mirror of
https://github.com/openjdk/jdk.git
synced 2025-09-20 02:54:35 +02:00
6641312: Fix krb5 codes indentation problems
Reviewed-by: xuelei, valeriep, wetmore
This commit is contained in:
Weijun Wang
parent
6797bd9fb2
commit
0f960354ea
21 changed files with 2337 additions and 2245 deletions
|
|
@ -54,6 +54,7 @@ import java.math.BigInteger;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class APRep {
|
||||
|
||||
public int pvno;
|
||||
public int msgType;
|
||||
public EncryptedData encPart;
|
||||
|
|
@ -85,29 +86,36 @@ public class APRep {
|
|||
private void init(DerValue encoding) throws Asn1Exception,
|
||||
KrbApErrException, IOException {
|
||||
|
||||
if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP)
|
||||
if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
DerValue der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
DerValue subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
|
||||
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
pvno = subDer.getData().getBigInteger().intValue();
|
||||
if (pvno != Krb5.PVNO)
|
||||
if (pvno != Krb5.PVNO) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
|
||||
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
msgType = subDer.getData().getBigInteger().intValue();
|
||||
if (msgType != Krb5.KRB_AP_REP)
|
||||
if (msgType != Krb5.KRB_AP_REP) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
|
||||
encPart = EncryptedData.parse(der.getData(), (byte)0x02, false);
|
||||
if (der.getData().available() > 0)
|
||||
}
|
||||
encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an APRep object.
|
||||
|
|
@ -119,16 +127,15 @@ public class APRep {
|
|||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(pvno));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(msgType));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
DerOutputStream aprep = new DerOutputStream();
|
||||
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp);
|
||||
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
|
||||
return aprep.toByteArray();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,8 +54,8 @@ import java.math.BigInteger;
|
|||
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
|
||||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
|
||||
public class APReq {
|
||||
|
||||
public int pvno;
|
||||
public int msgType;
|
||||
public APOptions apOptions;
|
||||
|
|
@ -65,8 +65,7 @@ public class APReq {
|
|||
public APReq(
|
||||
APOptions new_apOptions,
|
||||
Ticket new_ticket,
|
||||
EncryptedData new_authenticator
|
||||
) {
|
||||
EncryptedData new_authenticator) {
|
||||
pvno = Krb5.PVNO;
|
||||
msgType = Krb5.KRB_AP_REQ;
|
||||
apOptions = new_apOptions;
|
||||
|
|
@ -74,7 +73,7 @@ public class APReq {
|
|||
authenticator = new_authenticator;
|
||||
}
|
||||
|
||||
public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException {
|
||||
public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
|
||||
init(new DerValue(data));
|
||||
}
|
||||
|
||||
|
|
@ -93,31 +92,38 @@ public class APReq {
|
|||
private void init(DerValue encoding) throws Asn1Exception,
|
||||
IOException, KrbApErrException, RealmException {
|
||||
DerValue der, subDer;
|
||||
if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
|
||||
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
pvno = subDer.getData().getBigInteger().intValue();
|
||||
if (pvno != Krb5.PVNO)
|
||||
if (pvno != Krb5.PVNO) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
|
||||
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
msgType = subDer.getData().getBigInteger().intValue();
|
||||
if (msgType != Krb5.KRB_AP_REQ)
|
||||
if (msgType != Krb5.KRB_AP_REQ) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
|
||||
apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
|
||||
ticket = Ticket.parse(der.getData(), (byte)0x03, false);
|
||||
authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
|
||||
if (der.getData().available() > 0)
|
||||
}
|
||||
apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
|
||||
ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
|
||||
authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an APReq object.
|
||||
|
|
@ -129,19 +135,17 @@ public class APReq {
|
|||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(pvno));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(msgType));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
DerOutputStream apreq = new DerOutputStream();
|
||||
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp);
|
||||
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
|
||||
return apreq.toByteArray();
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,8 +45,7 @@ public class ASRep extends KDCRep {
|
|||
Realm new_crealm,
|
||||
PrincipalName new_cname,
|
||||
Ticket new_ticket,
|
||||
EncryptedData new_encPart
|
||||
) throws IOException {
|
||||
EncryptedData new_encPart) throws IOException {
|
||||
super(new_pAData, new_crealm, new_cname, new_ticket,
|
||||
new_encPart, Krb5.KRB_AS_REP);
|
||||
}
|
||||
|
|
@ -65,5 +64,4 @@ public class ASRep extends KDCRep {
|
|||
RealmException, KrbApErrException, IOException {
|
||||
init(encoding, Krb5.KRB_AS_REP);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,5 +51,4 @@ public class ASReq extends KDCReq {
|
|||
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
|
||||
super.init(encoding, Krb5.KRB_AS_REQ);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ import sun.security.util.*;
|
|||
import java.util.Vector;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
|
||||
/**
|
||||
* Implements the ASN.1 Authenticator type.
|
||||
*
|
||||
|
|
@ -58,6 +59,7 @@ import java.math.BigInteger;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class Authenticator {
|
||||
|
||||
public int authenticator_vno;
|
||||
public Realm crealm;
|
||||
public PrincipalName cname;
|
||||
|
|
@ -68,7 +70,7 @@ public class Authenticator {
|
|||
Integer seqNumber; //optional
|
||||
public AuthorizationData authorizationData; //optional
|
||||
|
||||
public Authenticator (
|
||||
public Authenticator(
|
||||
Realm new_crealm,
|
||||
PrincipalName new_cname,
|
||||
Checksum new_cksum,
|
||||
|
|
@ -76,8 +78,7 @@ public class Authenticator {
|
|||
KerberosTime new_ctime,
|
||||
EncryptionKey new_subKey,
|
||||
Integer new_seqNumber,
|
||||
AuthorizationData new_authorizationData
|
||||
) {
|
||||
AuthorizationData new_authorizationData) {
|
||||
authenticator_vno = Krb5.AUTHNETICATOR_VNO;
|
||||
crealm = new_crealm;
|
||||
cname = new_cname;
|
||||
|
|
@ -95,7 +96,7 @@ public class Authenticator {
|
|||
}
|
||||
|
||||
public Authenticator(DerValue encoding)
|
||||
throws Asn1Exception,IOException, KrbApErrException, RealmException {
|
||||
throws Asn1Exception, IOException, KrbApErrException, RealmException {
|
||||
init(encoding);
|
||||
}
|
||||
|
||||
|
|
@ -113,32 +114,36 @@ public class Authenticator {
|
|||
DerValue der, subDer;
|
||||
//may not be the correct error code for a tag
|
||||
//mismatch on an encrypted structure
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x02)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
|
||||
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
authenticator_vno = subDer.getData().getBigInteger().intValue();
|
||||
if (authenticator_vno != 5)
|
||||
if (authenticator_vno != 5) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
crealm = Realm.parse(der.getData(), (byte)0x01, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte)0x02, false);
|
||||
cksum = Checksum.parse(der.getData(), (byte)0x03, true);
|
||||
}
|
||||
crealm = Realm.parse(der.getData(), (byte) 0x01, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
|
||||
cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == 0x04) {
|
||||
if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
|
||||
cusec = subDer.getData().getBigInteger().intValue();
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
ctime = KerberosTime.parse(der.getData(), (byte)0x05, false);
|
||||
ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
|
||||
if (der.getData().available() > 0) {
|
||||
subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true);
|
||||
}
|
||||
else {
|
||||
subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
|
||||
} else {
|
||||
subKey = null;
|
||||
seqNumber = null;
|
||||
authorizationData = null;
|
||||
|
|
@ -146,21 +151,23 @@ public class Authenticator {
|
|||
if (der.getData().available() > 0) {
|
||||
if ((der.getData().peekByte() & 0x1F) == 0x07) {
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
|
||||
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
|
||||
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
seqNumber = null;
|
||||
authorizationData = null;
|
||||
}
|
||||
if (der.getData().available() > 0) {
|
||||
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true);
|
||||
authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
|
||||
} else {
|
||||
authorizationData = null;
|
||||
}
|
||||
else authorizationData = null;
|
||||
if (der.getData().available() > 0)
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an Authenticator object.
