From bec8886c3028261820691c2d86f677fefbfc9a81 Mon Sep 17 00:00:00 2001
From: Christian Schneppe <christian@pix-art.de>
Date: Tue, 1 Aug 2017 13:46:40 +0200
Subject: use base64 instead of base36 when creating random strings

---
 .../java/de/pixart/messenger/crypto/sasl/SaslMechanism.java    |  4 ++++
 .../java/de/pixart/messenger/crypto/sasl/ScramMechanism.java   | 10 +++++++---
 2 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'src/main/java/de/pixart/messenger/crypto')

diff --git a/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java b/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java
index 8b8883b9f..cce453455 100644
--- a/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java
+++ b/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java
@@ -26,6 +26,10 @@ public abstract class SaslMechanism {
         public AuthenticationException(final Exception inner) {
             super(inner);
         }
+
+        public AuthenticationException(final String message, final Exception exception) {
+            super(message, exception);
+        }
     }
 
     public static class InvalidStateException extends AuthenticationException {
diff --git a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java
index 4165e0947..8dfffaeba 100644
--- a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java
+++ b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java
@@ -10,7 +10,6 @@ import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.macs.HMac;
 import org.bouncycastle.crypto.params.KeyParameter;
 
-import java.math.BigInteger;
 import java.nio.charset.Charset;
 import java.security.InvalidKeyException;
 import java.security.SecureRandom;
@@ -71,7 +70,7 @@ abstract class ScramMechanism extends SaslMechanism {
         super(tagWriter, account, rng);
 
         // This nonce should be different for each authentication attempt.
-        clientNonce = new BigInteger(100, this.rng).toString(32);
+        clientNonce = CryptoHelper.random(100, rng);
         clientFirstMessageBare = "";
     }
 
@@ -94,7 +93,12 @@ abstract class ScramMechanism extends SaslMechanism {
                 if (challenge == null) {
                     throw new AuthenticationException("challenge can not be null");
                 }
-                byte[] serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT);
+                byte[] serverFirstMessage;
+                try {
+                    serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT);
+                } catch (IllegalArgumentException e) {
+                    throw new AuthenticationException("Unable to decode server challenge", e);
+                }
                 final Tokenizer tokenizer = new Tokenizer(serverFirstMessage);
                 String nonce = "";
                 int iterationCount = -1;
-- 
cgit v1.2.3