Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/iNPUTmice/Conversations.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java')
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java23
1 files changed, 18 insertions, 5 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
index 0067a4237..3b0dbb6e1 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramPlusMechanism.java
@@ -1,22 +1,35 @@
package eu.siacs.conversations.crypto.sasl;
+import org.conscrypt.Conscrypt;
+
+import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import eu.siacs.conversations.entities.Account;
abstract class ScramPlusMechanism extends ScramMechanism {
+
+ private static final String EXPORTER_LABEL = "EXPORTER-Channel-Binding";
+
ScramPlusMechanism(Account account, ChannelBinding channelBinding) {
super(account, channelBinding);
}
@Override
- protected byte[] getChannelBindingData(final SSLSocket sslSocket) throws AuthenticationException {
- if (this.channelBinding == ChannelBinding.NONE) {
- throw new AuthenticationException(String.format("%s is not a valid channel binding", ChannelBinding.NONE));
- }
+ protected byte[] getChannelBindingData(final SSLSocket sslSocket)
+ throws AuthenticationException {
if (sslSocket == null) {
throw new AuthenticationException("Channel binding attempt on non secure socket");
}
- throw new AssertionError("not yet implemented");
+ if (this.channelBinding == ChannelBinding.TLS_EXPORTER) {
+ try {
+ return Conscrypt.exportKeyingMaterial(sslSocket, EXPORTER_LABEL, new byte[0], 32);
+ } catch (final SSLException e) {
+ throw new AuthenticationException("Could not export keying material");
+ }
+ } else {
+ throw new AuthenticationException(
+ String.format("%s is not a valid channel binding", ChannelBinding.NONE));
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 15:21:13 +0300