stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Tim Bell 2008-03-17 23:03:51 -07:00
commit 3a9b62e3d3
64 changed files with 4056 additions and 2366 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
View File

@ -34,6 +34,7 @@ import java.security.KeyRep;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
@ -107,12 +108,17 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey {
throw new InvalidKeySpecException("Key length is negative");
}
try {
this.prf = Mac.getInstance(prfAlgo, new SunJCE());
this.prf = Mac.getInstance(prfAlgo, "SunJCE");
} catch (NoSuchAlgorithmException nsae) {
// not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nsae);
throw ike;
} catch (NoSuchProviderException nspe) {
// Again, not gonna happen; re-throw just in case
InvalidKeySpecException ike = new InvalidKeySpecException();
ike.initCause(nspe);
throw ike;
}
this.key = deriveKey(prf, passwdBytes, salt, iterCount, keyLength);
}

1
jdk/src/share/classes/java/net/AbstractPlainSocketImpl.java
View File

@ -664,7 +664,6 @@ abstract class AbstractPlainSocketImpl extends SocketImpl
abstract void socketSetOption(int cmd, boolean on, Object value)
throws SocketException;
abstract int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
abstract int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd) throws SocketException;
abstract void socketSendUrgentData(int data)
throws IOException;

6
jdk/src/share/classes/java/net/InterfaceAddress.java
View File

@ -103,11 +103,9 @@ public class InterfaceAddress {
return false;
}
InterfaceAddress cmp = (InterfaceAddress) obj;
if ((address != null & cmp.address == null) ||
(!address.equals(cmp.address)))
if ( !(address == null ? cmp.address == null : address.equals(cmp.address)) )
return false;
if ((broadcast != null & cmp.broadcast == null) ||
(!broadcast.equals(cmp.broadcast)))
if ( !(broadcast == null ? cmp.broadcast == null : broadcast.equals(cmp.broadcast)) )
return false;
if (maskLength != cmp.maskLength)
return false;

2
jdk/src/share/classes/java/net/NetworkInterface.java
View File

@ -425,8 +425,6 @@ public final class NetworkInterface {
return virtual;
}
private native static long getSubnet0(String name, int ind) throws SocketException;
private native static Inet4Address getBroadcast0(String name, int ind) throws SocketException;
private native static boolean isUp0(String name, int ind) throws SocketException;
private native static boolean isLoopback0(String name, int ind) throws SocketException;
private native static boolean supportsMulticast0(String name, int ind) throws SocketException;

3
jdk/src/share/classes/java/net/Socket.java
View File

@ -731,7 +731,8 @@ class Socket implements java.io.Closeable {
* then this method will continue to return the connected address
* after the socket is closed.
*
* @return a <code>SocketAddress</code> reprensenting the remote endpoint of this
* @return a <code>SocketAddress</code> representing the remote endpoint of this
* socket, or <code>null</code> if it is not connected yet.
* @see #getInetAddress()
* @see #getPort()

10
jdk/src/share/classes/java/net/URLConnection.java
View File

@ -1072,7 +1072,7 @@ public abstract class URLConnection {
* properties to be appended into a single property.
*
* @param key the keyword by which the request is known
* (e.g., "<code>accept</code>").
* (e.g., "<code>Accept</code>").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is <CODE>null</CODE>
@ -1096,7 +1096,7 @@ public abstract class URLConnection {
* existing values associated with the same key.
*
* @param key the keyword by which the request is known
* (e.g., "<code>accept</code>").
* (e.g., "<code>Accept</code>").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is null
@ -1120,7 +1120,7 @@ public abstract class URLConnection {
* Returns the value of the named general request property for this
* connection.
*
* @param key the keyword by which the request is known (e.g., "accept").
* @param key the keyword by which the request is known (e.g., "Accept").
* @return the value of the named general request property for this
* connection. If key is null, then null is returned.
* @throws IllegalStateException if already connected
@ -1164,7 +1164,7 @@ public abstract class URLConnection {
* these properties.
*
* @param key the keyword by which the request is known
* (e.g., "<code>accept</code>").
* (e.g., "<code>Accept</code>").
* @param value the value associated with the key.
*
* @see java.net.URLConnection#setRequestProperty(java.lang.String,java.lang.String)
@ -1183,7 +1183,7 @@ public abstract class URLConnection {
* Returns the value of the default request property. Default request
* properties are set for every connection.
*
* @param key the keyword by which the request is known (e.g., "accept").
* @param key the keyword by which the request is known (e.g., "Accept").
* @return the value of the default request property
* for the specified key.
*

4
jdk/src/share/classes/java/security/AccessControlContext.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -322,7 +322,7 @@ public final class AccessControlContext {
debug.println("access denied " + perm);
}
if (Debug.isOn("failure")) {
if (Debug.isOn("failure") && debug != null) {
// Want to make sure this is always displayed for failure,
// but do not want to display again if already displayed
// above.

2
jdk/src/share/classes/java/security/KeyStore.java
View File

@ -789,7 +789,7 @@ public class KeyStore {
* @param alias the alias name
*
* @return the certificate chain (ordered with the user's certificate first
* and the root certificate authority last), or null if the given alias
* followed by zero or more certificate authorities), or null if the given alias
* does not exist or does not contain a certificate chain
*
* @exception KeyStoreException if the keystore has not been initialized

8
jdk/src/share/classes/javax/security/cert/X509Certificate.java
View File

@ -363,7 +363,7 @@ public abstract class X509Certificate extends Certificate {
* subject Name
* </pre>
*
* <p>See <a href = "#getIssuerDN">getIssuerDN</a> for <code>Name</code>
* <p>See {@link #getIssuerDN() getIssuerDN} for <code>Name</code>
* and other relevant definitions.
*
* @return a Principal whose name is the subject name.
@ -393,7 +393,7 @@ public abstract class X509Certificate extends Certificate {
/**
* Gets the <code>notAfter</code> date from the validity period of
* the certificate. See <a href = "#getNotBefore">getNotBefore</a>
* the certificate. See {@link #getNotBefore() getNotBefore}
* for relevant ASN.1 definitions.
*
* @return the end date of the validity period.
@ -429,7 +429,7 @@ public abstract class X509Certificate extends Certificate {
* For example, the string "1.2.840.10040.4.3" identifies the SHA-1
* with DSA signature algorithm, as per the PKIX part I.
*
* <p>See <a href = "#getSigAlgName">getSigAlgName</a> for
* <p>See {@link #getSigAlgName() getSigAlgName} for
* relevant ASN.1 definitions.
*
* @return the signature algorithm OID string.
@ -442,7 +442,7 @@ public abstract class X509Certificate extends Certificate {
* algorithm parameters are null; the parameters are usually
* supplied with the certificate's public key.
*
* <p>See <a href = "#getSigAlgName">getSigAlgName</a> for
* <p>See {@link #getSigAlgName() getSigAlgName} for
* relevant ASN.1 definitions.
*
* @return the DER-encoded signature algorithm parameters, or

13
jdk/src/share/classes/sun/net/www/http/ChunkedOutputStream.java
View File

@ -177,14 +177,23 @@ public class ChunkedOutputStream extends PrintStream {
return;
}
if (len > MAX_BUF_SIZE) {
int l = preferredChunkSize - count;
if ((len > MAX_BUF_SIZE) && (len > l)) {
/* current chunk is empty just write the data */
if (count == 0) {
count = len;
flush (b, false, off);
return;
}
/* first finish the current chunk */
int l = preferredChunkSize - count;
if (l > 0) {
System.arraycopy(b, off, buf, count, l);
count = preferredChunkSize;
flush(buf, false);
}
count = len - l;
/* Now write the rest of the data */
flush (b, false, l+off);

44
jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
View File

@ -64,11 +64,6 @@ import java.text.SimpleDateFormat;
import java.util.TimeZone;
import java.net.MalformedURLException;
import java.nio.ByteBuffer;
import java.nio.channels.ReadableByteChannel;
import java.nio.channels.WritableByteChannel;
import java.nio.channels.Selector;
import java.nio.channels.SelectionKey;
import java.nio.channels.SelectableChannel;
import java.lang.reflect.*;
/**
@ -823,6 +818,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* - get input, [read input,] get output, [write output]
*/
@Override
public synchronized OutputStream getOutputStream() throws IOException {
try {
@ -924,11 +920,11 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if (l != null && !l.isEmpty()) {
StringBuilder cookieValue = new StringBuilder();
for (String value : l) {
cookieValue.append(value).append(';');
cookieValue.append(value).append("; ");
}
// strip off the ending ;-sign
// strip off the trailing '; '
try {
requests.add(key, cookieValue.substring(0, cookieValue.length() - 1));
requests.add(key, cookieValue.substring(0, cookieValue.length() - 2));
} catch (StringIndexOutOfBoundsException ignored) {
// no-op
}
@ -947,6 +943,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
} // end of getting cookies
}
@Override
@SuppressWarnings("empty-statement")
public synchronized InputStream getInputStream() throws IOException {
if (!doInput) {
@ -1380,6 +1378,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public InputStream getErrorStream() {
if (connected && responseCode >= 400) {
// Client Error 4xx and Server Error 5xx
@ -2047,6 +2046,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
*/
private void disconnectInternal() {
responseCode = -1;
inputStream = null;
if (pi != null) {
pi.finishTracking();
pi = null;
@ -2145,6 +2145,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by name. Returns null if not known.
* @param name the name of the header field
*/
@Override
public String getHeaderField(String name) {
try {
getInputStream();
@ -2167,6 +2168,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @return a Map of header fields
* @since 1.4
*/
@Override
public Map<String, List<String>> getHeaderFields() {
try {
getInputStream();
@ -2183,6 +2185,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
@Override
public String getHeaderField(int n) {
try {
getInputStream();
@ -2198,6 +2201,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
@Override
public String getHeaderFieldKey(int n) {
try {
getInputStream();
@ -2215,6 +2219,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* exists, overwrite its value with the new value.
* @param value the value to be set
*/
@Override
public void setRequestProperty(String key, String value) {
if (connected)
throw new IllegalStateException("Already connected");
@ -2236,6 +2241,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see #getRequestProperties(java.lang.String)
* @since 1.4
*/
@Override
public void addRequestProperty(String key, String value) {
if (connected)
throw new IllegalStateException("Already connected");
@ -2255,6 +2261,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
requests.set(key, value);
}
@Override
public String getRequestProperty (String key) {
// don't return headers containing security sensitive information
if (key != null) {
@ -2279,6 +2286,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @throws IllegalStateException if already connected
* @since 1.4
*/
@Override
public Map<String, List<String>> getRequestProperties() {
if (connected)
throw new IllegalStateException("Already connected");
@ -2287,6 +2295,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return requests.getHeaders(EXCLUDE_HEADERS);
}
@Override
public void setConnectTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
@ -2306,6 +2315,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.net.URLConnection#connect()
* @since 1.5
*/
@Override
public int getConnectTimeout() {
return (connectTimeout < 0 ? 0 : connectTimeout);
}
@ -2330,6 +2340,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
@Override
public void setReadTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
@ -2347,10 +2358,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
@Override
public int getReadTimeout() {
return readTimeout < 0 ? 0 : readTimeout;
}
@Override
protected void finalize() {
// this should do nothing. The stream finalizer will close
// the fd
@ -2425,6 +2438,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#reset()
*/
@Override
public synchronized void mark(int readlimit) {
super.mark(readlimit);
if (cacheRequest != null) {
@ -2454,6 +2468,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#mark(int)
*/
@Override
public synchronized void reset() throws IOException {
super.reset();
if (cacheRequest != null) {
@ -2462,6 +2477,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public int read() throws IOException {
try {
byte[] b = new byte[1];
@ -2475,10 +2491,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public int read(byte[] b) throws IOException {
return read(b, 0, b.length);
}
@Override
public int read(byte[] b, int off, int len) throws IOException {
try {
int newLen = super.read(b, off, len);
@ -2509,6 +2527,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public void close () throws IOException {
try {
if (outputStream != null) {
@ -2553,6 +2572,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
error = false;
}
@Override
public void write (int b) throws IOException {
checkError();
written ++;
@ -2562,10 +2582,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
out.write (b);
}
@Override
public void write (byte[] b) throws IOException {
write (b, 0, b.length);
}
@Override
public void write (byte[] b, int off, int len) throws IOException {
checkError();
written += len;
@ -2596,6 +2618,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return closed && ! error;
}
@Override
public void close () throws IOException {
if (closed) {
return;
@ -2714,6 +2737,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public int available() throws IOException {
if (is == null) {
return buffer.remaining();
@ -2728,10 +2752,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return (ret == -1? ret : (b[0] & 0x00FF));
}
@Override
public int read(byte[] b) throws IOException {
return read(b, 0, b.length);
}
@Override
public int read(byte[] b, int off, int len) throws IOException {
int rem = buffer.remaining();
if (rem > 0) {
@ -2747,6 +2773,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public void close() throws IOException {
buffer = null;
if (is != null) {
@ -2763,6 +2790,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
class EmptyInputStream extends InputStream {
@Override
public int available() {
return 0;
}

12
jdk/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2001-2007 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2001-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -518,6 +518,16 @@ final class HttpsClient extends HttpClient
kac.put(url, sslSocketFactory, this);
}
/*
* Close an idle connection to this URL (if it exists in the cache).
*/
public void closeIdleConnection() {
HttpClient http = (HttpClient) kac.get(url, sslSocketFactory);
if (http != null) {
http.closeServer();
}
}
/**
* Returns the cipher suite in use on this connection.
*/

10
jdk/src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
View File

@ -29,9 +29,6 @@ import java.net.URL;
import java.net.InetAddress;
import java.net.SocketPermission;
import java.io.*;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
import java.security.Permission;
import sun.net.www.*;
import sun.net.smtp.SmtpClient;
@ -86,11 +83,11 @@ public class MailToURLConnection extends URLConnection {
}
public void connect() throws IOException {
System.err.println("connect. Timeout = " + connectTimeout);
client = new SmtpClient(connectTimeout);
client.setReadTimeout(readTimeout);
}
@Override
public synchronized OutputStream getOutputStream() throws IOException {
if (os != null) {
return os;
@ -107,6 +104,7 @@ public class MailToURLConnection extends URLConnection {
return os;
}
@Override
public Permission getPermission() throws IOException {
if (permission == null) {
connect();
@ -116,22 +114,26 @@ public class MailToURLConnection extends URLConnection {
return permission;
}
@Override
public void setConnectTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
connectTimeout = timeout;
}
@Override
public int getConnectTimeout() {
return (connectTimeout < 0 ? 0 : connectTimeout);
}
@Override
public void setReadTimeout(int timeout) {
if (timeout < 0)
throw new IllegalArgumentException("timeouts can't be negative");
readTimeout = timeout;
}
@Override
public int getReadTimeout() {
return readTimeout < 0 ? 0 : readTimeout;
}

9
jdk/src/share/classes/sun/security/krb5/Config.java
View File

@ -1040,11 +1040,12 @@ public class Config {
* Check if need to use DNS to locate Kerberos services
*/
public boolean useDNS(String name) {
boolean value = getDefaultBooleanValue(name, "libdefaults");
if (value == false) {
value = getDefaultBooleanValue("dns_fallback", "libdefaults");
String value = getDefault(name, "libdefaults");
if (value == null) {
return getDefaultBooleanValue("dns_fallback", "libdefaults");
} else {
return value.equalsIgnoreCase("true");
}
return value;
}
/**

194
jdk/src/share/classes/sun/security/krb5/KrbTgsReq.java
View File

@ -75,107 +75,107 @@ public class KrbTgsReq extends KrbKdcReq {
null); // EncryptionKey subSessionKey
}
// Called by Credentials, KrbCred
KrbTgsReq(
KDCOptions options,
Credentials asCreds,
PrincipalName sname,
KerberosTime from,
KerberosTime till,
KerberosTime rtime,
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey) throws KrbException, IOException {
// Called by Credentials, KrbCred
KrbTgsReq(
KDCOptions options,
Credentials asCreds,
PrincipalName sname,
KerberosTime from,
KerberosTime till,
KerberosTime rtime,
int[] eTypes,
HostAddresses addresses,
AuthorizationData authorizationData,
Ticket[] additionalTickets,
EncryptionKey subKey) throws KrbException, IOException {
princName = asCreds.client;
servName = sname;
ctime = new KerberosTime(KerberosTime.NOW);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if (options.get(KDCOptions.FORWARDABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.FORWARDED)) {
if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXIABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXY)) {
if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.ALLOW_POSTDATE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.RENEWABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
}
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
princName = asCreds.client;
servName = sname;
ctime = new KerberosTime(KerberosTime.NOW);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if (options.get(KDCOptions.FORWARDABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.FORWARDED)) {
if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXIABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.PROXY)) {
if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.ALLOW_POSTDATE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.RENEWABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
}
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
}
/**
* Sends a TGS request to the realm of the target.

