From 76889b9c58b27438b4b73474b325483cb859a3e7 Mon Sep 17 00:00:00 2001
From: Daniel Gultsch <daniel@gultsch.de>
Date: Sat, 7 May 2016 11:34:17 +0200
Subject: handle invalid base64 is SASl SCRAM response

---
 .../java/eu/siacs/conversations/crypto/sasl/ScramSha1.java | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java')

diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
index 3a05446c..f40eec55 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
@@ -185,13 +185,17 @@ public class ScramSha1 extends SaslMechanism {
 				state = State.RESPONSE_SENT;
 				return Base64.encodeToString(clientFinalMessage.getBytes(), Base64.NO_WRAP);
 			case RESPONSE_SENT:
-				final String clientCalculatedServerFinalMessage = "v=" +
-					Base64.encodeToString(serverSignature, Base64.NO_WRAP);
-				if (challenge == null || !clientCalculatedServerFinalMessage.equals(new String(Base64.decode(challenge, Base64.DEFAULT)))) {
+				try {
+					final String clientCalculatedServerFinalMessage = "v=" +
+							Base64.encodeToString(serverSignature, Base64.NO_WRAP);
+					if (!clientCalculatedServerFinalMessage.equals(new String(Base64.decode(challenge, Base64.DEFAULT)))) {
+						throw new Exception();
+					};
+					state = State.VALID_SERVER_RESPONSE;
+					return "";
+				} catch(Exception e) {
 					throw new AuthenticationException("Server final message does not match calculated final message");
 				}
-				state = State.VALID_SERVER_RESPONSE;
-				return "";
 			default:
 				throw new InvalidStateException(state);
 		}
-- 
cgit v1.2.3