6641312: Fix krb5 codes indentation problems
Reviewed-by: xuelei, valeriep, wetmore
--- a/jdk/src/share/classes/sun/security/krb5/KrbTgsReq.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/KrbTgsReq.java Wed Mar 05 09:52:50 2008 +0800
@@ -75,107 +75,107 @@
null); // EncryptionKey subSessionKey
}
- // Called by Credentials, KrbCred
- KrbTgsReq(
- KDCOptions options,
- Credentials asCreds,
- PrincipalName sname,
- KerberosTime from,
- KerberosTime till,
- KerberosTime rtime,
- int[] eTypes,
- HostAddresses addresses,
- AuthorizationData authorizationData,
- Ticket[] additionalTickets,
- EncryptionKey subKey) throws KrbException, IOException {
+ // Called by Credentials, KrbCred
+ KrbTgsReq(
+ KDCOptions options,
+ Credentials asCreds,
+ PrincipalName sname,
+ KerberosTime from,
+ KerberosTime till,
+ KerberosTime rtime,
+ int[] eTypes,
+ HostAddresses addresses,
+ AuthorizationData authorizationData,
+ Ticket[] additionalTickets,
+ EncryptionKey subKey) throws KrbException, IOException {
- princName = asCreds.client;
- servName = sname;
- ctime = new KerberosTime(KerberosTime.NOW);
+ princName = asCreds.client;
+ servName = sname;
+ ctime = new KerberosTime(KerberosTime.NOW);
- // check if they are valid arguments. The optional fields
- // should be consistent with settings in KDCOptions.
- if (options.get(KDCOptions.FORWARDABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.FORWARDED)) {
- if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.PROXIABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.PROXY)) {
- if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.ALLOW_POSTDATE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
- if (options.get(KDCOptions.RENEWABLE) &&
- (!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- }
+ // check if they are valid arguments. The optional fields
+ // should be consistent with settings in KDCOptions.
+ if (options.get(KDCOptions.FORWARDABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_FORWARDABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.FORWARDED)) {
+ if (!(asCreds.flags.get(KDCOptions.FORWARDABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.PROXIABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_PROXIABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.PROXY)) {
+ if (!(asCreds.flags.get(KDCOptions.PROXIABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.ALLOW_POSTDATE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_MAY_POSTDATE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
+ if (options.get(KDCOptions.RENEWABLE) &&
+ (!(asCreds.flags.get(Krb5.TKT_OPTS_RENEWABLE)))) {
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ }
- if (options.get(KDCOptions.POSTDATED)) {
- if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- } else {
- if (from != null) from = null;
- }
- if (options.get(KDCOptions.RENEWABLE)) {
- if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- } else {
- if (rtime != null) rtime = null;
- }
- if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
- if (additionalTickets == null)
- throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
- // in TGS_REQ there could be more than one additional
- // tickets, but in file-based credential cache,
- // there is only one additional ticket field.
- secondTicket = additionalTickets[0];
- } else {
- if (additionalTickets != null)
- additionalTickets = null;
- }
+ if (options.get(KDCOptions.POSTDATED)) {
+ if (!(asCreds.flags.get(KDCOptions.POSTDATED)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ } else {
+ if (from != null) from = null;
+ }
+ if (options.get(KDCOptions.RENEWABLE)) {
+ if (!(asCreds.flags.get(KDCOptions.RENEWABLE)))
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ } else {
+ if (rtime != null) rtime = null;
+ }
+ if (options.get(KDCOptions.ENC_TKT_IN_SKEY)) {
+ if (additionalTickets == null)
+ throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
+ // in TGS_REQ there could be more than one additional
+ // tickets, but in file-based credential cache,
+ // there is only one additional ticket field.
+ secondTicket = additionalTickets[0];
+ } else {
+ if (additionalTickets != null)
+ additionalTickets = null;
+ }
- tgsReqMessg = createRequest(
- options,
- asCreds.ticket,
- asCreds.key,
- ctime,
- princName,
- princName.getRealm(),
- servName,
- from,
- till,
- rtime,
- eTypes,
- addresses,
- authorizationData,
- additionalTickets,
- subKey);
- obuf = tgsReqMessg.asn1Encode();
+ tgsReqMessg = createRequest(
+ options,
+ asCreds.ticket,
+ asCreds.key,
+ ctime,
+ princName,
+ princName.getRealm(),
+ servName,
+ from,
+ till,
+ rtime,
+ eTypes,
+ addresses,
+ authorizationData,
+ additionalTickets,
+ subKey);
+ obuf = tgsReqMessg.asn1Encode();
- // XXX We need to revisit this to see if can't move it
- // up such that FORWARDED flag set in the options
- // is included in the marshaled request.
- /*
- * If this is based on a forwarded ticket, record that in the
- * options, because the returned TgsRep will contain the
- * FORWARDED flag set.
- */
- if (asCreds.flags.get(KDCOptions.FORWARDED))
- options.set(KDCOptions.FORWARDED, true);
+ // XXX We need to revisit this to see if can't move it
+ // up such that FORWARDED flag set in the options
+ // is included in the marshaled request.
+ /*
+ * If this is based on a forwarded ticket, record that in the
+ * options, because the returned TgsRep will contain the
+ * FORWARDED flag set.
+ */
+ if (asCreds.flags.get(KDCOptions.FORWARDED))
+ options.set(KDCOptions.FORWARDED, true);
- }
+ }
/**
* Sends a TGS request to the realm of the target.
--- a/jdk/src/share/classes/sun/security/krb5/internal/APRep.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/APRep.java Wed Mar 05 09:52:50 2008 +0800
@@ -54,81 +54,88 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class APRep {
- public int pvno;
- public int msgType;
- public EncryptedData encPart;
+
+ public int pvno;
+ public int msgType;
+ public EncryptedData encPart;
- public APRep(EncryptedData new_encPart) {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_AP_REP;
- encPart = new_encPart;
- }
+ public APRep(EncryptedData new_encPart) {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_AP_REP;
+ encPart = new_encPart;
+ }
- public APRep(byte[] data) throws Asn1Exception,
- KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public APRep(byte[] data) throws Asn1Exception,
+ KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
public APRep(DerValue encoding) throws Asn1Exception,
- KrbApErrException, IOException {
- init(encoding);
- }
-
- /**
- * Initializes an APRep object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- KrbApErrException, IOException {
+ KrbApErrException, IOException {
+ init(encoding);
+ }
- if (((encoding.getTag() & (byte)(0x1F)) != Krb5.KRB_AP_REP)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- DerValue der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- DerValue subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
+ /**
+ * Initializes an APRep object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ KrbApErrException, IOException {
+
+ if (((encoding.getTag() & (byte) (0x1F)) != Krb5.KRB_AP_REP)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
+ }
+ DerValue der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_AP_REP)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- encPart = EncryptedData.parse(der.getData(), (byte)0x02, false);
- if (der.getData().available() > 0)
+ }
+ DerValue subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ pvno = subDer.getData().getBigInteger().intValue();
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_AP_REP) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x02, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an APRep object.
- * @return byte array of encoded APRep object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an APRep object.
+ * @return byte array of encoded APRep object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), encPart.asn1Encode());
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- DerOutputStream aprep = new DerOutputStream();
- aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0F), temp);
- return aprep.toByteArray();
- }
-
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), encPart.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ DerOutputStream aprep = new DerOutputStream();
+ aprep.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0F), temp);
+ return aprep.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/APReq.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/APReq.java Wed Mar 05 09:52:50 2008 +0800
@@ -54,94 +54,98 @@
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
+public class APReq {
-public class APReq {
- public int pvno;
- public int msgType;
- public APOptions apOptions;
- public Ticket ticket;
- public EncryptedData authenticator;
+ public int pvno;
+ public int msgType;
+ public APOptions apOptions;
+ public Ticket ticket;
+ public EncryptedData authenticator;
- public APReq(
- APOptions new_apOptions,
- Ticket new_ticket,
- EncryptedData new_authenticator
- ) {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_AP_REQ;
- apOptions = new_apOptions;
- ticket = new_ticket;
- authenticator = new_authenticator;
- }
+ public APReq(
+ APOptions new_apOptions,
+ Ticket new_ticket,
+ EncryptedData new_authenticator) {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_AP_REQ;
+ apOptions = new_apOptions;
+ ticket = new_ticket;
+ authenticator = new_authenticator;
+ }
- public APReq(byte[] data) throws Asn1Exception,IOException, KrbApErrException, RealmException {
+ public APReq(byte[] data) throws Asn1Exception, IOException, KrbApErrException, RealmException {
init(new DerValue(data));
- }
+ }
public APReq(DerValue encoding) throws Asn1Exception, IOException, KrbApErrException, RealmException {
- init(encoding);
- }
+ init(encoding);
+ }
- /**
- * Initializes an APReq object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbApErrException, RealmException {
- DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != Krb5.KRB_AP_REQ)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
+ /**
+ * Initializes an APReq object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbApErrException, RealmException {
+ DerValue der, subDer;
+ if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_AP_REQ)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x01)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_AP_REQ)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- apOptions = APOptions.parse(der.getData(), (byte)0x02, false);
- ticket = Ticket.parse(der.getData(), (byte)0x03, false);
- authenticator = EncryptedData.parse(der.getData(), (byte)0x04, false);
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x01) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_AP_REQ) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ apOptions = APOptions.parse(der.getData(), (byte) 0x02, false);
+ ticket = Ticket.parse(der.getData(), (byte) 0x03, false);
+ authenticator = EncryptedData.parse(der.getData(), (byte) 0x04, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an APReq object.
- * @return byte array of encoded APReq object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an APReq object.
+ * @return byte array of encoded APReq object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), apOptions.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), ticket.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authenticator.asn1Encode());
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- DerOutputStream apreq = new DerOutputStream();
- apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x0E), temp);
- return apreq.toByteArray();
-
- }
-
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), apOptions.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), ticket.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), authenticator.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ DerOutputStream apreq = new DerOutputStream();
+ apreq.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x0E), temp);
+ return apreq.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/ASRep.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/ASRep.java Wed Mar 05 09:52:50 2008 +0800
@@ -40,30 +40,28 @@
public class ASRep extends KDCRep {
- public ASRep(
- PAData[] new_pAData,
- Realm new_crealm,
- PrincipalName new_cname,
- Ticket new_ticket,
- EncryptedData new_encPart
- ) throws IOException {
- super(new_pAData, new_crealm, new_cname, new_ticket,
- new_encPart, Krb5.KRB_AS_REP);
- }
+ public ASRep(
+ PAData[] new_pAData,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Ticket new_ticket,
+ EncryptedData new_encPart) throws IOException {
+ super(new_pAData, new_crealm, new_cname, new_ticket,
+ new_encPart, Krb5.KRB_AS_REP);
+ }
- public ASRep(byte[] data) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public ASRep(byte[] data) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
- public ASRep(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding);
- }
+ public ASRep(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding);
+ }
- private void init(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding, Krb5.KRB_AS_REP);
- }
-
+ private void init(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding, Krb5.KRB_AS_REP);
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/ASReq.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/ASReq.java Wed Mar 05 09:52:50 2008 +0800
@@ -36,20 +36,19 @@
public class ASReq extends KDCReq {
- public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
- super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
- }
+ public ASReq(PAData[] new_pAData, KDCReqBody new_reqBody) throws IOException {
+ super(new_pAData, new_reqBody, Krb5.KRB_AS_REQ);
+ }
- public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
- init(new DerValue(data));
- }
+ public ASReq(byte[] data) throws Asn1Exception, KrbException, IOException {
+ init(new DerValue(data));
+ }
public ASReq(DerValue encoding) throws Asn1Exception, KrbException, IOException {
- init(encoding);
- }
+ init(encoding);
+ }
- private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
- super.init(encoding, Krb5.KRB_AS_REQ);
- }
-
+ private void init(DerValue encoding) throws Asn1Exception, IOException, KrbException {
+ super.init(encoding, Krb5.KRB_AS_REQ);
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java Wed Mar 05 09:52:50 2008 +0800
@@ -34,6 +34,7 @@
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 Authenticator type.
