From 847877f9d2954130a73860118cb7b6fe073aafe8 Mon Sep 17 00:00:00 2001
From: Sam Whited <sam@samwhited.com>
Date: Sat, 15 Nov 2014 09:42:40 -0500
Subject: Add auth method pinning

---
 .../java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java   | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java')

diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
index 7dd5e99c..14d8b944 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/SaslMechanism.java
@@ -44,6 +44,15 @@ public abstract class SaslMechanism {
 		this.rng = rng;
 	}
 
+	/**
+	 * The priority is used to pin the authentication mechanism. If authentication fails, it MAY be retried with another
+	 * mechanism of the same priority, but MUST NOT be tried with a mechanism of lower priority (to prevent downgrade
+	 * attacks).
+	 * @return An arbitrary int representing the priority
+	 */
+	public abstract int getPriority();
+
+	public abstract String getMechanism();
 	public String getClientFirstMessage() {
 		return "";
 	}
-- 
cgit v1.2.3