From bec8886c3028261820691c2d86f677fefbfc9a81 Mon Sep 17 00:00:00 2001 From: Christian Schneppe Date: Tue, 1 Aug 2017 13:46:40 +0200 Subject: use base64 instead of base36 when creating random strings --- .../java/de/pixart/messenger/crypto/sasl/SaslMechanism.java | 4 ++++ .../java/de/pixart/messenger/crypto/sasl/ScramMechanism.java | 10 +++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) (limited to 'src/main/java/de/pixart/messenger/crypto') diff --git a/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java b/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java index 8b8883b9f..cce453455 100644 --- a/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java +++ b/src/main/java/de/pixart/messenger/crypto/sasl/SaslMechanism.java @@ -26,6 +26,10 @@ public abstract class SaslMechanism { public AuthenticationException(final Exception inner) { super(inner); } + + public AuthenticationException(final String message, final Exception exception) { + super(message, exception); + } } public static class InvalidStateException extends AuthenticationException { diff --git a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java index 4165e0947..8dfffaeba 100644 --- a/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java +++ b/src/main/java/de/pixart/messenger/crypto/sasl/ScramMechanism.java @@ -10,7 +10,6 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.KeyParameter; -import java.math.BigInteger; import java.nio.charset.Charset; import java.security.InvalidKeyException; import java.security.SecureRandom; @@ -71,7 +70,7 @@ abstract class ScramMechanism extends SaslMechanism { super(tagWriter, account, rng); // This nonce should be different for each authentication attempt. - clientNonce = new BigInteger(100, this.rng).toString(32); + clientNonce = CryptoHelper.random(100, rng); clientFirstMessageBare = ""; } @@ -94,7 +93,12 @@ abstract class ScramMechanism extends SaslMechanism { if (challenge == null) { throw new AuthenticationException("challenge can not be null"); } - byte[] serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT); + byte[] serverFirstMessage; + try { + serverFirstMessage = Base64.decode(challenge, Base64.DEFAULT); + } catch (IllegalArgumentException e) { + throw new AuthenticationException("Unable to decode server challenge", e); + } final Tokenizer tokenizer = new Tokenizer(serverFirstMessage); String nonce = ""; int iterationCount = -1; -- cgit v1.2.3