Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 2ceb233e 编写于 作者: W weijun
浏览文件
操作

6641312: Fix krb5 codes indentation problems 

Reviewed-by: xuelei, valeriep, wetmore
上级 2f744a76
隐藏空白更改
内联 并排
Showing with 2331 addition and 2239 deletion
src/share/classes/sun/security/krb5/KrbTgsReq.java
浏览文件 @ 2ceb233e
...@@ -75,108 +75,108 @@ public class KrbTgsReq extends KrbKdcReq { ...@@ -75,108 +75,108 @@ public class KrbTgsReq extends KrbKdcReq {
null); // EncryptionKey subSessionKey null); // EncryptionKey subSessionKey
} }
// Called by Credentials, KrbCred // Called by Credentials, KrbCred
KrbTgsReq( KrbTgsReq(
KDCOptions options, KDCOptions options,
Credentials asCreds, Credentials asCreds,
PrincipalName sname, PrincipalName sname,
KerberosTime from, KerberosTime from,
KerberosTime till, KerberosTime till,
KerberosTime rtime, KerberosTime rtime,
int[] eTypes, int[] eTypes,
HostAddresses addresses, HostAddresses addresses,
AuthorizationData authorizationData, AuthorizationData authorizationData,
Ticket[] additionalTickets, Ticket[] additionalTickets,
EncryptionKey subKey) throws KrbException, IOException { EncryptionKey subKey) throws KrbException, IOException {
princName = asCreds.client; princName = asCreds.client;
servName = sname; servName = sname;
ctime = new KerberosTime(KerberosTime.NOW); ctime = new KerberosTime(KerberosTime.NOW);
// check if they are valid arguments. The optional fields // check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions. // should be consistent with settings in KDCOptions.
if (options.get(KDCOptions.FORWARDABLE) && if (options.get(KDCOptions.FORWARDABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) { (!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.FORWARDED)) { if (options.get(KDCOptions.FORWARDED)) {
if (!(asCreds.flags.get(KDCOptions.FORWARDABLE))) if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.PROXIABLE) && if (options.get(KDCOptions.PROXIABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) { (!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.PROXY)) { if (options.get(KDCOptions.PROXY)) {
if (!(asCreds.flags.get(KDCOptions.PROXIABLE))) if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.ALLOW_POSTDATE) && if (options.get(KDCOptions.ALLOW_POSTDATE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) { (!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.RENEWABLE) && if (options.get(KDCOptions.RENEWABLE) &&
(!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) { (!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS); throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} }
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
}
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
if (options.get(KDCOptions.POSTDATED)) {
if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
if (additionalTickets == null)
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket = additionalTickets[0];
} else {
if (additionalTickets != null)
additionalTickets = null;
} }
tgsReqMessg = createRequest(
options,
asCreds.ticket,
asCreds.key,
ctime,
princName,
princName.getRealm(),
servName,
from,
till,
rtime,
eTypes,
addresses,
authorizationData,
additionalTickets,
subKey);
obuf = tgsReqMessg.asn1Encode();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if (asCreds.flags.get(KDCOptions.FORWARDED))
options.set(KDCOptions.FORWARDED, true);
}
/** /**
* Sends a TGS request to the realm of the target. * Sends a TGS request to the realm of the target.
* @throws KrbException * @throws KrbException
......
src/share/classes/sun/security/krb5/internal/APRep.java
浏览文件 @ 2ceb233e
...@@ -54,81 +54,88 @@ import java.math.BigInteger; ...@@ -54,81 +54,88 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class APRep { public class APRep {
public int pvno;
public int msgType;
public EncryptedData encPart;
public APRep(EncryptedData new_encPart) { public int pvno;
pvno = Krb5.PVNO; public int msgType;
msgType = Krb5.KRB_AP_REP; public EncryptedData encPart;
encPart = new_encPart;
}
public APRep(byte[] data) throws Asn1Exception, public APRep(EncryptedData new_encPart) {
KrbApErrException, IOException { pvno = Krb5.PVNO;
init(new DerValue(data)); msgType = Krb5.KRB_AP_REP;
} encPart = new_encPart;
}
public APRep(byte[] data) throws Asn1Exception,
KrbApErrException, IOException {
init(new DerValue(data));
}
public APRep(DerValue encoding) throws Asn1Exception, public APRep(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException { KrbApErrException, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an APRep object. * Initializes an APRep object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data * @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value. * stream does not match the pre-defined value.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
KrbApErrException, IOException { KrbApErrException, IOException {
if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP) if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
DerValue subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00) DerValue der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
DerValue subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue(); pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01) subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
msgType = subDer.getData().getBigInteger().intValue(); }
if (msgType != Krb5.KRB_AP_REP) msgType = subDer.getData().getBigInteger().intValue();
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE); if (msgType != Krb5.KRB_AP_REP) {
encPart = EncryptedData.parse(der.getData(), (byte)0x02, false); throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
if (der.getData().available() > 0) }
encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
}
/** /**
* Encodes an APRep object. * Encodes an APRep object.
* @return byte array of encoded APRep object. * @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType)); temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream aprep = new DerOutputStream(); DerOutputStream aprep = new DerOutputStream();
aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp); aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
return aprep.toByteArray(); return aprep.toByteArray();
} }
} }
src/share/classes/sun/security/krb5/internal/APReq.java
浏览文件 @ 2ceb233e
...@@ -54,94 +54,98 @@ import java.math.BigInteger; ...@@ -54,94 +54,98 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class APReq { public class APReq {
public int pvno;
public int msgType;
public APOptions apOptions;
public Ticket ticket;
public EncryptedData authenticator;
public APReq( public int pvno;
APOptions new_apOptions, public int msgType;
Ticket new_ticket, public APOptions apOptions;
EncryptedData new_authenticator public Ticket ticket;
) { public EncryptedData authenticator;
pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ; public APReq(
apOptions = new_apOptions; APOptions new_apOptions,
ticket = new_ticket; Ticket new_ticket,
authenticator = new_authenticator; EncryptedData new_authenticator) {
} pvno = Krb5.PVNO;
msgType = Krb5.KRB_AP_REQ;
apOptions = new_apOptions;
ticket = new_ticket;
authenticator = new_authenticator;
}
public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException { public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException { public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an APReq object. * Initializes an APReq object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value. * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbApErrException, RealmException { IOException, KrbApErrException, RealmException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ) if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); }
if (der.getTag() != DerValue.tag_Sequence) der = encoding.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (der.getTag() != DerValue.tag_Sequence) {
subDer = der.getData().getDerValue(); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00) }
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
pvno = subDer.getData().getBigInteger().intValue(); pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
ticket = Ticket.parse(der.getData(), (byte)0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
subDer = der.getData().getDerValue();
/** if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
* Encodes an APReq object. throw new Asn1Exception(Krb5.ASN1_BAD_ID);
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream apreq = new DerOutputStream();
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp);
return apreq.toByteArray();
} }
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_AP_REQ) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes an APReq object.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
DerOutputStream apreq = new DerOutputStream();
apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
return apreq.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/ASRep.java
浏览文件 @ 2ceb233e
...@@ -40,30 +40,28 @@ import java.io.IOException; ...@@ -40,30 +40,28 @@ import java.io.IOException;
public class ASRep extends KDCRep { public class ASRep extends KDCRep {
public ASRep( public ASRep(
PAData[] new_pAData, PAData[] new_pAData,
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Ticket new_ticket, Ticket new_ticket,
EncryptedData new_encPart EncryptedData new_encPart) throws IOException {
) throws IOException { super(new_pAData, new_crealm, new_cname, new_ticket,
super(new_pAData, new_crealm, new_cname, new_ticket, new_encPart, Krb5.KRB_AS_REP);
new_encPart, Krb5.KRB_AS_REP); }
}
public ASRep(byte[] data) throws Asn1Exception, public ASRep(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public ASRep(DerValue encoding) throws Asn1Exception, public ASRep(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException {
init(encoding, Krb5.KRB_AS_REP);
}
} }
src/share/classes/sun/security/krb5/internal/ASReq.java
浏览文件 @ 2ceb233e
...@@ -36,20 +36,19 @@ import java.io.IOException; ...@@ -36,20 +36,19 @@ import java.io.IOException;
public class ASReq extends KDCReq { public class ASReq extends KDCReq {
public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException { public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ); super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
} }
public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException { public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException { public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
super.init(encoding, Krb5.KRB_AS_REQ);
}
} }
src/share/classes/sun/security/krb5/internal/Authenticator.java
浏览文件 @ 2ceb233e
...@@ -34,6 +34,7 @@ import sun.security.util.*; ...@@ -34,6 +34,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 Authenticator type. * Implements the ASN.1 Authenticator type.
* *
...@@ -58,6 +59,7 @@ import java.math.BigInteger; ...@@ -58,6 +59,7 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class Authenticator { public class Authenticator {
public int authenticator_vno; public int authenticator_vno;
public Realm crealm; public Realm crealm;
public PrincipalName cname; public PrincipalName cname;
...@@ -68,137 +70,145 @@ public class Authenticator { ...@@ -68,137 +70,145 @@ public class Authenticator {
Integer seqNumber; //optional Integer seqNumber; //optional
public AuthorizationData authorizationData; //optional public AuthorizationData authorizationData; //optional
public Authenticator ( public Authenticator(
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Checksum new_cksum, Checksum new_cksum,
int new_cusec, int new_cusec,
KerberosTime new_ctime, KerberosTime new_ctime,
EncryptionKey new_subKey, EncryptionKey new_subKey,
Integer new_seqNumber, Integer new_seqNumber,
AuthorizationData new_authorizationData AuthorizationData new_authorizationData) {
) { authenticator_vno = Krb5.AUTHNETICATOR_VNO;
authenticator_vno = Krb5.AUTHNETICATOR_VNO; crealm = new_crealm;
crealm = new_crealm; cname = new_cname;
cname = new_cname; cksum = new_cksum;
cksum = new_cksum; cusec = new_cusec;
cusec = new_cusec; ctime = new_ctime;
ctime = new_ctime; subKey = new_subKey;
subKey = new_subKey; seqNumber = new_seqNumber;
seqNumber = new_seqNumber; authorizationData = new_authorizationData;
authorizationData = new_authorizationData; }
}
public Authenticator(byte[] data) public Authenticator(byte[] data)
throws Asn1Exception, IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public Authenticator(DerValue encoding) public Authenticator(DerValue encoding)
throws Asn1Exception,IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an Authenticator object. * Initializes an Authenticator object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data * @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value. * stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) private void init(DerValue encoding)
throws Asn1Exception, IOException, KrbApErrException, RealmException { throws Asn1Exception, IOException, KrbApErrException, RealmException {
DerValue der, subDer; DerValue der, subDer;
//may not be the correct error code for a tag //may not be the correct error code for a tag
//mismatch on an encrypted structure //mismatch on an encrypted structure
if (((encoding.getTag() & (byte)0x1F) != (byte)0x02) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & (byte)0x1F) != (byte)0x00) der = encoding.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
authenticator_vno = subDer.getData().getBigInteger().intValue(); authenticator_vno = subDer.getData().getBigInteger().intValue();
if (authenticator_vno != 5) if (authenticator_vno != 5) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
crealm = Realm.parse(der.getData(), (byte)0x01, false); }
cname = PrincipalName.parse(der.getData(), (byte)0x02, false); crealm = Realm.parse(der.getData(), (byte) 0x01, false);
cksum = Checksum.parse(der.getData(), (byte)0x03, true); cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
} else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == 0x04) { if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
cusec = subDer.getData().getBigInteger().intValue(); seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
ctime = KerberosTime.parse(der.getData(), (byte)0x05, false);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true);
}
else {
subKey = null;
seqNumber = null;
authorizationData = null;
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
} }
else { }
seqNumber = null; } else {
authorizationData = null; seqNumber = null;
} authorizationData = null;
if (der.getData().available() > 0) { }
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true); if (der.getData().available() > 0) {
} authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
else authorizationData = null; } else {
if (der.getData().available() > 0) authorizationData = null;
throw new Asn1Exception(Krb5.ASN1_BAD_ID); }
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
}
/** /**
* Encodes an Authenticator object. * Encodes an Authenticator object.