133
jdk/src/share/classes/sun/security/krb5/internal/APRep.java
View File

@ -54,81 +54,88 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class APRep {
public int pvno;
public int msgType;
public EncryptedData encPart;
public APRep(EncryptedData new_encPart) {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REP;
encPart = new_encPart;
}
public int pvno;
public int msgType;
public EncryptedData encPart;
public APRep(byte[] data) throws Asn1Exception,
KrbApErrException, IOException {
init(new DerValue(data));
}
public APRep(EncryptedData new_encPart) {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REP;
encPart = new_encPart;
}
public APRep(byte[] data) throws Asn1Exception,
KrbApErrException, IOException {
init(new DerValue(data));
}
public APRep(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException {
init(encoding);
}
KrbApErrException, IOException {
init(encoding);
}
/**
* Initializes an APRep object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
*/
/**
* Initializes an APRep object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
*/
private void init(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException {
KrbApErrException, IOException {
if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
}
DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
DerValue subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REP)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
encPart = EncryptedData.parse(der.getData(), (byte)0x02, false);
if (der.getData().available() > 0)
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REP) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an APRep object.
* @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an APRep object.
* @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream aprep = new DerOutputStream();
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp);
return aprep.toByteArray();
}
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream aprep = new DerOutputStream();
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
return aprep.toByteArray();
}
}

160
jdk/src/share/classes/sun/security/krb5/internal/APReq.java
View File

@ -54,94 +54,98 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class APReq {
public int pvno;
public int msgType;
public APOptions apOptions;
public Ticket ticket;
public EncryptedData authenticator;
public APReq(
APOptions new_apOptions,
Ticket new_ticket,
EncryptedData new_authenticator
) {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ;
apOptions = new_apOptions;
ticket = new_ticket;
authenticator = new_authenticator;
}
public int pvno;
public int msgType;
public APOptions apOptions;
public Ticket ticket;
public EncryptedData authenticator;
public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException {
public APReq(
APOptions new_apOptions,
Ticket new_ticket,
EncryptedData new_authenticator) {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ;
apOptions = new_apOptions;
ticket = new_ticket;
authenticator = new_authenticator;
}
public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data));
}
}
public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding);
}
init(encoding);
}
/**
* Initializes an APReq object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbApErrException, RealmException {
DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
/**
* Initializes an APReq object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbApErrException, RealmException {
DerValue der, subDer;
if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
ticket = Ticket.parse(der.getData(), (byte)0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an APReq object.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an APReq object.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream apreq = new DerOutputStream();
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp);
return apreq.toByteArray();
}
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream apreq = new DerOutputStream();
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
return apreq.toByteArray();
}
}

44
jdk/src/share/classes/sun/security/krb5/internal/ASRep.java
View File

@ -40,30 +40,28 @@ import java.io.IOException;
public class ASRep extends KDCRep {
public ASRep(
PAData[] new_pAData,
Realm new_crealm,
PrincipalName new_cname,
Ticket new_ticket,
EncryptedData new_encPart
) throws IOException {
super(new_pAData, new_crealm, new_cname, new_ticket,
new_encPart, Krb5.KRB_AS_REP);
}
public ASRep(
PAData[] new_pAData,
Realm new_crealm,
PrincipalName new_cname,
Ticket new_ticket,
EncryptedData new_encPart) throws IOException {
super(new_pAData, new_crealm, new_cname, new_ticket,
new_encPart, Krb5.KRB_AS_REP);
}
public ASRep(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(new DerValue(data));
}
public ASRep(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(new DerValue(data));
}
public ASRep(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
public ASRep(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
}

23
jdk/src/share/classes/sun/security/krb5/internal/ASReq.java
View File

@ -36,20 +36,19 @@ import java.io.IOException;
public class ASReq extends KDCReq {
public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
}
public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
}
public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
init(new DerValue(data));
}
public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
init(new DerValue(data));
}
public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException {
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
}

251
jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java
View File

@ -34,6 +34,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
/**
* Implements the ASN.1 Authenticator type.
*
@ -58,6 +59,7 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class Authenticator {
public int authenticator_vno;
public Realm crealm;
public PrincipalName cname;
@ -68,137 +70,145 @@ public class Authenticator {
Integer seqNumber; //optional
public AuthorizationData authorizationData; //optional
public Authenticator (
Realm new_crealm,
PrincipalName new_cname,
Checksum new_cksum,
int new_cusec,
KerberosTime new_ctime,
EncryptionKey new_subKey,
Integer new_seqNumber,
AuthorizationData new_authorizationData
) {
authenticator_vno = Krb5.AUTHNETICATOR_VNO;
crealm = new_crealm;
cname = new_cname;
cksum = new_cksum;
cusec = new_cusec;
ctime = new_ctime;
subKey = new_subKey;
seqNumber = new_seqNumber;
authorizationData = new_authorizationData;
}
public Authenticator(
Realm new_crealm,
PrincipalName new_cname,
Checksum new_cksum,
int new_cusec,
KerberosTime new_ctime,
EncryptionKey new_subKey,
Integer new_seqNumber,
AuthorizationData new_authorizationData) {
authenticator_vno = Krb5.AUTHNETICATOR_VNO;
crealm = new_crealm;
cname = new_cname;
cksum = new_cksum;
cusec = new_cusec;
ctime = new_ctime;
subKey = new_subKey;
seqNumber = new_seqNumber;
authorizationData = new_authorizationData;
}
public Authenticator(byte[] data)
throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data));
}
public Authenticator(byte[] data)
throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data));
}
public Authenticator(DerValue encoding)
throws Asn1Exception,IOException, KrbApErrException, RealmException {
init(encoding);
}
public Authenticator(DerValue encoding)
throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding);
}
/**
* Initializes an Authenticator object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding)
throws Asn1Exception, IOException, KrbApErrException, RealmException {
DerValue der, subDer;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
if (((encoding.getTag() & (byte)0x1F) != (byte)0x02)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
/**
* Initializes an Authenticator object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding)
throws Asn1Exception, IOException, KrbApErrException, RealmException {
DerValue der, subDer;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
authenticator_vno = subDer.getData().getBigInteger().intValue();
if (authenticator_vno != 5)
if (authenticator_vno != 5) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
crealm = Realm.parse(der.getData(), (byte)0x01, false);
cname = PrincipalName.parse(der.getData(), (byte)0x02, false);
cksum = Checksum.parse(der.getData(), (byte)0x03, true);
}
crealm = Realm.parse(der.getData(), (byte) 0x01, false);
cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
} else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == 0x04) {
cusec = subDer.getData().getBigInteger().intValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
ctime = KerberosTime.parse(der.getData(), (byte)0x05, false);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true);
}
else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
}
else {
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true);
}
else authorizationData = null;
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
} else {
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
} else {
authorizationData = null;
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an Authenticator object.
* @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue> ();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(authenticator_vno));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode()));
if (cksum != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode()));
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode()));
if (subKey != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode()));
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
}
if (authorizationData != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
return out.toByteArray();
/**
* Encodes an Authenticator object.
* @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(authenticator_vno));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
if (cksum != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
}
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
if (subKey != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
}
if (authorizationData != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
return out.toByteArray();
}
public final Checksum getChecksum() {
return cksum;
@ -211,5 +221,4 @@ public class Authenticator {
public final EncryptionKey getSubKey() {
return subKey;
}
}

176
jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
View File

@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
* }
*/
public class AuthorizationData implements Cloneable {
private AuthorizationDataEntry[] entry = null;
private AuthorizationData() {
}
private AuthorizationDataEntry[] entry = null;
public AuthorizationData(
AuthorizationDataEntry[] new_entries
) throws IOException {
if (new_entries != null) {
entry = new AuthorizationDataEntry[new_entries.length];
for (int i = 0; i < new_entries.length; i++) {
if (new_entries[i] == null) {
throw new IOException("Cannot create an AuthorizationData");
} else {
entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
}
}
}
}
private AuthorizationData() {
}
public AuthorizationData(
AuthorizationDataEntry new_entry
) {
entry = new AuthorizationDataEntry[1];
entry[0] = new_entry;
public AuthorizationData(AuthorizationDataEntry[] new_entries)
throws IOException {
if (new_entries != null) {
entry = new AuthorizationDataEntry[new_entries.length];
for (int i = 0; i < new_entries.length; i++) {
if (new_entries[i] == null) {
throw new IOException("Cannot create an AuthorizationData");
} else {
entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
}
}
}
}
public Object clone() {
AuthorizationData new_authorizationData =
new AuthorizationData();
if (entry != null) {
new_authorizationData.entry =
new AuthorizationDataEntry[entry.length];
for (int i = 0; i < entry.length; i++)
new_authorizationData.entry[i] =
(AuthorizationDataEntry)entry[i].clone();
}
return new_authorizationData;
}
public AuthorizationData(AuthorizationDataEntry new_entry) {
entry = new AuthorizationDataEntry[1];
entry[0] = new_entry;
}
/**
* Constructs a new <code>AuthorizationData,</code> instance.
* @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
Vector<AuthorizationDataEntry> v =
new Vector<AuthorizationDataEntry> ();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
while (der.getData().available() > 0) {
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
public Object clone() {
AuthorizationData new_authorizationData =
new AuthorizationData();
if (entry != null) {
new_authorizationData.entry =
new AuthorizationDataEntry[entry.length];
for (int i = 0; i < entry.length; i++) {
new_authorizationData.entry[i] =
(AuthorizationDataEntry) entry[i].clone();
}
}
return new_authorizationData;
}
/**
* Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerValue der[] = new DerValue[entry.length];
for (int i = 0; i < entry.length; i++) {
der[i] = new DerValue(entry[i].asn1Encode());
}
bytes.putSequence(der);
return bytes.toByteArray();
/**
* Constructs a new <code>AuthorizationData,</code> instance.
* @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
Vector<AuthorizationDataEntry> v =
new Vector<AuthorizationDataEntry>();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
while (der.getData().available() > 0) {
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
}
/**
* Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerValue der[] = new DerValue[entry.length];
for (int i = 0; i < entry.length; i++) {
der[i] = new DerValue(entry[i].asn1Encode());
}
bytes.putSequence(der);
return bytes.toByteArray();
}
/**
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream.
@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable {
* @return an instance of AuthorizationData.
*
*/
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{
if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) {
return null;
}
DerValue der = data.getDerValue();
if (explicitTag != (der.getTag() & (byte)0x1F)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
else {
DerValue subDer = der.getData().getDerValue();
return new AuthorizationData(subDer);
}
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
return null;
}
DerValue der = data.getDerValue();
if (explicitTag != (der.getTag() & (byte) 0x1F)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} else {
DerValue subDer = der.getData().getDerValue();
return new AuthorizationData(subDer);
}
}
/**
* Writes <code>AuthorizationData</code> data fields to a output stream.
*
* @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs.
*/
public void writeAuth(CCacheOutputStream cos) throws IOException {
for (int i = 0; i < entry.length; i++) {
entry[i].writeEntry(cos);
}
/**
* Writes <code>AuthorizationData</code> data fields to a output stream.
*
* @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs.
*/
public void writeAuth(CCacheOutputStream cos) throws IOException {
for (int i = 0; i < entry.length; i++) {
entry[i].writeEntry(cos);
}
}
public String toString() {
String retVal = "AuthorizationData:\n";

144
jdk/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
View File

@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception;
import sun.security.krb5.internal.ccache.CCacheOutputStream;
public class AuthorizationDataEntry implements Cloneable {
public int adType;
public byte[] adData;
private AuthorizationDataEntry() {
public int adType;
public byte[] adData;
private AuthorizationDataEntry() {
}
public AuthorizationDataEntry(
int new_adType,
byte[] new_adData) {
adType = new_adType;
adData = new_adData;
}
public Object clone() {
AuthorizationDataEntry new_authorizationDataEntry =
new AuthorizationDataEntry();
new_authorizationDataEntry.adType = adType;
if (adData != null) {
new_authorizationDataEntry.adData = new byte[adData.length];
System.arraycopy(adData, 0,
new_authorizationDataEntry.adData, 0, adData.length);
}
return new_authorizationDataEntry;
}
public AuthorizationDataEntry(
int new_adType,
byte[] new_adData
) {
adType = new_adType;
adData = new_adData;
}
public Object clone() {
AuthorizationDataEntry new_authorizationDataEntry =
new AuthorizationDataEntry();
new_authorizationDataEntry.adType = adType;
if (adData != null) {
new_authorizationDataEntry.adData = new byte[adData.length];
System.arraycopy(adData, 0,
new_authorizationDataEntry.adData, 0, adData.length);
}
return new_authorizationDataEntry;
}
/**
* Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value.
*/
public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
DerValue der;
/**
* Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value.
*/
public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
DerValue der;
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
adType = der.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x01) {
adData = der.getData().getOctetString();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (encoding.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
adType = der.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
adData = der.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (encoding.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(adType);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putOctetString(adData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
DerOutputStream temp = new DerOutputStream();
temp.putInteger(adType);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putOctetString(adData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
/**
* Writes the entry's data fields in FCC format to an output stream.
*
* @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs.
*/
public void writeEntry(CCacheOutputStream cos) throws IOException {
cos.write16(adType);
cos.write32(adData.length);
cos.write(adData, 0, adData.length);
}
/**
* Writes the entry's data fields in FCC format to an output stream.
*
* @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs.
*/
public void writeEntry(CCacheOutputStream cos) throws IOException {
cos.write16(adType);
cos.write32(adData.length);
cos.write(adData, 0, adData.length);
}
public String toString() {
return ("adType=" + adType + " adData.length=" + adData.length);
}
}