|
||||
|
|
@ -169,34 +176,37 @@ public class Authenticator {
|
|||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
*/
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException {
|
||||
Vector<DerValue> v = new Vector<DerValue> ();
|
||||
Vector<DerValue> v = new Vector<DerValue>();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(authenticator_vno));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode()));
|
||||
if (cksum != null)
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
|
||||
if (cksum != null) {
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
|
||||
}
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(cusec));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode()));
|
||||
if (subKey != null)
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
|
||||
if (subKey != null) {
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
|
||||
}
|
||||
if (seqNumber != null) {
|
||||
temp = new DerOutputStream();
|
||||
// encode as an unsigned integer (UInt32)
|
||||
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
|
||||
}
|
||||
if (authorizationData != null) {
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
|
||||
}
|
||||
if (authorizationData != null)
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
|
||||
DerValue der[] = new DerValue[v.size()];
|
||||
v.copyInto(der);
|
||||
temp = new DerOutputStream();
|
||||
temp.putSequence(der);
|
||||
DerOutputStream out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
|
||||
return out.toByteArray();
|
||||
}
|
||||
|
||||
|
|
@ -211,5 +221,4 @@ public class Authenticator {
|
|||
public final EncryptionKey getSubKey() {
|
||||
return subKey;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,29 +53,27 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
|
|||
* }
|
||||
*/
|
||||
public class AuthorizationData implements Cloneable {
|
||||
|
||||
private AuthorizationDataEntry[] entry = null;
|
||||
|
||||
private AuthorizationData() {
|
||||
}
|
||||
|
||||
public AuthorizationData(
|
||||
AuthorizationDataEntry[] new_entries
|
||||
) throws IOException {
|
||||
public AuthorizationData(AuthorizationDataEntry[] new_entries)
|
||||
throws IOException {
|
||||
if (new_entries != null) {
|
||||
entry = new AuthorizationDataEntry[new_entries.length];
|
||||
for (int i = 0; i < new_entries.length; i++) {
|
||||
if (new_entries[i] == null) {
|
||||
throw new IOException("Cannot create an AuthorizationData");
|
||||
} else {
|
||||
entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
|
||||
entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public AuthorizationData(
|
||||
AuthorizationDataEntry new_entry
|
||||
) {
|
||||
public AuthorizationData(AuthorizationDataEntry new_entry) {
|
||||
entry = new AuthorizationDataEntry[1];
|
||||
entry[0] = new_entry;
|
||||
}
|
||||
|
|
@ -86,9 +84,10 @@ public class AuthorizationData implements Cloneable {
|
|||
if (entry != null) {
|
||||
new_authorizationData.entry =
|
||||
new AuthorizationDataEntry[entry.length];
|
||||
for (int i = 0; i < entry.length; i++)
|
||||
for (int i = 0; i < entry.length; i++) {
|
||||
new_authorizationData.entry[i] =
|
||||
(AuthorizationDataEntry)entry[i].clone();
|
||||
(AuthorizationDataEntry) entry[i].clone();
|
||||
}
|
||||
}
|
||||
return new_authorizationData;
|
||||
}
|
||||
|
|
@ -101,7 +100,7 @@ public class AuthorizationData implements Cloneable {
|
|||
*/
|
||||
public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
|
||||
Vector<AuthorizationDataEntry> v =
|
||||
new Vector<AuthorizationDataEntry> ();
|
||||
new Vector<AuthorizationDataEntry>();
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
|
|
@ -143,15 +142,14 @@ public class AuthorizationData implements Cloneable {
|
|||
* @return an instance of AuthorizationData.
|
||||
*
|
||||
*/
|
||||
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{
|
||||
if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) {
|
||||
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
|
||||
if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
|
||||
return null;
|
||||
}
|
||||
DerValue der = data.getDerValue();
|
||||
if (explicitTag != (der.getTag() & (byte)0x1F)) {
|
||||
if (explicitTag != (der.getTag() & (byte) 0x1F)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
DerValue subDer = der.getData().getDerValue();
|
||||
return new AuthorizationData(subDer);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -35,6 +35,7 @@ import sun.security.krb5.Asn1Exception;
|
|||
import sun.security.krb5.internal.ccache.CCacheOutputStream;
|
||||
|
||||
public class AuthorizationDataEntry implements Cloneable {
|
||||
|
||||
public int adType;
|
||||
public byte[] adData;
|
||||
|
||||
|
|
@ -43,8 +44,7 @@ public class AuthorizationDataEntry implements Cloneable {
|
|||
|
||||
public AuthorizationDataEntry(
|
||||
int new_adType,
|
||||
byte[] new_adData
|
||||
) {
|
||||
byte[] new_adData) {
|
||||
adType = new_adType;
|
||||
adData = new_adData;
|
||||
}
|
||||
|
|
@ -71,20 +71,21 @@ public class AuthorizationDataEntry implements Cloneable {
|
|||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
|
||||
if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
|
||||
adType = der.getData().getBigInteger().intValue();
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if ((der.getTag() & (byte)0x1F) == (byte)0x01) {
|
||||
if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
|
||||
adData = der.getData().getOctetString();
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
else
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
if (encoding.getData().available() > 0)
|
||||
if (encoding.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an AuthorizationDataEntry object.
