38 |
38 |
39 import java.security.MessageDigest; |
39 import java.security.MessageDigest; |
40 import java.security.GeneralSecurityException; |
40 import java.security.GeneralSecurityException; |
41 import java.security.NoSuchAlgorithmException; |
41 import java.security.NoSuchAlgorithmException; |
42 import sun.security.krb5.*; |
42 import sun.security.krb5.*; |
|
43 import sun.security.krb5.internal.crypto.Aes128Sha2; |
|
44 import sun.security.krb5.internal.crypto.Aes256Sha2; |
43 import sun.security.krb5.internal.crypto.Des3; |
45 import sun.security.krb5.internal.crypto.Des3; |
44 import sun.security.krb5.internal.crypto.Aes128; |
46 import sun.security.krb5.internal.crypto.Aes128; |
45 import sun.security.krb5.internal.crypto.Aes256; |
47 import sun.security.krb5.internal.crypto.Aes256; |
46 import sun.security.krb5.internal.crypto.ArcFourHmac; |
48 import sun.security.krb5.internal.crypto.ArcFourHmac; |
47 import sun.security.krb5.internal.crypto.EType; |
49 import sun.security.krb5.internal.crypto.EType; |
363 e.getMessage()); |
367 e.getMessage()); |
364 ge.initCause(e); |
368 ge.initCause(e); |
365 throw ge; |
369 throw ge; |
366 } |
370 } |
367 |
371 |
|
372 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
373 try { |
|
374 byte[] answer = Aes128Sha2.calculateChecksum(keybytes, key_usage, |
|
375 buf, 0, total); |
|
376 return answer; |
|
377 } catch (GeneralSecurityException e) { |
|
378 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
379 "Could not use AES128 signing algorithm - " + |
|
380 e.getMessage()); |
|
381 ge.initCause(e); |
|
382 throw ge; |
|
383 } |
|
384 |
|
385 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
386 try { |
|
387 byte[] answer = Aes256Sha2.calculateChecksum(keybytes, key_usage, |
|
388 buf, 0, total); |
|
389 return answer; |
|
390 } catch (GeneralSecurityException e) { |
|
391 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
392 "Could not use AES256 signing algorithm - " + |
|
393 e.getMessage()); |
|
394 ge.initCause(e); |
|
395 throw ge; |
|
396 } |
|
397 |
|
398 |
368 default: |
399 default: |
369 throw new GSSException(GSSException.FAILURE, -1, |
400 throw new GSSException(GSSException.FAILURE, -1, |
370 "Unsupported encryption type: " + etype); |
401 "Unsupported encryption type: " + etype); |
371 } |
402 } |
372 } |
403 } |
515 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96: |
546 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96: |
516 return Aes128.getChecksumLength(); |
547 return Aes128.getChecksumLength(); |
517 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
548 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
518 return Aes256.getChecksumLength(); |
549 return Aes256.getChecksumLength(); |
519 |
550 |
|
551 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
552 return Aes128Sha2.getChecksumLength(); |
|
553 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
554 return Aes256Sha2.getChecksumLength(); |
|
555 |
520 case EncryptedData.ETYPE_ARCFOUR_HMAC: |
556 case EncryptedData.ETYPE_ARCFOUR_HMAC: |
521 // only first 8 octets of HMAC Sgn_Cksum are used |
557 // only first 8 octets of HMAC Sgn_Cksum are used |
522 return HMAC_CHECKSUM_SIZE; |
558 return HMAC_CHECKSUM_SIZE; |
523 |
559 |
524 default: |
560 default: |
571 plaintext, pStart, key_usage); |
607 plaintext, pStart, key_usage); |
572 break; |
608 break; |
573 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
609 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
574 aes256Decrypt(token, ciphertext, cStart, cLen, |
610 aes256Decrypt(token, ciphertext, cStart, cLen, |
575 plaintext, pStart, key_usage); |
611 plaintext, pStart, key_usage); |
|
612 break; |
|
613 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