*
@@ -58,6 +59,7 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class Authenticator {
+
public int authenticator_vno;
public Realm crealm;
public PrincipalName cname;
@@ -68,137 +70,145 @@
Integer seqNumber; //optional
public AuthorizationData authorizationData; //optional
- public Authenticator (
- Realm new_crealm,
- PrincipalName new_cname,
- Checksum new_cksum,
- int new_cusec,
- KerberosTime new_ctime,
- EncryptionKey new_subKey,
- Integer new_seqNumber,
- AuthorizationData new_authorizationData
- ) {
- authenticator_vno = Krb5.AUTHNETICATOR_VNO;
- crealm = new_crealm;
- cname = new_cname;
- cksum = new_cksum;
- cusec = new_cusec;
- ctime = new_ctime;
- subKey = new_subKey;
- seqNumber = new_seqNumber;
- authorizationData = new_authorizationData;
- }
+ public Authenticator(
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Checksum new_cksum,
+ int new_cusec,
+ KerberosTime new_ctime,
+ EncryptionKey new_subKey,
+ Integer new_seqNumber,
+ AuthorizationData new_authorizationData) {
+ authenticator_vno = Krb5.AUTHNETICATOR_VNO;
+ crealm = new_crealm;
+ cname = new_cname;
+ cksum = new_cksum;
+ cusec = new_cusec;
+ ctime = new_ctime;
+ subKey = new_subKey;
+ seqNumber = new_seqNumber;
+ authorizationData = new_authorizationData;
+ }
- public Authenticator(byte[] data)
- throws Asn1Exception, IOException, KrbApErrException, RealmException {
- init(new DerValue(data));
- }
+ public Authenticator(byte[] data)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ init(new DerValue(data));
+ }
- public Authenticator(DerValue encoding)
- throws Asn1Exception,IOException, KrbApErrException, RealmException {
- init(encoding);
- }
+ public Authenticator(DerValue encoding)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ init(encoding);
+ }
- /**
- * Initializes an Authenticator object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding)
- throws Asn1Exception, IOException, KrbApErrException, RealmException {
- DerValue der, subDer;
- //may not be the correct error code for a tag
- //mismatch on an encrypted structure
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x02)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ /**
+ * Initializes an Authenticator object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding)
+ throws Asn1Exception, IOException, KrbApErrException, RealmException {
+ DerValue der, subDer;
+ //may not be the correct error code for a tag
+ //mismatch on an encrypted structure
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x02)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) != (byte)0x00)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
authenticator_vno = subDer.getData().getBigInteger().intValue();
- if (authenticator_vno != 5)
+ if (authenticator_vno != 5) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- crealm = Realm.parse(der.getData(), (byte)0x01, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x02, false);
- cksum = Checksum.parse(der.getData(), (byte)0x03, true);
+ }
+ crealm = Realm.parse(der.getData(), (byte) 0x01, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x02, false);
+ cksum = Checksum.parse(der.getData(), (byte) 0x03, true);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == 0x04) {
+ cusec = subDer.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ ctime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ if (der.getData().available() > 0) {
+ subKey = EncryptionKey.parse(der.getData(), (byte) 0x06, true);
+ } else {
+ subKey = null;
+ seqNumber = null;
+ authorizationData = null;
+ }
+ if (der.getData().available() > 0) {
+ if ((der.getData().peekByte() & 0x1F) == 0x07) {
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == 0x04) {
- cusec = subDer.getData().getBigInteger().intValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
}
- else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- ctime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- if (der.getData().available() > 0) {
- subKey = EncryptionKey.parse(der.getData(), (byte)0x06, true);
- }
- else {
- subKey = null;
- seqNumber = null;
- authorizationData = null;
- }
- if (der.getData().available() > 0) {
- if ((der.getData().peekByte() & 0x1F) == 0x07) {
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x07)
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
- }
- else {
- seqNumber = null;
- authorizationData = null;
- }
- if (der.getData().available() > 0) {
- authorizationData = AuthorizationData.parse(der.getData(), (byte)0x08, true);
- }
- else authorizationData = null;
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ } else {
+ seqNumber = null;
+ authorizationData = null;
}
+ if (der.getData().available() > 0) {
+ authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x08, true);
+ } else {
+ authorizationData = null;
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an Authenticator object.
- * @return byte array of encoded Authenticator object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
- Vector<DerValue> v = new Vector<DerValue> ();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(authenticator_vno));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp.toByteArray()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), crealm.asn1Encode()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.asn1Encode()));
- if (cksum != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cksum.asn1Encode()));
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(cusec));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), temp.toByteArray()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ctime.asn1Encode()));
- if (subKey != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), subKey.asn1Encode()));
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));
- }
- if (authorizationData != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), authorizationData.asn1Encode()));
- DerValue der[] = new DerValue[v.size()];
- v.copyInto(der);
- temp = new DerOutputStream();
- temp.putSequence(der);
- DerOutputStream out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x02), temp);
- return out.toByteArray();
+ /**
+ * Encodes an Authenticator object.
+ * @return byte array of encoded Authenticator object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ Vector<DerValue> v = new Vector<DerValue>();
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(authenticator_vno));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), crealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), cname.asn1Encode()));
+ if (cksum != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), cksum.asn1Encode()));
}
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(cusec));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), temp.toByteArray()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), ctime.asn1Encode()));
+ if (subKey != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x06), subKey.asn1Encode()));
+ }
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x07), temp.toByteArray()));
+ }
+ if (authorizationData != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x08), authorizationData.asn1Encode()));
+ }
+ DerValue der[] = new DerValue[v.size()];
+ v.copyInto(der);
+ temp = new DerOutputStream();
+ temp.putSequence(der);
+ DerOutputStream out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x02), temp);
+ return out.toByteArray();
+ }
public final Checksum getChecksum() {
return cksum;
@@ -211,5 +221,4 @@
public final EncryptionKey getSubKey() {
return subKey;
}
-
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java Wed Mar 05 09:52:50 2008 +0800
@@ -53,82 +53,81 @@
* }
*/
public class AuthorizationData implements Cloneable {
- private AuthorizationDataEntry[] entry = null;
+
+ private AuthorizationDataEntry[] entry = null;
- private AuthorizationData() {
- }
+ private AuthorizationData() {
+ }
- public AuthorizationData(
- AuthorizationDataEntry[] new_entries
- ) throws IOException {
- if (new_entries != null) {
- entry = new AuthorizationDataEntry[new_entries.length];
- for (int i = 0; i < new_entries.length; i++) {
- if (new_entries[i] == null) {
- throw new IOException("Cannot create an AuthorizationData");
- } else {
- entry[i] = (AuthorizationDataEntry)new_entries[i].clone();
- }
- }
- }
- }
-
- public AuthorizationData(
- AuthorizationDataEntry new_entry
- ) {
- entry = new AuthorizationDataEntry[1];
- entry[0] = new_entry;
- }
-
- public Object clone() {
- AuthorizationData new_authorizationData =
- new AuthorizationData();
- if (entry != null) {
- new_authorizationData.entry =
- new AuthorizationDataEntry[entry.length];
- for (int i = 0; i < entry.length; i++)
- new_authorizationData.entry[i] =
- (AuthorizationDataEntry)entry[i].clone();
+ public AuthorizationData(AuthorizationDataEntry[] new_entries)
+ throws IOException {
+ if (new_entries != null) {
+ entry = new AuthorizationDataEntry[new_entries.length];
+ for (int i = 0; i < new_entries.length; i++) {
+ if (new_entries[i] == null) {
+ throw new IOException("Cannot create an AuthorizationData");
+ } else {
+ entry[i] = (AuthorizationDataEntry) new_entries[i].clone();
}
- return new_authorizationData;
+ }
}
+ }
+
+ public AuthorizationData(AuthorizationDataEntry new_entry) {
+ entry = new AuthorizationDataEntry[1];
+ entry[0] = new_entry;
+ }
+
+ public Object clone() {
+ AuthorizationData new_authorizationData =
+ new AuthorizationData();
+ if (entry != null) {
+ new_authorizationData.entry =
+ new AuthorizationDataEntry[entry.length];
+ for (int i = 0; i < entry.length; i++) {
+ new_authorizationData.entry[i] =
+ (AuthorizationDataEntry) entry[i].clone();
+ }
+ }
+ return new_authorizationData;
+ }
- /**
- * Constructs a new <code>AuthorizationData,</code> instance.
- * @param der a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
- Vector<AuthorizationDataEntry> v =
- new Vector<AuthorizationDataEntry> ();
- if (der.getTag() != DerValue.tag_Sequence) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- while (der.getData().available() > 0) {
- v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
- }
- if (v.size() > 0) {
- entry = new AuthorizationDataEntry[v.size()];
- v.copyInto(entry);
- }
+ /**
+ * Constructs a new <code>AuthorizationData,</code> instance.
+ * @param der a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
+ Vector<AuthorizationDataEntry> v =
+ new Vector<AuthorizationDataEntry>();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ while (der.getData().available() > 0) {
+ v.addElement(new AuthorizationDataEntry(der.getData().getDerValue()));
}
+ if (v.size() > 0) {
+ entry = new AuthorizationDataEntry[v.size()];
+ v.copyInto(entry);
+ }
+ }
- /**
- * Encodes an <code>AuthorizationData</code> object.
- * @return byte array of encoded <code>AuthorizationData</code> object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
- DerOutputStream bytes = new DerOutputStream();
- DerValue der[] = new DerValue[entry.length];
- for (int i = 0; i < entry.length; i++) {
- der[i] = new DerValue(entry[i].asn1Encode());
- }
- bytes.putSequence(der);
- return bytes.toByteArray();
+ /**
+ * Encodes an <code>AuthorizationData</code> object.
+ * @return byte array of encoded <code>AuthorizationData</code> object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ DerOutputStream bytes = new DerOutputStream();
+ DerValue der[] = new DerValue[entry.length];
+ for (int i = 0; i < entry.length; i++) {
+ der[i] = new DerValue(entry[i].asn1Encode());
}
+ bytes.putSequence(der);
+ return bytes.toByteArray();
+ }
/**
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream.
@@ -143,31 +142,30 @@
* @return an instance of AuthorizationData.
*
*/
- public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException{
- if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag)) {
- return null;
- }
- DerValue der = data.getDerValue();
- if (explicitTag != (der.getTag() & (byte)0x1F)) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- else {
- DerValue subDer = der.getData().getDerValue();
- return new AuthorizationData(subDer);
- }
+ public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
+ if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) {
+ return null;
+ }
+ DerValue der = data.getDerValue();
+ if (explicitTag != (der.getTag() & (byte) 0x1F)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ } else {
+ DerValue subDer = der.getData().getDerValue();
+ return new AuthorizationData(subDer);
}
+ }
- /**
- * Writes <code>AuthorizationData</code> data fields to a output stream.
- *
- * @param cos a <code>CCacheOutputStream</code> to be written to.
- * @exception IOException if an I/O exception occurs.
- */
- public void writeAuth(CCacheOutputStream cos) throws IOException {
- for (int i = 0; i < entry.length; i++) {
- entry[i].writeEntry(cos);
- }
+ /**
+ * Writes <code>AuthorizationData</code> data fields to a output stream.
+ *
+ * @param cos a <code>CCacheOutputStream</code> to be written to.
+ * @exception IOException if an I/O exception occurs.
+ */
+ public void writeAuth(CCacheOutputStream cos) throws IOException {
+ for (int i = 0; i < entry.length; i++) {
+ entry[i].writeEntry(cos);
}
+ }
public String toString() {
String retVal = "AuthorizationData:\n";
--- a/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationDataEntry.java Wed Mar 05 09:52:50 2008 +0800
@@ -35,90 +35,90 @@
import sun.security.krb5.internal.ccache.CCacheOutputStream;
public class AuthorizationDataEntry implements Cloneable {
- public int adType;
- public byte[] adData;
- private AuthorizationDataEntry() {
- }
+ public int adType;
+ public byte[] adData;
+
+ private AuthorizationDataEntry() {
+ }
- public AuthorizationDataEntry(
- int new_adType,
- byte[] new_adData
- ) {
- adType = new_adType;
- adData = new_adData;
- }
+ public AuthorizationDataEntry(
+ int new_adType,
+ byte[] new_adData) {
+ adType = new_adType;
+ adData = new_adData;
+ }
- public Object clone() {
- AuthorizationDataEntry new_authorizationDataEntry =
- new AuthorizationDataEntry();
- new_authorizationDataEntry.adType = adType;
- if (adData != null) {
- new_authorizationDataEntry.adData = new byte[adData.length];
- System.arraycopy(adData, 0,
- new_authorizationDataEntry.adData, 0, adData.length);
- }
- return new_authorizationDataEntry;
+ public Object clone() {
+ AuthorizationDataEntry new_authorizationDataEntry =
+ new AuthorizationDataEntry();
+ new_authorizationDataEntry.adType = adType;
+ if (adData != null) {
+ new_authorizationDataEntry.adData = new byte[adData.length];
+ System.arraycopy(adData, 0,
+ new_authorizationDataEntry.adData, 0, adData.length);
}
+ return new_authorizationDataEntry;
+ }
- /**
- * Constructs an instance of AuthorizationDataEntry.
