stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

6641312: Fix krb5 codes indentation problems

Browse Source 
Reviewed-by: xuelei, valeriep, wetmore
This commit is contained in:
Weijun Wang 2008-03-05 09:52:50 +08:00
parent 6797bd9fb2
commit 0f960354ea
21 changed files with 2337 additions and 2245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

194
jdk/src/share/classes/sun/security/krb5/KrbTgsReq.java
View File

@ -75,107 +75,107 @@ public class KrbTgsReq extends KrbKdcReq {
null); // EncryptionKey subSessionKey null); // EncryptionKey subSessionKey
} }
// Called by Credentials, KrbCred // Called by Credentials, KrbCred
KrbTgsReq( KrbTgsReq(
KDCOptions options, KDCOptions options,
Credentials asCreds, Credentials asCreds,
PrincipalName sname, PrincipalName sname,
KerberosTime from, KerberosTime from,
KerberosTime till, KerberosTime till,
KerberosTime rtime, KerberosTime rtime,
int[] eTypes, int[] eTypes,
HostAddresses addresses, HostAddresses addresses,
AuthorizationData authorizationData, AuthorizationData authorizationData,
Ticket[] additionalTickets, Ticket[] additionalTickets,
EncryptionKey subKey) throws KrbException, IOException { EncryptionKey subKey) throws KrbException, IOException {
princName = asCreds.client; princName = asCreds.client;
servName = sname; servName = sname;
ctime = new KerberosTime(KerberosTime.NOW); ctime = new KerberosTime(KerberosTime.NOW);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if (options.get(KDCOptions.FORWARDABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.FORWARDED)) {
if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXIABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXY)) {
if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.ALLOW_POSTDATE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.RENEWABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
}
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if (options.get(KDCOptions.FORWARDABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.FORWARDED)) {
if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXIABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXY)) {
if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.ALLOW_POSTDATE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.RENEWABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
}
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
}
/** /**
* Sends a TGS request to the realm of the target. * Sends a TGS request to the realm of the target.

133
jdk/src/share/classes/sun/security/krb5/internal/APRep.java
View File

@ -54,81 +54,88 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class APRep { public class APRep {
public int pvno;
public int msgType;
public EncryptedData encPart;
public APRep(EncryptedData new_encPart) { public int pvno;
pvno = Krb5.PVNO; public int msgType;
msgType = Krb5.KRB_AP_REP; public EncryptedData encPart;
encPart = new_encPart;
}
public APRep(byte[] data) throws Asn1Exception, public APRep(EncryptedData new_encPart) {
KrbApErrException, IOException { pvno = Krb5.PVNO;
init(new DerValue(data)); msgType = Krb5.KRB_AP_REP;
} encPart = new_encPart;
}
public APRep(byte[] data) throws Asn1Exception,
KrbApErrException, IOException {
init(new DerValue(data));
}
public APRep(DerValue encoding) throws Asn1Exception, public APRep(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException { KrbApErrException, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an APRep object. * Initializes an APRep object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data * @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value. * stream does not match the pre-defined value.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException { KrbApErrException, IOException {
if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP) if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00) DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
DerValue subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue(); pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01) subDer = der.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REP)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
encPart = EncryptedData.parse(der.getData(), (byte)0x02, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REP) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an APRep object. * Encodes an APRep object.
* @return byte array of encoded APRep object. * @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType)); temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream aprep = new DerOutputStream(); DerOutputStream aprep = new DerOutputStream();
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp); aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
return aprep.toByteArray(); return aprep.toByteArray();
} }
} }

160
jdk/src/share/classes/sun/security/krb5/internal/APReq.java
View File

@ -54,94 +54,98 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class APReq { public class APReq {
public int pvno;
public int msgType;
public APOptions apOptions;
public Ticket ticket;
public EncryptedData authenticator;
public APReq( public int pvno;
APOptions new_apOptions, public int msgType;
Ticket new_ticket, public APOptions apOptions;
EncryptedData new_authenticator public Ticket ticket;
) { public EncryptedData authenticator;
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ;
apOptions = new_apOptions;
ticket = new_ticket;
authenticator = new_authenticator;
}
public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException { public APReq(
APOptions new_apOptions,
Ticket new_ticket,
EncryptedData new_authenticator) {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ;
apOptions = new_apOptions;
ticket = new_ticket;
authenticator = new_authenticator;
}
public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException { public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an APReq object. * Initializes an APReq object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value. * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbApErrException, RealmException { IOException, KrbApErrException, RealmException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ) if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue(); pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
ticket = Ticket.parse(der.getData(), (byte)0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an APReq object. * Encodes an APReq object.
* @return byte array of encoded APReq object. * @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType)); temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream apreq = new DerOutputStream(); DerOutputStream apreq = new DerOutputStream();
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp); apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
return apreq.toByteArray(); return apreq.toByteArray();
}
}
} }

44
jdk/src/share/classes/sun/security/krb5/internal/ASRep.java
View File

@ -40,30 +40,28 @@ import java.io.IOException;
public class ASRep extends KDCRep { public class ASRep extends KDCRep {
public ASRep( public ASRep(
PAData[] new_pAData, PAData[] new_pAData,
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Ticket new_ticket, Ticket new_ticket,
EncryptedData new_encPart EncryptedData new_encPart) throws IOException {
) throws IOException { super(new_pAData, new_crealm, new_cname, new_ticket,
super(new_pAData, new_crealm, new_cname, new_ticket, new_encPart, Krb5.KRB_AS_REP);
new_encPart, Krb5.KRB_AS_REP); }
}
public ASRep(byte[] data) throws Asn1Exception, public ASRep(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public ASRep(DerValue encoding) throws Asn1Exception, public ASRep(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
} }

23
jdk/src/share/classes/sun/security/krb5/internal/ASReq.java
View File

@ -36,20 +36,19 @@ import java.io.IOException;
public class ASReq extends KDCReq { public class ASReq extends KDCReq {
public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException { public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ); super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
} }
public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException { public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException { public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
} }