8
jdk/src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
View File

@ -100,16 +100,16 @@ public class ETypeInfo2 {
// salt
if (encoding.getData().available() > 0) {
der = encoding.getData().getDerValue();
if ((der.getTag() & 0x1F) == 0x01) {
if ((encoding.getData().peekByte() & 0x1F) == 0x01) {
der = encoding.getData().getDerValue();
this.saltStr = der.getData().getGeneralString();
}
}
// s2kparams
if (encoding.getData().available() > 0) {
der = encoding.getData().getDerValue();
if ((der.getTag() & 0x1F) == 0x02) {
if ((encoding.getData().peekByte() & 0x1F) == 0x02) {
der = encoding.getData().getDerValue();
this.s2kparams = der.getData().getOctetString();
}
}

180
jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
View File

@ -55,102 +55,111 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncAPRepPart {
public KerberosTime ctime;
public int cusec;
public KerberosTime ctime;
public int cusec;
EncryptionKey subKey; //optional
Integer seqNumber; //optional
public EncAPRepPart(
KerberosTime new_ctime,
int new_cusec,
EncryptionKey new_subKey,
Integer new_seqNumber
) {
ctime = new_ctime;
cusec = new_cusec;
subKey = new_subKey;
seqNumber = new_seqNumber;
}
public EncAPRepPart(
KerberosTime new_ctime,
int new_cusec,
EncryptionKey new_subKey,
Integer new_seqNumber) {
ctime = new_ctime;
cusec = new_cusec;
subKey = new_subKey;
seqNumber = new_seqNumber;
}
public EncAPRepPart(byte[] data)
throws Asn1Exception, IOException {
init(new DerValue(data));
}
public EncAPRepPart(byte[] data)
throws Asn1Exception, IOException {
init(new DerValue(data));
}
public EncAPRepPart(DerValue encoding)
throws Asn1Exception, IOException {
init(encoding);
}
public EncAPRepPart(DerValue encoding)
throws Asn1Exception, IOException {
init(encoding);
}
/**
* Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
/**
* Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer;
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
cusec = subDer.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
}
else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
} else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException{
Vector<DerValue> v = new Vector<DerValue> ();
/**
* Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode()));
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray()));
if (subKey != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode()));
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
return out.toByteArray();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), ctime.asn1Encode()));
temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp.toByteArray()));
if (subKey != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), subKey.asn1Encode()));
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), temp.toByteArray()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1B), temp);
return out.toByteArray();
}
public final EncryptionKey getSubKey() {
return subKey;
@ -159,5 +168,4 @@ public class EncAPRepPart {
public final Integer getSeqNumber() {
return seqNumber;
}
}

94
jdk/src/share/classes/sun/security/krb5/internal/EncASRepPart.java
View File

@ -36,57 +36,55 @@ import java.io.IOException;
public class EncASRepPart extends EncKDCRepPart {
public EncASRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr
) {
super(
new_key,
new_lastReq,
new_nonce,
new_keyExpiration,
new_flags,
new_authtime,
new_starttime,
new_endtime,
new_renewTill,
new_srealm,
new_sname,
new_caddr,
Krb5.KRB_ENC_AS_REP_PART
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
public EncASRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr) {
super(
new_key,
new_lastReq,
new_nonce,
new_keyExpiration,
new_flags,
new_authtime,
new_starttime,
new_endtime,
new_renewTill,
new_srealm,
new_sname,
new_caddr,
Krb5.KRB_ENC_AS_REP_PART
);
}
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
}
public EncASRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException {
init(new DerValue(data));
}
public EncASRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException {
init(new DerValue(data));
}
public EncASRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding);
}
public EncASRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding, Krb5.KRB_ENC_AS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding, Krb5.KRB_ENC_AS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
}

273
jdk/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
View File

@ -36,6 +36,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
/**
* Implements the ASN.1 EncKDCRepPart type.
*
@ -63,143 +64,163 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncKDCRepPart {
public EncryptionKey key;
public LastReq lastReq;
public int nonce;
public KerberosTime keyExpiration; //optional
public TicketFlags flags;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public Realm srealm;
public PrincipalName sname;
public HostAddresses caddr; //optional
public int msgType; //not included in sequence
public EncKDCRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr,
int new_msgType
) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncryptionKey key;
public LastReq lastReq;
public int nonce;
public KerberosTime keyExpiration; //optional
public TicketFlags flags;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public Realm srealm;
public PrincipalName sname;
public HostAddresses caddr; //optional
public int msgType; //not included in sequence
public EncKDCRepPart() {
}
public EncKDCRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr,
int new_msgType) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncKDCRepPart(byte[] data, int rep_type)
throws Asn1Exception, IOException, RealmException{
init(new DerValue(data), rep_type);
}
public EncKDCRepPart() {
}
public EncKDCRepPart(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException
{
init(encoding, rep_type);
}
public EncKDCRepPart(byte[] data, int rep_type)
throws Asn1Exception, IOException, RealmException {
init(new DerValue(data), rep_type);
}
/**
* Initializes an EncKDCRepPart object.
*
* @param encoding a single DER-encoded value.
* @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while decoding an Realm object.
*/
protected void init(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException
{
DerValue der, subDer;
//implementations return the incorrect tag value, so
//we don't use the above line; instead we use the following
msgType = (encoding.getTag() & (byte)0x1F);
public EncKDCRepPart(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException {
init(encoding, rep_type);
}
/**
* Initializes an EncKDCRepPart object.
*
* @param encoding a single DER-encoded value.
* @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while decoding an Realm object.
*/
protected void init(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException {
DerValue der, subDer;
//implementations return the incorrect tag value, so
//we don't use the above line; instead we use the following
msgType = (encoding.getTag() & (byte) 0x1F);
if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
msgType != Krb5.KRB_ENC_TGS_REP_PART)
msgType != Krb5.KRB_ENC_TGS_REP_PART) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
nonce = subDer.getData().getBigInteger().intValue();
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
srealm = Realm.parse(der.getData(), (byte)0x09, false);
sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
if (der.getData().available() > 0)
caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
nonce = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
srealm = Realm.parse(der.getData(), (byte) 0x09, false);
sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
if (der.getData().available() > 0) {
caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode(int rep_type) throws Asn1Exception,
IOException {
/**
* Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode(int rep_type) throws Asn1Exception,
IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), lastReq.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (keyExpiration != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
if (starttime != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
if (renewTill != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
if (caddr != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
return bytes.toByteArray();
if (keyExpiration != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), keyExpiration.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), starttime.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x07), endtime.asn1Encode());
if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x08), renewTill.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), sname.asn1Encode());
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0B), caddr.asn1Encode());
}
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), temp);
return bytes.toByteArray();
}
}

267
jdk/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
View File

@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
/**
* Implements the ASN.1 EncKrbCredPart type.
*
@ -57,148 +58,158 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncKrbCredPart {
public KrbCredInfo[] ticketInfo = null;
public KerberosTime timeStamp; //optional
private Integer nonce; //optional
private Integer usec; //optional
private HostAddress sAddress; //optional
private HostAddresses rAddress; //optional
public KrbCredInfo[] ticketInfo = null;
public KerberosTime timeStamp; //optional
private Integer nonce; //optional
private Integer usec; //optional
private HostAddress sAddress; //optional
private HostAddresses rAddress; //optional
public EncKrbCredPart(
KrbCredInfo[] new_ticketInfo,
KerberosTime new_timeStamp,
Integer new_usec,
Integer new_nonce,
HostAddress new_sAddress,
HostAddresses new_rAddress
) throws IOException {
if (new_ticketInfo != null) {
ticketInfo = new KrbCredInfo[new_ticketInfo.length];
for (int i = 0; i < new_ticketInfo.length; i++) {
if (new_ticketInfo[i] == null) {
throw new IOException("Cannot create a EncKrbCredPart");
} else {
ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
}
}
public EncKrbCredPart(
KrbCredInfo[] new_ticketInfo,
KerberosTime new_timeStamp,
Integer new_usec,
Integer new_nonce,
HostAddress new_sAddress,
HostAddresses new_rAddress) throws IOException {
if (new_ticketInfo != null) {
ticketInfo = new KrbCredInfo[new_ticketInfo.length];
for (int i = 0; i < new_ticketInfo.length; i++) {
if (new_ticketInfo[i] == null) {
throw new IOException("Cannot create a EncKrbCredPart");
} else {
ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
}
timeStamp = new_timeStamp;
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
}
timeStamp = new_timeStamp;
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbCredPart(byte[] data) throws Asn1Exception,
IOException, RealmException {
init(new DerValue(data));
}
public EncKrbCredPart(byte[] data) throws Asn1Exception,
IOException, RealmException {
init(new DerValue(data));
}
public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
IOException, RealmException {
init(encoding);
}
public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
IOException, RealmException {
init(encoding);
}
/**
* Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
IOException, RealmException {
DerValue der, subDer;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
nonce = null;
timeStamp = null;
usec= null;
/**
* Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
IOException, RealmException {
DerValue der, subDer;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
nonce = null;
timeStamp = null;
usec = null;
sAddress = null;
rAddress = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
DerValue derValues[] = subDer.getData().getSequence(1);
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
DerValue derValues[] = subDer.getData().getSequence(1);
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getData().available() > 0) {
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) {
subDer = der.getData().getDerValue();
nonce = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() >0) {
timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true);
}
if (der.getData().available() >0) {
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() >0) {
sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
}
if (der.getData().available() >0) {
rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() >0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
nonce = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() > 0) {
timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() > 0) {
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
}
if (der.getData().available() > 0) {
rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException{
/**
* Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
DerValue[] tickets = new DerValue[ticketInfo.length];
for (int i = 0; i < ticketInfo.length; i++)
tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
temp.putSequence(tickets);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
if (nonce != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(nonce.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
}
if (timeStamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode());
}
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
}
if (sAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
}
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
return bytes.toByteArray();
DerOutputStream temp = new DerOutputStream();
DerValue[] tickets = new DerValue[ticketInfo.length];
for (int i = 0; i < ticketInfo.length; i++) {
tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
}
temp.putSequence(tickets);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
if (nonce != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(nonce.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
}
if (timeStamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), timeStamp.asn1Encode());
}
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), temp);
}
if (sAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), sAddress.asn1Encode());
}
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1D), temp);
return bytes.toByteArray();
}
}

197
jdk/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
View File

@ -55,114 +55,119 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncKrbPrivPart {
public byte[] userData = null;
public KerberosTime timestamp; //optional
public Integer usec; //optional
public Integer seqNumber; //optional
public HostAddress sAddress; //optional
public HostAddress rAddress; //optional
public EncKrbPrivPart(
byte[] new_userData,
KerberosTime new_timestamp,
Integer new_usec,
Integer new_seqNumber,
HostAddress new_sAddress,
HostAddress new_rAddress
) {
if (new_userData != null) {
userData = new_userData.clone();
}
timestamp = new_timestamp;
usec = new_usec;
seqNumber = new_seqNumber;
sAddress = new_sAddress;
rAddress = new_rAddress;
public byte[] userData = null;
public KerberosTime timestamp; //optional
public Integer usec; //optional
public Integer seqNumber; //optional
public HostAddress sAddress; //optional
public HostAddress rAddress; //optional
public EncKrbPrivPart(
byte[] new_userData,
KerberosTime new_timestamp,
Integer new_usec,
Integer new_seqNumber,
HostAddress new_sAddress,
HostAddress new_rAddress) {
if (new_userData != null) {
userData = new_userData.clone();
}
timestamp = new_timestamp;
usec = new_usec;
seqNumber = new_seqNumber;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
init(new DerValue(data));
}
public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
init(new DerValue(data));
}
public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
init(encoding);
}
public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
init(encoding);
}
/**
* Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private void init(DerValue encoding) throws Asn1Exception, IOException {
/**
* Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
userData = subDer.getData().getOctetString();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
else usec = null;
if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
userData = subDer.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
} else {
usec = null;
}
if ((der.getData().peekByte() & 0x1F) == 0x03) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
temp.putOctetString(userData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
if (timestamp != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode());
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
return bytes.toByteArray();
temp.putOctetString(userData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
if (timestamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
}
if (usec != null) {
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(usec.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
}
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
if (rAddress != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
return bytes.toByteArray();
}
}

91
jdk/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
View File

@ -35,55 +35,52 @@ import java.io.IOException;
public class EncTGSRepPart extends EncKDCRepPart {
public EncTGSRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr
) {
super(
new_key,
new_lastReq,
new_nonce,
new_keyExpiration,
new_flags,
new_authtime,
new_starttime,
new_endtime,
new_renewTill,
new_srealm,
new_sname,
new_caddr,
Krb5.KRB_ENC_TGS_REP_PART
);
}
public EncTGSRepPart(
EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr) {
super(
new_key,
new_lastReq,
new_nonce,
new_keyExpiration,
new_flags,
new_authtime,
new_starttime,
new_endtime,
new_renewTill,
new_srealm,
new_sname,
new_caddr,
Krb5.KRB_ENC_TGS_REP_PART);
}
public EncTGSRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException {
init(new DerValue(data));
}
public EncTGSRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException {
init(new DerValue(data));
}
public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding);
}
public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding);
}
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException {
init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
}

247
jdk/src/share/classes/sun/security/krb5/internal/EncTicketPart.java
View File

