptUtil; + public class PasswordHash { - public static boolean verifyHash(String password, String hash) { - String newhash = sha1(password); - boolean match = true; - if (newhash.length() != hash.length()) { - match = false; - } - for (int i = 0; i < newhash.length(); i++) { - match &= newhash.charAt(i) == hash.charAt(i); - } - return match; - } - private static String sha1(String password) { - try { - MessageDigest md = MessageDigest.getInstance("SHA1"); - byte[] digest = md.digest(password.getBytes()); - StringBuffer res = new StringBuffer(digest.length * 2); - for (int i = 0; i < digest.length; i++) { - res.append(Integer.toHexString((digest[i] & 0xF0) >> 4)); - res.append(Integer.toHexString(digest[i] & 0xF)); - } - return res.toString(); - } catch (NoSuchAlgorithmException e) { - throw new Error(e); - } - } + /** + * Verifies a password hash. + * + * @param password + * The password that should result in the given hash. + * @param hash + * The hash to verify the password against. + * @return + *
null
, if the password was validhash
, if the password is valid and the hash
+ * doesn't need to be updated