Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
e92b5641
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
e92b5641
编写于
3月 17, 2008
作者:
T
tbell
浏览文件
操作
浏览文件
下载
差异文件
Merge
上级
5a8b9679
fd4ec021
变更
64
展开全部
隐藏空白更改
内联
并排
Showing
64 changed file
with
4064 addition
and
2374 deletion
+4064
-2374
src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
+7
-1
src/share/classes/java/net/AbstractPlainSocketImpl.java
src/share/classes/java/net/AbstractPlainSocketImpl.java
+0
-1
src/share/classes/java/net/InterfaceAddress.java
src/share/classes/java/net/InterfaceAddress.java
+2
-4
src/share/classes/java/net/NetworkInterface.java
src/share/classes/java/net/NetworkInterface.java
+0
-2
src/share/classes/java/net/Socket.java
src/share/classes/java/net/Socket.java
+2
-1
src/share/classes/java/net/URLConnection.java
src/share/classes/java/net/URLConnection.java
+5
-5
src/share/classes/java/security/AccessControlContext.java
src/share/classes/java/security/AccessControlContext.java
+2
-2
src/share/classes/java/security/KeyStore.java
src/share/classes/java/security/KeyStore.java
+1
-1
src/share/classes/javax/security/cert/X509Certificate.java
src/share/classes/javax/security/cert/X509Certificate.java
+4
-4
src/share/classes/sun/net/www/http/ChunkedOutputStream.java
src/share/classes/sun/net/www/http/ChunkedOutputStream.java
+11
-2
src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
.../classes/sun/net/www/protocol/http/HttpURLConnection.java
+36
-8
src/share/classes/sun/net/www/protocol/https/HttpsClient.java
...share/classes/sun/net/www/protocol/https/HttpsClient.java
+11
-1
src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
...sses/sun/net/www/protocol/mailto/MailToURLConnection.java
+6
-4
src/share/classes/sun/security/krb5/Config.java
src/share/classes/sun/security/krb5/Config.java
+5
-4
src/share/classes/sun/security/krb5/KrbTgsReq.java
src/share/classes/sun/security/krb5/KrbTgsReq.java
+99
-99
src/share/classes/sun/security/krb5/internal/APRep.java
src/share/classes/sun/security/krb5/internal/APRep.java
+69
-62
src/share/classes/sun/security/krb5/internal/APReq.java
src/share/classes/sun/security/krb5/internal/APReq.java
+82
-78
src/share/classes/sun/security/krb5/internal/ASRep.java
src/share/classes/sun/security/krb5/internal/ASRep.java
+21
-23
src/share/classes/sun/security/krb5/internal/ASReq.java
src/share/classes/sun/security/krb5/internal/ASReq.java
+11
-12
src/share/classes/sun/security/krb5/internal/Authenticator.java
...are/classes/sun/security/krb5/internal/Authenticator.java
+130
-121
src/share/classes/sun/security/krb5/internal/AuthorizationData.java
...classes/sun/security/krb5/internal/AuthorizationData.java
+85
-87
src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
...es/sun/security/krb5/internal/AuthorizationDataEntry.java
+70
-70
src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
+4
-4
src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
...hare/classes/sun/security/krb5/internal/EncAPRepPart.java
+93
-85
src/share/classes/sun/security/krb5/internal/EncASRepPart.java
...hare/classes/sun/security/krb5/internal/EncASRepPart.java
+46
-48
src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
...are/classes/sun/security/krb5/internal/EncKDCRepPart.java
+146
-125
src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
...re/classes/sun/security/krb5/internal/EncKrbCredPart.java
+135
-124
src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
...re/classes/sun/security/krb5/internal/EncKrbPrivPart.java
+101
-96
src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
...are/classes/sun/security/krb5/internal/EncTGSRepPart.java
+44
-47
src/share/classes/sun/security/krb5/internal/EncTicketPart.java
...are/classes/sun/security/krb5/internal/EncTicketPart.java
+133
-116
src/share/classes/sun/security/krb5/internal/KDCRep.java
src/share/classes/sun/security/krb5/internal/KDCRep.java
+142
-136
src/share/classes/sun/security/krb5/internal/KDCReq.java
src/share/classes/sun/security/krb5/internal/KDCReq.java
+136
-131
src/share/classes/sun/security/krb5/internal/KRBCred.java
src/share/classes/sun/security/krb5/internal/KRBCred.java
+103
-97
src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
...share/classes/sun/security/krb5/internal/KrbCredInfo.java
+11
-11
src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
.../sun/security/krb5/internal/ccache/CCacheInputStream.java
+11
-5
src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
...lasses/sun/security/krb5/internal/ccache/Credentials.java
+173
-157
src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
...ses/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
+3
-1
src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
...s/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
+3
-1
src/share/classes/sun/security/ssl/Handshaker.java
src/share/classes/sun/security/ssl/Handshaker.java
+4
-1
src/share/classes/sun/security/ssl/InputRecord.java
src/share/classes/sun/security/ssl/InputRecord.java
+8
-7
src/share/classes/sun/security/ssl/OutputRecord.java
src/share/classes/sun/security/ssl/OutputRecord.java
+12
-0
src/share/classes/sun/security/ssl/SSLSocketImpl.java
src/share/classes/sun/security/ssl/SSLSocketImpl.java
+82
-12
src/share/classes/sun/security/x509/AVA.java
src/share/classes/sun/security/x509/AVA.java
+6
-1
src/solaris/classes/java/net/PlainSocketImpl.java
src/solaris/classes/java/net/PlainSocketImpl.java
+0
-3
src/windows/classes/java/net/DualStackPlainSocketImpl.java
src/windows/classes/java/net/DualStackPlainSocketImpl.java
+0
-3
src/windows/classes/java/net/PlainSocketImpl.java
src/windows/classes/java/net/PlainSocketImpl.java
+0
-5
src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
+0
-3
src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
...ndows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
+36
-15
src/windows/native/sun/security/krb5/NativeCreds.c
src/windows/native/sun/security/krb5/NativeCreds.c
+528
-528
test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
.../com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
+72
-0
test/java/net/CookieHandler/CookieManagerTest.java
test/java/net/CookieHandler/CookieManagerTest.java
+15
-15
test/java/net/InterfaceAddress/Equals.java
test/java/net/InterfaceAddress/Equals.java
+119
-0
test/java/net/ResponseCache/file2.1
test/java/net/ResponseCache/file2.1
+1
-1
test/java/security/AccessControlContext/FailureDebugOption.java
...ava/security/AccessControlContext/FailureDebugOption.java
+50
-0
test/javax/security/auth/x500/X500Principal/RFC4514.java
test/javax/security/auth/x500/X500Principal/RFC4514.java
+92
-0
test/sun/net/www/http/ChunkedOutputStream/Test.java
test/sun/net/www/http/ChunkedOutputStream/Test.java
+97
-1
test/sun/net/www/protocol/http/B6641309.java
test/sun/net/www/protocol/http/B6641309.java
+129
-0
test/sun/net/www/protocol/http/B6660405.java
test/sun/net/www/protocol/http/B6660405.java
+163
-0
test/sun/security/krb5/DnsFallback.java
test/sun/security/krb5/DnsFallback.java
+64
-0
test/sun/security/krb5/OptionPADataInKDCReq.java
test/sun/security/krb5/OptionPADataInKDCReq.java
+123
-0
test/sun/security/krb5/TimeInCCache.java
test/sun/security/krb5/TimeInCCache.java
+93
-0
test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
...t/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
+116
-0
test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CloseKeepAliveCached.java
...otocol/https/HttpsURLConnection/CloseKeepAliveCached.java
+308
-0
test/sun/security/tools/keytool/StartDateTest.java
test/sun/security/tools/keytool/StartDateTest.java
+3
-3
未找到文件。
src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
浏览文件 @
e92b5641
...
...
@@ -34,6 +34,7 @@ import java.security.KeyRep;
import
java.security.GeneralSecurityException
;
import
java.security.InvalidKeyException
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.NoSuchProviderException
;
import
java.security.spec.InvalidKeySpecException
;
import
javax.crypto.Mac
;
import
javax.crypto.SecretKey
;
...
...
@@ -107,12 +108,17 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey {
throw
new
InvalidKeySpecException
(
"Key length is negative"
);
}
try
{
this
.
prf
=
Mac
.
getInstance
(
prfAlgo
,
new
SunJCE
()
);
this
.
prf
=
Mac
.
getInstance
(
prfAlgo
,
"SunJCE"
);
}
catch
(
NoSuchAlgorithmException
nsae
)
{
// not gonna happen; re-throw just in case
InvalidKeySpecException
ike
=
new
InvalidKeySpecException
();
ike
.
initCause
(
nsae
);
throw
ike
;
}
catch
(
NoSuchProviderException
nspe
)
{
// Again, not gonna happen; re-throw just in case
InvalidKeySpecException
ike
=
new
InvalidKeySpecException
();
ike
.
initCause
(
nspe
);
throw
ike
;
}
this
.
key
=
deriveKey
(
prf
,
passwdBytes
,
salt
,
iterCount
,
keyLength
);
}
...
...
src/share/classes/java/net/AbstractPlainSocketImpl.java
浏览文件 @
e92b5641
...
...
@@ -664,7 +664,6 @@ abstract class AbstractPlainSocketImpl extends SocketImpl
abstract
void
socketSetOption
(
int
cmd
,
boolean
on
,
Object
value
)
throws
SocketException
;
abstract
int
socketGetOption
(
int
opt
,
Object
iaContainerObj
)
throws
SocketException
;
abstract
int
socketGetOption1
(
int
opt
,
Object
iaContainerObj
,
FileDescriptor
fd
)
throws
SocketException
;
abstract
void
socketSendUrgentData
(
int
data
)
throws
IOException
;
...
...
src/share/classes/java/net/InterfaceAddress.java
浏览文件 @
e92b5641
...
...
@@ -103,11 +103,9 @@ public class InterfaceAddress {
return
false
;
}
InterfaceAddress
cmp
=
(
InterfaceAddress
)
obj
;
if
((
address
!=
null
&
cmp
.
address
==
null
)
||
(!
address
.
equals
(
cmp
.
address
)))
if
(
!(
address
==
null
?
cmp
.
address
==
null
:
address
.
equals
(
cmp
.
address
))
)
return
false
;
if
((
broadcast
!=
null
&
cmp
.
broadcast
==
null
)
||
(!
broadcast
.
equals
(
cmp
.
broadcast
)))
if
(
!(
broadcast
==
null
?
cmp
.
broadcast
==
null
:
broadcast
.
equals
(
cmp
.
broadcast
))
)
return
false
;
if
(
maskLength
!=
cmp
.
maskLength
)
return
false
;
...
...
src/share/classes/java/net/NetworkInterface.java
浏览文件 @
e92b5641
...
...
@@ -425,8 +425,6 @@ public final class NetworkInterface {
return
virtual
;
}
private
native
static
long
getSubnet0
(
String
name
,
int
ind
)
throws
SocketException
;
private
native
static
Inet4Address
getBroadcast0
(
String
name
,
int
ind
)
throws
SocketException
;
private
native
static
boolean
isUp0
(
String
name
,
int
ind
)
throws
SocketException
;
private
native
static
boolean
isLoopback0
(
String
name
,
int
ind
)
throws
SocketException
;
private
native
static
boolean
supportsMulticast0
(
String
name
,
int
ind
)
throws
SocketException
;
...
...
src/share/classes/java/net/Socket.java
浏览文件 @
e92b5641
...
...
@@ -731,7 +731,8 @@ class Socket implements java.io.Closeable {
* then this method will continue to return the connected address
* after the socket is closed.
*
* @return a <code>SocketAddress</code> reprensenting the remote endpoint of this
* @return a <code>SocketAddress</code> representing the remote endpoint of this
* socket, or <code>null</code> if it is not connected yet.
* @see #getInetAddress()
* @see #getPort()
...
...
src/share/classes/java/net/URLConnection.java
浏览文件 @
e92b5641
...
...
@@ -1072,7 +1072,7 @@ public abstract class URLConnection {
* properties to be appended into a single property.
*
* @param key the keyword by which the request is known
* (e.g., "<code>
a
ccept</code>").
* (e.g., "<code>
A
ccept</code>").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is <CODE>null</CODE>
...
...
@@ -1096,7 +1096,7 @@ public abstract class URLConnection {
* existing values associated with the same key.
*
* @param key the keyword by which the request is known
* (e.g., "<code>
a
ccept</code>").
* (e.g., "<code>
A
ccept</code>").
* @param value the value associated with it.
* @throws IllegalStateException if already connected
* @throws NullPointerException if key is null
...
...
@@ -1120,7 +1120,7 @@ public abstract class URLConnection {
* Returns the value of the named general request property for this
* connection.
*
* @param key the keyword by which the request is known (e.g., "
a
ccept").
* @param key the keyword by which the request is known (e.g., "
A
ccept").
* @return the value of the named general request property for this
* connection. If key is null, then null is returned.
* @throws IllegalStateException if already connected
...
...
@@ -1164,7 +1164,7 @@ public abstract class URLConnection {
* these properties.
*
* @param key the keyword by which the request is known
* (e.g., "<code>
a
ccept</code>").
* (e.g., "<code>
A
ccept</code>").
* @param value the value associated with the key.
*
* @see java.net.URLConnection#setRequestProperty(java.lang.String,java.lang.String)
...
...
@@ -1183,7 +1183,7 @@ public abstract class URLConnection {
* Returns the value of the default request property. Default request
* properties are set for every connection.
*
* @param key the keyword by which the request is known (e.g., "
a
ccept").
* @param key the keyword by which the request is known (e.g., "
A
ccept").
* @return the value of the default request property
* for the specified key.
*
...
...
src/share/classes/java/security/AccessControlContext.java
浏览文件 @
e92b5641
/*
* Copyright 1997-200
6
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-200
8
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -322,7 +322,7 @@ public final class AccessControlContext {
debug
.
println
(
"access denied "
+
perm
);
}
if
(
Debug
.
isOn
(
"failure"
))
{
if
(
Debug
.
isOn
(
"failure"
)
&&
debug
!=
null
)
{
// Want to make sure this is always displayed for failure,
// but do not want to display again if already displayed
// above.
...
...
src/share/classes/java/security/KeyStore.java
浏览文件 @
e92b5641
...
...
@@ -789,7 +789,7 @@ public class KeyStore {
* @param alias the alias name
*
* @return the certificate chain (ordered with the user's certificate first
*
and the root certificate authority last
), or null if the given alias
*
followed by zero or more certificate authorities
), or null if the given alias
* does not exist or does not contain a certificate chain
*
* @exception KeyStoreException if the keystore has not been initialized
...
...
src/share/classes/javax/security/cert/X509Certificate.java
浏览文件 @
e92b5641
...
...
@@ -363,7 +363,7 @@ public abstract class X509Certificate extends Certificate {
* subject Name
* </pre>
*
* <p>See
<a href = "#getIssuerDN">getIssuerDN</a>
for <code>Name</code>
* <p>See
{@link #getIssuerDN() getIssuerDN}
for <code>Name</code>
* and other relevant definitions.
*
* @return a Principal whose name is the subject name.
...
...
@@ -393,7 +393,7 @@ public abstract class X509Certificate extends Certificate {
/**
* Gets the <code>notAfter</code> date from the validity period of
* the certificate. See
<a href = "#getNotBefore">getNotBefore</a>
* the certificate. See
{@link #getNotBefore() getNotBefore}
* for relevant ASN.1 definitions.
*
* @return the end date of the validity period.
...
...
@@ -429,7 +429,7 @@ public abstract class X509Certificate extends Certificate {
* For example, the string "1.2.840.10040.4.3" identifies the SHA-1
* with DSA signature algorithm, as per the PKIX part I.
*
* <p>See
<a href = "#getSigAlgName">getSigAlgName</a>
for
* <p>See
{@link #getSigAlgName() getSigAlgName}
for
* relevant ASN.1 definitions.
*
* @return the signature algorithm OID string.
...
...
@@ -442,7 +442,7 @@ public abstract class X509Certificate extends Certificate {
* algorithm parameters are null; the parameters are usually
* supplied with the certificate's public key.
*
* <p>See
<a href = "#getSigAlgName">getSigAlgName</a>
for
* <p>See
{@link #getSigAlgName() getSigAlgName}
for
* relevant ASN.1 definitions.
*
* @return the DER-encoded signature algorithm parameters, or
...
...
src/share/classes/sun/net/www/http/ChunkedOutputStream.java
浏览文件 @
e92b5641
...
...
@@ -177,14 +177,23 @@ public class ChunkedOutputStream extends PrintStream {
return
;
}
if
(
len
>
MAX_BUF_SIZE
)
{
int
l
=
preferredChunkSize
-
count
;
if
((
len
>
MAX_BUF_SIZE
)
&&
(
len
>
l
))
{
/* current chunk is empty just write the data */
if
(
count
==
0
)
{
count
=
len
;
flush
(
b
,
false
,
off
);
return
;
}
/* first finish the current chunk */
int
l
=
preferredChunkSize
-
count
;
if
(
l
>
0
)
{
System
.
arraycopy
(
b
,
off
,
buf
,
count
,
l
);
count
=
preferredChunkSize
;
flush
(
buf
,
false
);
}
count
=
len
-
l
;
/* Now write the rest of the data */
flush
(
b
,
false
,
l
+
off
);
...
...
src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
浏览文件 @
e92b5641
...
...
@@ -64,11 +64,6 @@ import java.text.SimpleDateFormat;
import
java.util.TimeZone
;
import
java.net.MalformedURLException
;
import
java.nio.ByteBuffer
;
import
java.nio.channels.ReadableByteChannel
;
import
java.nio.channels.WritableByteChannel
;
import
java.nio.channels.Selector
;
import
java.nio.channels.SelectionKey
;
import
java.nio.channels.SelectableChannel
;
import
java.lang.reflect.*
;
/**
...
...