|
||||
|
|
@ -96,10 +97,10 @@ public class AuthorizationDataEntry implements Cloneable {
|
|||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
temp.putInteger(adType);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putOctetString(adData);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
return temp.toByteArray();
|
||||
|
|
@ -120,5 +121,4 @@ public class AuthorizationDataEntry implements Cloneable {
|
|||
public String toString() {
|
||||
return ("adType=" + adType + " adData.length=" + adData.length);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,6 +55,7 @@ import java.math.BigInteger;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class EncAPRepPart {
|
||||
|
||||
public KerberosTime ctime;
|
||||
public int cusec;
|
||||
EncryptionKey subKey; //optional
|
||||
|
|
@ -64,8 +65,7 @@ public class EncAPRepPart {
|
|||
KerberosTime new_ctime,
|
||||
int new_cusec,
|
||||
EncryptionKey new_subKey,
|
||||
Integer new_seqNumber
|
||||
) {
|
||||
Integer new_seqNumber) {
|
||||
ctime = new_ctime;
|
||||
cusec = new_cusec;
|
||||
subKey = new_subKey;
|
||||
|
|
@ -90,24 +90,25 @@ public class EncAPRepPart {
|
|||
*/
|
||||
private void init(DerValue encoding) throws Asn1Exception, IOException {
|
||||
DerValue der, subDer;
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
|
||||
}
|
||||
ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
|
||||
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
|
||||
cusec = subDer.getData().getBigInteger().intValue();
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
if (der.getData().available() > 0) {
|
||||
subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
|
||||
}
|
||||
else {
|
||||
if (der.getData().available() > 0) {
|
||||
subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
|
||||
} else {
|
||||
subKey = null;
|
||||
seqNumber = null;
|
||||
}
|
||||
|
|
@ -117,11 +118,13 @@ public class EncAPRepPart {
|
|||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
} else {
|
||||
seqNumber = null;
|
||||
}
|
||||
else seqNumber = null;
|
||||
if (der.getData().available() > 0)
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an EncAPRepPart object.
|
||||
|
|
@ -129,26 +132,32 @@ public class EncAPRepPart {
|
|||
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
|
||||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
*/
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException{
|
||||
Vector<DerValue> v = new Vector<DerValue> ();
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException {
|
||||
Vector<DerValue> v = new Vector<DerValue>();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), ctime.asn1Encode()));
|
||||
temp.putInteger(BigInteger.valueOf(cusec));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray()));
|
||||
if (subKey != null)
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), temp.toByteArray()));
|
||||
if (subKey != null) {
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), subKey.asn1Encode()));
|
||||
}
|
||||
if (seqNumber != null) {
|
||||
temp = new DerOutputStream();
|
||||
// encode as an unsigned integer (UInt32)
|
||||
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray()));
|
||||
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), temp.toByteArray()));
|
||||
}
|
||||
DerValue der[] = new DerValue[v.size()];
|
||||
v.copyInto(der);
|
||||
temp = new DerOutputStream();
|
||||
temp.putSequence(der);
|
||||
DerOutputStream out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) 0x1B), temp);
|
||||
return out.toByteArray();
|
||||
}
|
||||
|
||||
|
|
@ -159,5 +168,4 @@ public class EncAPRepPart {
|
|||
public final Integer getSeqNumber() {
|
||||
return seqNumber;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,8 +48,7 @@ public class EncASRepPart extends EncKDCRepPart {
|
|||
KerberosTime new_renewTill,
|
||||
Realm new_srealm,
|
||||
PrincipalName new_sname,
|
||||
HostAddresses new_caddr
|
||||
) {
|
||||
HostAddresses new_caddr) {
|
||||
super(
|
||||
new_key,
|
||||
new_lastReq,
|
||||
|
|
@ -64,9 +63,9 @@ public class EncASRepPart extends EncKDCRepPart {
|
|||
new_sname,
|
||||
new_caddr,
|
||||
Krb5.KRB_ENC_AS_REP_PART
|
||||
);
|
||||
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
|
||||
//behavior of other implementaions, instead of above
|
||||
);
|
||||
}
|
||||
|
||||
public EncASRepPart(byte[] data) throws Asn1Exception,
|
||||
|
|
@ -88,5 +87,4 @@ public class EncASRepPart extends EncKDCRepPart {
|
|||
IOException {
|
||||
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ import sun.security.util.*;
|
|||
import java.util.Vector;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
|
||||
/**
|
||||
* Implements the ASN.1 EncKDCRepPart type.
|
||||
*
|
||||
|
|
@ -63,6 +64,7 @@ import java.math.BigInteger;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class EncKDCRepPart {
|
||||
|
||||
public EncryptionKey key;
|
||||
public LastReq lastReq;
|
||||
public int nonce;
|
||||
|
|
@ -90,8 +92,7 @@ public class EncKDCRepPart {
|
|||
Realm new_srealm,
|
||||
PrincipalName new_sname,
|
||||
HostAddresses new_caddr,
|
||||
int new_msgType
|
||||
) {
|
||||
int new_msgType) {
|
||||
key = new_key;
|
||||
lastReq = new_lastReq;
|
||||
nonce = new_nonce;
|
||||
|
|
@ -111,13 +112,12 @@ public class EncKDCRepPart {
|
|||
}
|
||||
|
||||
public EncKDCRepPart(byte[] data, int rep_type)
|
||||
throws Asn1Exception, IOException, RealmException{
|
||||
throws Asn1Exception, IOException, RealmException {
|
||||
init(new DerValue(data), rep_type);
|
||||
}
|
||||
|
||||
public EncKDCRepPart(DerValue encoding, int rep_type)
|
||||
throws Asn1Exception, IOException, RealmException
|
||||
{
|
||||
throws Asn1Exception, IOException, RealmException {
|
||||
init(encoding, rep_type);
|
||||
}
|
||||
|
||||
|
|
@ -131,37 +131,42 @@ public class EncKDCRepPart {
|
|||
* @exception RealmException if an error occurs while decoding an Realm object.
|
||||
*/
|
||||
protected void init(DerValue encoding, int rep_type)
|
||||
throws Asn1Exception, IOException, RealmException
|
||||
{
|
||||
throws Asn1Exception, IOException, RealmException {
|
||||
DerValue der, subDer;
|
||||
//implementations return the incorrect tag value, so
|
||||
//we don't use the above line; instead we use the following
|
||||
msgType = (encoding.getTag() & (byte)0x1F);
|
||||
msgType = (encoding.getTag() & (byte) 0x1F);
|
||||
if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
|
||||
msgType != Krb5.KRB_ENC_TGS_REP_PART)
|
||||
msgType != Krb5.KRB_ENC_TGS_REP_PART) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
|
||||
lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
|
||||
}
|
||||
key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
|
||||
lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
|
||||
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
|
||||
nonce = subDer.getData().getBigInteger().intValue();
|
||||
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
|
||||
flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
|
||||
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
|
||||
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
|
||||
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
|
||||
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
|
||||
srealm = Realm.parse(der.getData(), (byte)0x09, false);
|
||||
sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
|
||||
if (der.getData().available() > 0)
|
||||
caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
|
||||
if (der.getData().available() > 0)
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
|
||||
flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
|
||||
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
|
||||
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
|
||||
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
|
||||
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
|
||||
srealm = Realm.parse(der.getData(), (byte) 0x09, false);
|
||||
sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
|
||||
if (der.getData().available() > 0) {
|
||||
caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
|
||||
}
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an EncKDCRepPart object.