- * @param encoding a single DER-encoded value.
- */
- public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
- DerValue der;
+ /**
+ * Constructs an instance of AuthorizationDataEntry.
+ * @param encoding a single DER-encoded value.
+ */
+ public AuthorizationDataEntry(DerValue encoding) throws Asn1Exception, IOException {
+ DerValue der;
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- der = encoding.getData().getDerValue();
- if ((der.getTag() & (byte)0x1F) == (byte)0x00) {
- adType = der.getData().getBigInteger().intValue();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if ((der.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ adType = der.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
der = encoding.getData().getDerValue();
- if ((der.getTag() & (byte)0x1F) == (byte)0x01) {
- adData = der.getData().getOctetString();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (encoding.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if ((der.getTag() & (byte) 0x1F) == (byte) 0x01) {
+ adData = der.getData().getOctetString();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ if (encoding.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an AuthorizationDataEntry object.
- * @return byte array of encoded AuthorizationDataEntry object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an AuthorizationDataEntry object.
+ * @return byte array of encoded AuthorizationDataEntry object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(adType);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putOctetString(adData);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- return temp.toByteArray();
- }
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(adType);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putOctetString(adData);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ return temp.toByteArray();
+ }
- /**
- * Writes the entry's data fields in FCC format to an output stream.
- *
- * @param cos a <code>CCacheOutputStream</code>.
- * @exception IOException if an I/O exception occurs.
- */
- public void writeEntry(CCacheOutputStream cos) throws IOException {
- cos.write16(adType);
- cos.write32(adData.length);
- cos.write(adData, 0, adData.length);
- }
+ /**
+ * Writes the entry's data fields in FCC format to an output stream.
+ *
+ * @param cos a <code>CCacheOutputStream</code>.
+ * @exception IOException if an I/O exception occurs.
+ */
+ public void writeEntry(CCacheOutputStream cos) throws IOException {
+ cos.write16(adType);
+ cos.write32(adData.length);
+ cos.write(adData, 0, adData.length);
+ }
public String toString() {
return ("adType=" + adType + " adData.length=" + adData.length);
}
-
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -55,102 +55,111 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncAPRepPart {
- public KerberosTime ctime;
- public int cusec;
+
+ public KerberosTime ctime;
+ public int cusec;
EncryptionKey subKey; //optional
Integer seqNumber; //optional
- public EncAPRepPart(
- KerberosTime new_ctime,
- int new_cusec,
- EncryptionKey new_subKey,
- Integer new_seqNumber
- ) {
- ctime = new_ctime;
- cusec = new_cusec;
- subKey = new_subKey;
- seqNumber = new_seqNumber;
- }
+ public EncAPRepPart(
+ KerberosTime new_ctime,
+ int new_cusec,
+ EncryptionKey new_subKey,
+ Integer new_seqNumber) {
+ ctime = new_ctime;
+ cusec = new_cusec;
+ subKey = new_subKey;
+ seqNumber = new_seqNumber;
+ }
- public EncAPRepPart(byte[] data)
- throws Asn1Exception, IOException {
- init(new DerValue(data));
- }
+ public EncAPRepPart(byte[] data)
+ throws Asn1Exception, IOException {
+ init(new DerValue(data));
+ }
+
+ public EncAPRepPart(DerValue encoding)
+ throws Asn1Exception, IOException {
+ init(encoding);
+ }
- public EncAPRepPart(DerValue encoding)
- throws Asn1Exception, IOException {
- init(encoding);
+ /**
+ * Initializes an EncaPRepPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ private void init(DerValue encoding) throws Asn1Exception, IOException {
+ DerValue der, subDer;
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1B)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
-
- /**
- * Initializes an EncaPRepPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- private void init(DerValue encoding) throws Asn1Exception, IOException {
- DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1B)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ ctime = KerberosTime.parse(der.getData(), (byte) 0x00, true);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
+ cusec = subDer.getData().getBigInteger().intValue();
+ } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- ctime = KerberosTime.parse(der.getData(), (byte)0x00, true);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x01) {
- cusec = subDer.getData().getBigInteger().intValue();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (der.getData().available() > 0) {
- subKey = EncryptionKey.parse(der.getData(), (byte)0x02, true);
- }
- else {
- subKey = null;
- seqNumber = null;
- }
- if (der.getData().available() > 0) {
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) != 0x03) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else seqNumber = null;
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if (der.getData().available() > 0) {
+ subKey = EncryptionKey.parse(der.getData(), (byte) 0x02, true);
+ } else {
+ subKey = null;
+ seqNumber = null;
}
+ if (der.getData().available() > 0) {
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) != 0x03) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ seqNumber = null;
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an EncAPRepPart object.
- * @return byte array of encoded EncAPRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException{
- Vector<DerValue> v = new Vector<DerValue> ();
+ /**
+ * Encodes an EncAPRepPart object.
+ * @return byte array of encoded EncAPRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
+ Vector<DerValue> v = new Vector<DerValue>();
DerOutputStream temp = new DerOutputStream();
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), ctime.asn1Encode()));
- temp.putInteger(BigInteger.valueOf(cusec));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp.toByteArray()));
- if (subKey != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), subKey.asn1Encode()));
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp.toByteArray()));
- }
- DerValue der[] = new DerValue[v.size()];
- v.copyInto(der);
- temp = new DerOutputStream();
- temp.putSequence(der);
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), ctime.asn1Encode()));
+ temp.putInteger(BigInteger.valueOf(cusec));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp.toByteArray()));
+ if (subKey != null) {
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), subKey.asn1Encode()));
+ }
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), temp.toByteArray()));
+ }
+ DerValue der[] = new DerValue[v.size()];
+ v.copyInto(der);
+ temp = new DerOutputStream();
+ temp.putSequence(der);
DerOutputStream out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1B), temp);
- return out.toByteArray();
- }
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x1B), temp);
+ return out.toByteArray();
+ }
public final EncryptionKey getSubKey() {
return subKey;
@@ -159,5 +168,4 @@
public final Integer getSeqNumber() {
return seqNumber;
}
-
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncASRepPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncASRepPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -36,57 +36,55 @@
public class EncASRepPart extends EncKDCRepPart {
- public EncASRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr
- ) {
- super(
- new_key,
- new_lastReq,
- new_nonce,
- new_keyExpiration,
- new_flags,
- new_authtime,
- new_starttime,
- new_endtime,
- new_renewTill,
- new_srealm,
- new_sname,
- new_caddr,
- Krb5.KRB_ENC_AS_REP_PART
- //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
- //behavior of other implementaions, instead of above
+ public EncASRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr) {
+ super(
+ new_key,
+ new_lastReq,
+ new_nonce,
+ new_keyExpiration,
+ new_flags,
+ new_authtime,
+ new_starttime,
+ new_endtime,
+ new_renewTill,
+ new_srealm,
+ new_sname,
+ new_caddr,
+ Krb5.KRB_ENC_AS_REP_PART
);
- }
+ //may need to use Krb5.KRB_ENC_TGS_REP_PART to mimic
+ //behavior of other implementaions, instead of above
+ }
- public EncASRepPart(byte[] data) throws Asn1Exception,
- IOException, KrbException {
- init(new DerValue(data));
- }
-
- public EncASRepPart(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding);
- }
+ public EncASRepPart(byte[] data) throws Asn1Exception,
+ IOException, KrbException {
+ init(new DerValue(data));
+ }
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding, Krb5.KRB_ENC_AS_REP_PART);
- }
+ public EncASRepPart(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding);
+ }
- public byte[] asn1Encode() throws Asn1Exception,
- IOException {
- return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
- }
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding, Krb5.KRB_ENC_AS_REP_PART);
+ }
+ public byte[] asn1Encode() throws Asn1Exception,
+ IOException {
+ return asn1Encode(Krb5.KRB_ENC_AS_REP_PART);
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -36,6 +36,7 @@
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 EncKDCRepPart type.
*
@@ -63,143 +64,163 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncKDCRepPart {
- public EncryptionKey key;
- public LastReq lastReq;
- public int nonce;
- public KerberosTime keyExpiration; //optional
- public TicketFlags flags;
- public KerberosTime authtime;
- public KerberosTime starttime; //optional
- public KerberosTime endtime;
- public KerberosTime renewTill; //optional
- public Realm srealm;
- public PrincipalName sname;
- public HostAddresses caddr; //optional
- public int msgType; //not included in sequence
+
+ public EncryptionKey key;
+ public LastReq lastReq;
+ public int nonce;
+ public KerberosTime keyExpiration; //optional
+ public TicketFlags flags;
+ public KerberosTime authtime;
+ public KerberosTime starttime; //optional
+ public KerberosTime endtime;
+ public KerberosTime renewTill; //optional
+ public Realm srealm;
+ public PrincipalName sname;
+ public HostAddresses caddr; //optional
+ public int msgType; //not included in sequence
- public EncKDCRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr,
- int new_msgType
- ) {
- key = new_key;
- lastReq = new_lastReq;
- nonce = new_nonce;
- keyExpiration = new_keyExpiration;
- flags = new_flags;
- authtime = new_authtime;
- starttime = new_starttime;
- endtime = new_endtime;
- renewTill = new_renewTill;
- srealm = new_srealm;
- sname = new_sname;
- caddr = new_caddr;
- msgType = new_msgType;
- }
+ public EncKDCRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr,
+ int new_msgType) {
+ key = new_key;
+ lastReq = new_lastReq;
+ nonce = new_nonce;
+ keyExpiration = new_keyExpiration;
+ flags = new_flags;
+ authtime = new_authtime;
+ starttime = new_starttime;
+ endtime = new_endtime;
+ renewTill = new_renewTill;
+ srealm = new_srealm;
+ sname = new_sname;
+ caddr = new_caddr;
+ msgType = new_msgType;
+ }
- public EncKDCRepPart() {
- }
+ public EncKDCRepPart() {
+ }
- public EncKDCRepPart(byte[] data, int rep_type)
- throws Asn1Exception, IOException, RealmException{
- init(new DerValue(data), rep_type);
- }
+ public EncKDCRepPart(byte[] data, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ init(new DerValue(data), rep_type);
+ }
+
+ public EncKDCRepPart(DerValue encoding, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ init(encoding, rep_type);
+ }
- public EncKDCRepPart(DerValue encoding, int rep_type)
- throws Asn1Exception, IOException, RealmException
- {
- init(encoding, rep_type);
+ /**
+ * Initializes an EncKDCRepPart object.
+ *
+ * @param encoding a single DER-encoded value.
+ * @param rep_type type of the encrypted reply message.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while decoding an Realm object.
+ */
+ protected void init(DerValue encoding, int rep_type)
+ throws Asn1Exception, IOException, RealmException {
+ DerValue der, subDer;
+ //implementations return the incorrect tag value, so
+ //we don't use the above line; instead we use the following
+ msgType = (encoding.getTag() & (byte) 0x1F);
+ if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
+ msgType != Krb5.KRB_ENC_TGS_REP_PART) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
-
- /**
- * Initializes an EncKDCRepPart object.
- *
- * @param encoding a single DER-encoded value.
- * @param rep_type type of the encrypted reply message.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while decoding an Realm object.
