author | weijun |
Tue, 14 Aug 2018 22:39:34 +0800 | |
changeset 51398 | 3c389a284345 |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
18536 | 1 |
/* |
51398
3c389a284345
8209416: Refactoring GetPropertyAction calls in security libs
weijun
parents:
47216
diff
changeset
|
2 |
* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. |
18536 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
24 |
*/ |
|
25 |
||
26 |
package sun.security.krb5.internal.rcache; |
|
27 |
||
51398
3c389a284345
8209416: Refactoring GetPropertyAction calls in security libs
weijun
parents:
47216
diff
changeset
|
28 |
import sun.security.action.GetBooleanAction; |
41832 | 29 |
|
18536 | 30 |
import java.util.Objects; |
31 |
||
32 |
/** |
|
33 |
* The class represents a new style replay cache entry. It can be either used |
|
34 |
* inside memory or in a dfl file. |
|
35 |
*/ |
|
36 |
public class AuthTimeWithHash extends AuthTime |
|
37 |
implements Comparable<AuthTimeWithHash> { |
|
38 |
||
41832 | 39 |
// The hash algorithm can be "HASH" or "SHA256". |
40 |
public static final String DEFAULT_HASH_ALG; |
|
41 |
||
42 |
static { |
|
51398
3c389a284345
8209416: Refactoring GetPropertyAction calls in security libs
weijun
parents:
47216
diff
changeset
|
43 |
if (GetBooleanAction.privilegedGetProperty("jdk.krb5.rcache.useMD5")) { |
41832 | 44 |
DEFAULT_HASH_ALG = "HASH"; |
45 |
} else { |
|
46 |
DEFAULT_HASH_ALG = "SHA256"; |
|
47 |
} |
|
48 |
} |
|
49 |
||
50 |
public static String realAlg(String alg) { |
|
51 |
switch (alg) { |
|
52 |
case "HASH": |
|
53 |
return "MD5"; |
|
54 |
case "SHA256": |
|
55 |
return "SHA-256"; |
|
56 |
default: |
|
57 |
throw new AssertionError(alg + " is not HASH or SHA256"); |
|
58 |
} |
|
59 |
} |
|
60 |
||
61 |
final String hashAlg; |
|
18536 | 62 |
final String hash; |
63 |
||
64 |
/** |
|
65 |
* Constructs a new <code>AuthTimeWithHash</code>. |
|
66 |
*/ |
|
67 |
public AuthTimeWithHash(String client, String server, |
|
41832 | 68 |
int ctime, int cusec, String hashAlg, String hash) { |
18536 | 69 |
super(client, server, ctime, cusec); |
41832 | 70 |
this.hashAlg = hashAlg; |
18536 | 71 |
this.hash = hash; |
72 |
} |
|
73 |
||
74 |
/** |
|
75 |
* Compares if an object equals to an <code>AuthTimeWithHash</code> object. |
|
76 |
* @param o an object. |
|
77 |
* @return true if two objects are equivalent, otherwise, return false. |
|
78 |
*/ |
|
79 |
@Override |
|
80 |
public boolean equals(Object o) { |
|
81 |
if (this == o) return true; |
|
82 |
if (!(o instanceof AuthTimeWithHash)) return false; |
|
83 |
AuthTimeWithHash that = (AuthTimeWithHash)o; |
|
84 |
return Objects.equals(hash, that.hash) |
|
41832 | 85 |
&& Objects.equals(hashAlg, that.hashAlg) |
18536 | 86 |
&& Objects.equals(client, that.client) |
87 |
&& Objects.equals(server, that.server) |
|
88 |
&& ctime == that.ctime |
|
89 |
&& cusec == that.cusec; |
|
90 |
} |
|
91 |
||
92 |
/** |
|
93 |
* Returns a hash code for this <code>AuthTimeWithHash</code> object. |
|
94 |
*/ |
|
95 |
@Override |
|
96 |
public int hashCode() { |
|
97 |
return Objects.hash(hash); |
|
98 |
} |
|
99 |
||
100 |
@Override |
|
101 |
public String toString() { |
|
102 |
return String.format("%d/%06d/%s/%s", ctime, cusec, hash, client); |
|
103 |
} |
|
104 |
||
105 |
@Override |
|
106 |
public int compareTo(AuthTimeWithHash other) { |
|
107 |
int cmp = 0; |
|
108 |
if (ctime != other.ctime) { |
|
109 |
cmp = Integer.compare(ctime, other.ctime); |
|
110 |
} else if (cusec != other.cusec) { |
|
111 |
cmp = Integer.compare(cusec, other.cusec); |
|
112 |
} else { |
|
113 |
cmp = hash.compareTo(other.hash); |
|
114 |
} |
|
115 |
return cmp; |
|
116 |
} |
|
117 |
||
118 |
/** |
|
119 |
* Compares with a possibly old style object. Used |
|
120 |
* in DflCache$Storage#loadAndCheck. |
|
41832 | 121 |
* @return true if all AuthTime fields are the same but different hash |
122 |
*/ |
|
123 |
public boolean sameTimeDiffHash(AuthTimeWithHash old) { |
|
124 |
if (!this.isSameIgnoresHash(old)) { |
|
125 |
return false; |
|
126 |
} |
|
127 |
return this.hashAlg.equals(old.hashAlg) && |
|
128 |
!this.hash.equals(old.hash); |
|
129 |
} |
|
130 |
||
131 |
/** |
|
132 |
* Compares with a possibly old style object. Used |
|
133 |
* in DflCache$Storage#loadAndCheck. |
|
18536 | 134 |
* @return true if all AuthTime fields are the same |
135 |
*/ |
|
136 |
public boolean isSameIgnoresHash(AuthTime old) { |
|
137 |
return client.equals(old.client) && |
|
138 |
server.equals(old.server) && |
|
139 |
ctime == old.ctime && |
|
140 |
cusec == old.cusec; |
|
141 |
} |
|
142 |
||
143 |
// Methods used when saved in a dfl file. See DflCache.java |
|
144 |
||
145 |
/** |
|
146 |
* Encodes to be used in a dfl file |
|
147 |
* @param withHash write new style if true |
|
148 |
*/ |
|
149 |
@Override |
|
150 |
public byte[] encode(boolean withHash) { |
|
151 |
String cstring; |
|
152 |
String sstring; |
|
153 |
if (withHash) { |
|
154 |
cstring = ""; |
|
41832 | 155 |
sstring = String.format("%s:%s %d:%s %d:%s", hashAlg, hash, |
18536 | 156 |
client.length(), client, |
157 |
server.length(), server); |
|
158 |
} else { |
|
159 |
cstring = client; |
|
160 |
sstring = server; |
|
161 |
} |
|
162 |
return encode0(cstring, sstring); |
|
163 |
} |
|
164 |
} |