|
||||
|
|
@ -174,32 +179,48 @@ public class EncKDCRepPart {
|
|||
IOException {
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
DerOutputStream bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), key.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), lastReq.asn1Encode());
|
||||
temp.putInteger(BigInteger.valueOf(nonce));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), temp);
|
||||
|
||||
if (keyExpiration != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
|
||||
if (starttime != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
|
||||
if (renewTill != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
|
||||
if (caddr != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
|
||||
if (keyExpiration != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), keyExpiration.asn1Encode());
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x04), flags.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x05), authtime.asn1Encode());
|
||||
if (starttime != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x06), starttime.asn1Encode());
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x07), endtime.asn1Encode());
|
||||
if (renewTill != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x08), renewTill.asn1Encode());
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x09), srealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x0A), sname.asn1Encode());
|
||||
if (caddr != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x0B), caddr.asn1Encode());
|
||||
}
|
||||
//should use the rep_type to build the encoding
|
||||
//but other implementations do not; it is ignored and
|
||||
//the cached msgType is used instead
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) msgType), temp);
|
||||
return bytes.toByteArray();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
|
|||
import java.util.Vector;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
|
||||
/**
|
||||
* Implements the ASN.1 EncKrbCredPart type.
|
||||
*
|
||||
|
|
@ -57,9 +58,9 @@ import java.math.BigInteger;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class EncKrbCredPart {
|
||||
|
||||
public KrbCredInfo[] ticketInfo = null;
|
||||
public KerberosTime timeStamp; //optional
|
||||
|
||||
private Integer nonce; //optional
|
||||
private Integer usec; //optional
|
||||
private HostAddress sAddress; //optional
|
||||
|
|
@ -71,15 +72,14 @@ public class EncKrbCredPart {
|
|||
Integer new_usec,
|
||||
Integer new_nonce,
|
||||
HostAddress new_sAddress,
|
||||
HostAddresses new_rAddress
|
||||
) throws IOException {
|
||||
HostAddresses new_rAddress) throws IOException {
|
||||
if (new_ticketInfo != null) {
|
||||
ticketInfo = new KrbCredInfo[new_ticketInfo.length];
|
||||
for (int i = 0; i < new_ticketInfo.length; i++) {
|
||||
if (new_ticketInfo[i] == null) {
|
||||
throw new IOException("Cannot create a EncKrbCredPart");
|
||||
} else {
|
||||
ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
|
||||
ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -114,51 +114,54 @@ public class EncKrbCredPart {
|
|||
//mismatch on an encrypted structure
|
||||
nonce = null;
|
||||
timeStamp = null;
|
||||
usec= null;
|
||||
usec = null;
|
||||
sAddress = null;
|
||||
rAddress = null;
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
|
||||
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
|
||||
DerValue derValues[] = subDer.getData().getSequence(1);
|
||||
ticketInfo = new KrbCredInfo[derValues.length];
|
||||
for (int i = 0; i < derValues.length; i++) {
|
||||
ticketInfo[i] = new KrbCredInfo(derValues[i]);
|
||||
}
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
if (der.getData().available() > 0) {
|
||||
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) {
|
||||
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
|
||||
subDer = der.getData().getDerValue();
|
||||
nonce = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
}
|
||||
}
|
||||
if (der.getData().available() >0) {
|
||||
timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true);
|
||||
if (der.getData().available() > 0) {
|
||||
timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
|
||||
}
|
||||
if (der.getData().available() >0) {
|
||||
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) {
|
||||
if (der.getData().available() > 0) {
|
||||
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
|
||||
subDer = der.getData().getDerValue();
|
||||
usec = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
}
|
||||
}
|
||||
if (der.getData().available() >0) {
|
||||
sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
|
||||
if (der.getData().available() > 0) {
|
||||
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
|
||||
}
|
||||
if (der.getData().available() >0) {
|
||||
rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
|
||||
if (der.getData().available() > 0) {
|
||||
rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
|
||||
}
|
||||
if (der.getData().available() >0)
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an EncKrbCredPart object.
|
||||
|
|
@ -167,38 +170,46 @@ public class EncKrbCredPart {
|
|||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
*
|
||||
*/
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException{
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException {
|
||||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
DerValue[] tickets = new DerValue[ticketInfo.length];
|
||||
for (int i = 0; i < ticketInfo.length; i++)
|
||||
for (int i = 0; i < ticketInfo.length; i++) {
|
||||
tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
|
||||
}
|
||||
temp.putSequence(tickets);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), temp);
|
||||
|
||||
if (nonce != null) {
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(nonce.intValue()));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), temp);
|
||||
}
|
||||
if (timeStamp != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), timeStamp.asn1Encode());
|
||||
}
|
||||
if (usec != null) {
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(usec.intValue()));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), temp);
|
||||
}
|
||||
if (sAddress != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x04), sAddress.asn1Encode());
|
||||
}
|
||||
if (rAddress != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x05), rAddress.asn1Encode());
|
||||
}
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) 0x1D), temp);
|
||||
return bytes.toByteArray();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,8 +55,8 @@ import java.math.BigInteger;
|
|||
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
|
||||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
|
||||
public class EncKrbPrivPart {
|
||||
|
||||
public byte[] userData = null;
|
||||
public KerberosTime timestamp; //optional
|
||||
public Integer usec; //optional
|
||||
|
|
@ -70,8 +70,7 @@ public class EncKrbPrivPart {
|
|||
Integer new_usec,
|
||||
Integer new_seqNumber,
|
||||
HostAddress new_sAddress,
|
||||
HostAddress new_rAddress
|
||||
) {
|
||||
HostAddress new_rAddress) {
|
||||
if (new_userData != null) {
|
||||
userData = new_userData.clone();
|
||||
}
|
||||
|
|
@ -98,37 +97,42 @@ public class EncKrbPrivPart {
|
|||
*/
|
||||
private void init(DerValue encoding) throws Asn1Exception, IOException {
|
||||
DerValue der, subDer;
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
|
||||
userData = subDer.getData().getOctetString();
|
||||
}
|
||||
else
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
|
||||
userData = subDer.getData().getOctetString();
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
|
||||
if ((der.getData().peekByte() & 0x1F) == 0x02) {
|
||||
subDer = der.getData().getDerValue();
|
||||
usec = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
} else {
|
||||
usec = null;
|
||||
}
|
||||
else usec = null;
|
||||
if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
|
||||
if ((der.getData().peekByte() & 0x1F) == 0x03) {
|
||||
subDer = der.getData().getDerValue();
|
||||
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
|
||||
} else {
|
||||
seqNumber = null;
|
||||
}
|
||||
else seqNumber = null;
|
||||
sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
|
||||
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
|
||||
if (der.getData().available() > 0) {
|
||||
rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
|
||||
rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
|
||||
}
|
||||
if (der.getData().available() > 0)
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an EncKrbPrivPart object.
