From ef4cfacaf4106aac7d955b31911eef2234dc3662 Mon Sep 17 00:00:00 2001
From: Sam Whited <sam@samwhited.com>
Date: Wed, 26 Sep 2018 03:19:54 -0500
Subject: [PATCH] Fix auth when upgrading from SCRAM-SHA-1 to -256 (#3192)

---
 .../eu/siacs/conversations/crypto/sasl/ScramMechanism.java   | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java
index 2663f525d..c3cbb545f 100644
--- a/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java
+++ b/src/main/java/eu/siacs/conversations/crypto/sasl/ScramMechanism.java
@@ -43,7 +43,7 @@ abstract class ScramMechanism extends SaslMechanism {
 	static {
 		CACHE = new LruCache<String, KeyPair>(10) {
 			protected KeyPair create(final String k) {
-				// Map keys are "bytesToHex(JID),bytesToHex(password),bytesToHex(salt),iterations".
+				// Map keys are "bytesToHex(JID),bytesToHex(password),bytesToHex(salt),iterations,SASL-Mechanism".
 				// Changing any of these values forces a cache miss. `CryptoHelper.bytesToHex()'
 				// is applied to prevent commas in the strings breaking things.
 				final String[] kparts = k.split(",", 4);
@@ -147,12 +147,13 @@ abstract class ScramMechanism extends SaslMechanism {
 				final byte[] authMessage = (clientFirstMessageBare + ',' + new String(serverFirstMessage) + ','
 						+ clientFinalMessageWithoutProof).getBytes();
 
-				// Map keys are "bytesToHex(JID),bytesToHex(password),bytesToHex(salt),iterations".
+				// Map keys are "bytesToHex(JID),bytesToHex(password),bytesToHex(salt),iterations,SASL-Mechanism".
 				final KeyPair keys = CACHE.get(
 						CryptoHelper.bytesToHex(account.getJid().asBareJid().toString().getBytes()) + ","
 						+ CryptoHelper.bytesToHex(account.getPassword().getBytes()) + ","
 						+ CryptoHelper.bytesToHex(salt.getBytes()) + ","
 						+ String.valueOf(iterationCount)
+						+ getMechanism()
 						);
 				if (keys == null) {
 					throw new AuthenticationException("Invalid keys generated");