Author: erodriguez
Date: Tue Nov 9 04:36:43 2004
New Revision: 57024
Removed:
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/Confounder.java
Modified:
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
Log:
Rolled functions of Confounder into CryptoService.
Modified:
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
==============================================================================
---
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
(original)
+++
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
Tue Nov 9 04:36:43 2004
@@ -22,12 +22,17 @@
import org.apache.kerberos.messages.value.EncryptedData;
import org.apache.kerberos.messages.value.EncryptionKey;
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
+import java.security.SecureRandom;
public class CryptoService {
-
+
+ private static final SecureRandom random = new SecureRandom();
+
private static final Map _encryptionEngines = new HashMap();
private static final Map _checksumEngines = new HashMap();
@@ -59,7 +64,7 @@
}
public EncryptionKey getNewSessionKey() {
- byte[] confounder = Confounder.bytes(8);
+ byte[] confounder = getRandomBytes(8);
DesStringToKey subSessionKey = new DesStringToKey(new
String(confounder));
return new EncryptionKey(EncryptionType.DES_CBC_MD5,
subSessionKey.getKey());
}
@@ -70,7 +75,18 @@
byte[] plaintext = long2octet(date.getTime());
return encryptionEngine.encrypt(plaintext, key.getKeyValue());
}
-
+
+ public static KerberosKey getRandomKeyFor(KerberosPrincipal principal)
+ {
+ final int DES_KEY_TYPE = 3;
+ int keyVersion = 1;
+
+ byte[] randomBytes = getRandomBytes( 8 );
+ DesStringToKey randomKey = new DesStringToKey( new String(
randomBytes ) );
+
+ return new KerberosKey( principal, randomKey.getKey(),
DES_KEY_TYPE, keyVersion );
+ }
+
public EncryptionKey getEncryptionKey(String password, String realm,
String username) {
DesStringToKey key = new DesStringToKey(password, realm,
username);
byte[] keyBytes = key.getKey();
@@ -93,7 +109,7 @@
EncryptionEngine type = getInstance(key.getKeyType());
- byte[] conFounder =
Confounder.bytes(type.confounderSize());
+ byte[] conFounder = getRandomBytes(type.confounderSize());
byte[] zeroedChecksum = new byte[type.checksumSize()];
byte[] dataBytes = concatenateBytes(conFounder,
concatenateBytes(zeroedChecksum,
padString(plainText)));
@@ -105,6 +121,13 @@
return new EncryptedData(type.encryptionType(),
key.getKeyVersion(), encryptedData);
}
+
+ private static synchronized byte[] getRandomBytes(int size)
+ {
+ byte[] bytes = new byte[size];
+ random.nextBytes(bytes);
+ return bytes;
+ }
private static byte[] long2octet(long input) {
byte[] output = new byte[8];