|
||||
|
|
@ -141,28 +145,29 @@ public class EncKrbPrivPart {
|
|||
DerOutputStream bytes = new DerOutputStream();
|
||||
|
||||
temp.putOctetString(userData);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
if (timestamp != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
|
||||
if (timestamp != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
|
||||
}
|
||||
if (usec != null) {
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(usec.intValue()));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
|
||||
}
|
||||
if (seqNumber != null) {
|
||||
temp = new DerOutputStream();
|
||||
// encode as an unsigned integer (UInt32)
|
||||
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
|
||||
if (rAddress != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
|
||||
}
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
|
||||
return bytes.toByteArray();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,8 +47,7 @@ public class EncTGSRepPart extends EncKDCRepPart {
|
|||
KerberosTime new_renewTill,
|
||||
Realm new_srealm,
|
||||
PrincipalName new_sname,
|
||||
HostAddresses new_caddr
|
||||
) {
|
||||
HostAddresses new_caddr) {
|
||||
super(
|
||||
new_key,
|
||||
new_lastReq,
|
||||
|
|
@ -62,8 +61,7 @@ public class EncTGSRepPart extends EncKDCRepPart {
|
|||
new_srealm,
|
||||
new_sname,
|
||||
new_caddr,
|
||||
Krb5.KRB_ENC_TGS_REP_PART
|
||||
);
|
||||
Krb5.KRB_ENC_TGS_REP_PART);
|
||||
}
|
||||
|
||||
public EncTGSRepPart(byte[] data) throws Asn1Exception,
|
||||
|
|
@ -85,5 +83,4 @@ public class EncTGSRepPart extends EncKDCRepPart {
|
|||
IOException {
|
||||
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@ import java.io.*;
|
|||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
public class EncTicketPart {
|
||||
|
||||
public TicketFlags flags;
|
||||
public EncryptionKey key;
|
||||
public Realm crealm;
|
||||
|
|
@ -85,8 +86,7 @@ public class EncTicketPart {
|
|||
KerberosTime new_endtime,
|
||||
KerberosTime new_renewTill,
|
||||
HostAddresses new_caddr,
|
||||
AuthorizationData new_authorizationData
|
||||
) {
|
||||
AuthorizationData new_authorizationData) {
|
||||
flags = new_flags;
|
||||
key = new_key;
|
||||
crealm = new_crealm;
|
||||
|
|
@ -117,14 +117,13 @@ public class EncTicketPart {
|
|||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
* @exception RealmException if an error occurs while parsing a Realm object.
|
||||
*/
|
||||
|
||||
private static String getHexBytes(byte[] bytes, int len)
|
||||
throws IOException {
|
||||
|
||||
StringBuffer sb = new StringBuffer();
|
||||
for (int i = 0; i < len; i++) {
|
||||
|
||||
int b1 = (bytes[i]>>4) & 0x0f;
|
||||
int b1 = (bytes[i] >> 4) & 0x0f;
|
||||
int b2 = bytes[i] & 0x0f;
|
||||
|
||||
sb.append(Integer.toHexString(b1));
|
||||
|
|
@ -141,32 +140,35 @@ public class EncTicketPart {
|
|||
renewTill = null;
|
||||
caddr = null;
|
||||
authorizationData = null;
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x03)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
flags = TicketFlags.parse(der.getData(), (byte)0x00, false);
|
||||
key = EncryptionKey.parse(der.getData(), (byte)0x01, false);
|
||||
crealm = Realm.parse(der.getData(), (byte)0x02, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte)0x03, false);
|
||||
transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false);
|
||||
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
|
||||
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
|
||||
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
|
||||
}
|
||||
flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
|
||||
key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
|
||||
crealm = Realm.parse(der.getData(), (byte) 0x02, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
|
||||
transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
|
||||
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
|
||||
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
|
||||
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
|
||||
if (der.getData().available() > 0) {
|
||||
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
|
||||
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
|
||||
}
|
||||
if (der.getData().available() > 0) {
|
||||
caddr = HostAddresses.parse(der.getData(), (byte)0x09, true);
|
||||
caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
|
||||
}
|
||||
if (der.getData().available() > 0) {
|
||||
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true);
|
||||
authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
|
||||
}
|
||||
if (der.getData().available() > 0)
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -176,31 +178,46 @@ public class EncTicketPart {
|
|||
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
|
||||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
*/
|
||||
|
||||
public byte[] asn1Encode() throws Asn1Exception, IOException {
|
||||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
|
||||
if (starttime != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), flags.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), key.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), crealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), cname.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x04), transited.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x05), authtime.asn1Encode());
|
||||
if (starttime != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x06), starttime.asn1Encode());
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x07), endtime.asn1Encode());
|
||||
|
||||
if (renewTill != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
|
||||
if (renewTill != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x08), renewTill.asn1Encode());
|
||||
}
|
||||
|
||||
if (caddr != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode());
|
||||
if (caddr != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x09), caddr.asn1Encode());
|
||||
}
|
||||
|
||||
if (authorizationData != null)
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode());
|
||||
if (authorizationData != null) {
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x0A), authorizationData.asn1Encode());
|
||||
}
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) 0x03), temp);
|
||||
return bytes.toByteArray();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -35,6 +35,7 @@ import sun.security.util.*;
|
|||
import java.util.Vector;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
|
||||
/**
|
||||
* Implements the ASN.1 KDC-REP type.
|
||||
*
|
||||
|
|
@ -59,14 +60,13 @@ import java.math.BigInteger;
|
|||
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
|
||||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
|
||||
public class KDCRep {
|
||||
|
||||
public Realm crealm;
|
||||
public PrincipalName cname;
|
||||
public Ticket ticket;
|
||||
public EncryptedData encPart;
|
||||
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
|
||||
|
||||
private int pvno;
|
||||
private int msgType;
|
||||
private PAData[] pAData = null; //optional
|
||||
|
|
@ -78,8 +78,7 @@ public class KDCRep {
|
|||
PrincipalName new_cname,
|
||||
Ticket new_ticket,
|
||||
EncryptedData new_encPart,
|
||||
int req_type
|
||||
) throws IOException {
|
||||
int req_type) throws IOException {
|
||||
pvno = Krb5.PVNO;
|
||||
msgType = req_type;
|
||||
if (new_pAData != null) {
|
||||
|
|
@ -88,7 +87,7 @@ public class KDCRep {
|
|||
if (new_pAData[i] == null) {
|
||||
throw new IOException("Cannot create a KDCRep");
|
||||
} else {
|
||||
pAData[i] = (PAData)new_pAData[i].clone();
|
||||
pAData[i] = (PAData) new_pAData[i].clone();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -101,7 +100,8 @@ public class KDCRep {
|
|||
public KDCRep() {
|
||||
}
|
||||
|
||||
public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException {
|
||||
public KDCRep(byte[] data, int req_type) throws Asn1Exception,
|
||||
KrbApErrException, RealmException, IOException {
|
||||
init(new DerValue(data), req_type);
|
||||
}
|
||||
|
||||
|
|
@ -112,14 +112,11 @@ public class KDCRep {
|
|||
|
||||
/*
|
||||
// Not used? Don't know what keyusage to use here %%%
|
||||
|
||||
public void decrypt(EncryptionKey key) throws Asn1Exception,
|
||||
IOException, KrbException, RealmException {
|
||||
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key),
|
||||
msgType);
|
||||
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
|
||||
}
|
||||
*/
|
||||
|
||||
*/
|
||||
/**
|
||||
* Initializes an KDCRep object.
