From 8c259a770265a4c92987f4fcc8fa0cb5bed49499 Mon Sep 17 00:00:00 2001
From: Tenebrius <magtemtenebrius@gmail.com>
Date: Mon, 14 Jun 2021 14:22:08 +0500
Subject: [PATCH] =?UTF-8?q?[Fix]=20=D0=A5=D0=B5=D1=88=D0=B8=D1=80=D0=BE?=
 =?UTF-8?q?=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/password/DigestPasswordVerifier.java            | 9 ++-------
 .../auth/password/DoubleDigestPasswordVerifier.java      | 4 ++--
 2 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DigestPasswordVerifier.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DigestPasswordVerifier.java
index d144fe5f..abca8a42 100644
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DigestPasswordVerifier.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DigestPasswordVerifier.java
@@ -4,8 +4,6 @@
 import org.apache.logging.log4j.Logger;
 import pro.gravit.utils.helper.SecurityHelper;
 
-import javax.xml.bind.DatatypeConverter;
-import java.io.UnsupportedEncodingException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -19,11 +17,8 @@ public class DigestPasswordVerifier extends PasswordVerifier {
     public boolean check(String encryptedPassword, String password) {
         try {
             MessageDigest digest = MessageDigest.getInstance(algo);
-            digest.update(password.getBytes(StandardCharsets.UTF_8));
-            byte[] bytes = digest.digest();
-            String myHash = DatatypeConverter
-                    .printHexBinary(bytes);
-            return myHash.equalsIgnoreCase(encryptedPassword);
+            byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
+            return Arrays.equals(bytes, digest.digest(password.getBytes(StandardCharsets.UTF_8)));
         } catch (NoSuchAlgorithmException e) {
             logger.error("Digest algorithm {} not supported", algo);
             return false;
diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DoubleDigestPasswordVerifier.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DoubleDigestPasswordVerifier.java
index cc8bb5dd..071664fd 100644
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DoubleDigestPasswordVerifier.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DoubleDigestPasswordVerifier.java
@@ -18,9 +18,9 @@ public class DoubleDigestPasswordVerifier extends PasswordVerifier {
     public boolean check(String encryptedPassword, String password) {
         try {
             MessageDigest digest = MessageDigest.getInstance(algo);
-            byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
+            byte[] bytes = SecurityHelper.fromHex(password);
             byte[] firstDigest = digest.digest(bytes);
-            return Arrays.equals(password.getBytes(StandardCharsets.UTF_8), toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest));
+            return Arrays.equals(encryptedPassword.getBytes(StandardCharsets.UTF_8), toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest));
         } catch (NoSuchAlgorithmException e) {
             logger.error("Digest algorithm {} not supported", algo);
             return false;