@@ -823,6 +818,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* - get input, [read input,] get output, [write output]
*/
@Override
public
synchronized
OutputStream
getOutputStream
()
throws
IOException
{
try
{
...
...
@@ -924,11 +920,11 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if
(
l
!=
null
&&
!
l
.
isEmpty
())
{
StringBuilder
cookieValue
=
new
StringBuilder
();
for
(
String
value
:
l
)
{
cookieValue
.
append
(
value
).
append
(
';'
);
cookieValue
.
append
(
value
).
append
(
"; "
);
}
// strip off the
ending ;-sign
// strip off the
trailing '; '
try
{
requests
.
add
(
key
,
cookieValue
.
substring
(
0
,
cookieValue
.
length
()
-
1
));
requests
.
add
(
key
,
cookieValue
.
substring
(
0
,
cookieValue
.
length
()
-
2
));
}
catch
(
StringIndexOutOfBoundsException
ignored
)
{
// no-op
}
...
...
@@ -947,6 +943,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
// end of getting cookies
}
@Override
@SuppressWarnings
(
"empty-statement"
)
public
synchronized
InputStream
getInputStream
()
throws
IOException
{
if
(!
doInput
)
{
...
...
@@ -1380,6 +1378,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
InputStream
getErrorStream
()
{
if
(
connected
&&
responseCode
>=
400
)
{
// Client Error 4xx and Server Error 5xx
...
...
@@ -2047,6 +2046,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
*/
private
void
disconnectInternal
()
{
responseCode
=
-
1
;
inputStream
=
null
;
if
(
pi
!=
null
)
{
pi
.
finishTracking
();
pi
=
null
;
...
...
@@ -2145,6 +2145,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by name. Returns null if not known.
* @param name the name of the header field
*/
@Override
public
String
getHeaderField
(
String
name
)
{
try
{
getInputStream
();
...
...
@@ -2167,6 +2168,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @return a Map of header fields
* @since 1.4
*/
@Override
public
Map
<
String
,
List
<
String
>>
getHeaderFields
()
{
try
{
getInputStream
();
...
...
@@ -2183,6 +2185,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
@Override
public
String
getHeaderField
(
int
n
)
{
try
{
getInputStream
();
...
...
@@ -2198,6 +2201,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
@Override
public
String
getHeaderFieldKey
(
int
n
)
{
try
{
getInputStream
();
...
...
@@ -2215,6 +2219,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* exists, overwrite its value with the new value.
* @param value the value to be set
*/
@Override
public
void
setRequestProperty
(
String
key
,
String
value
)
{
if
(
connected
)
throw
new
IllegalStateException
(
"Already connected"
);
...
...
@@ -2236,6 +2241,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see #getRequestProperties(java.lang.String)
* @since 1.4
*/
@Override
public
void
addRequestProperty
(
String
key
,
String
value
)
{
if
(
connected
)
throw
new
IllegalStateException
(
"Already connected"
);
...
...
@@ -2255,6 +2261,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
requests
.
set
(
key
,
value
);
}
@Override
public
String
getRequestProperty
(
String
key
)
{
// don't return headers containing security sensitive information
if
(
key
!=
null
)
{
...
...
@@ -2279,6 +2286,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @throws IllegalStateException if already connected
* @since 1.4
*/
@Override
public
Map
<
String
,
List
<
String
>>
getRequestProperties
()
{
if
(
connected
)
throw
new
IllegalStateException
(
"Already connected"
);
...
...
@@ -2287,6 +2295,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return
requests
.
getHeaders
(
EXCLUDE_HEADERS
);
}
@Override
public
void
setConnectTimeout
(
int
timeout
)
{
if
(
timeout
<
0
)
throw
new
IllegalArgumentException
(
"timeouts can't be negative"
);
...
...
@@ -2306,6 +2315,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.net.URLConnection#connect()
* @since 1.5
*/
@Override
public
int
getConnectTimeout
()
{
return
(
connectTimeout
<
0
?
0
:
connectTimeout
);
}
...
...
@@ -2330,6 +2340,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
@Override
public
void
setReadTimeout
(
int
timeout
)
{
if
(
timeout
<
0
)
throw
new
IllegalArgumentException
(
"timeouts can't be negative"
);
...
...
@@ -2347,10 +2358,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.InputStream#read()
* @since 1.5
*/
@Override
public
int
getReadTimeout
()
{
return
readTimeout
<
0
?
0
:
readTimeout
;
}
@Override
protected
void
finalize
()
{
// this should do nothing. The stream finalizer will close
// the fd
...
...
@@ -2425,6 +2438,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#reset()
*/
@Override
public
synchronized
void
mark
(
int
readlimit
)
{
super
.
mark
(
readlimit
);
if
(
cacheRequest
!=
null
)
{
...
...
@@ -2454,6 +2468,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @see java.io.FilterInputStream#in
* @see java.io.FilterInputStream#mark(int)
*/
@Override
public
synchronized
void
reset
()
throws
IOException
{
super
.
reset
();
if
(
cacheRequest
!=
null
)
{
...
...
@@ -2462,6 +2477,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
int
read
()
throws
IOException
{
try
{
byte
[]
b
=
new
byte
[
1
];
...
...
@@ -2475,10 +2491,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
int
read
(
byte
[]
b
)
throws
IOException
{
return
read
(
b
,
0
,
b
.
length
);
}
@Override
public
int
read
(
byte
[]
b
,
int
off
,
int
len
)
throws
IOException
{
try
{
int
newLen
=
super
.
read
(
b
,
off
,
len
);
...
...
@@ -2509,6 +2527,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
void
close
()
throws
IOException
{
try
{
if
(
outputStream
!=
null
)
{
...
...
@@ -2553,6 +2572,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
error
=
false
;
}
@Override
public
void
write
(
int
b
)
throws
IOException
{
checkError
();
written
++;
...
...
@@ -2562,10 +2582,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
out
.
write
(
b
);
}
@Override
public
void
write
(
byte
[]
b
)
throws
IOException
{
write
(
b
,
0
,
b
.
length
);
}
@Override
public
void
write
(
byte
[]
b
,
int
off
,
int
len
)
throws
IOException
{
checkError
();
written
+=
len
;
...
...
@@ -2596,6 +2618,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return
closed
&&
!
error
;
}
@Override
public
void
close
()
throws
IOException
{
if
(
closed
)
{
return
;
...
...
@@ -2714,6 +2737,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
int
available
()
throws
IOException
{
if
(
is
==
null
)
{
return
buffer
.
remaining
();
...
...
@@ -2728,10 +2752,12 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return
(
ret
==
-
1
?
ret
:
(
b
[
0
]
&
0x00FF
));
}
@Override
public
int
read
(
byte
[]
b
)
throws
IOException
{
return
read
(
b
,
0
,
b
.
length
);
}
@Override
public
int
read
(
byte
[]
b
,
int
off
,
int
len
)
throws
IOException
{
int
rem
=
buffer
.
remaining
();
if
(
rem
>
0
)
{
...
...
@@ -2747,6 +2773,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
@Override
public
void
close
()
throws
IOException
{
buffer
=
null
;
if
(
is
!=
null
)
{
...
...
@@ -2763,6 +2790,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
class
EmptyInputStream
extends
InputStream
{
@Override
public
int
available
()
{
return
0
;
}
...
...
src/share/classes/sun/net/www/protocol/https/HttpsClient.java
浏览文件 @
e92b5641
/*
* Copyright 2001-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2001-200
8
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -518,6 +518,16 @@ final class HttpsClient extends HttpClient
kac
.
put
(
url
,
sslSocketFactory
,
this
);
}
/*
* Close an idle connection to this URL (if it exists in the cache).
*/
public
void
closeIdleConnection
()
{
HttpClient
http
=
(
HttpClient
)
kac
.
get
(
url
,
sslSocketFactory
);
if
(
http
!=
null
)
{
http
.
closeServer
();
}
}
/**
* Returns the cipher suite in use on this connection.
*/
...
...
src/share/classes/sun/net/www/protocol/mailto/MailToURLConnection.java
浏览文件 @
e92b5641
...
...
@@ -29,9 +29,6 @@ import java.net.URL;
import
java.net.InetAddress
;
import
java.net.SocketPermission
;
import
java.io.*
;
import
java.util.Enumeration
;
import
java.util.Hashtable
;
import
java.util.StringTokenizer
;
import
java.security.Permission
;
import
sun.net.www.*
;
import
sun.net.smtp.SmtpClient
;
...
...
@@ -86,11 +83,11 @@ public class MailToURLConnection extends URLConnection {
}
public
void
connect
()
throws
IOException
{
System
.
err
.
println
(
"connect. Timeout = "
+
connectTimeout
);
client
=
new
SmtpClient
(
connectTimeout
);
client
.
setReadTimeout
(
readTimeout
);
}
@Override
public
synchronized
OutputStream
getOutputStream
()
throws
IOException
{
if
(
os
!=
null
)
{
return
os
;
...
...
@@ -107,6 +104,7 @@ public class MailToURLConnection extends URLConnection {
return
os
;
}
@Override
public
Permission
getPermission
()
throws
IOException
{
if
(
permission
==
null
)
{
connect
();
...
...
@@ -116,22 +114,26 @@ public class MailToURLConnection extends URLConnection {
return
permission
;
}
@Override
public
void
setConnectTimeout
(
int
timeout
)
{
if
(
timeout
<
0
)
throw
new
IllegalArgumentException
(
"timeouts can't be negative"
);
connectTimeout
=
timeout
;
}
@Override
public
int
getConnectTimeout
()
{
return
(
connectTimeout
<
0
?
0
:
connectTimeout
);
}
@Override
public
void
setReadTimeout
(
int
timeout
)
{
if
(
timeout
<
0
)
throw
new
IllegalArgumentException
(
"timeouts can't be negative"
);
readTimeout
=
timeout
;
}
@Override
public
int
getReadTimeout
()
{
return
readTimeout
<
0
?
0
:
readTimeout
;
}
...
...
src/share/classes/sun/security/krb5/Config.java
浏览文件 @
e92b5641
...
...
@@ -1040,11 +1040,12 @@ public class Config {
* Check if need to use DNS to locate Kerberos services
*/
public
boolean
useDNS
(
String
name
)
{
boolean
value
=
getDefaultBooleanValue
(
name
,
"libdefaults"
);
if
(
value
==
false
)
{
value
=
getDefaultBooleanValue
(
"dns_fallback"
,
"libdefaults"
);
String
value
=
getDefault
(
name
,
"libdefaults"
);
if
(
value
==
null
)
{
return
getDefaultBooleanValue
(
"dns_fallback"
,
"libdefaults"
);
}
else
{
return
value
.
equalsIgnoreCase
(
"true"
);
}
return
value
;
}
/**
...
...
src/share/classes/sun/security/krb5/KrbTgsReq.java
浏览文件 @
e92b5641
...
...
@@ -75,108 +75,108 @@ public class KrbTgsReq extends KrbKdcReq {
null
);
// EncryptionKey subSessionKey
}
// Called by Credentials, KrbCred
KrbTgsReq
(
KDCOptions
options
,
Credentials
asCreds
,
PrincipalName
sname
,
KerberosTime
from
,
KerberosTime
till
,
KerberosTime
rtime
,
int
[]
eTypes
,
HostAddresses
addresses
,
AuthorizationData
authorizationData
,
Ticket
[]
additionalTickets
,
EncryptionKey
subKey
)
throws
KrbException
,
IOException
{
princName
=
asCreds
.
client
;
servName
=
sname
;
ctime
=
new
KerberosTime
(
KerberosTime
.
NOW
);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if
(
options
.
get
(
KDCOptions
.
FORWARDABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_FORWARDABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
FORWARDED
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
FORWARDABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
PROXIABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_PROXIABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
PROXY
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
PROXIABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
ALLOW_POSTDATE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_MAY_POSTDATE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
RENEWABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_RENEWABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
POSTDATED
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
POSTDATED
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
else
{
if
(
from
!=
null
)
from
=
null
;
}
if
(
options
.
get
(
KDCOptions
.
RENEWABLE
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
RENEWABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
else
{
if
(
rtime
!=
null
)
rtime
=
null
;
}
if
(
options
.
get
(
KDCOptions
.
ENC_TKT_IN_SKEY
))
{
if
(
additionalTickets
==
null
)
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket
=
additionalTickets
[
0
];
}
else
{
if
(
additionalTickets
!=
null
)
additionalTickets
=
null
;
}
tgsReqMessg
=
createRequest
(
options
,
asCreds
.
ticket
,
asCreds
.
key
,
ctime
,
princName
,
princName
.
getRealm
(),
servName
,
from
,
till
,
rtime
,
eTypes
,
addresses
,
authorizationData
,
additionalTickets
,
subKey
);
obuf
=
tgsReqMessg
.
asn1Encode
();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if
(
asCreds
.
flags
.
get
(
KDCOptions
.
FORWARDED
))
options
.
set
(
KDCOptions
.
FORWARDED
,
true
);
// Called by Credentials, KrbCred
KrbTgsReq
(
KDCOptions
options
,
Credentials
asCreds
,
PrincipalName
sname
,
KerberosTime
from
,
KerberosTime
till
,
KerberosTime
rtime
,
int
[]
eTypes
,
HostAddresses
addresses
,
AuthorizationData
authorizationData
,
Ticket
[]
additionalTickets
,
EncryptionKey
subKey
)
throws
KrbException
,
IOException
{
princName
=
asCreds
.
client
;
servName
=
sname
;
ctime
=
new
KerberosTime
(
KerberosTime
.
NOW
);
// check if they are valid arguments. The optional fields
// should be consistent with settings in KDCOptions.
if
(
options
.
get
(
KDCOptions
.
FORWARDABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_FORWARDABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
FORWARDED
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
FORWARDABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
PROXIABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_PROXIABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
PROXY
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
PROXIABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
ALLOW_POSTDATE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_MAY_POSTDATE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
RENEWABLE
)
&&
(!(
asCreds
.
flags
.
get
(
Krb5
.
TKT_OPTS_RENEWABLE
))))
{
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
if
(
options
.
get
(
KDCOptions
.
POSTDATED
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
POSTDATED
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
else
{
if
(
from
!=
null
)
from
=
null
;
}
if
(
options
.
get
(
KDCOptions
.
RENEWABLE
))
{
if
(!(
asCreds
.
flags
.
get
(
KDCOptions
.
RENEWABLE
)))
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
}
else
{
if
(
rtime
!=
null
)
rtime
=
null
;
}
if
(
options
.
get
(
KDCOptions
.
ENC_TKT_IN_SKEY
))
{
if
(
additionalTickets
==
null
)
throw
new
KrbException
(
Krb5
.
KRB_AP_ERR_REQ_OPTIONS
);
// in TGS_REQ there could be more than one additional
// tickets, but in file-based credential cache,
// there is only one additional ticket field.
secondTicket
=
additionalTickets
[
0
];
}
else
{
if
(
additionalTickets
!=
null
)
additionalTickets
=
null
;
}
tgsReqMessg
=
createRequest
(
options
,
asCreds
.
ticket
,
asCreds
.
key
,
ctime
,
princName
,
princName
.
getRealm
(),
servName
,
from
,
till
,
rtime
,
eTypes
,
addresses
,
authorizationData
,
additionalTickets
,
subKey
);
obuf
=
tgsReqMessg
.
asn1Encode
();
// XXX We need to revisit this to see if can't move it
// up such that FORWARDED flag set in the options
// is included in the marshaled request.
/*
* If this is based on a forwarded ticket, record that in the
* options, because the returned TgsRep will contain the
* FORWARDED flag set.
*/
if
(
asCreds
.
flags
.
get
(
KDCOptions
.
FORWARDED
))
options
.
set
(
KDCOptions
.
FORWARDED
,
true
);
}
/**
* Sends a TGS request to the realm of the target.
* @throws KrbException
...
...
src/share/classes/sun/security/krb5/internal/APRep.java
浏览文件 @
e92b5641
...
...
@@ -54,81 +54,88 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
APRep
{
public
int
pvno
;
public
int
msgType
;
public
EncryptedData
encPart
;
public
APRep
(
EncryptedData
new_encPart
)
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_AP_REP
;
encPart
=
new_encPart
;
}
public
int
pvno
;
public
int
msgType
;
public
EncryptedData
encPart
;
public
APRep
(
byte
[]
data
)
throws
Asn1Exception
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
APRep
(
EncryptedData
new_encPart
)
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_AP_REP
;
encPart
=
new_encPart
;
}
public
APRep
(
byte
[]
data
)
throws
Asn1Exception
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
APRep
(
DerValue
encoding
)
throws
Asn1Exception
,
KrbApErrException
,
IOException
{
init
(
encoding
);
}
KrbApErrException
,
IOException
{
init
(
encoding
);
}
/**
* Initializes an APRep object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
*/
/**
* Initializes an APRep object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
KrbApErrException
,
IOException
{
KrbApErrException
,
IOException
{
if
(((
encoding
.
getTag
()
&
(
byte
)(
0x1F
))
!=
Krb5
.
KRB_AP_REP
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
DerValue
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
if
(((
encoding
.
getTag
()
&
(
byte
)
(
0x1F
))
!=
Krb5
.
KRB_AP_REP
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
DerValue
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
}
DerValue
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
DerValue
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x01
)
if
(
pvno
!=
Krb5
.
PVNO
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x01
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_AP_REP
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
}
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_AP_REP
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an APRep object.
* @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an APRep object.
* @return byte array of encoded APRep object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
encPart
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
DerOutputStream
aprep
=
new
DerOutputStream
();
aprep
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x0F
),
temp
);
return
aprep
.
toByteArray
();
}
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
encPart
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
DerOutputStream
aprep
=
new
DerOutputStream
();
aprep
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x0F
),
temp
);
return
aprep
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/APReq.java
浏览文件 @
e92b5641
...
...