@ -62,69 +62,68 @@ import java.io.*;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncTicketPart {
public TicketFlags flags;
public EncryptionKey key;
public Realm crealm;
public PrincipalName cname;
public TransitedEncoding transited;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public HostAddresses caddr; //optional
public AuthorizationData authorizationData; //optional
public EncTicketPart(
TicketFlags new_flags,
EncryptionKey new_key,
Realm new_crealm,
PrincipalName new_cname,
TransitedEncoding new_transited,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
HostAddresses new_caddr,
AuthorizationData new_authorizationData
) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public TicketFlags flags;
public EncryptionKey key;
public Realm crealm;
public PrincipalName cname;
public TransitedEncoding transited;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public HostAddresses caddr; //optional
public AuthorizationData authorizationData; //optional
public EncTicketPart(byte[] data)
throws Asn1Exception, KrbException, IOException {
init(new DerValue(data));
}
public EncTicketPart(
TicketFlags new_flags,
EncryptionKey new_key,
Realm new_crealm,
PrincipalName new_cname,
TransitedEncoding new_transited,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
HostAddresses new_caddr,
AuthorizationData new_authorizationData) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public EncTicketPart(DerValue encoding)
throws Asn1Exception, KrbException, IOException {
init(encoding);
}
public EncTicketPart(byte[] data)
throws Asn1Exception, KrbException, IOException {
init(new DerValue(data));
}
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public EncTicketPart(DerValue encoding)
throws Asn1Exception, KrbException, IOException {
init(encoding);
}
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private static String getHexBytes(byte[] bytes, int len)
throws IOException {
throws IOException {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < len; i++) {
int b1 = (bytes[i]>>4) & 0x0f;
int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1));
@ -134,73 +133,91 @@ public class EncTicketPart {
return sb.toString();
}
private void init(DerValue encoding)
throws Asn1Exception, IOException, RealmException {
DerValue der, subDer;
private void init(DerValue encoding)
throws Asn1Exception, IOException, RealmException {
DerValue der, subDer;
renewTill = null;
caddr = null;
authorizationData = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x03)
renewTill = null;
caddr = null;
authorizationData = null;
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
flags = TicketFlags.parse(der.getData(), (byte)0x00, false);
key = EncryptionKey.parse(der.getData(), (byte)0x01, false);
crealm = Realm.parse(der.getData(), (byte)0x02, false);
cname = PrincipalName.parse(der.getData(), (byte)0x03, false);
transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
if (der.getData().available() > 0) {
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
}
if (der.getData().available() > 0) {
caddr = HostAddresses.parse(der.getData(), (byte)0x09, true);
}
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true);
}
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
crealm = Realm.parse(der.getData(), (byte) 0x02, false);
cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
if (der.getData().available() > 0) {
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
}
if (der.getData().available() > 0) {
caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
}
if (der.getData().available() > 0) {
authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
/**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
}
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
if (starttime != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
if (renewTill != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
if (caddr != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode());
if (authorizationData != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode());
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp);
return bytes.toByteArray();
DerOutputStream temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), transited.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), starttime.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x07), endtime.asn1Encode());
if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x08), renewTill.asn1Encode());
}
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), caddr.asn1Encode());
}
if (authorizationData != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), authorizationData.asn1Encode());
}
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x03), temp);
return bytes.toByteArray();
}
}

294
jdk/src/share/classes/sun/security/krb5/internal/KDCRep.java
View File

@ -35,6 +35,7 @@ import sun.security.util.*;
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
/**
* Implements the ASN.1 KDC-REP type.
*
@ -59,163 +60,168 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class KDCRep {
public Realm crealm;
public PrincipalName cname;
public Ticket ticket;
public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
private boolean DEBUG = Krb5.DEBUG;
public Realm crealm;
public PrincipalName cname;
public Ticket ticket;
public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
private boolean DEBUG = Krb5.DEBUG;
public KDCRep(
PAData[] new_pAData,
Realm new_crealm,
PrincipalName new_cname,
Ticket new_ticket,
EncryptedData new_encPart,
int req_type
) throws IOException {
pvno = Krb5.PVNO;
msgType = req_type;
if (new_pAData != null) {
pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep");
} else {
pAData[i] = (PAData)new_pAData[i].clone();
}
}
public KDCRep(
PAData[] new_pAData,
Realm new_crealm,
PrincipalName new_cname,
Ticket new_ticket,
EncryptedData new_encPart,
int req_type) throws IOException {
pvno = Krb5.PVNO;
msgType = req_type;
if (new_pAData != null) {
pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep");
} else {
pAData[i] = (PAData) new_pAData[i].clone();
}
crealm = new_crealm;
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
}
}
crealm = new_crealm;
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
}
public KDCRep() {
}
public KDCRep() {
}
public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException {
init(new DerValue(data), req_type);
}
public KDCRep(byte[] data, int req_type) throws Asn1Exception,
KrbApErrException, RealmException, IOException {
init(new DerValue(data), req_type);
}
public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, req_type);
}
public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, req_type);
}
/*
// Not used? Don't know what keyusage to use here %%%
public void decrypt(EncryptionKey key) throws Asn1Exception,
IOException, KrbException, RealmException {
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key),
msgType);
}
*/
/**
* Initializes an KDCRep object.
*
* @param encoding a single DER-encoded value.
* @param req_type reply message type.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
*
*/
protected void init(DerValue encoding, int req_type)
public void decrypt(EncryptionKey key) throws Asn1Exception,
IOException, KrbException, RealmException {
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
}
*/
/**
* Initializes an KDCRep object.
*
* @param encoding a single DER-encoded value.
* @param req_type reply message type.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while constructing
* a Realm object from DER-encoded data.
* @exception KrbApErrException if the value read from the DER-encoded
* data stream does not match the pre-defined value.
*
*/
protected void init(DerValue encoding, int req_type)
throws Asn1Exception, RealmException, IOException,
KrbApErrException {
DerValue der, subDer;
if ((encoding.getTag() & 0x1F) != req_type) {
if (DEBUG) {
System.out.println(">>> KDCRep: init() " +
"encoding tag is " +
encoding.getTag() +
" req type is " + req_type);
}
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
DerValue[] padata = subDer.getData().getSequence(1);
pAData = new PAData[padata.length];
for (int i = 0; i < padata.length; i++) {
pAData[i] = new PAData(padata[i]);
}
} else {
pAData = null;
}
crealm = Realm.parse(der.getData(), (byte)0x03, false);
cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
ticket = Ticket.parse(der.getData(), (byte)0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
KrbApErrException {
DerValue der, subDer;
if ((encoding.getTag() & 0x1F) != req_type) {
if (DEBUG) {
System.out.println(">>> KDCRep: init() " +
"encoding tag is " +
encoding.getTag() +
" req type is " + req_type);
}
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
if (pAData != null && pAData.length > 0) {
DerOutputStream padata_stream = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
padata_stream.write(pAData[i].asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_SequenceOf, padata_stream);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
DerValue[] padata = subDer.getData().getSequence(1);
pAData = new PAData[padata.length];
for (int i = 0; i < padata.length; i++) {
pAData[i] = new PAData(padata[i]);
}
} else {
pAData = null;
}
crealm = Realm.parse(der.getData(), (byte) 0x03, false);
cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
if (pAData != null && pAData.length > 0) {
DerOutputStream padata_stream = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
padata_stream.write(pAData[i].asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_SequenceOf, padata_stream);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
}

267
jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java
View File

@ -56,155 +56,160 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class KDCReq {
public KDCReqBody reqBody;
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
public KDCReqBody reqBody;
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
int req_type) throws IOException {
pvno = Krb5.PVNO;
msgType = req_type;
if (new_pAData != null) {
pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep");
} else {
pAData[i] = (PAData)new_pAData[i].clone();
}
}
public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
int req_type) throws IOException {
pvno = Krb5.PVNO;
msgType = req_type;
if (new_pAData != null) {
pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep");
} else {
pAData[i] = (PAData) new_pAData[i].clone();
}
reqBody = new_reqBody;
}
}
reqBody = new_reqBody;
}
public KDCReq() {
}
public KDCReq() {
}
public KDCReq(byte[] data, int req_type) throws Asn1Exception,
IOException, KrbException {
public KDCReq(byte[] data, int req_type) throws Asn1Exception,
IOException, KrbException {
init(new DerValue(data), req_type);
}
}
/**
* Creates an KDCReq object from a DerValue object and asn1 type.
*
* @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException
*/
* Creates an KDCReq object from a DerValue object and asn1 type.
*
* @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException
*/
public KDCReq(DerValue der, int req_type) throws Asn1Exception,
IOException, KrbException {
init(der, req_type);
}
IOException, KrbException {
init(der, req_type);
}
/**
* Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
*
* @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data.
*/
/**
* Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
*
* @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data.
*/
protected void init(DerValue encoding, int req_type) throws Asn1Exception,
IOException, KrbException {
DerValue der, subDer;
BigInteger bint;
if ((encoding.getTag() & 0x1F) != req_type) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
IOException, KrbException {
DerValue der, subDer;
BigInteger bint;
if ((encoding.getTag() & 0x1F) != req_type) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData> ();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
}
else pAData = null;
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x03) {
subDer = der.getData().getDerValue();
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData>();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
} else {
pAData = null;
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes this object to a byte array.
*
* @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
/**
* Encodes this object to a byte array.
*
* @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out;
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
DerOutputStream temp, bytes, out;
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (pAData != null && pAData.length > 0) {
temp = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
temp.write(pAData[i].asn1Encode());
}
bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes);
}
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
{
return reqBody.asn1Encode(msgType);
temp = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
temp.write(pAData[i].asn1Encode());
}
bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), bytes);
}
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
return reqBody.asn1Encode(msgType);
}
}

214
jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java
View File

@ -56,128 +56,134 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class KRBCred {
public Ticket[] tickets = null;
public EncryptedData encPart;
private int pvno;
private int msgType;
public Ticket[] tickets = null;
public EncryptedData encPart;
private int pvno;
private int msgType;
public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_CRED;
if (new_tickets != null) {
tickets = new Ticket[new_tickets.length];
for (int i = 0; i < new_tickets.length; i++) {
if (new_tickets[i] == null) {
throw new IOException("Cannot create a KRBCred");
} else {
tickets[i] = (Ticket)new_tickets[i].clone();
}
}
public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
pvno = Krb5.PVNO;
msgType = Krb5.KRB_CRED;
if (new_tickets != null) {
tickets = new Ticket[new_tickets.length];
for (int i = 0; i < new_tickets.length; i++) {
if (new_tickets[i] == null) {
throw new IOException("Cannot create a KRBCred");
} else {
tickets[i] = (Ticket) new_tickets[i].clone();
}
encPart = new_encPart;
}
}
encPart = new_encPart;
}
public KRBCred(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(new DerValue(data));
public KRBCred(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(new DerValue(data));
}
public KRBCred(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
public KRBCred(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding);
}
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
if (((encoding.getTag() & (byte)0x1F) != (byte)0x16)
|| (encoding.isApplication() != true)
|| (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue der, subDer;
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_CRED)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x02) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<Ticket> v = new Vector<Ticket> ();
while (subsubDer.getData().available() > 0) {
v.addElement(new Ticket(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
tickets = new Ticket[v.size()];
v.copyInto(tickets);
}
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_CRED) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x02) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<Ticket> v = new Vector<Ticket>();
while (subsubDer.getData().available() > 0) {
v.addElement(new Ticket(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
tickets = new Ticket[v.size()];
v.copyInto(tickets);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/**
* Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out;
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) {
temp.write(tickets[i].asn1Encode());
}
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) {
temp.write(tickets[i].asn1Encode());
}
bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode());
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), encPart.asn1Encode());
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes);
return out.toByteArray();
}
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x16), bytes);
return out.toByteArray();
}
}

22
jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
View File

@ -111,7 +111,7 @@ public class KrbCredInfo {
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public KrbCredInfo(DerValue encoding)
throws Asn1Exception, IOException, RealmException{
throws Asn1Exception, IOException, RealmException{
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
@ -160,25 +160,25 @@ public class KrbCredInfo {
Vector<DerValue> v = new Vector<DerValue> ();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
if (prealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
if (pname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
if (flags != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
if (authtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
if (starttime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
if (endtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
if (renewTill != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
if (srealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
if (sname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
if (caddr != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
DerOutputStream out = new DerOutputStream();

16
jdk/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
View File

@ -215,7 +215,9 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
addrType = read(2);
addrLength = read(4);
if (!(addrLength == 4 || addrLength == 16)) {
System.out.println("Incorrect address format.");
if (DEBUG) {
System.out.println("Incorrect address format.");
}
return null;
}
byte[] result = new byte[addrLength];
@ -338,15 +340,19 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
System.out.println(">>>DEBUG <CCacheInputStream> key type: " + key.getEType());
long times[] = readTimes();
KerberosTime authtime = new KerberosTime(times[0]);
KerberosTime starttime = new KerberosTime(times[1]);
KerberosTime starttime =
(times[1]==0) ? null : new KerberosTime(times[1]);
KerberosTime endtime = new KerberosTime(times[2]);
KerberosTime renewTill = new KerberosTime(times[3]);
KerberosTime renewTill =
(times[3]==0) ? null : new KerberosTime(times[3]);
if (DEBUG) {
System.out.println(">>>DEBUG <CCacheInputStream> auth time: " + authtime.toDate().toString());
System.out.println(">>>DEBUG <CCacheInputStream> start time: " + starttime.toDate().toString());
System.out.println(">>>DEBUG <CCacheInputStream> start time: " +
((starttime==null)?"null":starttime.toDate().toString()));
System.out.println(">>>DEBUG <CCacheInputStream> end time: " + endtime.toDate().toString());
System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " + renewTill.toDate().toString());
System.out.println(">>>DEBUG <CCacheInputStream> renew_till time: " +
((renewTill==null)?"null":renewTill.toDate().toString()));
}
boolean skey = readskey();
boolean flags[] = readFlags();