- */
- protected void init(DerValue encoding, int rep_type)
- throws Asn1Exception, IOException, RealmException
- {
- DerValue der, subDer;
- //implementations return the incorrect tag value, so
- //we don't use the above line; instead we use the following
- msgType = (encoding.getTag() & (byte)0x1F);
- if (msgType != Krb5.KRB_ENC_AS_REP_PART &&
- msgType != Krb5.KRB_ENC_TGS_REP_PART)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- key = EncryptionKey.parse(der.getData(), (byte)0x00, false);
- lastReq = LastReq.parse(der.getData(), (byte)0x01, false);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x02)
- nonce = subDer.getData().getBigInteger().intValue();
- else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- keyExpiration = KerberosTime.parse(der.getData(), (byte)0x03, true);
- flags = TicketFlags.parse(der.getData(), (byte)0x04, false);
- authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
- endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
- renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
- srealm = Realm.parse(der.getData(), (byte)0x09, false);
- sname = PrincipalName.parse(der.getData(), (byte)0x0A, false);
- if (der.getData().available() > 0)
- caddr = HostAddresses.parse(der.getData(), (byte)0x0B, true);
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
+ lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
+ nonce = subDer.getData().getBigInteger().intValue();
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
+ flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
+ authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
+ endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
+ renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
+ srealm = Realm.parse(der.getData(), (byte) 0x09, false);
+ sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false);
+ if (der.getData().available() > 0) {
+ caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an EncKDCRepPart object.
- * @param rep_type type of encrypted reply message.
- * @return byte array of encoded EncKDCRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode(int rep_type) throws Asn1Exception,
- IOException {
+ /**
+ * Encodes an EncKDCRepPart object.
+ * @param rep_type type of encrypted reply message.
+ * @return byte array of encoded EncKDCRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode(int rep_type) throws Asn1Exception,
+ IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), lastReq.asn1Encode());
- temp.putInteger(BigInteger.valueOf(nonce));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), key.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), lastReq.asn1Encode());
+ temp.putInteger(BigInteger.valueOf(nonce));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
- if (keyExpiration != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), keyExpiration.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), flags.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
- if (starttime != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
- if (renewTill != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), srealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), sname.asn1Encode());
- if (caddr != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), caddr.asn1Encode());
- //should use the rep_type to build the encoding
- //but other implementations do not; it is ignored and
- //the cached msgType is used instead
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), temp);
- return bytes.toByteArray();
+ if (keyExpiration != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), keyExpiration.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), flags.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), authtime.asn1Encode());
+ if (starttime != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), starttime.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x07), endtime.asn1Encode());
+ if (renewTill != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x08), renewTill.asn1Encode());
}
-
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x09), srealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0A), sname.asn1Encode());
+ if (caddr != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0B), caddr.asn1Encode());
+ }
+ //should use the rep_type to build the encoding
+ //but other implementations do not; it is ignored and
+ //the cached msgType is used instead
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) msgType), temp);
+ return bytes.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -36,6 +36,7 @@
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 EncKrbCredPart type.
*
@@ -57,148 +58,158 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncKrbCredPart {
- public KrbCredInfo[] ticketInfo = null;
- public KerberosTime timeStamp; //optional
- private Integer nonce; //optional
- private Integer usec; //optional
- private HostAddress sAddress; //optional
- private HostAddresses rAddress; //optional
+ public KrbCredInfo[] ticketInfo = null;
+ public KerberosTime timeStamp; //optional
+ private Integer nonce; //optional
+ private Integer usec; //optional
+ private HostAddress sAddress; //optional
+ private HostAddresses rAddress; //optional
- public EncKrbCredPart(
- KrbCredInfo[] new_ticketInfo,
- KerberosTime new_timeStamp,
- Integer new_usec,
- Integer new_nonce,
- HostAddress new_sAddress,
- HostAddresses new_rAddress
- ) throws IOException {
- if (new_ticketInfo != null) {
- ticketInfo = new KrbCredInfo[new_ticketInfo.length];
- for (int i = 0; i < new_ticketInfo.length; i++) {
- if (new_ticketInfo[i] == null) {
- throw new IOException("Cannot create a EncKrbCredPart");
- } else {
- ticketInfo[i] = (KrbCredInfo)new_ticketInfo[i].clone();
- }
- }
+ public EncKrbCredPart(
+ KrbCredInfo[] new_ticketInfo,
+ KerberosTime new_timeStamp,
+ Integer new_usec,
+ Integer new_nonce,
+ HostAddress new_sAddress,
+ HostAddresses new_rAddress) throws IOException {
+ if (new_ticketInfo != null) {
+ ticketInfo = new KrbCredInfo[new_ticketInfo.length];
+ for (int i = 0; i < new_ticketInfo.length; i++) {
+ if (new_ticketInfo[i] == null) {
+ throw new IOException("Cannot create a EncKrbCredPart");
+ } else {
+ ticketInfo[i] = (KrbCredInfo) new_ticketInfo[i].clone();
}
- timeStamp = new_timeStamp;
- usec = new_usec;
- nonce = new_nonce;
- sAddress = new_sAddress;
- rAddress = new_rAddress;
- }
-
- public EncKrbCredPart(byte[] data) throws Asn1Exception,
- IOException, RealmException {
- init(new DerValue(data));
- }
-
- public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
- IOException, RealmException {
- init(encoding);
+ }
}
+ timeStamp = new_timeStamp;
+ usec = new_usec;
+ nonce = new_nonce;
+ sAddress = new_sAddress;
+ rAddress = new_rAddress;
+ }
- /**
- * Initializes an EncKrbCredPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, RealmException {
- DerValue der, subDer;
- //may not be the correct error code for a tag
- //mismatch on an encrypted structure
- nonce = null;
- timeStamp = null;
- usec= null;
+ public EncKrbCredPart(byte[] data) throws Asn1Exception,
+ IOException, RealmException {
+ init(new DerValue(data));
+ }
+
+ public EncKrbCredPart(DerValue encoding) throws Asn1Exception,
+ IOException, RealmException {
+ init(encoding);
+ }
+
+ /**
+ * Initializes an EncKrbCredPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, RealmException {
+ DerValue der, subDer;
+ //may not be the correct error code for a tag
+ //mismatch on an encrypted structure
+ nonce = null;
+ timeStamp = null;
+ usec = null;
sAddress = null;
rAddress = null;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1D)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
-
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
- DerValue derValues[] = subDer.getData().getSequence(1);
- ticketInfo = new KrbCredInfo[derValues.length];
- for (int i = 0; i < derValues.length; i++) {
- ticketInfo[i] = new KrbCredInfo(derValues[i]);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- if (der.getData().available() > 0) {
- if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x01) {
- subDer = der.getData().getDerValue();
- nonce = new Integer(subDer.getData().getBigInteger().intValue());
- }
- }
- if (der.getData().available() >0) {
- timeStamp = KerberosTime.parse(der.getData(), (byte)0x02, true);
- }
- if (der.getData().available() >0) {
- if (((byte)(der.getData().peekByte()) & (byte)0x1F) == (byte)0x03) {
- subDer = der.getData().getDerValue();
- usec = new Integer(subDer.getData().getBigInteger().intValue());
- }
- }
- if (der.getData().available() >0) {
- sAddress = HostAddress.parse(der.getData(), (byte)0x04, true);
- }
- if (der.getData().available() >0) {
- rAddress = HostAddresses.parse(der.getData(), (byte)0x05, true);
- }
- if (der.getData().available() >0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
- /**
- * Encodes an EncKrbCredPart object.
- * @return byte array of encoded EncKrbCredPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException{
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ DerValue derValues[] = subDer.getData().getSequence(1);
+ ticketInfo = new KrbCredInfo[derValues.length];
+ for (int i = 0; i < derValues.length; i++) {
+ ticketInfo[i] = new KrbCredInfo(derValues[i]);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if (der.getData().available() > 0) {
+ if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
+ subDer = der.getData().getDerValue();
+ nonce = new Integer(subDer.getData().getBigInteger().intValue());
+ }
+ }
+ if (der.getData().available() > 0) {
+ timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
+ }
+ if (der.getData().available() > 0) {
+ if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
+ subDer = der.getData().getDerValue();
+ usec = new Integer(subDer.getData().getBigInteger().intValue());
+ }
+ }
+ if (der.getData().available() > 0) {
+ sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
+ }
+ if (der.getData().available() > 0) {
+ rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
+
+ /**
+ * Encodes an EncKrbCredPart object.
+ * @return byte array of encoded EncKrbCredPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- DerValue[] tickets = new DerValue[ticketInfo.length];
- for (int i = 0; i < ticketInfo.length; i++)
- tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
- temp.putSequence(tickets);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
+ DerOutputStream temp = new DerOutputStream();
+ DerValue[] tickets = new DerValue[ticketInfo.length];
+ for (int i = 0; i < ticketInfo.length; i++) {
+ tickets[i] = new DerValue(ticketInfo[i].asn1Encode());
+ }
+ temp.putSequence(tickets);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
- if (nonce != null) {
+ if (nonce != null) {
temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(nonce.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- }
+ temp.putInteger(BigInteger.valueOf(nonce.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ }
if (timeStamp != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), timeStamp.asn1Encode());
- }
- if (usec != null) {
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(usec.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
- }
- if (sAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
- }
- if (rAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1D), temp);
- return bytes.toByteArray();
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), timeStamp.asn1Encode());
+ }
+ if (usec != null) {
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(usec.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), temp);
+ }
+ if (sAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), sAddress.asn1Encode());
}
+ if (rAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), rAddress.asn1Encode());
+ }
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x1D), temp);
+ return bytes.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -55,114 +55,119 @@
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
+public class EncKrbPrivPart {
-public class EncKrbPrivPart {
- public byte[] userData = null;
- public KerberosTime timestamp; //optional
- public Integer usec; //optional
- public Integer seqNumber; //optional
- public HostAddress sAddress; //optional
- public HostAddress rAddress; //optional
+ public byte[] userData = null;
+ public KerberosTime timestamp; //optional
+ public Integer usec; //optional
+ public Integer seqNumber; //optional
+ public HostAddress sAddress; //optional
+ public HostAddress rAddress; //optional
- public EncKrbPrivPart(
- byte[] new_userData,
- KerberosTime new_timestamp,
- Integer new_usec,
- Integer new_seqNumber,
- HostAddress new_sAddress,
- HostAddress new_rAddress
- ) {
- if (new_userData != null) {
- userData = new_userData.clone();
- }
- timestamp = new_timestamp;
- usec = new_usec;
- seqNumber = new_seqNumber;
- sAddress = new_sAddress;
- rAddress = new_rAddress;
+ public EncKrbPrivPart(
+ byte[] new_userData,
+ KerberosTime new_timestamp,
+ Integer new_usec,
+ Integer new_seqNumber,
+ HostAddress new_sAddress,
+ HostAddress new_rAddress) {
+ if (new_userData != null) {
+ userData = new_userData.clone();
}
+ timestamp = new_timestamp;
+ usec = new_usec;
+ seqNumber = new_seqNumber;
+ sAddress = new_sAddress;
+ rAddress = new_rAddress;
+ }
- public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
- init(new DerValue(data));
- }
+ public EncKrbPrivPart(byte[] data) throws Asn1Exception, IOException {
+ init(new DerValue(data));
+ }
- public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
- init(encoding);
- }
+ public EncKrbPrivPart(DerValue encoding) throws Asn1Exception, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an EncKrbPrivPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- private void init(DerValue encoding) throws Asn1Exception, IOException {
+ /**
+ * Initializes an EncKrbPrivPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ private void init(DerValue encoding) throws Asn1Exception, IOException {
DerValue der, subDer;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x1C)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1C)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
+ userData = subDer.getData().getOctetString();
+ } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & (byte)0x1F) == (byte)0x00) {
- userData = subDer.getData().getOctetString();
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- timestamp = KerberosTime.parse(der.getData(), (byte)0x01, true);
- if ((der.getData().peekByte() & 0x1F) == 0x02) {
- subDer = der.getData().getDerValue();
- usec = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else usec = null;
- if ((der.getData().peekByte() & 0x1F) == 0x03 ) {
- subDer = der.getData().getDerValue();
- seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
- }
- else seqNumber = null;
- sAddress = HostAddress.parse(der.getData(), (byte)0x04, false);
- if (der.getData().available() > 0) {
- rAddress = HostAddress.parse(der.getData(), (byte)0x05, true);
- }
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
+ if ((der.getData().peekByte() & 0x1F) == 0x02) {
+ subDer = der.getData().getDerValue();
+ usec = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ usec = null;
+ }
+ if ((der.getData().peekByte() & 0x1F) == 0x03) {
+ subDer = der.getData().getDerValue();
+ seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+ } else {
+ seqNumber = null;
}
+ sAddress = HostAddress.parse(der.getData(), (byte) 0x04, false);
+ if (der.getData().available() > 0) {
+ rAddress = HostAddress.parse(der.getData(), (byte) 0x05, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ }
- /**
- * Encodes an EncKrbPrivPart object.
