Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- private static String _password_itoa64() {
- return "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
- }
- private static int password_get_count_log2(String setting) {
- return _password_itoa64().indexOf(setting.charAt(3));
- }
- private static byte[] sha512(String input) {
- try {
- return java.security.MessageDigest.getInstance("SHA-512").digest(input.getBytes("UTF-8"));
- } catch (NoSuchAlgorithmException ex) {
- ex.printStackTrace();
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- return new byte[0];
- }
- private static byte[] sha512(byte[] input) {
- try {
- return java.security.MessageDigest.getInstance("SHA-512").digest(input);
- } catch (NoSuchAlgorithmException ex) {
- ex.printStackTrace();
- }
- return new byte[0];
- }
- /**
- * Note: taken from the default Drupal 7 password algorithm
- *
- * @param candidate the clear text password
- * @param saltedEncryptedPassword the salted encrypted password string to check => NEEDS TO BE THE DEFAULT DRUPAL 7 PASSWORD HASH.
- * @return true if the candidate matches, false otherwise.
- */
- public static boolean checkPassword(String candidate, String saltedEncryptedPassword) throws Exception {
- if (candidate == null || saltedEncryptedPassword == null) {
- return false;
- }
- String hash = password_crypt(candidate, saltedEncryptedPassword);
- System.out.println("Expected value = " + saltedEncryptedPassword);
- System.out.println("Calced value = " + hash);
- System.out.println("Result Good? = " + saltedEncryptedPassword.equalsIgnoreCase(hash));
- return saltedEncryptedPassword.equalsIgnoreCase(hash);
- }
- private static String password_crypt(String password, String passwordHash) throws Exception {
- // The first 12 characters of an existing hash are its setting string.
- passwordHash = passwordHash.substring(0, 12);
- int count_log2 = password_get_count_log2(passwordHash);
- String salt = passwordHash.substring(4, 12);
- // Hashes must have an 8 character salt.
- if (salt.length() != 8) {
- return null;
- }
- int count = 1 << count_log2;
- byte[] hash;
- try {
- hash = sha512(salt.concat(password));
- do {
- hash = sha512(joinBytes(hash, password.getBytes("UTF-8")));
- } while (--count > 0);
- } catch (Exception e) {
- System.out.println("error " + e.toString());
- return null;
- }
- String output = passwordHash + _password_base64_encode(hash, hash.length);
- return (output.length() > 0) ? output.substring(0, DRUPAL_HASH_LENGTH) : null;
- }
- private static byte[] joinBytes(byte[] a, byte[] b) {
- byte[] combined = new byte[a.length + b.length];
- System.arraycopy(a, 0, combined, 0, a.length);
- System.arraycopy(b, 0, combined, a.length, b.length);
- return combined;
- }
- private static String _password_base64_encode(byte[] input, int count) throws Exception {
- StringBuffer output = new StringBuffer();
- int i = 0;
- CharSequence itoa64 = _password_itoa64();
- do {
- long value = SignedByteToUnsignedLong(input[i++]);
- output.append(itoa64.charAt((int) value & 0x3f));
- if (i < count) {
- value |= SignedByteToUnsignedLong(input[i]) << 8;
- }
- output.append(itoa64.charAt((int) (value >> 6) & 0x3f));
- if (i++ >= count) {
- break;
- }
- if (i < count) {
- value |= SignedByteToUnsignedLong(input[i]) << 16;
- }
- output.append(itoa64.charAt((int) (value >> 12) & 0x3f));
- if (i++ >= count) {
- break;
- }
- output.append(itoa64.charAt((int) (value >> 18) & 0x3f));
- } while (i < count);
- return output.toString();
- }
- public static long SignedByteToUnsignedLong(byte b) {
- return b & 0xFF;
- }
- public String getUsername() {
- return jTextField1.getText();
- }
- // End of variables declaration//GEN-END:variables
- private String encode64(byte[] src, int count) {
- int i, value;
- String output = "";
- i = 0;
- if (src.length < count) {
- byte[] t = new byte[count];
- System.arraycopy(src, 0, t, 0, src.length);
- Arrays.fill(t, src.length, count - 1, (byte) 0);
- }
- do {
- value = src[i] + (src[i] < 0 ? 256 : 0);
- ++i;
- output += itoa64.charAt(value & 63);
- if (i < count) {
- value |= (src[i] + (src[i] < 0 ? 256 : 0)) << 8;
- }
- output += itoa64.charAt((value >> 6) & 63);
- if (i++ >= count) {
- break;
- }
- if (i < count) {
- value |= (src[i] + (src[i] < 0 ? 256 : 0)) << 16;
- }
- output += itoa64.charAt((value >> 12) & 63);
- if (i++ >= count) {
- break;
- }
- output += itoa64.charAt((value >> 18) & 63);
- } while (i < count);
- return output;
- }
- private String cryptPrivate(String password, String setting) {
- String output = "*0";
- if (((setting.length() < 2) ? setting : setting.substring(0, 2)).equalsIgnoreCase(output)) {
