mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-12-22 18:48:00 +01:00
SCRAM-SHA1: Always calculate serverSignature
Otherwise we may get an NPE if the key was cached: Connection closed with error java.lang.NullPointerException: Attempt to get length of null array at org.jivesoftware.smack.util.stringencoder.Base64.encodeToString(Base64.java:43) at org.jivesoftware.smack.sasl.core.SCRAMSHA1Mechanism.evaluateChallenge(SCRAMSHA1Mechanism.java:201) at org.jivesoftware.smack.sasl.SASLMechanism.challengeReceived(SASLMechanism.java:230) at org.jivesoftware.smack.SASLAuthentication.challengeReceived(SASLAuthentication.java:328) at org.jivesoftware.smack.SASLAuthentication.authenticated(SASLAuthentication.java:347) at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$200(XMPPTCPConnection.java:894) at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:909) at java.lang.Thread.run(Thread.java:818)
This commit is contained in:
parent
1407f10f7f
commit
7aa784a494
1 changed files with 2 additions and 3 deletions
|
@ -167,9 +167,6 @@ public class SCRAMSHA1Mechanism extends SASLMechanism {
|
|||
// ServerKey := HMAC(SaltedPassword, "Server Key")
|
||||
serverKey = hmac(saltedPassword, SERVER_KEY_BYTES);
|
||||
|
||||
// ServerSignature := HMAC(ServerKey, AuthMessage)
|
||||
serverSignature = hmac(serverKey, authMessage);
|
||||
|
||||
// ClientKey := HMAC(SaltedPassword, "Client Key")
|
||||
clientKey = hmac(saltedPassword, CLIENT_KEY_BYTES);
|
||||
|
||||
|
@ -181,6 +178,8 @@ public class SCRAMSHA1Mechanism extends SASLMechanism {
|
|||
clientKey = keys.clientKey;
|
||||
}
|
||||
|
||||
// ServerSignature := HMAC(ServerKey, AuthMessage)
|
||||
serverSignature = hmac(serverKey, authMessage);
|
||||
|
||||
// StoredKey := H(ClientKey)
|
||||
byte[] storedKey = SHA1.bytes(clientKey);
|
||||
|
|
Loading…
Reference in a new issue