Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
a7010730
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
a7010730
编写于
9月 28, 2011
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7077640: gss wrap for cfx doesn't handle rrc != 0
Reviewed-by: valeriep
上级
a9dd3c17
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
132 addition
and
38 deletion
+132
-38
src/share/classes/sun/security/jgss/krb5/MessageToken_v2.java
...share/classes/sun/security/jgss/krb5/MessageToken_v2.java
+3
-2
test/sun/security/krb5/auto/Context.java
test/sun/security/krb5/auto/Context.java
+59
-36
test/sun/security/krb5/auto/RRC.java
test/sun/security/krb5/auto/RRC.java
+70
-0
未找到文件。
src/share/classes/sun/security/jgss/krb5/MessageToken_v2.java
浏览文件 @
a7010730
...
...
@@ -233,7 +233,6 @@ abstract class MessageToken_v2 extends Krb5Token {
}
if
(
tokenId
==
Krb5Token
.
WRAP_ID_v2
)
{
// Does non-confidential data needs a rotate?
rotate
();
}
...
...
@@ -421,10 +420,12 @@ abstract class MessageToken_v2 extends Krb5Token {
int
conf_flag
=
tokenHeaderBytes
[
TOKEN_FLAG_POS
]
&
FLAG_WRAP_CONFIDENTIAL
;
// clear EC in token header for checksum calculation
// clear EC
and RRC
in token header for checksum calculation
if
((
conf_flag
==
0
)
&&
(
tokenId
==
WRAP_ID_v2
))
{
tokenHeaderBytes
[
4
]
=
0
;
tokenHeaderBytes
[
5
]
=
0
;
tokenHeaderBytes
[
6
]
=
0
;
tokenHeaderBytes
[
7
]
=
0
;
}
return
cipherHelper
.
calculateChecksum
(
tokenHeaderBytes
,
data
,
offset
,
len
,
key_usage
);
...
...
test/sun/security/krb5/auto/Context.java
浏览文件 @
a7010730
...
...
@@ -375,44 +375,34 @@ public class Context {
}
}
/**
* Transmits a message from one Context to another. The sender wraps the
* message and sends it to the receiver. The receiver unwraps it, creates
* a MIC of the clear text and sends it back to the sender. The sender
* verifies the MIC against the message sent earlier.
* @param message the message
* @param s1 the sender
* @param s2 the receiver
* @throws java.lang.Exception If anything goes wrong
*/
static
public
void
transmit
(
final
String
message
,
final
Context
s1
,
final
Context
s2
)
throws
Exception
{
final
byte
[]
messageBytes
=
message
.
getBytes
();
System
.
out
.
printf
(
"-------------------- TRANSMIT from %s to %s------------------------\n"
,
s1
.
name
,
s2
.
name
);
byte
[]
t
=
s1
.
doAs
(
new
Action
()
{
public
byte
[]
wrap
(
byte
[]
t
,
final
boolean
privacy
)
throws
Exception
{
return
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
dummy
)
throws
Exception
{
System
.
out
.
print
ln
(
"wrap"
);
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
System
.
out
.
print
f
(
"wrap %s privacy from %s: "
,
privacy
?
"with"
:
"without"
,
me
.
name
);
MessageProp
p1
=
new
MessageProp
(
0
,
privacy
);
byte
[]
out
;
if
(
usingStream
)
{
ByteArrayOutputStream
os
=
new
ByteArrayOutputStream
();
me
.
x
.
wrap
(
new
ByteArrayInputStream
(
messageBytes
),
os
,
p1
);
me
.
x
.
wrap
(
new
ByteArrayInputStream
(
input
),
os
,
p1
);
out
=
os
.
toByteArray
();
}
else
{
out
=
me
.
x
.
wrap
(
messageBytes
,
0
,
messageBytes
.
length
,
p1
);
out
=
me
.
x
.
wrap
(
input
,
0
,
input
.
length
,
p1
);
}
System
.
out
.
println
(
printProp
(
p1
));
return
out
;
}
},
null
);
},
t
);
}
t
=
s2
.
doAs
(
new
Action
()
{
public
byte
[]
unwrap
(
byte
[]
t
,
final
boolean
privacy
)
throws
Exception
{
return
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
System
.
out
.
printf
(
"unwrap %s privacy from %s: "
,
privacy
?
"with"
:
"without"
,
me
.
name
);
MessageProp
p1
=
new
MessageProp
(
0
,
privacy
);
byte
[]
bytes
;
if
(
usingStream
)
{
ByteArrayOutputStream
os
=
new
ByteArrayOutputStream
();
...
...
@@ -421,36 +411,45 @@ public class Context {
}
else
{
bytes
=
me
.
x
.
unwrap
(
input
,
0
,
input
.
length
,
p1
);
}
if
(!