251
jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java
View File

@ -34,6 +34,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 Authenticator type. * Implements the ASN.1 Authenticator type.
* *
@ -58,6 +59,7 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class Authenticator { public class Authenticator {
public int authenticator_vno; public int authenticator_vno;
public Realm crealm; public Realm crealm;
public PrincipalName cname; public PrincipalName cname;
@ -68,137 +70,145 @@ public class Authenticator {
Integer seqNumber; //optional Integer seqNumber; //optional
public AuthorizationData authorizationData; //optional public AuthorizationData authorizationData; //optional
public Authenticator ( public Authenticator(
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Checksum new_cksum, Checksum new_cksum,
int new_cusec, int new_cusec,
KerberosTime new_ctime, KerberosTime new_ctime,
EncryptionKey new_subKey, EncryptionKey new_subKey,
Integer new_seqNumber, Integer new_seqNumber,
AuthorizationData new_authorizationData AuthorizationData new_authorizationData) {
) { authenticator_vno = Krb5.AUTHNETICATOR_VNO;
authenticator_vno = Krb5.AUTHNETICATOR_VNO; crealm = new_crealm;
crealm = new_crealm; cname = new_cname;
cname = new_cname; cksum = new_cksum;
cksum = new_cksum; cusec = new_cusec;
cusec = new_cusec; ctime = new_ctime;
ctime = new_ctime; subKey = new_subKey;
subKey = new_subKey; seqNumber = new_seqNumber;
seqNumber = new_seqNumber; authorizationData = new_authorizationData;
authorizationData = new_authorizationData; }
}
public Authenticator(byte[] data) public Authenticator(byte[] data)
throws Asn1Exception, IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public Authenticator(DerValue encoding) public Authenticator(DerValue encoding)
throws Asn1Exception,IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an Authenticator object. * Initializes an Authenticator object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data * @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value. * stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) private void init(DerValue encoding)
throws Asn1Exception, IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
DerValue der, subDer; DerValue der, subDer;
//may not be the correct error code for a tag //may not be the correct error code for a tag
//mismatch on an encrypted structure //mismatch on an encrypted structure
if (((encoding.getTag() & (byte)0x1F) != (byte)0x02) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00) der = encoding.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
authenticator_vno = subDer.getData().getBigInteger().intValue(); authenticator_vno = subDer.getData().getBigInteger().intValue();
if (authenticator_vno != 5) if (authenticator_vno != 5) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
crealm = Realm.parse(der.getData(), (byte)0x01, false); }
cname = PrincipalName.parse(der.getData(), (byte)0x02, false); crealm = Realm.parse(der.getData(), (byte) 0x01, false);
cksum = Checksum.parse(der.getData(), (byte)0x03, true); cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
} else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == 0x04) { if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
cusec = subDer.getData().getBigInteger().intValue(); seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} }
else throw new Asn1Exception(Krb5.ASN1_BAD_ID); }
ctime = KerberosTime.parse(der.getData(), (byte)0x05, false); } else {
if (der.getData().available() > 0) { seqNumber = null;
subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true); authorizationData = null;
}
else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
}
else {
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true);
}
else authorizationData = null;
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
} else {
authorizationData = null;
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an Authenticator object. * Encodes an Authenticator object.
* @return byte array of encoded Authenticator object. * @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(authenticator_vno)); temp.putInteger(BigInteger.valueOf(authenticator_vno));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
if (cksum != null) if (cksum != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode()));
if (subKey != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode()));
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
}
if (authorizationData != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
return out.toByteArray();
} }
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
if (subKey != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
}
if (authorizationData != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
return out.toByteArray();
}
public final Checksum getChecksum() { public final Checksum getChecksum() {
return cksum; return cksum;
@ -211,5 +221,4 @@ public class Authenticator {
public final EncryptionKey getSubKey() { public final EncryptionKey getSubKey() {
return subKey; return subKey;
} }
} }

176
jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
View File

@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
* } * }
*/ */
public class AuthorizationData implements Cloneable { public class AuthorizationData implements Cloneable {
private AuthorizationDataEntry[] entry = null;
private AuthorizationData() { private AuthorizationDataEntry[] entry = null;
}
public AuthorizationData( private AuthorizationData() {
AuthorizationDataEntry[] new_entries }
) throws IOException {
if (new_entries != null) {
entry = new AuthorizationDataEntry[new_entries.length];
for (int i = 0; i < new_entries.length; i++) {
if (new_entries[i] == null) {
throw new IOException("Cannot create an AuthorizationData");
} else {
entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
}
}
}
}
public AuthorizationData( public AuthorizationData(AuthorizationDataEntry[] new_entries)
AuthorizationDataEntry new_entry throws IOException {
) { if (new_entries != null) {
entry = new AuthorizationDataEntry[1]; entry = new AuthorizationDataEntry[new_entries.length];
entry[0] = new_entry; for (int i = 0; i < new_entries.length; i++) {
if (new_entries[i] == null) {
throw new IOException("Cannot create an AuthorizationData");
} else {
entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
}
}
} }
}
public Object clone() { public AuthorizationData(AuthorizationDataEntry new_entry) {
AuthorizationData new_authorizationData = entry = new AuthorizationDataEntry[1];
new AuthorizationData(); entry[0] = new_entry;
if (entry != null) { }
new_authorizationData.entry =
new AuthorizationDataEntry[entry.length];
for (int i = 0; i < entry.length; i++)
new_authorizationData.entry[i] =
(AuthorizationDataEntry)entry[i].clone();
}
return new_authorizationData;
}
/** public Object clone() {
* Constructs a new <code>AuthorizationData,</code> instance. AuthorizationData new_authorizationData =
* @param der a single DER-encoded value. new AuthorizationData();
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. if (entry != null) {
* @exception IOException if an I/O error occurs while reading encoded data. new_authorizationData.entry =
*/ new AuthorizationDataEntry[entry.length];
public AuthorizationData(DerValue der) throws Asn1Exception, IOException { for (int i = 0; i < entry.length; i++) {
Vector<AuthorizationDataEntry> v = new_authorizationData.entry[i] =
new Vector<AuthorizationDataEntry> (); (AuthorizationDataEntry) entry[i].clone();
if (der.getTag() != DerValue.tag_Sequence) { }
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
while (der.getData().available() > 0) {
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
} }
return new_authorizationData;
}
/** /**
* Encodes an <code>AuthorizationData</code> object. * Constructs a new <code>AuthorizationData,</code> instance.
* @return byte array of encoded <code>AuthorizationData</code> object. * @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); Vector<AuthorizationDataEntry> v =
DerValue der[] = new DerValue[entry.length]; new Vector<AuthorizationDataEntry>();
for (int i = 0; i < entry.length; i++) { if (der.getTag() != DerValue.tag_Sequence) {
der[i] = new DerValue(entry[i].asn1Encode()); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
bytes.putSequence(der);
return bytes.toByteArray();
} }
while (der.getData().available() > 0) {
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
}
/**
* Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerValue der[] = new DerValue[entry.length];
for (int i = 0; i < entry.length; i++) {
der[i] = new DerValue(entry[i].asn1Encode());
}
bytes.putSequence(der);
return bytes.toByteArray();
}
/** /**
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream. * Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream.
@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable {
* @return an instance of AuthorizationData. * @return an instance of AuthorizationData.
* *
*/ */
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{ public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) { if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
return null; return null;
}
DerValue der = data.getDerValue();
if (explicitTag != (der.getTag() & (byte)0x1F)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
else {
DerValue subDer = der.getData().getDerValue();
return new AuthorizationData(subDer);
}
} }
DerValue der = data.getDerValue();
if (explicitTag != (der.getTag() & (byte) 0x1F)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} else {
DerValue subDer = der.getData().getDerValue();
return new AuthorizationData(subDer);
}
}
/** /**
* Writes <code>AuthorizationData</code> data fields to a output stream. * Writes <code>AuthorizationData</code> data fields to a output stream.
* *
* @param cos a <code>CCacheOutputStream</code> to be written to. * @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs. * @exception IOException if an I/O exception occurs.
*/ */
public void writeAuth(CCacheOutputStream cos) throws IOException { public void writeAuth(CCacheOutputStream cos) throws IOException {
for (int i = 0; i < entry.length; i++) { for (int i = 0; i < entry.length; i++) {
entry[i].writeEntry(cos); entry[i].writeEntry(cos);
}
} }
}
public String toString() { public String toString() {
String retVal = "AuthorizationData:\n"; String retVal = "AuthorizationData:\n";

144
jdk/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
View File

@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception;
import sun.security.krb5.internal.ccache.CCacheOutputStream; import sun.security.krb5.internal.ccache.CCacheOutputStream;
public class AuthorizationDataEntry implements Cloneable { public class AuthorizationDataEntry implements Cloneable {
public int adType;
public byte[] adData;
private AuthorizationDataEntry() { public int adType;
public byte[] adData;
private AuthorizationDataEntry() {
}
public AuthorizationDataEntry(
int new_adType,
byte[] new_adData) {
adType = new_adType;
adData = new_adData;
}
public Object clone() {
AuthorizationDataEntry new_authorizationDataEntry =
new AuthorizationDataEntry();
new_authorizationDataEntry.adType = adType;
if (adData != null) {
new_authorizationDataEntry.adData = new byte[adData.length];
System.arraycopy(adData, 0,
new_authorizationDataEntry.adData, 0, adData.length);
} }
return new_authorizationDataEntry;
}
public AuthorizationDataEntry( /**
int new_adType, * Constructs an instance of AuthorizationDataEntry.
byte[] new_adData * @param encoding a single DER-encoded value.
) { */
adType = new_adType; public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
adData = new_adData; DerValue der;
}
public Object clone() {
AuthorizationDataEntry new_authorizationDataEntry =
new AuthorizationDataEntry();
new_authorizationDataEntry.adType = adType;
if (adData != null) {
new_authorizationDataEntry.adData = new byte[adData.length];
System.arraycopy(adData, 0,
new_authorizationDataEntry.adData, 0, adData.length);
}
return new_authorizationDataEntry;
}
/**
* Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value.
*/
public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
DerValue der;
if (encoding.getTag() != DerValue.tag_Sequence) { if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
adType = der.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x01) { if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
adData = der.getData().getOctetString(); adType = der.getData().getBigInteger().intValue();
} } else {
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (encoding.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
adData = der.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (encoding.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an AuthorizationDataEntry object. * Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object. * @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(adType); temp.putInteger(adType);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putOctetString(adData); temp.putOctetString(adData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray(); return temp.toByteArray();
} }
/** /**
* Writes the entry's data fields in FCC format to an output stream. * Writes the entry's data fields in FCC format to an output stream.
* *
* @param cos a <code>CCacheOutputStream</code>. * @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs. * @exception IOException if an I/O exception occurs.
*/ */
public void writeEntry(CCacheOutputStream cos) throws IOException { public void writeEntry(CCacheOutputStream cos) throws IOException {
cos.write16(adType); cos.write16(adType);
cos.write32(adData.length); cos.write32(adData.length);
cos.write(adData, 0, adData.length); cos.write(adData, 0, adData.length);
} }
public String toString() { public String toString() {
return ("adType=" + adType + " adData.length=" + adData.length); return ("adType=" + adType + " adData.length=" + adData.length);
} }
} }

180
jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
View File

@ -55,102 +55,111 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncAPRepPart { public class EncAPRepPart {
public KerberosTime ctime;
public int cusec; public KerberosTime ctime;
public int cusec;
EncryptionKey subKey; //optional EncryptionKey subKey; //optional
Integer seqNumber; //optional Integer seqNumber; //optional
public EncAPRepPart( public EncAPRepPart(
KerberosTime new_ctime, KerberosTime new_ctime,
int new_cusec, int new_cusec,
EncryptionKey new_subKey, EncryptionKey new_subKey,
Integer new_seqNumber Integer new_seqNumber) {
) { ctime = new_ctime;
ctime = new_ctime; cusec = new_cusec;
cusec = new_cusec; subKey = new_subKey;
subKey = new_subKey; seqNumber = new_seqNumber;
seqNumber = new_seqNumber; }
}
public EncAPRepPart(byte[] data) public EncAPRepPart(byte[] data)
throws Asn1Exception, IOException { throws Asn1Exception, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncAPRepPart(DerValue encoding) public EncAPRepPart(DerValue encoding)
throws Asn1Exception, IOException { throws Asn1Exception, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an EncaPRepPart object. * Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
private void init(DerValue encoding) throws Asn1Exception, IOException { private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
cusec = subDer.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
}
else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
} else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncAPRepPart object. * Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object. * @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException{ public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
temp.putInteger(BigInteger.valueOf(cusec)); true, (byte) 0x00), ctime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray())); temp.putInteger(BigInteger.valueOf(cusec));
if (subKey != null) v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode())); true, (byte) 0x01), temp.toByteArray()));
if (seqNumber != null) { if (subKey != null) {
temp = new DerOutputStream(); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
// encode as an unsigned integer (UInt32) true, (byte) 0x02), subKey.asn1Encode()));
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
return out.toByteArray();
} }
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), temp.toByteArray()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1B), temp);
return out.toByteArray();
}
public final EncryptionKey getSubKey() { public final EncryptionKey getSubKey() {
return subKey; return subKey;
@ -159,5 +168,4 @@ public class EncAPRepPart {
public final Integer getSeqNumber() { public final Integer getSeqNumber() {
return seqNumber; return seqNumber;
} }
} }

94
jdk/src/share/classes/sun/security/krb5/internal/EncASRepPart.java
View File

@ -36,57 +36,55 @@ import java.io.IOException;
public class EncASRepPart extends EncKDCRepPart { public class EncASRepPart extends EncKDCRepPart {
public EncASRepPart( public EncASRepPart(
EncryptionKey new_key, EncryptionKey new_key,
LastReq new_lastReq, LastReq new_lastReq,
int new_nonce, int new_nonce,
KerberosTime new_keyExpiration, KerberosTime new_keyExpiration,
TicketFlags new_flags, TicketFlags new_flags,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
Realm new_srealm, Realm new_srealm,
PrincipalName new_sname, PrincipalName new_sname,
HostAddresses new_caddr HostAddresses new_caddr) {
) { super(
super( new_key,
new_key, new_lastReq,
new_lastReq, new_nonce,
new_nonce, new_keyExpiration,
new_keyExpiration, new_flags,
new_flags, new_authtime,
new_authtime, new_starttime,
new_starttime, new_endtime,
new_endtime, new_renewTill,
new_renewTill, new_srealm,
new_srealm, new_sname,
new_sname, new_caddr,
new_caddr, Krb5.KRB_ENC_AS_REP_PART
Krb5.KRB_ENC_AS_REP_PART
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
); );
} //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
}
public EncASRepPart(byte[] data) throws Asn1Exception, public EncASRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncASRepPart(DerValue encoding) throws Asn1Exception, public EncASRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding, Krb5.KRB_ENC_AS_REP_PART); init(encoding, Krb5.KRB_ENC_AS_REP_PART);
} }
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
} }

