narayana/conversations-classic
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

fix client crashing on empty passwords (regression)

Browse source
This commit is contained in:
Daniel Gultsch 2022-12-30 17:14:18 +01:00
parent 93c2fd4da6
commit 41da2a5957
No known key found for this signature in database
GPG key ID: F43D18AD2A0982C2
7 changed files with 37 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java
View file

@ -1,7 +1,6 @@
package eu.siacs.conversations.crypto.sasl;
import android.util.Base64;
import android.util.Log;
import com.google.common.base.CaseFormat;
import com.google.common.base.Objects;
@ -13,14 +12,32 @@ import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.util.concurrent.ExecutionException;
import javax.crypto.SecretKey;
import javax.net.ssl.SSLSocket;
import eu.siacs.conversations.Config;
import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.utils.CryptoHelper;
abstract class ScramMechanism extends SaslMechanism {
public static final SecretKey EMPTY_KEY =
new SecretKey() {
@Override
public String getAlgorithm() {
return "HMAC";
}
@Override
public String getFormat() {
return "RAW";
}
@Override
public byte[] getEncoded() {
return new byte[0];
}
};
private static final byte[] CLIENT_KEY_BYTES = "Client Key".getBytes();
private static final byte[] SERVER_KEY_BYTES = "Server Key".getBytes();
private static final Cache<CacheKey, KeyPair> CACHE =

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1.java
View file

@ -15,7 +15,9 @@ public class ScramSha1 extends ScramMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha1(key);
return (key == null || key.length == 0)
? Hashing.hmacSha1(EMPTY_KEY)
: Hashing.hmacSha1(key);
}
@Override

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java
View file

@ -15,7 +15,9 @@ public class ScramSha1Plus extends ScramPlusMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha1(key);
return (key == null || key.length == 0)
? Hashing.hmacSha1(EMPTY_KEY)
: Hashing.hmacSha1(key);
}
@Override

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256.java
View file

@ -19,7 +19,9 @@ public class ScramSha256 extends ScramMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha256(key);
return (key == null || key.length == 0)
? Hashing.hmacSha256(EMPTY_KEY)
: Hashing.hmacSha256(key);
}
@Override

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java
View file

@ -15,7 +15,9 @@ public class ScramSha256Plus extends ScramPlusMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha256(key);
return (key == null || key.length == 0)
? Hashing.hmacSha256(EMPTY_KEY)
: Hashing.hmacSha256(key);
}
@Override

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512.java
View file

@ -19,7 +19,9 @@ public class ScramSha512 extends ScramMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha512(key);
return (key == null || key.length == 0)
? Hashing.hmacSha512(EMPTY_KEY)
: Hashing.hmacSha512(key);
}
@Override

4
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java
View file

@ -15,7 +15,9 @@ public class ScramSha512Plus extends ScramPlusMechanism {
@Override
protected HashFunction getHMac(final byte[] key) {
return Hashing.hmacSha512(key);
return (key == null || key.length == 0)
? Hashing.hmacSha512(EMPTY_KEY)
: Hashing.hmacSha512(key);
}
@Override