|
||||
*
|
||||
|
|
@ -127,8 +124,10 @@ public class KDCRep {
|
|||
* @param req_type reply message type.
|
||||
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
|
||||
* @exception IOException if an I/O error occurs while reading encoded data.
|
||||
* @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data.
|
||||
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
|
||||
* @exception RealmException if an error occurs while constructing
|
||||
* a Realm object from DER-encoded data.
|
||||
* @exception KrbApErrException if the value read from the DER-encoded
|
||||
* data stream does not match the pre-defined value.
|
||||
*
|
||||
*/
|
||||
protected void init(DerValue encoding, int req_type)
|
||||
|
|
@ -151,8 +150,9 @@ public class KDCRep {
|
|||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x1F) == 0x00) {
|
||||
pvno = subDer.getData().getBigInteger().intValue();
|
||||
if (pvno != Krb5.PVNO)
|
||||
if (pvno != Krb5.PVNO) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
}
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
|
|
@ -175,16 +175,15 @@ public class KDCRep {
|
|||
} else {
|
||||
pAData = null;
|
||||
}
|
||||
crealm = Realm.parse(der.getData(), (byte)0x03, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
|
||||
ticket = Ticket.parse(der.getData(), (byte)0x05, false);
|
||||
encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
|
||||
crealm = Realm.parse(der.getData(), (byte) 0x03, false);
|
||||
cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
|
||||
ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
|
||||
encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Encodes this object to a byte array.
|
||||
* @return byte array of encoded APReq object.
|
||||
|
|
@ -197,10 +196,12 @@ public class KDCRep {
|
|||
DerOutputStream bytes = new DerOutputStream();
|
||||
DerOutputStream temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(pvno));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(msgType));
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), temp);
|
||||
if (pAData != null && pAData.length > 0) {
|
||||
DerOutputStream padata_stream = new DerOutputStream();
|
||||
for (int i = 0; i < pAData.length; i++) {
|
||||
|
|
@ -208,12 +209,17 @@ public class KDCRep {
|
|||
}
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_SequenceOf, padata_stream);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), temp);
|
||||
}
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), crealm.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x04), cname.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x05), ticket.asn1Encode());
|
||||
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x06), encPart.asn1Encode());
|
||||
temp = new DerOutputStream();
|
||||
temp.write(DerValue.tag_Sequence, bytes);
|
||||
return temp.toByteArray();
|
||||
|
|
|
|||
|
|
@ -56,10 +56,9 @@ import java.math.BigInteger;
|
|||
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
|
||||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
|
||||
public class KDCReq {
|
||||
public KDCReqBody reqBody;
|
||||
|
||||
public KDCReqBody reqBody;
|
||||
private int pvno;
|
||||
private int msgType;
|
||||
private PAData[] pAData = null; //optional
|
||||
|
|
@ -74,7 +73,7 @@ public class KDCReq {
|
|||
if (new_pAData[i] == null) {
|
||||
throw new IOException("Cannot create a KDCRep");
|
||||
} else {
|
||||
pAData[i] = (PAData)new_pAData[i].clone();
|
||||
pAData[i] = (PAData) new_pAData[i].clone();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -129,27 +128,29 @@ public class KDCReq {
|
|||
if ((subDer.getTag() & 0x01F) == 0x01) {
|
||||
bint = subDer.getData().getBigInteger();
|
||||
this.pvno = bint.intValue();
|
||||
if (this.pvno != Krb5.PVNO)
|
||||
if (this.pvno != Krb5.PVNO) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x01F) == 0x02) {
|
||||
bint = subDer.getData().getBigInteger();
|
||||
this.msgType = bint.intValue();
|
||||
if (this.msgType != req_type)
|
||||
if (this.msgType != req_type) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x01F) == 0x03) {
|
||||
DerValue subsubDer = subDer.getData().getDerValue();
|
||||
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
Vector<PAData> v = new Vector<PAData> ();
|
||||
Vector<PAData> v = new Vector<PAData>();
|
||||
while (subsubDer.getData().available() > 0) {
|
||||
v.addElement(new PAData(subsubDer.getData().getDerValue()));
|
||||
}
|
||||
|
|
@ -157,16 +158,17 @@ public class KDCReq {
|
|||
pAData = new PAData[v.size()];
|
||||
v.copyInto(pAData);
|
||||
}
|
||||
} else {
|
||||
pAData = null;
|
||||
}
|
||||
else pAData = null;
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x01F) == 0x04) {
|
||||
DerValue subsubDer = subDer.getData().getDerValue();
|
||||
reqBody = new KDCReqBody(subsubDer, msgType);
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes this object to a byte array.
|
||||
|
|
@ -181,10 +183,12 @@ public class KDCReq {
|
|||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(pvno));
|
||||
out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(msgType));
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), temp);
|
||||
if (pAData != null && pAData.length > 0) {
|
||||
temp = new DerOutputStream();
|
||||
for (int i = 0; i < pAData.length; i++) {
|
||||
|
|
@ -192,19 +196,20 @@ public class KDCReq {
|
|||
}
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.tag_SequenceOf, temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), bytes);
|
||||
}
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x04), reqBody.asn1Encode(msgType));
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.tag_Sequence, out);
|
||||
out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) msgType), bytes);
|
||||
return out.toByteArray();
|
||||
}
|
||||
|
||||
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
|
||||
{
|
||||
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
|
||||
return reqBody.asn1Encode(msgType);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,11 +56,10 @@ import java.math.BigInteger;
|
|||
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
|
||||
* http://www.ietf.org/rfc/rfc4120.txt</a>.