- * @return byte array of encoded EncKrbPrivPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an EncKrbPrivPart object.
+ * @return byte array of encoded EncKrbPrivPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp = new DerOutputStream();
DerOutputStream bytes = new DerOutputStream();
- temp.putOctetString(userData);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- if (timestamp != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), timestamp.asn1Encode());
- if (usec != null) {
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(usec.intValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
- }
- if (seqNumber != null) {
- temp = new DerOutputStream();
- // encode as an unsigned integer (UInt32)
- temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), temp);
- }
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), sAddress.asn1Encode());
- if (rAddress != null) {
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), rAddress.asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x1C), temp);
- return bytes.toByteArray();
+ temp.putOctetString(userData);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
+ if (timestamp != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), timestamp.asn1Encode());
+ }
+ if (usec != null) {
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(usec.intValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x02), temp);
}
+ if (seqNumber != null) {
+ temp = new DerOutputStream();
+ // encode as an unsigned integer (UInt32)
+ temp.putInteger(BigInteger.valueOf(seqNumber.longValue()));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x03), temp);
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x04), sAddress.asn1Encode());
+ if (rAddress != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x05), rAddress.asn1Encode());
+ }
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte) 0x1C), temp);
+ return bytes.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncTGSRepPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -35,55 +35,52 @@
public class EncTGSRepPart extends EncKDCRepPart {
- public EncTGSRepPart(
- EncryptionKey new_key,
- LastReq new_lastReq,
- int new_nonce,
- KerberosTime new_keyExpiration,
- TicketFlags new_flags,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- Realm new_srealm,
- PrincipalName new_sname,
- HostAddresses new_caddr
- ) {
- super(
- new_key,
- new_lastReq,
- new_nonce,
- new_keyExpiration,
- new_flags,
- new_authtime,
- new_starttime,
- new_endtime,
- new_renewTill,
- new_srealm,
- new_sname,
- new_caddr,
- Krb5.KRB_ENC_TGS_REP_PART
- );
- }
+ public EncTGSRepPart(
+ EncryptionKey new_key,
+ LastReq new_lastReq,
+ int new_nonce,
+ KerberosTime new_keyExpiration,
+ TicketFlags new_flags,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ Realm new_srealm,
+ PrincipalName new_sname,
+ HostAddresses new_caddr) {
+ super(
+ new_key,
+ new_lastReq,
+ new_nonce,
+ new_keyExpiration,
+ new_flags,
+ new_authtime,
+ new_starttime,
+ new_endtime,
+ new_renewTill,
+ new_srealm,
+ new_sname,
+ new_caddr,
+ Krb5.KRB_ENC_TGS_REP_PART);
+ }
- public EncTGSRepPart(byte[] data) throws Asn1Exception,
- IOException, KrbException {
- init(new DerValue(data));
- }
+ public EncTGSRepPart(byte[] data) throws Asn1Exception,
+ IOException, KrbException {
+ init(new DerValue(data));
+ }
- public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding);
- }
+ public EncTGSRepPart(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding);
+ }
- private void init(DerValue encoding) throws Asn1Exception,
- IOException, KrbException {
- init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
- }
+ private void init(DerValue encoding) throws Asn1Exception,
+ IOException, KrbException {
+ init(encoding, Krb5.KRB_ENC_TGS_REP_PART);
+ }
- public byte[] asn1Encode() throws Asn1Exception,
- IOException {
- return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
- }
-
+ public byte[] asn1Encode() throws Asn1Exception,
+ IOException {
+ return asn1Encode(Krb5.KRB_ENC_TGS_REP_PART);
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncTicketPart.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncTicketPart.java Wed Mar 05 09:52:50 2008 +0800
@@ -62,69 +62,68 @@
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
public class EncTicketPart {
- public TicketFlags flags;
- public EncryptionKey key;
- public Realm crealm;
- public PrincipalName cname;
- public TransitedEncoding transited;
- public KerberosTime authtime;
- public KerberosTime starttime; //optional
- public KerberosTime endtime;
- public KerberosTime renewTill; //optional
- public HostAddresses caddr; //optional
- public AuthorizationData authorizationData; //optional
+
+ public TicketFlags flags;
+ public EncryptionKey key;
+ public Realm crealm;
+ public PrincipalName cname;
+ public TransitedEncoding transited;
+ public KerberosTime authtime;
+ public KerberosTime starttime; //optional
+ public KerberosTime endtime;
+ public KerberosTime renewTill; //optional
+ public HostAddresses caddr; //optional
+ public AuthorizationData authorizationData; //optional
- public EncTicketPart(
- TicketFlags new_flags,
- EncryptionKey new_key,
- Realm new_crealm,
- PrincipalName new_cname,
- TransitedEncoding new_transited,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- HostAddresses new_caddr,
- AuthorizationData new_authorizationData
- ) {
- flags = new_flags;
- key = new_key;
- crealm = new_crealm;
- cname = new_cname;
- transited = new_transited;
- authtime = new_authtime;
- starttime = new_starttime;
- endtime = new_endtime;
- renewTill = new_renewTill;
- caddr = new_caddr;
- authorizationData = new_authorizationData;
- }
+ public EncTicketPart(
+ TicketFlags new_flags,
+ EncryptionKey new_key,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ TransitedEncoding new_transited,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ HostAddresses new_caddr,
+ AuthorizationData new_authorizationData) {
+ flags = new_flags;
+ key = new_key;
+ crealm = new_crealm;
+ cname = new_cname;
+ transited = new_transited;
+ authtime = new_authtime;
+ starttime = new_starttime;
+ endtime = new_endtime;
+ renewTill = new_renewTill;
+ caddr = new_caddr;
+ authorizationData = new_authorizationData;
+ }
- public EncTicketPart(byte[] data)
- throws Asn1Exception, KrbException, IOException {
- init(new DerValue(data));
- }
+ public EncTicketPart(byte[] data)
+ throws Asn1Exception, KrbException, IOException {
+ init(new DerValue(data));
+ }
- public EncTicketPart(DerValue encoding)
- throws Asn1Exception, KrbException, IOException {
- init(encoding);
- }
+ public EncTicketPart(DerValue encoding)
+ throws Asn1Exception, KrbException, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an EncTicketPart object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
-
+ /**
+ * Initializes an EncTicketPart object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
private static String getHexBytes(byte[] bytes, int len)
- throws IOException {
+ throws IOException {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < len; i++) {
- int b1 = (bytes[i]>>4) & 0x0f;
+ int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1));
@@ -134,73 +133,91 @@
return sb.toString();
}
- private void init(DerValue encoding)
- throws Asn1Exception, IOException, RealmException {
- DerValue der, subDer;
+ private void init(DerValue encoding)
+ throws Asn1Exception, IOException, RealmException {
+ DerValue der, subDer;
- renewTill = null;
- caddr = null;
- authorizationData = null;
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x03)
+ renewTill = null;
+ caddr = null;
+ authorizationData = null;
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x03)
|| (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- flags = TicketFlags.parse(der.getData(), (byte)0x00, false);
- key = EncryptionKey.parse(der.getData(), (byte)0x01, false);
- crealm = Realm.parse(der.getData(), (byte)0x02, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x03, false);
- transited = TransitedEncoding.parse(der.getData(), (byte)0x04, false);
- authtime = KerberosTime.parse(der.getData(), (byte)0x05, false);
- starttime = KerberosTime.parse(der.getData(), (byte)0x06, true);
- endtime = KerberosTime.parse(der.getData(), (byte)0x07, false);
- if (der.getData().available() > 0) {
- renewTill = KerberosTime.parse(der.getData(), (byte)0x08, true);
- }
- if (der.getData().available() > 0) {
- caddr = HostAddresses.parse(der.getData(), (byte)0x09, true);
- }
- if (der.getData().available() > 0) {
- authorizationData = AuthorizationData.parse(der.getData(), (byte)0x0A, true);
- }
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
-
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ flags = TicketFlags.parse(der.getData(), (byte) 0x00, false);
+ key = EncryptionKey.parse(der.getData(), (byte) 0x01, false);
+ crealm = Realm.parse(der.getData(), (byte) 0x02, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x03, false);
+ transited = TransitedEncoding.parse(der.getData(), (byte) 0x04, false);
+ authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
+ starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
+ endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
+ if (der.getData().available() > 0) {
+ renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
+ }
+ if (der.getData().available() > 0) {
+ caddr = HostAddresses.parse(der.getData(), (byte) 0x09, true);
+ }
+ if (der.getData().available() > 0) {
+ authorizationData = AuthorizationData.parse(der.getData(), (byte) 0x0A, true);
+ }
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
- /**
- * Encodes an EncTicketPart object.
- * @return byte array of encoded EncTicketPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
+ }
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an EncTicketPart object.
+ * @return byte array of encoded EncTicketPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), flags.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), key.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), crealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), cname.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), transited.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), authtime.asn1Encode());
- if (starttime != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), starttime.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), endtime.asn1Encode());
+ DerOutputStream temp = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), flags.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), key.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), crealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), cname.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), transited.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), authtime.asn1Encode());
+ if (starttime != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), starttime.asn1Encode());
+ }
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x07), endtime.asn1Encode());
- if (renewTill != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), renewTill.asn1Encode());
+ if (renewTill != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x08), renewTill.asn1Encode());
+ }
- if (caddr != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), caddr.asn1Encode());
+ if (caddr != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x09), caddr.asn1Encode());
+ }
- if (authorizationData != null)
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), authorizationData.asn1Encode());
- temp.write(DerValue.tag_Sequence, bytes);
- bytes = new DerOutputStream();
- bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x03), temp);
- return bytes.toByteArray();
+ if (authorizationData != null) {
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x0A), authorizationData.asn1Encode());
}
+ temp.write(DerValue.tag_Sequence, bytes);
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x03), temp);
+ return bytes.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/KDCRep.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KDCRep.java Wed Mar 05 09:52:50 2008 +0800
@@ -35,6 +35,7 @@
import java.util.Vector;
import java.io.IOException;
import java.math.BigInteger;
+
/**
* Implements the ASN.1 KDC-REP type.
*
@@ -59,163 +60,168 @@
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
+public class KDCRep {
-public class KDCRep {
- public Realm crealm;
- public PrincipalName cname;
- public Ticket ticket;
- public EncryptedData encPart;
- public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
-
- private int pvno;
- private int msgType;
- private PAData[] pAData = null; //optional
- private boolean DEBUG = Krb5.DEBUG;
+ public Realm crealm;
+ public PrincipalName cname;
+ public Ticket ticket;
+ public EncryptedData encPart;
+ public EncKDCRepPart encKDCRepPart; //not part of ASN.1 encoding
+ private int pvno;
+ private int msgType;
+ private PAData[] pAData = null; //optional
+ private boolean DEBUG = Krb5.DEBUG;
- public KDCRep(
- PAData[] new_pAData,
- Realm new_crealm,
- PrincipalName new_cname,
- Ticket new_ticket,
- EncryptedData new_encPart,
- int req_type
- ) throws IOException {
- pvno = Krb5.PVNO;
- msgType = req_type;
- if (new_pAData != null) {
- pAData = new PAData[new_pAData.length];
- for (int i = 0; i < new_pAData.length; i++) {
- if (new_pAData[i] == null) {
- throw new IOException("Cannot create a KDCRep");
- } else {
- pAData[i] = (PAData)new_pAData[i].clone();
- }
- }
+ public KDCRep(
+ PAData[] new_pAData,
+ Realm new_crealm,
+ PrincipalName new_cname,
+ Ticket new_ticket,
+ EncryptedData new_encPart,
+ int req_type) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = req_type;
+ if (new_pAData != null) {
+ pAData = new PAData[new_pAData.length];
+ for (int i = 0; i < new_pAData.length; i++) {
+ if (new_pAData[i] == null) {
+ throw new IOException("Cannot create a KDCRep");
+ } else {
+ pAData[i] = (PAData) new_pAData[i].clone();
}
- crealm = new_crealm;
- cname = new_cname;
- ticket = new_ticket;
- encPart = new_encPart;
+ }
}
-
- public KDCRep() {
- }
+ crealm = new_crealm;
+ cname = new_cname;
+ ticket = new_ticket;
+ encPart = new_encPart;
+ }
- public KDCRep(byte[] data, int req_type) throws Asn1Exception, KrbApErrException, RealmException, IOException {
- init(new DerValue(data), req_type);
- }
+ public KDCRep() {
+ }
- public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding, req_type);
- }
+ public KDCRep(byte[] data, int req_type) throws Asn1Exception,
+ KrbApErrException, RealmException, IOException {
+ init(new DerValue(data), req_type);
+ }
+
+ public KDCRep(DerValue encoding, int req_type) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding, req_type);
+ }
/*
// Not used? Don't know what keyusage to use here %%%
-
- public void decrypt(EncryptionKey key) throws Asn1Exception,
- IOException, KrbException, RealmException {
- encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key),
- msgType);
- }
-*/
-
- /**
- * Initializes an KDCRep object.