614 aes128Sha2Decrypt(token, ciphertext, cStart, cLen, |
|
615 plaintext, pStart, key_usage); |
|
616 break; |
|
617 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
618 aes256Sha2Decrypt(token, ciphertext, cStart, cLen, |
|
619 plaintext, pStart, key_usage); |
576 break; |
620 break; |
577 default: |
621 default: |
578 throw new GSSException(GSSException.FAILURE, -1, |
622 throw new GSSException(GSSException.FAILURE, -1, |
579 "Unsupported etype: " + etype); |
623 "Unsupported etype: " + etype); |
580 } |
624 } |
651 plaintext, pStart, key_usage); |
695 plaintext, pStart, key_usage); |
652 break; |
696 break; |
653 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
697 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
654 aes256Decrypt(token, ciphertext, 0, cLen, |
698 aes256Decrypt(token, ciphertext, 0, cLen, |
655 plaintext, pStart, key_usage); |
699 plaintext, pStart, key_usage); |
|
700 break; |
|
701 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
702 aes128Sha2Decrypt(token, ciphertext, 0, cLen, |
|
703 plaintext, pStart, key_usage); |
|
704 break; |
|
705 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
706 aes256Sha2Decrypt(token, ciphertext, 0, cLen, |
|
707 plaintext, pStart, key_usage); |
656 break; |
708 break; |
657 default: |
709 default: |
658 throw new GSSException(GSSException.FAILURE, -1, |
710 throw new GSSException(GSSException.FAILURE, -1, |
659 "Unsupported etype: " + etype); |
711 "Unsupported etype: " + etype); |
660 } |
712 } |
718 return aes128Encrypt(confounder, tokenHeader, |
770 return aes128Encrypt(confounder, tokenHeader, |
719 plaintext, start, len, key_usage); |
771 plaintext, start, len, key_usage); |
720 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
772 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
721 return aes256Encrypt(confounder, tokenHeader, |
773 return aes256Encrypt(confounder, tokenHeader, |
722 plaintext, start, len, key_usage); |
774 plaintext, start, len, key_usage); |
|
775 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
776 return aes128Sha2Encrypt(confounder, tokenHeader, |
|
777 plaintext, start, len, key_usage); |
|
778 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
779 return aes256Sha2Encrypt(confounder, tokenHeader, |
|
780 plaintext, start, len, key_usage); |
723 default: |
781 default: |
724 throw new GSSException(GSSException.FAILURE, -1, |
782 throw new GSSException(GSSException.FAILURE, -1, |
725 "Unsupported etype: " + etype); |
783 "Unsupported etype: " + etype); |
726 } |
784 } |
727 } |
785 } |
794 break; |
852 break; |
795 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
853 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: |
796 ctext = aes256Encrypt(confounder, tokenHeader, |
854 ctext = aes256Encrypt(confounder, tokenHeader, |
797 plaintext, pStart, pLen, key_usage); |
855 plaintext, pStart, pLen, key_usage); |
798 break; |
856 break; |
|
857 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
858 ctext = aes128Sha2Encrypt(confounder, tokenHeader, |
|
859 plaintext, pStart, pLen, key_usage); |
|
860 break; |
|
861 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
862 ctext = aes256Sha2Encrypt(confounder, tokenHeader, |
|
863 plaintext, pStart, pLen, key_usage); |
|
864 break; |
799 default: |
865 default: |
800 throw new GSSException(GSSException.FAILURE, -1, |
866 throw new GSSException(GSSException.FAILURE, -1, |
801 "Unsupported etype: " + etype); |
867 "Unsupported etype: " + etype); |
802 } |
868 } |
803 System.arraycopy(ctext, 0, ciphertext, cStart, ctext.length); |
869 System.arraycopy(ctext, 0, ciphertext, cStart, ctext.length); |
1315 ge.initCause(e); |
1381 ge.initCause(e); |
1316 throw ge; |
1382 throw ge; |
1317 } |
1383 } |
1318 } |
1384 } |
1319 |
1385 |
|
1386 private byte[] aes128Sha2Encrypt(byte[] confounder, byte[] tokenHeader, |
|
1387 byte[] plaintext, int start, int len, int key_usage) |
|
1388 throws GSSException { |
|
1389 |
|
1390 // encrypt { AES-plaintext-data | filler | header } |
|
1391 // AES-plaintext-data { confounder | plaintext } |
|
1392 // WrapToken = { tokenHeader | |
|
1393 // Encrypt (confounder | plaintext | tokenHeader ) | HMAC } |
|
1394 |
|
1395 byte[] all = new byte[confounder.length + len + tokenHeader.length]; |
|
1396 System.arraycopy(confounder, 0, all, 0, confounder.length); |
|
1397 System.arraycopy(plaintext, start, all, confounder.length, len); |
|
1398 System.arraycopy(tokenHeader, 0, all, confounder.length+len, |
|
1399 tokenHeader.length); |
|
1400 |
|
1401 // Krb5Token.debug("\naes128Sha2Encrypt:" + Krb5Token.getHexBytes(all)); |
|
1402 try { |
|
1403 byte[] answer = Aes128Sha2.encryptRaw(keybytes, key_usage, |
|
1404 ZERO_IV_AES, |
|
1405 all, 0, all.length); |
|
1406 // Krb5Token.debug("\naes128Sha2Encrypt encrypted:" + |
|
1407 // Krb5Token.getHexBytes(answer)); |
|
1408 return answer; |
|
1409 } catch (Exception e) { |
|
1410 // GeneralSecurityException, KrbCryptoException |
|
1411 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
1412 "Could not use Aes128Sha2 Cipher - " + e.getMessage()); |
|
1413 ge.initCause(e); |
|
1414 throw ge; |
|
1415 } |
|
1416 } |
|
1417 |
1320 private void aes128Decrypt(WrapToken_v2 token, byte[] ciphertext, |
1418 private void aes128Decrypt(WrapToken_v2 token, byte[] ciphertext, |
1321 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
1419 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
1322 throws GSSException { |
1420 throws GSSException { |
1323 |
1421 |
1324 byte[] ptext = null; |
1422 byte[] ptext = null; |
1348 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
1446 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
1349 plaintext, pStart, len); |
1447 plaintext, pStart, len); |
1350 |
1448 |
1351 /* |
1449 /* |
1352 Krb5Token.debug("\naes128Decrypt plaintext: " + |
1450 Krb5Token.debug("\naes128Decrypt plaintext: " + |
|
1451 Krb5Token.getHexBytes(plaintext, pStart, len)); |
|
1452 */ |
|
1453 } |
|
1454 |
|
1455 private void aes128Sha2Decrypt(WrapToken_v2 token, byte[] ciphertext, |
|
1456 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
|
1457 throws GSSException { |
|
1458 |
|
1459 byte[] ptext = null; |
|
1460 |
|
1461 try { |
|
1462 ptext = Aes128Sha2.decryptRaw(keybytes, key_usage, |
|
1463 ZERO_IV_AES, ciphertext, cStart, cLen); |
|
1464 } catch (GeneralSecurityException e) { |
|
1465 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
1466 "Could not use AES128Sha2 Cipher - " + e.getMessage()); |
|
1467 ge.initCause(e); |
|
1468 throw ge; |
|
1469 } |
|
1470 |
|
1471 /* |
|
1472 Krb5Token.debug("\naes128Sha2Decrypt in: " + |
|
1473 Krb5Token.getHexBytes(ciphertext, cStart, cLen)); |
|
1474 Krb5Token.debug("\naes128Sha2Decrypt plain: " + |
|
1475 Krb5Token.getHexBytes(ptext)); |
|
1476 Krb5Token.debug("\naes128Sha2Decrypt ptext: " + |
|
1477 Krb5Token.getHexBytes(ptext)); |
|
1478 */ |
|
1479 |
|
1480 // Strip out confounder and token header |
|
1481 int len = ptext.length - WrapToken_v2.CONFOUNDER_SIZE - |
|
1482 WrapToken_v2.TOKEN_HEADER_SIZE; |
|
1483 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
|
1484 plaintext, pStart, len); |
|
1485 |
|
1486 /* |
|
1487 Krb5Token.debug("\naes128Sha2Decrypt plaintext: " + |
1353 Krb5Token.getHexBytes(plaintext, pStart, len)); |
1488 Krb5Token.getHexBytes(plaintext, pStart, len)); |
1354 */ |
1489 */ |
1355 } |
1490 } |
1356 |
1491 |
1357 private byte[] aes256Encrypt(byte[] confounder, byte[] tokenHeader, |
1492 private byte[] aes256Encrypt(byte[] confounder, byte[] tokenHeader, |
