177 |
177 |
178 /** used by KrbTgsReq **/ |
178 /** used by KrbTgsReq **/ |
179 KrbApReq(APOptions apOptions, |
179 KrbApReq(APOptions apOptions, |
180 Ticket ticket, |
180 Ticket ticket, |
181 EncryptionKey key, |
181 EncryptionKey key, |
182 Realm crealm, |
|
183 PrincipalName cname, |
182 PrincipalName cname, |
184 Checksum cksum, |
183 Checksum cksum, |
185 KerberosTime ctime, |
184 KerberosTime ctime, |
186 EncryptionKey subKey, |
185 EncryptionKey subKey, |
187 SeqNumber seqNumber, |
186 SeqNumber seqNumber, |
188 AuthorizationData authorizationData) |
187 AuthorizationData authorizationData) |
189 throws Asn1Exception, IOException, |
188 throws Asn1Exception, IOException, |
190 KdcErrException, KrbCryptoException { |
189 KdcErrException, KrbCryptoException { |
191 |
190 |
192 init(apOptions, ticket, key, crealm, cname, |
191 init(apOptions, ticket, key, cname, |
193 cksum, ctime, subKey, seqNumber, authorizationData, |
192 cksum, ctime, subKey, seqNumber, authorizationData, |
194 KeyUsage.KU_PA_TGS_REQ_AUTHENTICATOR); |
193 KeyUsage.KU_PA_TGS_REQ_AUTHENTICATOR); |
195 |
194 |
196 } |
195 } |
197 |
196 |
219 } |
217 } |
220 |
218 |
221 private void init(APOptions apOptions, |
219 private void init(APOptions apOptions, |
222 Ticket ticket, |
220 Ticket ticket, |
223 EncryptionKey key, |
221 EncryptionKey key, |
224 Realm crealm, |
|
225 PrincipalName cname, |
222 PrincipalName cname, |
226 Checksum cksum, |
223 Checksum cksum, |
227 KerberosTime ctime, |
224 KerberosTime ctime, |
228 EncryptionKey subKey, |
225 EncryptionKey subKey, |
229 SeqNumber seqNumber, |
226 SeqNumber seqNumber, |
230 AuthorizationData authorizationData, |
227 AuthorizationData authorizationData, |
231 int usage) |
228 int usage) |
232 throws Asn1Exception, IOException, |
229 throws Asn1Exception, IOException, |
233 KdcErrException, KrbCryptoException { |
230 KdcErrException, KrbCryptoException { |
234 |
231 |
235 createMessage(apOptions, ticket, key, crealm, cname, |
232 createMessage(apOptions, ticket, key, cname, |
236 cksum, ctime, subKey, seqNumber, authorizationData, |
233 cksum, ctime, subKey, seqNumber, authorizationData, |
237 usage); |
234 usage); |
238 obuf = apReqMessg.asn1Encode(); |
235 obuf = apReqMessg.asn1Encode(); |
239 } |
236 } |
240 |
237 |
287 byte[] temp2 = apReqMessg.authenticator.reset(bytes2); |
284 byte[] temp2 = apReqMessg.authenticator.reset(bytes2); |
288 authenticator = new Authenticator(temp2); |
285 authenticator = new Authenticator(temp2); |
289 ctime = authenticator.ctime; |
286 ctime = authenticator.ctime; |
290 cusec = authenticator.cusec; |
287 cusec = authenticator.cusec; |
291 authenticator.ctime.setMicroSeconds(authenticator.cusec); |
288 authenticator.ctime.setMicroSeconds(authenticator.cusec); |
292 authenticator.cname.setRealm(authenticator.crealm); |
|
293 apReqMessg.ticket.sname.setRealm(apReqMessg.ticket.realm); |
|
294 enc_ticketPart.cname.setRealm(enc_ticketPart.crealm); |
|
295 |
289 |
296 if (!authenticator.cname.equals(enc_ticketPart.cname)) |
290 if (!authenticator.cname.equals(enc_ticketPart.cname)) |
297 throw new KrbApErrException(Krb5.KRB_AP_ERR_BADMATCH); |
291 throw new KrbApErrException(Krb5.KRB_AP_ERR_BADMATCH); |
298 |
292 |
299 KerberosTime currTime = new KerberosTime(KerberosTime.NOW); |
293 KerberosTime currTime = new KerberosTime(KerberosTime.NOW); |