306
jdk/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
View File

@ -34,168 +34,184 @@ import sun.security.krb5.*;
import sun.security.krb5.internal.*;
public class Credentials {
PrincipalName cname;
Realm crealm;
PrincipalName cname;
Realm crealm;
PrincipalName sname;
Realm srealm;
EncryptionKey key;
KerberosTime authtime;
KerberosTime starttime;//optional
KerberosTime endtime;
KerberosTime renewTill; //optional
HostAddresses caddr; //optional; for proxied tickets only
Realm srealm;
EncryptionKey key;
KerberosTime authtime;
KerberosTime starttime;//optional
KerberosTime endtime;
KerberosTime renewTill; //optional
HostAddresses caddr; //optional; for proxied tickets only
AuthorizationData authorizationData; //optional, not being actually used
public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
TicketFlags flags;
TicketFlags flags;
Ticket ticket;
Ticket secondTicket; //optional
private boolean DEBUG = Krb5.DEBUG;
Ticket secondTicket; //optional
private boolean DEBUG = Krb5.DEBUG;
public Credentials(
PrincipalName new_cname,
PrincipalName new_sname,
EncryptionKey new_key,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
boolean new_isEncInSKey,
TicketFlags new_flags,
HostAddresses new_caddr,
AuthorizationData new_authData,
Ticket new_ticket,
Ticket new_secondTicket) {
cname = (PrincipalName)new_cname.clone();
if (new_cname.getRealm() != null)
crealm = (Realm)new_cname.getRealm().clone();
sname = (PrincipalName)new_sname.clone();
if (new_sname.getRealm() != null)
srealm = (Realm)new_sname.getRealm().clone();
key = (EncryptionKey)new_key.clone();
authtime = (KerberosTime)new_authtime.clone();
starttime = (KerberosTime)new_starttime.clone();
endtime = (KerberosTime)new_endtime.clone();
renewTill = (KerberosTime)new_renewTill.clone();
if (new_caddr != null)
caddr = (HostAddresses)new_caddr.clone();
if (new_authData != null) {
authorizationData
= (AuthorizationData)new_authData.clone();
}
isEncInSKey = new_isEncInSKey;
flags = (TicketFlags)new_flags.clone();
ticket = (Ticket)(new_ticket.clone());
if (new_secondTicket != null)
secondTicket = (Ticket)new_secondTicket.clone();
public Credentials(
PrincipalName new_cname,
PrincipalName new_sname,
EncryptionKey new_key,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
boolean new_isEncInSKey,
TicketFlags new_flags,
HostAddresses new_caddr,
AuthorizationData new_authData,
Ticket new_ticket,
Ticket new_secondTicket) {
cname = (PrincipalName) new_cname.clone();
if (new_cname.getRealm() != null) {
crealm = (Realm) new_cname.getRealm().clone();
}
public Credentials(
KDCRep kdcRep,
Ticket new_secondTicket,
AuthorizationData new_authorizationData,
boolean new_isEncInSKey
) {
if (kdcRep.encKDCRepPart == null) //can't store while encrypted
return;
crealm = (Realm)kdcRep.crealm.clone();
cname = (PrincipalName)kdcRep.cname.clone();
ticket = (Ticket)kdcRep.ticket.clone();
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket)new_secondTicket.clone();
authorizationData =
(AuthorizationData)new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
sname = (PrincipalName) new_sname.clone();
if (new_sname.getRealm() != null) {
srealm = (Realm) new_sname.getRealm().clone();
}
public Credentials(KDCRep kdcRep) {
this(kdcRep, null);
key = (EncryptionKey) new_key.clone();
authtime = (KerberosTime) new_authtime.clone();
if (new_starttime != null) {
starttime = (KerberosTime) new_starttime.clone();
}
endtime = (KerberosTime) new_endtime.clone();
if (new_renewTill != null) {
renewTill = (KerberosTime) new_renewTill.clone();
}
if (new_caddr != null) {
caddr = (HostAddresses) new_caddr.clone();
}
if (new_authData != null) {
authorizationData = (AuthorizationData) new_authData.clone();
}
public Credentials(KDCRep kdcRep, Ticket new_ticket) {
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
try {
sname.setRealm(srealm);
}
catch (RealmException e) {
}
cname = (PrincipalName)kdcRep.cname.clone();
crealm = (Realm)kdcRep.crealm.clone();
try {
cname.setRealm(crealm);
}
catch (RealmException e) {
}
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
}
else starttime = null;
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
}
else renewTill = null;
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null)
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
else caddr = null;
ticket = (Ticket)kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket)new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
isEncInSKey = new_isEncInSKey;
flags = (TicketFlags) new_flags.clone();
ticket = (Ticket) (new_ticket.clone());
if (new_secondTicket != null) {
secondTicket = (Ticket) new_secondTicket.clone();
}
}
/**
* Checks if this credential is expired
*/
public boolean isValid() {
boolean valid = true;
if (endtime.getTime() < System.currentTimeMillis()) {
valid = false;
}
else if ((starttime.getTime() > System.currentTimeMillis())
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
{
valid = false;
}
return valid;
public Credentials(
KDCRep kdcRep,
Ticket new_secondTicket,
AuthorizationData new_authorizationData,
boolean new_isEncInSKey) {
if (kdcRep.encKDCRepPart == null) //can't store while encrypted
{
return;
}
crealm = (Realm) kdcRep.crealm.clone();
cname = (PrincipalName) kdcRep.cname.clone();
ticket = (Ticket) kdcRep.ticket.clone();
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
}
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
}
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket) new_secondTicket.clone();
authorizationData =
(AuthorizationData) new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
}
public PrincipalName getServicePrincipal() throws RealmException{
if (sname.getRealm() == null) {
sname.setRealm(srealm);
}
return sname;
}
public Credentials(KDCRep kdcRep) {
this(kdcRep, null);
}
public sun.security.krb5.Credentials setKrbCreds() {
return new sun.security.krb5.Credentials(ticket,
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
public Credentials(KDCRep kdcRep, Ticket new_ticket) {
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
try {
sname.setRealm(srealm);
} catch (RealmException e) {
}
cname = (PrincipalName) kdcRep.cname.clone();
crealm = (Realm) kdcRep.crealm.clone();
try {
cname.setRealm(crealm);
} catch (RealmException e) {
}
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
} else {
starttime = null;
}
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
} else {
renewTill = null;
}
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null) {
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
} else {
caddr = null;
}
ticket = (Ticket) kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket) new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
}
/**
* Checks if this credential is expired
*/
public boolean isValid() {
boolean valid = true;
if (endtime.getTime() < System.currentTimeMillis()) {
valid = false;
} else if (starttime != null) {
if (starttime.getTime() > System.currentTimeMillis()) {
valid = false;
}
} else {
if (authtime.getTime() > System.currentTimeMillis()) {
valid = false;
}
}
return valid;
}
public PrincipalName getServicePrincipal() throws RealmException {
if (sname.getRealm() == null) {
sname.setRealm(srealm);
}
return sname;
}
public sun.security.krb5.Credentials setKrbCreds() {
return new sun.security.krb5.Credentials(ticket,
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
}
public KerberosTime getAuthTime() {
return authtime;

4
jdk/src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
View File

@ -440,7 +440,9 @@ public class AesDkCrypto extends DkCrypto {
for (int i = 0; i < hashSize; i++) {
if (calculatedHmac[i] != ciphertext[hmacOffset+i]) {
cksumFailed = true;
System.err.println("Checksum failed !");
if (debug) {
System.err.println("Checksum failed !");
}
break;
}
}

4
jdk/src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
View File

@ -397,7 +397,9 @@ public class ArcFourCrypto extends DkCrypto {
for (int i = 0; i < hashSize; i++) {
if (calculatedHmac[i] != ciphertext[i]) {
cksumFailed = true;
System.err.println("Checksum failed !");
if (debug) {
System.err.println("Checksum failed !");
}
break;
}
}

5
jdk/src/share/classes/sun/security/ssl/Handshaker.java
View File

@ -617,7 +617,8 @@ abstract class Handshaker {
r.write(1); // single byte of data
if (conn != null) {
synchronized (conn.writeLock) {
conn.writeLock.lock();
try {
conn.writeRecord(r);
conn.changeWriteCiphers();
if (debug != null && Debug.isOn("handshake")) {
@ -625,6 +626,8 @@ abstract class Handshaker {
}
mesg.write(output);
output.flush();
} finally {
conn.writeLock.unlock();
}
} else {
synchronized (engine.writeLock) {

15
jdk/src/share/classes/sun/security/ssl/InputRecord.java
View File

@ -426,12 +426,12 @@ class InputRecord extends ByteArrayInputStream implements Record {
if (really < 0) {
throw new SSLException("SSL peer shut down incorrectly");
}
// now we've got a complete record.
count = contentLen + headerSize;
exlen = 0;
}
// now we've got a complete record.
count = contentLen + headerSize;
exlen = 0;
if (debug != null && Debug.isOn("record")) {
if (count < 0 || count > (maxRecordSize - headerSize)) {
System.out.println(Thread.currentThread().getName()
@ -502,10 +502,11 @@ class InputRecord extends ByteArrayInputStream implements Record {
if (really < 0) {
throw new EOFException("SSL peer shut down incorrectly");
}
// now we've got a complete record.
exlen = 0;
}
// now we've got a complete record.
exlen = 0;
hashInternal(buf, 2, 3);
hashInternal(v2Buf, 0, len);
V2toV3ClientHello(v2Buf);

12
jdk/src/share/classes/sun/security/ssl/OutputRecord.java
View File

@ -174,6 +174,18 @@ class OutputRecord extends ByteArrayOutputStream implements Record {
return count == headerSize;
}
/*
* Return true if the record is of a given alert.
*/
boolean isAlert(byte description) {
// An alert is defined with a two bytes struct,
// {byte level, byte description}, following after the header bytes.
if (count > (headerSize + 1) && contentType == ct_alert) {
return buf[headerSize + 1] == description;
}
return false;
}
/*
* Compute the MAC and append it to this record. In case we

94
jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 1996-2007 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,6 +33,8 @@ import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.PrivilegedAction;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.BadPaddingException;
@ -274,7 +276,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* from the peer are handled properly.
*/
private Object handshakeLock;
Object writeLock;
ReentrantLock writeLock;
private Object readLock;
private InputRecord inrec;
@ -314,7 +316,6 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
private HashMap<HandshakeCompletedListener, AccessControlContext>
handshakeListeners;
/*
* Reuse the same internal input/output streams.
*/
@ -526,7 +527,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
enabledCipherSuites = CipherSuiteList.getDefault();
enabledProtocols = ProtocolList.getDefault();
handshakeLock = new Object();
writeLock = new Object();
writeLock = new ReentrantLock();
readLock = new Object();
inrec = null;
@ -677,16 +678,81 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// implementations are fragile and don't like to see empty
// records, so this also increases robustness.
//
synchronized (writeLock) {
if (!r.isEmpty()) {
// r.compress(c);
r.addMAC(writeMAC);
r.encrypt(writeCipher);
r.write(sockOutput);
if (!r.isEmpty()) {
// If the record is a close notify alert, we need to honor
// socket option SO_LINGER. Note that we will try to send
// the close notify even if the SO_LINGER set to zero.
if (r.isAlert(Alerts.alert_close_notify) && getSoLinger() >= 0) {
// keep and clear the current thread interruption status.
boolean interrupted = Thread.interrupted();
try {
if (writeLock.tryLock(getSoLinger(), TimeUnit.SECONDS)) {
try {
writeRecordInternal(r);
} finally {
writeLock.unlock();
}
} else {
SSLException ssle = new SSLException(
"SO_LINGER timeout," +
" close_notify message cannot be sent.");
// For layered, non-autoclose sockets, we are not
// able to bring them into a usable state, so we
// treat it as fatal error.
if (self != this && !autoClose) {
// Note that the alert description is
// specified as -1, so no message will be send
// to peer anymore.
fatal((byte)(-1), ssle);
} else if ((debug != null) && Debug.isOn("ssl")) {
System.out.println(threadName() +
", received Exception: " + ssle);
}
// RFC2246 requires that the session becomes
// unresumable if any connection is terminated
// without proper close_notify messages with
// level equal to warning.
//
// RFC4346 no longer requires that a session not be
// resumed if failure to properly close a connection.
//
// We choose to make the session unresumable if
// failed to send the close_notify message.
//
sess.invalidate();
}
} catch (InterruptedException ie) {
// keep interrupted status
interrupted = true;
}
// restore the interrupted status
if (interrupted) {
Thread.currentThread().interrupt();
}
} else {
writeLock.lock();
try {
writeRecordInternal(r);
} finally {
writeLock.unlock();
}
}
}
}
private void writeRecordInternal(OutputRecord r) throws IOException {
// r.compress(c);
r.addMAC(writeMAC);
r.encrypt(writeCipher);
r.write(sockOutput);
}
/*
* Read an application data record. Alerts and handshake
@ -1533,7 +1599,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
if (oldState == cs_HANDSHAKE) {
sockInput.skip(sockInput.available());
}
sendAlert(Alerts.alert_fatal, description);
// If the description equals -1, the alert won't be sent to peer.
if (description != -1) {
sendAlert(Alerts.alert_fatal, description);
}
if (cause instanceof SSLException) { // only true if != null
closeReason = (SSLException)cause;
} else {
@ -1614,7 +1684,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* Emit alerts. Caller must have synchronized with "this".
*/
private void sendAlert(byte level, byte description) {
if (connectionState >= cs_CLOSED) {
if (connectionState >= cs_SENT_CLOSE) {
return;
}

7
jdk/src/share/classes/sun/security/x509/AVA.java
View File

@ -780,7 +780,8 @@ public class AVA implements DerEncoder {
* Implementations MAY escape other characters.
*
* NOTE: this implementation also recognizes "=" and "#" as
* characters which need escaping.
* characters which need escaping, and null which is escaped as
* '\00' (see RFC 4514).
*
* If a character to be escaped is one of the list shown above, then
* it is prefixed by a backslash ('\' ASCII 92).
@ -805,6 +806,10 @@ public class AVA implements DerEncoder {
// append printable/escaped char
sbuffer.append(c);
} else if (c == '\u0000') {
// escape null character
sbuffer.append("\\00");
} else if (debug != null && Debug.isOn("ava")) {
// embed non-printable/non-escaped char

3
jdk/src/solaris/classes/java/net/PlainSocketImpl.java
View File

@ -76,9 +76,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
native int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
native int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
throws SocketException;
native void socketSendUrgentData(int data) throws IOException;
}

3
jdk/src/windows/classes/java/net/DualStackPlainSocketImpl.java
View File

@ -218,9 +218,6 @@ class DualStackPlainSocketImpl extends AbstractPlainSocketImpl
return value;
}
int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
throws SocketException {return 0;} // un-implemented REMOVE
void socketSendUrgentData(int data) throws IOException {
int nativefd = checkAndReturnNativeFD();
sendOOB(nativefd, data);

5
jdk/src/windows/classes/java/net/PlainSocketImpl.java
View File

@ -304,11 +304,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
return impl.socketGetOption(opt, iaContainerObj);
}
int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
throws SocketException {
return impl.socketGetOption1(opt, iaContainerObj, fd);
}
void socketSendUrgentData(int data) throws IOException {
impl.socketSendUrgentData(data);
}

3
jdk/src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
View File

@ -199,8 +199,5 @@ class TwoStacksPlainSocketImpl extends AbstractPlainSocketImpl
native int socketGetOption(int opt, Object iaContainerObj) throws SocketException;
native int socketGetOption1(int opt, Object iaContainerObj, FileDescriptor fd)
throws SocketException;
native void socketSendUrgentData(int data) throws IOException;
}