273
jdk/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
View File

@ -36,6 +36,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 EncKDCRepPart type. * Implements the ASN.1 EncKDCRepPart type.
* *
@ -63,143 +64,163 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKDCRepPart { public class EncKDCRepPart {
public EncryptionKey key;
public LastReq lastReq;
public int nonce;
public KerberosTime keyExpiration; //optional
public TicketFlags flags;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public Realm srealm;
public PrincipalName sname;
public HostAddresses caddr; //optional
public int msgType; //not included in sequence
public EncKDCRepPart( public EncryptionKey key;
EncryptionKey new_key, public LastReq lastReq;
LastReq new_lastReq, public int nonce;
int new_nonce, public KerberosTime keyExpiration; //optional
KerberosTime new_keyExpiration, public TicketFlags flags;
TicketFlags new_flags, public KerberosTime authtime;
KerberosTime new_authtime, public KerberosTime starttime; //optional
KerberosTime new_starttime, public KerberosTime endtime;
KerberosTime new_endtime, public KerberosTime renewTill; //optional
KerberosTime new_renewTill, public Realm srealm;
Realm new_srealm, public PrincipalName sname;
PrincipalName new_sname, public HostAddresses caddr; //optional
HostAddresses new_caddr, public int msgType; //not included in sequence
int new_msgType
) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncKDCRepPart() { public EncKDCRepPart(
} EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr,
int new_msgType) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncKDCRepPart(byte[] data, int rep_type) public EncKDCRepPart() {
throws Asn1Exception, IOException, RealmException{ }
init(new DerValue(data), rep_type);
}
public EncKDCRepPart(DerValue encoding, int rep_type) public EncKDCRepPart(byte[] data, int rep_type)
throws Asn1Exception, IOException, RealmException throws Asn1Exception, IOException, RealmException {
{ init(new DerValue(data), rep_type);
init(encoding, rep_type); }
}
/** public EncKDCRepPart(DerValue encoding, int rep_type)
* Initializes an EncKDCRepPart object. throws Asn1Exception, IOException, RealmException {
* init(encoding, rep_type);
* @param encoding a single DER-encoded value. }
* @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. /**
* @exception IOException if an I/O error occurs while reading encoded data. * Initializes an EncKDCRepPart object.
* @exception RealmException if an error occurs while decoding an Realm object. *
*/ * @param encoding a single DER-encoded value.
protected void init(DerValue encoding, int rep_type) * @param rep_type type of the encrypted reply message.
throws Asn1Exception, IOException, RealmException * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
{ * @exception IOException if an I/O error occurs while reading encoded data.
DerValue der, subDer; * @exception RealmException if an error occurs while decoding an Realm object.
//implementations return the incorrect tag value, so */
//we don't use the above line; instead we use the following protected void init(DerValue encoding, int rep_type)
msgType = (encoding.getTag() & (byte)0x1F); throws Asn1Exception, IOException, RealmException {
DerValue der, subDer;
//implementations return the incorrect tag value, so
//we don't use the above line; instead we use the following
msgType = (encoding.getTag() & (byte) 0x1F);
if (msgType != Krb5.KRB_ENC_AS_REP_PART && if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
msgType != Krb5.KRB_ENC_TGS_REP_PART) msgType != Krb5.KRB_ENC_TGS_REP_PART) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
nonce = subDer.getData().getBigInteger().intValue();
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
srealm = Realm.parse(der.getData(), (byte)0x09, false);
sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
if (der.getData().available() > 0)
caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
nonce = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
srealm = Realm.parse(der.getData(), (byte) 0x09, false);
sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
if (der.getData().available() > 0) {
caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncKDCRepPart object. * Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message. * @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object. * @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode(int rep_type) throws Asn1Exception, public byte[] asn1Encode(int rep_type) throws Asn1Exception,
IOException { IOException {
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode()); true, (byte) 0x00), key.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce)); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp); true, (byte) 0x01), lastReq.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (keyExpiration != null) if (keyExpiration != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode()); true, (byte) 0x03), keyExpiration.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
if (starttime != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
if (renewTill != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
if (caddr != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
return bytes.toByteArray();
} }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), starttime.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x07), endtime.asn1Encode());
if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x08), renewTill.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), sname.asn1Encode());
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0B), caddr.asn1Encode());
}
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), temp);
return bytes.toByteArray();
}
} }

267
jdk/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
View File

@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 EncKrbCredPart type. * Implements the ASN.1 EncKrbCredPart type.
* *
@ -57,148 +58,158 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKrbCredPart { public class EncKrbCredPart {
public KrbCredInfo[] ticketInfo = null;
public KerberosTime timeStamp; //optional
private Integer nonce; //optional public KrbCredInfo[] ticketInfo = null;
private Integer usec; //optional public KerberosTime timeStamp; //optional
private HostAddress sAddress; //optional private Integer nonce; //optional
private HostAddresses rAddress; //optional private Integer usec; //optional
private HostAddress sAddress; //optional
private HostAddresses rAddress; //optional
public EncKrbCredPart( public EncKrbCredPart(
KrbCredInfo[] new_ticketInfo, KrbCredInfo[] new_ticketInfo,
KerberosTime new_timeStamp, KerberosTime new_timeStamp,
Integer new_usec, Integer new_usec,
Integer new_nonce, Integer new_nonce,
HostAddress new_sAddress, HostAddress new_sAddress,
HostAddresses new_rAddress HostAddresses new_rAddress) throws IOException {
) throws IOException { if (new_ticketInfo != null) {
if (new_ticketInfo != null) { ticketInfo = new KrbCredInfo[new_ticketInfo.length];
ticketInfo = new KrbCredInfo[new_ticketInfo.length]; for (int i = 0; i < new_ticketInfo.length; i++) {
for (int i = 0; i < new_ticketInfo.length; i++) { if (new_ticketInfo[i] == null) {
if (new_ticketInfo[i] == null) { throw new IOException("Cannot create a EncKrbCredPart");
throw new IOException("Cannot create a EncKrbCredPart"); } else {
} else { ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
}
}
} }
timeStamp = new_timeStamp; }
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
} }
timeStamp = new_timeStamp;
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbCredPart(byte[] data) throws Asn1Exception, public EncKrbCredPart(byte[] data) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncKrbCredPart(DerValue encoding) throws Asn1Exception, public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an EncKrbCredPart object. * Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
DerValue der, subDer; DerValue der, subDer;
//may not be the correct error code for a tag //may not be the correct error code for a tag
//mismatch on an encrypted structure //mismatch on an encrypted structure
nonce = null; nonce = null;
timeStamp = null; timeStamp = null;
usec= null; usec = null;
sAddress = null; sAddress = null;
rAddress = null; rAddress = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
DerValue derValues[] = subDer.getData().getSequence(1);
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) { nonce = new Integer(subDer.getData().getBigInteger().intValue());
DerValue derValues[] = subDer.getData().getSequence(1); }
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getData().available() > 0) {
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) {
subDer = der.getData().getDerValue();
nonce = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() >0) {
timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true);
}
if (der.getData().available() >0) {
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() >0) {
sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
}
if (der.getData().available() >0) {
rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() >0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
if (der.getData().available() > 0) {
timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() > 0) {
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
}
if (der.getData().available() > 0) {
rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncKrbCredPart object. * Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object. * @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* *
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException{ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerValue[] tickets = new DerValue[ticketInfo.length]; DerValue[] tickets = new DerValue[ticketInfo.length];
for (int i = 0; i < ticketInfo.length; i++) for (int i = 0; i < ticketInfo.length; i++) {
tickets[i] = new DerValue(ticketInfo[i].asn1Encode()); tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
temp.putSequence(tickets);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
if (nonce != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(nonce.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
}
if (timeStamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode());
}
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
}
if (sAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
}
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
return bytes.toByteArray();
} }
temp.putSequence(tickets);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
if (nonce != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(nonce.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
}
if (timeStamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), timeStamp.asn1Encode());
}
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), temp);
}
if (sAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), sAddress.asn1Encode());
}
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1D), temp);
return bytes.toByteArray();
}
} }

