Add SCRAM-SHA1 support

Thanks to Stefan Karlsson for helping with the implementation. Also add SASLMechanism.checkIfSuccessfulOrThrow(), to increase the security by verifying the mechanisms state at the end of SASL authentication. SASLMechanism now has a SASLPrep StringTransformer. Refactor SHA1 functions out of StringUtils into SHA1 utility class. Add MAC utility class. Make DummyConnection getSentpacket() methods use generics to make unit testing SCRAM-SHA1 easier. Fixes SMACK-398
2025-09-09 17:19:39 +02:00 · 2014-10-21 11:59:11 +02:00 · 2014-10-21 11:59:11 +02:00 · 403ecff2b2
commit 403ecff2b2
parent 6a2bc0c02d
18 changed files with 704 additions and 80 deletions
--- a/smack-sasl-javax/src/main/java/org/jivesoftware/smack/sasl/javax/SASLJavaXMechanism.java
+++ b/smack-sasl-javax/src/main/java/org/jivesoftware/smack/sasl/javax/SASLJavaXMechanism.java
@ -41,6 +41,13 @@ public abstract class SASLJavaXMechanism extends SASLMechanism {
    @Override
    public abstract String getName();

+    @Override
+    public final void checkIfSuccessfulOrThrow() throws SmackException {
+        if (!sc.isComplete()) {
+            throw new SmackException(getName() + " was not completed");
+        }
+    }
+
    @Override
    protected void authenticateInternal()
                    throws SmackException {