From 7aa784a4940a6550fe17235497cddc3d81d4b324 Mon Sep 17 00:00:00 2001
From: Florian Schmaus <flo@geekplace.eu>
Date: Sun, 25 Jan 2015 23:31:26 +0100
Subject: [PATCH] SCRAM-SHA1: Always calculate serverSignature

Otherwise we may get an NPE if the key was cached:

Connection closed with error java.lang.NullPointerException: Attempt to get length of null array
	at org.jivesoftware.smack.util.stringencoder.Base64.encodeToString(Base64.java:43)
	at org.jivesoftware.smack.sasl.core.SCRAMSHA1Mechanism.evaluateChallenge(SCRAMSHA1Mechanism.java:201)
	at org.jivesoftware.smack.sasl.SASLMechanism.challengeReceived(SASLMechanism.java:230)
 	at org.jivesoftware.smack.SASLAuthentication.challengeReceived(SASLAuthentication.java:328)
 	at org.jivesoftware.smack.SASLAuthentication.authenticated(SASLAuthentication.java:347)
 	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$200(XMPPTCPConnection.java:894)
 	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:909)
 	at java.lang.Thread.run(Thread.java:818)
---
 .../org/jivesoftware/smack/sasl/core/SCRAMSHA1Mechanism.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/smack-core/src/main/java/org/jivesoftware/smack/sasl/core/SCRAMSHA1Mechanism.java b/smack-core/src/main/java/org/jivesoftware/smack/sasl/core/SCRAMSHA1Mechanism.java
index 71e9fc89e..217ace4e9 100644
--- a/smack-core/src/main/java/org/jivesoftware/smack/sasl/core/SCRAMSHA1Mechanism.java
+++ b/smack-core/src/main/java/org/jivesoftware/smack/sasl/core/SCRAMSHA1Mechanism.java
@@ -167,9 +167,6 @@ public class SCRAMSHA1Mechanism extends SASLMechanism {
                 // ServerKey := HMAC(SaltedPassword, "Server Key")
                 serverKey = hmac(saltedPassword, SERVER_KEY_BYTES);
 
-                // ServerSignature := HMAC(ServerKey, AuthMessage)
-                serverSignature = hmac(serverKey, authMessage);
-
                 // ClientKey := HMAC(SaltedPassword, "Client Key")
                 clientKey = hmac(saltedPassword, CLIENT_KEY_BYTES);
 
@@ -181,6 +178,8 @@ public class SCRAMSHA1Mechanism extends SASLMechanism {
                 clientKey = keys.clientKey;
             }
 
+            // ServerSignature := HMAC(ServerKey, AuthMessage)
+            serverSignature = hmac(serverKey, authMessage);
 
             // StoredKey := H(ClientKey)
             byte[] storedKey = SHA1.bytes(clientKey);