aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/eu/siacs/conversations/crypto/sasl
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/eu/siacs/conversations/crypto/sasl')
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java8
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java8
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java9
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java8
4 files changed, 30 insertions, 3 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
index b56d2a466..850cacc2a 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java
@@ -17,7 +17,13 @@ public class DigestMd5 extends SaslMechanism {
super(tagWriter, account, rng);
}
- public static String getMechanism() {
+ @Override
+ public int getPriority() {
+ return 10;
+ }
+
+ @Override
+ public String getMechanism() {
return "DIGEST-MD5";
}
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java b/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java
index f7e7ee8ae..c7dedc5e4 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java
@@ -12,7 +12,13 @@ public class Plain extends SaslMechanism {
super(tagWriter, account, null);
}
- public static String getMechanism() {
+ @Override
+ public int getPriority() {
+ return 0;
+ }
+
+ @Override
+ public String getMechanism() {
return "PLAIN";
}
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
index 7dd5e99c3..14d8b944b 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
@@ -44,6 +44,15 @@ public abstract class SaslMechanism {
this.rng = rng;
}
+ /**
+ * The priority is used to pin the authentication mechanism. If authentication fails, it MAY be retried with another
+ * mechanism of the same priority, but MUST NOT be tried with a mechanism of lower priority (to prevent downgrade
+ * attacks).
+ * @return An arbitrary int representing the priority
+ */
+ public abstract int getPriority();
+
+ public abstract String getMechanism();
public String getClientFirstMessage() {
return "";
}
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
index 2073de2d8..f3589fa28 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
@@ -43,7 +43,13 @@ public class ScramSha1 extends SaslMechanism {
clientFirstMessageBare = "";
}
- public static String getMechanism() {
+ @Override
+ public int getPriority() {
+ return 20;
+ }
+
+ @Override
+ public String getMechanism() {
return "SCRAM-SHA-1";
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 15:36:46 +0000