|
||||
*/
|
||||
|
||||
public class KRBCred {
|
||||
|
||||
public Ticket[] tickets = null;
|
||||
public EncryptedData encPart;
|
||||
|
||||
private int pvno;
|
||||
private int msgType;
|
||||
|
||||
|
|
@ -73,7 +72,7 @@ public class KRBCred {
|
|||
if (new_tickets[i] == null) {
|
||||
throw new IOException("Cannot create a KRBCred");
|
||||
} else {
|
||||
tickets[i] = (Ticket)new_tickets[i].clone();
|
||||
tickets[i] = (Ticket) new_tickets[i].clone();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -101,38 +100,41 @@ public class KRBCred {
|
|||
*/
|
||||
private void init(DerValue encoding) throws Asn1Exception,
|
||||
RealmException, KrbApErrException, IOException {
|
||||
if (((encoding.getTag() & (byte)0x1F) != (byte)0x16)
|
||||
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
|
||||
|| (encoding.isApplication() != true)
|
||||
|| (encoding.isConstructed() != true))
|
||||
|| (encoding.isConstructed() != true)) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
DerValue der, subDer;
|
||||
der = encoding.getData().getDerValue();
|
||||
if (der.getTag() != DerValue.tag_Sequence)
|
||||
if (der.getTag() != DerValue.tag_Sequence) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x1F) == 0x00) {
|
||||
pvno = subDer.getData().getBigInteger().intValue();
|
||||
if (pvno != Krb5.PVNO) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
|
||||
}
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x1F) == 0x01) {
|
||||
msgType = subDer.getData().getBigInteger().intValue();
|
||||
if (msgType != Krb5.KRB_CRED)
|
||||
if (msgType != Krb5.KRB_CRED) {
|
||||
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
|
||||
}
|
||||
else
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
subDer = der.getData().getDerValue();
|
||||
if ((subDer.getTag() & 0x1F) == 0x02) {
|
||||
DerValue subsubDer = subDer.getData().getDerValue();
|
||||
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
Vector<Ticket> v = new Vector<Ticket> ();
|
||||
Vector<Ticket> v = new Vector<Ticket>();
|
||||
while (subsubDer.getData().available() > 0) {
|
||||
v.addElement(new Ticket(subsubDer.getData().getDerValue()));
|
||||
}
|
||||
|
|
@ -140,15 +142,15 @@ public class KRBCred {
|
|||
tickets = new Ticket[v.size()];
|
||||
v.copyInto(tickets);
|
||||
}
|
||||
}
|
||||
else
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
|
||||
|
||||
if (der.getData().available() > 0)
|
||||
} else {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
|
||||
|
||||
if (der.getData().available() > 0) {
|
||||
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encodes an KRBCred object.
|
||||
|
|
@ -161,23 +163,27 @@ public class KRBCred {
|
|||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(pvno));
|
||||
out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x00), temp);
|
||||
temp = new DerOutputStream();
|
||||
temp.putInteger(BigInteger.valueOf(msgType));
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x01), temp);
|
||||
temp = new DerOutputStream();
|
||||
for (int i = 0; i < tickets.length; i++) {
|
||||
temp.write(tickets[i].asn1Encode());
|
||||
}
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.tag_SequenceOf, temp);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode());
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x02), bytes);
|
||||
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
|
||||
true, (byte) 0x03), encPart.asn1Encode());
|
||||
bytes = new DerOutputStream();
|
||||
bytes.write(DerValue.tag_Sequence, out);
|
||||
out = new DerOutputStream();
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes);
|
||||
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
|
||||
true, (byte) 0x16), bytes);
|
||||
return out.toByteArray();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ import sun.security.krb5.*;
|
|||
import sun.security.krb5.internal.*;
|
||||
|
||||
public class Credentials {
|
||||
|
||||
PrincipalName cname;
|
||||
Realm crealm;
|
||||
PrincipalName sname;
|
||||
|
|
@ -65,59 +66,61 @@ public class Credentials {
|
|||
AuthorizationData new_authData,
|
||||
Ticket new_ticket,
|
||||
Ticket new_secondTicket) {
|
||||
cname = (PrincipalName)new_cname.clone();
|
||||
if (new_cname.getRealm() != null)
|
||||
crealm = (Realm)new_cname.getRealm().clone();
|
||||
cname = (PrincipalName) new_cname.clone();
|
||||
if (new_cname.getRealm() != null) {
|
||||
crealm = (Realm) new_cname.getRealm().clone();
|
||||
}
|
||||
|
||||
sname = (PrincipalName)new_sname.clone();
|
||||
if (new_sname.getRealm() != null)
|
||||
srealm = (Realm)new_sname.getRealm().clone();
|
||||
sname = (PrincipalName) new_sname.clone();
|
||||
if (new_sname.getRealm() != null) {
|
||||
srealm = (Realm) new_sname.getRealm().clone();
|
||||
}
|
||||
|
||||
key = (EncryptionKey)new_key.clone();
|
||||
key = (EncryptionKey) new_key.clone();
|
||||
|
||||
authtime = (KerberosTime)new_authtime.clone();
|
||||
starttime = (KerberosTime)new_starttime.clone();
|
||||
endtime = (KerberosTime)new_endtime.clone();
|
||||
renewTill = (KerberosTime)new_renewTill.clone();
|
||||
if (new_caddr != null)
|
||||
caddr = (HostAddresses)new_caddr.clone();
|
||||
authtime = (KerberosTime) new_authtime.clone();
|
||||
starttime = (KerberosTime) new_starttime.clone();
|
||||
endtime = (KerberosTime) new_endtime.clone();
|
||||
renewTill = (KerberosTime) new_renewTill.clone();
|
||||
if (new_caddr != null) {
|
||||
caddr = (HostAddresses) new_caddr.clone();
|
||||
}
|
||||
if (new_authData != null) {
|
||||
authorizationData
|
||||
= (AuthorizationData)new_authData.clone();
|
||||
authorizationData = (AuthorizationData) new_authData.clone();
|
||||
}
|
||||
|
||||
isEncInSKey = new_isEncInSKey;
|
||||
flags = (TicketFlags)new_flags.clone();
|
||||
ticket = (Ticket)(new_ticket.clone());
|
||||
if (new_secondTicket != null)
|
||||
secondTicket = (Ticket)new_secondTicket.clone();
|
||||
flags = (TicketFlags) new_flags.clone();
|
||||
ticket = (Ticket) (new_ticket.clone());
|
||||
if (new_secondTicket != null) {
|
||||
secondTicket = (Ticket) new_secondTicket.clone();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
public Credentials(
|
||||
KDCRep kdcRep,
|
||||
Ticket new_secondTicket,
|
||||
AuthorizationData new_authorizationData,
|
||||
boolean new_isEncInSKey
|
||||
) {
|
||||
boolean new_isEncInSKey) {
|
||||
if (kdcRep.encKDCRepPart == null) //can't store while encrypted
|
||||
{
|
||||
return;
|
||||
crealm = (Realm)kdcRep.crealm.clone();
|
||||
cname = (PrincipalName)kdcRep.cname.clone();
|
||||
ticket = (Ticket)kdcRep.ticket.clone();
|
||||
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
|
||||
flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
|
||||
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
|
||||
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
|
||||
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
|
||||
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
|
||||
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
|
||||
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
|
||||
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
|
||||
secondTicket = (Ticket)new_secondTicket.clone();
|
||||
}
|
||||
crealm = (Realm) kdcRep.crealm.clone();
|
||||
cname = (PrincipalName) kdcRep.cname.clone();
|
||||
ticket = (Ticket) kdcRep.ticket.clone();
