104 eType = new Aes256CtsHmacSha1EType(); |
104 eType = new Aes256CtsHmacSha1EType(); |
105 eTypeName = |
105 eTypeName = |
106 "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType"; |
106 "sun.security.krb5.internal.crypto.Aes256CtsHmacSha1EType"; |
107 break; |
107 break; |
108 |
108 |
109 case EncryptedData.ETYPE_ARCFOUR_HMAC: |
109 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
110 eType = new Aes128CtsHmacSha2EType(); |
|
111 eTypeName = |
|
112 "sun.security.krb5.internal.crypto.Aes128CtsHmacSha2EType"; |
|
113 break; |
|
114 |
|
115 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
116 eType = new Aes256CtsHmacSha2EType(); |
|
117 eTypeName = |
|
118 "sun.security.krb5.internal.crypto.Aes256CtsHmacSha2EType"; |
|
119 break; |
|
120 |
|
121 case EncryptedData.ETYPE_ARCFOUR_HMAC: |
110 eType = new ArcFourHmacEType(); |
122 eType = new ArcFourHmacEType(); |
111 eTypeName = "sun.security.krb5.internal.crypto.ArcFourHmacEType"; |
123 eTypeName = "sun.security.krb5.internal.crypto.ArcFourHmacEType"; |
112 break; |
124 break; |
113 |
125 |
114 default: |
126 default: |
187 // Note: the first 2 entries of BUILTIN_ETYPES and BUILTIN_ETYPES_NOAES256 |
199 // Note: the first 2 entries of BUILTIN_ETYPES and BUILTIN_ETYPES_NOAES256 |
188 // should be kept DES-related. They will be removed when allow_weak_crypto |
200 // should be kept DES-related. They will be removed when allow_weak_crypto |
189 // is set to false. |
201 // is set to false. |
190 |
202 |
191 private static final int[] BUILTIN_ETYPES = new int[] { |
203 private static final int[] BUILTIN_ETYPES = new int[] { |
192 EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96, |
204 EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96, |
193 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, |
205 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, |
194 EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, |
206 EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192, |
195 EncryptedData.ETYPE_ARCFOUR_HMAC, |
207 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128, |
196 EncryptedData.ETYPE_DES_CBC_CRC, |
208 EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, |
197 EncryptedData.ETYPE_DES_CBC_MD5, |
209 EncryptedData.ETYPE_ARCFOUR_HMAC, |
|
210 EncryptedData.ETYPE_DES_CBC_CRC, |
|
211 EncryptedData.ETYPE_DES_CBC_MD5, |
198 }; |
212 }; |
199 |
213 |
200 private static final int[] BUILTIN_ETYPES_NOAES256 = new int[] { |
214 private static final int[] BUILTIN_ETYPES_NOAES256 = new int[] { |
201 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, |
215 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, |
202 EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, |
216 EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128, |
203 EncryptedData.ETYPE_ARCFOUR_HMAC, |
217 EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD, |
204 EncryptedData.ETYPE_DES_CBC_CRC, |
218 EncryptedData.ETYPE_ARCFOUR_HMAC, |
205 EncryptedData.ETYPE_DES_CBC_MD5, |
219 EncryptedData.ETYPE_DES_CBC_CRC, |
|
220 EncryptedData.ETYPE_DES_CBC_MD5, |
206 }; |
221 }; |
207 |
222 |
208 |
223 |
209 // used in Config |
224 // used in Config |
210 public static int[] getBuiltInDefaults() { |
225 public static int[] getBuiltInDefaults() { |
361 return "AES256 CTS mode with HMAC SHA1-96"; |
376 return "AES256 CTS mode with HMAC SHA1-96"; |
362 case 23: |
377 case 23: |
363 return "RC4 with HMAC"; |
378 return "RC4 with HMAC"; |
364 case 24: |
379 case 24: |
365 return "RC4 with HMAC EXP"; |
380 return "RC4 with HMAC EXP"; |
366 |
381 case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA256_128: |
|
382 return "AES128 CTS mode with HMAC SHA256-128"; |
|
383 case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA384_192: |
|
384 return "AES256 CTS mode with HMAC SHA384-192"; |
367 } |
385 } |
368 return "Unknown (" + type + ")"; |
386 return "Unknown (" + type + ")"; |
369 } |
387 } |
370 } |
388 } |