@@ -54,94 +54,98 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
APReq
{
public
int
pvno
;
public
int
msgType
;
public
APOptions
apOptions
;
public
Ticket
ticket
;
public
EncryptedData
authenticator
;
public
APReq
(
APOptions
new_apOptions
,
Ticket
new_ticket
,
EncryptedData
new_authenticator
)
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_AP_REQ
;
apOptions
=
new_apOptions
;
ticket
=
new_ticket
;
authenticator
=
new_authenticator
;
}
public
int
pvno
;
public
int
msgType
;
public
APOptions
apOptions
;
public
Ticket
ticket
;
public
EncryptedData
authenticator
;
public
APReq
(
APOptions
new_apOptions
,
Ticket
new_ticket
,
EncryptedData
new_authenticator
)
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_AP_REQ
;
apOptions
=
new_apOptions
;
ticket
=
new_ticket
;
authenticator
=
new_authenticator
;
}
public
APReq
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
public
APReq
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
new
DerValue
(
data
));
}
}
public
APReq
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
encoding
);
}
init
(
encoding
);
}
/**
* Initializes an APReq object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
DerValue
der
,
subDer
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
Krb5
.
KRB_AP_REQ
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
/**
* Initializes an APReq object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
DerValue
der
,
subDer
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
Krb5
.
KRB_AP_REQ
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x01
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_AP_REQ
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
apOptions
=
APOptions
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
ticket
=
Ticket
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
authenticator
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
(
pvno
!=
Krb5
.
PVNO
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
/**
* Encodes an APReq object.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
apOptions
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
ticket
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
authenticator
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
DerOutputStream
apreq
=
new
DerOutputStream
();
apreq
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x0E
),
temp
);
return
apreq
.
toByteArray
();
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x01
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_AP_REQ
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
apOptions
=
APOptions
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
ticket
=
Ticket
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
authenticator
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an APReq object.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
apOptions
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
ticket
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
authenticator
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
DerOutputStream
apreq
=
new
DerOutputStream
();
apreq
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x0E
),
temp
);
return
apreq
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/ASRep.java
浏览文件 @
e92b5641
...
...
@@ -40,30 +40,28 @@ import java.io.IOException;
public
class
ASRep
extends
KDCRep
{
public
ASRep
(
PAData
[]
new_pAData
,
Realm
new_crealm
,
PrincipalName
new_cname
,
Ticket
new_ticket
,
EncryptedData
new_encPart
)
throws
IOException
{
super
(
new_pAData
,
new_crealm
,
new_cname
,
new_ticket
,
new_encPart
,
Krb5
.
KRB_AS_REP
);
}
public
ASRep
(
PAData
[]
new_pAData
,
Realm
new_crealm
,
PrincipalName
new_cname
,
Ticket
new_ticket
,
EncryptedData
new_encPart
)
throws
IOException
{
super
(
new_pAData
,
new_crealm
,
new_cname
,
new_ticket
,
new_encPart
,
Krb5
.
KRB_AS_REP
);
}
public
ASRep
(
byte
[]
data
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
ASRep
(
byte
[]
data
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
ASRep
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
,
Krb5
.
KRB_AS_REP
);
}
public
ASRep
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
,
Krb5
.
KRB_AS_REP
);
}
}
src/share/classes/sun/security/krb5/internal/ASReq.java
浏览文件 @
e92b5641
...
...
@@ -36,20 +36,19 @@ import java.io.IOException;
public
class
ASReq
extends
KDCReq
{
public
ASReq
(
PAData
[]
new_pAData
,
KDCReqBody
new_reqBody
)
throws
IOException
{
super
(
new_pAData
,
new_reqBody
,
Krb5
.
KRB_AS_REQ
);
}
public
ASReq
(
PAData
[]
new_pAData
,
KDCReqBody
new_reqBody
)
throws
IOException
{
super
(
new_pAData
,
new_reqBody
,
Krb5
.
KRB_AS_REQ
);
}
public
ASReq
(
byte
[]
data
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
ASReq
(
byte
[]
data
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
ASReq
(
DerValue
encoding
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
super
.
init
(
encoding
,
Krb5
.
KRB_AS_REQ
);
}
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
super
.
init
(
encoding
,
Krb5
.
KRB_AS_REQ
);
}
}
src/share/classes/sun/security/krb5/internal/Authenticator.java
浏览文件 @
e92b5641
...
...
@@ -34,6 +34,7 @@ import sun.security.util.*;
import
java.util.Vector
;
import
java.io.IOException
;
import
java.math.BigInteger
;
/**
* Implements the ASN.1 Authenticator type.
*
...
...
@@ -58,6 +59,7 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
Authenticator
{
public
int
authenticator_vno
;
public
Realm
crealm
;
public
PrincipalName
cname
;
...
...
@@ -68,137 +70,145 @@ public class Authenticator {
Integer
seqNumber
;
//optional
public
AuthorizationData
authorizationData
;
//optional
public
Authenticator
(
Realm
new_crealm
,
PrincipalName
new_cname
,
Checksum
new_cksum
,
int
new_cusec
,
KerberosTime
new_ctime
,
EncryptionKey
new_subKey
,
Integer
new_seqNumber
,
AuthorizationData
new_authorizationData
)
{
authenticator_vno
=
Krb5
.
AUTHNETICATOR_VNO
;
crealm
=
new_crealm
;
cname
=
new_cname
;
cksum
=
new_cksum
;
cusec
=
new_cusec
;
ctime
=
new_ctime
;
subKey
=
new_subKey
;
seqNumber
=
new_seqNumber
;
authorizationData
=
new_authorizationData
;
}
public
Authenticator
(
Realm
new_crealm
,
PrincipalName
new_cname
,
Checksum
new_cksum
,
int
new_cusec
,
KerberosTime
new_ctime
,
EncryptionKey
new_subKey
,
Integer
new_seqNumber
,
AuthorizationData
new_authorizationData
)
{
authenticator_vno
=
Krb5
.
AUTHNETICATOR_VNO
;
crealm
=
new_crealm
;
cname
=
new_cname
;
cksum
=
new_cksum
;
cusec
=
new_cusec
;
ctime
=
new_ctime
;
subKey
=
new_subKey
;
seqNumber
=
new_seqNumber
;
authorizationData
=
new_authorizationData
;
}
public
Authenticator
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
new
DerValue
(
data
));
}
public
Authenticator
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
new
DerValue
(
data
));
}
public
Authenticator
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
encoding
);
}
public
Authenticator
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
init
(
encoding
);
}
/**
* Initializes an Authenticator object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
DerValue
der
,
subDer
;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x02
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
/**
* Initializes an Authenticator object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbApErrException
,
RealmException
{
DerValue
der
,
subDer
;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x02
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x00
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
authenticator_vno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
authenticator_vno
!=
5
)
if
(
authenticator_vno
!=
5
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
cksum
=
Checksum
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
true
);
}
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
cksum
=
Checksum
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
true
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
0x04
)
{
cusec
=
subDer
.
getData
().
getBigInteger
().
intValue
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
ctime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
subKey
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
}
else
{
subKey
=
null
;
seqNumber
=
null
;
authorizationData
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x07
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
0x04
)
{
cusec
=
subDer
.
getData
().
getBigInteger
().
intValue
();
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
ctime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
subKey
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
}
else
{
subKey
=
null
;
seqNumber
=
null
;
authorizationData
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x07
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x07
)
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x07
)
{
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
{
seqNumber
=
null
;
authorizationData
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
authorizationData
=
AuthorizationData
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
}
else
authorizationData
=
null
;
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
else
{
seqNumber
=
null
;
authorizationData
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
authorizationData
=
AuthorizationData
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
}
else
{
authorizationData
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an Authenticator object.
* @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
Vector
<
DerValue
>
v
=
new
Vector
<
DerValue
>
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
authenticator_vno
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
.
toByteArray
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
crealm
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
cname
.
asn1Encode
()));
if
(
cksum
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
cksum
.
asn1Encode
()));
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
cusec
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
temp
.
toByteArray
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
ctime
.
asn1Encode
()));
if
(
subKey
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
subKey
.
asn1Encode
()));
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
temp
.
toByteArray
()));
}
if
(
authorizationData
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
authorizationData
.
asn1Encode
()));
DerValue
der
[]
=
new
DerValue
[
v
.
size
()];
v
.
copyInto
(
der
);
temp
=
new
DerOutputStream
();
temp
.
putSequence
(
der
);
DerOutputStream
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x02
),
temp
);
return
out
.
toByteArray
();
/**
* Encodes an Authenticator object.
* @return byte array of encoded Authenticator object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
Vector
<
DerValue
>
v
=
new
Vector
<
DerValue
>();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
authenticator_vno
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
.
toByteArray
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
crealm
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
cname
.
asn1Encode
()));
if
(
cksum
!=
null
)
{
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
cksum
.
asn1Encode
()));
}
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
cusec
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
temp
.
toByteArray
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
ctime
.
asn1Encode
()));
if
(
subKey
!=
null
)
{
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
subKey
.
asn1Encode
()));
}
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
temp
.
toByteArray
()));
}
if
(
authorizationData
!=
null
)
{
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
authorizationData
.
asn1Encode
()));
}
DerValue
der
[]
=
new
DerValue
[
v
.
size
()];
v
.
copyInto
(
der
);
temp
=
new
DerOutputStream
();
temp
.
putSequence
(
der
);
DerOutputStream
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x02
),
temp
);
return
out
.
toByteArray
();
}
public
final
Checksum
getChecksum
()
{
return
cksum
;
...
...
@@ -211,5 +221,4 @@ public class Authenticator {
public
final
EncryptionKey
getSubKey
()
{
return
subKey
;
}
}
src/share/classes/sun/security/krb5/internal/AuthorizationData.java
浏览文件 @
e92b5641
...
...
@@ -53,82 +53,81 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
* }
*/
public
class
AuthorizationData
implements
Cloneable
{
private
AuthorizationDataEntry
[]
entry
=
null
;
private
AuthorizationData
()
{
}
private
AuthorizationDataEntry
[]
entry
=
null
;
private
AuthorizationData
()
{
}
public
AuthorizationData
(
AuthorizationDataEntry
[]
new_entries
)
throws
IOException
{
if
(
new_entries
!=
null
)
{
entry
=
new
AuthorizationDataEntry
[
new_entries
.
length
];
for
(
int
i
=
0
;
i
<
new_entries
.
length
;
i
++)
{
if
(
new_entries
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create an AuthorizationData"
);
}
else
{
entry
[
i
]
=
(
AuthorizationDataEntry
)
new_entries
[
i
].
clone
();
}
}
public
AuthorizationData
(
AuthorizationDataEntry
[]
new_entries
)
throws
IOException
{
if
(
new_entries
!=
null
)
{
entry
=
new
AuthorizationDataEntry
[
new_entries
.
length
];
for
(
int
i
=
0
;
i
<
new_entries
.
length
;
i
++)
{
if
(
new_entries
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create an AuthorizationData"
);
}
else
{
entry
[
i
]
=
(
AuthorizationDataEntry
)
new_entries
[
i
].
clone
();
}
}
}
}
public
AuthorizationData
(
AuthorizationDataEntry
new_entry
)
{
entry
=
new
AuthorizationDataEntry
[
1
];
entry
[
0
]
=
new_entry
;
}
public
AuthorizationData
(
AuthorizationDataEntry
new_entry
)
{
entry
=
new
AuthorizationDataEntry
[
1
];
entry
[
0
]
=
new_entry
;
}
public
Object
clone
()
{
AuthorizationData
new_authorizationData
=
new
AuthorizationData
();
if
(
entry
!=
null
)
{
new_authorizationData
.
entry
=
new
AuthorizationDataEntry
[
entry
.
length
];
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
new_authorizationData
.
entry
[
i
]
=
(
AuthorizationDataEntry
)
entry
[
i
].
clone
();
}
return
new_authorizationData
;
public
Object
clone
()
{
AuthorizationData
new_authorizationData
=
new
AuthorizationData
();
if
(
entry
!=
null
)
{
new_authorizationData
.
entry
=
new
AuthorizationDataEntry
[
entry
.
length
];
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
{
new_authorizationData
.
entry
[
i
]
=
(
AuthorizationDataEntry
)
entry
[
i
].
clone
();
}
}
return
new_authorizationData
;
}
/**
* Constructs a new <code>AuthorizationData,</code> instance.
* @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
AuthorizationData
(
DerValue
der
)
throws
Asn1Exception
,
IOException
{
Vector
<
AuthorizationDataEntry
>
v
=
new
Vector
<
AuthorizationDataEntry
>
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
while
(
der
.
getData
().
available
()
>
0
)
{
v
.
addElement
(
new
AuthorizationDataEntry
(
der
.
getData
().
getDerValue
()));
}
if
(
v
.
size
()
>
0
)
{
entry
=
new
AuthorizationDataEntry
[
v
.
size
()];
v
.
copyInto
(
entry
);
}
/**
* Constructs a new <code>AuthorizationData,</code> instance.
* @param der a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
AuthorizationData
(
DerValue
der
)
throws
Asn1Exception
,
IOException
{
Vector
<
AuthorizationDataEntry
>
v
=
new
Vector
<
AuthorizationDataEntry
>();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
while
(
der
.
getData
().
available
()
>
0
)
{
v
.
addElement
(
new
AuthorizationDataEntry
(
der
.
getData
().
getDerValue
()));
}
if
(
v
.
size
()
>
0
)
{
entry
=
new
AuthorizationDataEntry
[
v
.
size
()];
v
.
copyInto
(
entry
);
}
}
/**
* Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerValue
der
[]
=
new
DerValue
[
entry
.
length
];
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
{
der
[
i
]
=
new
DerValue
(
entry
[
i
].
asn1Encode
());
}
bytes
.
putSequence
(
der
);
return
bytes
.
toByteArray
();
/**
* Encodes an <code>AuthorizationData</code> object.
* @return byte array of encoded <code>AuthorizationData</code> object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerValue
der
[]
=
new
DerValue
[
entry
.
length
];
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
{
der
[
i
]
=
new
DerValue
(
entry
[
i
].
asn1Encode
());
}
bytes
.
putSequence
(
der
);
return
bytes
.
toByteArray
();
}
/**
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream.
...
...
@@ -143,31 +142,30 @@ public class AuthorizationData implements Cloneable {
* @return an instance of AuthorizationData.
*
*/
public
static
AuthorizationData
parse
(
DerInputStream
data
,
byte
explicitTag
,
boolean
optional
)
throws
Asn1Exception
,
IOException
{
if
((
optional
)
&&
(((
byte
)
data
.
peekByte
()
&
(
byte
)
0x1F
)
!=
explicitTag
))
{
return
null
;
}
DerValue
der
=
data
.
getDerValue
();
if
(
explicitTag
!=
(
der
.
getTag
()
&
(
byte
)
0x1F
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
else
{
DerValue
subDer
=
der
.
getData
().
getDerValue
();
return
new
AuthorizationData
(
subDer
);
}
public
static
AuthorizationData
parse
(
DerInputStream
data
,
byte
explicitTag
,
boolean
optional
)
throws
Asn1Exception
,
IOException
{
if
((
optional
)
&&
(((
byte
)
data
.
peekByte
()
&
(
byte
)
0x1F
)
!=
explicitTag
))
{
return
null
;
}
DerValue
der
=
data
.
getDerValue
();
if
(
explicitTag
!=
(
der
.
getTag
()
&
(
byte
)
0x1F
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
else
{
DerValue
subDer
=
der
.
getData
().
getDerValue
();
return
new
AuthorizationData
(
subDer
);
}
}
/**
* Writes <code>AuthorizationData</code> data fields to a output stream.
*
* @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs.
*/
public
void
writeAuth
(
CCacheOutputStream
cos
)
throws
IOException
{
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
{
entry
[
i
].
writeEntry
(
cos
);
}
/**
* Writes <code>AuthorizationData</code> data fields to a output stream.
*
* @param cos a <code>CCacheOutputStream</code> to be written to.
* @exception IOException if an I/O exception occurs.
*/
public
void
writeAuth
(
CCacheOutputStream
cos
)
throws
IOException
{
for
(
int
i
=
0
;
i
<
entry
.
length
;
i
++)
{
entry
[
i
].
writeEntry
(
cos
);
}
}
public
String
toString
()
{
String
retVal
=
"AuthorizationData:\n"
;
...
...
src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java
浏览文件 @
e92b5641
...
...
@@ -35,90 +35,90 @@ import sun.security.krb5.Asn1Exception;
import
sun.security.krb5.internal.ccache.CCacheOutputStream
;
public
class
AuthorizationDataEntry
implements
Cloneable
{
public
int
adType
;
public
byte
[]
adData
;
private
AuthorizationDataEntry
()
{
}
public
int
adType
;
public
byte
[]
adData
;
public
AuthorizationDataEntry
(
int
new_adType
,
byte
[]
new_adData
)
{
adType
=
new_adType
;
adData
=
new_adData
;
}
private
AuthorizationDataEntry
()
{
}
public
AuthorizationDataEntry
(
int
new_adType
,
byte
[]
new_adData
)
{
adType
=
new_adType
;
adData
=
new_adData
;
}
public
Object
clone
()
{
AuthorizationDataEntry
new_authorizationDataEntry
=
new
AuthorizationDataEntry
();
new_authorizationDataEntry
.
adType
=
adType
;
if
(
adData
!=
null
)
{
new_authorizationDataEntry
.
adData
=
new
byte
[
adData
.
length
];
System
.
arraycopy
(
adData
,
0
,
new_authorizationDataEntry
.
adData
,
0
,
adData
.
length
);
}
return
new_authorizationDataEntry
;
public
Object
clone
()
{
AuthorizationDataEntry
new_authorizationDataEntry
=
new
AuthorizationDataEntry
();
new_authorizationDataEntry
.
adType
=
adType
;
if
(
adData
!=
null
)
{
new_authorizationDataEntry
.
adData
=
new
byte
[
adData
.
length
];
System
.
arraycopy
(
adData
,
0
,
new_authorizationDataEntry
.
adData
,
0
,
adData
.
length
);
}
return
new_authorizationDataEntry
;
}
/**
* Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value.
*/
public
AuthorizationDataEntry
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
DerValue
der
;
/**
* Constructs an instance of AuthorizationDataEntry.
* @param encoding a single DER-encoded value.
*/
public
AuthorizationDataEntry
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
DerValue
der
;
if
(
encoding
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
((
der
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
adType
=
der
.
getData
().
getBigInteger
().
intValue
();
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
((
der
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
adData
=
der
.
getData
().
getOctetString
();
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
(
encoding
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
((
der
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
adType
=
der
.
getData
().
getBigInteger
().
intValue
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
((
der
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
adData
=
der
.
getData
().
getOctetString
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
(
encoding
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an AuthorizationDataEntry object.
* @return byte array of encoded AuthorizationDataEntry object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
adType
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putOctetString
(
adData
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
return
temp
.
toByteArray
();
}
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
adType
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putOctetString
(
adData
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
return
temp
.
toByteArray
();
}
/**
* Writes the entry's data fields in FCC format to an output stream.
*
* @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs.
*/
public
void
writeEntry
(
CCacheOutputStream
cos
)
throws
IOException
{
cos
.
write16
(
adType
);
cos
.
write32
(
adData
.
length
);
cos
.
write
(
adData
,
0
,
adData
.
length
);
}
/**
* Writes the entry's data fields in FCC format to an output stream.
*
* @param cos a <code>CCacheOutputStream</code>.
* @exception IOException if an I/O exception occurs.
*/
public
void
writeEntry
(
CCacheOutputStream
cos
)
throws
IOException
{
cos
.
write16
(
adType
);
cos
.
write32
(
adData
.
length
);
cos
.
write
(
adData
,
0
,
adData
.
length
);
}
public
String
toString
()
{
return
(
"adType="
+
adType
+
" adData.length="
+
adData
.
length
);
}
}
src/share/classes/sun/security/krb5/internal/ETypeInfo2.java
浏览文件 @
e92b5641
...
...
@@ -100,16 +100,16 @@ public class ETypeInfo2 {
// salt
if
(
encoding
.
getData
().
available
()
>
0
)
{
der
=
encoding
.
getData
().
getDerValue
();
if
((
der
.
getTag
()
&
0x1F
)
==
0x01
)
{
if
((
encoding
.
getData
().
peekByte
()
&
0x1F
)
==
0x01
)
{
der
=
encoding
.
getData
().
getDerValue
();
this
.
saltStr
=
der
.
getData
().
getGeneralString
();
}
}
// s2kparams
if
(
encoding
.
getData
().
available
()
>
0
)
{
der
=
encoding
.
getData
().
getDerValue
();
if
((
der
.
getTag
()
&
0x1F
)
==
0x02
)
{
if
((
encoding
.
getData
().
peekByte
()
&
0x1F
)
==
0x02
)
{
der
=
encoding
.
getData
().
getDerValue
();
this
.
s2kparams
=
der
.
getData
().
getOctetString
();
}
}
...
...
src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
浏览文件 @
e92b5641
...
...
@@ -55,102 +55,111 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
EncAPRepPart
{
public
KerberosTime
ctime
;
public
int
cusec
;
public
KerberosTime
ctime
;
public
int
cusec
;
EncryptionKey
subKey
;
//optional
Integer
seqNumber
;
//optional
public
EncAPRepPart
(
KerberosTime
new_ctime
,
int
new_cusec
,
EncryptionKey
new_subKey
,
Integer
new_seqNumber
)
{
ctime
=
new_ctime
;
cusec
=
new_cusec
;
subKey
=
new_subKey
;
seqNumber
=
new_seqNumber
;
}
public
EncAPRepPart
(
KerberosTime
new_ctime
,
int
new_cusec
,
EncryptionKey
new_subKey
,
Integer
new_seqNumber
)
{
ctime
=
new_ctime
;
cusec
=
new_cusec
;
subKey
=
new_subKey
;
seqNumber
=
new_seqNumber
;
}
public
EncAPRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
EncAPRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
EncAPRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
init
(
encoding
);
}
public
EncAPRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
init
(
encoding
);
}
/**
* Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
DerValue
der
,
subDer
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1B
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
/**
* Initializes an EncaPRepPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
DerValue
der
,
subDer
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1B
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
ctime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
true
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
cusec
=
subDer
.
getData
().
getBigInteger
().
intValue
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
ctime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
true
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
cusec
=
subDer
.
getData
().
getBigInteger
().
intValue
();
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
(
der
.
getData
().
available
()
>
0
)
{
subKey
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
true
);
}
else
{
subKey
=
null
;
seqNumber
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
!=
0x03
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
seqNumber
=
null
;
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
subKey
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
true
);
}
else
{
subKey
=
null
;
seqNumber
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
!=
0x03
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
{
seqNumber
=
null
;
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
Vector
<
DerValue
>
v
=
new
Vector
<
DerValue
>
();
/**
* Encodes an EncAPRepPart object.
* @return byte array of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
Vector
<
DerValue
>
v
=
new
Vector
<
DerValue
>
();
DerOutputStream
temp
=
new
DerOutputStream
();
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
ctime
.
asn1Encode
()));
temp
.
putInteger
(
BigInteger
.
valueOf
(
cusec
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
.
toByteArray
()));
if
(
subKey
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
subKey
.
asn1Encode
()));
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
.
toByteArray
()));
}
DerValue
der
[]
=
new
DerValue
[
v
.
size
()];
v
.
copyInto
(
der
);
temp
=
new
DerOutputStream
();
temp
.
putSequence
(
der
);
DerOutputStream
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1B
),
temp
);
return
out
.
toByteArray
();
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
ctime
.
asn1Encode
()));
temp
.
putInteger
(
BigInteger
.
valueOf
(
cusec
));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
.
toByteArray
()));
if
(
subKey
!=
null
)
{
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
subKey
.
asn1Encode
()));
}
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
.
toByteArray
()));
}
DerValue
der
[]
=
new
DerValue
[
v
.
size
()];
v
.
copyInto
(
der
);
temp
=
new
DerOutputStream
();
temp
.
putSequence
(
der
);
DerOutputStream
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1B
),
temp
);
return
out
.
toByteArray
();
}
public
final
EncryptionKey
getSubKey
()
{
return
subKey
;
...
...
@@ -159,5 +168,4 @@ public class EncAPRepPart {
public
final
Integer
getSeqNumber
()
{
return
seqNumber
;
}
}
src/share/classes/sun/security/krb5/internal/EncASRepPart.java
浏览文件 @
e92b5641
...
...
@@ -36,57 +36,55 @@ import java.io.IOException;
public
class
EncASRepPart
extends
EncKDCRepPart
{
public
EncASRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
)
{
super
(
new_key
,
new_lastReq
,
new_nonce
,
new_keyExpiration
,
new_flags
,
new_authtime
,
new_starttime
,
new_endtime
,
new_renewTill
,
new_srealm
,
new_sname
,
new_caddr
,
Krb5
.
KRB_ENC_AS_REP_PART
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
public
EncASRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
)
{
super
(
new_key
,
new_lastReq
,
new_nonce
,
new_keyExpiration
,
new_flags
,
new_authtime
,
new_starttime
,
new_endtime
,
new_renewTill
,
new_srealm
,
new_sname
,
new_caddr
,
Krb5
.
KRB_ENC_AS_REP_PART
);
}
//may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
//behavior of other implementaions, instead of above
}
public
EncASRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
new
DerValue
(
data
));
}
public
EncASRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
new
DerValue
(
data
));
}
public
EncASRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
);
}
public
EncASRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
,
Krb5
.
KRB_ENC_AS_REP_PART
);
}
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
return
asn1Encode
(
Krb5
.
KRB_ENC_AS_REP_PART
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
,
Krb5
.
KRB_ENC_AS_REP_PART
);
}
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
return
asn1Encode
(
Krb5
.
KRB_ENC_AS_REP_PART
);
}
}
src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java
浏览文件 @
e92b5641
...
...
@@ -36,6 +36,7 @@ import sun.security.util.*;
import
java.util.Vector
;
import
java.io.IOException
;
import
java.math.BigInteger
;
/**
* Implements the ASN.1 EncKDCRepPart type.
*
...
...
@@ -63,143 +64,163 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
EncKDCRepPart
{
public
EncryptionKey
key
;
public
LastReq
lastReq
;
public
int
nonce
;
public
KerberosTime
keyExpiration
;
//optional
public
TicketFlags
flags
;
public
KerberosTime
authtime
;
public
KerberosTime
starttime
;
//optional
public
KerberosTime
endtime
;
public
KerberosTime
renewTill
;
//optional
public
Realm
srealm
;
public
PrincipalName
sname
;
public
HostAddresses
caddr
;
//optional
public
int
msgType
;
//not included in sequence
public
EncKDCRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
,
int
new_msgType
)
{
key
=
new_key
;
lastReq
=
new_lastReq
;
nonce
=
new_nonce
;
keyExpiration
=
new_keyExpiration
;
flags
=
new_flags
;
authtime
=
new_authtime
;
starttime
=
new_starttime
;
endtime
=
new_endtime
;
renewTill
=
new_renewTill
;
srealm
=
new_srealm
;
sname
=
new_sname
;
caddr
=
new_caddr
;
msgType
=
new_msgType
;
}
public
EncryptionKey
key
;
public
LastReq
lastReq
;
public
int
nonce
;
public
KerberosTime
keyExpiration
;
//optional
public
TicketFlags
flags
;
public
KerberosTime
authtime
;
public
KerberosTime
starttime
;
//optional
public
KerberosTime
endtime
;
public
KerberosTime
renewTill
;
//optional
public
Realm
srealm
;
public
PrincipalName
sname
;
public
HostAddresses
caddr
;
//optional
public
int
msgType
;
//not included in sequence
public
EncKDCRepPart
()
{
}
public
EncKDCRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
,
int
new_msgType
)
{
key
=
new_key
;
lastReq
=
new_lastReq
;
nonce
=
new_nonce
;
keyExpiration
=
new_keyExpiration
;
flags
=
new_flags
;
authtime
=
new_authtime
;
starttime
=
new_starttime
;
endtime
=
new_endtime
;
renewTill
=
new_renewTill
;
srealm
=
new_srealm
;
sname
=
new_sname
;
caddr
=
new_caddr
;
msgType
=
new_msgType
;
}
public
EncKDCRepPart
(
byte
[]
data
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
new
DerValue
(
data
),
rep_type
);
}
public
EncKDCRepPart
()
{
}
public
EncKDCRepPart
(
DerValue
encoding
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
encoding
,
rep_type
);
}
public
EncKDCRepPart
(
byte
[]
data
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
new
DerValue
(
data
),
rep_type
);
}
public
EncKDCRepPart
(
DerValue
encoding
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
encoding
,
rep_type
);
}
/**
* Initializes an EncKDCRepPart object.
*
* @param encoding a single DER-encoded value.
* @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while decoding an Realm object.
*/
protected
void
init
(
DerValue
encoding
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
//implementations return the incorrect tag value, so
//we don't use the above line; instead we use the following
msgType
=
(
encoding
.
getTag
()
&
(
byte
)
0x1F
);
/**
* Initializes an EncKDCRepPart object.
*
* @param encoding a single DER-encoded value.
* @param rep_type type of the encrypted reply message.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while decoding an Realm object.
*/
protected
void
init
(
DerValue
encoding
,
int
rep_type
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
//implementations return the incorrect tag value, so
//we don't use the above line; instead we use the following
msgType
=
(
encoding
.
getTag
()
&
(
byte
)
0x1F
);
if
(
msgType
!=
Krb5
.
KRB_ENC_AS_REP_PART
&&
msgType
!=
Krb5
.
KRB_ENC_TGS_REP_PART
)
msgType
!=
Krb5
.
KRB_ENC_TGS_REP_PART
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
}
key
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
false
);
lastReq
=
LastReq
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x02
)
{
nonce
=
subDer
.
getData
().
getBigInteger
().
intValue
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
keyExpiration
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
true
);
flags
=
TicketFlags
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
authtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
starttime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
endtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x07
,
false
);
renewTill
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
srealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x09
,
false
);
sname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x0A
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
caddr
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x0B
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
key
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
false
);
lastReq
=
LastReq
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x02
)
nonce
=
subDer
.
getData
().
getBigInteger
().
intValue
();
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
keyExpiration
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
true
);
flags
=
TicketFlags
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
authtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
starttime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
endtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x07
,
false
);
renewTill
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
srealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x09
,
false
);
sname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x0A
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
caddr
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x0B
,
true
);
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
(
int
rep_type
)
throws
Asn1Exception
,
IOException
{
/**
* Encodes an EncKDCRepPart object.
* @param rep_type type of encrypted reply message.
* @return byte array of encoded EncKDCRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
(
int
rep_type
)
throws
Asn1Exception
,
IOException
{
DerOutputStream
temp
=
new
DerOutputStream
();
DerOutputStream
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
key
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
lastReq
.
asn1Encode
());
temp
.
putInteger
(
BigInteger
.
valueOf
(
nonce
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
key
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
lastReq
.
asn1Encode
());
temp
.
putInteger
(
BigInteger
.
valueOf
(
nonce
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
if
(
keyExpiration
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
keyExpiration
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
flags
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
authtime
.
asn1Encode
());
if
(
starttime
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
starttime
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
endtime
.
asn1Encode
());
if
(
renewTill
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
renewTill
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
srealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
sname
.
asn1Encode
());
if
(
caddr
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0B
),
caddr
.
asn1Encode
());
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
msgType
),
temp
);
return
bytes
.
toByteArray
();
if
(
keyExpiration
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
keyExpiration
.
asn1Encode
());
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
flags
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
authtime
.
asn1Encode
());
if
(
starttime
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
starttime
.
asn1Encode
());
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
endtime
.
asn1Encode
());
if
(
renewTill
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
renewTill
.
asn1Encode
());
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
srealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
sname
.
asn1Encode
());
if
(
caddr
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0B
),
caddr
.
asn1Encode
());
}
//should use the rep_type to build the encoding
//but other implementations do not; it is ignored and
//the cached msgType is used instead
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
msgType
),
temp
);
return
bytes
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java
浏览文件 @
e92b5641
...
...
@@ -36,6 +36,7 @@ import sun.security.krb5.RealmException;
import
java.util.Vector
;
import
java.io.IOException
;
import
java.math.BigInteger
;
/**
* Implements the ASN.1 EncKrbCredPart type.
*
...
...
@@ -57,148 +58,158 @@ import java.math.BigInteger;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
EncKrbCredPart
{
public
KrbCredInfo
[]
ticketInfo
=
null
;
public
KerberosTime
timeStamp
;
//optional
private
Integer
nonce
;
//optional
private
Integer
usec
;
//optional
private
HostAddress
sAddress
;
//optional
private
HostAddresses
rAddress
;
//optional
public
KrbCredInfo
[]
ticketInfo
=
null
;
public
KerberosTime
timeStamp
;
//optional
private
Integer
nonce
;
//optional
private
Integer
usec
;
//optional
private
HostAddress
sAddress
;
//optional
private
HostAddresses
rAddress
;
//optional
public
EncKrbCredPart
(
KrbCredInfo
[]
new_ticketInfo
,
KerberosTime
new_timeStamp
,
Integer
new_usec
,
Integer
new_nonce
,
HostAddress
new_sAddress
,
HostAddresses
new_rAddress
)
throws
IOException
{
if
(
new_ticketInfo
!=
null
)
{
ticketInfo
=
new
KrbCredInfo
[
new_ticketInfo
.
length
];
for
(
int
i
=
0
;
i
<
new_ticketInfo
.
length
;
i
++)
{
if
(
new_ticketInfo
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a EncKrbCredPart"
);
}
else
{
ticketInfo
[
i
]
=
(
KrbCredInfo
)
new_ticketInfo
[
i
].
clone
();
}
}
public
EncKrbCredPart
(
KrbCredInfo
[]
new_ticketInfo
,
KerberosTime
new_timeStamp
,
Integer
new_usec
,
Integer
new_nonce
,
HostAddress
new_sAddress
,
HostAddresses
new_rAddress
)
throws
IOException
{
if
(
new_ticketInfo
!=
null
)
{
ticketInfo
=
new
KrbCredInfo
[
new_ticketInfo
.
length
];
for
(
int
i
=
0
;
i
<
new_ticketInfo
.
length
;
i
++)
{
if
(
new_ticketInfo
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a EncKrbCredPart"
);
}
else
{
ticketInfo
[
i
]
=
(
KrbCredInfo
)
new_ticketInfo
[
i
].
clone
();
}
timeStamp
=
new_timeStamp
;
usec
=
new_usec
;
nonce
=
new_nonce
;
sAddress
=
new_sAddress
;
rAddress
=
new_rAddress
;
}
}
timeStamp
=
new_timeStamp
;
usec
=
new_usec
;
nonce
=
new_nonce
;
sAddress
=
new_sAddress
;
rAddress
=
new_rAddress
;
}
public
EncKrbCredPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
new
DerValue
(
data
));
}
public
EncKrbCredPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
new
DerValue
(
data
));
}
public
EncKrbCredPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
encoding
);
}
public
EncKrbCredPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
init
(
encoding
);
}
/**
* Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
nonce
=
null
;
timeStamp
=
null
;
usec
=
null
;
/**
* Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
nonce
=
null
;
timeStamp
=
null
;
usec
=
null
;
sAddress
=
null
;
rAddress
=
null
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1D
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1D
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
DerValue
derValues
[]
=
subDer
.
getData
().
getSequence
(
1
);
ticketInfo
=
new
KrbCredInfo
[
derValues
.
length
];
for
(
int
i
=
0
;
i
<
derValues
.
length
;
i
++)
{
ticketInfo
[
i
]
=
new
KrbCredInfo
(
derValues
[
i
]);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
if
(((
byte
)
(
der
.
getData
().
peekByte
())
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
DerValue
derValues
[]
=
subDer
.
getData
().
getSequence
(
1
);
ticketInfo
=
new
KrbCredInfo
[
derValues
.
length
];
for
(
int
i
=
0
;
i
<
derValues
.
length
;
i
++)
{
ticketInfo
[
i
]
=
new
KrbCredInfo
(
derValues
[
i
]);
}
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
if
(
der
.
getData
().
available
()
>
0
)
{
if
(((
byte
)(
der
.
getData
().
peekByte
())
&
(
byte
)
0x1F
)
==
(
byte
)
0x01
)
{
subDer
=
der
.
getData
().
getDerValue
();
nonce
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
}
if
(
der
.
getData
().
available
()
>
0
)
{
timeStamp
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
if
(((
byte
)(
der
.
getData
().
peekByte
())
&
(
byte
)
0x1F
)
==
(
byte
)
0x03
)
{
subDer
=
der
.
getData
().
getDerValue
();
usec
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
}
if
(
der
.
getData
().
available
()
>
0
)
{
sAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
rAddress
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
nonce
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
}
if
(
der
.
getData
().
available
()
>
0
)
{
timeStamp
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
if
(((
byte
)
(
der
.
getData
().
peekByte
())
&
(
byte
)
0x1F
)
==
(
byte
)
0x03
)
{
subDer
=
der
.
getData
().
getDerValue
();
usec
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
}
if
(
der
.
getData
().
available
()
>
0
)
{
sAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
rAddress
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an EncKrbCredPart object.
