From 41da2a5957481bfd8b25645e7c185303becca228 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Fri, 30 Dec 2022 17:14:18 +0100 Subject: [PATCH] fix client crashing on empty passwords (regression) --- .../crypto/sasl/ScramMechanism.java | 21 +++++++++++++++++-- .../conversations/crypto/sasl/ScramSha1.java | 4 +++- .../crypto/sasl/ScramSha1Plus.java | 4 +++- .../crypto/sasl/ScramSha256.java | 4 +++- .../crypto/sasl/ScramSha256Plus.java | 4 +++- .../crypto/sasl/ScramSha512.java | 4 +++- .../crypto/sasl/ScramSha512Plus.java | 4 +++- 7 files changed, 37 insertions(+), 8 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java index 931debe01..e5708e504 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java @@ -1,7 +1,6 @@ package eu.siacs.conversations.crypto.sasl; import android.util.Base64; -import android.util.Log; import com.google.common.base.CaseFormat; import com.google.common.base.Objects; @@ -13,14 +12,32 @@ import java.nio.charset.Charset; import java.security.InvalidKeyException; import java.util.concurrent.ExecutionException; +import javax.crypto.SecretKey; import javax.net.ssl.SSLSocket; -import eu.siacs.conversations.Config; import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.utils.CryptoHelper; abstract class ScramMechanism extends SaslMechanism { + public static final SecretKey EMPTY_KEY = + new SecretKey() { + @Override + public String getAlgorithm() { + return "HMAC"; + } + + @Override + public String getFormat() { + return "RAW"; + } + + @Override + public byte[] getEncoded() { + return new byte[0]; + } + }; + private static final byte[] CLIENT_KEY_BYTES = "Client Key".getBytes(); private static final byte[] SERVER_KEY_BYTES = "Server Key".getBytes(); private static final Cache CACHE = diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java index 6f00c49eb..1e0fc32b2 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java @@ -15,7 +15,9 @@ public class ScramSha1 extends ScramMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha1(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha1(EMPTY_KEY) + : Hashing.hmacSha1(key); } @Override diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java index d353bd9ee..2ca27570f 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java @@ -15,7 +15,9 @@ public class ScramSha1Plus extends ScramPlusMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha1(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha1(EMPTY_KEY) + : Hashing.hmacSha1(key); } @Override diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256.java index 9d7d62c36..b330f1fe7 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256.java @@ -19,7 +19,9 @@ public class ScramSha256 extends ScramMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha256(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha256(EMPTY_KEY) + : Hashing.hmacSha256(key); } @Override diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java index 5f15e9bf1..4db33a2fa 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java @@ -15,7 +15,9 @@ public class ScramSha256Plus extends ScramPlusMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha256(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha256(EMPTY_KEY) + : Hashing.hmacSha256(key); } @Override diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512.java index 8194ac0ac..e6dcf2efd 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512.java @@ -19,7 +19,9 @@ public class ScramSha512 extends ScramMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha512(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha512(EMPTY_KEY) + : Hashing.hmacSha512(key); } @Override diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java index 610c87e23..5d8461973 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java @@ -15,7 +15,9 @@ public class ScramSha512Plus extends ScramPlusMechanism { @Override protected HashFunction getHMac(final byte[] key) { - return Hashing.hmacSha512(key); + return (key == null || key.length == 0) + ? Hashing.hmacSha512(EMPTY_KEY) + : Hashing.hmacSha512(key); } @Override