53a97cbeb3
Co-authored-by: Alexander Kulyakthin <alexander.kulyakhtin@oracle.com> Co-authored-by: Alan Bateman <alan.bateman@oracle.com> Reviewed-by: alanb, joehw, lancea
110 lines
4.0 KiB
Java
110 lines
4.0 KiB
Java
/*
|
|
* Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
/*
|
|
* @test
|
|
* @bug 8035986
|
|
* @summary KerberosKey algorithm names are not specified
|
|
* @modules java.security.jgss/sun.security.krb5
|
|
*/
|
|
|
|
import sun.security.krb5.EncryptedData;
|
|
|
|
import javax.crypto.Cipher;
|
|
import javax.security.auth.kerberos.KerberosKey;
|
|
import javax.security.auth.kerberos.KerberosPrincipal;
|
|
import java.util.Locale;
|
|
|
|
public class StandardNames {
|
|
static KerberosPrincipal kp = new KerberosPrincipal("user@REALM");
|
|
static char[] pass = "secret".toCharArray();
|
|
static byte[] keyBytes = new byte[1];
|
|
|
|
public static void main(String[] args) throws Exception {
|
|
for (EncType e: EncType.values()) {
|
|
if (e == EncType.e18) {
|
|
if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
|
|
System.out.println("Skipping aes256-cts-hmac-sha1-96");
|
|
continue;
|
|
}
|
|
}
|
|
checkByName(e.name, e);
|
|
checkByName(e.name.toUpperCase(Locale.US), e);
|
|
for (String n: e.oldnames) {
|
|
checkByName(n, e);
|
|
if (n != null) {
|
|
checkByName(n.toLowerCase(Locale.US), e);
|
|
}
|
|
}
|
|
checkByEType(e.etype, e.name);
|
|
}
|
|
checkByEType(100, "unknown");
|
|
checkByEType(-1, "private");
|
|
|
|
try {
|
|
System.out.println("unsupported");
|
|
new KerberosKey(kp, pass, "unsupported");
|
|
throw new Exception("unsupported");
|
|
} catch (IllegalArgumentException iae) {
|
|
// Expected
|
|
}
|
|
}
|
|
|
|
private static void checkByName(String n, EncType e) throws Exception {
|
|
System.out.println("CheckByName " + n);
|
|
KerberosKey k = new KerberosKey(kp, pass, n);
|
|
if (!k.getAlgorithm().equals(e.name)) throw new Exception(n);
|
|
if (k.getKeyType() != e.etype) throw new Exception(n);
|
|
if (k.getVersionNumber() != 0) throw new Exception(n);
|
|
}
|
|
|
|
private static void checkByEType(int i, String n) throws Exception {
|
|
System.out.println("CheckByInt " + i);
|
|
KerberosKey k = new KerberosKey(kp, keyBytes, i, 13);
|
|
if (!k.getAlgorithm().equals(n)) throw new Exception("" + i);
|
|
if (k.getKeyType() != i) throw new Exception("" + i);
|
|
if (k.getVersionNumber() != 13) throw new Exception("" + i);
|
|
}
|
|
}
|
|
|
|
enum EncType {
|
|
e0("none", EncryptedData.ETYPE_NULL),
|
|
e1("des-cbc-crc", EncryptedData.ETYPE_DES_CBC_CRC),
|
|
e3("des-cbc-md5", EncryptedData.ETYPE_DES_CBC_MD5, "DES", null),
|
|
e16("des3-cbc-sha1-kd", EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, "DESede"),
|
|
e17("aes128-cts-hmac-sha1-96", EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, "AES128"),
|
|
e18("aes256-cts-hmac-sha1-96", EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96, "AES256"),
|
|
e23("rc4-hmac", EncryptedData.ETYPE_ARCFOUR_HMAC, "ArcFourHmac"),
|
|
;
|
|
|
|
final String name;
|
|
final int etype;
|
|
final String[] oldnames;
|
|
|
|
EncType(String name, int etype, String... oldnames) {
|
|
this.name = name;
|
|
this.etype = etype;
|
|
this.oldnames = oldnames;
|
|
}
|
|
}
|