From ecbfe33e8d4b86603c343f6c92324211e7b76261 Mon Sep 17 00:00:00 2001
From: Daniel Gultsch <daniel@gultsch.de>
Date: Wed, 7 Sep 2022 12:08:50 +0200
Subject: [PATCH] support end-point channel binding as last choice option

---
 .../siacs/conversations/crypto/sasl/ChannelBinding.java   | 2 ++
 .../conversations/crypto/sasl/ScramPlusMechanism.java     | 8 +-------
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java
index 81bd12705..c9211c898 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java
@@ -32,6 +32,8 @@ public enum ChannelBinding {
             return TLS_EXPORTER;
         } else if (bindings.contains(TLS_UNIQUE)) {
             return TLS_UNIQUE;
+        } else if (bindings.contains(TLS_SERVER_END_POINT)) {
+            return TLS_SERVER_END_POINT;
         } else {
             return null;
         }
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
index 8de4524f2..8b23e9c92 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
@@ -1,7 +1,5 @@
 package eu.siacs.conversations.crypto.sasl;
 
-import android.util.Log;
-
 import org.bouncycastle.jcajce.provider.digest.SHA256;
 import org.conscrypt.Conscrypt;
 
@@ -16,9 +14,7 @@ import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSocket;
 
-import eu.siacs.conversations.Config;
 import eu.siacs.conversations.entities.Account;
-import eu.siacs.conversations.utils.CryptoHelper;
 
 abstract class ScramPlusMechanism extends ScramMechanism {
 
@@ -56,11 +52,10 @@ abstract class ScramPlusMechanism extends ScramMechanism {
             return unique;
         } else if (this.channelBinding == ChannelBinding.TLS_SERVER_END_POINT) {
             final byte[] endPoint = getServerEndPointChannelBinding(sslSocket.getSession());
-            Log.d(Config.LOGTAG, "retrieved endpoint " + CryptoHelper.bytesToHex(endPoint));
             return endPoint;
         } else {
             throw new AuthenticationException(
-                    String.format("%s is not a valid channel binding", ChannelBinding.NONE));
+                    String.format("%s is not a valid channel binding", channelBinding));
         }
     }
 
@@ -99,7 +94,6 @@ abstract class ScramPlusMechanism extends ScramMechanism {
                         "Could not instantiate message digest for " + hashAlgorithm);
             }
         }
-        Log.d(Config.LOGTAG, "hashing certificate with " + messageDigest.getAlgorithm());
         final byte[] encodedCertificate;
         try {
             encodedCertificate = certificate.getEncoded();