Search in sources :

Example 1 with ScramSha1

use of eu.siacs.conversations.crypto.sasl.ScramSha1 in project Conversations by siacs.

the class XmppConnection method authenticate.

private void authenticate() throws IOException {
    final List<String> mechanisms = extractMechanisms(streamFeatures.findChild("mechanisms"));
    final Element auth = new Element("auth");
    auth.setAttribute("xmlns", "urn:ietf:params:xml:ns:xmpp-sasl");
    if (mechanisms.contains("EXTERNAL") && account.getPrivateKeyAlias() != null) {
        saslMechanism = new External(tagWriter, account, mXmppConnectionService.getRNG());
    } else if (mechanisms.contains("SCRAM-SHA-256")) {
        saslMechanism = new ScramSha256(tagWriter, account, mXmppConnectionService.getRNG());
    } else if (mechanisms.contains("SCRAM-SHA-1")) {
        saslMechanism = new ScramSha1(tagWriter, account, mXmppConnectionService.getRNG());
    } else if (mechanisms.contains("PLAIN")) {
        saslMechanism = new Plain(tagWriter, account);
    } else if (mechanisms.contains("DIGEST-MD5")) {
        saslMechanism = new DigestMd5(tagWriter, account, mXmppConnectionService.getRNG());
    } else if (mechanisms.contains("ANONYMOUS")) {
        saslMechanism = new Anonymous(tagWriter, account, mXmppConnectionService.getRNG());
    }
    if (saslMechanism != null) {
        final int pinnedMechanism = account.getKeyAsInt(Account.PINNED_MECHANISM_KEY, -1);
        if (pinnedMechanism > saslMechanism.getPriority()) {
            Log.e(Config.LOGTAG, "Auth failed. Authentication mechanism " + saslMechanism.getMechanism() + " has lower priority (" + String.valueOf(saslMechanism.getPriority()) + ") than pinned priority (" + pinnedMechanism + "). Possible downgrade attack?");
            throw new SecurityException();
        }
        Log.d(Config.LOGTAG, account.getJid().toString() + ": Authenticating with " + saslMechanism.getMechanism());
        auth.setAttribute("mechanism", saslMechanism.getMechanism());
        if (!saslMechanism.getClientFirstMessage().isEmpty()) {
            auth.setContent(saslMechanism.getClientFirstMessage());
        }
        tagWriter.writeElement(auth);
    } else {
        throw new IncompatibleServerException();
    }
}
Also used : ScramSha256(eu.siacs.conversations.crypto.sasl.ScramSha256) Plain(eu.siacs.conversations.crypto.sasl.Plain) DigestMd5(eu.siacs.conversations.crypto.sasl.DigestMd5) Element(eu.siacs.conversations.xml.Element) External(eu.siacs.conversations.crypto.sasl.External) ScramSha1(eu.siacs.conversations.crypto.sasl.ScramSha1) Anonymous(eu.siacs.conversations.crypto.sasl.Anonymous)

Aggregations

Anonymous (eu.siacs.conversations.crypto.sasl.Anonymous)1 DigestMd5 (eu.siacs.conversations.crypto.sasl.DigestMd5)1 External (eu.siacs.conversations.crypto.sasl.External)1 Plain (eu.siacs.conversations.crypto.sasl.Plain)1 ScramSha1 (eu.siacs.conversations.crypto.sasl.ScramSha1)1 ScramSha256 (eu.siacs.conversations.crypto.sasl.ScramSha256)1 Element (eu.siacs.conversations.xml.Element)1