197
jdk/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
View File

@ -55,114 +55,119 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKrbPrivPart { public class EncKrbPrivPart {
public byte[] userData = null;
public KerberosTime timestamp; //optional
public Integer usec; //optional
public Integer seqNumber; //optional
public HostAddress sAddress; //optional
public HostAddress rAddress; //optional
public EncKrbPrivPart( public byte[] userData = null;
byte[] new_userData, public KerberosTime timestamp; //optional
KerberosTime new_timestamp, public Integer usec; //optional
Integer new_usec, public Integer seqNumber; //optional
Integer new_seqNumber, public HostAddress sAddress; //optional
HostAddress new_sAddress, public HostAddress rAddress; //optional
HostAddress new_rAddress
) { public EncKrbPrivPart(
if (new_userData != null) { byte[] new_userData,
userData = new_userData.clone(); KerberosTime new_timestamp,
} Integer new_usec,
timestamp = new_timestamp; Integer new_seqNumber,
usec = new_usec; HostAddress new_sAddress,
seqNumber = new_seqNumber; HostAddress new_rAddress) {
sAddress = new_sAddress; if (new_userData != null) {
rAddress = new_rAddress; userData = new_userData.clone();
} }
timestamp = new_timestamp;
usec = new_usec;
seqNumber = new_seqNumber;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException { public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException { public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an EncKrbPrivPart object. * Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
private void init(DerValue encoding) throws Asn1Exception, IOException { private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
userData = subDer.getData().getOctetString();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
else usec = null;
if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
userData = subDer.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
} else {
usec = null;
}
if ((der.getData().peekByte() & 0x1F) == 0x03) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncKrbPrivPart object. * Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object. * @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
temp.putOctetString(userData); temp.putOctetString(userData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
if (timestamp != null) if (timestamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
return bytes.toByteArray();
} }
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
return bytes.toByteArray();
}
} }

91
jdk/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
View File

@ -35,55 +35,52 @@ import java.io.IOException;
public class EncTGSRepPart extends EncKDCRepPart { public class EncTGSRepPart extends EncKDCRepPart {
public EncTGSRepPart( public EncTGSRepPart(
EncryptionKey new_key, EncryptionKey new_key,
LastReq new_lastReq, LastReq new_lastReq,
int new_nonce, int new_nonce,
KerberosTime new_keyExpiration, KerberosTime new_keyExpiration,
TicketFlags new_flags, TicketFlags new_flags,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
Realm new_srealm, Realm new_srealm,
PrincipalName new_sname, PrincipalName new_sname,
HostAddresses new_caddr HostAddresses new_caddr) {
) { super(
super( new_key,
new_key, new_lastReq,
new_lastReq, new_nonce,
new_nonce, new_keyExpiration,
new_keyExpiration, new_flags,
new_flags, new_authtime,
new_authtime, new_starttime,
new_starttime, new_endtime,
new_endtime, new_renewTill,
new_renewTill, new_srealm,
new_srealm, new_sname,
new_sname, new_caddr,
new_caddr, Krb5.KRB_ENC_TGS_REP_PART);
Krb5.KRB_ENC_TGS_REP_PART }
);
}
public EncTGSRepPart(byte[] data) throws Asn1Exception, public EncTGSRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncTGSRepPart(DerValue encoding) throws Asn1Exception, public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding, Krb5.KRB_ENC_TGS_REP_PART); init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
} }
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
} }

247
jdk/src/share/classes/sun/security/krb5/internal/EncTicketPart.java
View File