51
jdk/src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
View File

@ -36,6 +36,8 @@
#include <tchar.h>
#include <fcntl.h>
#include "jni_util.h"
#define SECURITY_WIN32
#include "sspi.h"
#include "issperr.h"
@ -52,7 +54,7 @@ static INITIALIZE_SECURITY_CONTEXT_FN pInitializeSecurityContext;
static COMPLETE_AUTH_TOKEN_FN pCompleteAuthToken;
static DELETE_SECURITY_CONTEXT_FN pDeleteSecurityContext;
static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle, SecBufferDesc OutBuffDesc);
static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle);
static jfieldID ntlm_ctxHandleID;
static jfieldID ntlm_crdHandleID;
@ -117,22 +119,36 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
{
SEC_WINNT_AUTH_IDENTITY AuthId;
SEC_WINNT_AUTH_IDENTITY * pAuthId;
CHAR *pUser = 0;
CHAR *pDomain = 0;
CHAR *pPassword = 0;
const CHAR *pUser = 0;
const CHAR *pDomain = 0;
const CHAR *pPassword = 0;
CredHandle *pCred;
TimeStamp ltime;
jboolean isCopy;
SECURITY_STATUS ss;
if (user != 0) {
pUser = (CHAR *)(*env)->GetStringUTFChars(env, user, &isCopy);
pUser = JNU_GetStringPlatformChars(env, user, &isCopy);
if (pUser == NULL)
return 0; // pending Exception
}
if (domain != 0) {
pDomain = (CHAR *)(*env)->GetStringUTFChars(env, domain, &isCopy);
pDomain = JNU_GetStringPlatformChars(env, domain, &isCopy);
if (pDomain == NULL) {
if (pUser != NULL)
JNU_ReleaseStringPlatformChars(env, user, pUser);
return 0; // pending Exception
}
}
if (password != 0) {
pPassword = (CHAR *)(*env)->GetStringUTFChars(env, password, &isCopy);
pPassword = JNU_GetStringPlatformChars(env, password, &isCopy);
if (pPassword == NULL) {
if(pUser != NULL)
JNU_ReleaseStringPlatformChars(env, user, pUser);
if(pDomain != NULL)
JNU_ReleaseStringPlatformChars(env, domain, pDomain);
return 0; // pending Exception
}
}
pCred = (CredHandle *)malloc(sizeof (CredHandle));
@ -167,6 +183,14 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
pCred, &ltime
);
/* Release resources held by JNU_GetStringPlatformChars */
if (pUser != NULL)
JNU_ReleaseStringPlatformChars(env, user, pUser);
if (pPassword != NULL)
JNU_ReleaseStringPlatformChars(env, password, pPassword);
if (pDomain != NULL)
JNU_ReleaseStringPlatformChars(env, domain, pDomain);
if (ss == 0) {
return (jlong) pCred;
} else {
@ -181,7 +205,6 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
VOID *pInput = 0;
DWORD inputLen;
CHAR buffOut[512];
DWORD pcbBuffOut;
jboolean isCopy;
SECURITY_STATUS ss;
SecBufferDesc OutBuffDesc;
@ -247,7 +270,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
}
if (ss < 0) {
endSequence (pCred, pCtx, OutBuffDesc);
endSequence (pCred, pCtx);
return 0;
}
@ -255,7 +278,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
ss = pCompleteAuthToken( pCtx, &OutBuffDesc );
if (ss < 0) {
endSequence (pCred, pCtx, OutBuffDesc);
endSequence (pCred, pCtx);
return 0;
}
}
@ -265,25 +288,23 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
(*env)->SetByteArrayRegion(env, ret, 0, OutSecBuff.cbBuffer,
OutSecBuff.pvBuffer);
if (lastToken != 0) // 2nd stage
endSequence (pCred, pCtx, OutBuffDesc);
endSequence (pCred, pCtx);
result = ret;
}
if ((ss != SEC_I_CONTINUE_NEEDED) && (ss == SEC_I_COMPLETE_AND_CONTINUE)) {
endSequence (pCred, pCtx, OutBuffDesc);
endSequence (pCred, pCtx);
}
return result;
}
static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle, SecBufferDesc OutBuffDesc) {
static void endSequence (PCredHandle credHand, PCtxtHandle ctxHandle) {
if (credHand != 0) {
pFreeCredentialsHandle (credHand);
free (credHand);
}
pFreeContextBuffer (&OutBuffDesc);
if (ctxHandle != 0) {
pDeleteSecurityContext(ctxHandle);
free (ctxHandle);

1018
jdk/src/windows/native/sun/security/krb5/NativeCreds.c
View File

File diff suppressed because it is too large Load Diff

72
jdk/test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java Normal file
View File

@ -0,0 +1,72 @@
/*
* Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6578538
* @summary com.sun.crypto.provider.SunJCE instance leak using KRB5 and
* LoginContext
* @author Brad Wetmore
*
* @run main/othervm -Xmx2m TestProviderLeak
*/
/*
* We force the leak to become a problem by specifying the minimum
* size heap we can (above). In current runs on a server and client
* machine, it took roughly 220-240 iterations to have the memory leak
* shut down other operations. It complained about "Unable to verify
* the SunJCE provider."
*/
import javax.crypto.*;
import javax.crypto.spec.*;
public class TestProviderLeak {
private static void dumpMemoryStats(String s) throws Exception {
Runtime rt = Runtime.getRuntime();
System.out.println(s + ":\t" +
rt.freeMemory() + " bytes free");
}
public static void main(String [] args) throws Exception {
SecretKeyFactory skf =
SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1", "SunJCE");
PBEKeySpec pbeKS = new PBEKeySpec(
"passPhrase".toCharArray(), new byte [] { 0 }, 5, 512);
for (int i = 0; i <= 1000; i++) {
try {
skf.generateSecret(pbeKS);
if ((i % 20) == 0) {
// Calling gc() isn't dependable, but doesn't hurt.
// Gives better output in leak cases.
System.gc();
dumpMemoryStats("Iteration " + i);
}
} catch (Exception e) {
dumpMemoryStats("\nException seen at iteration " + i);
throw e;
}
}
}
}

30
jdk/test/java/net/CookieHandler/CookieManagerTest.java
View File

@ -132,17 +132,17 @@ class CookieHttpTransaction implements HttpCallback {
),
new CookieTestCase("Set-Cookie",
"PART_NUMBER=ROCKET_LAUNCHER_0001; path=/;" + "domain=." + localHostAddr,
"CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001",
"CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/"
),
new CookieTestCase("Set-Cookie",
"SHIPPING=FEDEX; path=/foo;" + "domain=." + localHostAddr,
"CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001",
"CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/"
),
new CookieTestCase("Set-Cookie",
"SHIPPING=FEDEX; path=/foo;" + "domain=." + localHostAddr,
"CUSTOMER=WILE:BOB;PART_NUMBER=ROCKET_LAUNCHER_0001;SHIPPING=FEDEX",
"CUSTOMER=WILE:BOB; PART_NUMBER=ROCKET_LAUNCHER_0001; SHIPPING=FEDEX",
"/foo"
)
};
@ -157,7 +157,7 @@ class CookieHttpTransaction implements HttpCallback {
),
new CookieTestCase("Set-Cookie",
"PART_NUMBER=RIDING_ROCKET_0023; path=/ammo;" + "domain=." + localHostAddr,
"PART_NUMBER=RIDING_ROCKET_0023;PART_NUMBER=ROCKET_LAUNCHER_0001",
"PART_NUMBER=RIDING_ROCKET_0023; PART_NUMBER=ROCKET_LAUNCHER_0001",
"/ammo"
)
};
@ -167,17 +167,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Customer=\"WILE_E_COYOTE\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme/login"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\";Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/pickitem"
),
new CookieTestCase("Set-Cookie2",
"Shipping=\"FedEx\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + ";Shipping=\"FedEx\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"" + "; Shipping=\"FedEx\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/shipping"
)
};
@ -187,17 +187,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme/ammo"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Riding_Rocket_0023\"; Version=\"1\"; Path=\"/acme/ammo\";" + "domain=." + localHostAddr,
"$Version=\"1\";Part_Number=\"Riding_Rocket_0023\";$Path=\"/acme/ammo\";$Domain=\"." + localHostAddr + "\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Part_Number=\"Riding_Rocket_0023\";$Path=\"/acme/ammo\";$Domain=\"." + localHostAddr + "\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/ammo"
),
new CookieTestCase("",
"",
"$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";" + "$Domain=\"." + localHostAddr + "\"",
"/acme/parts"
)
};
@ -207,12 +207,12 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_2000\"; Version=\"1\"; Path=\"/acme\";" + "domain=." + localHostAddr,
"$Version=\"1\";Part_Number=\"Rocket_Launcher_2000\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"$Version=\"1\"; Part_Number=\"Rocket_Launcher_2000\";$Path=\"/acme\";$Domain=\"." + localHostAddr + "\"",
"/acme"
)
};
@ -222,17 +222,17 @@ class CookieHttpTransaction implements HttpCallback {
testCases[count++] = new CookieTestCase[]{
new CookieTestCase("Set-Cookie2",
"Customer=\"WILE_E_COYOTE\"; Version=\"1\"; Path=\"/acme\"",
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"",
"/acme/login"
),
new CookieTestCase("Set-Cookie2",
"Part_Number=\"Rocket_Launcher_0001\"; Version=\"1\";Path=\"/acme\"",
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"",
"/acme/pickitem"
),
new CookieTestCase("Set-Cookie2",
"Shipping=\"FedEx\"; Version=\"1\"; Path=\"/acme\"",
"$Version=\"1\";Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + ";Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"" + ";Shipping=\"FedEx\";$Path=\"/acme\"",
"$Version=\"1\"; Customer=\"WILE_E_COYOTE\";$Path=\"/acme\"" + "; Part_Number=\"Rocket_Launcher_0001\";$Path=\"/acme\"" + "; Shipping=\"FedEx\";$Path=\"/acme\"",
"/acme/shipping"
)
};

119
jdk/test/java/net/InterfaceAddress/Equals.java Normal file
View File

@ -0,0 +1,119 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/* @test
* @bug 6628576
* @summary InterfaceAddress.equals() NPE when broadcast field == null
*/
import java.net.InterfaceAddress;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
public class Equals
{
public static void main(String[] args) {
InterfaceAddress ia1;
InterfaceAddress ia2;
InetAddress loopbackAddr = InetAddress.getLoopbackAddress();
InetAddress broadcast1 = null;
InetAddress broadcast2 = null;
try {
broadcast1 = InetAddress.getByName("255.255.255.0");
broadcast2 = InetAddress.getByName("255.255.0.0");
} catch (UnknownHostException e) {
e.printStackTrace();
}
ia1 = createInterfaceAddress(loopbackAddr, (InetAddress) null, (short)45);
ia2 = createInterfaceAddress(loopbackAddr, (InetAddress) null, (short)45);
compare(ia1, ia2, true);
ia2 = createInterfaceAddress(loopbackAddr, broadcast1, (short)45);
compare(ia1, ia2, false);
ia2 = createInterfaceAddress((InetAddress)null, broadcast1, (short)45);
compare(ia1, ia2, false);
ia1 = createInterfaceAddress(loopbackAddr, broadcast2, (short)45);
ia2 = createInterfaceAddress(loopbackAddr, broadcast2, (short)45);
compare(ia1, ia2, true);
ia1.equals(null);
}
static void compare(InterfaceAddress ia1, InterfaceAddress ia2, boolean equal) {
if (ia1.equals(ia2) != equal)
throw new RuntimeException("Failed: " + ia1 + " not equals to " + ia2);
if (ia2.equals(ia1) != equal)
throw new RuntimeException("Failed: " + ia2 + " not equals to " + ia1);
}
/**
* Returns an InterfaceAddress instance with its fields set the the values
* specificed.
*/
static InterfaceAddress createInterfaceAddress(
InetAddress address, InetAddress broadcast, short prefixlength) {
try {
Class<InterfaceAddress> IAClass = InterfaceAddress.class;
InterfaceAddress ia;
Constructor<InterfaceAddress> ctr = IAClass.getDeclaredConstructor();
ctr.setAccessible(true);
Field addressField = IAClass.getDeclaredField("address");
addressField.setAccessible(true);
Field broadcastField = IAClass.getDeclaredField("broadcast");
broadcastField.setAccessible(true);
Field maskLengthField = IAClass.getDeclaredField("maskLength");
maskLengthField.setAccessible(true);
ia = ctr.newInstance();
addressField.set(ia, address);
broadcastField.set(ia, broadcast);
maskLengthField.setShort(ia, prefixlength);
return ia;
} catch (NoSuchFieldException nsfe) {
nsfe.printStackTrace();
} catch (NoSuchMethodException e) {
e.printStackTrace();
} catch (InstantiationException ie) {
ie.printStackTrace();
} catch (IllegalAccessException iae) {
iae.printStackTrace();
} catch (InvocationTargetException ite) {
ite.printStackTrace();
}
return null;
}
}

2
jdk/test/java/net/ResponseCache/file2.1
View File

@ -1,4 +1,4 @@
/* @test
/* @test @(#)file2.1 1.1 03/08/09
* @summary Unit test for java.net.ResponseCacheHandler
* @bug 4837267
* @author Yingxian Wang

50
jdk/test/java/security/AccessControlContext/FailureDebugOption.java Normal file
View File

@ -0,0 +1,50 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6648816
* @summary REGRESSION: setting -Djava.security.debug=failure result in NPE
* in ACC
* @run main/othervm -Djava.security.debug=failure FailureDebugOption
*/
import java.security.ProtectionDomain;
import java.security.AccessController;
import java.security.AccessControlException;
import java.security.BasicPermission;
public class FailureDebugOption {
public static void main (String argv[]) throws Exception {
try {
AccessController.checkPermission(
new BasicPermission("no such permission"){});
} catch (NullPointerException npe) {
throw new Exception("Unexpected NullPointerException for security" +
" debug option, -Djava.security.debug=failure");
} catch (AccessControlException ace) {
}
}
}

92
jdk/test/javax/security/auth/x500/X500Principal/RFC4514.java Normal file
View File

@ -0,0 +1,92 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
import javax.security.auth.x500.X500Principal;
/**
* @test
* @bug 6611991
* @summary Add support for parsing RFC 4514 DNs to X500Principal
*
* Ensure RFC 4514 Distinguished Name Strings can be parsed by X500Principal.
* RFC 4514 obsoleted RFC 2253 so we should make sure we can parse DNs of
* that form that contain subtle differences or clarifications in the grammar.
*/
public class RFC4514 {
private int failed = 0;
public static void main(String[] args) throws Exception {
new RFC4514().test();
}
private void test() throws Exception {
/**
* RFC 4514 allows space to be escaped as '\ '.
*/
parse("CN=\\ Space\\ ,C=US");
parse("CN=Sp\\ ace,C=US");
/**
* RFC 4514 does not require escaping of '=' characters.
*/
parse("CN=Eq=uals,C=US");
/**
* RFC 4514 requires the null character to be escaped.
*/
parse("CN=\\00,C=US");
/**
* RFC 4514 does not require escaping of non-leading '#' characters.
*/
parse("CN=Num#ber,C=US");
/**
* XMLDSig (http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/)
* allows implementations to escape trailing whitespace as '\20'.
*/
parse("CN=Trailing \\20,C=US");
/**
* XMLDSig allows implementations to escape ASCII control characters
* (Unicode range \x00 - \x1f) by replacing them with "\" followed by
* a two digit hex number showing its Unicode number.
*/
parse("CN=Con\\09trol,C=US");
if (failed != 0) {
throw new Exception("Some RFC4514 tests FAILED");
}
}
public void parse(String dnString) throws Exception {
System.out.println("Parsing " + dnString);
X500Principal dn = new X500Principal(dnString);
String dnString2 = dn.getName();
X500Principal dn2 = new X500Principal(dnString2);
if (dn.equals(dn2)) {
System.out.println("PASSED");
} else {
System.out.println("FAILED");
failed++;
}
}
}