1384 ge.initCause(e); |
1519 ge.initCause(e); |
1385 throw ge; |
1520 throw ge; |
1386 } |
1521 } |
1387 } |
1522 } |
1388 |
1523 |
|
1524 private byte[] aes256Sha2Encrypt(byte[] confounder, byte[] tokenHeader, |
|
1525 byte[] plaintext, int start, int len, int key_usage) |
|
1526 throws GSSException { |
|
1527 |
|
1528 // encrypt { AES-plaintext-data | filler | header } |
|
1529 // AES-plaintext-data { confounder | plaintext } |
|
1530 // WrapToken = { tokenHeader | |
|
1531 // Encrypt (confounder | plaintext | tokenHeader ) | HMAC } |
|
1532 |
|
1533 byte[] all = new byte[confounder.length + len + tokenHeader.length]; |
|
1534 System.arraycopy(confounder, 0, all, 0, confounder.length); |
|
1535 System.arraycopy(plaintext, start, all, confounder.length, len); |
|
1536 System.arraycopy(tokenHeader, 0, all, confounder.length+len, |
|
1537 tokenHeader.length); |
|
1538 |
|
1539 // Krb5Token.debug("\naes256Sha2Encrypt:" + Krb5Token.getHexBytes(all)); |
|
1540 |
|
1541 try { |
|
1542 byte[] answer = Aes256Sha2.encryptRaw(keybytes, key_usage, |
|
1543 ZERO_IV_AES, all, 0, all.length); |
|
1544 // Krb5Token.debug("\naes256Sha2Encrypt encrypted:" + |
|
1545 // Krb5Token.getHexBytes(answer)); |
|
1546 return answer; |
|
1547 } catch (Exception e) { |
|
1548 // GeneralSecurityException, KrbCryptoException |
|
1549 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
1550 "Could not use Aes256Sha2 Cipher - " + e.getMessage()); |
|
1551 ge.initCause(e); |
|
1552 throw ge; |
|
1553 } |
|
1554 } |
|
1555 |
1389 private void aes256Decrypt(WrapToken_v2 token, byte[] ciphertext, |
1556 private void aes256Decrypt(WrapToken_v2 token, byte[] ciphertext, |
1390 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
1557 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
1391 throws GSSException { |
1558 throws GSSException { |
1392 |
1559 |
1393 byte[] ptext; |
1560 byte[] ptext; |
1416 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
1583 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
1417 plaintext, pStart, len); |
1584 plaintext, pStart, len); |
1418 |
1585 |
1419 /* |
1586 /* |
1420 Krb5Token.debug("\naes128Decrypt plaintext: " + |
1587 Krb5Token.debug("\naes128Decrypt plaintext: " + |
|
1588 Krb5Token.getHexBytes(plaintext, pStart, len)); |
|
1589 */ |
|
1590 |
|
1591 } |
|
1592 |
|
1593 private void aes256Sha2Decrypt(WrapToken_v2 token, byte[] ciphertext, |
|
1594 int cStart, int cLen, byte[] plaintext, int pStart, int key_usage) |
|
1595 throws GSSException { |
|
1596 |
|
1597 byte[] ptext; |
|
1598 try { |
|
1599 ptext = Aes256Sha2.decryptRaw(keybytes, key_usage, |
|
1600 ZERO_IV_AES, ciphertext, cStart, cLen); |
|
1601 } catch (GeneralSecurityException e) { |
|
1602 GSSException ge = new GSSException(GSSException.FAILURE, -1, |
|
1603 "Could not use AES256Sha2 Cipher - " + e.getMessage()); |
|
1604 ge.initCause(e); |
|
1605 throw ge; |
|
1606 } |
|
1607 |
|
1608 /* |
|
1609 Krb5Token.debug("\naes256Sha2Decrypt in: " + |
|
1610 Krb5Token.getHexBytes(ciphertext, cStart, cLen)); |
|
1611 Krb5Token.debug("\naes256Sha2Decrypt plain: " + |
|
1612 Krb5Token.getHexBytes(ptext)); |
|
1613 Krb5Token.debug("\naes256Sha2Decrypt ptext: " + |
|
1614 Krb5Token.getHexBytes(ptext)); |
|
1615 */ |
|
1616 |
|
1617 // Strip out confounder and token header |
|
1618 int len = ptext.length - WrapToken_v2.CONFOUNDER_SIZE - |
|
1619 WrapToken_v2.TOKEN_HEADER_SIZE; |
|
1620 System.arraycopy(ptext, WrapToken_v2.CONFOUNDER_SIZE, |
|
1621 plaintext, pStart, len); |
|
1622 |
|
1623 /* |
|
1624 Krb5Token.debug("\naes256Sha2Decrypt plaintext: " + |
1421 Krb5Token.getHexBytes(plaintext, pStart, len)); |
1625 Krb5Token.getHexBytes(plaintext, pStart, len)); |
1422 */ |
1626 */ |
1423 |
1627 |
1424 } |
1628 } |
1425 |
1629 |