diff options
Diffstat (limited to 'src/com/isode/stroke/sasl')
-rw-r--r-- | src/com/isode/stroke/sasl/ClientAuthenticator.java | 3 | ||||
-rw-r--r-- | src/com/isode/stroke/sasl/PLAINClientAuthenticator.java | 5 | ||||
-rw-r--r-- | src/com/isode/stroke/sasl/SCRAMSHA1ClientAuthenticator.java | 7 |
3 files changed, 9 insertions, 6 deletions
diff --git a/src/com/isode/stroke/sasl/ClientAuthenticator.java b/src/com/isode/stroke/sasl/ClientAuthenticator.java index c55bf74..2dc3756 100644 --- a/src/com/isode/stroke/sasl/ClientAuthenticator.java +++ b/src/com/isode/stroke/sasl/ClientAuthenticator.java @@ -9,6 +9,7 @@ package com.isode.stroke.sasl; import com.isode.stroke.base.ByteArray; +import com.isode.stroke.base.SafeByteArray; public abstract class ClientAuthenticator { @@ -30,7 +31,7 @@ public abstract class ClientAuthenticator { this.authzid = authzid; } - public abstract ByteArray getResponse(); + public abstract SafeByteArray getResponse(); public abstract boolean setChallenge(ByteArray challenge); diff --git a/src/com/isode/stroke/sasl/PLAINClientAuthenticator.java b/src/com/isode/stroke/sasl/PLAINClientAuthenticator.java index 70e6b04..634ce11 100644 --- a/src/com/isode/stroke/sasl/PLAINClientAuthenticator.java +++ b/src/com/isode/stroke/sasl/PLAINClientAuthenticator.java @@ -9,14 +9,15 @@ package com.isode.stroke.sasl; import com.isode.stroke.base.ByteArray; +import com.isode.stroke.base.SafeByteArray; public class PLAINClientAuthenticator extends ClientAuthenticator { public PLAINClientAuthenticator() { super("PLAIN"); } - public ByteArray getResponse() { - return new ByteArray().append(getAuthorizationID()).append((byte)0).append(getAuthenticationID()).append((byte)0).append(getPassword()); + public SafeByteArray getResponse() { + return new SafeByteArray().append(getAuthorizationID()).append((byte)0).append(getAuthenticationID()).append((byte)0).append(getPassword()); } public boolean setChallenge(ByteArray challenge) { diff --git a/src/com/isode/stroke/sasl/SCRAMSHA1ClientAuthenticator.java b/src/com/isode/stroke/sasl/SCRAMSHA1ClientAuthenticator.java index ba60fca..29a37aa 100644 --- a/src/com/isode/stroke/sasl/SCRAMSHA1ClientAuthenticator.java +++ b/src/com/isode/stroke/sasl/SCRAMSHA1ClientAuthenticator.java @@ -9,6 +9,7 @@ package com.isode.stroke.sasl; import com.isode.stroke.base.ByteArray; +import com.isode.stroke.base.SafeByteArray; import com.isode.stroke.stringcodecs.Base64; import com.isode.stroke.stringcodecs.HMACSHA1; import com.isode.stroke.stringcodecs.PBKDF2; @@ -48,9 +49,9 @@ public class SCRAMSHA1ClientAuthenticator extends ClientAuthenticator { tlsChannelBindingData = channelBindingData; } - public ByteArray getResponse() { + public SafeByteArray getResponse() { if (step.equals(Step.Initial)) { - return ByteArray.plus(getGS2Header(), getInitialBareClientMessage()); + return new SafeByteArray(getGS2Header().append(getInitialBareClientMessage())); } else if (step.equals(Step.Proof)) { ByteArray clientKey = HMACSHA1.getResult(saltedPassword, new ByteArray("Client Key")); ByteArray storedKey = SHA1.getHash(clientKey); @@ -62,7 +63,7 @@ public class SCRAMSHA1ClientAuthenticator extends ClientAuthenticator { } clientProof = new ByteArray(clientProofData); ByteArray result = getFinalMessageWithoutProof().append(",p=").append(Base64.encode(clientProof)); - return result; + return new SafeByteArray(result); } else { return null; } |