Arrays
.
equals
(
messageBytes
,
bytes
))
throw
new
Exception
(
"wrap/unwrap mismatch"
);
System
.
out
.
println
(
"unwrap"
);
System
.
out
.
println
(
printProp
(
p1
));
return
bytes
;
}
},
t
);
}
public
byte
[]
getMic
(
byte
[]
t
)
throws
Exception
{
return
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
byte
[]
bytes
;
p1
=
new
MessageProp
(
0
,
true
);
System
.
out
.
print
ln
(
"getMIC"
);
System
.
out
.
print
f
(
"getMic from %s: "
,
me
.
name
);
if
(
usingStream
)
{
ByteArrayOutputStream
os
=
new
ByteArrayOutputStream
();
me
.
x
.
getMIC
(
new
ByteArrayInputStream
(
messageBytes
),
os
,
p1
);
me
.
x
.
getMIC
(
new
ByteArrayInputStream
(
input
),
os
,
p1
);
bytes
=
os
.
toByteArray
();
}
else
{
bytes
=
me
.
x
.
getMIC
(
messageBytes
,
0
,
messageBytes
.
length
,
p1
);
bytes
=
me
.
x
.
getMIC
(
input
,
0
,
input
.
length
,
p1
);
}
System
.
out
.
println
(
printProp
(
p1
));
return
bytes
;
}
},
t
);
}
// Re-unwrap should make p2.isDuplicateToken() returns true
s1
.
doAs
(
new
Action
()
{
public
void
verifyMic
(
byte
[]
t
,
final
byte
[]
msg
)
throws
Exception
{
doAs
(
new
Action
()
{
@Override
public
byte
[]
run
(
Context
me
,
byte
[]
input
)
throws
Exception
{
MessageProp
p1
=
new
MessageProp
(
0
,
true
);
System
.
out
.
print
ln
(
"verifyMIC"
);
System
.
out
.
print
f
(
"verifyMic from %s: "
,
me
.
name
);
if
(
usingStream
)
{
me
.
x
.
verifyMIC
(
new
ByteArrayInputStream
(
input
),
new
ByteArrayInputStream
(
m
essageBytes
),
p1
);
new
ByteArrayInputStream
(
m
sg
),
p1
);
}
else
{
me
.
x
.
verifyMIC
(
input
,
0
,
input
.
length
,
m
essageBytes
,
0
,
messageBytes
.
length
,
m
sg
,
0
,
msg
.
length
,
p1
);
}
System
.
out
.
println
(
printProp
(
p1
));
...
...
@@ -459,6 +458,30 @@ public class Context {
},
t
);
}
/**
* Transmits a message from one Context to another. The sender wraps the
* message and sends it to the receiver. The receiver unwraps it, creates
* a MIC of the clear text and sends it back to the sender. The sender
* verifies the MIC against the message sent earlier.
* @param message the message
* @param s1 the sender
* @param s2 the receiver
* @throws java.lang.Exception If anything goes wrong
*/
static
public
void
transmit
(
final
String
message
,
final
Context
s1
,
final
Context
s2
)
throws
Exception
{
final
byte
[]
messageBytes
=
message
.
getBytes
();
System
.
out
.
printf
(
"-------------------- TRANSMIT from %s to %s------------------------\n"
,
s1
.
name
,
s2
.
name
);
byte
[]
wrapped
=
s1
.
wrap
(
messageBytes
,
true
);
byte
[]
unwrapped
=
s2
.
unwrap
(
wrapped
,
true
);
if
(!
Arrays
.
equals
(
messageBytes
,
unwrapped
))
{
throw
new
Exception
(
"wrap/unwrap mismatch"
);
}
byte
[]
mic
=
s2
.
getMic
(
unwrapped
);
s1
.
verifyMic
(
mic
,
messageBytes
);
}
/**
* Returns a string description of a MessageProp object
* @param prop the object
...
...
test/sun/security/krb5/auto/RRC.java
0 → 100644
浏览文件 @
a7010730
/*
* Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 7077640
* @summary gss wrap for cfx doesn't handle rrc != 0
* @compile -XDignore.symbol.file RRC.java
* @run main/othervm RRC
*/
import
java.util.Arrays
;
import
sun.security.jgss.GSSUtil
;
// The basic krb5 test skeleton you can copy from
public
class
RRC
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
new
OneKDC
(
null
).
writeJAASConf
();
Context
c
,
s
;
c
=
Context
.
fromJAAS
(
"client"
);
s
=
Context
.
fromJAAS
(
"server"
);
c
.
startAsClient
(
OneKDC
.
SERVER
,
GSSUtil
.
GSS_SPNEGO_MECH_OID
);
s
.
startAsServer
(
GSSUtil
.
GSS_SPNEGO_MECH_OID
);
Context
.
handshake
(
c
,
s
);
byte
[]
msg
=
"i say high --"
.
getBytes
();
byte
[]
wrapped
=
c
.
wrap
(
msg
,
false
);
// Simulate RRC equals to EC
int
rrc
=
wrapped
[
5
];
byte
[]
rotated
=
new
byte
[
wrapped
.
length
];
System
.
arraycopy
(
wrapped
,
0
,
rotated
,
0
,
16
);
System
.
arraycopy
(
wrapped
,
wrapped
.
length
-
rrc
,
rotated
,
16
,
rrc
);
System
.
arraycopy
(
wrapped
,
16
,
rotated
,
16
+
rrc
,
wrapped
.
length
-
16
-
rrc
);
rotated
[
7
]
=
(
byte
)
rrc
;
byte
[]
unwrapped
=
s
.
unwrap
(
rotated
,
false
);
if
(!
Arrays
.
equals
(
msg
,
unwrapped
))
{
throw
new
Exception
(
"Failure"
);
}
s
.
dispose
();
c
.
dispose
();
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录