|
||||
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
|
||||
flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
|
||||
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
|
||||
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
|
||||
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
|
||||
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
|
||||
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
|
||||
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
|
||||
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
|
||||
secondTicket = (Ticket) new_secondTicket.clone();
|
||||
authorizationData =
|
||||
(AuthorizationData)new_authorizationData.clone();
|
||||
(AuthorizationData) new_authorizationData.clone();
|
||||
isEncInSKey = new_isEncInSKey;
|
||||
}
|
||||
|
||||
|
|
@ -126,42 +129,44 @@ public class Credentials {
|
|||
}
|
||||
|
||||
public Credentials(KDCRep kdcRep, Ticket new_ticket) {
|
||||
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
|
||||
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
|
||||
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
|
||||
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
|
||||
try {
|
||||
sname.setRealm(srealm);
|
||||
} catch (RealmException e) {
|
||||
}
|
||||
catch (RealmException e) {
|
||||
}
|
||||
cname = (PrincipalName)kdcRep.cname.clone();
|
||||
crealm = (Realm)kdcRep.crealm.clone();
|
||||
cname = (PrincipalName) kdcRep.cname.clone();
|
||||
crealm = (Realm) kdcRep.crealm.clone();
|
||||
try {
|
||||
cname.setRealm(crealm);
|
||||
} catch (RealmException e) {
|
||||
}
|
||||
catch (RealmException e) {
|
||||
}
|
||||
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
|
||||
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
|
||||
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
|
||||
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
|
||||
if (kdcRep.encKDCRepPart.starttime != null) {
|
||||
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
|
||||
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
|
||||
} else {
|
||||
starttime = null;
|
||||
}
|
||||
else starttime = null;
|
||||
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
|
||||
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
|
||||
if (kdcRep.encKDCRepPart.renewTill != null) {
|
||||
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
|
||||
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
|
||||
} else {
|
||||
renewTill = null;
|
||||
}
|
||||
else renewTill = null;
|
||||
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
|
||||
// isEncInSKey = false;
|
||||
// secondTicket = null;
|
||||
// }
|
||||
flags = kdcRep.encKDCRepPart.flags;
|
||||
if (kdcRep.encKDCRepPart.caddr != null)
|
||||
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
|
||||
else caddr = null;
|
||||
ticket = (Ticket)kdcRep.ticket.clone();
|
||||
if (kdcRep.encKDCRepPart.caddr != null) {
|
||||
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
|
||||
} else {
|
||||
caddr = null;
|
||||
}
|
||||
ticket = (Ticket) kdcRep.ticket.clone();
|
||||
if (new_ticket != null) {
|
||||
secondTicket = (Ticket)new_ticket.clone();
|
||||
secondTicket = (Ticket) new_ticket.clone();
|
||||
isEncInSKey = true;
|
||||
} else {
|
||||
secondTicket = null;
|
||||
|
|
@ -176,16 +181,14 @@ public class Credentials {
|
|||
boolean valid = true;
|
||||
if (endtime.getTime() < System.currentTimeMillis()) {
|
||||
valid = false;
|
||||
}
|
||||
else if ((starttime.getTime() > System.currentTimeMillis())
|
||||
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
|
||||
{
|
||||
} else if ((starttime.getTime() > System.currentTimeMillis())
|
||||
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis()))) {
|
||||
valid = false;
|
||||
}
|
||||
return valid;
|
||||
}
|
||||
|
||||
public PrincipalName getServicePrincipal() throws RealmException{
|
||||
public PrincipalName getServicePrincipal() throws RealmException {
|
||||
if (sname.getRealm() == null) {
|
||||
sname.setRealm(srealm);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ VOID
|
|||
InitUnicodeString(
|
||||
PUNICODE_STRING DestinationString,
|
||||
PCWSTR SourceString OPTIONAL
|
||||
);
|
||||
);
|
||||
|
||||
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize);
|
||||
|
||||
|
|
@ -510,13 +510,13 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ
|
|||
msticket = &(pTicketResponse->Ticket);
|
||||
}
|
||||
|
||||
/*
|
||||
/*
|
||||
|
||||
typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
|
||||
typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
|
||||
KERB_EXTERNAL_TICKET Ticket;
|
||||
} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
|
||||
} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
|
||||
|
||||
typedef struct _KERB_EXTERNAL_TICKET {
|
||||
typedef struct _KERB_EXTERNAL_TICKET {
|
||||
PKERB_EXTERNAL_NAME ServiceName;
|
||||
PKERB_EXTERNAL_NAME TargetName;
|
||||
PKERB_EXTERNAL_NAME ClientName;
|
||||
|
|
@ -533,29 +533,29 @@ typedef struct _KERB_EXTERNAL_TICKET {
|
|||
LARGE_INTEGER TimeSkew;
|
||||
ULONG EncodedTicketSize;
|
||||
PUCHAR EncodedTicket; <========== Here's the good stuff
|
||||
} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
|
||||
} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
|
||||
|
||||
typedef struct _KERB_EXTERNAL_NAME {
|
||||
typedef struct _KERB_EXTERNAL_NAME {
|
||||
SHORT NameType;
|
||||
USHORT NameCount;
|
||||
UNICODE_STRING Names[ANYSIZE_ARRAY];
|
||||
} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
|
||||
} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
|
||||
|
||||
typedef struct _LSA_UNICODE_STRING {
|
||||
typedef struct _LSA_UNICODE_STRING {
|
||||
USHORT Length;
|
||||
USHORT MaximumLength;
|
||||
PWSTR Buffer;
|
||||
} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
|
||||
} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
|
||||
|
||||
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
|
||||
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
|
||||
|
||||
typedef struct KERB_CRYPTO_KEY {
|
||||
typedef struct KERB_CRYPTO_KEY {
|
||||
LONG KeyType;
|
||||
ULONG Length;
|
||||
PUCHAR Value;
|
||||
} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
|
||||
} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
|
||||
|
||||
*/
|
||||
*/
|
||||
// Build a com.sun.security.krb5.Ticket
|
||||
ticket = BuildTicket(env, msticket->EncodedTicket,
|
||||
msticket->EncodedTicketSize);
|
||||
|
|
@ -989,9 +989,9 @@ jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime) {
|
|||
WCHAR second[3];
|
||||
|
||||
if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
|
||||
// XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
|
||||
// So, print them to strings, and then print them to the master string with a
|
||||
// format pattern that makes it two digits and prefix with a 0 if necessary.
|
||||
// XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
|
||||
// So, print them to strings, and then print them to the master string with a
|
||||
// format pattern that makes it two digits and prefix with a 0 if necessary.
|
||||
swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
|
||||
swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
|
||||
swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue