From cfdda5f8fde8d480334b136bdf2317d66eb5e497 Mon Sep 17 00:00:00 2001
From: Sam Whited <sam@samwhited.com>
Date: Sat, 15 Nov 2014 21:09:51 -0500
Subject: Don't escape passwords in SASL

Fixes #671
---
 src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java | 4 ++--
 src/main/java/eu/siacs/conversations/utils/CryptoHelper.java    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
index f5765cf1..10cd3167 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
@@ -52,7 +52,7 @@ public class ScramSha1 extends SaslMechanism {
 				final String[] kparts = k.split(",", 4);
 				try {
 					final byte[] saltedPassword, serverKey, clientKey;
-					saltedPassword = hi(CryptoHelper.saslPrep(CryptoHelper.hexToString(kparts[1])).getBytes(),
+					saltedPassword = hi(CryptoHelper.hexToString(kparts[1]).getBytes(),
 							Base64.decode(CryptoHelper.hexToString(kparts[2]), Base64.DEFAULT), Integer.valueOf(kparts[3]));
 					serverKey = hmac(saltedPassword, SERVER_KEY_BYTES);
 					clientKey = hmac(saltedPassword, CLIENT_KEY_BYTES);
@@ -88,7 +88,7 @@ public class ScramSha1 extends SaslMechanism {
 	@Override
 	public String getClientFirstMessage() {
 		if (clientFirstMessageBare.isEmpty() && state == State.INITIAL) {
-			clientFirstMessageBare = "n=" + CryptoHelper.saslPrep(account.getUsername()) +
+			clientFirstMessageBare = "n=" + CryptoHelper.saslEscape(CryptoHelper.saslPrep(account.getUsername())) +
 				",r=" + this.clientNonce;
 			state = State.AUTH_TEXT_SENT;
 		}
diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java
index b4a6e65c..7a36e2ba 100644
--- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java
+++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java
@@ -80,7 +80,7 @@ public class CryptoHelper {
 	}
 
 	public static String saslPrep(final String s) {
-		return saslEscape(Normalizer.normalize(s, Normalizer.Form.NFKC));
+		return Normalizer.normalize(s, Normalizer.Form.NFKC);
 	}
 
 	public static String prettifyFingerprint(String fingerprint) {
-- 
cgit v1.2.3