Author: erodriguez
Date: Wed Oct 27 18:10:19 2004
New Revision: 55757
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationData.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataModifier.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataType.java
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/TicketGrantingService.java
Log:
Infrastructure for supporting pre-authentication.
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/decoder/KdcRequestDecoder.java
Wed Oct 27 18:10:19 2004
@@ -92,36 +92,42 @@
}*/
private PreAuthenticationData[] decodePaData(DERSequence sequence) {
- PreAuthenticationData[] paDataSequence = new
PreAuthenticationData[2];
+ PreAuthenticationData[] paDataSequence = new
PreAuthenticationData[sequence.size()];
int i = 0;
for (Enumeration e = sequence.getObjects();
e.hasMoreElements();) {
- DERSequence pa = (DERSequence) e.nextElement();
-
- paDataSequence[i] = new PreAuthenticationData();
-
- for (Enumeration e2 = pa.getObjects();
e2.hasMoreElements();) {
- DERTaggedObject object = ((DERTaggedObject)
e2.nextElement());
- int tag = object.getTagNo();
- DERObject derObject = object.getObject();
- switch (tag) {
- case 1:
- DERInteger padataType =
(DERInteger) derObject;
-
paDataSequence[i].setDataType(padataType.getValue().intValue());
- break;
- case 2:
- DEROctetString padataValue =
(DEROctetString) derObject;
-
paDataSequence[i].setDataValue(padataValue.getOctets());
- break;
- default:
- System.out.println(derObject);
- break;
- }
- }
-
+ DERSequence object = (DERSequence) e.nextElement();
+ PreAuthenticationData paData =
decodePreAuthenticationData(object);
+ paDataSequence[i] = paData;
i++;
}
return paDataSequence;
+ }
+
+ private PreAuthenticationData decodePreAuthenticationData(DERSequence
sequence) {
+
+ PreAuthenticationDataModifier paDataModifier = new
PreAuthenticationDataModifier();
+
+ for (Enumeration e = sequence.getObjects();
e.hasMoreElements();) {
+ DERTaggedObject object = ((DERTaggedObject)
e.nextElement());
+ int tag = object.getTagNo();
+ DERObject derObject = object.getObject();
+ switch (tag) {
+ case 1:
+ DERInteger padataType = (DERInteger)
derObject;
+ PreAuthenticationDataType type =
PreAuthenticationDataType.getTypeByOrdinal(padataType.getValue().intValue());
+ paDataModifier.setDataType(type);
+ break;
+ case 2:
+ DEROctetString padataValue =
(DEROctetString) derObject;
+
paDataModifier.setDataValue(padataValue.getOctets());
+ break;
+ default:
+ System.out.println(derObject);
+ break;
+ }
+ }
+ return paDataModifier.getPreAuthenticationData();
}
/*
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
Wed Oct 27 18:10:19 2004
@@ -78,7 +78,7 @@
for (int i = 0; i < paData.length; i++) {
ASN1EncodableVector vector = new ASN1EncodableVector();
- vector.add(new DERTaggedObject(1, new
DERInteger(paData[i].getDataType())));
+ vector.add(new DERTaggedObject(1, new
DERInteger(paData[i].getDataType().getOrdinal())));
vector.add(new DERTaggedObject(2, new
DEROctetString(paData[i].getDataValue())));
pa.add(new DERSequence(vector));
}
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/TicketGrantingService.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/TicketGrantingService.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/TicketGrantingService.java
Wed Oct 27 18:10:19 2004
@@ -95,7 +95,7 @@
*/
private ApplicationRequest getAuthHeader(KdcRequest request) throws
KerberosException, IOException {
- if (request.getPaData()[0].getDataType() !=
PreAuthenticationData.PA_TGS_REQ)
+ if (request.getPaData()[0].getDataType() !=
PreAuthenticationDataType.PA_TGS_REQ)
throw KerberosException.KDC_ERR_PADATA_TYPE_NOSUPP;
byte[] undecodedAuthHeader =
request.getPaData()[0].getDataValue();
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationData.java
==============================================================================
--- (empty file)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationData.java
Wed Oct 27 18:10:19 2004
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.messages.value;
+
+public class PreAuthenticationData {
+
+ private PreAuthenticationDataType _dataType;
+ private EncryptedData _dataValue = new EncryptedData();
+
+ public PreAuthenticationData(PreAuthenticationDataType dataType,
EncryptedData encData) {
+ _dataType = dataType;
+ _dataValue = encData;
+ }
+
+ public PreAuthenticationDataType getDataType() {
+ return _dataType;
+ }
+
+ public byte[] getDataValue() {
+ return _dataValue.getCipherText();
+ }
+}
+
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataModifier.java
==============================================================================
--- (empty file)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataModifier.java
Wed Oct 27 18:10:19 2004
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.messages.value;
+
+public class PreAuthenticationDataModifier {
+
+ private PreAuthenticationDataType _dataType;
+ private EncryptedData _dataValue = new EncryptedData();
+
+ public PreAuthenticationData getPreAuthenticationData() {
+ return new PreAuthenticationData(_dataType, _dataValue);
+ }
+
+ public void setDataType(PreAuthenticationDataType type) {
+ _dataType = type;
+ }
+
+ public void setDataValue(byte[] value) {
+ _dataValue.setCipherText(value);
+ }
+}
+
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataType.java
==============================================================================
--- (empty file)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/messages/value/PreAuthenticationDataType.java
Wed Oct 27 18:10:19 2004
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.messages.value;
+
+import java.util.*;
+
+public class PreAuthenticationDataType implements Comparable {
+
+ /**
+ * Enumeration elements are constructed once upon class loading.
+ * Order of appearance here determines the order of compareTo.
+ */
+ public static final PreAuthenticationDataType NULL =
new PreAuthenticationDataType(0, "null");
+ public static final PreAuthenticationDataType PA_TGS_REQ =
new PreAuthenticationDataType(1, "TGS Request");
+ public static final PreAuthenticationDataType PA_ENC_TIMESTAMP =
new PreAuthenticationDataType(2, "Enc timestamp");
+ public static final PreAuthenticationDataType PA_PW_SALT =
new PreAuthenticationDataType(3, "password salt");
+ public static final PreAuthenticationDataType PA_ENC_UNIX_TIME =
new PreAuthenticationDataType(5, "enc unix time");
+ public static final PreAuthenticationDataType PA_SANDIA_SECUREID =
new PreAuthenticationDataType(6, "sandia secureid");
+ public static final PreAuthenticationDataType PA_SESAME =
new PreAuthenticationDataType(7, "sesame");
+ public static final PreAuthenticationDataType PA_OSF_DCE =
new PreAuthenticationDataType(8, "OSF DCE");
+ public static final PreAuthenticationDataType PA_CYBERSAFE_SECUREID =
new PreAuthenticationDataType(9, "cybersafe secureid");
+ public static final PreAuthenticationDataType PA_ASF3_SALT =
new PreAuthenticationDataType(10, "ASF3 salt");
+ public static final PreAuthenticationDataType PA_ETYPE_INFO =
new PreAuthenticationDataType(11, "encryption info");
+ public static final PreAuthenticationDataType SAM_CHALLENGE =
new PreAuthenticationDataType(12, "SAM challenge");
+ public static final PreAuthenticationDataType SAM_RESPONSE =
new PreAuthenticationDataType(13, "SAM response");
+ public static final PreAuthenticationDataType PA_PK_AS_REQ =
new PreAuthenticationDataType(14, "PK as request");
+ public static final PreAuthenticationDataType PA_PK_AS_REP =
new PreAuthenticationDataType(15, "PK as response");
+ public static final PreAuthenticationDataType PA_USE_SPECIFIED_KVNO =
new PreAuthenticationDataType(20, "use specified key version");
+ public static final PreAuthenticationDataType SAM_REDIRECT =
new PreAuthenticationDataType(21, "SAM redirect");
+ public static final PreAuthenticationDataType PA_GET_FROM_TYPED_DATA =
new PreAuthenticationDataType(22, "Get from typed data");
+
+ public String toString() {
+ return _fName + " (" + _fOrdinal + ")";
+ }
+
+ public int compareTo(Object that) {
+ return _fOrdinal - ((PreAuthenticationDataType) that)._fOrdinal;
+ }
+
+ public static PreAuthenticationDataType getTypeByOrdinal(int type) {
+ for (int i = 0; i < fValues.length; i++)
+ if (fValues[i]._fOrdinal == type)
+ return fValues[i];
+ return NULL;
+ }
+
+ public int getOrdinal() {
+ return _fOrdinal;
+ }
+
+ /// PRIVATE /////
+ private final String _fName;
+ private final int _fOrdinal;
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private PreAuthenticationDataType(int ordinal, String name) {
+ _fOrdinal = ordinal;
+ _fName = name;
+ }
+
+ /**
+ * These two lines are all that's necessary to export a List of VALUES.
+ */
+ private static final PreAuthenticationDataType[] fValues = {NULL,
PA_TGS_REQ,
+ PA_ENC_TIMESTAMP, PA_PW_SALT, PA_ENC_UNIX_TIME,
PA_SANDIA_SECUREID,
+ PA_SESAME, PA_OSF_DCE, PA_CYBERSAFE_SECUREID,
PA_ASF3_SALT, PA_ETYPE_INFO,
+ SAM_CHALLENGE, SAM_RESPONSE, PA_PK_AS_REQ,
PA_PK_AS_REP, PA_USE_SPECIFIED_KVNO,
+ SAM_REDIRECT, PA_GET_FROM_TYPED_DATA};
+ // VALUES needs to be located here, otherwise illegal forward reference
+ public static final List VALUES =
Collections.unmodifiableList(Arrays.asList(fValues));
+}
+
