8035986: KerberosKey algorithm names are not specified

Reviewed-by: xuelei

jdk/src/share/classes/javax/security/auth/kerberos/KerberosKey.java

@@ -52,7 +52,20 @@ import javax.security.auth.DestroyFailedException;
  * application depends on the default JGSS Kerberos mechanism to access the
  * KerberosKey. In that case, however, the application will need an
  * appropriate
- * {@link javax.security.auth.kerberos.ServicePermission ServicePermission}.
+ * {@link javax.security.auth.kerberos.ServicePermission ServicePermission}.<p>
+ *
+ * When creating a {@code KerberosKey} using the
+ * {@link #KerberosKey(KerberosPrincipal, char[], String)} constructor,
+ * an implementation may accept non-IANA algorithm names (For example,
+ * "ArcFourMac" for "rc4-hmac"), but the {@link #getAlgorithm} method
+ * must always return the IANA algorithm name.<p>
+ *
+ * @implNote Old algorithm names used before JDK 9 are supported in the
+ * {@link #KerberosKey(KerberosPrincipal, char[], String)} constructor in this
+ * implementation for compatibility reasons, which are "DES" (and null) for
+ * "des-cbc-md5", "DESede" for "des3-cbc-sha1-kd", "ArcFourHmac" for "rc4-hmac",
+ * "AES128" for "aes128-cts-hmac-sha1-96", and "AES256" for
+ * "aes256-cts-hmac-sha1-96".
  *
  * @author Mayank Upadhyay
  * @since 1.4
@@ -73,7 +86,7 @@ public class KerberosKey implements SecretKey, Destroyable {
      *
      * @serial
      */
-    private int versionNum;
+    private final int versionNum;
 
    /**
     * {@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
@@ -113,13 +126,16 @@ public class KerberosKey implements SecretKey, Destroyable {
     }
 
     /**
-     * Constructs a KerberosKey from a principal's password.
+     * Constructs a KerberosKey from a principal's password using the specified
+     * algorithm name. The algorithm name (case insensitive) should be provided
+     * as the encryption type string defined on the IANA
+     * <a href="https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#kerberos-parameters-1">Kerberos Encryption Type Numbers</a>
+     * page. The version number of the key generated will be 0.
      *
      * @param principal the principal that this password belongs to
      * @param password the password that should be used to compute the key
      * @param algorithm the name for the algorithm that this key will be
-     * used for. This parameter may be null in which case the default
-     * algorithm "DES" will be assumed.
+     * used for
      * @throws IllegalArgumentException if the name of the
      * algorithm passed is unsupported.
      */
@@ -128,6 +144,7 @@ public class KerberosKey implements SecretKey, Destroyable {
                        String algorithm) {
 
         this.principal = principal;
+        this.versionNum = 0;
         // Pass principal in for salt
         key = new KeyImpl(principal, password, algorithm);
     }
@@ -170,13 +187,18 @@ public class KerberosKey implements SecretKey, Destroyable {
      */
 
     /**
-     * Returns the standard algorithm name for this key. For
-     * example, "DES" would indicate that this key is a DES key.
-     * See Appendix A in the <a href=
-     * "../../../../../technotes/guides/security/crypto/CryptoSpec.html#AppA">
-     * Java Cryptography Architecture API Specification &amp; Reference
-     * </a>
-     * for information about standard algorithm names.
+     * Returns the standard algorithm name for this key. The algorithm names
+     * are the encryption type string defined on the IANA
+     * <a href="https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#kerberos-parameters-1">Kerberos Encryption Type Numbers</a>
+     * page.
+     * <p>
+     * This method can return the following value not defined on the IANA page:
+     * <ol>
+     *     <li>none: for etype equal to 0</li>
+     *     <li>unknown: for etype greater than 0 but unsupported by
+     *         the implementation</li>
+     *     <li>private: for etype smaller than 0</li>
+     * </ol>
      *
      * @return the name of the algorithm associated with this key.
      */

jdk/src/share/classes/javax/security/auth/kerberos/KeyImpl.java

@@ -36,7 +36,6 @@ import sun.security.krb5.PrincipalName;
 import sun.security.krb5.EncryptionKey;
 import sun.security.krb5.EncryptedData;
 import sun.security.krb5.KrbException;
-import sun.security.krb5.KrbCryptoException;
 import sun.security.util.DerValue;
 
 /**
@@ -86,8 +85,12 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
 
         try {
             PrincipalName princ = new PrincipalName(principal.getName());
-            EncryptionKey key =
-                new EncryptionKey(password, princ.getSalt(), algorithm);
+            EncryptionKey key;
+            if ("none".equalsIgnoreCase(algorithm)) {
+                key = EncryptionKey.NULL_KEY;
+            } else {
+                key = new EncryptionKey(password, princ.getSalt(), algorithm);
+            }
             this.keyBytes = key.getBytes();
             this.keyType = key.getEType();
         } catch (KrbException e) {
@@ -118,27 +121,28 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
 
         switch (eType) {
         case EncryptedData.ETYPE_DES_CBC_CRC:
+            return "des-cbc-crc";
+
         case EncryptedData.ETYPE_DES_CBC_MD5:
-            return "DES";
+            return "des-cbc-md5";
 
         case EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD:
-            return "DESede";
+            return "des3-cbc-sha1-kd";
 
         case EncryptedData.ETYPE_ARCFOUR_HMAC:
-            return "ArcFourHmac";
+            return "rc4-hmac";
 
         case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96:
-            return "AES128";
+            return "aes128-cts-hmac-sha1-96";
 
         case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96:
-            return "AES256";
+            return "aes256-cts-hmac-sha1-96";
 
         case EncryptedData.ETYPE_NULL:
-            return "NULL";
+            return "none";
 
         default:
-            throw new IllegalArgumentException(
-                "Unsupported encryption type: " + eType);
+            return eType > 0 ? "unknown" : "private";
         }
     }
 

jdk/src/share/classes/sun/security/krb5/EncryptionKey.java

@@ -271,15 +271,22 @@ public class EncryptionKey
                          String salt,
                          String algorithm) throws KrbCryptoException {
 
