8187443: Forest Consolidation: Move files to unified layout

Reviewed-by: darcy, ihse
2025-08-28 07:14:30 +02:00 · 2017-09-12 19:03:39 +02:00 · 2017-09-12 19:03:39 +02:00 · 3789983e89
commit 3789983e89
parent 270fe13182
56923 changed files with 3 additions and 15727 deletions
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/AcceptSecContextToken.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/AcceptSecContextToken.java
@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.jgss.krb5;
+
+import org.ietf.jgss.*;
+import java.io.InputStream;
+import java.io.IOException;
+import java.security.AccessController;
+
+import sun.security.action.GetBooleanAction;
+import sun.security.krb5.*;
+
+class AcceptSecContextToken extends InitialToken {
+
+    private KrbApRep apRep = null;
+
+    /**
+     * Creates an AcceptSecContextToken for the context acceptor to send to
+     * the context initiator.
+     */
+    public AcceptSecContextToken(Krb5Context context,
+                                 KrbApReq apReq)
+        throws KrbException, IOException, GSSException {
+
+        boolean useSubkey = AccessController.doPrivileged(
+                new GetBooleanAction("sun.security.krb5.acceptor.subkey"));
+
+        boolean useSequenceNumber = true;
+
+        EncryptionKey subKey = null;
+        if (useSubkey) {
+            subKey = new EncryptionKey(apReq.getCreds().getSessionKey());
+            context.setKey(Krb5Context.ACCEPTOR_SUBKEY, subKey);
+        }
+        apRep = new KrbApRep(apReq, useSequenceNumber, subKey);
+
+        context.resetMySequenceNumber(apRep.getSeqNumber().intValue());
+
+        /*
+         * Note: The acceptor side context key was set when the
+         * InitSecContextToken was received.
+         */
+    }
+
+    /**
+     * Creates an AcceptSecContextToken at the context initiator's side
+     * using the bytes received from  the acceptor.
+     */
+    public AcceptSecContextToken(Krb5Context context,
+                                 Credentials serviceCreds, KrbApReq apReq,
+                                 InputStream is)
+        throws IOException, GSSException, KrbException  {
+
+        int tokenId = ((is.read()<<8) | is.read());
+
+        if (tokenId != Krb5Token.AP_REP_ID)
+            throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1,
+                                   "AP_REP token id does not match!");
+
+        byte[] apRepBytes =
+            new sun.security.util.DerValue(is).toByteArray();
+
+        KrbApRep apRep = new KrbApRep(apRepBytes, serviceCreds, apReq);
+
+        /*
+         * Allow the context acceptor to set a subkey if desired, even
+         * though our context acceptor will not do so.
+         */
+        EncryptionKey subKey = apRep.getSubKey();
+        if (subKey != null) {
+            context.setKey(Krb5Context.ACCEPTOR_SUBKEY, subKey);
+            /*
+            System.out.println("\n\nSub-Session key from AP-REP is: " +
+                               getHexBytes(subKey.getBytes()) + "\n");
+            */
+        }
+
+        Integer apRepSeqNumber = apRep.getSeqNumber();
+        int peerSeqNumber = (apRepSeqNumber != null ?
+                             apRepSeqNumber.intValue() :
+                             0);
+        context.resetPeerSequenceNumber(peerSeqNumber);
+    }
+
+    public final byte[] encode() throws IOException {
+        byte[] apRepBytes = apRep.getMessage();
+        byte[] retVal = new byte[2 + apRepBytes.length];
+        writeInt(Krb5Token.AP_REP_ID, retVal, 0);
+        System.arraycopy(apRepBytes, 0, retVal, 2, apRepBytes.length);
+        return retVal;
+    }
+}