98
jdk/test/sun/net/www/http/ChunkedOutputStream/Test.java
View File

@ -23,7 +23,7 @@
/**
* @test
* @bug 5026745
* @bug 5026745 6631048
* @run main/othervm/timeout=500 Test
* @summary Cannot flush output stream when writing to an HttpUrlConnection
*/
@ -158,6 +158,50 @@ public class Test implements HttpHandler {
exchange.sendResponseHeaders(200, 0);
}
break;
case 10: /* test11 */
printRequestURI(exchange);
is = exchange.getRequestBody();
s = read (is, str1.length());
error = false;
for (int i=10; i< 30 * 1024; i++) {
byte c = (byte)is.read();
if (c != (byte)i) {
error = true;
System.out.println ("error at position " + i);
}
}
if (!s.equals(str1) ) {
System.out.println ("received string : " + s);
exchange.sendResponseHeaders(500, 0);
} else if (error) {
System.out.println ("error");
exchange.sendResponseHeaders(500, 0);
} else {
exchange.sendResponseHeaders(200, 0);
}
break;
case 11: /* test12 */
printRequestURI(exchange);
is = exchange.getRequestBody();
error = false;
for (int i=10; i< 30 * 1024; i++) {
byte c = (byte)is.read();
if (c != (byte)i) {
error = true;
System.out.println ("error at position " + i);
}
}
if (error) {
System.out.println ("error");
exchange.sendResponseHeaders(500, 0);
} else {
exchange.sendResponseHeaders(200, 0);
}
break;
}
exchange.close();
count ++;
@ -390,6 +434,56 @@ public class Test implements HttpHandler {
}
}
static void test11 (String u) throws Exception {
URL url = new URL (u);
System.out.println ("client opening connection to: " + u);
HttpURLConnection urlc = (HttpURLConnection)url.openConnection ();
urlc.setChunkedStreamingMode (36 * 1024);
urlc.setDoOutput(true);
urlc.setRequestMethod ("POST");
OutputStream os = urlc.getOutputStream ();
byte[] buf = new byte [30 * 1024];
for (int i=0; i< 30 * 1024; i++) {
buf[i] = (byte) i;
}
/* write a small bit first, and then the large buffer */
os.write (str1.getBytes());
//os.write (buf, 10, buf.length - 10); /* skip 10 bytes to test offset */
os.write (buf, 10, (10 * 1024) - 10);
os.write (buf, (10 * 1024), (10 * 1024));
os.write (buf, (20 * 1024), (10 * 1024));
os.close();
InputStream is = urlc.getInputStream();
is.close();
int ret = urlc.getResponseCode();
if (ret != 200) {
throw new Exception ("Expected 200: got " + ret);
}
}
static void test12 (String u) throws Exception {
URL url = new URL (u);
System.out.println ("client opening connection to: " + u);
HttpURLConnection urlc = (HttpURLConnection)url.openConnection ();
urlc.setChunkedStreamingMode (36 * 1024);
urlc.setDoOutput(true);
urlc.setRequestMethod ("POST");
OutputStream os = urlc.getOutputStream ();
byte[] buf = new byte [30 * 1024];
for (int i=0; i< 30 * 1024; i++) {
buf[i] = (byte) i;
}
os.write (buf, 10, buf.length - 10); /* skip 10 bytes to test offset */
os.close();
InputStream is = urlc.getInputStream();
is.close();
int ret = urlc.getResponseCode();
if (ret != 200) {
throw new Exception ("Expected 200: got " + ret);
}
}
static com.sun.net.httpserver.HttpServer httpserver;
public static void main (String[] args) throws Exception {
@ -411,6 +505,8 @@ public class Test implements HttpHandler {
test8("http://localhost:"+ port + "/test/test8");
test9("http://localhost:"+ port + "/test/test9");
test10("http://localhost:"+ port + "/test/test10");
test11("http://localhost:"+ port + "/test/test11");
test12("http://localhost:"+ port + "/test/test12");
} finally {
if (httpserver != null)
httpserver.stop(0);

129
jdk/test/sun/net/www/protocol/http/B6641309.java Normal file
View File

@ -0,0 +1,129 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6641309
* @summary Wrong Cookie separator used in HttpURLConnection
*/
import java.net.*;
import java.util.*;
import java.io.*;
import com.sun.net.httpserver.*;
import java.util.concurrent.Executors;
import java.util.concurrent.ExecutorService;
public class B6641309
{
com.sun.net.httpserver.HttpServer httpServer;
ExecutorService executorService;
public static void main(String[] args)
{
new B6641309();
}
public B6641309()
{
try {
startHttpServer();
doClient();
} catch (IOException ioe) {
System.err.println(ioe);
}
}
void doClient() {
CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));
try {
InetSocketAddress address = httpServer.getAddress();
// GET Request
URL url = new URL("http://localhost:" + address.getPort() + "/test/");
CookieHandler ch = CookieHandler.getDefault();
Map<String,List<String>> header = new HashMap<String,List<String>>();
List<String> values = new LinkedList<String>();
values.add("Test1Cookie=TEST1; path=/test/");
values.add("Test2Cookie=TEST2; path=/test/");
header.put("Set-Cookie", values);
// preload the CookieHandler with a cookie for our URL
// so that it will be sent during the first request
ch.put(url.toURI(), header);
HttpURLConnection uc = (HttpURLConnection)url.openConnection();
int resp = uc.getResponseCode();
if (resp != 200)
throw new RuntimeException("Failed: Response code from GET is not 200");
System.out.println("Response code from GET = 200 OK");
} catch (IOException e) {
e.printStackTrace();
} catch (URISyntaxException e) {
e.printStackTrace();
} finally {
httpServer.stop(1);
executorService.shutdown();
}
}
/**
* Http Server
*/
public void startHttpServer() throws IOException {
httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0);
// create HttpServer context
HttpContext ctx = httpServer.createContext("/test/", new MyHandler());
executorService = Executors.newCachedThreadPool();
httpServer.setExecutor(executorService);
httpServer.start();
}
class MyHandler implements HttpHandler {
public void handle(HttpExchange t) throws IOException {
InputStream is = t.getRequestBody();
Headers reqHeaders = t.getRequestHeaders();
int i = 0;
// Read till end of stream
do {
i = is.read();
} while (i != -1);
is.close();
List<String> cookies = reqHeaders.get("Cookie");
if (cookies != null) {
for (String str : cookies) {
// The separator between the 2 cookies should be
// a semi-colon AND a space
if (str.equals("Test1Cookie=TEST1; Test2Cookie=TEST2"))
t.sendResponseHeaders(200, -1);
}
}
t.sendResponseHeaders(400, -1);
t.close();
}
}
}

163
jdk/test/sun/net/www/protocol/http/B6660405.java Normal file
View File

@ -0,0 +1,163 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6660405
* @summary HttpURLConnection returns the wrong InputStream
*/
import java.net.*;
import java.util.*;
import java.io.*;
import com.sun.net.httpserver.*;
import java.util.concurrent.Executors;
import java.util.concurrent.ExecutorService;
public class B6660405
{
com.sun.net.httpserver.HttpServer httpServer;
ExecutorService executorService;
static class MyCacheResponse extends CacheResponse {
private byte[] buf = new byte[1024];
public MyCacheResponse() {
}
@Override
public Map<String, List<String>> getHeaders() throws IOException
{
Map<String, List<String>> h = new HashMap<String, List<String>>();
ArrayList<String> l = new ArrayList<String>();
l.add("HTTP/1.1 200 OK");
h.put(null, l);
l = new ArrayList<String>();
l.add("1024");
h.put("Content-Length", l);
return h;
}
@Override
public InputStream getBody() throws IOException
{
return new ByteArrayInputStream(buf);
}
}
static class MyResponseCache extends ResponseCache {
public MyResponseCache() {
}
@Override
public CacheResponse get(URI uri, String rqstMethod, Map<String, List<String>> rqstHeaders) throws IOException
{
if (uri.getPath().equals("/redirect/index.html")) {
return new MyCacheResponse();
}
return null;
}
@Override
public CacheRequest put(URI uri, URLConnection conn) throws IOException
{
return null;
}
}
public static void main(String[] args)
{
new B6660405();
}
public B6660405()
{
try {
startHttpServer();
doClient();
} catch (IOException ioe) {
System.err.println(ioe);
}
}
void doClient() {
ResponseCache.setDefault(new MyResponseCache());
try {
InetSocketAddress address = httpServer.getAddress();
// GET Request
URL url = new URL("http://localhost:" + address.getPort() + "/test/index.html");
HttpURLConnection uc = (HttpURLConnection)url.openConnection();
int code = uc.getResponseCode();
System.err.println("response code = " + code);
int l = uc.getContentLength();
System.err.println("content-length = " + l);
InputStream in = uc.getInputStream();
int i = 0;
// Read till end of stream
do {
i = in.read();
} while (i != -1);
in.close();
} catch (IOException e) {
throw new RuntimeException("Got the wrong InputStream after checking headers");
} finally {
httpServer.stop(1);
executorService.shutdown();
}
}
/**
* Http Server
*/
public void startHttpServer() throws IOException {
httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0);
// create HttpServer context
HttpContext ctx = httpServer.createContext("/test/", new MyHandler());
executorService = Executors.newCachedThreadPool();
httpServer.setExecutor(executorService);
httpServer.start();
}
class MyHandler implements HttpHandler {
public void handle(HttpExchange t) throws IOException {
InputStream is = t.getRequestBody();
Headers reqHeaders = t.getRequestHeaders();
Headers resHeaders = t.getResponseHeaders();
int i = 0;
// Read till end of stream
do {
i = is.read();
} while (i != -1);
is.close();
resHeaders.add("Location", "http://foo.bar/redirect/index.html");
t.sendResponseHeaders(302, -1);
t.close();
}
}
}

64
jdk/test/sun/security/krb5/DnsFallback.java Normal file
View File

@ -0,0 +1,64 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6673164
* @summary dns_fallback parse error
*/
import sun.security.krb5.*;
import java.io.*;
public class DnsFallback {
public static void main(String[] args) throws Exception {
check("true", "true", true);
check("false", "true", false);
check("true", "false", true);
check("false", "false", false);
check("true", null, true);
check("false", null, false);
check(null, "true", true);
check(null, "false", false);
}
static void check(String realm, String fallback, boolean output) throws Exception {
FileOutputStream fo = new FileOutputStream("dnsfallback.conf");
StringBuffer sb = new StringBuffer();
sb.append("[libdefaults]\n");
if (realm != null) {
sb.append("dns_lookup_realm=" + realm + "\n");
}
if (fallback != null) {
sb.append("dns_fallback=" + fallback + "\n");
}
fo.write(sb.toString().getBytes());
fo.close();
System.setProperty("java.security.krb5.conf", "dnsfallback.conf");
Config.refresh();
System.out.println("Testing " + realm + ", " + fallback + ", " + output);
if (Config.getInstance().useDNS_Realm() != output) {
throw new Exception("Fail");
}
}
}

123
jdk/test/sun/security/krb5/OptionPADataInKDCReq.java Normal file
View File

@ -0,0 +1,123 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6648972
* @summary KDCReq.init always read padata
*/
import sun.security.krb5.internal.ETypeInfo2;
import sun.security.krb5.internal.KDCReq;
import sun.security.util.DerValue;
public class OptionPADataInKDCReq {
public static void main(String[] args) throws Exception {
/*
* This is a AS-REQ block without padata. The content is --
[APPLICATION 10] SEQUENCE {
[1] INTEGER 5
[2] INTEGER 10
[4] SEQUENCE {
[0] BIT STRING 01000000 10000001 00000000 00010000
[1] SEQUENCE {
[0] INTEGER 1
[1] SEQUENCE {
STRING administrator
}
}
[2] STRING N3
[3] SEQUENCE {
[0] INTEGER 2
[1] SEQUENCE {
STRING krbtgt
STRING N3
}
}
[5] TIME Sun Sep 13 10:48:05 CST 2037
[6] TIME Sun Sep 13 10:48:05 CST 2037
[7] INTEGER 2101281516
[8] SEQUENCE {
INTEGER 23
INTEGER -133
INTEGER -128
INTEGER 3
INTEGER 1
INTEGER 24
INTEGER -135
}
[9] SEQUENCE {
SEQUENCE {
[0] INTEGER 20
[1] OCTET STRING
0000: 58 50 20 20 20 20 20 20 20 20 20 20 20 20 20 20 XP
}
}
}
}
*/
byte[] b = {
(byte)0x6a, (byte)0x81, (byte)0xbf, (byte)0x30, (byte)0x81, (byte)0xbc, (byte)0xa1, (byte)0x03,
(byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa2, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x0a,
(byte)0xa4, (byte)0x81, (byte)0xaf, (byte)0x30, (byte)0x81, (byte)0xac, (byte)0xa0, (byte)0x07,
(byte)0x03, (byte)0x05, (byte)0x00, (byte)0x40, (byte)0x81, (byte)0x00, (byte)0x10, (byte)0xa1,
(byte)0x1a, (byte)0x30, (byte)0x18, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x01,
(byte)0xa1, (byte)0x11, (byte)0x30, (byte)0x0f, (byte)0x1b, (byte)0x0d, (byte)0x61, (byte)0x64,
(byte)0x6d, (byte)0x69, (byte)0x6e, (byte)0x69, (byte)0x73, (byte)0x74, (byte)0x72, (byte)0x61,
(byte)0x74, (byte)0x6f, (byte)0x72, (byte)0xa2, (byte)0x04, (byte)0x1b, (byte)0x02, (byte)0x4e,
(byte)0x33, (byte)0xa3, (byte)0x17, (byte)0x30, (byte)0x15, (byte)0xa0, (byte)0x03, (byte)0x02,
(byte)0x01, (byte)0x02, (byte)0xa1, (byte)0x0e, (byte)0x30, (byte)0x0c, (byte)0x1b, (byte)0x06,
(byte)0x6b, (byte)0x72, (byte)0x62, (byte)0x74, (byte)0x67, (byte)0x74, (byte)0x1b, (byte)0x02,
(byte)0x4e, (byte)0x33, (byte)0xa5, (byte)0x11, (byte)0x18, (byte)0x0f, (byte)0x32, (byte)0x30,
(byte)0x33, (byte)0x37, (byte)0x30, (byte)0x39, (byte)0x31, (byte)0x33, (byte)0x30, (byte)0x32,
(byte)0x34, (byte)0x38, (byte)0x30, (byte)0x35, (byte)0x5a, (byte)0xa6, (byte)0x11, (byte)0x18,
(byte)0x0f, (byte)0x32, (byte)0x30, (byte)0x33, (byte)0x37, (byte)0x30, (byte)0x39, (byte)0x31,
(byte)0x33, (byte)0x30, (byte)0x32, (byte)0x34, (byte)0x38, (byte)0x30, (byte)0x35, (byte)0x5a,
(byte)0xa7, (byte)0x06, (byte)0x02, (byte)0x04, (byte)0x7d, (byte)0x3f, (byte)0x02, (byte)0xec,
(byte)0xa8, (byte)0x19, (byte)0x30, (byte)0x17, (byte)0x02, (byte)0x01, (byte)0x17, (byte)0x02,
(byte)0x02, (byte)0xff, (byte)0x7b, (byte)0x02, (byte)0x01, (byte)0x80, (byte)0x02, (byte)0x01,
(byte)0x03, (byte)0x02, (byte)0x01, (byte)0x01, (byte)0x02, (byte)0x01, (byte)0x18, (byte)0x02,
(byte)0x02, (byte)0xff, (byte)0x79, (byte)0xa9, (byte)0x1d, (byte)0x30, (byte)0x1b, (byte)0x30,
(byte)0x19, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x14, (byte)0xa1, (byte)0x12,
(byte)0x04, (byte)0x10, (byte)0x58, (byte)0x50, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20,
(byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20, (byte)0x20,
(byte)0x20, (byte)0x20,
};
new KDCReq(b, 0x0a);
/*
* This is a fake ETYPEINFO2 block with no salt
SEQUENCE {
[0] INTEGER 0
[2] OCTET STRING 0000: 00 .
}
*/
byte[] b2 = {
(byte)0x30, (byte)0x0a, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0xa2,
(byte)0x03, (byte)0x04, (byte)0x01, (byte)0x00,
};
ETypeInfo2 e2 = new ETypeInfo2(new DerValue(b2));
if (e2.getSalt() != null || e2.getParams() == null) {
throw new Exception("ETypeInfo2 decoding error");
}
}
}

