void _encrypt(std::string& str, bool upperCase) { switch(g_config.getNumber(ConfigManager::ENCRYPTION)) { case ENCRYPTION_MD5: str = transformToMD5(str, upperCase); break; case ENCRYPTION_SHA1: str = transformToSHA1(str, upperCase); break; case ENCRYPTION_SHA256: str = transformToSHA256(str, upperCase); break; case ENCRYPTION_SHA512: str = transformToSHA512(str, upperCase); break; case ENCRYPTION_VAHASH: str = transformToVAHash(str, upperCase); break; default: { if(upperCase) std::transform(str.begin(), str.end(), str.begin(), upchar); break; } } }
bool passwordTest(const std::string& plain, const std::string& hash) { switch (g_config.getNumber(ConfigManager::PASSWORD_TYPE)) { case PASSWORD_TYPE_MD5: return transformToMD5(plain) == hash; case PASSWORD_TYPE_SHA1: return transformToSHA1(plain) == hash; default: return plain == hash; } }
void DatabaseManager::checkEncryption() { int32_t currentValue = g_config.getNumber(ConfigManager::PASSWORD_TYPE); int32_t oldValue = 0; if(getDatabaseConfig("encryption", oldValue)) { if(currentValue == oldValue) return; if(oldValue != PASSWORD_TYPE_PLAIN) { std::string oldName; if(oldValue == PASSWORD_TYPE_MD5) oldName = "md5"; else if(oldValue == PASSWORD_TYPE_SHA1) oldName = "sha1"; else oldName = "plain"; g_config.setNumber(ConfigManager::PASSWORD_TYPE, oldValue); std::cout << "> WARNING: Unsupported password hashing switch! Change back passwordType in config.lua to \"" << oldName << "\"!" << std::endl; return; } switch(currentValue) { case PASSWORD_TYPE_MD5: { Database* db = Database::getInstance(); DBQuery query; if(db->getDatabaseEngine() != DATABASE_ENGINE_MYSQL) { DBResult* result = db->storeQuery("SELECT `id`, `password`, `key` FROM `accounts`;"); if(result) { do { query << "UPDATE `accounts` SET `password` = " << db->escapeString(transformToMD5(result->getDataString("password"))) << ", `key` = " << db->escapeString(transformToMD5(result->getDataString("key"))) << " WHERE `id` = " << result->getDataInt("id") << ";"; db->executeQuery(query.str()); } while(result->next()); db->freeResult(result); } } else db->executeQuery("UPDATE `accounts` SET `password` = MD5(`password`), `key` = MD5(`key`);"); std::cout << "> Password type has been updated to MD5." << std::endl; break; } case PASSWORD_TYPE_SHA1: { Database* db = Database::getInstance(); DBQuery query; if(db->getDatabaseEngine() != DATABASE_ENGINE_MYSQL) { DBResult* result = db->storeQuery("SELECT `id`, `password`, `key` FROM `accounts`;"); if(result) { do { query << "UPDATE `accounts` SET `password` = " << db->escapeString(transformToSHA1(result->getDataString("password"))) << ", `key` = " << db->escapeString(transformToSHA1(result->getDataString("key"))) << " WHERE `id` = " << result->getDataInt("id") << ";"; db->executeQuery(query.str()); } while(result->next()); db->freeResult(result); } } else db->executeQuery("UPDATE `accounts` SET `password` = SHA1(`password`), `key` = SHA1(`key`);"); std::cout << "> Password type has been updated to SHA1." << std::endl; break; } default: break; } } else if(g_config.getBoolean(ConfigManager::ACCOUNT_MANAGER)) { switch(currentValue) { case PASSWORD_TYPE_MD5: { Database* db = Database::getInstance(); DBQuery query; query << "UPDATE `accounts` SET `password` = " << db->escapeString(transformToMD5("1")) << " WHERE `id` = 1 AND `password` = '1';"; db->executeQuery(query.str()); break; } case PASSWORD_TYPE_SHA1: { Database* db = Database::getInstance(); DBQuery query; query << "UPDATE `accounts` SET `password` = " << db->escapeString(transformToSHA1("1")) << " WHERE `id` = 1 AND `password` = '1';"; db->executeQuery(query.str()); break; } default: break; } } registerDatabaseConfig("encryption", currentValue); }