* @return byte array of encoded Authenticator object. * @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(authenticator_vno)); temp.putInteger(BigInteger.valueOf(authenticator_vno));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
if (cksum != null) if (cksum != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
temp = new DerOutputStream(); }
temp.putInteger(BigInteger.valueOf(cusec)); temp = new DerOutputStream();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray())); temp.putInteger(BigInteger.valueOf(cusec));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
if (subKey != null) v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode())); if (subKey != null) {
if (seqNumber != null) { v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
}
if (authorizationData != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
return out.toByteArray();
} }
if (seqNumber != null) {
temp = new DerOutputStream();
// encode as an unsigned integer (UInt32)
temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
}
if (authorizationData != null) {
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
}
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
return out.toByteArray();
}
public final Checksum getChecksum() { public final Checksum getChecksum() {
return cksum; return cksum;
...@@ -211,5 +221,4 @@ public class Authenticator { ...@@ -211,5 +221,4 @@ public class Authenticator {
public final EncryptionKey getSubKey() { public final EncryptionKey getSubKey() {
return subKey; return subKey;
} }
} }
src/share/classes/sun/security/krb5/internal/AuthorizationData.java
浏览文件 @ 2ceb233e
...@@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream; ...@@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
* } * }
*/ */
public class AuthorizationData implements Cloneable { public class AuthorizationData implements Cloneable {
private AuthorizationDataEntry[] entry = null;
private AuthorizationData() { private AuthorizationDataEntry[] entry = null;
}
private AuthorizationData() {
}
public AuthorizationData( public AuthorizationData(AuthorizationDataEntry[] new_entries)
AuthorizationDataEntry[] new_entries throws IOException {
) throws IOException { if (new_entries != null) {
if (new_entries != null) { entry = new AuthorizationDataEntry[new_entries.length];
entry = new AuthorizationDataEntry[new_entries.length]; for (int i = 0; i < new_entries.length; i++) {
for (int i = 0; i < new_entries.length; i++) { if (new_entries[i] == null) {
if (new_entries[i] == null) { throw new IOException("Cannot create an AuthorizationData");
throw new IOException("Cannot create an AuthorizationData"); } else {
} else { entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
}
}
} }
}
} }
}
public AuthorizationData( public AuthorizationData(AuthorizationDataEntry new_entry) {
AuthorizationDataEntry new_entry entry = new AuthorizationDataEntry[1];
) { entry[0] = new_entry;
entry = new AuthorizationDataEntry[1]; }
entry[0] = new_entry;
}
public Object clone() { public Object clone() {
AuthorizationData new_authorizationData = AuthorizationData new_authorizationData =
new AuthorizationData(); new AuthorizationData();
if (entry != null) { if (entry != null) {
new_authorizationData.entry = new_authorizationData.entry =
new AuthorizationDataEntry[entry.length]; new AuthorizationDataEntry[entry.length];
for (int i = 0; i < entry.length; i++) for (int i = 0; i < entry.length; i++) {
new_authorizationData.entry[i] = new_authorizationData.entry[i] =
(AuthorizationDataEntry)entry[i].clone(); (AuthorizationDataEntry) entry[i].clone();
} }
return new_authorizationData;
} }
return new_authorizationData;
}
/** /**
* Constructs a new <code>AuthorizationData,</code> instance. * Constructs a new <code>AuthorizationData,</code> instance.
* @param der a single DER-encoded value. * @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public AuthorizationData(DerValue der) throws Asn1Exception, IOException { public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
Vector<AuthorizationDataEntry> v = Vector<AuthorizationDataEntry> v =
new Vector<AuthorizationDataEntry> (); new Vector<AuthorizationDataEntry>();
if (der.getTag() != DerValue.tag_Sequence) { if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
while (der.getData().available() > 0) { while (der.getData().available() > 0) {
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue())); v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
} }
if (v.size() > 0) {
entry = new AuthorizationDataEntry[v.size()];
v.copyInto(entry);
}
}
/** /**
* Encodes an <code>AuthorizationData</code> object. * Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object. * @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerValue der[] = new DerValue[entry.length]; DerValue der[] = new DerValue[entry.length];
for (int i = 0; i < entry.length; i++) { for (int i = 0; i < entry.length; i++) {
der[i] = new DerValue(entry[i].asn1Encode()); der[i] = new DerValue(entry[i].asn1Encode());
}
bytes.putSequence(der);
return bytes.toByteArray();
} }
bytes.putSequence(der);
return bytes.toByteArray();
}
/** /**
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream. * Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream.
...@@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable { ...@@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable {
* @return an instance of AuthorizationData. * @return an instance of AuthorizationData.
* *
*/ */
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{ public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) { if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
return null; return null;
} }
DerValue der = data.getDerValue(); DerValue der = data.getDerValue();
if (explicitTag != (der.getTag() & (byte)0x1F)) { if (explicitTag != (der.getTag() & (byte) 0x1F)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} } else {
else { DerValue subDer = der.getData().getDerValue();
DerValue subDer = der.getData().getDerValue(); return new AuthorizationData(subDer);
return new AuthorizationData(subDer);
}
} }
}
/** /**
* Writes <code>AuthorizationData</code> data fields to a output stream. * Writes <code>AuthorizationData</code> data fields to a output stream.
* *
* @param cos a <code>CCacheOutputStream</code> to be written to. * @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs. * @exception IOException if an I/O exception occurs.
*/ */
public void writeAuth(CCacheOutputStream cos) throws IOException { public void writeAuth(CCacheOutputStream cos) throws IOException {
for (int i = 0; i < entry.length; i++) { for (int i = 0; i < entry.length; i++) {
entry[i].writeEntry(cos); entry[i].writeEntry(cos);
}
} }
}
public String toString() { public String toString() {
String retVal = "AuthorizationData:\n"; String retVal = "AuthorizationData:\n";
......
src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
浏览文件 @ 2ceb233e
...@@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception; ...@@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception;
import sun.security.krb5.internal.ccache.CCacheOutputStream; import sun.security.krb5.internal.ccache.CCacheOutputStream;
public class AuthorizationDataEntry implements Cloneable { public class AuthorizationDataEntry implements Cloneable {
public int adType;
public byte[] adData;
private AuthorizationDataEntry() { public int adType;
} public byte[] adData;
public AuthorizationDataEntry( private AuthorizationDataEntry() {
int new_adType, }
byte[] new_adData
) { public AuthorizationDataEntry(
adType = new_adType; int new_adType,
adData = new_adData; byte[] new_adData) {
} adType = new_adType;
adData = new_adData;
}
public Object clone() { public Object clone() {
AuthorizationDataEntry new_authorizationDataEntry = AuthorizationDataEntry new_authorizationDataEntry =
new AuthorizationDataEntry(); new AuthorizationDataEntry();
new_authorizationDataEntry.adType = adType; new_authorizationDataEntry.adType = adType;
if (adData != null) { if (adData != null) {
new_authorizationDataEntry.adData = new byte[adData.length]; new_authorizationDataEntry.adData = new byte[adData.length];
System.arraycopy(adData, 0, System.arraycopy(adData, 0,
new_authorizationDataEntry.adData, 0, adData.length); new_authorizationDataEntry.adData, 0, adData.length);
}
return new_authorizationDataEntry;
} }
return new_authorizationDataEntry;
}
/** /**
* Constructs an instance of AuthorizationDataEntry. * Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
*/ */
public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException { public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
DerValue der; DerValue der;
if (encoding.getTag() != DerValue.tag_Sequence) { if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
adType = der.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if ((der.getTag() & (byte)0x1F) == (byte)0x01) { if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
adData = der.getData().getOctetString(); adType = der.getData().getBigInteger().intValue();
} } else {
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (encoding.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
adData = der.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (encoding.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an AuthorizationDataEntry object. * Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object. * @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
temp.putInteger(adType); temp.putInteger(adType);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putOctetString(adData); temp.putOctetString(adData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray(); return temp.toByteArray();
} }
/** /**
* Writes the entry's data fields in FCC format to an output stream. * Writes the entry's data fields in FCC format to an output stream.
* *
* @param cos a <code>CCacheOutputStream</code>. * @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs. * @exception IOException if an I/O exception occurs.
*/ */
public void writeEntry(CCacheOutputStream cos) throws IOException { public void writeEntry(CCacheOutputStream cos) throws IOException {
cos.write16(adType); cos.write16(adType);
cos.write32(adData.length); cos.write32(adData.length);
cos.write(adData, 0, adData.length); cos.write(adData, 0, adData.length);
} }
public String toString() { public String toString() {
return ("adType=" + adType + " adData.length=" + adData.length); return ("adType=" + adType + " adData.length=" + adData.length);
} }
} }
src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
浏览文件 @ 2ceb233e
...@@ -55,102 +55,111 @@ import java.math.BigInteger; ...@@ -55,102 +55,111 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncAPRepPart { public class EncAPRepPart {
public KerberosTime ctime;
public int cusec; public KerberosTime ctime;
public int cusec;
EncryptionKey subKey; //optional EncryptionKey subKey; //optional
Integer seqNumber; //optional Integer seqNumber; //optional
public EncAPRepPart( public EncAPRepPart(
KerberosTime new_ctime, KerberosTime new_ctime,
int new_cusec, int new_cusec,
EncryptionKey new_subKey, EncryptionKey new_subKey,
Integer new_seqNumber Integer new_seqNumber) {
) { ctime = new_ctime;
ctime = new_ctime; cusec = new_cusec;
cusec = new_cusec; subKey = new_subKey;
subKey = new_subKey; seqNumber = new_seqNumber;
seqNumber = new_seqNumber; }
}
public EncAPRepPart(byte[] data) public EncAPRepPart(byte[] data)
throws Asn1Exception, IOException { throws Asn1Exception, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncAPRepPart(DerValue encoding) public EncAPRepPart(DerValue encoding)
throws Asn1Exception, IOException { throws Asn1Exception, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an EncaPRepPart object. * Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
private void init(DerValue encoding) throws Asn1Exception, IOException { private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
cusec = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
cusec = subDer.getData().getBigInteger().intValue();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
}
else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
if (der.getData().available() > 0) {
subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
} else {
subKey = null;
seqNumber = null;
}
if (der.getData().available() > 0) {
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) != 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncAPRepPart object. * Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object. * @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException{ public byte[] asn1Encode() throws Asn1Exception, IOException {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
temp.putInteger(BigInteger.valueOf(cusec)); true, (byte) 0x00), ctime.asn1Encode()));
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray())); temp.putInteger(BigInteger.valueOf(cusec));
if (subKey != null) v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode())); true, (byte) 0x01), temp.toByteArray()));
if (seqNumber != null) { if (subKey != null) {
temp = new DerOutputStream(); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
// encode as an unsigned integer (UInt32) true, (byte) 0x02), subKey.asn1Encode()));
temp.putInteger(BigInteger.valueOf(seqNumber.longValue())); }
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray())); if (seqNumber != null) {
} temp = new DerOutputStream();
DerValue der[] = new DerValue[v.size()]; // encode as an unsigned integer (UInt32)
v.copyInto(der); temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
temp = new DerOutputStream(); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
temp.putSequence(der); true, (byte) 0x03), temp.toByteArray()));
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
return out.toByteArray();
} }
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
temp = new DerOutputStream();
temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1B), temp);
return out.toByteArray();
}
public final EncryptionKey getSubKey() { public final EncryptionKey getSubKey() {
return subKey; return subKey;
...@@ -159,5 +168,4 @@ public class EncAPRepPart { ...@@ -159,5 +168,4 @@ public class EncAPRepPart {
public final Integer getSeqNumber() { public final Integer getSeqNumber() {
return seqNumber; return seqNumber;
} }
} }
src/share/classes/sun/security/krb5/internal/EncASRepPart.java
浏览文件 @ 2ceb233e
...@@ -36,57 +36,55 @@ import java.io.IOException; ...@@ -36,57 +36,55 @@ import java.io.IOException;
public class EncASRepPart extends EncKDCRepPart { public class EncASRepPart extends EncKDCRepPart {
public EncASRepPart( public EncASRepPart(
EncryptionKey new_key, EncryptionKey new_key,
LastReq new_lastReq, LastReq new_lastReq,
int new_nonce, int new_nonce,
KerberosTime new_keyExpiration, KerberosTime new_keyExpiration,
TicketFlags new_flags, TicketFlags new_flags,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
Realm new_srealm, Realm new_srealm,
PrincipalName new_sname, PrincipalName new_sname,
HostAddresses new_caddr HostAddresses new_caddr) {
) { super(
super( new_key,
new_key, new_lastReq,
new_lastReq, new_nonce,
new_nonce, new_keyExpiration,
new_keyExpiration, new_flags,
new_flags, new_authtime,
new_authtime, new_starttime,
new_starttime, new_endtime,
new_endtime, new_renewTill,
new_renewTill, new_srealm,
new_srealm, new_sname,
new_sname, new_caddr,
new_caddr, Krb5.KRB_ENC_AS_REP_PART
Krb5.KRB_ENC_AS_REP_PART
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
); );
} //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
}
public EncASRepPart(byte[] data) throws Asn1Exception, public EncASRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncASRepPart(DerValue encoding) throws Asn1Exception, public EncASRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding, Krb5.KRB_ENC_AS_REP_PART); init(encoding, Krb5.KRB_ENC_AS_REP_PART);
} }
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
}
} }
src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
浏览文件 @ 2ceb233e
...@@ -36,6 +36,7 @@ import sun.security.util.*; ...@@ -36,6 +36,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 EncKDCRepPart type. * Implements the ASN.1 EncKDCRepPart type.
* *
...@@ -63,143 +64,163 @@ import java.math.BigInteger; ...@@ -63,143 +64,163 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKDCRepPart { public class EncKDCRepPart {
public EncryptionKey key;
public LastReq lastReq;
public int nonce;
public KerberosTime keyExpiration; //optional
public TicketFlags flags;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public Realm srealm;
public PrincipalName sname;
public HostAddresses caddr; //optional
public int msgType; //not included in sequence
public EncKDCRepPart( public EncryptionKey key;
EncryptionKey new_key, public LastReq lastReq;
LastReq new_lastReq, public int nonce;
int new_nonce, public KerberosTime keyExpiration; //optional
KerberosTime new_keyExpiration, public TicketFlags flags;
TicketFlags new_flags, public KerberosTime authtime;
KerberosTime new_authtime, public KerberosTime starttime; //optional
KerberosTime new_starttime, public KerberosTime endtime;
KerberosTime new_endtime, public KerberosTime renewTill; //optional
KerberosTime new_renewTill, public Realm srealm;
Realm new_srealm, public PrincipalName sname;
PrincipalName new_sname, public HostAddresses caddr; //optional
HostAddresses new_caddr, public int msgType; //not included in sequence
int new_msgType
) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncKDCRepPart() { public EncKDCRepPart(
} EncryptionKey new_key,
LastReq new_lastReq,
int new_nonce,
KerberosTime new_keyExpiration,
TicketFlags new_flags,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
Realm new_srealm,
PrincipalName new_sname,
HostAddresses new_caddr,
int new_msgType) {
key = new_key;
lastReq = new_lastReq;
nonce = new_nonce;
keyExpiration = new_keyExpiration;
flags = new_flags;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
srealm = new_srealm;
sname = new_sname;
caddr = new_caddr;
msgType = new_msgType;
}
public EncKDCRepPart(byte[] data, int rep_type) public EncKDCRepPart() {
throws Asn1Exception, IOException, RealmException{ }
init(new DerValue(data), rep_type);
}
public EncKDCRepPart(DerValue encoding, int rep_type) public EncKDCRepPart(byte[] data, int rep_type)
throws Asn1Exception, IOException, RealmException throws Asn1Exception, IOException, RealmException {
{ init(new DerValue(data), rep_type);
init(encoding, rep_type); }
}
public EncKDCRepPart(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException {
init(encoding, rep_type);
}
/** /**
* Initializes an EncKDCRepPart object. * Initializes an EncKDCRepPart object.
* *
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @param rep_type type of the encrypted reply message. * @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while decoding an Realm object. * @exception RealmException if an error occurs while decoding an Realm object.
*/ */
protected void init(DerValue encoding, int rep_type) protected void init(DerValue encoding, int rep_type)
throws Asn1Exception, IOException, RealmException throws Asn1Exception, IOException, RealmException {
{ DerValue der, subDer;
DerValue der, subDer; //implementations return the incorrect tag value, so
//implementations return the incorrect tag value, so //we don't use the above line; instead we use the following
//we don't use the above line; instead we use the following msgType = (encoding.getTag() & (byte) 0x1F);
msgType = (encoding.getTag() & (byte)0x1F);
if (msgType != Krb5.KRB_ENC_AS_REP_PART && if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
msgType != Krb5.KRB_ENC_TGS_REP_PART) msgType != Krb5.KRB_ENC_TGS_REP_PART) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); }
if (der.getTag() != DerValue.tag_Sequence) key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
nonce = subDer.getData().getBigInteger().intValue();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
srealm = Realm.parse(der.getData(), (byte) 0x09, false);
sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
if (der.getData().available() > 0) {
caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
nonce = subDer.getData().getBigInteger().intValue();
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
srealm = Realm.parse(der.getData(), (byte)0x09, false);
sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
if (der.getData().available() > 0)
caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
}
/** /**
* Encodes an EncKDCRepPart object. * Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message. * @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object. * @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode(int rep_type) throws Asn1Exception, public byte[] asn1Encode(int rep_type) throws Asn1Exception,
IOException { IOException {
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode()); true, (byte) 0x00), key.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce)); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp); true, (byte) 0x01), lastReq.asn1Encode());
temp.putInteger(BigInteger.valueOf(nonce));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (keyExpiration != null) if (keyExpiration != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode()); true, (byte) 0x03), keyExpiration.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
if (starttime != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
if (renewTill != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
if (caddr != null)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
return bytes.toByteArray();
} }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), starttime.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x07), endtime.asn1Encode());
if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x08), renewTill.asn1Encode());
}
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), srealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), sname.asn1Encode());
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0B), caddr.asn1Encode());
}
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), temp);
return bytes.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
浏览文件 @ 2ceb233e
...@@ -36,6 +36,7 @@ import sun.security.krb5.RealmException; ...@@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 EncKrbCredPart type. * Implements the ASN.1 EncKrbCredPart type.
* *
...@@ -57,148 +58,158 @@ import java.math.BigInteger; ...@@ -57,148 +58,158 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKrbCredPart { public class EncKrbCredPart {
public KrbCredInfo[] ticketInfo = null;
public KerberosTime timeStamp; //optional
private Integer nonce; //optional public KrbCredInfo[] ticketInfo = null;
private Integer usec; //optional public KerberosTime timeStamp; //optional
private HostAddress sAddress; //optional private Integer nonce; //optional
private HostAddresses rAddress; //optional private Integer usec; //optional
private HostAddress sAddress; //optional
private HostAddresses rAddress; //optional
public EncKrbCredPart( public EncKrbCredPart(
KrbCredInfo[] new_ticketInfo, KrbCredInfo[] new_ticketInfo,
KerberosTime new_timeStamp, KerberosTime new_timeStamp,
Integer new_usec, Integer new_usec,
Integer new_nonce, Integer new_nonce,
HostAddress new_sAddress, HostAddress new_sAddress,
HostAddresses new_rAddress HostAddresses new_rAddress) throws IOException {
) throws IOException { if (new_ticketInfo != null) {
if (new_ticketInfo != null) { ticketInfo = new KrbCredInfo[new_ticketInfo.length];
ticketInfo = new KrbCredInfo[new_ticketInfo.length]; for (int i = 0; i < new_ticketInfo.length; i++) {
for (int i = 0; i < new_ticketInfo.length; i++) { if (new_ticketInfo[i] == null) {
if (new_ticketInfo[i] == null) { throw new IOException("Cannot create a EncKrbCredPart");
throw new IOException("Cannot create a EncKrbCredPart"); } else {
} else { ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
}
}
} }
timeStamp = new_timeStamp; }
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
} }
timeStamp = new_timeStamp;
usec = new_usec;
nonce = new_nonce;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbCredPart(byte[] data) throws Asn1Exception, public EncKrbCredPart(byte[] data) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncKrbCredPart(DerValue encoding) throws Asn1Exception, public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an EncKrbCredPart object. * Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, RealmException { IOException, RealmException {
DerValue der, subDer; DerValue der, subDer;
//may not be the correct error code for a tag //may not be the correct error code for a tag
//mismatch on an encrypted structure //mismatch on an encrypted structure
nonce = null; nonce = null;
timeStamp = null; timeStamp = null;
usec= null; usec = null;
sAddress = null; sAddress = null;
rAddress = null; rAddress = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
DerValue derValues[] = subDer.getData().getSequence(1);
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) { nonce = new Integer(subDer.getData().getBigInteger().intValue());
DerValue derValues[] = subDer.getData().getSequence(1); }
ticketInfo = new KrbCredInfo[derValues.length]; }
for (int i = 0; i < derValues.length; i++) { if (der.getData().available() > 0) {
ticketInfo[i] = new KrbCredInfo(derValues[i]); timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
} }
} if (der.getData().available() > 0) {
else if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); subDer = der.getData().getDerValue();
if (der.getData().available() > 0) { usec = new Integer(subDer.getData().getBigInteger().intValue());
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) { }
subDer = der.getData().getDerValue(); }
nonce = new Integer(subDer.getData().getBigInteger().intValue()); if (der.getData().available() > 0) {
} sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
} }
if (der.getData().available() >0) { if (der.getData().available() > 0) {
timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true); rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
} }
if (der.getData().available() >0) { if (der.getData().available() > 0) {
if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) { throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() >0) {
sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
}
if (der.getData().available() >0) {
rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() >0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
}
/** /**
* Encodes an EncKrbCredPart object. * Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object. * @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* *
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException{ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerValue[] tickets = new DerValue[ticketInfo.length]; DerValue[] tickets = new DerValue[ticketInfo.length];
for (int i = 0; i < ticketInfo.length; i++) for (int i = 0; i < ticketInfo.length; i++) {
tickets[i] = new DerValue(ticketInfo[i].asn1Encode()); tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
temp.putSequence(tickets); }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); temp.putSequence(tickets);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x00), temp);
if (nonce != null) { if (nonce != null) {
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(nonce.intValue())); temp.putInteger(BigInteger.valueOf(nonce.intValue()));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x01), temp);
}
if (timeStamp != null) { if (timeStamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x02), timeStamp.asn1Encode());
if (usec != null) { }
temp = new DerOutputStream(); if (usec != null) {
temp.putInteger(BigInteger.valueOf(usec.intValue())); temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp); temp.putInteger(BigInteger.valueOf(usec.intValue()));
} bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
if (sAddress != null) { true, (byte) 0x03), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode()); }
} if (sAddress != null) {
if (rAddress != null) { bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode()); true, (byte) 0x04), sAddress.asn1Encode());
} }
temp = new DerOutputStream(); if (rAddress != null) {
temp.write(DerValue.tag_Sequence, bytes); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes = new DerOutputStream(); true, (byte) 0x05), rAddress.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
return bytes.toByteArray();
} }
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x1D), temp);
return bytes.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
浏览文件 @ 2ceb233e
...@@ -55,114 +55,119 @@ import java.math.BigInteger; ...@@ -55,114 +55,119 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncKrbPrivPart { public class EncKrbPrivPart {
public byte[] userData = null;
public KerberosTime timestamp; //optional
public Integer usec; //optional
public Integer seqNumber; //optional
public HostAddress sAddress; //optional
public HostAddress rAddress; //optional
public EncKrbPrivPart( public byte[] userData = null;
byte[] new_userData, public KerberosTime timestamp; //optional
KerberosTime new_timestamp, public Integer usec; //optional
Integer new_usec, public Integer seqNumber; //optional
Integer new_seqNumber, public HostAddress sAddress; //optional
HostAddress new_sAddress, public HostAddress rAddress; //optional
HostAddress new_rAddress
) {
if (new_userData != null) {
userData = new_userData.clone();
}
timestamp = new_timestamp;
usec = new_usec;
seqNumber = new_seqNumber;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException { public EncKrbPrivPart(
init(new DerValue(data)); byte[] new_userData,
KerberosTime new_timestamp,
Integer new_usec,
Integer new_seqNumber,
HostAddress new_sAddress,
HostAddress new_rAddress) {
if (new_userData != null) {
userData = new_userData.clone();
} }
timestamp = new_timestamp;
usec = new_usec;
seqNumber = new_seqNumber;
sAddress = new_sAddress;
rAddress = new_rAddress;
}
public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException { public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
init(encoding); init(new DerValue(data));
} }
public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
init(encoding);
}
/** /**
* Initializes an EncKrbPrivPart object. * Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
private void init(DerValue encoding) throws Asn1Exception, IOException { private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer; DerValue der, subDer;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); }
if (der.getTag() != DerValue.tag_Sequence) der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
userData = subDer.getData().getOctetString();
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
userData = subDer.getData().getOctetString();
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
else usec = null;
if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
else seqNumber = null;
sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
}
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
} else {
usec = null;
}
if ((der.getData().peekByte() & 0x1F) == 0x03) {
subDer = der.getData().getDerValue();
seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
} else {
seqNumber = null;
}
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
if (der.getData().available() > 0) {
rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an EncKrbPrivPart object. * Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object. * @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
temp.putOctetString(userData); temp.putOctetString(userData);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
if (timestamp != null) if (timestamp != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
if (usec != null) { }
temp = new DerOutputStream(); if (usec != null) {
temp.putInteger(BigInteger.valueOf(usec.intValue())); temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp); temp.putInteger(BigInteger.valueOf(usec.intValue()));
} bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
if (seqNumber != null) { }
temp = new DerOutputStream(); if (seqNumber != null) {
// encode as an unsigned integer (UInt32) temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(seqNumber.longValue())); // encode as an unsigned integer (UInt32)
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp); temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
} bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode()); }
if (rAddress != null) { bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode()); if (rAddress != null) {
} bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
return bytes.toByteArray();
} }
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
return bytes.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
浏览文件 @ 2ceb233e
...@@ -35,55 +35,52 @@ import java.io.IOException; ...@@ -35,55 +35,52 @@ import java.io.IOException;
public class EncTGSRepPart extends EncKDCRepPart { public class EncTGSRepPart extends EncKDCRepPart {
public EncTGSRepPart( public EncTGSRepPart(
EncryptionKey new_key, EncryptionKey new_key,
LastReq new_lastReq, LastReq new_lastReq,
int new_nonce, int new_nonce,
KerberosTime new_keyExpiration, KerberosTime new_keyExpiration,
TicketFlags new_flags, TicketFlags new_flags,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
Realm new_srealm, Realm new_srealm,
PrincipalName new_sname, PrincipalName new_sname,
HostAddresses new_caddr HostAddresses new_caddr) {
) { super(
super( new_key,
new_key, new_lastReq,
new_lastReq, new_nonce,
new_nonce, new_keyExpiration,
new_keyExpiration, new_flags,
new_flags, new_authtime,
new_authtime, new_starttime,
new_starttime, new_endtime,
