diff options
author | Daniel Gultsch <daniel@gultsch.de> | 2022-09-07 13:08:50 +0300 |
---|---|---|
committer | Daniel Gultsch <daniel@gultsch.de> | 2022-09-07 13:08:50 +0300 |
commit | ecbfe33e8d4b86603c343f6c92324211e7b76261 (patch) | |
tree | 8709e11c46d6cb146b37dd653e438f5ab653dc26 | |
parent | 018e0d9edfd212c866063e04297a59b500b2c393 (diff) |
support end-point channel binding as last choice option
-rw-r--r-- | src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java | 2 | ||||
-rw-r--r-- | src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java | 8 |
2 files changed, 3 insertions, 7 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java index 81bd12705..c9211c898 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java @@ -32,6 +32,8 @@ public enum ChannelBinding { return TLS_EXPORTER; } else if (bindings.contains(TLS_UNIQUE)) { return TLS_UNIQUE; + } else if (bindings.contains(TLS_SERVER_END_POINT)) { + return TLS_SERVER_END_POINT; } else { return null; } diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java index 8de4524f2..8b23e9c92 100644 --- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java +++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java @@ -1,7 +1,5 @@ package eu.siacs.conversations.crypto.sasl; -import android.util.Log; - import org.bouncycastle.jcajce.provider.digest.SHA256; import org.conscrypt.Conscrypt; @@ -16,9 +14,7 @@ import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; -import eu.siacs.conversations.Config; import eu.siacs.conversations.entities.Account; -import eu.siacs.conversations.utils.CryptoHelper; abstract class ScramPlusMechanism extends ScramMechanism { @@ -56,11 +52,10 @@ abstract class ScramPlusMechanism extends ScramMechanism { return unique; } else if (this.channelBinding == ChannelBinding.TLS_SERVER_END_POINT) { final byte[] endPoint = getServerEndPointChannelBinding(sslSocket.getSession()); - Log.d(Config.LOGTAG, "retrieved endpoint " + CryptoHelper.bytesToHex(endPoint)); return endPoint; } else { throw new AuthenticationException( - String.format("%s is not a valid channel binding", ChannelBinding.NONE)); + String.format("%s is not a valid channel binding", channelBinding)); } } @@ -99,7 +94,6 @@ abstract class ScramPlusMechanism extends ScramMechanism { "Could not instantiate message digest for " + hashAlgorithm); } } - Log.d(Config.LOGTAG, "hashing certificate with " + messageDigest.getAlgorithm()); final byte[] encodedCertificate; try { encodedCertificate = certificate.getEncoded(); |