-        if (algorithm == null || algorithm.equalsIgnoreCase("DES")) {
+        if (algorithm == null || algorithm.equalsIgnoreCase("DES")
+                || algorithm.equalsIgnoreCase("des-cbc-md5")) {
             keyType = EncryptedData.ETYPE_DES_CBC_MD5;
-        } else if (algorithm.equalsIgnoreCase("DESede")) {
+        } else if (algorithm.equalsIgnoreCase("des-cbc-crc")) {
+            keyType = EncryptedData.ETYPE_DES_CBC_CRC;
+        } else if (algorithm.equalsIgnoreCase("DESede")
+                || algorithm.equalsIgnoreCase("des3-cbc-sha1-kd")) {
             keyType = EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD;
-        } else if (algorithm.equalsIgnoreCase("AES128")) {
+        } else if (algorithm.equalsIgnoreCase("AES128")
+                || algorithm.equalsIgnoreCase("aes128-cts-hmac-sha1-96")) {
             keyType = EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96;
-        } else if (algorithm.equalsIgnoreCase("ArcFourHmac")) {
+        } else if (algorithm.equalsIgnoreCase("ArcFourHmac")
+                || algorithm.equalsIgnoreCase("rc4-hmac")) {
             keyType = EncryptedData.ETYPE_ARCFOUR_HMAC;
-        } else if (algorithm.equalsIgnoreCase("AES256")) {
+        } else if (algorithm.equalsIgnoreCase("AES256")
+                || algorithm.equalsIgnoreCase("aes256-cts-hmac-sha1-96")) {
             keyType = EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96;
             // validate if AES256 is enabled
             if (!EType.isSupported(keyType)) {

jdk/test/javax/security/auth/kerberos/StandardNames.java

@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8035986
+ * @summary KerberosKey algorithm names are not specified
+ */
+
+import sun.security.krb5.EncryptedData;
+
+import javax.crypto.Cipher;
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+import java.util.Locale;
+
+public class StandardNames {
+    static KerberosPrincipal kp = new KerberosPrincipal("user@REALM");
+    static char[] pass = "secret".toCharArray();
+    static byte[] keyBytes = new byte[1];
+
+    public static void main(String[] args) throws Exception {
+        for (EncType e: EncType.values()) {
+            if (e == EncType.e18) {
+                if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
+                    System.out.println("Skipping aes256-cts-hmac-sha1-96");
+                    continue;
+                }
+            }
+            checkByName(e.name, e);
+            checkByName(e.name.toUpperCase(Locale.US), e);
+            for (String n: e.oldnames) {
+                checkByName(n, e);
+                if (n != null) {
+                    checkByName(n.toLowerCase(Locale.US), e);
+                }
+            }
+            checkByEType(e.etype, e.name);
+        }
+        checkByEType(100, "unknown");
+        checkByEType(-1, "private");
+
+        try {
+            System.out.println("unsupported");
+            new KerberosKey(kp, pass, "unsupported");
+            throw new Exception("unsupported");
+        } catch (IllegalArgumentException iae) {
+            // Expected
+        }
+    }
+
+    private static void checkByName(String n, EncType e) throws Exception {
+        System.out.println("CheckByName " + n);
+        KerberosKey k = new KerberosKey(kp, pass, n);
+        if (!k.getAlgorithm().equals(e.name)) throw new Exception(n);
+        if (k.getKeyType() != e.etype) throw new Exception(n);
+        if (k.getVersionNumber() != 0) throw new Exception(n);
+    }
+
+    private static void checkByEType(int i, String n) throws Exception {
+        System.out.println("CheckByInt " + i);
+        KerberosKey k = new KerberosKey(kp, keyBytes, i, 13);
+        if (!k.getAlgorithm().equals(n)) throw new Exception("" + i);
+        if (k.getKeyType() != i) throw new Exception("" + i);
+        if (k.getVersionNumber() != 13) throw new Exception("" + i);
+    }
+}
+
+enum EncType {
+    e0("none", EncryptedData.ETYPE_NULL),
+    e1("des-cbc-crc", EncryptedData.ETYPE_DES_CBC_CRC),
+    e3("des-cbc-md5", EncryptedData.ETYPE_DES_CBC_MD5, "DES", null),
+    e16("des3-cbc-sha1-kd", EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, "DESede"),
+    e17("aes128-cts-hmac-sha1-96", EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, "AES128"),
+    e18("aes256-cts-hmac-sha1-96", EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96, "AES256"),
+    e23("rc4-hmac", EncryptedData.ETYPE_ARCFOUR_HMAC, "ArcFourHmac"),
+    ;
+
+    final String name;
+    final int etype;
+    final String[] oldnames;
+
+    EncType(String name, int etype, String... oldnames) {
+        this.name = name;
+        this.etype = etype;
+        this.oldnames = oldnames;
+    }
+}