equal
deleted
inserted
replaced
195 key.getBytes(), |
195 key.getBytes(), |
196 checksum, |
196 checksum, |
197 usage); |
197 usage); |
198 } |
198 } |
199 |
199 |
|
200 // =============== ATTENTION! Use with care ================== |
|
201 // According to https://tools.ietf.org/html/rfc3961#section-6.1, |
|
202 // An unkeyed checksum should only be used "in limited circumstances |
|
203 // where the lack of a key does not provide a window for an attack, |
|
204 // preferably as part of an encrypted message". |
|
205 public boolean verifyAnyChecksum(byte[] data, EncryptionKey key, |
|
206 int usage) |
|
207 throws KdcErrException, KrbCryptoException { |
|
208 CksumType cksumEngine = CksumType.getInstance(cksumType); |
|
209 if (!cksumEngine.isSafe()) { |
|
210 return cksumEngine.verifyChecksum(data, checksum); |
|
211 } else { |
|
212 return cksumEngine.verifyKeyedChecksum(data, |
|
213 data.length, |
|
214 key.getBytes(), |
|
215 checksum, |
|
216 usage); |
|
217 } |
|
218 } |
|
219 |
200 /* |
220 /* |
201 public Checksum(byte[] data) throws KdcErrException, KrbCryptoException { |
221 public Checksum(byte[] data) throws KdcErrException, KrbCryptoException { |
202 this(Checksum.CKSUMTYPE_DEFAULT, data); |
222 this(Checksum.CKSUMTYPE_DEFAULT, data); |
203 } |
223 } |
204 */ |
224 */ |