- output = "*1";
- }
- String id = (setting.length() < 3) ? setting : setting.substring(0, 3);
- if (!(id.equals("$P$") || id.equals("$H$"))) {
- return output;
- }
- int countLog2 = itoa64.indexOf(setting.charAt(3));
- if (countLog2 < 7 || countLog2 > 30) {
- return output;
- }
- int count = 1 << countLog2;
- String salt = setting.substring(4, 4 + 8);
- if (salt.length() != 8) {
- return output;
- }
- MessageDigest md;
- try {
- md = MessageDigest.getInstance("MD5");
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- return output;
- }
- byte[] pass = stringToUtf8(password);
- byte[] hash = md.digest(stringToUtf8(salt + password));
- do {
- byte[] t = new byte[hash.length + pass.length];
- System.arraycopy(hash, 0, t, 0, hash.length);
- System.arraycopy(pass, 0, t, hash.length, pass.length);
- hash = md.digest(t);
- } while (--count > 0);
- output = setting.substring(0, 12);
- output += encode64(hash, 16);
- return output;
- }
- private String gensaltPrivate(byte[] input) {
- String output = "$P$";
- output += itoa64.charAt(Math.min(this.iterationCountLog2 + 5, 30));
- output += encode64(input, 6);
- return output;
- }
- private byte[] stringToUtf8(String string) {
- try {
- return string.getBytes("UTF-8");
- } catch (UnsupportedEncodingException e) {
- throw new UnsupportedOperationException("This system doesn't support UTF-8!", e);
- }
- }
- public String HashPassword(String password) {
- byte random[] = new byte[6];
- this.randomGen.nextBytes(random);
- // Unportable hashes (Blowfish, EXT_DES) could be added here, but I won't do this.
- String hash = cryptPrivate(password, gensaltPrivate(stringToUtf8(new String(random))));
- if (hash.length() == 34) {
- return hash;
- }
- return "*";
- }
- public boolean CheckPassword(String password, String storedHash) {
- String hash = cryptPrivate(password, storedHash);
- MessageDigest md = null;
- if (hash.startsWith("*")) { // If not phpass, try some algorythms from unix crypt()
- if (storedHash.startsWith("$S$D")) {
- try {
- md = MessageDigest.getInstance("SHA-512");
- } catch (NoSuchAlgorithmException e) {
- md = null;
- }
- }
- if (md == null && storedHash.startsWith("$5$")) {
- try {
- md = MessageDigest.getInstance("SHA-256");
- } catch (NoSuchAlgorithmException e) {
- md = null;
- }
- }
- if (md == null && storedHash.startsWith("$2")) {
- // return BCrypt.checkpw(password, storedHash);
- }
- if (md == null && storedHash.startsWith("$1$")) {
- try {
- md = MessageDigest.getInstance("MD5");
- } catch (NoSuchAlgorithmException e) {
- md = null;
- }
- }
- // STD_DES and EXT_DES not supported yet.
- if (md != null) {
- try {
- hash = new String(md.digest(password.getBytes("UTF-8")));
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- }
- }
- return hash.equals(storedHash);
- }
- public void doTheLogin(){
- if (!getUsername().isEmpty()) {
- if (accountExists(getUsername()) == true) {
- char[] passChars = jPasswordField1.getPassword();
- if (passChars != null) {
- userpasss = new String(passChars);
- try {
- PreparedStatement statement = Server_db.getConn().prepareStatement("SELECT uPassword FROM Users WHERE uName = ?");
- statement.setString(1, getUsername());
- ResultSet rs = statement.executeQuery();
- while (rs.next()) {
- pass = rs.getString("uPassword");
- System.err.println("The password returned is: " + pass);
- }
- } catch (Exception userpass) {
- System.err.println("sucks");
- }
- System.err.println("userpasss: " + userpasss);
- System.err.println("pass: " + pass);
- try {
- System.err.println("Pass crypt: " + password_crypt(userpasss, pass));
- } catch (Exception e) {
- e.printStackTrace(); //To change body of catch statement use File | Settings | File Templates.
- }
- try {
- if (password_crypt(userpasss, pass).equals(pass)) {
- finaluser = jTextField1.getText();
- JFrame lobby = new NewLobby(jTextField1.getText(), password_crypt(userpasss, pass), LoginWindow.this);
- centerTheGUI(lobby);
- lobby.setVisible(true);
- LoginWindow.this.setVisible(false);
- } else {
- JOptionPane.showMessageDialog(null, "Wrong username/password or the user is not registered.");
- }
- } catch (Exception sad) {
- sad.printStackTrace();
- }
- }
- } else {
- JOptionPane.showMessageDialog(null, "Wrong username/password or the user is not registered. or banned");
- }
- } else {
- JOptionPane.showMessageDialog(null, "Please type down the username.");
- }
- }
- The password returned is: 57bcc508a591081df4ea8c1f04fbb6d9
- Pass crypt: 57bcc508a5910Q9TElm285bfXWnBboXf8R0XnzRGRgreb7k.E86scRI
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement