SCRAM-SHA-256 support

Included a SaslPrep helper class.
Refactored the Hi() method, so to not rely on PBEKeySpec, thus
supporting Java 6+

JAVA-2771 JAVA-2759

Author: rozza

THIRD-PARTY-NOTICES

@@ -103,3 +103,20 @@ https://github.com/mongodb/mongo-java-driver.
     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     See the License for the specific language governing permissions and
     limitations under the License.
+
+7) The following files: SaslPrep.java
+
+     Copyright 2008-present MongoDB, Inc.
+     Copyright 2017 Tom Bentley
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.

driver-core/src/main/com/mongodb/AuthenticationMechanism.java

@@ -51,7 +51,13 @@ public enum AuthenticationMechanism {
     /**
      * The SCRAM-SHA-1 mechanism.  See the <a href="http://tools.ietf.org/html/rfc5802">RFC</a>.
      */
-    SCRAM_SHA_1("SCRAM-SHA-1");
+    SCRAM_SHA_1("SCRAM-SHA-1"),
+
+    /**
+     * The SCRAM-SHA-256 mechanism.  See the <a href="http://tools.ietf.org/html/rfc7677">RFC</a>.
+     * @since 3.8
+     */
+    SCRAM_SHA_256("SCRAM-SHA-256");
 
     private static final Map<String, AuthenticationMechanism> AUTH_MAP = new HashMap<String, AuthenticationMechanism>();
     private final String mechanismName;

driver-core/src/main/com/mongodb/ConnectionString.java

@@ -666,6 +666,9 @@ private MongoCredential createMongoCredentialWithMechanism(final AuthenticationM
             case SCRAM_SHA_1:
                 credential = MongoCredential.createScramSha1Credential(userName, authSource, password);
                 break;
+            case SCRAM_SHA_256:
+                credential = MongoCredential.createScramSha256Credential(userName, authSource, password);
+                break;
             default:
                 throw new UnsupportedOperationException(format("The connection string contains an invalid authentication mechanism'. "
                                                                        + "'%s' is not a supported authentication mechanism",

driver-core/src/main/com/mongodb/MongoCredential.java

@@ -89,6 +89,15 @@ public final class MongoCredential {
      */
     public static final String SCRAM_SHA_1_MECHANISM = AuthenticationMechanism.SCRAM_SHA_1.getMechanismName();
 
+    /**
+     * The SCRAM-SHA-256 Mechanism.
+     *
+     * @since 3.8
+     * @mongodb.server.release 4.0
+     * @mongodb.driver.manual core/authentication/#authentication-scram-sha-256 SCRAM-SHA-256
+     */
+    public static final String SCRAM_SHA_256_MECHANISM = AuthenticationMechanism.SCRAM_SHA_256.getMechanismName();
+
     /**
      * Mechanism property key for overriding the service name for GSSAPI authentication.
      *

driver-core/src/main/com/mongodb/connection/DefaultAuthenticator.java

@@ -40,7 +40,7 @@ void authenticateAsync(final InternalConnection connection, final ConnectionDesc
 
     Authenticator createAuthenticator(final ConnectionDescription connectionDescription) {
         if (connectionDescription.getServerVersion().compareTo(new ServerVersion(2, 7)) >= 0) {
-            return new ScramShaAuthenticator(getCredential());
+            return new ScramSha1Authenticator(getCredential());
         } else {
             return new NativeAuthenticator(getCredential());
         }

driver-core/src/main/com/mongodb/connection/InternalStreamConnectionFactory.java

@@ -72,6 +72,7 @@ private Authenticator createAuthenticator(final MongoCredential credential) {
             case MONGODB_X509:
                 return new X509Authenticator(credential);
             case SCRAM_SHA_1:
+            case SCRAM_SHA_256:
                 return new ScramShaAuthenticator(credential);
             case MONGODB_CR:
                 return new NativeAuthenticator(credential);

driver-core/src/main/com/mongodb/connection/ScramShaAuthenticator.java

@@ -16,8 +16,10 @@
 
 package com.mongodb.connection;
 
+import com.mongodb.AuthenticationMechanism;
 import com.mongodb.MongoCredential;
 import com.mongodb.ServerAddress;
+import com.mongodb.internal.authentication.SaslPrep;
 import org.bson.internal.Base64;
 
 import javax.crypto.Mac;
@@ -29,23 +31,29 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.Map;
 import java.util.Random;
 
+import static com.mongodb.AuthenticationMechanism.SCRAM_SHA_1;
+import static com.mongodb.AuthenticationMechanism.SCRAM_SHA_256;
 import static com.mongodb.internal.authentication.NativeAuthenticationHelper.createAuthenticationHash;
 import static java.lang.String.format;
 
 class ScramShaAuthenticator extends SaslAuthenticator {
     private final RandomStringGenerator randomStringGenerator;
     private final AuthenticationHashGenerator authenticationHashGenerator;
+
     private static final int MINIMUM_ITERATION_COUNT = 4096;
 
     ScramShaAuthenticator(final MongoCredential credential) {
-        this(credential, new DefaultRandomStringGenerator(), AUTHENTICATION_HASH_GENERATOR);
+        this(credential, new DefaultRandomStringGenerator(), getAuthenicationHashGenerator(credential.getAuthenticationMechanism()));
     }
 
     ScramShaAuthenticator(final MongoCredential credential, final RandomStringGenerator randomStringGenerator) {
-        this(credential, randomStringGenerator, AUTHENTICATION_HASH_GENERATOR);
+        this(credential, randomStringGenerator, getAuthenicationHashGenerator(credential.getAuthenticationMechanism()));
     }
 
     ScramShaAuthenticator(final MongoCredential credential, final RandomStringGenerator randomStringGenerator,
@@ -87,8 +95,13 @@ static class ScramShaSaslClient implements SaslClient {
             this.credential = credential;
             this.randomStringGenerator = randomStringGenerator;
             this.authenticationHashGenerator = authenticationHashGenerator;
-            hAlgorithm = "SHA-1";
-            hmacAlgorithm = "HmacSHA1";
+            if (credential.getAuthenticationMechanism().equals(SCRAM_SHA_1)) {
+                hAlgorithm = "SHA-1";
+                hmacAlgorithm = "HmacSHA1";
+            } else {
+                hAlgorithm = "SHA-256";
+                hmacAlgorithm = "HmacSHA256";
+            }
         }
 
         public String getMechanismName() {
@@ -122,7 +135,7 @@ private byte[] validateServerSignature(final byte[] challenge) throws SaslExcept
         }
 
         public boolean isComplete() {
-            return step == 3;
+            return step == 2;
         }
 
         public byte[] unwrap(final byte[] incoming, final int offset, final int len) {
@@ -280,11 +293,19 @@ private HashMap<String, String> parseServerResponse(final String response) {
         }
 
         private String getUserName() {
-            return credential.getUserName().replace("=", "=3D").replace(",", "=2C");
+            String userName = credential.getUserName().replace("=", "=3D").replace(",", "=2C");
+            if (credential.getAuthenticationMechanism() == SCRAM_SHA_256) {
+                userName = SaslPrep.saslPrepStored(userName);
+            }
+            return userName;
         }
 
         private String getAuthenicationHash() {
-            return authenticationHashGenerator.generate(credential);
+            String password = authenticationHashGenerator.generate(credential);
+            if (credential.getAuthenticationMechanism() == SCRAM_SHA_256) {
+                password = SaslPrep.saslPrepStored(password);
+            }
+            return password;
         }
 
         private byte[] xorInPlace(final byte[] a, final byte[] b) {
@@ -330,7 +351,16 @@ public String generate(final int length) {
         }
     }
 
-    private static final AuthenticationHashGenerator AUTHENTICATION_HASH_GENERATOR =  new AuthenticationHashGenerator() {
+    private static final AuthenticationHashGenerator DEFAULT_AUTHENTICATION_HASH_GENERATOR =  new AuthenticationHashGenerator() {
+        // Suppress warning of MongoCredential#getAuthenicationHash possibly returning null
+        @SuppressWarnings("ConstantConditions")
+        @Override
+        public String generate(final MongoCredential credential) {
+            return new String(credential.getPassword());
+        }
+    };
+
+    private static final AuthenticationHashGenerator LEGACY_AUTHENTICATION_HASH_GENERATOR =  new AuthenticationHashGenerator() {
         // Suppress warning of MongoCredential#getAuthenicationHash possibly returning null
         @SuppressWarnings("ConstantConditions")
         @Override
@@ -339,4 +369,8 @@ public String generate(final MongoCredential credential) {
             return createAuthenticationHash(credential.getUserName(), credential.getPassword());
         }
     };
+
+    private static AuthenticationHashGenerator getAuthenicationHashGenerator(final AuthenticationMechanism authenticationMechanism) {
+        return authenticationMechanism == SCRAM_SHA_1 ? LEGACY_AUTHENTICATION_HASH_GENERATOR : DEFAULT_AUTHENTICATION_HASH_GENERATOR;
+    }
 }