new_endtime, new_renewTill,
new_renewTill, new_srealm,
new_srealm, new_sname,
new_sname, new_caddr,
new_caddr, Krb5.KRB_ENC_TGS_REP_PART);
Krb5.KRB_ENC_TGS_REP_PART }
);
}
public EncTGSRepPart(byte[] data) throws Asn1Exception, public EncTGSRepPart(byte[] data) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data)); init(new DerValue(data));
} }
public EncTGSRepPart(DerValue encoding) throws Asn1Exception, public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding); init(encoding);
} }
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(encoding, Krb5.KRB_ENC_TGS_REP_PART); init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
} }
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
public byte[] asn1Encode() throws Asn1Exception,
IOException {
return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
}
} }
src/share/classes/sun/security/krb5/internal/EncTicketPart.java
浏览文件 @ 2ceb233e
...@@ -62,69 +62,68 @@ import java.io.*; ...@@ -62,69 +62,68 @@ import java.io.*;
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class EncTicketPart { public class EncTicketPart {
public TicketFlags flags;
public EncryptionKey key;
public Realm crealm;
public PrincipalName cname;
public TransitedEncoding transited;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public HostAddresses caddr; //optional
public AuthorizationData authorizationData; //optional
public EncTicketPart(
TicketFlags new_flags,
EncryptionKey new_key,
Realm new_crealm,
PrincipalName new_cname,
TransitedEncoding new_transited,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
HostAddresses new_caddr,
AuthorizationData new_authorizationData
) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public EncTicketPart(byte[] data) public TicketFlags flags;
throws Asn1Exception, KrbException, IOException { public EncryptionKey key;
init(new DerValue(data)); public Realm crealm;
} public PrincipalName cname;
public TransitedEncoding transited;
public KerberosTime authtime;
public KerberosTime starttime; //optional
public KerberosTime endtime;
public KerberosTime renewTill; //optional
public HostAddresses caddr; //optional
public AuthorizationData authorizationData; //optional
public EncTicketPart(
TicketFlags new_flags,
EncryptionKey new_key,
Realm new_crealm,
PrincipalName new_cname,
TransitedEncoding new_transited,
KerberosTime new_authtime,
KerberosTime new_starttime,
KerberosTime new_endtime,
KerberosTime new_renewTill,
HostAddresses new_caddr,
AuthorizationData new_authorizationData) {
flags = new_flags;
key = new_key;
crealm = new_crealm;
cname = new_cname;
transited = new_transited;
authtime = new_authtime;
starttime = new_starttime;
endtime = new_endtime;
renewTill = new_renewTill;
caddr = new_caddr;
authorizationData = new_authorizationData;
}
public EncTicketPart(DerValue encoding) public EncTicketPart(byte[] data)
throws Asn1Exception, KrbException, IOException { throws Asn1Exception, KrbException, IOException {
init(encoding); init(new DerValue(data));
} }
/** public EncTicketPart(DerValue encoding)
* Initializes an EncTicketPart object. throws Asn1Exception, KrbException, IOException {
* @param encoding a single DER-encoded value. init(encoding);
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. }
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private static String getHexBytes(byte[] bytes, int len) private static String getHexBytes(byte[] bytes, int len)
throws IOException { throws IOException {
StringBuffer sb = new StringBuffer(); StringBuffer sb = new StringBuffer();
for (int i = 0; i < len; i++) { for (int i = 0; i < len; i++) {
int b1 = (bytes[i]>>4) & 0x0f; int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f; int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1)); sb.append(Integer.toHexString(b1));
...@@ -134,73 +133,91 @@ public class EncTicketPart { ...@@ -134,73 +133,91 @@ public class EncTicketPart {
return sb.toString(); return sb.toString();
} }
private void init(DerValue encoding) private void init(DerValue encoding)
throws Asn1Exception, IOException, RealmException { throws Asn1Exception, IOException, RealmException {
DerValue der, subDer; DerValue der, subDer;
renewTill = null; renewTill = null;
caddr = null; caddr = null;
authorizationData = null; authorizationData = null;
if (((encoding.getTag() & (byte)0x1F) != (byte)0x03) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue(); }
if (der.getTag() != DerValue.tag_Sequence) der = encoding.getData().getDerValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (der.getTag() != DerValue.tag_Sequence) {
flags = TicketFlags.parse(der.getData(), (byte)0x00, false); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
key = EncryptionKey.parse(der.getData(), (byte)0x01, false); }
crealm = Realm.parse(der.getData(), (byte)0x02, false); flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
cname = PrincipalName.parse(der.getData(), (byte)0x03, false); key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false); crealm = Realm.parse(der.getData(), (byte) 0x02, false);
authtime = KerberosTime.parse(der.getData(), (byte)0x05, false); cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
starttime = KerberosTime.parse(der.getData(), (byte)0x06, true); transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
endtime = KerberosTime.parse(der.getData(), (byte)0x07, false); authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
if (der.getData().available() > 0) { starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true); endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) { renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
caddr = HostAddresses.parse(der.getData(), (byte)0x09, true); }
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) { caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true); }
} if (der.getData().available() > 0) {
if (der.getData().available() > 0) authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
throw new Asn1Exception(Krb5.ASN1_BAD_ID); }
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
/** }
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException { /**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream(); DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream(); DerOutputStream temp = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode()); true, (byte) 0x00), flags.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode()); true, (byte) 0x01), key.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode()); true, (byte) 0x02), crealm.asn1Encode());
if (starttime != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode()); true, (byte) 0x03), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode()); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), transited.asn1Encode());
if (renewTill != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode()); true, (byte) 0x05), authtime.asn1Encode());
if (starttime != null) {
if (caddr != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode()); true, (byte) 0x06), starttime.asn1Encode());
}
if (authorizationData != null) bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode()); true, (byte) 0x07), endtime.asn1Encode());
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream(); if (renewTill != null) {
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
return bytes.toByteArray(); true, (byte) 0x08), renewTill.asn1Encode());
} }
if (caddr != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x09), caddr.asn1Encode());
}
if (authorizationData != null) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x0A), authorizationData.asn1Encode());
}
temp.write(DerValue.tag_Sequence, bytes);
bytes = new DerOutputStream();
bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) 0x03), temp);
return bytes.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/KDCRep.java
浏览文件 @ 2ceb233e
...@@ -35,6 +35,7 @@ import sun.security.util.*; ...@@ -35,6 +35,7 @@ import sun.security.util.*;
import java.util.Vector; import java.util.Vector;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
/** /**
* Implements the ASN.1 KDC-REP type. * Implements the ASN.1 KDC-REP type.
* *
...@@ -59,163 +60,168 @@ import java.math.BigInteger; ...@@ -59,163 +60,168 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KDCRep { public class KDCRep {
public Realm crealm;
public PrincipalName cname;
public Ticket ticket;
public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno; public Realm crealm;
private int msgType; public PrincipalName cname;
private PAData[] pAData = null; //optional public Ticket ticket;
private boolean DEBUG = Krb5.DEBUG; public EncryptedData encPart;
public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
private int pvno;
private int msgType;
private PAData[] pAData = null; //optional
private boolean DEBUG = Krb5.DEBUG;
public KDCRep( public KDCRep(
PAData[] new_pAData, PAData[] new_pAData,
Realm new_crealm, Realm new_crealm,
PrincipalName new_cname, PrincipalName new_cname,
Ticket new_ticket, Ticket new_ticket,
EncryptedData new_encPart, EncryptedData new_encPart,
int req_type int req_type) throws IOException {
) throws IOException { pvno = Krb5.PVNO;
pvno = Krb5.PVNO; msgType = req_type;
msgType = req_type; if (new_pAData != null) {
if (new_pAData != null) { pAData = new PAData[new_pAData.length];
pAData = new PAData[new_pAData.length]; for (int i = 0; i < new_pAData.length; i++) {
for (int i = 0; i < new_pAData.length; i++) { if (new_pAData[i] == null) {
if (new_pAData[i] == null) { throw new IOException("Cannot create a KDCRep");
throw new IOException("Cannot create a KDCRep"); } else {
} else { pAData[i] = (PAData) new_pAData[i].clone();
pAData[i] = (PAData)new_pAData[i].clone();
}
}
} }
crealm = new_crealm; }
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
} }
crealm = new_crealm;
cname = new_cname;
ticket = new_ticket;
encPart = new_encPart;
}
public KDCRep() { public KDCRep() {
} }
public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException { public KDCRep(byte[] data, int req_type) throws Asn1Exception,
init(new DerValue(data), req_type); KrbApErrException, RealmException, IOException {
} init(new DerValue(data), req_type);
}
public KDCRep(DerValue encoding, int req_type) throws Asn1Exception, public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(encoding, req_type); init(encoding, req_type);
} }
/* /*
// Not used? Don't know what keyusage to use here %%% // Not used? Don't know what keyusage to use here %%%
public void decrypt(EncryptionKey key) throws Asn1Exception,
public void decrypt(EncryptionKey key) throws Asn1Exception, IOException, KrbException, RealmException {
IOException, KrbException, RealmException { encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), }
msgType); */
} /**
*/ * Initializes an KDCRep object.
*
/** * @param encoding a single DER-encoded value.
* Initializes an KDCRep object. * @param req_type reply message type.
* * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @param encoding a single DER-encoded value. * @exception IOException if an I/O error occurs while reading encoded data.
* @param req_type reply message type. * @exception RealmException if an error occurs while constructing
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * a Realm object from DER-encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception KrbApErrException if the value read from the DER-encoded
* @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data. * data stream does not match the pre-defined value.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value. *
* */
*/ protected void init(DerValue encoding, int req_type)
protected void init(DerValue encoding, int req_type)
throws Asn1Exception, RealmException, IOException, throws Asn1Exception, RealmException, IOException,
KrbApErrException { KrbApErrException {
DerValue der, subDer; DerValue der, subDer;
if ((encoding.getTag() & 0x1F) != req_type) { if ((encoding.getTag() & 0x1F) != req_type) {
if (DEBUG) { if (DEBUG) {
System.out.println(">>> KDCRep: init() " + System.out.println(">>> KDCRep: init() " +
"encoding tag is " + "encoding tag is " +
encoding.getTag() + encoding.getTag() +
" req type is " + req_type); " req type is " + req_type);
}
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue(); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
if (der.getTag() != DerValue.tag_Sequence) { }
throw new Asn1Exception(Krb5.ASN1_BAD_ID); der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} }
subDer = der.getData().getDerValue(); } else {
if ((subDer.getTag() & 0x1F) == 0x00) { throw new Asn1Exception(Krb5.ASN1_BAD_ID);
pvno = subDer.getData().getBigInteger().intValue(); }
if (pvno != Krb5.PVNO) subDer = der.getData().getDerValue();
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); if ((subDer.getTag() & 0x1F) == 0x01) {
} else { msgType = subDer.getData().getBigInteger().intValue();
throw new Asn1Exception(Krb5.ASN1_BAD_ID); if (msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
} }
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) { DerValue[] padata = subDer.getData().getSequence(1);
msgType = subDer.getData().getBigInteger().intValue(); pAData = new PAData[padata.length];
if (msgType != req_type) { for (int i = 0; i < padata.length; i++) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE); pAData[i] = new PAData(padata[i]);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if ((der.getData().peekByte() & 0x1F) == 0x02) {
subDer = der.getData().getDerValue();
DerValue[] padata = subDer.getData().getSequence(1);
pAData = new PAData[padata.length];
for (int i = 0; i < padata.length; i++) {
pAData[i] = new PAData(padata[i]);
}
} else {
pAData = null;
}
crealm = Realm.parse(der.getData(), (byte)0x03, false);
cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
ticket = Ticket.parse(der.getData(), (byte)0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
} else {
pAData = null;
} }
crealm = Realm.parse(der.getData(), (byte) 0x03, false);
cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
/** DerOutputStream bytes = new DerOutputStream();
* Encodes this object to a byte array. DerOutputStream temp = new DerOutputStream();
* @return byte array of encoded APReq object. temp.putInteger(BigInteger.valueOf(pvno));
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
* @exception IOException if an I/O error occurs while reading encoded data. true, (byte) 0x00), temp);
* temp = new DerOutputStream();
*/ temp.putInteger(BigInteger.valueOf(msgType));
public byte[] asn1Encode() throws Asn1Exception, IOException { bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x01), temp);
DerOutputStream bytes = new DerOutputStream(); if (pAData != null && pAData.length > 0) {
DerOutputStream temp = new DerOutputStream(); DerOutputStream padata_stream = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); for (int i = 0; i < pAData.length; i++) {
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); padata_stream.write(pAData[i].asn1Encode());
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(msgType));
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
if (pAData != null && pAData.length > 0) {
DerOutputStream padata_stream = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) {
padata_stream.write(pAData[i].asn1Encode());
}
temp = new DerOutputStream();
temp.write(DerValue.tag_SequenceOf, padata_stream);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
} }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes); temp.write(DerValue.tag_SequenceOf, padata_stream);
return temp.toByteArray(); bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
} }
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), crealm.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), cname.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x05), ticket.asn1Encode());
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x06), encPart.asn1Encode());
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/KDCReq.java
浏览文件 @ 2ceb233e
...@@ -56,155 +56,160 @@ import java.math.BigInteger; ...@@ -56,155 +56,160 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KDCReq { public class KDCReq {
public KDCReqBody reqBody;
private int pvno; public KDCReqBody reqBody;
private int msgType; private int pvno;
private PAData[] pAData = null; //optional private int msgType;
private PAData[] pAData = null; //optional
public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody, public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
int req_type) throws IOException { int req_type) throws IOException {
pvno = Krb5.PVNO; pvno = Krb5.PVNO;
msgType = req_type; msgType = req_type;
if (new_pAData != null) { if (new_pAData != null) {
pAData = new PAData[new_pAData.length]; pAData = new PAData[new_pAData.length];
for (int i = 0; i < new_pAData.length; i++) { for (int i = 0; i < new_pAData.length; i++) {
if (new_pAData[i] == null) { if (new_pAData[i] == null) {
throw new IOException("Cannot create a KDCRep"); throw new IOException("Cannot create a KDCRep");
} else { } else {
pAData[i] = (PAData)new_pAData[i].clone(); pAData[i] = (PAData) new_pAData[i].clone();
}
}
} }
reqBody = new_reqBody; }
} }
reqBody = new_reqBody;
}
public KDCReq() { public KDCReq() {
} }
public KDCReq(byte[] data, int req_type) throws Asn1Exception, public KDCReq(byte[] data, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(new DerValue(data), req_type); init(new DerValue(data), req_type);
} }
/** /**
* Creates an KDCReq object from a DerValue object and asn1 type. * Creates an KDCReq object from a DerValue object and asn1 type.
* *
* @param der a DER value of an KDCReq object. * @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value. * @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException * @exceptoin KrbErrException
*/ */
public KDCReq(DerValue der, int req_type) throws Asn1Exception, public KDCReq(DerValue der, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
init(der, req_type); init(der, req_type);
} }
/** /**
* Initializes a KDCReq object from a DerValue. The DER encoding * Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation. * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
* *
* @param encoding a DER-encoded KDCReq object. * @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object, * @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data. * or a Krb object from DER-encoded data.
*/ */
protected void init(DerValue encoding, int req_type) throws Asn1Exception, protected void init(DerValue encoding, int req_type) throws Asn1Exception,
IOException, KrbException { IOException, KrbException {
DerValue der, subDer; DerValue der, subDer;
BigInteger bint; BigInteger bint;
if ((encoding.getTag() & 0x1F) != req_type) { if ((encoding.getTag() & 0x1F) != req_type) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData> ();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
}
else pAData = null;
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
}
else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x01) {
bint = subDer.getData().getBigInteger();
this.pvno = bint.intValue();
if (this.pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x02) {
bint = subDer.getData().getBigInteger();
this.msgType = bint.intValue();
if (this.msgType != req_type) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Vector<PAData> v = new Vector<PAData>();
while (subsubDer.getData().available() > 0) {
v.addElement(new PAData(subsubDer.getData().getDerValue()));
}
if (v.size() > 0) {
pAData = new PAData[v.size()];
v.copyInto(pAData);
}
} else {
pAData = null;
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
DerValue subsubDer = subDer.getData().getDerValue();
reqBody = new KDCReqBody(subsubDer, msgType);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes this object to a byte array. * Encodes this object to a byte array.
* *
* @return an byte array of encoded data. * @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* *
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out; DerOutputStream temp, bytes, out;
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
temp = new DerOutputStream(); true, (byte) 0x01), temp);
temp.putInteger(BigInteger.valueOf(msgType)); temp = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp); temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x02), temp);
if (pAData != null && pAData.length > 0) { if (pAData != null && pAData.length > 0) {
temp = new DerOutputStream(); temp = new DerOutputStream();
for (int i = 0; i < pAData.length; i++) { for (int i = 0; i < pAData.length; i++) {
temp.write(pAData[i].asn1Encode()); temp.write(pAData[i].asn1Encode());
} }
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp); bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x03), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
{
return reqBody.asn1Encode(msgType);
} }
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x04), reqBody.asn1Encode(msgType));
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
true, (byte) msgType), bytes);
return out.toByteArray();
}
public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
return reqBody.asn1Encode(msgType);
}
} }
src/share/classes/sun/security/krb5/internal/KRBCred.java
浏览文件 @ 2ceb233e
...@@ -56,128 +56,134 @@ import java.math.BigInteger; ...@@ -56,128 +56,134 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt"> * <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>. * http://www.ietf.org/rfc/rfc4120.txt</a>.
*/ */
public class KRBCred { public class KRBCred {
public Ticket[] tickets = null;
public EncryptedData encPart;
private int pvno; public Ticket[] tickets = null;
private int msgType; public EncryptedData encPart;
private int pvno;
private int msgType;
public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException { public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
pvno = Krb5.PVNO; pvno = Krb5.PVNO;
msgType = Krb5.KRB_CRED; msgType = Krb5.KRB_CRED;
if (new_tickets != null) { if (new_tickets != null) {
tickets = new Ticket[new_tickets.length]; tickets = new Ticket[new_tickets.length];
for (int i = 0; i < new_tickets.length; i++) { for (int i = 0; i < new_tickets.length; i++) {
if (new_tickets[i] == null) { if (new_tickets[i] == null) {
throw new IOException("Cannot create a KRBCred"); throw new IOException("Cannot create a KRBCred");
} else { } else {
tickets[i] = (Ticket)new_tickets[i].clone(); tickets[i] = (Ticket) new_tickets[i].clone();
}
}
} }
encPart = new_encPart; }
} }
encPart = new_encPart;
}
public KRBCred(byte[] data) throws Asn1Exception, public KRBCred(byte[] data) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(new DerValue(data)); init(new DerValue(data));
} }
public KRBCred(DerValue encoding) throws Asn1Exception, public KRBCred(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
init(encoding); init(encoding);
} }
/** /**
* Initializes an KRBCred object. * Initializes an KRBCred object.
* @param encoding a single DER-encoded value. * @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data * @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value. * stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
private void init(DerValue encoding) throws Asn1Exception, private void init(DerValue encoding) throws Asn1Exception,
RealmException, KrbApErrException, IOException { RealmException, KrbApErrException, IOException {
if (((encoding.getTag() & (byte)0x1F) != (byte)0x16) if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
|| (encoding.isApplication() != true) || (encoding.isApplication() != true)
|| (encoding.isConstructed() != true)) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
DerValue der, subDer; DerValue der, subDer;
der = encoding.getData().getDerValue(); der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue(); }
if ((subDer.getTag() & 0x1F) == 0x00) { subDer = der.getData().getDerValue();
pvno = subDer.getData().getBigInteger().intValue(); if ((subDer.getTag() & 0x1F) == 0x00) {
if (pvno != Krb5.PVNO) { pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION); throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} }
} } else {
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
throw new Asn1Exception(Krb5.ASN1_BAD_ID); }
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) { if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue(); msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_CRED) if (msgType != Krb5.KRB_CRED) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE); throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
} }
else } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue(); subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x02) { if ((subDer.getTag() & 0x1F) == 0x02) {
DerValue subsubDer = subDer.getData().getDerValue(); DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) { if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
Vector<Ticket> v = new Vector<Ticket> (); Vector<Ticket> v = new Vector<Ticket>();
while (subsubDer.getData().available() > 0) { while (subsubDer.getData().available() > 0) {
v.addElement(new Ticket(subsubDer.getData().getDerValue())); v.addElement(new Ticket(subsubDer.getData().getDerValue()));
} }
if (v.size() > 0) { if (v.size() > 0) {
tickets = new Ticket[v.size()]; tickets = new Ticket[v.size()];
v.copyInto(tickets); v.copyInto(tickets);
} }
} } else {
else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
/** /**
* Encodes an KRBCred object. * Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object. * @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data. * @exception IOException if an I/O error occurs while reading encoded data.
*/ */
public byte[] asn1Encode() throws Asn1Exception, IOException { public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out; DerOutputStream temp, bytes, out;
temp = new DerOutputStream(); temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno)); temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
temp = new DerOutputStream(); true, (byte) 0x00), temp);
temp.putInteger(BigInteger.valueOf(msgType));
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
temp = new DerOutputStream(); temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) { temp.putInteger(BigInteger.valueOf(msgType));
temp.write(tickets[i].asn1Encode()); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
} true, (byte) 0x01), temp);
temp = new DerOutputStream();
for (int i = 0; i < tickets.length; i++) {
temp.write(tickets[i].asn1Encode());
}
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp); bytes.write(DerValue.tag_SequenceOf, temp);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes); out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode()); true, (byte) 0x02), bytes);
out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
true, (byte) 0x03), encPart.asn1Encode());
bytes = new DerOutputStream(); bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out); bytes.write(DerValue.tag_Sequence, out);
out = new DerOutputStream(); out = new DerOutputStream();
out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes); out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
return out.toByteArray(); true, (byte) 0x16), bytes);
} return out.toByteArray();
}
} }
src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
浏览文件 @ 2ceb233e
...@@ -111,7 +111,7 @@ public class KrbCredInfo { ...@@ -111,7 +111,7 @@ public class KrbCredInfo {
* @exception RealmException if an error occurs while parsing a Realm object. * @exception RealmException if an error occurs while parsing a Realm object.
*/ */
public KrbCredInfo(DerValue encoding) public KrbCredInfo(DerValue encoding)
throws Asn1Exception, IOException, RealmException{ throws Asn1Exception, IOException, RealmException{
if (encoding.getTag() != DerValue.tag_Sequence) { if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID); throw new Asn1Exception(Krb5.ASN1_BAD_ID);
} }
...@@ -160,25 +160,25 @@ public class KrbCredInfo { ...@@ -160,25 +160,25 @@ public class KrbCredInfo {
Vector<DerValue> v = new Vector<DerValue> (); Vector<DerValue> v = new Vector<DerValue> ();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
if (prealm != null) if (prealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
if (pname != null) if (pname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
if (flags != null) if (flags != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
if (authtime != null) if (authtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
if (starttime != null) if (starttime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
if (endtime != null) if (endtime != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
if (renewTill != null) if (renewTill != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
if (srealm != null) if (srealm != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
if (sname != null) if (sname != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
if (caddr != null) if (caddr != null)
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode())); v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
DerValue der[] = new DerValue[v.size()]; DerValue der[] = new DerValue[v.size()];
v.copyInto(der); v.copyInto(der);
DerOutputStream out = new DerOutputStream(); DerOutputStream out = new DerOutputStream();
......
src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
浏览文件 @ 2ceb233e
...@@ -34,168 +34,171 @@ import sun.security.krb5.*; ...@@ -34,168 +34,171 @@ import sun.security.krb5.*;
import sun.security.krb5.internal.*; import sun.security.krb5.internal.*;
public class Credentials { public class Credentials {
PrincipalName cname;
Realm crealm; PrincipalName cname;
Realm crealm;
PrincipalName sname; PrincipalName sname;
Realm srealm; Realm srealm;
EncryptionKey key; EncryptionKey key;
KerberosTime authtime; KerberosTime authtime;
KerberosTime starttime;//optional KerberosTime starttime;//optional
KerberosTime endtime; KerberosTime endtime;
KerberosTime renewTill; //optional KerberosTime renewTill; //optional
HostAddresses caddr; //optional; for proxied tickets only HostAddresses caddr; //optional; for proxied tickets only
AuthorizationData authorizationData; //optional, not being actually used AuthorizationData authorizationData; //optional, not being actually used
public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
TicketFlags flags; TicketFlags flags;
Ticket ticket; Ticket ticket;
Ticket secondTicket; //optional Ticket secondTicket; //optional
private boolean DEBUG = Krb5.DEBUG; private boolean DEBUG = Krb5.DEBUG;
public Credentials( public Credentials(
PrincipalName new_cname, PrincipalName new_cname,
PrincipalName new_sname, PrincipalName new_sname,
EncryptionKey new_key, EncryptionKey new_key,
KerberosTime new_authtime, KerberosTime new_authtime,
KerberosTime new_starttime, KerberosTime new_starttime,
KerberosTime new_endtime, KerberosTime new_endtime,
KerberosTime new_renewTill, KerberosTime new_renewTill,
boolean new_isEncInSKey, boolean new_isEncInSKey,
TicketFlags new_flags, TicketFlags new_flags,
HostAddresses new_caddr, HostAddresses new_caddr,
AuthorizationData new_authData, AuthorizationData new_authData,
Ticket new_ticket, Ticket new_ticket,
Ticket new_secondTicket) { Ticket new_secondTicket) {
cname = (PrincipalName)new_cname.clone(); cname = (PrincipalName) new_cname.clone();
if (new_cname.getRealm() != null) if (new_cname.getRealm() != null) {
crealm = (Realm)new_cname.getRealm().clone(); crealm = (Realm) new_cname.getRealm().clone();
sname = (PrincipalName)new_sname.clone();
if (new_sname.getRealm() != null)
srealm = (Realm)new_sname.getRealm().clone();
key = (EncryptionKey)new_key.clone();
authtime = (KerberosTime)new_authtime.clone();
starttime = (KerberosTime)new_starttime.clone();
endtime = (KerberosTime)new_endtime.clone();
renewTill = (KerberosTime)new_renewTill.clone();
if (new_caddr != null)
caddr = (HostAddresses)new_caddr.clone();
if (new_authData != null) {
authorizationData
= (AuthorizationData)new_authData.clone();
}
isEncInSKey = new_isEncInSKey;
flags = (TicketFlags)new_flags.clone();
ticket = (Ticket)(new_ticket.clone());
if (new_secondTicket != null)
secondTicket = (Ticket)new_secondTicket.clone();
} }
sname = (PrincipalName) new_sname.clone();
if (new_sname.getRealm() != null) {
srealm = (Realm) new_sname.getRealm().clone();
}
key = (EncryptionKey) new_key.clone();
public Credentials( authtime = (KerberosTime) new_authtime.clone();
KDCRep kdcRep, starttime = (KerberosTime) new_starttime.clone();
Ticket new_secondTicket, endtime = (KerberosTime) new_endtime.clone();
AuthorizationData new_authorizationData, renewTill = (KerberosTime) new_renewTill.clone();
boolean new_isEncInSKey if (new_caddr != null) {
) { caddr = (HostAddresses) new_caddr.clone();
if (kdcRep.encKDCRepPart == null) //can't store while encrypted }
return; if (new_authData != null) {
crealm = (Realm)kdcRep.crealm.clone(); authorizationData = (AuthorizationData) new_authData.clone();
cname = (PrincipalName)kdcRep.cname.clone();
ticket = (Ticket)kdcRep.ticket.clone();
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket)new_secondTicket.clone();
authorizationData =
(AuthorizationData)new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
} }
public Credentials(KDCRep kdcRep) { isEncInSKey = new_isEncInSKey;
this(kdcRep, null); flags = (TicketFlags) new_flags.clone();
ticket = (Ticket) (new_ticket.clone());
if (new_secondTicket != null) {
secondTicket = (Ticket) new_secondTicket.clone();
} }
}
public Credentials(KDCRep kdcRep, Ticket new_ticket) { public Credentials(
sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone(); KDCRep kdcRep,
srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone(); Ticket new_secondTicket,
try { AuthorizationData new_authorizationData,
sname.setRealm(srealm); boolean new_isEncInSKey) {
} if (kdcRep.encKDCRepPart == null) //can't store while encrypted
catch (RealmException e) { {
} return;
cname = (PrincipalName)kdcRep.cname.clone();
crealm = (Realm)kdcRep.crealm.clone();
try {
cname.setRealm(crealm);
}
catch (RealmException e) {
}
key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
}
else starttime = null;
endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
}
else renewTill = null;
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null)
caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
else caddr = null;
ticket = (Ticket)kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket)new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
} }
crealm = (Realm) kdcRep.crealm.clone();
cname = (PrincipalName) kdcRep.cname.clone();
ticket = (Ticket) kdcRep.ticket.clone();
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
secondTicket = (Ticket) new_secondTicket.clone();
authorizationData =
(AuthorizationData) new_authorizationData.clone();
isEncInSKey = new_isEncInSKey;
}
/** public Credentials(KDCRep kdcRep) {
* Checks if this credential is expired this(kdcRep, null);
*/ }
public boolean isValid() {
boolean valid = true; public Credentials(KDCRep kdcRep, Ticket new_ticket) {
if (endtime.getTime() < System.currentTimeMillis()) { sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
valid = false; srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
} try {
else if ((starttime.getTime() > System.currentTimeMillis()) sname.setRealm(srealm);
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis()))) } catch (RealmException e) {
{ }
valid = false; cname = (PrincipalName) kdcRep.cname.clone();
} crealm = (Realm) kdcRep.crealm.clone();
return valid; try {
cname.setRealm(crealm);
} catch (RealmException e) {
}
key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
if (kdcRep.encKDCRepPart.starttime != null) {
starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
} else {
starttime = null;
} }
endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
if (kdcRep.encKDCRepPart.renewTill != null) {
renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
} else {
renewTill = null;
}
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags = kdcRep.encKDCRepPart.flags;
if (kdcRep.encKDCRepPart.caddr != null) {
caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
} else {
caddr = null;
}
ticket = (Ticket) kdcRep.ticket.clone();
if (new_ticket != null) {
secondTicket = (Ticket) new_ticket.clone();
isEncInSKey = true;
} else {
secondTicket = null;
isEncInSKey = false;
}
}
public PrincipalName getServicePrincipal() throws RealmException{ /**
if (sname.getRealm() == null) { * Checks if this credential is expired
sname.setRealm(srealm); */
} public boolean isValid() {
return sname; boolean valid = true;
if (endtime.getTime() < System.currentTimeMillis()) {
valid = false;
} else if ((starttime.getTime() > System.currentTimeMillis())
|| ((starttime == null) && (authtime.getTime() > System.currentTimeMillis()))) {
valid = false;
} }
return valid;
}
public sun.security.krb5.Credentials setKrbCreds() { public PrincipalName getServicePrincipal() throws RealmException {
return new sun.security.krb5.Credentials(ticket, if (sname.getRealm() == null) {
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr); sname.setRealm(srealm);
} }
return sname;
}
public sun.security.krb5.Credentials setKrbCreds() {
return new sun.security.krb5.Credentials(ticket,
cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
}
public KerberosTime getAuthTime() { public KerberosTime getAuthTime() {
return authtime; return authtime;
......
src/windows/native/sun/security/krb5/NativeCreds.c
浏览文件 @ 2ceb233e
...@@ -88,9 +88,9 @@ VOID ShowNTError(LPSTR,NTSTATUS); ...@@ -88,9 +88,9 @@ VOID ShowNTError(LPSTR,NTSTATUS);
VOID VOID
InitUnicodeString( InitUnicodeString(
PUNICODE_STRING DestinationString, PUNICODE_STRING DestinationString,
PCWSTR SourceString OPTIONAL PCWSTR SourceString OPTIONAL
); );
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize); jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize);
...@@ -108,215 +108,215 @@ jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime); ...@@ -108,215 +108,215 @@ jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime);
*/ */
JNIEXPORT jint JNICALL JNI_OnLoad( JNIEXPORT jint JNICALL JNI_OnLoad(
JavaVM *jvm, JavaVM *jvm,
void *reserved) { void *reserved) {
jclass cls;
JNIEnv *env;
if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
return JNI_EVERSION; /* JNI version not supported */
}
cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
if (cls == NULL) {
printf("Couldn't find Ticket\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found Ticket\n");
#endif /* DEBUG */
ticketClass = (*env)->NewWeakGlobalRef(env,cls); jclass cls;
if (ticketClass == NULL) { JNIEnv *env;
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
if (cls == NULL) { if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
printf("Couldn't find PrincipalName\n"); return JNI_EVERSION; /* JNI version not supported */
return JNI_ERR; }
}
#ifdef DEBUG
printf("Found PrincipalName\n");
#endif /* DEBUG */
principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
if (principalNameClass == NULL) {
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
cls = (*env)->FindClass(env,"sun/security/util/DerValue");
if (cls == NULL) { cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
printf("Couldn't find DerValue\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found DerValue\n");
#endif /* DEBUG */
derValueClass = (*env)->NewWeakGlobalRef(env,cls); if (cls == NULL) {
if (derValueClass == NULL) { printf("Couldn't find Ticket\n");
return JNI_ERR; return JNI_ERR;
} }
#ifdef DEBUG #ifdef DEBUG
printf("Made NewWeakGlobalRef\n"); printf("Found Ticket\n");
#endif /* DEBUG */ #endif /* DEBUG */
cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey"); ticketClass = (*env)->NewWeakGlobalRef(env,cls);
if (ticketClass == NULL) {
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
if (cls == NULL) { cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
printf("Couldn't find EncryptionKey\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found EncryptionKey\n");
#endif /* DEBUG */
encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls); if (cls == NULL) {
if (encryptionKeyClass == NULL) { printf("Couldn't find PrincipalName\n");
return JNI_ERR; return JNI_ERR;
} }
#ifdef DEBUG #ifdef DEBUG
printf("Made NewWeakGlobalRef\n"); printf("Found PrincipalName\n");
#endif /* DEBUG */ #endif /* DEBUG */
cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags"); principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
if (principalNameClass == NULL) {
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
if (cls == NULL) { cls = (*env)->FindClass(env,"sun/security/util/DerValue");
printf("Couldn't find TicketFlags\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found TicketFlags\n");
#endif /* DEBUG */
ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls); if (cls == NULL) {
if (ticketFlagsClass == NULL) { printf("Couldn't find DerValue\n");
return JNI_ERR; return JNI_ERR;
} }
#ifdef DEBUG #ifdef DEBUG
printf("Made NewWeakGlobalRef\n"); printf("Found DerValue\n");
#endif /* DEBUG */ #endif /* DEBUG */
cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime"); derValueClass = (*env)->NewWeakGlobalRef(env,cls);
if (derValueClass == NULL) {
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
if (cls == NULL) { cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey");
printf("Couldn't find KerberosTime\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found KerberosTime\n");
#endif /* DEBUG */
kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls); if (cls == NULL) {
if (kerberosTimeClass == NULL) { printf("Couldn't find EncryptionKey\n");
return JNI_ERR; return JNI_ERR;
} }
#ifdef DEBUG #ifdef DEBUG
printf("Made NewWeakGlobalRef\n"); printf("Found EncryptionKey\n");
#endif /* DEBUG */ #endif /* DEBUG */
cls = (*env)->FindClass(env,"java/lang/String"); encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls);
if (encryptionKeyClass == NULL) {
return JNI_ERR;
}
#ifdef DEBUG
printf("Made NewWeakGlobalRef\n");
#endif /* DEBUG */
if (cls == NULL) { cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags");
printf("Couldn't find String\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found String\n");
#endif /* DEBUG */
javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls); if (cls == NULL) {
if (javaLangStringClass == NULL) { printf("Couldn't find TicketFlags\n");
return JNI_ERR; return JNI_ERR;
} }
#ifdef DEBUG #ifdef DEBUG
printf("Made NewWeakGlobalRef\n"); printf("Found TicketFlags\n");
#endif /* DEBUG */ #endif /* DEBUG */
derValueConstructor = (*env)->GetMethodID(env, derValueClass, ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls);
"<init>", "([B)V"); if (ticketFlagsClass == NULL) {
if (derValueConstructor == 0) { return JNI_ERR;
printf("Couldn't find DerValue constructor\n"); }
return JNI_ERR; #ifdef DEBUG
} printf("Made NewWeakGlobalRef\n");
#ifdef DEBUG #endif /* DEBUG */
printf("Found DerValue constructor\n");
#endif /* DEBUG */
ticketConstructor = (*env)->GetMethodID(env, ticketClass, cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime");
"<init>", "(Lsun/security/util/DerValue;)V");
if (ticketConstructor == 0) {
printf("Couldn't find Ticket constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found Ticket constructor\n");
#endif /* DEBUG */
principalNameConstructor = (*env)->GetMethodID(env, principalNameClass, if (cls == NULL) {
"<init>", "([Ljava/lang/String;)V"); printf("Couldn't find KerberosTime\n");
if (principalNameConstructor == 0) { return JNI_ERR;
printf("Couldn't find PrincipalName constructor\n"); }
return JNI_ERR; #ifdef DEBUG
} printf("Found KerberosTime\n");
#ifdef DEBUG #endif /* DEBUG */
printf("Found PrincipalName constructor\n");
#endif /* DEBUG */
encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass, kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls);
"<init>", "(I[B)V"); if (kerberosTimeClass == NULL) {
if (encryptionKeyConstructor == 0) { return JNI_ERR;
printf("Couldn't find EncryptionKey constructor\n"); }
