diff options
Diffstat (limited to 'src/main/java/eu/siacs/conversations/crypto')
4 files changed, 30 insertions, 3 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java index b56d2a466..850cacc2a 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/DigestMd5.java @@ -17,7 +17,13 @@ public class DigestMd5 extends SaslMechanism { super(tagWriter, account, rng); } - public static String getMechanism() { + @Override + public int getPriority() { + return 10; + } + + @Override + public String getMechanism() { return "DIGEST-MD5"; } diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java b/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java index f7e7ee8ae..c7dedc5e4 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/Plain.java @@ -12,7 +12,13 @@ public class Plain extends SaslMechanism { super(tagWriter, account, null); } - public static String getMechanism() { + @Override + public int getPriority() { + return 0; + } + + @Override + public String getMechanism() { return "PLAIN"; } diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java index 7dd5e99c3..14d8b944b 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java @@ -44,6 +44,15 @@ public abstract class SaslMechanism { this.rng = rng; } + /** + * The priority is used to pin the authentication mechanism. If authentication fails, it MAY be retried with another + * mechanism of the same priority, but MUST NOT be tried with a mechanism of lower priority (to prevent downgrade + * attacks). + * @return An arbitrary int representing the priority + */ + public abstract int getPriority(); + + public abstract String getMechanism(); public String getClientFirstMessage() { return ""; } diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java index 2073de2d8..f3589fa28 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java @@ -43,7 +43,13 @@ public class ScramSha1 extends SaslMechanism { clientFirstMessageBare = ""; } - public static String getMechanism() { + @Override + public int getPriority() { + return 20; + } + + @Override + public String getMechanism() { return "SCRAM-SHA-1"; } |