@ -62,69 +62,68 @@ import java.io.*;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncTicketPart { public class EncTicketPart {
public TicketFlags flags;
public EncryptionKey key;
public Realm crealm;
public PrincipalName cname;
public TransitedEncoding transited;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public HostAddresses caddr; //optional
public AuthorizationData authorizationData; //optional
public EncTicketPart( public TicketFlags flags;
TicketFlags new_flags, public EncryptionKey key;
EncryptionKey new_key, public Realm crealm;
Realm new_crealm, public PrincipalName cname;
PrincipalName new_cname, public TransitedEncoding transited;
TransitedEncoding new_transited, public KerberosTime authtime;
KerberosTime new_authtime, public KerberosTime starttime; //optional
KerberosTime new_starttime, public KerberosTime endtime;
KerberosTime new_endtime, public KerberosTime renewTill; //optional
KerberosTime new_renewTill, public HostAddresses caddr; //optional
HostAddresses new_caddr, public AuthorizationData authorizationData; //optional
AuthorizationData new_authorizationData
) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public EncTicketPart(byte[] data) public EncTicketPart(
throws Asn1Exception, KrbException, IOException { TicketFlags new_flags,
init(new DerValue(data)); EncryptionKey new_key,
} Realm new_crealm,
PrincipalName new_cname,
TransitedEncoding new_transited,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
HostAddresses new_caddr,
AuthorizationData new_authorizationData) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public EncTicketPart(DerValue encoding) public EncTicketPart(byte[] data)
throws Asn1Exception, KrbException, IOException { throws Asn1Exception, KrbException, IOException {
init(encoding); init(new DerValue(data));
} }
/** public EncTicketPart(DerValue encoding)
* Initializes an EncTicketPart object. throws Asn1Exception, KrbException, IOException {
* @param encoding a single DER-encoded value. init(encoding);
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. }
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private static String getHexBytes(byte[] bytes, int len) private static String getHexBytes(byte[] bytes, int len)
throws IOException { throws IOException {
StringBuffer sb = new StringBuffer(); StringBuffer sb = new StringBuffer();
for (int i = 0; i < len; i++) { for (int i = 0; i < len; i++) {
int b1 = (bytes[i]>>4) & 0x0f; int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f; int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1)); sb.append(Integer.toHexString(b1));
@ -134,73 +133,91 @@ public class EncTicketPart {
return sb.toString(); return sb.toString();
} }
private void init(DerValue encoding) private void init(DerValue encoding)
throws Asn1Exception, IOException, RealmException { throws Asn1Exception, IOException, RealmException {
DerValue der, subDer; DerValue der, subDer;
renewTill = null; renewTill = null;
caddr = null; caddr = null;
authorizationData = null; authorizationData = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x03) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); }
if (der.getTag() != DerValue.tag_Sequence) der = encoding.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (der.getTag() != DerValue.tag_Sequence) {
flags = TicketFlags.parse(der.getData(), (byte)0x00, false); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
key = EncryptionKey.parse(der.getData(), (byte)0x01, false); }
crealm = Realm.parse(der.getData(), (byte)0x02, false); flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
cname = PrincipalName.parse(der.getData(), (byte)0x03, false); key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false); crealm = Realm.parse(der.getData(), (byte) 0x02, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false); cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true); transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false); authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
if (der.getData().available() > 0) { starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true); endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) { renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
caddr = HostAddresses.parse(der.getData(), (byte)0x09, true); }
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) { caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true); }
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
throw new Asn1Exception(Krb5.ASN1_BAD_ID); }
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
/** }
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException { /**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode()); true, (byte) 0x00), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode()); true, (byte) 0x01), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode()); true, (byte) 0x02), crealm.asn1Encode());
if (starttime != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode()); true, (byte) 0x03), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), transited.asn1Encode());
if (renewTill != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode()); true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
if (caddr != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode()); true, (byte) 0x06), starttime.asn1Encode());
if (authorizationData != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode());
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp);
return bytes.toByteArray();
} }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x07), endtime.asn1Encode());
if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x08), renewTill.asn1Encode());
}
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), caddr.asn1Encode());
}
if (authorizationData != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), authorizationData.asn1Encode());
}
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x03), temp);
return bytes.toByteArray();
}
} }

294
jdk/src/share/classes/sun/security/krb5/internal/KDCRep.java
View File

@ -35,6 +35,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 KDC-REP type. * Implements the ASN.1 KDC-REP type.
* *
@ -59,163 +60,168 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KDCRep { public class KDCRep {
public Realm crealm;
public PrincipalName cname;
public Ticket ticket;
public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno; public Realm crealm;
private int msgType; public PrincipalName cname;
private PAData[] pAData = null; //optional public Ticket ticket;
private boolean DEBUG = Krb5.DEBUG; public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
private boolean DEBUG = Krb5.DEBUG;
public KDCRep( public KDCRep(
PAData[] new_pAData, PAData[] new_pAData,
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Ticket new_ticket, Ticket new_ticket,
EncryptedData new_encPart, EncryptedData new_encPart,
int req_type int req_type) throws IOException {
) throws IOException { pvno = Krb5.PVNO;
pvno = Krb5.PVNO; msgType = req_type;
msgType = req_type; if (new_pAData != null) {
if (new_pAData != null) { pAData = new PAData[new_pAData.length];
pAData = new PAData[new_pAData.length]; for (int i = 0; i < new_pAData.length; i++) {
for (int i = 0; i < new_pAData.length; i++) { if (new_pAData[i] == null) {
if (new_pAData[i] == null) { throw new IOException("Cannot create a KDCRep");
throw new IOException("Cannot create a KDCRep"); } else {
} else { pAData[i] = (PAData) new_pAData[i].clone();
pAData[i] = (PAData)new_pAData[i].clone();
}
}
} }
crealm = new_crealm; }
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
} }
crealm = new_crealm;
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
}
public KDCRep() { public KDCRep() {
} }
public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException { public KDCRep(byte[] data, int req_type) throws Asn1Exception,
init(new DerValue(data), req_type); KrbApErrException, RealmException, IOException {
} init(new DerValue(data), req_type);
}
public KDCRep(DerValue encoding, int req_type) throws Asn1Exception, public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(encoding, req_type); init(encoding, req_type);
} }
/* /*
// Not used? Don't know what keyusage to use here %%% // Not used? Don't know what keyusage to use here %%%
public void decrypt(EncryptionKey key) throws Asn1Exception,
public void decrypt(EncryptionKey key) throws Asn1Exception, IOException, KrbException, RealmException {
IOException, KrbException, RealmException { encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), }
msgType); */
} /**
*/ * Initializes an KDCRep object.
*
/** * @param encoding a single DER-encoded value.
* Initializes an KDCRep object. * @param req_type reply message type.
* * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @param encoding a single DER-encoded value. * @exception IOException if an I/O error occurs while reading encoded data.
* @param req_type reply message type. * @exception RealmException if an error occurs while constructing
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * a Realm object from DER-encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception KrbApErrException if the value read from the DER-encoded
* @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data. * data stream does not match the pre-defined value.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value. *
* */
*/ protected void init(DerValue encoding, int req_type)
protected void init(DerValue encoding, int req_type)
throws Asn1Exception, RealmException, IOException, throws Asn1Exception, RealmException, IOException,
KrbApErrException { KrbApErrException {
DerValue der, subDer; DerValue der, subDer;
if ((encoding.getTag() & 0x1F) != req_type) { if ((encoding.getTag() & 0x1F) != req_type) {
if (DEBUG) { if (DEBUG) {
System.out.println(">>> KDCRep: init() " + System.out.println(">>> KDCRep: init() " +
"encoding tag is " + "encoding tag is " +
encoding.getTag() + encoding.getTag() +
" req type is " + req_type); " req type is " + req_type);
}
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
DerValue[] padata = subDer.getData().getSequence(1);
pAData = new PAData[padata.length];
for (int i = 0; i < padata.length; i++) {
pAData[i] = new PAData(padata[i]);
}
} else {
pAData = null;
}
crealm = Realm.parse(der.getData(), (byte)0x03, false);
cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
ticket = Ticket.parse(der.getData(), (byte)0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
/** throw new Asn1Exception(Krb5.ASN1_BAD_ID);
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
if (pAData != null && pAData.length > 0) {
DerOutputStream padata_stream = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
padata_stream.write(pAData[i].asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_SequenceOf, padata_stream);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
} }
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
DerValue[] padata = subDer.getData().getSequence(1);
pAData = new PAData[padata.length];
for (int i = 0; i < padata.length; i++) {
pAData[i] = new PAData(padata[i]);
}
} else {
pAData = null;
}
crealm = Realm.parse(der.getData(), (byte) 0x03, false);
cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
if (pAData != null && pAData.length > 0) {
DerOutputStream padata_stream = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
padata_stream.write(pAData[i].asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_SequenceOf, padata_stream);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
} }