- *
- * @param encoding a single DER-encoded value.
- * @param req_type reply message type.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception RealmException if an error occurs while constructing a Realm object from DER-encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
- *
- */
- protected void init(DerValue encoding, int req_type)
+ public void decrypt(EncryptionKey key) throws Asn1Exception,
+ IOException, KrbException, RealmException {
+ encKDCRepPart = new EncKDCRepPart(encPart.decrypt(key), msgType);
+ }
+ */
+ /**
+ * Initializes an KDCRep object.
+ *
+ * @param encoding a single DER-encoded value.
+ * @param req_type reply message type.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception RealmException if an error occurs while constructing
+ * a Realm object from DER-encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded
+ * data stream does not match the pre-defined value.
+ *
+ */
+ protected void init(DerValue encoding, int req_type)
throws Asn1Exception, RealmException, IOException,
- KrbApErrException {
- DerValue der, subDer;
- if ((encoding.getTag() & 0x1F) != req_type) {
- if (DEBUG) {
- System.out.println(">>> KDCRep: init() " +
- "encoding tag is " +
- encoding.getTag() +
- " req type is " + req_type);
- }
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ KrbApErrException {
+ DerValue der, subDer;
+ if ((encoding.getTag() & 0x1F) != req_type) {
+ if (DEBUG) {
+ System.out.println(">>> KDCRep: init() " +
+ "encoding tag is " +
+ encoding.getTag() +
+ " req type is " + req_type);
}
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x00) {
- pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- } else {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x00) {
+ pvno = subDer.getData().getBigInteger().intValue();
+ if (pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
}
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x01) {
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != req_type) {
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- } else {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x01) {
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != req_type) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
- if ((der.getData().peekByte() & 0x1F) == 0x02) {
- subDer = der.getData().getDerValue();
- DerValue[] padata = subDer.getData().getSequence(1);
- pAData = new PAData[padata.length];
- for (int i = 0; i < padata.length; i++) {
- pAData[i] = new PAData(padata[i]);
- }
- } else {
- pAData = null;
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ if ((der.getData().peekByte() & 0x1F) == 0x02) {
+ subDer = der.getData().getDerValue();
+ DerValue[] padata = subDer.getData().getSequence(1);
+ pAData = new PAData[padata.length];
+ for (int i = 0; i < padata.length; i++) {
+ pAData[i] = new PAData(padata[i]);
}
- crealm = Realm.parse(der.getData(), (byte)0x03, false);
- cname = PrincipalName.parse(der.getData(), (byte)0x04, false);
- ticket = Ticket.parse(der.getData(), (byte)0x05, false);
- encPart = EncryptedData.parse(der.getData(), (byte)0x06, false);
- if (der.getData().available() > 0) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
+ } else {
+ pAData = null;
+ }
+ crealm = Realm.parse(der.getData(), (byte) 0x03, false);
+ cname = PrincipalName.parse(der.getData(), (byte) 0x04, false);
+ ticket = Ticket.parse(der.getData(), (byte) 0x05, false);
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x06, false);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
+ /**
+ * Encodes this object to a byte array.
+ * @return byte array of encoded APReq object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
- /**
- * Encodes this object to a byte array.
- * @return byte array of encoded APReq object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
-
- DerOutputStream bytes = new DerOutputStream();
- DerOutputStream temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
+ DerOutputStream bytes = new DerOutputStream();
+ DerOutputStream temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ if (pAData != null && pAData.length > 0) {
+ DerOutputStream padata_stream = new DerOutputStream();
+ for (int i = 0; i < pAData.length; i++) {
+ padata_stream.write(pAData[i].asn1Encode());
+ }
temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- if (pAData != null && pAData.length > 0) {
- DerOutputStream padata_stream = new DerOutputStream();
- for (int i = 0; i < pAData.length; i++) {
- padata_stream.write(pAData[i].asn1Encode());
- }
- temp = new DerOutputStream();
- temp.write(DerValue.tag_SequenceOf, padata_stream);
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
- }
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), crealm.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), cname.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), ticket.asn1Encode());
- bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), encPart.asn1Encode());
- temp = new DerOutputStream();
- temp.write(DerValue.tag_Sequence, bytes);
- return temp.toByteArray();
+ temp.write(DerValue.tag_SequenceOf, padata_stream);
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
}
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), crealm.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), cname.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x05), ticket.asn1Encode());
+ bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x06), encPart.asn1Encode());
+ temp = new DerOutputStream();
+ temp.write(DerValue.tag_Sequence, bytes);
+ return temp.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java Wed Mar 05 09:52:50 2008 +0800
@@ -56,155 +56,160 @@
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
-
public class KDCReq {
- public KDCReqBody reqBody;
- private int pvno;
- private int msgType;
- private PAData[] pAData = null; //optional
+ public KDCReqBody reqBody;
+ private int pvno;
+ private int msgType;
+ private PAData[] pAData = null; //optional
- public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
- int req_type) throws IOException {
- pvno = Krb5.PVNO;
- msgType = req_type;
- if (new_pAData != null) {
- pAData = new PAData[new_pAData.length];
- for (int i = 0; i < new_pAData.length; i++) {
- if (new_pAData[i] == null) {
- throw new IOException("Cannot create a KDCRep");
- } else {
- pAData[i] = (PAData)new_pAData[i].clone();
- }
- }
+ public KDCReq(PAData[] new_pAData, KDCReqBody new_reqBody,
+ int req_type) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = req_type;
+ if (new_pAData != null) {
+ pAData = new PAData[new_pAData.length];
+ for (int i = 0; i < new_pAData.length; i++) {
+ if (new_pAData[i] == null) {
+ throw new IOException("Cannot create a KDCRep");
+ } else {
+ pAData[i] = (PAData) new_pAData[i].clone();
}
- reqBody = new_reqBody;
- }
-
- public KDCReq() {
+ }
}
+ reqBody = new_reqBody;
+ }
- public KDCReq(byte[] data, int req_type) throws Asn1Exception,
- IOException, KrbException {
+ public KDCReq() {
+ }
+
+ public KDCReq(byte[] data, int req_type) throws Asn1Exception,
+ IOException, KrbException {
init(new DerValue(data), req_type);
- }
+ }
+
+ /**
+ * Creates an KDCReq object from a DerValue object and asn1 type.
+ *
+ * @param der a DER value of an KDCReq object.
+ * @param req_type a encoded asn1 type value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exceptoin KrbErrException
+ */
+ public KDCReq(DerValue der, int req_type) throws Asn1Exception,
+ IOException, KrbException {
+ init(der, req_type);
+ }
/**
- * Creates an KDCReq object from a DerValue object and asn1 type.
- *
- * @param der a DER value of an KDCReq object.
- * @param req_type a encoded asn1 type value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exceptoin KrbErrException
- */
- public KDCReq(DerValue der, int req_type) throws Asn1Exception,
- IOException, KrbException {
- init(der, req_type);
+ * Initializes a KDCReq object from a DerValue. The DER encoding
+ * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
+ *
+ * @param encoding a DER-encoded KDCReq object.
+ * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbException if an error occurs while constructing a Realm object,
+ * or a Krb object from DER-encoded data.
+ */
+ protected void init(DerValue encoding, int req_type) throws Asn1Exception,
+ IOException, KrbException {
+ DerValue der, subDer;
+ BigInteger bint;
+ if ((encoding.getTag() & 0x1F) != req_type) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
-
- /**
- * Initializes a KDCReq object from a DerValue. The DER encoding
- * must be in the format specified by the KRB_KDC_REQ ASN.1 notation.
- *
- * @param encoding a DER-encoded KDCReq object.
- * @param req_type an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbException if an error occurs while constructing a Realm object,
- * or a Krb object from DER-encoded data.
- */
- protected void init(DerValue encoding, int req_type) throws Asn1Exception,
- IOException, KrbException {
- DerValue der, subDer;
- BigInteger bint;
- if ((encoding.getTag() & 0x1F) != req_type) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence) {
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x01) {
+ bint = subDer.getData().getBigInteger();
+ this.pvno = bint.intValue();
+ if (this.pvno != Krb5.PVNO) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x02) {
+ bint = subDer.getData().getBigInteger();
+ this.msgType = bint.intValue();
+ if (this.msgType != req_type) {
+ throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
+ }
+ } else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x01) {
- bint = subDer.getData().getBigInteger();
- this.pvno = bint.intValue();
- if (this.pvno != Krb5.PVNO)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x02) {
- bint = subDer.getData().getBigInteger();
- this.msgType = bint.intValue();
- if (this.msgType != req_type)
- throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x03) {
- DerValue subsubDer = subDer.getData().getDerValue();
- if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- Vector<PAData> v = new Vector<PAData> ();
- while (subsubDer.getData().available() > 0) {
- v.addElement(new PAData(subsubDer.getData().getDerValue()));
- }
- if (v.size() > 0) {
- pAData = new PAData[v.size()];
- v.copyInto(pAData);
- }
- }
- else pAData = null;
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x01F) == 0x04) {
- DerValue subsubDer = subDer.getData().getDerValue();
- reqBody = new KDCReqBody(subsubDer, msgType);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x03) {
+ DerValue subsubDer = subDer.getData().getDerValue();
+ if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ Vector<PAData> v = new Vector<PAData>();
+ while (subsubDer.getData().available() > 0) {
+ v.addElement(new PAData(subsubDer.getData().getDerValue()));
+ }
+ if (v.size() > 0) {
+ pAData = new PAData[v.size()];
+ v.copyInto(pAData);
+ }
+ } else {
+ pAData = null;
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x01F) == 0x04) {
+ DerValue subsubDer = subDer.getData().getDerValue();
+ reqBody = new KDCReqBody(subsubDer, msgType);
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
+ }
- /**
- * Encodes this object to a byte array.
- *
- * @return an byte array of encoded data.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- *
- */
+ /**
+ * Encodes this object to a byte array.
+ *
+ * @return an byte array of encoded data.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ *
+ */
public byte[] asn1Encode() throws Asn1Exception, IOException {
- DerOutputStream temp, bytes, out;
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(pvno));
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), temp);
+ DerOutputStream temp, bytes, out;
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(pvno));
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ temp.putInteger(BigInteger.valueOf(msgType));
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), temp);
if (pAData != null && pAData.length > 0) {
- temp = new DerOutputStream();
- for (int i = 0; i < pAData.length; i++) {
- temp.write(pAData[i].asn1Encode());
- }
- bytes = new DerOutputStream();
- bytes.write(DerValue.tag_SequenceOf, temp);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), bytes);
- }
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), reqBody.asn1Encode(msgType));
- bytes = new DerOutputStream();
- bytes.write(DerValue.tag_Sequence, out);
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)msgType), bytes);
- return out.toByteArray();
+ temp = new DerOutputStream();
+ for (int i = 0; i < pAData.length; i++) {
+ temp.write(pAData[i].asn1Encode());
+ }
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.tag_SequenceOf, temp);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), bytes);
}
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x04), reqBody.asn1Encode(msgType));
+ bytes = new DerOutputStream();
+ bytes.write(DerValue.tag_Sequence, out);
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) msgType), bytes);
+ return out.toByteArray();
+ }
- public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException
- {
- return reqBody.asn1Encode(msgType);
- }
-
+ public byte[] asn1EncodeReqBody() throws Asn1Exception, IOException {
+ return reqBody.asn1Encode(msgType);
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java Wed Mar 05 09:52:50 2008 +0800
@@ -56,128 +56,134 @@
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
* http://www.ietf.org/rfc/rfc4120.txt</a>.