93
jdk/test/sun/security/krb5/TimeInCCache.java Normal file
View File

@ -0,0 +1,93 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6590930
* @summary read/write does not match for ccache
*/
import java.io.ByteArrayInputStream;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import sun.security.krb5.internal.ccache.CCacheInputStream;
import sun.security.krb5.internal.ccache.Credentials;
public class TimeInCCache {
public static void main(String[] args) throws Exception {
// A trivial cache file, with startdate and renewTill being zero.
// The endtime is set to sometime in year 2022, so that isValid()
// will always check starttime.
byte[] ccache = new byte[]{
5, 4, 0, 12, 0, 1, 0, 8, -1, -1, -1, 19, -1, -2, 89, 51,
0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 10, 77, 65, 88, 73,
46, 76, 79, 67, 65, 76, 0, 0, 0, 5, 100, 117, 109, 109, 121, 0,
0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 10, 77, 65, 88, 73, 46,
76, 79, 67, 65, 76, 0, 0, 0, 5, 100, 117, 109, 109, 121, 0, 0,
0, 0, 0, 0, 0, 2, 0, 0, 0, 10, 77, 65, 88, 73, 46, 76,
79, 67, 65, 76, 0, 0, 0, 6, 107, 114, 98, 116, 103, 116, 0, 0,
0, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, 0, 17, 0, 0,
0, 16, -78, -85, -90, -50, -68, 115, 68, 8, -39, -109, 91, 61, -17, -27,
-122, -120, 71, 69, 16, -121, 0, 0, 0, 0, 98, 69, 16, -121, 0, 0,
0, 0, 0, 64, -32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 1, 0, 97, -127, -3, 48, -127, -6, -96, 3, 2, 1, 5, -95, 12,
27, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, -94, 31, 48, 29,
-96, 3, 2, 1, 0, -95, 22, 48, 20, 27, 6, 107, 114, 98, 116, 103,
116, 27, 10, 77, 65, 88, 73, 46, 76, 79, 67, 65, 76, -93, -127, -61,
48, -127, -64, -96, 3, 2, 1, 17, -95, 3, 2, 1, 1, -94, -127, -77,
4, -127, -80, 43, 65, -66, 34, 21, -34, 37, 35, 32, 50, -14, 122, 77,
-3, -29, 37, 99, 50, 125, -43, -96, -78, 85, 23, 41, -80, 68, 2, -109,
-27, 38, -41, -72, -32, 127, 63, -76, -22, 81, 33, -114, -30, 104, 125, -81,
-29, 70, -25, 23, 100, -75, -25, 62, -120, -78, -61, -100, -74, 50, -117, -127,
-16, 79, -106, 62, -39, 91, 100, -10, 23, -88, -18, -47, 51, -19, 113, 18,
98, -101, 31, 98, 22, -81, 11, -41, -42, 67, 87, 92, -2, 42, -54, 79,
49, -90, 43, -37, 90, -102, 125, 62, -88, -77, 100, 102, 23, -57, -51, 38,
68, -44, -57, -102, 103, -6, 85, -58, 74, -117, -87, 67, -103, -36, 110, -122,
115, 12, 118, -106, -114, -51, 79, 68, 32, -91, -53, -5, -51, 89, 72, 70,
123, -12, -95, 9, 40, -30, -117, 74, 77, 38, 91, 126, -82, 17, 98, 98,
-49, 78, 36, 36, 103, -76, -100, -23, 118, -92, -8, 80, 103, -23, -98, 56,
21, 65, -77, 0, 0, 0, 0
};
System.setProperty("sun.security.krb5.debug", "true"); // test code changes in DEBUG
CCacheInputStream cis = new CCacheInputStream(new ByteArrayInputStream(ccache));
cis.readVersion();
cis.readTag();
cis.readPrincipal(0x504);
Method m = CCacheInputStream.class.getDeclaredMethod("readCred", Integer.TYPE);
m.setAccessible(true);
Credentials c = (Credentials) m.invoke(cis, new Integer(0x504));
sun.security.krb5.Credentials cc = c.setKrbCreds();
// 1. Make sure starttime is still null
if (cc.getStartTime() != null) {
throw new Exception("Fail, starttime should be zero here");
}
// 2. Make sure renewTill is still null
if (cc.getRenewTill() != null) {
throw new Exception("Fail, renewTill should be zero here");
}
// 3. Make sure isValid works
c.isValid();
}
}

116
jdk/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java Normal file
View File

@ -0,0 +1,116 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6447412
* @summary Issue with socket.close() for ssl sockets when poweroff on
* other system
*/
import javax.net.ssl.*;
import java.io.*;
public class AsyncSSLSocketClose implements Runnable
{
SSLSocket socket;
SSLServerSocket ss;
// Where do we find the keystores?
static String pathToStores = "../../../../../../../etc";
static String keyStoreFile = "keystore";
static String trustStoreFile = "truststore";
static String passwd = "passphrase";
public static void main(String[] args) {
String keyFilename =
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + keyStoreFile;
String trustFilename =
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + trustStoreFile;
System.setProperty("javax.net.ssl.keyStore", keyFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
System.setProperty("javax.net.ssl.trustStore", trustFilename);
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
new AsyncSSLSocketClose();
}
public AsyncSSLSocketClose() {
try {
SSLServerSocketFactory sslssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
ss = (SSLServerSocket) sslssf.createServerSocket(0);
SSLSocketFactory sslsf =
(SSLSocketFactory)SSLSocketFactory.getDefault();
socket = (SSLSocket)sslsf.createSocket("localhost",
ss.getLocalPort());
SSLSocket serverSoc = (SSLSocket) ss.accept();
ss.close();
(new Thread(this)).start();
serverSoc.startHandshake();
try {
Thread.sleep(5000);
} catch (Exception e) {
e.printStackTrace();
}
socket.setSoLinger(true, 10);
System.out.println("Calling Socket.close");
socket.close();
System.out.println("ssl socket get closed");
System.out.flush();
} catch (IOException e) {
e.printStackTrace();
}
}
// block in write
public void run() {
try {
byte[] ba = new byte[1024];
for (int i=0; i<ba.length; i++)
ba[i] = 0x7A;
OutputStream os = socket.getOutputStream();
int count = 0;
while (true) {
count += ba.length;
System.out.println(count + " bytes to be written");
os.write(ba);
System.out.println(count + " bytes written");
}
} catch (IOException e) {
e.printStackTrace();
}
}
}

308
jdk/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CloseKeepAliveCached.java Normal file
View File

@ -0,0 +1,308 @@
/*
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6618387
* @summary SSL client sessions do not close cleanly. A TCP reset occurs
* instead of a close_notify alert.
* @run main/othervm -Djavax.net.debug=ssl CloseKeepAliveCached
*
* @ignore
* After run the test manually, at the end of the debug output,
* if "MainThread, called close()" found, the test passed. Otherwise,
* if "Keep-Alive-Timer: called close()", the test failed.
*/
import java.net.*;
import java.util.*;
import java.io.*;
import javax.net.ssl.*;
public class CloseKeepAliveCached {
static Map cookies;
ServerSocket ss;
/*
* =============================================================
* Set the various variables needed for the tests, then
* specify what tests to run on each side.
*/
/*
* Should we run the client or server in a separate thread?
* Both sides can throw exceptions, but do you have a preference
* as to which side should be the main thread.
*/
static boolean separateServerThread = true;
/*
* Where do we find the keystores?
*/
static String pathToStores = "../../../../../../etc";
static String keyStoreFile = "keystore";
static String trustStoreFile = "truststore";
static String passwd = "passphrase";
/*
* Is the server ready to serve?
*/
volatile static boolean serverReady = false;
/*
* Turn on SSL debugging?
*/
static boolean debug = false;
private SSLServerSocket sslServerSocket = null;
/*
* Define the server side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doServerSide() throws Exception {
SSLServerSocketFactory sslssf =
(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
sslServerSocket =
(SSLServerSocket) sslssf.createServerSocket(serverPort);
serverPort = sslServerSocket.getLocalPort();
/*
* Signal Client, we're ready for his connect.
*/
serverReady = true;
SSLSocket sslSocket = null;
try {
sslSocket = (SSLSocket) sslServerSocket.accept();
for (int i = 0; i < 3 && !sslSocket.isClosed(); i++) {
// read request
InputStream is = sslSocket.getInputStream ();
BufferedReader r = new BufferedReader(
new InputStreamReader(is));
String x;
while ((x=r.readLine()) != null) {
if (x.length() ==0) {
break;
}
}
PrintStream out = new PrintStream(
new BufferedOutputStream(
sslSocket.getOutputStream() ));
/* send the header */
out.print("HTTP/1.1 200 OK\r\n");
out.print("Keep-Alive: timeout=15, max=100\r\n");
out.print("Connection: Keep-Alive\r\n");
out.print("Content-Type: text/html; charset=iso-8859-1\r\n");
out.print("Content-Length: 9\r\n");
out.print("\r\n");
out.print("Testing\r\n");
out.flush();
Thread.sleep(50);
}
sslSocket.close();
sslServerSocket.close();
} catch (Exception e) {
e.printStackTrace();
}
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
try {
HttpsURLConnection http = null;
/* establish http connection to server */
URL url = new URL("https://localhost:" + serverPort+"/");
HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
http = (HttpsURLConnection)url.openConnection();
InputStream is = http.getInputStream ();
while (is.read() != -1);
is.close();
url = new URL("https://localhost:" + serverPort+"/");
http = (HttpsURLConnection)url.openConnection();
is = http.getInputStream ();
while (is.read() != -1);
// if inputstream.close() called, the http.disconnect() will
// not able to close the cached connection. If application
// wanna close the keep-alive cached connection immediately
// with httpURLConnection.disconnect(), they should not call
// inputstream.close() explicitly, the
// httpURLConnection.disconnect() will do it internally.
// is.close();
// close the connection, sending close_notify to peer.
// otherwise, the connection will be closed by Finalizer or
// Keep-Alive-Timer if timeout.
http.disconnect();
// Thread.sleep(5000);
} catch (IOException ioex) {
if (sslServerSocket != null)
sslServerSocket.close();
throw ioex;
}
}
static class NameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
/*
* =============================================================
* The remainder is just support stuff
*/
// use any free port by default
volatile int serverPort = 0;
volatile Exception serverException = null;
volatile Exception clientException = null;
public static void main(String args[]) throws Exception {
String keyFilename =
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + keyStoreFile;
String trustFilename =
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + trustStoreFile;
System.setProperty("javax.net.ssl.keyStore", keyFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
System.setProperty("javax.net.ssl.trustStore", trustFilename);
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
if (debug)
System.setProperty("javax.net.debug", "all");
/*
* Start the tests.
*/
new CloseKeepAliveCached();
}
Thread clientThread = null;
Thread serverThread = null;
/*
* Primary constructor, used to drive remainder of the test.
*
* Fork off the other side, then do your work.
*/
CloseKeepAliveCached() throws Exception {
if (separateServerThread) {
startServer(true);
startClient(false);
} else {
startClient(true);
startServer(false);
}
/*
* Wait for other side to close down.
*/
if (separateServerThread) {
serverThread.join();
} else {
clientThread.join();
}
/*
* When we get here, the test is pretty much over.
*
* If the main thread excepted, that propagates back
* immediately. If the other thread threw an exception, we
* should report back.
*/
if (serverException != null)
throw serverException;
if (clientException != null)
throw clientException;
}
void startServer(boolean newThread) throws Exception {
if (newThread) {
serverThread = new Thread() {
public void run() {
try {
doServerSide();
} catch (Exception e) {
/*
* Our server thread just died.
*
* Release the client, if not active already...
*/
System.err.println("Server died...");
serverReady = true;
serverException = e;
}
}
};
serverThread.start();
} else {
doServerSide();
}
}
void startClient(boolean newThread) throws Exception {
if (newThread) {
clientThread = new Thread() {
public void run() {
try {
doClientSide();
} catch (Exception e) {
/*
* Our client thread just died.
*/
System.err.println("Client died...");
clientException = e;
}
}
};
clientThread.start();
} else {
doClientSide();
}
}
}

6
jdk/test/sun/security/tools/keytool/StartDateTest.java
View File

@ -52,15 +52,15 @@ public class StartDateTest {
cal.setTime(getIssueDate());
System.out.println(cal);
if (cal.get(Calendar.YEAR) != year + 1) {
throw new Exception("Function #1 check fails");
throw new Exception("Function check #1 fails");
}
run("-keystore jks -storetype jks -storepass changeit -keypass changeit -alias me " +
"-selfcert -startdate +1m");
cal.setTime(getIssueDate());
System.out.println(cal);
if (cal.get(Calendar.MONTH) != month + 1) {
throw new Exception("Function #1 check fails");
if (cal.get(Calendar.MONTH) != (month + 1) % 12) {
throw new Exception("Function check #2 fails");
}
new File("jks").delete();