return JNI_ERR; #ifdef DEBUG
} printf("Made NewWeakGlobalRef\n");
#ifdef DEBUG #endif /* DEBUG */
printf("Found EncryptionKey constructor\n");
#endif /* DEBUG */
ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass, cls = (*env)->FindClass(env,"java/lang/String");
"<init>", "(I[B)V");
if (ticketFlagsConstructor == 0) {
printf("Couldn't find TicketFlags constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found TicketFlags constructor\n");
#endif /* DEBUG */
kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass, if (cls == NULL) {
"<init>", "(Ljava/lang/String;)V"); printf("Couldn't find String\n");
if (kerberosTimeConstructor == 0) { return JNI_ERR;
printf("Couldn't find KerberosTime constructor\n"); }
return JNI_ERR; #ifdef DEBUG
} printf("Found String\n");
#ifdef DEBUG #endif /* DEBUG */
printf("Found KerberosTime constructor\n");
#endif /* DEBUG */
// load the setRealm method in PrincipalName javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls);
setRealmMethod = (*env)->GetMethodID(env, principalNameClass, if (javaLangStringClass == NULL) {
"setRealm", "(Ljava/lang/String;)V"); return JNI_ERR;
if (setRealmMethod == 0) { }
printf("Couldn't find setRealm in PrincipalName\n"); #ifdef DEBUG
return JNI_ERR; printf("Made NewWeakGlobalRef\n");
} #endif /* DEBUG */
derValueConstructor = (*env)->GetMethodID(env, derValueClass,
"<init>", "([B)V");
if (derValueConstructor == 0) {
printf("Couldn't find DerValue constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found DerValue constructor\n");
#endif /* DEBUG */
ticketConstructor = (*env)->GetMethodID(env, ticketClass,
"<init>", "(Lsun/security/util/DerValue;)V");
if (ticketConstructor == 0) {
printf("Couldn't find Ticket constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found Ticket constructor\n");
#endif /* DEBUG */
principalNameConstructor = (*env)->GetMethodID(env, principalNameClass,
"<init>", "([Ljava/lang/String;)V");
if (principalNameConstructor == 0) {
printf("Couldn't find PrincipalName constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found PrincipalName constructor\n");
#endif /* DEBUG */
encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass,
"<init>", "(I[B)V");
if (encryptionKeyConstructor == 0) {
printf("Couldn't find EncryptionKey constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found EncryptionKey constructor\n");
#endif /* DEBUG */
ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass,
"<init>", "(I[B)V");
if (ticketFlagsConstructor == 0) {
printf("Couldn't find TicketFlags constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found TicketFlags constructor\n");
#endif /* DEBUG */
kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass,
"<init>", "(Ljava/lang/String;)V");
if (kerberosTimeConstructor == 0) {
printf("Couldn't find KerberosTime constructor\n");
return JNI_ERR;
}
#ifdef DEBUG
printf("Found KerberosTime constructor\n");
#endif /* DEBUG */
// load the setRealm method in PrincipalName
setRealmMethod = (*env)->GetMethodID(env, principalNameClass,
"setRealm", "(Ljava/lang/String;)V");
if (setRealmMethod == 0) {
printf("Couldn't find setRealm in PrincipalName\n");
return JNI_ERR;
}
#ifdef DEBUG #ifdef DEBUG
printf("Finished OnLoad processing\n"); printf("Finished OnLoad processing\n");
#endif /* DEBUG */ #endif /* DEBUG */
return JNI_VERSION_1_2; return JNI_VERSION_1_2;
} }
/* /*
...@@ -325,38 +325,38 @@ JNIEXPORT jint JNICALL JNI_OnLoad( ...@@ -325,38 +325,38 @@ JNIEXPORT jint JNICALL JNI_OnLoad(
*/ */
JNIEXPORT void JNICALL JNI_OnUnload( JNIEXPORT void JNICALL JNI_OnUnload(
JavaVM *jvm, JavaVM *jvm,
void *reserved) { void *reserved) {
JNIEnv *env; JNIEnv *env;
if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) { if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
return; /* Nothing else we can do */ return; /* Nothing else we can do */
} }
if (ticketClass != NULL) { if (ticketClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,ticketClass); (*env)->DeleteWeakGlobalRef(env,ticketClass);
} }
if (derValueClass != NULL) { if (derValueClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,derValueClass); (*env)->DeleteWeakGlobalRef(env,derValueClass);
} }
if (principalNameClass != NULL) { if (principalNameClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,principalNameClass); (*env)->DeleteWeakGlobalRef(env,principalNameClass);
} }
if (encryptionKeyClass != NULL) { if (encryptionKeyClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,encryptionKeyClass); (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
} }
if (ticketFlagsClass != NULL) { if (ticketFlagsClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,ticketFlagsClass); (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
} }
if (kerberosTimeClass != NULL) { if (kerberosTimeClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,kerberosTimeClass); (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
} }
if (javaLangStringClass != NULL) { if (javaLangStringClass != NULL) {
(*env)->DeleteWeakGlobalRef(env,javaLangStringClass); (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
} }
return; return;
} }
/* /*
...@@ -365,31 +365,31 @@ JNIEXPORT void JNICALL JNI_OnUnload( ...@@ -365,31 +365,31 @@ JNIEXPORT void JNICALL JNI_OnUnload(
* Signature: ()Lsun/security/krb5/Credentials; * Signature: ()Lsun/security/krb5/Credentials;
*/ */
JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds( JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds(
JNIEnv *env, JNIEnv *env,
jclass krbcredsClass) { jclass krbcredsClass) {
KERB_QUERY_TKT_CACHE_REQUEST CacheRequest; KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL; PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL; PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL; PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
NTSTATUS Status, SubStatus; NTSTATUS Status, SubStatus;
ULONG requestSize = 0; ULONG requestSize = 0;
ULONG responseSize = 0; ULONG responseSize = 0;
ULONG rspSize = 0; ULONG rspSize = 0;
HANDLE LogonHandle = NULL; HANDLE LogonHandle = NULL;
ULONG PackageId; ULONG PackageId;
jobject ticket, clientPrincipal, targetPrincipal, encryptionKey; jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
jobject ticketFlags, startTime, endTime, krbCreds = NULL; jobject ticketFlags, startTime, endTime, krbCreds = NULL;
jobject authTime, renewTillTime, hostAddresses = NULL; jobject authTime, renewTillTime, hostAddresses = NULL;
KERB_EXTERNAL_TICKET *msticket; KERB_EXTERNAL_TICKET *msticket;
int ignore_cache = 0; int ignore_cache = 0;
FILETIME Now, EndTime, LocalEndTime; FILETIME Now, EndTime, LocalEndTime;
while (TRUE) { while (TRUE) {
if (krbcredsConstructor == 0) { if (krbcredsConstructor == 0) {
krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>", krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
"(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V"); "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
if (krbcredsConstructor == 0) { if (krbcredsConstructor == 0) {
printf("Couldn't find sun.security.krb5.Credentials constructor\n"); printf("Couldn't find sun.security.krb5.Credentials constructor\n");
break; break;
...@@ -510,88 +510,88 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ ...@@ -510,88 +510,88 @@ JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativ
msticket = &(pTicketResponse->Ticket); msticket = &(pTicketResponse->Ticket);
} }
/* /*
typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
KERB_EXTERNAL_TICKET Ticket;
} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
typedef struct _KERB_EXTERNAL_TICKET {
PKERB_EXTERNAL_NAME ServiceName;
PKERB_EXTERNAL_NAME TargetName;
PKERB_EXTERNAL_NAME ClientName;
UNICODE_STRING DomainName;
UNICODE_STRING TargetDomainName;
UNICODE_STRING AltTargetDomainName;
KERB_CRYPTO_KEY SessionKey;
ULONG TicketFlags;
ULONG Flags;
LARGE_INTEGER KeyExpirationTime;
LARGE_INTEGER StartTime;
LARGE_INTEGER EndTime;
LARGE_INTEGER RenewUntil;
LARGE_INTEGER TimeSkew;
ULONG EncodedTicketSize;
PUCHAR EncodedTicket; <========== Here's the good stuff
} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
typedef struct _KERB_EXTERNAL_NAME {
SHORT NameType;
USHORT NameCount;
UNICODE_STRING Names[ANYSIZE_ARRAY];
} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
typedef struct _LSA_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
typedef struct KERB_CRYPTO_KEY {
LONG KeyType;
ULONG Length;
PUCHAR Value;
} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
*/ typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
KERB_EXTERNAL_TICKET Ticket;
} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
typedef struct _KERB_EXTERNAL_TICKET {
PKERB_EXTERNAL_NAME ServiceName;
PKERB_EXTERNAL_NAME TargetName;
PKERB_EXTERNAL_NAME ClientName;
UNICODE_STRING DomainName;
UNICODE_STRING TargetDomainName;
UNICODE_STRING AltTargetDomainName;
KERB_CRYPTO_KEY SessionKey;
ULONG TicketFlags;
ULONG Flags;
LARGE_INTEGER KeyExpirationTime;
LARGE_INTEGER StartTime;
LARGE_INTEGER EndTime;
LARGE_INTEGER RenewUntil;
LARGE_INTEGER TimeSkew;
ULONG EncodedTicketSize;
PUCHAR EncodedTicket; <========== Here's the good stuff
} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
typedef struct _KERB_EXTERNAL_NAME {
SHORT NameType;
USHORT NameCount;
UNICODE_STRING Names[ANYSIZE_ARRAY];
} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
typedef struct _LSA_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
typedef struct KERB_CRYPTO_KEY {
LONG KeyType;
ULONG Length;
PUCHAR Value;
} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
*/
// Build a com.sun.security.krb5.Ticket // Build a com.sun.security.krb5.Ticket
ticket = BuildTicket(env, msticket->EncodedTicket, ticket = BuildTicket(env, msticket->EncodedTicket,
msticket->EncodedTicketSize); msticket->EncodedTicketSize);
if (ticket == NULL) { if (ticket == NULL) {
break; break;
} }
// OK, have a Ticket, now need to get the client name // OK, have a Ticket, now need to get the client name
clientPrincipal = BuildPrincipal(env, msticket->ClientName, clientPrincipal = BuildPrincipal(env, msticket->ClientName,
msticket->TargetDomainName); // mdu msticket->TargetDomainName); // mdu
if (clientPrincipal == NULL) { if (clientPrincipal == NULL) {
break; break;
} }
// and the "name" of tgt // and the "name" of tgt
targetPrincipal = BuildPrincipal(env, msticket->ServiceName, targetPrincipal = BuildPrincipal(env, msticket->ServiceName,
msticket->DomainName); msticket->DomainName);
if (targetPrincipal == NULL) { if (targetPrincipal == NULL) {
break; break;
} }
// Get the encryption key // Get the encryption key
encryptionKey = BuildEncryptionKey(env, &(msticket->SessionKey)); encryptionKey = BuildEncryptionKey(env, &(msticket->SessionKey));
if (encryptionKey == NULL) { if (encryptionKey == NULL) {
break; break;
} }
// and the ticket flags // and the ticket flags
ticketFlags = BuildTicketFlags(env, &(msticket->TicketFlags)); ticketFlags = BuildTicketFlags(env, &(msticket->TicketFlags));
if (ticketFlags == NULL) { if (ticketFlags == NULL) {
break; break;
} }
// Get the start time // Get the start time
startTime = BuildKerberosTime(env, &(msticket->StartTime)); startTime = BuildKerberosTime(env, &(msticket->StartTime));
if (startTime == NULL) { if (startTime == NULL) {
break; break;
} }
/* /*
...@@ -604,13 +604,13 @@ typedef struct KERB_CRYPTO_KEY { ...@@ -604,13 +604,13 @@ typedef struct KERB_CRYPTO_KEY {
// and the end time // and the end time
endTime = BuildKerberosTime(env, &(msticket->EndTime)); endTime = BuildKerberosTime(env, &(msticket->EndTime));
if (endTime == NULL) { if (endTime == NULL) {
break; break;
} }
// Get the renew till time // Get the renew till time
renewTillTime = BuildKerberosTime(env, &(msticket->RenewUntil)); renewTillTime = BuildKerberosTime(env, &(msticket->RenewUntil));
if (renewTillTime == NULL) { if (renewTillTime == NULL) {
break; break;
} }
// and now go build a KrbCreds object // and now go build a KrbCreds object
...@@ -630,87 +630,87 @@ typedef struct KERB_CRYPTO_KEY { ...@@ -630,87 +630,87 @@ typedef struct KERB_CRYPTO_KEY {
hostAddresses); hostAddresses);
break; break;
} // end of WHILE } // end of WHILE
// clean up resources // clean up resources
if (TktCacheResponse != NULL) { if (TktCacheResponse != NULL) {
LsaFreeReturnBuffer(TktCacheResponse); LsaFreeReturnBuffer(TktCacheResponse);
} }
if (pTicketRequest) { if (pTicketRequest) {
LocalFree(pTicketRequest); LocalFree(pTicketRequest);
} }
if (pTicketResponse != NULL) { if (pTicketResponse != NULL) {
LsaFreeReturnBuffer(pTicketResponse); LsaFreeReturnBuffer(pTicketResponse);
} }
return krbCreds; return krbCreds;
} }
static NTSTATUS static NTSTATUS
ConstructTicketRequest(UNICODE_STRING DomainName, ConstructTicketRequest(UNICODE_STRING DomainName,
PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize) PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize)
{ {
NTSTATUS Status; NTSTATUS Status;
UNICODE_STRING TargetPrefix; UNICODE_STRING TargetPrefix;
USHORT TargetSize; USHORT TargetSize;
ULONG RequestSize; ULONG RequestSize;
ULONG Length; ULONG Length;
PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL; PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
*outRequest = NULL; *outRequest = NULL;
*outSize = 0; *outSize = 0;
// //
// Set up the "krbtgt/" target prefix into a UNICODE_STRING so we // Set up the "krbtgt/" target prefix into a UNICODE_STRING so we
// can easily concatenate it later. // can easily concatenate it later.
// //
TargetPrefix.Buffer = L"krbtgt/"; TargetPrefix.Buffer = L"krbtgt/";
Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR); Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR);
TargetPrefix.Length = (USHORT)Length; TargetPrefix.Length = (USHORT)Length;
TargetPrefix.MaximumLength = TargetPrefix.Length; TargetPrefix.MaximumLength = TargetPrefix.Length;
// //
// We will need to concatenate the "krbtgt/" prefix and the // We will need to concatenate the "krbtgt/" prefix and the
// Logon Session's DnsDomainName into our request's target name. // Logon Session's DnsDomainName into our request's target name.
// //
// Therefore, first compute the necessary buffer size for that. // Therefore, first compute the necessary buffer size for that.
// //
// Note that we might theoretically have integer overflow. // Note that we might theoretically have integer overflow.
// //
TargetSize = TargetPrefix.Length + DomainName.Length; TargetSize = TargetPrefix.Length + DomainName.Length;
// //
// The ticket request buffer needs to be a single buffer. That buffer // The ticket request buffer needs to be a single buffer. That buffer
// needs to include the buffer for the target name. // needs to include the buffer for the target name.
