Change summary
src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBinding.java | 10
src/main/java/eu/siacs/conversations/crypto/sasl/ChannelBindingMechanism.java | 9
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha1Plus.java | 2
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha256Plus.java | 2
src/main/java/eu/siacs/conversations/crypto/sasl/ScramSha512Plus.java | 2
5 files changed, 22 insertions(+), 3 deletions(-)
Detailed changes
@@ -117,4 +117,14 @@ public enum ChannelBinding {
throw new AssertionError("Missing short name for " + channelBinding);
}
}
+
+ public static int priority(final ChannelBinding channelBinding) {
+ if (Arrays.asList(TLS_EXPORTER,TLS_UNIQUE).contains(channelBinding)) {
+ return 2;
+ } else if (channelBinding == ChannelBinding.TLS_SERVER_END_POINT) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
}
@@ -97,4 +97,13 @@ public interface ChannelBindingMechanism {
messageDigest.update(encodedCertificate);
return messageDigest.digest();
}
+
+ static int getPriority(final SaslMechanism mechanism) {
+ if (mechanism instanceof ChannelBindingMechanism) {
+ final ChannelBindingMechanism channelBindingMechanism = (ChannelBindingMechanism) mechanism;
+ return ChannelBinding.priority(channelBindingMechanism.getChannelBinding());
+ } else {
+ return 0;
+ }
+ }
}
@@ -27,7 +27,7 @@ public class ScramSha1Plus extends ScramPlusMechanism {
@Override
public int getPriority() {
- return 35; // higher than SCRAM-SHA512 (30)
+ return 35 + ChannelBinding.priority(this.channelBinding); // higher than SCRAM-SHA512 (30)
}
@Override
@@ -27,7 +27,7 @@ public class ScramSha256Plus extends ScramPlusMechanism {
@Override
public int getPriority() {
- return 40;
+ return 40 + ChannelBinding.priority(this.channelBinding);
}
@Override
@@ -27,7 +27,7 @@ public class ScramSha512Plus extends ScramPlusMechanism {
@Override
public int getPriority() {
- return 45;
+ return 45 + ChannelBinding.priority(this.channelBinding);
}
@Override