diff options
author | Christian Schneppe <christian@pix-art.de> | 2017-08-01 13:46:40 +0200 |
---|---|---|
committer | Christian Schneppe <christian@pix-art.de> | 2017-08-01 13:46:40 +0200 |
commit | bec8886c3028261820691c2d86f677fefbfc9a81 (patch) | |
tree | c5ac628c362395c063a3fd0b82b176763b6baab4 /src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java | |
parent | a76bc74a970b051c3ac247ebd3d20fc5a98c8542 (diff) |
use base64 instead of base36 when creating random strings
Diffstat (limited to '')
-rw-r--r-- | src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java index 4165e0947..8dfffaeba 100644 --- a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java +++ b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java @@ -10,7 +10,6 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.KeyParameter; -import java.math.BigInteger; import java.nio.charset.Charset; import java.security.InvalidKeyException; import java.security.SecureRandom; @@ -71,7 +70,7 @@ abstract class ScramMechanism extends SaslMechanism { super(tagWriter, account, rng); // This nonce should be different for each authentication attempt. - clientNonce = new BigInteger(100, this.rng).toString(32); + clientNonce = CryptoHelper.random(100, rng); clientFirstMessageBare = ""; } @@ -94,7 +93,12 @@ abstract class ScramMechanism extends SaslMechanism { if (challenge == null) { throw new AuthenticationException("challenge can not be null"); } - byte[] serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT); + byte[] serverFirstMessage; + try { + serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT); + } catch (IllegalArgumentException e) { + throw new AuthenticationException("Unable to decode server challenge", e); + } final Tokenizer tokenizer = new Tokenizer(serverFirstMessage); String nonce = ""; int iterationCount = -1; |