* @return byte array of encoded EncKrbCredPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
DerValue
[]
tickets
=
new
DerValue
[
ticketInfo
.
length
];
for
(
int
i
=
0
;
i
<
ticketInfo
.
length
;
i
++)
tickets
[
i
]
=
new
DerValue
(
ticketInfo
[
i
].
asn1Encode
());
temp
.
putSequence
(
tickets
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
DerOutputStream
temp
=
new
DerOutputStream
();
DerValue
[]
tickets
=
new
DerValue
[
ticketInfo
.
length
];
for
(
int
i
=
0
;
i
<
ticketInfo
.
length
;
i
++)
{
tickets
[
i
]
=
new
DerValue
(
ticketInfo
[
i
].
asn1Encode
());
}
temp
.
putSequence
(
tickets
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
if
(
nonce
!=
null
)
{
if
(
nonce
!=
null
)
{
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
nonce
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
}
temp
.
putInteger
(
BigInteger
.
valueOf
(
nonce
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
}
if
(
timeStamp
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
timeStamp
.
asn1Encode
());
}
if
(
usec
!=
null
)
{
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
usec
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
);
}
if
(
sAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
sAddress
.
asn1Encode
());
}
if
(
rAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
rAddress
.
asn1Encode
());
}
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1D
),
temp
);
return
bytes
.
toByteArray
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
timeStamp
.
asn1Encode
());
}
if
(
usec
!=
null
)
{
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
usec
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
);
}
if
(
sAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
sAddress
.
asn1Encode
());
}
if
(
rAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
rAddress
.
asn1Encode
());
}
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1D
),
temp
);
return
bytes
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java
浏览文件 @
e92b5641
...
...
@@ -55,114 +55,119 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
EncKrbPrivPart
{
public
byte
[]
userData
=
null
;
public
KerberosTime
timestamp
;
//optional
public
Integer
usec
;
//optional
public
Integer
seqNumber
;
//optional
public
HostAddress
sAddress
;
//optional
public
HostAddress
rAddress
;
//optional
public
EncKrbPrivPart
(
byte
[]
new_userData
,
KerberosTime
new_timestamp
,
Integer
new_usec
,
Integer
new_seqNumber
,
HostAddress
new_sAddress
,
HostAddress
new_rAddress
)
{
if
(
new_userData
!=
null
)
{
userData
=
new_userData
.
clone
();
}
timestamp
=
new_timestamp
;
usec
=
new_usec
;
seqNumber
=
new_seqNumber
;
sAddress
=
new_sAddress
;
rAddress
=
new_rAddress
;
}
public
byte
[]
userData
=
null
;
public
KerberosTime
timestamp
;
//optional
public
Integer
usec
;
//optional
public
Integer
seqNumber
;
//optional
public
HostAddress
sAddress
;
//optional
public
HostAddress
rAddress
;
//optional
public
EncKrbPrivPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
{
init
(
new
DerValue
(
data
));
public
EncKrbPrivPart
(
byte
[]
new_userData
,
KerberosTime
new_timestamp
,
Integer
new_usec
,
Integer
new_seqNumber
,
HostAddress
new_sAddress
,
HostAddress
new_rAddress
)
{
if
(
new_userData
!=
null
)
{
userData
=
new_userData
.
clone
();
}
timestamp
=
new_timestamp
;
usec
=
new_usec
;
seqNumber
=
new_seqNumber
;
sAddress
=
new_sAddress
;
rAddress
=
new_rAddress
;
}
public
EncKrbPrivPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
init
(
encoding
);
}
public
EncKrbPrivPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
EncKrbPrivPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
init
(
encoding
);
}
/**
* Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
/**
* Initializes an EncKrbPrivPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
{
DerValue
der
,
subDer
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1C
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x1C
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
userData
=
subDer
.
getData
().
getOctetString
();
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
(
byte
)
0x1F
)
==
(
byte
)
0x00
)
{
userData
=
subDer
.
getData
().
getOctetString
();
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
timestamp
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
true
);
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x02
)
{
subDer
=
der
.
getData
().
getDerValue
();
usec
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
usec
=
null
;
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x03
)
{
subDer
=
der
.
getData
().
getDerValue
();
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
seqNumber
=
null
;
sAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
rAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
timestamp
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
true
);
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x02
)
{
subDer
=
der
.
getData
().
getDerValue
();
usec
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
{
usec
=
null
;
}
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x03
)
{
subDer
=
der
.
getData
().
getDerValue
();
seqNumber
=
new
Integer
(
subDer
.
getData
().
getBigInteger
().
intValue
());
}
else
{
seqNumber
=
null
;
}
sAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
rAddress
=
HostAddress
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an EncKrbPrivPart object.
* @return byte array of encoded EncKrbPrivPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
temp
=
new
DerOutputStream
();
DerOutputStream
bytes
=
new
DerOutputStream
();
temp
.
putOctetString
(
userData
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
if
(
timestamp
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
timestamp
.
asn1Encode
());
if
(
usec
!=
null
)
{
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
usec
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
}
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
);
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
sAddress
.
asn1Encode
());
if
(
rAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
rAddress
.
asn1Encode
());
}
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1C
),
temp
);
return
bytes
.
toByteArray
();
temp
.
putOctetString
(
userData
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
if
(
timestamp
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
timestamp
.
asn1Encode
());
}
if
(
usec
!=
null
)
{
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
usec
.
intValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
}
if
(
seqNumber
!=
null
)
{
temp
=
new
DerOutputStream
();
// encode as an unsigned integer (UInt32)
temp
.
putInteger
(
BigInteger
.
valueOf
(
seqNumber
.
longValue
()));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
temp
);
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
sAddress
.
asn1Encode
());
if
(
rAddress
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
rAddress
.
asn1Encode
());
}
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x1C
),
temp
);
return
bytes
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java
浏览文件 @
e92b5641
...
...
@@ -35,55 +35,52 @@ import java.io.IOException;
public
class
EncTGSRepPart
extends
EncKDCRepPart
{
public
EncTGSRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
)
{
super
(
new_key
,
new_lastReq
,
new_nonce
,
new_keyExpiration
,
new_flags
,
new_authtime
,
new_starttime
,
new_endtime
,
new_renewTill
,
new_srealm
,
new_sname
,
new_caddr
,
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
public
EncTGSRepPart
(
EncryptionKey
new_key
,
LastReq
new_lastReq
,
int
new_nonce
,
KerberosTime
new_keyExpiration
,
TicketFlags
new_flags
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
Realm
new_srealm
,
PrincipalName
new_sname
,
HostAddresses
new_caddr
)
{
super
(
new_key
,
new_lastReq
,
new_nonce
,
new_keyExpiration
,
new_flags
,
new_authtime
,
new_starttime
,
new_endtime
,
new_renewTill
,
new_srealm
,
new_sname
,
new_caddr
,
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
public
EncTGSRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
new
DerValue
(
data
));
}
public
EncTGSRepPart
(
byte
[]
data
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
new
DerValue
(
data
));
}
public
EncTGSRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
);
}
public
EncTGSRepPart
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
,
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
return
asn1Encode
(
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
encoding
,
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
return
asn1Encode
(
Krb5
.
KRB_ENC_TGS_REP_PART
);
}
}
src/share/classes/sun/security/krb5/internal/EncTicketPart.java
浏览文件 @
e92b5641
...
...
@@ -62,69 +62,68 @@ import java.io.*;
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
EncTicketPart
{
public
TicketFlags
flags
;
public
EncryptionKey
key
;
public
Realm
crealm
;
public
PrincipalName
cname
;
public
TransitedEncoding
transited
;
public
KerberosTime
authtime
;
public
KerberosTime
starttime
;
//optional
public
KerberosTime
endtime
;
public
KerberosTime
renewTill
;
//optional
public
HostAddresses
caddr
;
//optional
public
AuthorizationData
authorizationData
;
//optional
public
EncTicketPart
(
TicketFlags
new_flags
,
EncryptionKey
new_key
,
Realm
new_crealm
,
PrincipalName
new_cname
,
TransitedEncoding
new_transited
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
HostAddresses
new_caddr
,
AuthorizationData
new_authorizationData
)
{
flags
=
new_flags
;
key
=
new_key
;
crealm
=
new_crealm
;
cname
=
new_cname
;
transited
=
new_transited
;
authtime
=
new_authtime
;
starttime
=
new_starttime
;
endtime
=
new_endtime
;
renewTill
=
new_renewTill
;
caddr
=
new_caddr
;
authorizationData
=
new_authorizationData
;
}
public
EncTicketPart
(
byte
[]
data
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
TicketFlags
flags
;
public
EncryptionKey
key
;
public
Realm
crealm
;
public
PrincipalName
cname
;
public
TransitedEncoding
transited
;
public
KerberosTime
authtime
;
public
KerberosTime
starttime
;
//optional
public
KerberosTime
endtime
;
public
KerberosTime
renewTill
;
//optional
public
HostAddresses
caddr
;
//optional
public
AuthorizationData
authorizationData
;
//optional
public
EncTicketPart
(
TicketFlags
new_flags
,
EncryptionKey
new_key
,
Realm
new_crealm
,
PrincipalName
new_cname
,
TransitedEncoding
new_transited
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
HostAddresses
new_caddr
,
AuthorizationData
new_authorizationData
)
{
flags
=
new_flags
;
key
=
new_key
;
crealm
=
new_crealm
;
cname
=
new_cname
;
transited
=
new_transited
;
authtime
=
new_authtime
;
starttime
=
new_starttime
;
endtime
=
new_endtime
;
renewTill
=
new_renewTill
;
caddr
=
new_caddr
;
authorizationData
=
new_authorizationData
;
}
public
EncTicketPart
(
DerValue
encoding
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
encoding
);
}
public
EncTicketPart
(
byte
[]
data
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
new
DerValue
(
data
)
);
}
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public
EncTicketPart
(
DerValue
encoding
)
throws
Asn1Exception
,
KrbException
,
IOException
{
init
(
encoding
);
}
/**
* Initializes an EncTicketPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
static
String
getHexBytes
(
byte
[]
bytes
,
int
len
)
throws
IOException
{
throws
IOException
{
StringBuffer
sb
=
new
StringBuffer
();
for
(
int
i
=
0
;
i
<
len
;
i
++)
{
int
b1
=
(
bytes
[
i
]
>>
4
)
&
0x0f
;
int
b1
=
(
bytes
[
i
]
>>
4
)
&
0x0f
;
int
b2
=
bytes
[
i
]
&
0x0f
;
sb
.
append
(
Integer
.
toHexString
(
b1
));
...
...
@@ -134,73 +133,91 @@ public class EncTicketPart {
return
sb
.
toString
();
}
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
DerValue
der
,
subDer
;
renewTill
=
null
;
caddr
=
null
;
authorizationData
=
null
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x03
)
renewTill
=
null
;
caddr
=
null
;
authorizationData
=
null
;
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x03
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
flags
=
TicketFlags
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
false
);
key
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
transited
=
TransitedEncoding
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
authtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
starttime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
endtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x07
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
renewTill
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
caddr
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x09
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
authorizationData
=
AuthorizationData
.
parse
(
der
.
getData
(),
(
byte
)
0x0A
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
flags
=
TicketFlags
.
parse
(
der
.
getData
(),
(
byte
)
0x00
,
false
);
key
=
EncryptionKey
.
parse
(
der
.
getData
(),
(
byte
)
0x01
,
false
);
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x02
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
transited
=
TransitedEncoding
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
authtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
starttime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
true
);
endtime
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x07
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
renewTill
=
KerberosTime
.
parse
(
der
.
getData
(),
(
byte
)
0x08
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
caddr
=
HostAddresses
.
parse
(
der
.
getData
(),
(
byte
)
0x09
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
authorizationData
=
AuthorizationData
.
parse
(
der
.
getData
(),
(
byte
)
0x0A
,
true
);
}
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
/**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
}
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an EncTicketPart object.
* @return byte array of encoded EncTicketPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
flags
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
key
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
crealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
cname
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
transited
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
authtime
.
asn1Encode
());
if
(
starttime
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
startti
me
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
endtime
.
asn1Encode
());
if
(
renewTill
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
renewTill
.
asn1Encode
());
if
(
caddr
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
caddr
.
asn1Encode
());
if
(
authorizationData
!=
null
)
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
authorizationData
.
asn1Encode
());
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x03
),
temp
);
return
bytes
.
toByteArray
(
);
DerOutputStream
temp
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
flags
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
key
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
crealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
cna
me
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
transited
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
authtime
.
asn1Encode
());
if
(
starttime
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
starttime
.
asn1Encode
());
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
endtime
.
asn1Encode
());
if
(
renewTill
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
renewTill
.
asn1Encode
()
);
}
if
(
caddr
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
caddr
.
asn1Encode
());
}
if
(
authorizationData
!=
null
)
{
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
authorizationData
.
asn1Encode
());
}
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x03
),
temp
);
return
bytes
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/KDCRep.java
浏览文件 @
e92b5641
...
...
@@ -35,6 +35,7 @@ import sun.security.util.*;
import
java.util.Vector
;
import
java.io.IOException
;
import
java.math.BigInteger
;
/**
* Implements the ASN.1 KDC-REP type.
*
...
...
@@ -59,163 +60,168 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
KDCRep
{
public
Realm
crealm
;
public
PrincipalName
cname
;
public
Ticket
ticket
;
public
EncryptedData
encPart
;
public
EncKDCRepPart
encKDCRepPart
;
//not part of ASN.1 encoding
private
int
pvno
;
private
int
msgType
;
private
PAData
[]
pAData
=
null
;
//optional
private
boolean
DEBUG
=
Krb5
.
DEBUG
;
public
Realm
crealm
;
public
PrincipalName
cname
;
public
Ticket
ticket
;
public
EncryptedData
encPart
;
public
EncKDCRepPart
encKDCRepPart
;
//not part of ASN.1 encoding
private
int
pvno
;
private
int
msgType
;
private
PAData
[]
pAData
=
null
;
//optional
private
boolean
DEBUG
=
Krb5
.
DEBUG
;
public
KDCRep
(
PAData
[]
new_pAData
,
Realm
new_crealm
,
PrincipalName
new_cname
,
Ticket
new_ticket
,
EncryptedData
new_encPart
,
int
req_type
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
req_type
;
if
(
new_pAData
!=
null
)
{
pAData
=
new
PAData
[
new_pAData
.
length
];
for
(
int
i
=
0
;
i
<
new_pAData
.
length
;
i
++)
{
if
(
new_pAData
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KDCRep"
);
}
else
{
pAData
[
i
]
=
(
PAData
)
new_pAData
[
i
].
clone
();
}
}
public
KDCRep
(
PAData
[]
new_pAData
,
Realm
new_crealm
,
PrincipalName
new_cname
,
Ticket
new_ticket
,
EncryptedData
new_encPart
,
int
req_type
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
req_type
;
if
(
new_pAData
!=
null
)
{
pAData
=
new
PAData
[
new_pAData
.
length
];
for
(
int
i
=
0
;
i
<
new_pAData
.
length
;
i
++)
{
if
(
new_pAData
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KDCRep"
);
}
else
{
pAData
[
i
]
=
(
PAData
)
new_pAData
[
i
].
clone
();
}
crealm
=
new_crealm
;
cname
=
new_cname
;
ticket
=
new_ticket
;
encPart
=
new_encPart
;
}
}
crealm
=
new_crealm
;
cname
=
new_cname
;
ticket
=
new_ticket
;
encPart
=
new_encPart
;
}
public
KDCRep
()
{
}
public
KDCRep
()
{
}
public
KDCRep
(
byte
[]
data
,
int
req_type
)
throws
Asn1Exception
,
KrbApErrException
,
RealmException
,
IOException
{
init
(
new
DerValue
(
data
),
req_type
);
}
public
KDCRep
(
byte
[]
data
,
int
req_type
)
throws
Asn1Exception
,
KrbApErrException
,
RealmException
,
IOException
{
init
(
new
DerValue
(
data
),
req_type
);
}
public
KDCRep
(
DerValue
encoding
,
int
req_type
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
,
req_type
);
}
public
KDCRep
(
DerValue
encoding
,
int
req_type
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
,
req_type
);
}
/*
// Not used? Don't know what keyusage to use here %%%
public void decrypt(EncryptionKey key) throws Asn1Exception,
IOException, KrbException, RealmException {
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key),
msgType);
}
*/
/**
* Initializes an KDCRep object.
*
* @param encoding a single DER-encoded value.
* @param req_type reply message type.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
*
*/
protected
void
init
(
DerValue
encoding
,
int
req_type
)
public void decrypt(EncryptionKey key) throws Asn1Exception,
IOException, KrbException, RealmException {
encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
}
*/
/**
* Initializes an KDCRep object.
*
* @param encoding a single DER-encoded value.
* @param req_type reply message type.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while constructing
* a Realm object from DER-encoded data.
* @exception KrbApErrException if the value read from the DER-encoded
* data stream does not match the pre-defined value.
*
*/
protected
void
init
(
DerValue
encoding
,
int
req_type
)
throws
Asn1Exception
,
RealmException
,
IOException
,
KrbApErrException
{
DerValue
der
,
subDer
;
if
((
encoding
.
getTag
()
&
0x1F
)
!=
req_type
)
{
if
(
DEBUG
)
{
System
.
out
.
println
(
">>> KDCRep: init() "
+
"encoding tag is "
+
encoding
.
getTag
()
+
" req type is "
+
req_type
);
}
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
KrbApErrException
{
DerValue
der
,
subDer
;
if
((
encoding
.
getTag
()
&
0x1F
)
!=
req_type
)
{
if
(
DEBUG
)
{
System
.
out
.
println
(
">>> KDCRep: init() "
+
"encoding tag is "
+
encoding
.
getTag
()
+
" req type is "
+
req_type
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x00
)
{
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x00
)
{
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x01
)
{
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
req_type
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x02
)
{
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x01
)
{
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
req_type
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x02
)
{
subDer
=
der
.
getData
().
getDerValue
();
DerValue
[]
padata
=
subDer
.
getData
().
getSequence
(
1
);
pAData
=
new
PAData
[
padata
.
length
];
for
(
int
i
=
0
;
i
<
padata
.
length
;
i
++)
{
pAData
[
i
]
=
new
PAData
(
padata
[
i
]);
}
}
else
{
pAData
=
null
;
}
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
ticket
=
Ticket
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
DerValue
[]
padata
=
subDer
.
getData
().
getSequence
(
1
);
pAData
=
new
PAData
[
padata
.
length
];
for
(
int
i
=
0
;
i
<
padata
.
length
;
i
++)
{
pAData
[
i
]
=
new
PAData
(
padata
[
i
]);
}
}
else
{
pAData
=
null
;
}
crealm
=
Realm
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
cname
=
PrincipalName
.
parse
(
der
.
getData
(),
(
byte
)
0x04
,
false
);
ticket
=
Ticket
.
parse
(
der
.
getData
(),
(
byte
)
0x05
,
false
);
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x06
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes this object to a byte array.
* @return byte array of encoded APReq object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
if
(
pAData
!=
null
&&
pAData
.
length
>
0
)
{
DerOutputStream
padata_stream
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
pAData
.
length
;
i
++)
{
padata_stream
.
write
(
pAData
[
i
].
asn1Encode
());
}
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_SequenceOf
,
padata_stream
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
DerOutputStream
bytes
=
new
DerOutputStream
();
DerOutputStream
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
if
(
pAData
!=
null
&&
pAData
.
length
>
0
)
{
DerOutputStream
padata_stream
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
pAData
.
length
;
i
++)
{
padata_stream
.
write
(
pAData
[
i
].
asn1Encode
());
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
crealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
cname
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
ticket
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
encPart
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
return
temp
.
toByteArray
();
temp
.
write
(
DerValue
.
tag_SequenceOf
,
padata_stream
);
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
}
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
crealm
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
cname
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
ticket
.
asn1Encode
());
bytes
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
encPart
.
asn1Encode
());
temp
=
new
DerOutputStream
();
temp
.
write
(
DerValue
.
tag_Sequence
,
bytes
);
return
temp
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/KDCReq.java
浏览文件 @
e92b5641
...
...
@@ -56,155 +56,160 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
KDCReq
{
public
KDCReqBody
reqBody
;
private
int
pvno
;
private
int
msgType
;
private
PAData
[]
pAData
=
null
;
//optional
public
KDCReqBody
reqBody
;
private
int
pvno
;
private
int
msgType
;
private
PAData
[]
pAData
=
null
;
//optional
public
KDCReq
(
PAData
[]
new_pAData
,
KDCReqBody
new_reqBody
,
int
req_type
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
req_type
;
if
(
new_pAData
!=
null
)
{
pAData
=
new
PAData
[
new_pAData
.
length
];
for
(
int
i
=
0
;
i
<
new_pAData
.
length
;
i
++)
{
if
(
new_pAData
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KDCRep"
);
}
else
{
pAData
[
i
]
=
(
PAData
)
new_pAData
[
i
].
clone
();
}
}
public
KDCReq
(
PAData
[]
new_pAData
,
KDCReqBody
new_reqBody
,
int
req_type
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
req_type
;
if
(
new_pAData
!=
null
)
{
pAData
=
new
PAData
[
new_pAData
.
length
];
for
(
int
i
=
0
;
i
<
new_pAData
.
length
;
i
++)
{
if
(
new_pAData
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KDCRep"
);
}
else
{
pAData
[
i
]
=
(
PAData
)
new_pAData
[
i
].
clone
();
}
reqBody
=
new_reqBody
;
}
}
reqBody
=
new_reqBody
;
}
public
KDCReq
()
{
}
public
KDCReq
()
{
}
public
KDCReq
(
byte
[]
data
,
int
req_type
)
throws
Asn1Exception
,
IOException
,
KrbException
{
public
KDCReq
(
byte
[]
data
,
int
req_type
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
new
DerValue
(
data
),
req_type
);
}
}
/**
* Creates an KDCReq object from a DerValue object and asn1 type.
*
* @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException
*/
* Creates an KDCReq object from a DerValue object and asn1 type.
*
* @param der a DER value of an KDCReq object.
* @param req_type a encoded asn1 type value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exceptoin KrbErrException
*/
public
KDCReq
(
DerValue
der
,
int
req_type
)
throws
Asn1Exception
,
IOException
,
KrbException
{
init
(
der
,
req_type
);
}
IOException
,
KrbException
{
init
(
der
,
req_type
);
}
/**
* Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
*
* @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data.
*/
/**
* Initializes a KDCReq object from a DerValue. The DER encoding
* must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
*
* @param encoding a DER-encoded KDCReq object.
* @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbException if an error occurs while constructing a Realm object,
* or a Krb object from DER-encoded data.
*/
protected
void
init
(
DerValue
encoding
,
int
req_type
)
throws
Asn1Exception
,
IOException
,
KrbException
{
DerValue
der
,
subDer
;
BigInteger
bint
;
if
((
encoding
.
getTag
()
&
0x1F
)
!=
req_type
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
IOException
,
KrbException
{
DerValue
der
,
subDer
;
BigInteger
bint
;
if
((
encoding
.
getTag
()
&
0x1F
)
!=
req_type
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x01
)
{
bint
=
subDer
.
getData
().
getBigInteger
();
this
.
pvno
=
bint
.
intValue
();
if
(
this
.
pvno
!=
Krb5
.
PVNO
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x02
)
{
bint
=
subDer
.
getData
().
getBigInteger
();
this
.
msgType
=
bint
.
intValue
();
if
(
this
.
msgType
!=
req_type
)
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x03
)
{
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
if
(
subsubDer
.
getTag
()
!=
DerValue
.
tag_SequenceOf
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
Vector
<
PAData
>
v
=
new
Vector
<
PAData
>
();
while
(
subsubDer
.
getData
().
available
()
>
0
)
{
v
.
addElement
(
new
PAData
(
subsubDer
.
getData
().
getDerValue
()));
}
if
(
v
.
size
()
>
0
)
{
pAData
=
new
PAData
[
v
.
size
()];
v
.
copyInto
(
pAData
);
}
}
else
pAData
=
null
;
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x04
)
{
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
reqBody
=
new
KDCReqBody
(
subsubDer
,
msgType
);
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x01
)
{
bint
=
subDer
.
getData
().
getBigInteger
();
this
.
pvno
=
bint
.
intValue
();
if
(
this
.
pvno
!=
Krb5
.
PVNO
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x02
)
{
bint
=
subDer
.
getData
().
getBigInteger
();
this
.
msgType
=
bint
.
intValue
();
if
(
this
.
msgType
!=
req_type
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
if
((
der
.
getData
().
peekByte
()
&
0x1F
)
==
0x03
)
{
subDer
=
der
.
getData
().
getDerValue
();
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
if
(
subsubDer
.
getTag
()
!=
DerValue
.
tag_SequenceOf
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
Vector
<
PAData
>
v
=
new
Vector
<
PAData
>();
while
(
subsubDer
.
getData
().
available
()
>
0
)
{
v
.
addElement
(
new
PAData
(
subsubDer
.
getData
().
getDerValue
()));
}
if
(
v
.
size
()
>
0
)
{
pAData
=
new
PAData
[
v
.
size
()];
v
.
copyInto
(
pAData
);
}
}
else
{
pAData
=
null
;
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x01F
)
==
0x04
)
{
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
reqBody
=
new
KDCReqBody
(
subsubDer
,
msgType
);
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes this object to a byte array.
*
* @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
/**
* Encodes this object to a byte array.
*
* @return an byte array of encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
temp
,
bytes
,
out
;
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
DerOutputStream
temp
,
bytes
,
out
;
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
temp
);
if
(
pAData
!=
null
&&
pAData
.
length
>
0
)
{
temp
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
pAData
.
length
;
i
++)
{
temp
.
write
(
pAData
[
i
].
asn1Encode
());
}
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_SequenceOf
,
temp
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
bytes
);
}
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
reqBody
.
asn1Encode
(
msgType
));
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_Sequence
,
out
);
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
msgType
),
bytes
);
return
out
.
toByteArray
();
}
public
byte
[]
asn1EncodeReqBody
()
throws
Asn1Exception
,
IOException
{
return
reqBody
.
asn1Encode
(
msgType
);
temp
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
pAData
.
length
;
i
++)
{
temp
.
write
(
pAData
[
i
].
asn1Encode
());
}
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_SequenceOf
,
temp
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
bytes
);
}
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
reqBody
.
asn1Encode
(
msgType
));
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_Sequence
,
out
);
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
msgType
),
bytes
);
return
out
.
toByteArray
();
}
public
byte
[]
asn1EncodeReqBody
()
throws
Asn1Exception
,
IOException
{
return
reqBody
.
asn1Encode
(
msgType
);
}
}
src/share/classes/sun/security/krb5/internal/KRBCred.java
浏览文件 @
e92b5641
...
...
@@ -56,128 +56,134 @@ import java.math.BigInteger;
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public
class
KRBCred
{
public
Ticket
[]
tickets
=
null
;
public
EncryptedData
encPart
;
private
int
pvno
;
private
int
msgType
;
public
Ticket
[]
tickets
=
null
;
public
EncryptedData
encPart
;
private
int
pvno
;
private
int
msgType
;
public
KRBCred
(
Ticket
[]
new_tickets
,
EncryptedData
new_encPart
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_CRED
;
if
(
new_tickets
!=
null
)
{
tickets
=
new
Ticket
[
new_tickets
.
length
];
for
(
int
i
=
0
;
i
<
new_tickets
.
length
;
i
++)
{
if
(
new_tickets
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KRBCred"
);
}
else
{
tickets
[
i
]
=
(
Ticket
)
new_tickets
[
i
].
clone
();
}
}
public
KRBCred
(
Ticket
[]
new_tickets
,
EncryptedData
new_encPart
)
throws
IOException
{
pvno
=
Krb5
.
PVNO
;
msgType
=
Krb5
.
KRB_CRED
;
if
(
new_tickets
!=
null
)
{
tickets
=
new
Ticket
[
new_tickets
.
length
];
for
(
int
i
=
0
;
i
<
new_tickets
.
length
;
i
++)
{
if
(
new_tickets
[
i
]
==
null
)
{
throw
new
IOException
(
"Cannot create a KRBCred"
);
}
else
{
tickets
[
i
]
=
(
Ticket
)
new_tickets
[
i
].
clone
();
}
encPart
=
new_encPart
;
}
}
encPart
=
new_encPart
;
}
public
KRBCred
(
byte
[]
data
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
KRBCred
(
byte
[]
data
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
new
DerValue
(
data
));
}
public
KRBCred
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
);
}
public
KRBCred
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
init
(
encoding
);
}
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x16
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
/**
* Initializes an KRBCred object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private
void
init
(
DerValue
encoding
)
throws
Asn1Exception
,
RealmException
,
KrbApErrException
,
IOException
{
if
(((
encoding
.
getTag
()
&
(
byte
)
0x1F
)
!=
(
byte
)
0x16
)
||
(
encoding
.
isApplication
()
!=
true
)
||
(
encoding
.
isConstructed
()
!=
true
))
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
DerValue
der
,
subDer
;
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x00
)
{
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
{
der
=
encoding
.
getData
().
getDerValue
();
if
(
der
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x00
)
{
pvno
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
pvno
!=
Krb5
.
PVNO
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_BADVERSION
);
}
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x01
)
{
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_CRED
)
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x01
)
{
msgType
=
subDer
.
getData
().
getBigInteger
().
intValue
();
if
(
msgType
!=
Krb5
.
KRB_CRED
)
{
throw
new
KrbApErrException
(
Krb5
.
KRB_AP_ERR_MSG_TYPE
);
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
subDer
=
der
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x02
)
{
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
if
((
subDer
.
getTag
()
&
0x1F
)
==
0x02
)
{
DerValue
subsubDer
=
subDer
.
getData
().
getDerValue
();
if
(
subsubDer
.
getTag
()
!=
DerValue
.
tag_SequenceOf
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
Vector
<
Ticket
>
v
=
new
Vector
<
Ticket
>
();
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
Vector
<
Ticket
>
v
=
new
Vector
<
Ticket
>();
while
(
subsubDer
.
getData
().
available
()
>
0
)
{
v
.
addElement
(
new
Ticket
(
subsubDer
.
getData
().
getDerValue
()));
}
v
.
addElement
(
new
Ticket
(
subsubDer
.
getData
().
getDerValue
()));
}
if
(
v
.
size
()
>
0
)
{
tickets
=
new
Ticket
[
v
.
size
()];
v
.
copyInto
(
tickets
);
}
}
else
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
tickets
=
new
Ticket
[
v
.
size
()];
v
.
copyInto
(
tickets
);
}
}
else
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
encPart
=
EncryptedData
.
parse
(
der
.
getData
(),
(
byte
)
0x03
,
false
);
if
(
der
.
getData
().
available
()
>
0
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
}
/**
* Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
/**
* Encodes an KRBCred object.
* @return the data of encoded EncAPRepPart object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*/
public
byte
[]
asn1Encode
()
throws
Asn1Exception
,
IOException
{
DerOutputStream
temp
,
bytes
,
out
;
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
pvno
));
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
temp
);
temp
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
tickets
.
length
;
i
++)
{
temp
.
write
(
tickets
[
i
].
asn1Encode
());
}
temp
.
putInteger
(
BigInteger
.
valueOf
(
msgType
));
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
temp
);
temp
=
new
DerOutputStream
();
for
(
int
i
=
0
;
i
<
tickets
.
length
;
i
++)
{
temp
.
write
(
tickets
[
i
].
asn1Encode
());
}
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_SequenceOf
,
temp
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
bytes
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
encPart
.
asn1Encode
());
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
bytes
);
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
encPart
.
asn1Encode
());
bytes
=
new
DerOutputStream
();
bytes
.
write
(
DerValue
.
tag_Sequence
,
out
);
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x16
),
bytes
);
return
out
.
toByteArray
(
);
}
out
=
new
DerOutputStream
();
out
.
write
(
DerValue
.
createTag
(
DerValue
.
TAG_APPLICATION
,
true
,
(
byte
)
0x16
),
bytes
);
return
out
.
toByteArray
();
}
}
src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
浏览文件 @
e92b5641
...
...
@@ -111,7 +111,7 @@ public class KrbCredInfo {
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public
KrbCredInfo
(
DerValue
encoding
)
throws
Asn1Exception
,
IOException
,
RealmException
{
throws
Asn1Exception
,
IOException
,
RealmException
{
if
(
encoding
.
getTag
()
!=
DerValue
.
tag_Sequence
)
{
throw
new
Asn1Exception
(
Krb5
.
ASN1_BAD_ID
);
}
...
...
@@ -160,25 +160,25 @@ public class KrbCredInfo {
Vector
<
DerValue
>
v
=
new
Vector
<
DerValue
>
();
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x00
),
key
.
asn1Encode
()));
if
(
prealm
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
prealm
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x01
),
prealm
.
asn1Encode
()));
if
(
pname
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
pname
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x02
),
pname
.
asn1Encode
()));
if
(
flags
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
flags
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x03
),
flags
.
asn1Encode
()));
if
(
authtime
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
authtime
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x04
),
authtime
.
asn1Encode
()));
if
(
starttime
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
starttime
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x05
),
starttime
.
asn1Encode
()));
if
(
endtime
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
endtime
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x06
),
endtime
.
asn1Encode
()));
if
(
renewTill
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
renewTill
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x07
),
renewTill
.
asn1Encode
()));
if
(
srealm
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
srealm
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x08
),
srealm
.
asn1Encode
()));
if
(
sname
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
sname
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x09
),
sname
.
asn1Encode
()));
if
(
caddr
!=
null
)
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
caddr
.
asn1Encode
()));
v
.
addElement
(
new
DerValue
(
DerValue
.
createTag
(
DerValue
.
TAG_CONTEXT
,
true
,
(
byte
)
0x0A
),
caddr
.
asn1Encode
()));
DerValue
der
[]
=
new
DerValue
[
v
.
size
()];
v
.
copyInto
(
der
);
DerOutputStream
out
=
new
DerOutputStream
();
...
...
src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java
浏览文件 @
e92b5641
...
...
@@ -215,7 +215,9 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
addrType
=
read
(
2
);
addrLength
=
read
(
4
);
if
(!(
addrLength
==
4
||
addrLength
==
16
))
{
System
.
out
.
println
(
"Incorrect address format."
);
if
(
DEBUG
)
{
System
.
out
.
println
(
"Incorrect address format."
);
}
return
null
;
}
byte
[]
result
=
new
byte
[
addrLength
];
...
...
@@ -338,15 +340,19 @@ public class CCacheInputStream extends KrbDataInputStream implements FileCCacheC
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> key type: "
+
key
.
getEType
());
long
times
[]
=
readTimes
();
KerberosTime
authtime
=
new
KerberosTime
(
times
[
0
]);
KerberosTime
starttime
=
new
KerberosTime
(
times
[
1
]);
KerberosTime
starttime
=
(
times
[
1
]==
0
)
?
null
:
new
KerberosTime
(
times
[
1
]);
KerberosTime
endtime
=
new
KerberosTime
(
times
[
2
]);
KerberosTime
renewTill
=
new
KerberosTime
(
times
[
3
]);
KerberosTime
renewTill
=
(
times
[
3
]==
0
)
?
null
:
new
KerberosTime
(
times
[
3
]);
if
(
DEBUG
)
{
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> auth time: "
+
authtime
.
toDate
().
toString
());
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> start time: "
+
starttime
.
toDate
().
toString
());
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> start time: "
+
((
starttime
==
null
)?
"null"
:
starttime
.
toDate
().
toString
()));
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> end time: "
+
endtime
.
toDate
().
toString
());
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> renew_till time: "
+
renewTill
.
toDate
().
toString
());
System
.
out
.
println
(
">>>DEBUG <CCacheInputStream> renew_till time: "
+
((
renewTill
==
null
)?
"null"
:
renewTill
.
toDate
().
toString
()));
}
boolean
skey
=
readskey
();
boolean
flags
[]
=
readFlags
();
...
...
src/share/classes/sun/security/krb5/internal/ccache/Credentials.java
浏览文件 @
e92b5641
...
...
@@ -34,169 +34,185 @@ import sun.security.krb5.*;
import
sun.security.krb5.internal.*
;
public
class
Credentials
{
PrincipalName
cname
;
Realm
crealm
;
PrincipalName
cname
;
Realm
crealm
;
PrincipalName
sname
;
Realm
srealm
;
EncryptionKey
key
;
KerberosTime
authtime
;
KerberosTime
starttime
;
//optional
KerberosTime
endtime
;
KerberosTime
renewTill
;
//optional
HostAddresses
caddr
;
//optional; for proxied tickets only
Realm
srealm
;
EncryptionKey
key
;
KerberosTime
authtime
;
KerberosTime
starttime
;
//optional
KerberosTime
endtime
;
KerberosTime
renewTill
;
//optional
HostAddresses
caddr
;
//optional; for proxied tickets only
AuthorizationData
authorizationData
;
//optional, not being actually used
public
boolean
isEncInSKey
;
// true if ticket is encrypted in another ticket's skey
TicketFlags
flags
;
TicketFlags
flags
;
Ticket
ticket
;
Ticket
secondTicket
;
//optional
private
boolean
DEBUG
=
Krb5
.
DEBUG
;
public
Credentials
(
PrincipalName
new_cname
,
PrincipalName
new_sname
,
EncryptionKey
new_key
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
boolean
new_isEncInSKey
,
TicketFlags
new_flags
,
HostAddresses
new_caddr
,
AuthorizationData
new_authData
,
Ticket
new_ticket
,
Ticket
new_secondTicket
)
{
cname
=
(
PrincipalName
)
new_cname
.
clone
();
if
(
new_cname
.
getRealm
()
!=
null
)
crealm
=
(
Realm
)
new_cname
.
getRealm
().
clone
();
sname
=
(
PrincipalName
)
new_sname
.
clone
();
if
(
new_sname
.
getRealm
()
!=
null
)
srealm
=
(
Realm
)
new_sname
.
getRealm
().
clone
();
key
=
(
EncryptionKey
)
new_key
.
clone
();
authtime
=
(
KerberosTime
)
new_authtime
.
clone
();
starttime
=
(
KerberosTime
)
new_starttime
.
clone
();
endtime
=
(
KerberosTime
)
new_endtime
.
clone
();
renewTill
=
(
KerberosTime
)
new_renewTill
.
clone
();
if
(
new_caddr
!=
null
)
caddr
=
(
HostAddresses
)
new_caddr
.
clone
();
if
(
new_authData
!=
null
)
{
authorizationData
=
(
AuthorizationData
)
new_authData
.
clone
();
}
isEncInSKey
=
new_isEncInSKey
;
flags
=
(
TicketFlags
)
new_flags
.
clone
();
ticket
=
(
Ticket
)(
new_ticket
.
clone
());
if
(
new_secondTicket
!=
null
)
secondTicket
=
(
Ticket
)
new_secondTicket
.
clone
();
}
public
Credentials
(
KDCRep
kdcRep
,
Ticket
new_secondTicket
,
AuthorizationData
new_authorizationData
,
boolean
new_isEncInSKey
)
{
if
(
kdcRep
.
encKDCRepPart
==
null
)
//can't store while encrypted
return
;
crealm
=
(
Realm
)
kdcRep
.
crealm
.
clone
();
cname
=
(
PrincipalName
)
kdcRep
.
cname
.
clone
();
ticket
=
(
Ticket
)
kdcRep
.
ticket
.
clone
();
key
=
(
EncryptionKey
)
kdcRep
.
encKDCRepPart
.
key
.
clone
();
flags
=
(
TicketFlags
)
kdcRep
.
encKDCRepPart
.
flags
.
clone
();
authtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
authtime
.
clone
();
starttime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
starttime
.
clone
();
endtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
endtime
.
clone
();
renewTill
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
renewTill
.
clone
();
srealm
=
(
Realm
)
kdcRep
.
encKDCRepPart
.
srealm
.
clone
();
sname
=
(
PrincipalName
)
kdcRep
.
encKDCRepPart
.
sname
.
clone
();
caddr
=
(
HostAddresses
)
kdcRep
.
encKDCRepPart
.
caddr
.
clone
();
secondTicket
=
(
Ticket
)
new_secondTicket
.
clone
();
authorizationData
=
(
AuthorizationData
)
new_authorizationData
.
clone
();
isEncInSKey
=
new_isEncInSKey
;
}
public
Credentials
(
KDCRep
kdcRep
)
{
this
(
kdcRep
,
null
);
}
public
Credentials
(
KDCRep
kdcRep
,
Ticket
new_ticket
)
{
sname
=
(
PrincipalName
)
kdcRep
.
encKDCRepPart
.
sname
.
clone
();
srealm
=
(
Realm
)
kdcRep
.
encKDCRepPart
.
srealm
.
clone
();
try
{
sname
.
setRealm
(
srealm
);
}
catch
(
RealmException
e
)
{
}
cname
=
(
PrincipalName
)
kdcRep
.
cname
.
clone
();
crealm
=
(
Realm
)
kdcRep
.
crealm
.
clone
();
try
{
cname
.
setRealm
(
crealm
);
}
catch
(
RealmException
e
)
{
}
key
=
(
EncryptionKey
)
kdcRep
.
encKDCRepPart
.
key
.
clone
();
authtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
authtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
starttime
!=
null
)
{
starttime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
starttime
.
clone
();
}
else
starttime
=
null
;
endtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
endtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
renewTill
!=
null
)
{
renewTill
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
renewTill
.
clone
();
}
else
renewTill
=
null
;
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags
=
kdcRep
.
encKDCRepPart
.
flags
;
if
(
kdcRep
.
encKDCRepPart
.
caddr
!=
null
)
caddr
=
(
HostAddresses
)
kdcRep
.
encKDCRepPart
.
caddr
.
clone
();
else
caddr
=
null
;
ticket
=
(
Ticket
)
kdcRep
.
ticket
.
clone
();
if
(
new_ticket
!=
null
)
{
secondTicket
=
(
Ticket
)
new_ticket
.
clone
();
isEncInSKey
=
true
;
}
else
{
secondTicket
=
null
;
isEncInSKey
=
false
;
}
}
/**
* Checks if this credential is expired
*/
public
boolean
isValid
()
{
boolean
valid
=
true
;
if
(
endtime
.
getTime
()
<
System
.
currentTimeMillis
())
{
valid
=
false
;
}
else
if
((
starttime
.
getTime
()
>
System
.
currentTimeMillis
())
||
((
starttime
==
null
)
&&
(
authtime
.
getTime
()
>
System
.
currentTimeMillis
())))
{
valid
=
false
;
}
return
valid
;
}
public
PrincipalName
getServicePrincipal
()
throws
RealmException
{
if
(
sname
.
getRealm
()
==
null
)
{
sname
.
setRealm
(
srealm
);
}
return
sname
;
}
public
sun
.
security
.
krb5
.
Credentials
setKrbCreds
()
{
return
new
sun
.
security
.
krb5
.
Credentials
(
ticket
,
cname
,
sname
,
key
,
flags
,
authtime
,
starttime
,
endtime
,
renewTill
,
caddr
);
Ticket
secondTicket
;
//optional
private
boolean
DEBUG
=
Krb5
.
DEBUG
;
public
Credentials
(
PrincipalName
new_cname
,
PrincipalName
new_sname
,
EncryptionKey
new_key
,
KerberosTime
new_authtime
,
KerberosTime
new_starttime
,
KerberosTime
new_endtime
,
KerberosTime
new_renewTill
,
boolean
new_isEncInSKey
,
TicketFlags
new_flags
,
HostAddresses
new_caddr
,
AuthorizationData
new_authData
,
Ticket
new_ticket
,
Ticket
new_secondTicket
)
{
cname
=
(
PrincipalName
)
new_cname
.
clone
();
if
(
new_cname
.
getRealm
()
!=
null
)
{
crealm
=
(
Realm
)
new_cname
.
getRealm
().
clone
();
}
sname
=
(
PrincipalName
)
new_sname
.
clone
();
if
(
new_sname
.
getRealm
()
!=
null
)
{
srealm
=
(
Realm
)
new_sname
.
getRealm
().
clone
();
}
key
=
(
EncryptionKey
)
new_key
.
clone
();
authtime
=
(
KerberosTime
)
new_authtime
.
clone
();
if
(
new_starttime
!=
null
)
{
starttime
=
(
KerberosTime
)
new_starttime
.
clone
();
}
endtime
=
(
KerberosTime
)
new_endtime
.
clone
();
if
(
new_renewTill
!=
null
)
{
renewTill
=
(
KerberosTime
)
new_renewTill
.
clone
();
}
if
(
new_caddr
!=
null
)
{
caddr
=
(
HostAddresses
)
new_caddr
.
clone
();
}
if
(
new_authData
!=
null
)
{
authorizationData
=
(
AuthorizationData
)
new_authData
.
clone
();
}
isEncInSKey
=
new_isEncInSKey
;
flags
=
(
TicketFlags
)
new_flags
.
clone
();
ticket
=
(
Ticket
)
(
new_ticket
.
clone
());
if
(
new_secondTicket
!=
null
)
{
secondTicket
=
(
Ticket
)
new_secondTicket
.
clone
();
}
}
public
Credentials
(
KDCRep
kdcRep
,
Ticket
new_secondTicket
,
AuthorizationData
new_authorizationData
,
boolean
new_isEncInSKey
)
{
if
(
kdcRep
.
encKDCRepPart
==
null
)
//can't store while encrypted
{
return
;
}
crealm
=
(
Realm
)
kdcRep
.
crealm
.
clone
();
cname
=
(
PrincipalName
)
kdcRep
.
cname
.
clone
();
ticket
=
(
Ticket
)
kdcRep
.
ticket
.
clone
();
key
=
(
EncryptionKey
)
kdcRep
.
encKDCRepPart
.
key
.
clone
();
flags
=
(
TicketFlags
)
kdcRep
.
encKDCRepPart
.
flags
.
clone
();
authtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
authtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
starttime
!=
null
)
{
starttime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
starttime
.
clone
();
}
endtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
endtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
renewTill
!=
null
)
{
renewTill
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
renewTill
.
clone
();
}
srealm
=
(
Realm
)
kdcRep
.
encKDCRepPart
.
srealm
.
clone
();
sname
=
(
PrincipalName
)
kdcRep
.
encKDCRepPart
.
sname
.
clone
();
caddr
=
(
HostAddresses
)
kdcRep
.
encKDCRepPart
.
caddr
.
clone
();
secondTicket
=
(
Ticket
)
new_secondTicket
.
clone
();
authorizationData
=
(
AuthorizationData
)
new_authorizationData
.
clone
();
isEncInSKey
=
new_isEncInSKey
;
}
public
Credentials
(
KDCRep
kdcRep
)
{
this
(
kdcRep
,
null
);
}
public
Credentials
(
KDCRep
kdcRep
,
Ticket
new_ticket
)
{
sname
=
(
PrincipalName
)
kdcRep
.
encKDCRepPart
.
sname
.
clone
();
srealm
=
(
Realm
)
kdcRep
.
encKDCRepPart
.
srealm
.
clone
();
try
{
sname
.
setRealm
(
srealm
);
}
catch
(
RealmException
e
)
{
}
cname
=
(
PrincipalName
)
kdcRep
.
cname
.
clone
();
crealm
=
(
Realm
)
kdcRep
.
crealm
.
clone
();
try
{
cname
.
setRealm
(
crealm
);
}
catch
(
RealmException
e
)
{
}
key
=
(
EncryptionKey
)
kdcRep
.
encKDCRepPart
.
key
.
clone
();
authtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
authtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
starttime
!=
null
)
{
starttime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
starttime
.
clone
();
}
else
{
starttime
=
null
;
}
endtime
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
endtime
.
clone
();
if
(
kdcRep
.
encKDCRepPart
.
renewTill
!=
null
)
{
renewTill
=
(
KerberosTime
)
kdcRep
.
encKDCRepPart
.
renewTill
.
clone
();
}
else
{
renewTill
=
null
;
}
// if (kdcRep.msgType == Krb5.KRB_AS_REP) {
// isEncInSKey = false;
// secondTicket = null;
// }
flags
=
kdcRep
.
encKDCRepPart
.
flags
;
if
(
kdcRep
.
encKDCRepPart
.
caddr
!=
null
)
{
caddr
=
(
HostAddresses
)
kdcRep
.
encKDCRepPart
.
caddr
.
clone
();
}
else
{
caddr
=
null
;
}
ticket
=
(
Ticket
)
kdcRep
.
ticket
.
clone
();
if
(
new_ticket
!=
null
)
{
secondTicket
=
(
Ticket
)
new_ticket
.
clone
();
isEncInSKey
=
true
;
}
else
{
secondTicket
=
null
;
isEncInSKey
=
false
;
}
}
/**
* Checks if this credential is expired
*/
public
boolean
isValid
()
{
boolean
valid
=
true
;
if
(
endtime
.
getTime
()
<
System
.
currentTimeMillis
())
{
valid
=
false
;
}
else
if
(
starttime
!=
null
)
{
if
(
starttime
.
getTime
()
>
System
.
currentTimeMillis
())
{
valid
=
false
;
}
}
else
{
if
(
authtime
.
getTime
()
>
System
.
currentTimeMillis
())
{
valid
=
false
;
}
}
return
valid
;
}
public
PrincipalName
getServicePrincipal
()
throws
RealmException
{
if
(
sname
.
getRealm
()
==
null
)
{
sname
.
setRealm
(
srealm
);
}
return
sname
;
}
public
sun
.
security
.
krb5
.
Credentials
setKrbCreds
()
{
return
new
sun
.
security
.
krb5
.
Credentials
(
ticket
,
cname
,
sname
,
key
,
flags
,
authtime
,
starttime
,
endtime
,
renewTill
,
caddr
);
}
public
KerberosTime
getAuthTime
()
{
return
authtime
;
}
...
...
src/share/classes/sun/security/krb5/internal/crypto/dk/AesDkCrypto.java
浏览文件 @
e92b5641
...
...
@@ -440,7 +440,9 @@ public class AesDkCrypto extends DkCrypto {
for
(
int
i
=
0
;
i
<
hashSize
;
i
++)
{
if
(
calculatedHmac
[
i
]
!=
ciphertext
[
hmacOffset
+
i
])
{
cksumFailed
=
true
;
System
.
err
.
println
(
"Checksum failed !"
);
if
(
debug
)
{
System
.
err
.
println
(
"Checksum failed !"
);
}
break
;
}
}
...
...
src/share/classes/sun/security/krb5/internal/crypto/dk/ArcFourCrypto.java
浏览文件 @
e92b5641
...
...
@@ -397,7 +397,9 @@ public class ArcFourCrypto extends DkCrypto {
for
(
int
i
=
0
;
i
<
hashSize
;
i
++)
{
if
(
calculatedHmac
[
i
]
!=
ciphertext
[
i
])
{
cksumFailed
=
true
;
System
.
err
.
println
(
"Checksum failed !"
);
if
(
debug
)
{
System
.
err
.
println
(
"Checksum failed !"
);
}
break
;
}
}
...
...
src/share/classes/sun/security/ssl/Handshaker.java
浏览文件 @
e92b5641
...
...
@@ -617,7 +617,8 @@ abstract class Handshaker {
r
.
write
(
1
);
// single byte of data
if
(
conn
!=
null
)
{
synchronized
(
conn
.
writeLock
)
{
conn
.
writeLock
.
lock
();
try
{
conn
.
writeRecord
(
r
);
conn
.
changeWriteCiphers
();
if
(
debug
!=
null
&&
Debug
.
isOn
(
"handshake"
))
{
...
...
@@ -625,6 +626,8 @@ abstract class Handshaker {
}
mesg
.
write
(
output
);
output
.
flush
();
}
finally
{
conn
.
writeLock
.
unlock
();
}
}
else
{
synchronized
(
engine
.
writeLock
)
{
...
...
src/share/classes/sun/security/ssl/InputRecord.java
浏览文件 @
e92b5641
...
...
@@ -426,12 +426,12 @@ class InputRecord extends ByteArrayInputStream implements Record {
if
(
really
<
0
)
{
throw
new
SSLException
(
"SSL peer shut down incorrectly"
);
}
// now we've got a complete record.
count
=
contentLen
+
headerSize
;
exlen
=
0
;
}
// now we've got a complete record.
count
=
contentLen
+
headerSize
;
exlen
=
0
;
if
(
debug
!=
null
&&
Debug
.
isOn
(
"record"
))
{
if
(
count
<
0
||
count
>
(
maxRecordSize
-
headerSize
))
{
System
.
out
.
println
(
Thread
.
currentThread
().
getName
()
...
...
@@ -502,10 +502,11 @@ class InputRecord extends ByteArrayInputStream implements Record {
if
(
really
<
0
)
{
throw
new
EOFException
(
"SSL peer shut down incorrectly"
);
}
// now we've got a complete record.
exlen
=
0
;
}
// now we've got a complete record.
exlen
=
0
;
hashInternal
(
buf
,
2
,
3
);
hashInternal
(
v2Buf
,
0
,
len
);
V2toV3ClientHello
(
v2Buf
);
...
...
src/share/classes/sun/security/ssl/OutputRecord.java
浏览文件 @
e92b5641
...
...
@@ -174,6 +174,18 @@ class OutputRecord extends ByteArrayOutputStream implements Record {
return
count
==
headerSize
;
}
/*
* Return true if the record is of a given alert.
*/
boolean
isAlert
(
byte
description
)
{
// An alert is defined with a two bytes struct,
// {byte level, byte description}, following after the header bytes.
if
(
count
>
(
headerSize
+
1
)
&&
contentType
==
ct_alert
)
{
return
buf
[
headerSize
+
1
]
==
description
;
}
return
false
;
}
/*
* Compute the MAC and append it to this record. In case we
...
...
src/share/classes/sun/security/ssl/SSLSocketImpl.java
浏览文件 @
e92b5641
/*
* Copyright 1996-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
8
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -33,6 +33,8 @@ import java.security.AccessController;
import
java.security.AccessControlContext
;
import
java.security.PrivilegedAction
;
import
java.util.*
;
import
java.util.concurrent.TimeUnit
;
import
java.util.concurrent.locks.ReentrantLock
;
import
javax.crypto.BadPaddingException
;
...
...
@@ -274,7 +276,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* from the peer are handled properly.
*/
private
Object
handshakeLock
;
Object
writeLock
;
ReentrantLock
writeLock
;
private
Object
readLock
;
private
InputRecord
inrec
;
...
...
@@ -314,7 +316,6 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
private
HashMap
<
HandshakeCompletedListener
,
AccessControlContext
>
handshakeListeners
;
/*
* Reuse the same internal input/output streams.
*/
...
...
@@ -526,7 +527,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
enabledCipherSuites
=
CipherSuiteList
.
getDefault
();
enabledProtocols
=
ProtocolList
.
getDefault
();
handshakeLock
=
new
Object
();
writeLock
=
new
Object
();
writeLock
=
new
ReentrantLock
();
readLock
=
new
Object
();
inrec
=
null
;
...
...
@@ -677,16 +678,81 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
// implementations are fragile and don't like to see empty
// records, so this also increases robustness.
//
synchronized
(
writeLock
)
{
if
(!
r
.
isEmpty
())
{
// r.compress(c);
r
.
addMAC
(
writeMAC
);
r
.
encrypt
(
writeCipher
);
r
.
write
(
sockOutput
);
if
(!
r
.
isEmpty
())
{
// If the record is a close notify alert, we need to honor
// socket option SO_LINGER. Note that we will try to send
// the close notify even if the SO_LINGER set to zero.
if
(
r
.
isAlert
(
Alerts
.
alert_close_notify
)
&&
getSoLinger
()
>=
0
)
{
// keep and clear the current thread interruption status.
boolean
interrupted
=
Thread
.
interrupted
();
try
{
if
(
writeLock
.
tryLock
(
getSoLinger
(),
TimeUnit
.
SECONDS
))
{
try
{
writeRecordInternal
(
r
);
}
finally
{
writeLock
.
unlock
();
}
}
else
{
SSLException
ssle
=
new
SSLException
(
"SO_LINGER timeout,"
+
" close_notify message cannot be sent."
);
// For layered, non-autoclose sockets, we are not
// able to bring them into a usable state, so we
// treat it as fatal error.
if
(
self
!=
this
&&
!
autoClose
)
{
// Note that the alert description is
// specified as -1, so no message will be send
// to peer anymore.
fatal
((
byte
)(-
1
),
ssle
);
}
else
if
((
debug
!=
null
)
&&
Debug
.
isOn
(
"ssl"
))
{
System
.
out
.
println
(
threadName
()
+
", received Exception: "
+
ssle
);
}
// RFC2246 requires that the session becomes
// unresumable if any connection is terminated
// without proper close_notify messages with
// level equal to warning.
//
// RFC4346 no longer requires that a session not be
// resumed if failure to properly close a connection.
//
// We choose to make the session unresumable if
// failed to send the close_notify message.
//
sess
.
invalidate
();
}
}
catch
(
InterruptedException
ie
)
{
// keep interrupted status
interrupted
=
true
;
}
// restore the interrupted status
if
(
interrupted
)
{
Thread
.
currentThread
().
interrupt
();
}
}
else
{
writeLock
.
lock
();
try
{
writeRecordInternal
(
r
);
}
finally
{
writeLock
.
unlock
();
}
}
}
}
private
void
writeRecordInternal
(
OutputRecord
r
)
throws
IOException
{
// r.compress(c);
r
.
addMAC
(
writeMAC
);
r
.
encrypt
(
writeCipher
);
r
.
write
(
sockOutput
);
}
/*
* Read an application data record. Alerts and handshake
...
...
@@ -1533,7 +1599,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
if
(
oldState
==
cs_HANDSHAKE
)
{
sockInput
.
skip
(
sockInput
.
available
());
}
sendAlert
(
Alerts
.
alert_fatal
,
description
);
// If the description equals -1, the alert won't be sent to peer.
if
(
description
!=
-
1
)
{
sendAlert
(
Alerts
.
alert_fatal
,
description
);
}
if
(
cause
instanceof
SSLException
)
{
// only true if != null
closeReason
=
(
SSLException
)
cause
;
}
else
{
...
...
@@ -1614,7 +1684,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
* Emit alerts. Caller must have synchronized with "this".
*/
private
void
sendAlert
(
byte
level
,
byte
description
)
{
if
(
connectionState
>=
cs_
CLOSED
)
{
if
(
connectionState
>=
cs_
SENT_CLOSE
)
{
return
;
}
...
...
src/share/classes/sun/security/x509/AVA.java
浏览文件 @
e92b5641
...
...
@@ -780,7 +780,8 @@ public class AVA implements DerEncoder {
* Implementations MAY escape other characters.
*
* NOTE: this implementation also recognizes "=" and "#" as
* characters which need escaping.
* characters which need escaping, and null which is escaped as
* '\00' (see RFC 4514).
*
* If a character to be escaped is one of the list shown above, then
* it is prefixed by a backslash ('\' ASCII 92).
...
...
@@ -805,6 +806,10 @@ public class AVA implements DerEncoder {
// append printable/escaped char
sbuffer
.
append
(
c
);
}
else
if
(
c
==
'\u0000'
)
{
// escape null character
sbuffer
.
append
(
"\\00"
);
}
else
if
(
debug
!=
null
&&
Debug
.
isOn
(
"ava"
))
{
// embed non-printable/non-escaped char
...
...
src/solaris/classes/java/net/PlainSocketImpl.java
浏览文件 @
e92b5641
...
...
@@ -76,9 +76,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
native
int
socketGetOption
(
int
opt
,
Object
iaContainerObj
)
throws
SocketException
;
native
int
socketGetOption1
(
int
opt
,
Object
iaContainerObj
,
FileDescriptor
fd
)
throws
SocketException
;
native
void
socketSendUrgentData
(
int
data
)
throws
IOException
;
}
src/windows/classes/java/net/DualStackPlainSocketImpl.java
浏览文件 @
e92b5641
...
...
@@ -218,9 +218,6 @@ class DualStackPlainSocketImpl extends AbstractPlainSocketImpl
return
value
;
}
int
socketGetOption1
(
int
opt
,
Object
iaContainerObj
,
FileDescriptor
fd
)
throws
SocketException
{
return
0
;}
// un-implemented REMOVE
void
socketSendUrgentData
(
int
data
)
throws
IOException
{
int
nativefd
=
checkAndReturnNativeFD
();
sendOOB
(
nativefd
,
data
);
...
...
src/windows/classes/java/net/PlainSocketImpl.java
浏览文件 @
e92b5641
...
...
@@ -304,11 +304,6 @@ class PlainSocketImpl extends AbstractPlainSocketImpl
return
impl
.
socketGetOption
(
opt
,
iaContainerObj
);
}
int
socketGetOption1
(
int
opt
,
Object
iaContainerObj
,
FileDescriptor
fd
)
throws
SocketException
{
return
impl
.
socketGetOption1
(
opt
,
iaContainerObj
,
fd
);
}
void
socketSendUrgentData
(
int
data
)
throws
IOException
{
impl
.
socketSendUrgentData
(
data
);
}
...
...
src/windows/classes/java/net/TwoStacksPlainSocketImpl.java
浏览文件 @
e92b5641
...
...
@@ -199,8 +199,5 @@ class TwoStacksPlainSocketImpl extends AbstractPlainSocketImpl
native
int
socketGetOption
(
int
opt
,
Object
iaContainerObj
)
throws
SocketException
;
native
int
socketGetOption1
(
int
opt
,
Object
iaContainerObj
,
FileDescriptor
fd
)
throws
SocketException
;
native
void
socketSendUrgentData
(
int
data
)
throws
IOException
;
}
src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c
浏览文件 @
e92b5641
...
...
@@ -36,6 +36,8 @@
#include <tchar.h>
#include <fcntl.h>
#include "jni_util.h"
#define SECURITY_WIN32
#include "sspi.h"
#include "issperr.h"
...
...
@@ -52,7 +54,7 @@ static INITIALIZE_SECURITY_CONTEXT_FN pInitializeSecurityContext;
static
COMPLETE_AUTH_TOKEN_FN
pCompleteAuthToken
;
static
DELETE_SECURITY_CONTEXT_FN
pDeleteSecurityContext
;
static
void
endSequence
(
PCredHandle
credHand
,
PCtxtHandle
ctxHandle
,
SecBufferDesc
OutBuffDesc
);
static
void
endSequence
(
PCredHandle
credHand
,
PCtxtHandle
ctxHandle
);
static
jfieldID
ntlm_ctxHandleID
;
static
jfieldID
ntlm_crdHandleID
;
...
...
@@ -117,22 +119,36 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
{
SEC_WINNT_AUTH_IDENTITY
AuthId
;
SEC_WINNT_AUTH_IDENTITY
*
pAuthId
;
CHAR
*
pUser
=
0
;
CHAR
*
pDomain
=
0
;
CHAR
*
pPassword
=
0
;
const
CHAR
*
pUser
=
0
;
const
CHAR
*
pDomain
=
0
;
const
CHAR
*
pPassword
=
0
;
CredHandle
*
pCred
;
TimeStamp
ltime
;
jboolean
isCopy
;
SECURITY_STATUS
ss
;
if
(
user
!=
0
)
{
pUser
=
(
CHAR
*
)(
*
env
)
->
GetStringUTFChars
(
env
,
user
,
&
isCopy
);
pUser
=
JNU_GetStringPlatformChars
(
env
,
user
,
&
isCopy
);
if
(
pUser
==
NULL
)
return
0
;
// pending Exception
}
if
(
domain
!=
0
)
{
pDomain
=
(
CHAR
*
)(
*
env
)
->
GetStringUTFChars
(
env
,
domain
,
&
isCopy
);
pDomain
=
JNU_GetStringPlatformChars
(
env
,
domain
,
&
isCopy
);
if
(
pDomain
==
NULL
)
{
if
(
pUser
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
user
,
pUser
);
return
0
;
// pending Exception
}
}
if
(
password
!=
0
)
{
pPassword
=
(
CHAR
*
)(
*
env
)
->
GetStringUTFChars
(
env
,
password
,
&
isCopy
);
pPassword
=
JNU_GetStringPlatformChars
(
env
,
password
,
&
isCopy
);
if
(
pPassword
==
NULL
)
{
if
(
pUser
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
user
,
pUser
);
if
(
pDomain
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
domain
,
pDomain
);
return
0
;
// pending Exception
}
}
pCred
=
(
CredHandle
*
)
malloc
(
sizeof
(
CredHandle
));
...
...
@@ -167,6 +183,14 @@ JNIEXPORT jlong JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_getCrede
pCred
,
&
ltime
);
/* Release resources held by JNU_GetStringPlatformChars */
if
(
pUser
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
user
,
pUser
);
if
(
pPassword
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
password
,
pPassword
);
if
(
pDomain
!=
NULL
)
JNU_ReleaseStringPlatformChars
(
env
,
domain
,
pDomain
);
if
(
ss
==
0
)
{
return
(
jlong
)
pCred
;
}
else
{
...
...
@@ -181,7 +205,6 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
VOID
*
pInput
=
0
;
DWORD
inputLen
;
CHAR
buffOut
[
512
];
DWORD
pcbBuffOut
;
jboolean
isCopy
;
SECURITY_STATUS
ss
;
SecBufferDesc
OutBuffDesc
;
...
...
@@ -247,7 +270,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
}
if
(
ss
<
0
)
{
endSequence
(
pCred
,
pCtx
,
OutBuffDesc
);
endSequence
(
pCred
,
pCtx
);
return
0
;
}
...
...
@@ -255,7 +278,7 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
ss
=
pCompleteAuthToken
(
pCtx
,
&
OutBuffDesc
);
if
(
ss
<
0
)
{
endSequence
(
pCred
,
pCtx
,
OutBuffDesc
);
endSequence
(
pCred
,
pCtx
);
return
0
;
}
}
...
...
@@ -265,25 +288,23 @@ JNIEXPORT jbyteArray JNICALL Java_sun_net_www_protocol_http_NTLMAuthSequence_get
(
*
env
)
->
SetByteArrayRegion
(
env
,
ret
,
0
,
OutSecBuff
.
cbBuffer
,
OutSecBuff
.
pvBuffer
);
if
(
lastToken
!=
0
)
// 2nd stage
endSequence
(
pCred
,
pCtx
,
OutBuffDesc
);
endSequence
(
pCred
,
pCtx
);
result
=
ret
;
}
if
((
ss
!=
SEC_I_CONTINUE_NEEDED
)
&&
(
ss
==
SEC_I_COMPLETE_AND_CONTINUE
))
{
endSequence
(
pCred
,
pCtx
,
OutBuffDesc
);
endSequence
(
pCred
,
pCtx
);
}
return
result
;
}
static
void
endSequence
(
PCredHandle
credHand
,
PCtxtHandle
ctxHandle
,
SecBufferDesc
OutBuffDesc
)
{
static
void
endSequence
(
PCredHandle
credHand
,
PCtxtHandle
ctxHandle
)
{
if
(
credHand
!=
0
)
{
pFreeCredentialsHandle
(
credHand
);
free
(
credHand
);
}
pFreeContextBuffer
(
&
OutBuffDesc
);
if
(
ctxHandle
!=
0
)
{
pDeleteSecurityContext
(
ctxHandle
);
free
(
ctxHandle
);
...
...
src/windows/native/sun/security/krb5/NativeCreds.c
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
0 → 100644
浏览文件 @
e92b5641
/*
* Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6578538
* @summary com.sun.crypto.provider.SunJCE instance leak using KRB5 and
* LoginContext
* @author Brad Wetmore
*
* @run main/othervm -Xmx2m TestProviderLeak
*/
/*
* We force the leak to become a problem by specifying the minimum
* size heap we can (above). In current runs on a server and client
* machine, it took roughly 220-240 iterations to have the memory leak
* shut down other operations. It complained about "Unable to verify
* the SunJCE provider."
*/
import
javax.crypto.*
;
import
javax.crypto.spec.*
;
public
class
TestProviderLeak
{
private
static
void
dumpMemoryStats
(
String
s
)
throws
Exception
{
Runtime
rt
=
Runtime
.
getRuntime
();
System
.
out
.
println
(
s
+
":\t"
+
rt
.
freeMemory
()
+
" bytes free"
);
}
public
static
void
main
(
String
[]
args
)
throws
Exception
{
SecretKeyFactory
skf
=
SecretKeyFactory
.
getInstance
(
"PBKDF2WithHmacSHA1"
,
"SunJCE"
);
PBEKeySpec
pbeKS
=
new
PBEKeySpec
(
"passPhrase"
.
toCharArray
(),
new
byte
[]
{
0
},
5
,
512
);
for
(
int
i
=
0
;
i
<=
1000
;
i
++)
{
try
{
skf
.
generateSecret
(
pbeKS
);
if
((
i
%
20
)
==
0
)
{
// Calling gc() isn't dependable, but doesn't hurt.
// Gives better output in leak cases.
System
.
gc
();
dumpMemoryStats
(
"Iteration "
+
i
);
}
}
catch
(
Exception
e
)
{
dumpMemoryStats
(
"\nException seen at iteration "
+
i
);
throw
e
;
}
}
}
}
test/java/net/CookieHandler/CookieManagerTest.java
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/java/net/InterfaceAddress/Equals.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/java/net/ResponseCache/file2.1
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/java/security/AccessControlContext/FailureDebugOption.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/javax/security/auth/x500/X500Principal/RFC4514.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/net/www/http/ChunkedOutputStream/Test.java
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/net/www/protocol/http/B6641309.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/net/www/protocol/http/B6660405.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/krb5/DnsFallback.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/krb5/OptionPADataInKDCReq.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/krb5/TimeInCCache.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLSocketImpl/AsyncSSLSocketClose.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CloseKeepAliveCached.java
0 → 100644
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
test/sun/security/tools/keytool/StartDateTest.java
浏览文件 @
e92b5641
此差异已折叠。
点击以展开。
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录