Merge 05530b6664 into 9d870849a1

Merge branch 'GravitLauncher:master' into master
2024-12-22 16:41:46 +03:00 · 2024-09-23 03:08:18 +03:00 · 2024-07-23 20:33:25 +05:00 · 2023-03-27 20:27:50 +05:00 · 2022-09-21 09:29:13 +05:00 · 2022-09-21 08:40:40 +05:00
2 changed files with 43 additions and 0 deletions
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DjangoPasswordVerifier.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/DjangoPasswordVerifier.java
@ -0,0 +1,42 @@
+package pro.gravit.launchserver.auth.password;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.bouncycastle.crypto.digests.SHA256Digest;
+import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
+import org.bouncycastle.crypto.params.KeyParameter;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+public class DjangoPasswordVerifier extends PasswordVerifier {
+    public final Integer DEFAULT_ITERATIONS = 10000;
+    private static final Logger logger = LogManager.getLogger();
+    private static final String algorithm = "pbkdf2_sha256";
+
+    public String getEncodedHash(String password, String salt, int iterations) {
+        PKCS5S2ParametersGenerator generator = new PKCS5S2ParametersGenerator(new SHA256Digest());
+        generator.init(password.getBytes(StandardCharsets.UTF_8), salt.getBytes(), iterations);
+        byte[] dk = ((KeyParameter) generator.generateDerivedParameters(256)).getKey();
+        byte[] hashBase64 = Base64.getEncoder().encode(dk);
+        return new String(hashBase64);
+    }
+
+    public String encode(String password, String salt, int iterations) {
+        String hash = getEncodedHash(password, salt, iterations);
+        return String.format("%s$%d$%s$%s", algorithm, iterations, salt, hash);
+    }
+
+    @Override
+    public boolean check(String encryptedPassword, String password) {
+        String[] params = encryptedPassword.split("\\$");
+        if (params.length != 4) {
+            logger.warn(" end 1 " + params.length);
+            return false;
+        }
+        int iterations = Integer.parseInt(params[1]);
+        String salt = params[2];
+        String hash = encode(password, salt, iterations);
+        return hash.equals(encryptedPassword);
+    }
+}
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/PasswordVerifier.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/password/PasswordVerifier.java
@ -15,6 +15,7 @@ public static void registerProviders() {
            providers.register("bcrypt", BCryptPasswordVerifier.class);
            providers.register("accept", AcceptPasswordVerifier.class);
            providers.register("reject", RejectPasswordVerifier.class);
+            providers.register("django", DjangoPasswordVerifier.class);
            registeredProviders = true;
        }
    }
Author	SHA1	Message	Date
Metall	ae1d9e3d19	Merge `05530b6664` into `9d870849a1`	2024-09-23 03:08:18 +03:00
Metall	05530b6664	Merge branch 'GravitLauncher:master' into master	2024-07-23 20:33:25 +05:00
Metall	8f20cbe104	Merge branch 'GravitLauncher:master' into master	2023-03-27 20:27:50 +05:00
Metall	66d8b9d9ca	Update PasswordVerifier.java Убрал исключения для совместимости	2022-09-21 09:29:13 +05:00
Metall	90ee90973e	Update PasswordVerifier.java Добавил: 1. Способ верификации "django", для осуществления авторизации с помощью PBKDF2 с SHA256. 2. Исключение на отсутствующий алгоритм(NoSuchAlgorithmException) 3. Исключение на неверные ключи(InvalidKeySpecException)	2022-09-21 08:40:40 +05:00
Metall	8bf58cff18	Create DjangoPasswordVerifier.java Верификация PBKDF2_SHA256	2022-09-21 08:32:53 +05:00