267
jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java
View File

@ -56,155 +56,160 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KDCReq { public class KDCReq {
public KDCReqBody reqBody;
private int pvno; public KDCReqBody reqBody;
private int msgType; private int pvno;
private PAData[] pAData = null; //optional private int msgType;
private PAData[] pAData = null; //optional
public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody, public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
int req_type) throws IOException { int req_type) throws IOException {
pvno = Krb5.PVNO; pvno = Krb5.PVNO;
msgType = req_type; msgType = req_type;
if (new_pAData != null) { if (new_pAData != null) {
pAData = new PAData[new_pAData.length]; pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) { for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) { if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep"); throw new IOException("Cannot create a KDCRep");
} else { } else {
pAData[i] = (PAData)new_pAData[i].clone(); pAData[i] = (PAData) new_pAData[i].clone();
}
}
} }
reqBody = new_reqBody; }
} }
reqBody = new_reqBody;
}
public KDCReq() { public KDCReq() {
} }
public KDCReq(byte[] data, int req_type) throws Asn1Exception, public KDCReq(byte[] data, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data), req_type); init(new DerValue(data), req_type);
} }
/** /**
* Creates an KDCReq object from a DerValue object and asn1 type. * Creates an KDCReq object from a DerValue object and asn1 type.
* *
* @param der a DER value of an KDCReq object. * @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value. * @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException * @exceptoin KrbErrException
*/ */
public KDCReq(DerValue der, int req_type) throws Asn1Exception, public KDCReq(DerValue der, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(der, req_type); init(der, req_type);
} }
/** /**
* Initializes a KDCReq object from a DerValue. The DER encoding * Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation. * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
* *
* @param encoding a DER-encoded KDCReq object. * @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object, * @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data. * or a Krb object from DER-encoded data.
*/ */
protected void init(DerValue encoding, int req_type) throws Asn1Exception, protected void init(DerValue encoding, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
DerValue der, subDer; DerValue der, subDer;
BigInteger bint; BigInteger bint;
if ((encoding.getTag() & 0x1F) != req_type) { if ((encoding.getTag() & 0x1F) != req_type) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData> ();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
}
else pAData = null;
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData>();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
} else {
pAData = null;
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes this object to a byte array. * Encodes this object to a byte array.
* *
* @return an byte array of encoded data. * @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* *
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out; DerOutputStream temp, bytes, out;
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
temp = new DerOutputStream(); true, (byte) 0x01), temp);
temp.putInteger(BigInteger.valueOf(msgType)); temp = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp); temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (pAData != null && pAData.length > 0) { if (pAData != null && pAData.length > 0) {
temp = new DerOutputStream(); temp = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) { for (int i = 0; i < pAData.length; i++) {
temp.write(pAData[i].asn1Encode()); temp.write(pAData[i].asn1Encode());
} }
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp); bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x03), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
{
return reqBody.asn1Encode(msgType);
} }
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
return reqBody.asn1Encode(msgType);
}
} }

214
jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java
View File

@ -56,128 +56,134 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KRBCred { public class KRBCred {
public Ticket[] tickets = null;
public EncryptedData encPart;
private int pvno; public Ticket[] tickets = null;
private int msgType; public EncryptedData encPart;
private int pvno;
private int msgType;
public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException { public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
pvno = Krb5.PVNO; pvno = Krb5.PVNO;
msgType = Krb5.KRB_CRED; msgType = Krb5.KRB_CRED;
if (new_tickets != null) { if (new_tickets != null) {
tickets = new Ticket[new_tickets.length]; tickets = new Ticket[new_tickets.length];
for (int i = 0; i < new_tickets.length; i++) { for (int i = 0; i < new_tickets.length; i++) {
if (new_tickets[i] == null) { if (new_tickets[i] == null) {
throw new IOException("Cannot create a KRBCred"); throw new IOException("Cannot create a KRBCred");
} else { } else {
tickets[i] = (Ticket)new_tickets[i].clone(); tickets[i] = (Ticket) new_tickets[i].clone();
}
}
} }
encPart = new_encPart; }
} }
encPart = new_encPart;
}
public KRBCred(byte[] data) throws Asn1Exception, public KRBCred(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(new DerValue(data)); init(new DerValue(data));
}
public KRBCred(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
public KRBCred(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
if (((encoding.getTag() & (byte)0x1F) != (byte)0x16)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue der, subDer; DerValue der, subDer;
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_CRED)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x02) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<Ticket> v = new Vector<Ticket> ();
while (subsubDer.getData().available() > 0) {
v.addElement(new Ticket(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
tickets = new Ticket[v.size()];
v.copyInto(tickets);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_CRED) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x02) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<Ticket> v = new Vector<Ticket>();
while (subsubDer.getData().available() > 0) {
v.addElement(new Ticket(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
tickets = new Ticket[v.size()];
v.copyInto(tickets);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an KRBCred object. * Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object. * @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out; DerOutputStream temp, bytes, out;
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
temp = new DerOutputStream(); true, (byte) 0x00), temp);
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) { temp.putInteger(BigInteger.valueOf(msgType));
temp.write(tickets[i].asn1Encode()); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x01), temp);
temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) {
temp.write(tickets[i].asn1Encode());
}
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp); bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode()); true, (byte) 0x02), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), encPart.asn1Encode());
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out); bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes); out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
return out.toByteArray(); true, (byte) 0x16), bytes);
} return out.toByteArray();
}
} }

22
jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
View File

@ -111,7 +111,7 @@ public class KrbCredInfo {
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
public KrbCredInfo(DerValue encoding) public KrbCredInfo(DerValue encoding)
throws Asn1Exception, IOException, RealmException{ throws Asn1Exception, IOException, RealmException{
if (encoding.getTag() != DerValue.tag_Sequence) { if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
@ -160,25 +160,25 @@ public class KrbCredInfo {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue> ();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
if (prealm != null) if (prealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
if (pname != null) if (pname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
if (flags != null) if (flags != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
if (authtime != null) if (authtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
if (starttime != null) if (starttime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
if (endtime != null) if (endtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
if (renewTill != null) if (renewTill != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
if (srealm != null) if (srealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
if (sname != null) if (sname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
if (caddr != null) if (caddr != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
DerValue der[] = new DerValue[v.size()]; DerValue der[] = new DerValue[v.size()];
v.copyInto(der); v.copyInto(der);
DerOutputStream out = new DerOutputStream(); DerOutputStream out = new DerOutputStream();

