70 */ |
70 */ |
71 |
71 |
72 public class KDCReqBody { |
72 public class KDCReqBody { |
73 public KDCOptions kdcOptions; |
73 public KDCOptions kdcOptions; |
74 public PrincipalName cname; //optional in ASReq only |
74 public PrincipalName cname; //optional in ASReq only |
75 public Realm crealm; |
|
76 public PrincipalName sname; //optional |
75 public PrincipalName sname; //optional |
77 public KerberosTime from; //optional |
76 public KerberosTime from; //optional |
78 public KerberosTime till; |
77 public KerberosTime till; |
79 public KerberosTime rtime; //optional |
78 public KerberosTime rtime; //optional |
80 public HostAddresses addresses; //optional |
79 public HostAddresses addresses; //optional |
85 private Ticket[] additionalTickets; //optional |
84 private Ticket[] additionalTickets; //optional |
86 |
85 |
87 public KDCReqBody( |
86 public KDCReqBody( |
88 KDCOptions new_kdcOptions, |
87 KDCOptions new_kdcOptions, |
89 PrincipalName new_cname, //optional in ASReq only |
88 PrincipalName new_cname, //optional in ASReq only |
90 Realm new_crealm, |
|
91 PrincipalName new_sname, //optional |
89 PrincipalName new_sname, //optional |
92 KerberosTime new_from, //optional |
90 KerberosTime new_from, //optional |
93 KerberosTime new_till, |
91 KerberosTime new_till, |
94 KerberosTime new_rtime, //optional |
92 KerberosTime new_rtime, //optional |
95 int new_nonce, |
93 int new_nonce, |
140 additionalTickets = null; |
137 additionalTickets = null; |
141 if (encoding.getTag() != DerValue.tag_Sequence) { |
138 if (encoding.getTag() != DerValue.tag_Sequence) { |
142 throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
139 throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
143 } |
140 } |
144 kdcOptions = KDCOptions.parse(encoding.getData(), (byte)0x00, false); |
141 kdcOptions = KDCOptions.parse(encoding.getData(), (byte)0x00, false); |
145 cname = PrincipalName.parse(encoding.getData(), (byte)0x01, true); |
142 |
|
143 // cname only appears in AS-REQ and it shares the realm field with |
|
144 // sname. This is the only place where realm comes after the name. |
|
145 // We first give cname a fake realm and reassign it the correct |
|
146 // realm after the realm field is read. |
|
147 cname = PrincipalName.parse(encoding.getData(), (byte)0x01, true, |
|
148 new Realm("PLACEHOLDER")); |
146 if ((msgType != Krb5.KRB_AS_REQ) && (cname != null)) { |
149 if ((msgType != Krb5.KRB_AS_REQ) && (cname != null)) { |
147 throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
150 throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
148 } |
151 } |
149 crealm = Realm.parse(encoding.getData(), (byte)0x02, false); |
152 Realm realm = Realm.parse(encoding.getData(), (byte)0x02, false); |
150 sname = PrincipalName.parse(encoding.getData(), (byte)0x03, true); |
153 if (cname != null) { |
|
154 cname = new PrincipalName( |
|
155 cname.getNameType(), cname.getNameStrings(), realm); |
|
156 } |
|
157 sname = PrincipalName.parse(encoding.getData(), (byte)0x03, true, realm); |
151 from = KerberosTime.parse(encoding.getData(), (byte)0x04, true); |
158 from = KerberosTime.parse(encoding.getData(), (byte)0x04, true); |
152 till = KerberosTime.parse(encoding.getData(), (byte)0x05, false); |
159 till = KerberosTime.parse(encoding.getData(), (byte)0x05, false); |
153 rtime = KerberosTime.parse(encoding.getData(), (byte)0x06, true); |
160 rtime = KerberosTime.parse(encoding.getData(), (byte)0x06, true); |
154 der = encoding.getData().getDerValue(); |
161 der = encoding.getData().getDerValue(); |
155 if ((der.getTag() & (byte)0x1F) == (byte)0x07) { |
162 if ((der.getTag() & (byte)0x1F) == (byte)0x07) { |
221 if (msgType == Krb5.KRB_AS_REQ) { |
228 if (msgType == Krb5.KRB_AS_REQ) { |
222 if (cname != null) { |
229 if (cname != null) { |
223 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), cname.asn1Encode())); |
230 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), cname.asn1Encode())); |
224 } |
231 } |
225 } |
232 } |
226 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode())); |
|
227 if (sname != null) { |
233 if (sname != null) { |
|
234 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), sname.getRealm().asn1Encode())); |
228 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), sname.asn1Encode())); |
235 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), sname.asn1Encode())); |
|
236 } else if (cname != null) { |
|
237 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.getRealm().asn1Encode())); |
229 } |
238 } |
230 if (from != null) { |
239 if (from != null) { |
231 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), from.asn1Encode())); |
240 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), from.asn1Encode())); |
232 } |
241 } |
233 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), till.asn1Encode())); |
242 v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), till.asn1Encode())); |