// //
RequestSize = sizeof (*pTicketRequest) + TargetSize; RequestSize = sizeof (*pTicketRequest) + TargetSize;
// //
// Allocate the request buffer and make sure it's zero-filled. // Allocate the request buffer and make sure it's zero-filled.
// //
pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST) pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST)
LocalAlloc(LMEM_ZEROINIT, RequestSize); LocalAlloc(LMEM_ZEROINIT, RequestSize);
if (!pTicketRequest) if (!pTicketRequest)
return GetLastError(); return GetLastError();
// //
// Concatenate the target prefix with the previous reponse's // Concatenate the target prefix with the previous reponse's
// target domain. // target domain.
// //
pTicketRequest->TargetName.Length = 0; pTicketRequest->TargetName.Length = 0;
pTicketRequest->TargetName.MaximumLength = TargetSize; pTicketRequest->TargetName.MaximumLength = TargetSize;
pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1); pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName), Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName),
TargetPrefix, TargetPrefix,
DomainName); DomainName);
*outRequest = pTicketRequest; *outRequest = pTicketRequest;
*outSize = RequestSize; *outSize = RequestSize;
return Status; return Status;
} }
DWORD DWORD
...@@ -720,22 +720,22 @@ ConcatenateUnicodeStrings( ...@@ -720,22 +720,22 @@ ConcatenateUnicodeStrings(
UNICODE_STRING Source2 UNICODE_STRING Source2
) )
{ {
// //
// The buffers for Source1 and Source2 cannot overlap pTarget's // The buffers for Source1 and Source2 cannot overlap pTarget's
// buffer. Source1.Length + Source2.Length must be <= 0xFFFF, // buffer. Source1.Length + Source2.Length must be <= 0xFFFF,
// otherwise we overflow... // otherwise we overflow...
// //
USHORT TotalSize = Source1.Length + Source2.Length; USHORT TotalSize = Source1.Length + Source2.Length;
PBYTE buffer = (PBYTE) pTarget->Buffer; PBYTE buffer = (PBYTE) pTarget->Buffer;
if (TotalSize > pTarget->MaximumLength) if (TotalSize > pTarget->MaximumLength)
return ERROR_INSUFFICIENT_BUFFER; return ERROR_INSUFFICIENT_BUFFER;
pTarget->Length = TotalSize; pTarget->Length = TotalSize;
memcpy(buffer, Source1.Buffer, Source1.Length); memcpy(buffer, Source1.Buffer, Source1.Length);
memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length); memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length);
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }
BOOL BOOL
...@@ -783,27 +783,27 @@ ShowLastError( ...@@ -783,27 +783,27 @@ ShowLastError(
DWORD dwError DWORD dwError
) )
{ {
#define MAX_MSG_SIZE 256 #define MAX_MSG_SIZE 256
static WCHAR szMsgBuf[MAX_MSG_SIZE]; static WCHAR szMsgBuf[MAX_MSG_SIZE];
DWORD dwRes; DWORD dwRes;
printf("Error calling function %s: %lu\n", szAPI, dwError); printf("Error calling function %s: %lu\n", szAPI, dwError);
dwRes = FormatMessage ( dwRes = FormatMessage (
FORMAT_MESSAGE_FROM_SYSTEM, FORMAT_MESSAGE_FROM_SYSTEM,
NULL, NULL,
dwError, dwError,
0, 0,
szMsgBuf, szMsgBuf,
MAX_MSG_SIZE, MAX_MSG_SIZE,
NULL); NULL);
if (0 == dwRes) { if (0 == dwRes) {
printf("FormatMessage failed with %d\n", GetLastError()); printf("FormatMessage failed with %d\n", GetLastError());
// ExitProcess(EXIT_FAILURE); // ExitProcess(EXIT_FAILURE);
} else { } else {
printf("%S",szMsgBuf); printf("%S",szMsgBuf);
} }
} }
VOID VOID
...@@ -831,189 +831,189 @@ InitUnicodeString( ...@@ -831,189 +831,189 @@ InitUnicodeString(
Length = (ULONG)wcslen( SourceString ) * sizeof( WCHAR ); Length = (ULONG)wcslen( SourceString ) * sizeof( WCHAR );
DestinationString->Length = (USHORT)Length; DestinationString->Length = (USHORT)Length;
DestinationString->MaximumLength = (USHORT)(Length + sizeof(UNICODE_NULL)); DestinationString->MaximumLength = (USHORT)(Length + sizeof(UNICODE_NULL));
} }
else { else {
DestinationString->MaximumLength = 0; DestinationString->MaximumLength = 0;
DestinationString->Length = 0; DestinationString->Length = 0;
} }
} }
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize) { jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize) {
/* To build a Ticket, we first need to build a DerValue out of the EncodedTicket. /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
* But before we can do that, we need to make a byte array out of the ET. * But before we can do that, we need to make a byte array out of the ET.
*/ */
jobject derValue, ticket;
jbyteArray ary;
ary = (*env)->NewByteArray(env,encodedTicketSize); jobject derValue, ticket;
if ((*env)->ExceptionOccurred(env)) { jbyteArray ary;
return (jobject) NULL;
}
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize, ary = (*env)->NewByteArray(env,encodedTicketSize);
(jbyte *)encodedTicket); if ((*env)->ExceptionOccurred(env)) {
if ((*env)->ExceptionOccurred(env)) { return (jobject) NULL;
(*env)->DeleteLocalRef(env, ary); }
return (jobject) NULL;
}
derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary); (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize,
if ((*env)->ExceptionOccurred(env)) { (jbyte *)encodedTicket);
(*env)->DeleteLocalRef(env, ary); if ((*env)->ExceptionOccurred(env)) {
return (jobject) NULL; (*env)->DeleteLocalRef(env, ary);
} return (jobject) NULL;
}
derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue); return (jobject) NULL;
if ((*env)->ExceptionOccurred(env)) { }
(*env)->DeleteLocalRef(env, derValue);
return (jobject) NULL; (*env)->DeleteLocalRef(env, ary);
} ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, derValue); (*env)->DeleteLocalRef(env, derValue);
return ticket; return (jobject) NULL;
}
(*env)->DeleteLocalRef(env, derValue);
return ticket;
} }
// mdu // mdu
jobject BuildPrincipal(JNIEnv *env, PKERB_EXTERNAL_NAME principalName, jobject BuildPrincipal(JNIEnv *env, PKERB_EXTERNAL_NAME principalName,
UNICODE_STRING domainName) { UNICODE_STRING domainName) {
/* /*
* To build the Principal, we need to get the names out of * To build the Principal, we need to get the names out of
* this goofy MS structure * this goofy MS structure
*/ */
jobject principal = NULL; jobject principal = NULL;
jobject realmStr = NULL; jobject realmStr = NULL;
jobjectArray stringArray; jobjectArray stringArray;
jstring tempString; jstring tempString;
int nameCount,i; int nameCount,i;
PUNICODE_STRING scanner; PUNICODE_STRING scanner;
WCHAR *realm; WCHAR *realm;
ULONG realmLen; ULONG realmLen;
realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT, realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT,
((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL))); ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL)));
wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR)); wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR));
#ifdef DEBUG #ifdef DEBUG
printf("Principal domain is %S\n", realm); printf("Principal domain is %S\n", realm);
printf("Name type is %x\n", principalName->NameType); printf("Name type is %x\n", principalName->NameType);
printf("Name count is %x\n", principalName->NameCount); printf("Name count is %x\n", principalName->NameCount);
#endif #endif
nameCount = principalName->NameCount; nameCount = principalName->NameCount;
stringArray = (*env)->NewObjectArray(env, nameCount, stringArray = (*env)->NewObjectArray(env, nameCount,
javaLangStringClass, NULL); javaLangStringClass, NULL);
if (stringArray == NULL) { if (stringArray == NULL) {
printf("Can't allocate String array for Principal\n"); printf("Can't allocate String array for Principal\n");
LocalFree(realm); LocalFree(realm);
return principal; return principal;
} }
for (i=0; i<nameCount; i++) { for (i=0; i<nameCount; i++) {
// get the principal name // get the principal name
scanner = &(principalName->Names[i]); scanner = &(principalName->Names[i]);
// OK, got a Char array, so construct a String // OK, got a Char array, so construct a String
tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer, tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer,
scanner->Length/sizeof(WCHAR)); scanner->Length/sizeof(WCHAR));
// Set the String into the StringArray // Set the String into the StringArray
(*env)->SetObjectArrayElement(env, stringArray, i, tempString); (*env)->SetObjectArrayElement(env, stringArray, i, tempString);
// Do I have to worry about storage reclamation here? // Do I have to worry about storage reclamation here?
} }
principal = (*env)->NewObject(env, principalNameClass, principal = (*env)->NewObject(env, principalNameClass,
principalNameConstructor, stringArray); principalNameConstructor, stringArray);
// now set the realm in the principal // now set the realm in the principal
realmLen = (ULONG)wcslen((PWCHAR)realm); realmLen = (ULONG)wcslen((PWCHAR)realm);
realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen); realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen);
(*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr); (*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr);
// free local resources // free local resources
LocalFree(realm); LocalFree(realm);
return principal; return principal;
} }
jobject BuildEncryptionKey(JNIEnv *env, PKERB_CRYPTO_KEY cryptoKey) { jobject BuildEncryptionKey(JNIEnv *env, PKERB_CRYPTO_KEY cryptoKey) {
// First, need to build a byte array // First, need to build a byte array
jbyteArray ary; jbyteArray ary;
jobject encryptionKey = NULL; jobject encryptionKey = NULL;
ary = (*env)->NewByteArray(env,cryptoKey->Length); ary = (*env)->NewByteArray(env,cryptoKey->Length);
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length, (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length,
(jbyte *)cryptoKey->Value); (jbyte *)cryptoKey->Value);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
} else { } else {
encryptionKey = (*env)->NewObject(env, encryptionKeyClass, encryptionKey = (*env)->NewObject(env, encryptionKeyClass,
encryptionKeyConstructor, cryptoKey->KeyType, ary); encryptionKeyConstructor, cryptoKey->KeyType, ary);
} }
return encryptionKey; return encryptionKey;
} }
jobject BuildTicketFlags(JNIEnv *env, PULONG flags) { jobject BuildTicketFlags(JNIEnv *env, PULONG flags) {
jobject ticketFlags = NULL; jobject ticketFlags = NULL;
jbyteArray ary; jbyteArray ary;
/* /*
* mdu: Convert the bytes to nework byte order before copying * mdu: Convert the bytes to nework byte order before copying
* them to a Java byte array. * them to a Java byte array.
*/ */
ULONG nlflags = htonl(*flags); ULONG nlflags = htonl(*flags);
ary = (*env)->NewByteArray(env, sizeof(*flags)); ary = (*env)->NewByteArray(env, sizeof(*flags));
(*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags), (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags),
(jbyte *)&nlflags); (jbyte *)&nlflags);
if ((*env)->ExceptionOccurred(env)) { if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, ary); (*env)->DeleteLocalRef(env, ary);
} else { } else {
ticketFlags = (*env)->NewObject(env, ticketFlagsClass, ticketFlags = (*env)->NewObject(env, ticketFlagsClass,
ticketFlagsConstructor, sizeof(*flags)*8, ary); ticketFlagsConstructor, sizeof(*flags)*8, ary);
} }
return ticketFlags; return ticketFlags;
} }
jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime) { jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime) {
jobject kerberosTime = NULL; jobject kerberosTime = NULL;
jstring stringTime = NULL; jstring stringTime = NULL;
SYSTEMTIME systemTime; SYSTEMTIME systemTime;
WCHAR timeString[16]; WCHAR timeString[16];
WCHAR month[3]; WCHAR month[3];
WCHAR day[3]; WCHAR day[3];
WCHAR hour[3]; WCHAR hour[3];
WCHAR minute[3]; WCHAR minute[3];
WCHAR second[3]; WCHAR second[3];
if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) { if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
// XXX Cannot use %02.2ld, because the leading 0 is ignored for integers. // XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
// So, print them to strings, and then print them to the master string with a // So, print them to strings, and then print them to the master string with a
// format pattern that makes it two digits and prefix with a 0 if necessary. // format pattern that makes it two digits and prefix with a 0 if necessary.
swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth); swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay); swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour); swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute); swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute);
swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond); swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond);
swprintf( (wchar_t *)timeString, swprintf( (wchar_t *)timeString,
L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ", L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ",
systemTime.wYear, systemTime.wYear,
month, month,
day, day,
hour, hour,
minute, minute,
second ); second );
#ifdef DEBUG #ifdef DEBUG
printf("%S\n", (wchar_t *)timeString); printf("%S\n", (wchar_t *)timeString);
#endif /* DEBUG */ #endif /* DEBUG */
stringTime = (*env)->NewString(env, timeString, stringTime = (*env)->NewString(env, timeString,
(sizeof(timeString)/sizeof(WCHAR))-1); (sizeof(timeString)/sizeof(WCHAR))-1);
if (stringTime != NULL) { // everything's OK so far if (stringTime != NULL) { // everything's OK so far
kerberosTime = (*env)->NewObject(env, kerberosTimeClass, kerberosTime = (*env)->NewObject(env, kerberosTimeClass,
kerberosTimeConstructor, stringTime); kerberosTimeConstructor, stringTime);
}
} }
return kerberosTime; }
return kerberosTime;
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册