293
jdk/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
View File

@ -34,168 +34,171 @@ import sun.security.krb5.*;
import sun.security.krb5.internal.*; import sun.security.krb5.internal.*;
public class Credentials { public class Credentials {
PrincipalName cname;
Realm crealm; PrincipalName cname;
Realm crealm;
PrincipalName sname; PrincipalName sname;
Realm srealm; Realm srealm;
EncryptionKey key; EncryptionKey key;
KerberosTime authtime; KerberosTime authtime;
KerberosTime starttime;//optional KerberosTime starttime;//optional
KerberosTime endtime; KerberosTime endtime;
KerberosTime renewTill; //optional KerberosTime renewTill; //optional
HostAddresses caddr; //optional; for proxied tickets only HostAddresses caddr; //optional; for proxied tickets only
AuthorizationData authorizationData; //optional, not being actually used AuthorizationData authorizationData; //optional, not being actually used
public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
TicketFlags flags; TicketFlags flags;
Ticket ticket; Ticket ticket;
Ticket secondTicket; //optional Ticket secondTicket; //optional
private boolean DEBUG = Krb5.DEBUG; private boolean DEBUG = Krb5.DEBUG;
public Credentials( public Credentials(
PrincipalName new_cname, PrincipalName new_cname,
PrincipalName new_sname, PrincipalName new_sname,
EncryptionKey new_key, EncryptionKey new_key,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
boolean new_isEncInSKey, boolean new_isEncInSKey,
TicketFlags new_flags, TicketFlags new_flags,
HostAddresses new_caddr, HostAddresses new_caddr,
AuthorizationData new_authData, AuthorizationData new_authData,
Ticket new_ticket, Ticket new_ticket,
Ticket new_secondTicket) { Ticket new_secondTicket) {
cname = (PrincipalName)new_cname.clone(); cname = (PrincipalName) new_cname.clone();
if (new_cname.getRealm() != null) if (new_cname.getRealm() != null) {
crealm = (Realm)new_cname.getRealm().clone(); crealm = (Realm) new_cname.getRealm().clone();
sname = (PrincipalName)new_sname.clone();
if (new_sname.getRealm() != null)
srealm = (Realm)new_sname.getRealm().clone();
key = (EncryptionKey)new_key.clone();
authtime = (KerberosTime)new_authtime.clone();
starttime = (KerberosTime)new_starttime.clone();
endtime = (KerberosTime)new_endtime.clone();
renewTill = (KerberosTime)new_renewTill.clone();
if (new_caddr != null)
caddr = (HostAddresses)new_caddr.clone();
if (new_authData != null) {
authorizationData
= (AuthorizationData)new_authData.clone();
}
isEncInSKey = new_isEncInSKey;
flags = (TicketFlags)new_flags.clone();
ticket = (Ticket)(new_ticket.clone());
if (new_secondTicket != null)
secondTicket = (Ticket)new_secondTicket.clone();
} }
sname = (PrincipalName) new_sname.clone();
if (new_sname.getRealm() != null) {
public Credentials( srealm = (Realm) new_sname.getRealm().clone();
KDCRep kdcRep,
Ticket new_secondTicket,
AuthorizationData new_authorizationData,
boolean new_isEncInSKey
) {
if (kdcRep.encKDCRepPart == null) //can't store while encrypted
return;
crealm = (Realm)kdcRep.crealm.clone();
cname = (PrincipalName)kdcRep.cname.clone();
ticket = (Ticket)kdcRep.ticket.clone();
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket)new_secondTicket.clone();
authorizationData =
(AuthorizationData)new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
} }
public Credentials(KDCRep kdcRep) { key = (EncryptionKey) new_key.clone();
this(kdcRep, null);
authtime = (KerberosTime) new_authtime.clone();
starttime = (KerberosTime) new_starttime.clone();
endtime = (KerberosTime) new_endtime.clone();
renewTill = (KerberosTime) new_renewTill.clone();
if (new_caddr != null) {
caddr = (HostAddresses) new_caddr.clone();
}
if (new_authData != null) {
authorizationData = (AuthorizationData) new_authData.clone();
} }
public Credentials(KDCRep kdcRep, Ticket new_ticket) { isEncInSKey = new_isEncInSKey;
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone(); flags = (TicketFlags) new_flags.clone();
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone(); ticket = (Ticket) (new_ticket.clone());
try { if (new_secondTicket != null) {
sname.setRealm(srealm); secondTicket = (Ticket) new_secondTicket.clone();
}
catch (RealmException e) {
}
cname = (PrincipalName)kdcRep.cname.clone();
crealm = (Realm)kdcRep.crealm.clone();
try {
cname.setRealm(crealm);
}
catch (RealmException e) {
}
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
}
else starttime = null;
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
}
else renewTill = null;
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null)
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
else caddr = null;
ticket = (Ticket)kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket)new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
} }
}
/** public Credentials(
* Checks if this credential is expired KDCRep kdcRep,
*/ Ticket new_secondTicket,
public boolean isValid() { AuthorizationData new_authorizationData,
boolean valid = true; boolean new_isEncInSKey) {
if (endtime.getTime() < System.currentTimeMillis()) { if (kdcRep.encKDCRepPart == null) //can't store while encrypted
valid = false; {
} return;
else if ((starttime.getTime() > System.currentTimeMillis())
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
{
valid = false;
}
return valid;
} }
crealm = (Realm) kdcRep.crealm.clone();
cname = (PrincipalName) kdcRep.cname.clone();
ticket = (Ticket) kdcRep.ticket.clone();
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket) new_secondTicket.clone();
authorizationData =
(AuthorizationData) new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
}
public PrincipalName getServicePrincipal() throws RealmException{ public Credentials(KDCRep kdcRep) {
if (sname.getRealm() == null) { this(kdcRep, null);
sname.setRealm(srealm); }
}
return sname;
}
public sun.security.krb5.Credentials setKrbCreds() { public Credentials(KDCRep kdcRep, Ticket new_ticket) {
return new sun.security.krb5.Credentials(ticket, sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr); srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
try {
sname.setRealm(srealm);
} catch (RealmException e) {
} }
cname = (PrincipalName) kdcRep.cname.clone();
crealm = (Realm) kdcRep.crealm.clone();
try {
cname.setRealm(crealm);
} catch (RealmException e) {
}
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
} else {
starttime = null;
}
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
} else {
renewTill = null;
}
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null) {
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
} else {
caddr = null;
}
ticket = (Ticket) kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket) new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
}
/**
* Checks if this credential is expired
*/
public boolean isValid() {
boolean valid = true;
if (endtime.getTime() < System.currentTimeMillis()) {
valid = false;
} else if ((starttime.getTime() > System.currentTimeMillis())
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis()))) {
valid = false;
}
return valid;
}
public PrincipalName getServicePrincipal() throws RealmException {
if (sname.getRealm() == null) {
sname.setRealm(srealm);
}
return sname;
}
public sun.security.krb5.Credentials setKrbCreds() {
return new sun.security.krb5.Credentials(ticket,
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
}
public KerberosTime getAuthTime() { public KerberosTime getAuthTime() {
return authtime; return authtime;

1018
jdk/src/windows/native/sun/security/krb5/NativeCreds.c
View File

File diff suppressed because it is too large Load Diff