InterVi
Member
Posts: 32 Joined: Wed Jul 05, 2017 08:22
GitHub:
InterVi
IRC: InterVi
In-game: InterVi
Location: Russia, Moscow
Contact:
by InterVi » Sat Oct 14, 2017 14:17
Post
Code: Select all
String raw = name + password;
MessageDigest digest = MessageDigest.getInstance("SHA-1");
digest.update(raw.getBytes("UTF-8"), 0, raw.length());
String hash = Base64.getEncoder().encodeToString(digest.digest());
not working :(
rubenwardy
Moderator
Posts: 6978 Joined: Tue Jun 12, 2012 18:11
GitHub:
rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: Bristol, United Kingdom
Contact:
by rubenwardy » Sat Oct 14, 2017 14:25
Post
We don't use password hashes but instead use the
Secure Remote Password (SRP) protocol. The exception is if a player sets their password using a chatcommand
Krock
Developer
Posts: 4650 Joined: Thu Oct 03, 2013 07:48
GitHub:
SmallJoker
Location: Switzerland
Contact:
by Krock » Sat Oct 14, 2017 14:29
Post
Relevant C++ code
We use the srp authentication method with SHA256 salty keys. The Base64 method is deprecated and should not be used any more.
EDIT: ninja'd :(
InterVi
Member
Posts: 32 Joined: Wed Jul 05, 2017 08:22
GitHub:
InterVi
IRC: InterVi
In-game: InterVi
Location: Russia, Moscow
Contact:
by InterVi » Sat Oct 14, 2017 15:48
Post
i don't know C++
sorcerykid
Member
Posts: 1847 Joined: Fri Aug 26, 2016 15:36
GitHub:
sorcerykid
In-game: Nemo
Location: Illinois, USA
by sorcerykid » Fri Oct 27, 2017 21:14
Post
I'm curious if there's any particular reason that SRP requires storing 369 bytes for the salt and hash? That seems far in excess of what is needed for SHA256, not to mention it greatly adds to the bloat of the authentication database.
Users browsing this forum: Ahrefs [Bot] and 26 guests