*/
+public class KRBCred {
-public class KRBCred {
- public Ticket[] tickets = null;
- public EncryptedData encPart;
-
- private int pvno;
- private int msgType;
+ public Ticket[] tickets = null;
+ public EncryptedData encPart;
+ private int pvno;
+ private int msgType;
- public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
- pvno = Krb5.PVNO;
- msgType = Krb5.KRB_CRED;
- if (new_tickets != null) {
- tickets = new Ticket[new_tickets.length];
- for (int i = 0; i < new_tickets.length; i++) {
- if (new_tickets[i] == null) {
- throw new IOException("Cannot create a KRBCred");
- } else {
- tickets[i] = (Ticket)new_tickets[i].clone();
- }
- }
+ public KRBCred(Ticket[] new_tickets, EncryptedData new_encPart) throws IOException {
+ pvno = Krb5.PVNO;
+ msgType = Krb5.KRB_CRED;
+ if (new_tickets != null) {
+ tickets = new Ticket[new_tickets.length];
+ for (int i = 0; i < new_tickets.length; i++) {
+ if (new_tickets[i] == null) {
+ throw new IOException("Cannot create a KRBCred");
+ } else {
+ tickets[i] = (Ticket) new_tickets[i].clone();
}
- encPart = new_encPart;
+ }
}
+ encPart = new_encPart;
+ }
- public KRBCred(byte[] data) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(new DerValue(data));
- }
+ public KRBCred(byte[] data) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(new DerValue(data));
+ }
- public KRBCred(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- init(encoding);
- }
+ public KRBCred(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ init(encoding);
+ }
- /**
- * Initializes an KRBCred object.
- * @param encoding a single DER-encoded value.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- * @exception KrbApErrException if the value read from the DER-encoded data
- * stream does not match the pre-defined value.
- * @exception RealmException if an error occurs while parsing a Realm object.
- */
- private void init(DerValue encoding) throws Asn1Exception,
- RealmException, KrbApErrException, IOException {
- if (((encoding.getTag() & (byte)0x1F) != (byte)0x16)
- || (encoding.isApplication() != true)
- || (encoding.isConstructed() != true))
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ /**
+ * Initializes an KRBCred object.
+ * @param encoding a single DER-encoded value.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ * @exception KrbApErrException if the value read from the DER-encoded data
+ * stream does not match the pre-defined value.
+ * @exception RealmException if an error occurs while parsing a Realm object.
+ */
+ private void init(DerValue encoding) throws Asn1Exception,
+ RealmException, KrbApErrException, IOException {
+ if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x16)
+ || (encoding.isApplication() != true)
+ || (encoding.isConstructed() != true)) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
DerValue der, subDer;
- der = encoding.getData().getDerValue();
- if (der.getTag() != DerValue.tag_Sequence)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x00) {
- pvno = subDer.getData().getBigInteger().intValue();
- if (pvno != Krb5.PVNO) {
+ der = encoding.getData().getDerValue();
+ if (der.getTag() != DerValue.tag_Sequence) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x00) {
+ pvno = subDer.getData().getBigInteger().intValue();
+ if (pvno != Krb5.PVNO) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x01) {
- msgType = subDer.getData().getBigInteger().intValue();
- if (msgType != Krb5.KRB_CRED)
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ subDer = der.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x01) {
+ msgType = subDer.getData().getBigInteger().intValue();
+ if (msgType != Krb5.KRB_CRED) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
subDer = der.getData().getDerValue();
- if ((subDer.getTag() & 0x1F) == 0x02) {
- DerValue subsubDer = subDer.getData().getDerValue();
+ if ((subDer.getTag() & 0x1F) == 0x02) {
+ DerValue subsubDer = subDer.getData().getDerValue();
if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- }
- Vector<Ticket> v = new Vector<Ticket> ();
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ Vector<Ticket> v = new Vector<Ticket>();
while (subsubDer.getData().available() > 0) {
- v.addElement(new Ticket(subsubDer.getData().getDerValue()));
- }
+ v.addElement(new Ticket(subsubDer.getData().getDerValue()));
+ }
if (v.size() > 0) {
- tickets = new Ticket[v.size()];
- v.copyInto(tickets);
- }
- }
- else
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
- encPart = EncryptedData.parse(der.getData(), (byte)0x03, false);
+ tickets = new Ticket[v.size()];
+ v.copyInto(tickets);
+ }
+ } else {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ }
+ encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
- if (der.getData().available() > 0)
- throw new Asn1Exception(Krb5.ASN1_BAD_ID);
+ if (der.getData().available() > 0) {
+ throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
-
+ }
- /**
- * Encodes an KRBCred object.
- * @return the data of encoded EncAPRepPart object.
- * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
- * @exception IOException if an I/O error occurs while reading encoded data.
- */
- public byte[] asn1Encode() throws Asn1Exception, IOException {
+ /**
+ * Encodes an KRBCred object.
+ * @return the data of encoded EncAPRepPart object.
+ * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
+ * @exception IOException if an I/O error occurs while reading encoded data.
+ */
+ public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream temp, bytes, out;
temp = new DerOutputStream();
temp.putInteger(BigInteger.valueOf(pvno));
out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), temp);
- temp = new DerOutputStream();
- temp.putInteger(BigInteger.valueOf(msgType));
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), temp);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x00), temp);
temp = new DerOutputStream();
- for (int i = 0; i < tickets.length; i++) {
- temp.write(tickets[i].asn1Encode());
- }
+ temp.putInteger(BigInteger.valueOf(msgType));
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x01), temp);
+ temp = new DerOutputStream();
+ for (int i = 0; i < tickets.length; i++) {
+ temp.write(tickets[i].asn1Encode());
+ }
bytes = new DerOutputStream();
bytes.write(DerValue.tag_SequenceOf, temp);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), bytes);
- out.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), encPart.asn1Encode());
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x02), bytes);
+ out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
+ true, (byte) 0x03), encPart.asn1Encode());
bytes = new DerOutputStream();
bytes.write(DerValue.tag_Sequence, out);
- out = new DerOutputStream();
- out.write(DerValue.createTag(DerValue.TAG_APPLICATION, true, (byte)0x16), bytes);
- return out.toByteArray();
- }
-
+ out = new DerOutputStream();
+ out.write(DerValue.createTag(DerValue.TAG_APPLICATION,
+ true, (byte) 0x16), bytes);
+ return out.toByteArray();
+ }
}
--- a/jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java Wed Mar 05 09:52:50 2008 +0800
@@ -111,7 +111,7 @@
* @exception RealmException if an error occurs while parsing a Realm object.
*/
public KrbCredInfo(DerValue encoding)
- throws Asn1Exception, IOException, RealmException{
+ throws Asn1Exception, IOException, RealmException{
if (encoding.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
@@ -160,25 +160,25 @@
Vector<DerValue> v = new Vector<DerValue> ();
v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
if (prealm != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
if (pname != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), pname.asn1Encode()));
if (flags != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), flags.asn1Encode()));
if (authtime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), authtime.asn1Encode()));
if (starttime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), starttime.asn1Encode()));
if (endtime != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), endtime.asn1Encode()));
if (renewTill != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), renewTill.asn1Encode()));
if (srealm != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), srealm.asn1Encode()));
if (sname != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), sname.asn1Encode()));
if (caddr != null)
- v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
+ v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), caddr.asn1Encode()));
DerValue der[] = new DerValue[v.size()];
v.copyInto(der);
DerOutputStream out = new DerOutputStream();
--- a/jdk/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/ccache/Credentials.java Wed Mar 05 09:52:50 2008 +0800
@@ -34,168 +34,171 @@
import sun.security.krb5.internal.*;
public class Credentials {
- PrincipalName cname;
- Realm crealm;
+
+ PrincipalName cname;
+ Realm crealm;
PrincipalName sname;
- Realm srealm;
- EncryptionKey key;
- KerberosTime authtime;
- KerberosTime starttime;//optional
- KerberosTime endtime;
- KerberosTime renewTill; //optional
- HostAddresses caddr; //optional; for proxied tickets only
+ Realm srealm;
+ EncryptionKey key;
+ KerberosTime authtime;
+ KerberosTime starttime;//optional
+ KerberosTime endtime;
+ KerberosTime renewTill; //optional
+ HostAddresses caddr; //optional; for proxied tickets only
AuthorizationData authorizationData; //optional, not being actually used
public boolean isEncInSKey; // true if ticket is encrypted in another ticket's skey
- TicketFlags flags;
+ TicketFlags flags;
Ticket ticket;
- Ticket secondTicket; //optional
- private boolean DEBUG = Krb5.DEBUG;
-
- public Credentials(
- PrincipalName new_cname,
- PrincipalName new_sname,
- EncryptionKey new_key,
- KerberosTime new_authtime,
- KerberosTime new_starttime,
- KerberosTime new_endtime,
- KerberosTime new_renewTill,
- boolean new_isEncInSKey,
- TicketFlags new_flags,
- HostAddresses new_caddr,
- AuthorizationData new_authData,
- Ticket new_ticket,
- Ticket new_secondTicket) {
- cname = (PrincipalName)new_cname.clone();
- if (new_cname.getRealm() != null)
- crealm = (Realm)new_cname.getRealm().clone();
+ Ticket secondTicket; //optional
+ private boolean DEBUG = Krb5.DEBUG;
- sname = (PrincipalName)new_sname.clone();
- if (new_sname.getRealm() != null)
- srealm = (Realm)new_sname.getRealm().clone();
-
- key = (EncryptionKey)new_key.clone();
+ public Credentials(
+ PrincipalName new_cname,
+ PrincipalName new_sname,
+ EncryptionKey new_key,
+ KerberosTime new_authtime,
+ KerberosTime new_starttime,
+ KerberosTime new_endtime,
+ KerberosTime new_renewTill,
+ boolean new_isEncInSKey,
+ TicketFlags new_flags,
+ HostAddresses new_caddr,
+ AuthorizationData new_authData,
+ Ticket new_ticket,
+ Ticket new_secondTicket) {
+ cname = (PrincipalName) new_cname.clone();
+ if (new_cname.getRealm() != null) {
+ crealm = (Realm) new_cname.getRealm().clone();
+ }
- authtime = (KerberosTime)new_authtime.clone();
- starttime = (KerberosTime)new_starttime.clone();
- endtime = (KerberosTime)new_endtime.clone();
- renewTill = (KerberosTime)new_renewTill.clone();
- if (new_caddr != null)
- caddr = (HostAddresses)new_caddr.clone();
- if (new_authData != null) {
- authorizationData
- = (AuthorizationData)new_authData.clone();
- }
+ sname = (PrincipalName) new_sname.clone();
+ if (new_sname.getRealm() != null) {
+ srealm = (Realm) new_sname.getRealm().clone();
+ }
+
+ key = (EncryptionKey) new_key.clone();
- isEncInSKey = new_isEncInSKey;
- flags = (TicketFlags)new_flags.clone();
- ticket = (Ticket)(new_ticket.clone());
- if (new_secondTicket != null)
- secondTicket = (Ticket)new_secondTicket.clone();
+ authtime = (KerberosTime) new_authtime.clone();
+ starttime = (KerberosTime) new_starttime.clone();
+ endtime = (KerberosTime) new_endtime.clone();
+ renewTill = (KerberosTime) new_renewTill.clone();
+ if (new_caddr != null) {
+ caddr = (HostAddresses) new_caddr.clone();
+ }
+ if (new_authData != null) {
+ authorizationData = (AuthorizationData) new_authData.clone();
}
-
+ isEncInSKey = new_isEncInSKey;
+ flags = (TicketFlags) new_flags.clone();
+ ticket = (Ticket) (new_ticket.clone());
+ if (new_secondTicket != null) {
+ secondTicket = (Ticket) new_secondTicket.clone();
+ }
+ }
- public Credentials(
- KDCRep kdcRep,
- Ticket new_secondTicket,
- AuthorizationData new_authorizationData,
- boolean new_isEncInSKey
- ) {
- if (kdcRep.encKDCRepPart == null) //can't store while encrypted
- return;
- crealm = (Realm)kdcRep.crealm.clone();
- cname = (PrincipalName)kdcRep.cname.clone();
- ticket = (Ticket)kdcRep.ticket.clone();
- key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
- flags = (TicketFlags)kdcRep.encKDCRepPart.flags.clone();
- authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
- starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
- endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
- renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
- srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
- sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
- caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
- secondTicket = (Ticket)new_secondTicket.clone();
- authorizationData =
- (AuthorizationData)new_authorizationData.clone();
- isEncInSKey = new_isEncInSKey;
+ public Credentials(
+ KDCRep kdcRep,
+ Ticket new_secondTicket,
+ AuthorizationData new_authorizationData,
+ boolean new_isEncInSKey) {
+ if (kdcRep.encKDCRepPart == null) //can't store while encrypted
+ {
+ return;
}
+ crealm = (Realm) kdcRep.crealm.clone();
+ cname = (PrincipalName) kdcRep.cname.clone();
+ ticket = (Ticket) kdcRep.ticket.clone();
+ key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
+ flags = (TicketFlags) kdcRep.encKDCRepPart.flags.clone();
+ authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
+ starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
+ endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
+ renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
+ srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
+ sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
+ caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
+ secondTicket = (Ticket) new_secondTicket.clone();
+ authorizationData =
+ (AuthorizationData) new_authorizationData.clone();
+ isEncInSKey = new_isEncInSKey;
+ }
- public Credentials(KDCRep kdcRep) {
- this(kdcRep, null);
- }
+ public Credentials(KDCRep kdcRep) {
+ this(kdcRep, null);
+ }
- public Credentials(KDCRep kdcRep, Ticket new_ticket) {
- sname = (PrincipalName)kdcRep.encKDCRepPart.sname.clone();
- srealm = (Realm)kdcRep.encKDCRepPart.srealm.clone();
- try {
- sname.setRealm(srealm);
- }
- catch (RealmException e) {
- }
- cname = (PrincipalName)kdcRep.cname.clone();
- crealm = (Realm)kdcRep.crealm.clone();
- try {
- cname.setRealm(crealm);
- }
- catch (RealmException e) {
- }
- key = (EncryptionKey)kdcRep.encKDCRepPart.key.clone();
- authtime = (KerberosTime)kdcRep.encKDCRepPart.authtime.clone();
- if (kdcRep.encKDCRepPart.starttime != null) {
- starttime = (KerberosTime)kdcRep.encKDCRepPart.starttime.clone();
- }
- else starttime = null;
- endtime = (KerberosTime)kdcRep.encKDCRepPart.endtime.clone();
- if (kdcRep.encKDCRepPart.renewTill != null) {
- renewTill = (KerberosTime)kdcRep.encKDCRepPart.renewTill.clone();
- }
- else renewTill = null;
- // if (kdcRep.msgType == Krb5.KRB_AS_REP) {
- // isEncInSKey = false;
- // secondTicket = null;
- // }
- flags = kdcRep.encKDCRepPart.flags;
- if (kdcRep.encKDCRepPart.caddr != null)
- caddr = (HostAddresses)kdcRep.encKDCRepPart.caddr.clone();
- else caddr = null;
- ticket = (Ticket)kdcRep.ticket.clone();
- if (new_ticket != null) {
- secondTicket = (Ticket)new_ticket.clone();
- isEncInSKey = true;
- } else {
- secondTicket = null;
- isEncInSKey = false;
- }
+ public Credentials(KDCRep kdcRep, Ticket new_ticket) {
+ sname = (PrincipalName) kdcRep.encKDCRepPart.sname.clone();
+ srealm = (Realm) kdcRep.encKDCRepPart.srealm.clone();
+ try {
+ sname.setRealm(srealm);
+ } catch (RealmException e) {
+ }
+ cname = (PrincipalName) kdcRep.cname.clone();
+ crealm = (Realm) kdcRep.crealm.clone();
+ try {
+ cname.setRealm(crealm);
+ } catch (RealmException e) {
+ }
+ key = (EncryptionKey) kdcRep.encKDCRepPart.key.clone();
+ authtime = (KerberosTime) kdcRep.encKDCRepPart.authtime.clone();
+ if (kdcRep.encKDCRepPart.starttime != null) {
+ starttime = (KerberosTime) kdcRep.encKDCRepPart.starttime.clone();
+ } else {
+ starttime = null;
+ }
+ endtime = (KerberosTime) kdcRep.encKDCRepPart.endtime.clone();
+ if (kdcRep.encKDCRepPart.renewTill != null) {
+ renewTill = (KerberosTime) kdcRep.encKDCRepPart.renewTill.clone();
+ } else {
+ renewTill = null;
+ }
+ // if (kdcRep.msgType == Krb5.KRB_AS_REP) {
+ // isEncInSKey = false;
+ // secondTicket = null;
+ // }
+ flags = kdcRep.encKDCRepPart.flags;
+ if (kdcRep.encKDCRepPart.caddr != null) {
+ caddr = (HostAddresses) kdcRep.encKDCRepPart.caddr.clone();
+ } else {
+ caddr = null;
}
+ ticket = (Ticket) kdcRep.ticket.clone();
+ if (new_ticket != null) {
+ secondTicket = (Ticket) new_ticket.clone();
+ isEncInSKey = true;
+ } else {
+ secondTicket = null;
+ isEncInSKey = false;
+ }
+ }
- /**
- * Checks if this credential is expired
- */
- public boolean isValid() {
- boolean valid = true;
- if (endtime.getTime() < System.currentTimeMillis()) {
- valid = false;
- }
- else if ((starttime.getTime() > System.currentTimeMillis())
- || ((starttime == null) && (authtime.getTime() > System.currentTimeMillis())))
- {
- valid = false;
- }
- return valid;
+ /**
+ * Checks if this credential is expired
+ */
+ public boolean isValid() {
+ boolean valid = true;
+ if (endtime.getTime() < System.currentTimeMillis()) {
+ valid = false;
+ } else if ((starttime.getTime() > System.currentTimeMillis())
+ || ((starttime == null) && (authtime.getTime() > System.currentTimeMillis()))) {
+ valid = false;
}
+ return valid;
+ }
- public PrincipalName getServicePrincipal() throws RealmException{
- if (sname.getRealm() == null) {
- sname.setRealm(srealm);
- }
- return sname;
+ public PrincipalName getServicePrincipal() throws RealmException {
+ if (sname.getRealm() == null) {
+ sname.setRealm(srealm);
}
+ return sname;
+ }
- public sun.security.krb5.Credentials setKrbCreds() {
- return new sun.security.krb5.Credentials(ticket,
- cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
- }
+ public sun.security.krb5.Credentials setKrbCreds() {
+ return new sun.security.krb5.Credentials(ticket,
+ cname, sname, key, flags, authtime, starttime, endtime, renewTill, caddr);
+ }
public KerberosTime getAuthTime() {
return authtime;
--- a/jdk/src/windows/native/sun/security/krb5/NativeCreds.c Tue Mar 04 17:09:09 2008 +0000
+++ b/jdk/src/windows/native/sun/security/krb5/NativeCreds.c Wed Mar 05 09:52:50 2008 +0800
@@ -88,9 +88,9 @@
VOID
InitUnicodeString(
- PUNICODE_STRING DestinationString,
+ PUNICODE_STRING DestinationString,
PCWSTR SourceString OPTIONAL
- );
+);
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize);
@@ -108,215 +108,215 @@
*/
JNIEXPORT jint JNICALL JNI_OnLoad(
- JavaVM *jvm,
- void *reserved) {
+ JavaVM *jvm,
+ void *reserved) {
- jclass cls;
- JNIEnv *env;
+ jclass cls;
+ JNIEnv *env;
- if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
- return JNI_EVERSION; /* JNI version not supported */
- }
+ if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
+ return JNI_EVERSION; /* JNI version not supported */
+ }
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/Ticket");
- if (cls == NULL) {
- printf("Couldn't find Ticket\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found Ticket\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find Ticket\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found Ticket\n");
+ #endif /* DEBUG */
- ticketClass = (*env)->NewWeakGlobalRef(env,cls);
- if (ticketClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ ticketClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (ticketClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
+ cls = (*env)->FindClass(env, "sun/security/krb5/PrincipalName");
- if (cls == NULL) {
- printf("Couldn't find PrincipalName\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found PrincipalName\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find PrincipalName\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found PrincipalName\n");
+ #endif /* DEBUG */
- principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
- if (principalNameClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ principalNameClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (principalNameClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/util/DerValue");
+ cls = (*env)->FindClass(env,"sun/security/util/DerValue");
- if (cls == NULL) {
- printf("Couldn't find DerValue\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found DerValue\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find DerValue\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found DerValue\n");
+ #endif /* DEBUG */
- derValueClass = (*env)->NewWeakGlobalRef(env,cls);
- if (derValueClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ derValueClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (derValueClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey");
+ cls = (*env)->FindClass(env,"sun/security/krb5/EncryptionKey");
- if (cls == NULL) {
- printf("Couldn't find EncryptionKey\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found EncryptionKey\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find EncryptionKey\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found EncryptionKey\n");
+ #endif /* DEBUG */
- encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls);
- if (encryptionKeyClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ encryptionKeyClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (encryptionKeyClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags");
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/TicketFlags");
- if (cls == NULL) {
- printf("Couldn't find TicketFlags\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found TicketFlags\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find TicketFlags\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found TicketFlags\n");
+ #endif /* DEBUG */
- ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls);
- if (ticketFlagsClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ ticketFlagsClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (ticketFlagsClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime");
+ cls = (*env)->FindClass(env,"sun/security/krb5/internal/KerberosTime");
- if (cls == NULL) {
- printf("Couldn't find KerberosTime\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found KerberosTime\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find KerberosTime\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found KerberosTime\n");
+ #endif /* DEBUG */
- kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls);
- if (kerberosTimeClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ kerberosTimeClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (kerberosTimeClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- cls = (*env)->FindClass(env,"java/lang/String");
+ cls = (*env)->FindClass(env,"java/lang/String");
- if (cls == NULL) {
- printf("Couldn't find String\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found String\n");
- #endif /* DEBUG */
+ if (cls == NULL) {
+ printf("Couldn't find String\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found String\n");
+ #endif /* DEBUG */
- javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls);
- if (javaLangStringClass == NULL) {
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Made NewWeakGlobalRef\n");
- #endif /* DEBUG */
+ javaLangStringClass = (*env)->NewWeakGlobalRef(env,cls);
+ if (javaLangStringClass == NULL) {
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Made NewWeakGlobalRef\n");
+ #endif /* DEBUG */
- derValueConstructor = (*env)->GetMethodID(env, derValueClass,
- "<init>", "([B)V");
- if (derValueConstructor == 0) {
- printf("Couldn't find DerValue constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found DerValue constructor\n");
- #endif /* DEBUG */
+ derValueConstructor = (*env)->GetMethodID(env, derValueClass,
+ "<init>", "([B)V");
+ if (derValueConstructor == 0) {
+ printf("Couldn't find DerValue constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found DerValue constructor\n");
+ #endif /* DEBUG */
- ticketConstructor = (*env)->GetMethodID(env, ticketClass,
- "<init>", "(Lsun/security/util/DerValue;)V");
- if (ticketConstructor == 0) {
- printf("Couldn't find Ticket constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found Ticket constructor\n");
- #endif /* DEBUG */
+ ticketConstructor = (*env)->GetMethodID(env, ticketClass,
+ "<init>", "(Lsun/security/util/DerValue;)V");
+ if (ticketConstructor == 0) {
+ printf("Couldn't find Ticket constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found Ticket constructor\n");
+ #endif /* DEBUG */
- principalNameConstructor = (*env)->GetMethodID(env, principalNameClass,
- "<init>", "([Ljava/lang/String;)V");
- if (principalNameConstructor == 0) {
- printf("Couldn't find PrincipalName constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found PrincipalName constructor\n");
- #endif /* DEBUG */
+ principalNameConstructor = (*env)->GetMethodID(env, principalNameClass,
+ "<init>", "([Ljava/lang/String;)V");
+ if (principalNameConstructor == 0) {
+ printf("Couldn't find PrincipalName constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found PrincipalName constructor\n");
+ #endif /* DEBUG */
- encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass,
- "<init>", "(I[B)V");
- if (encryptionKeyConstructor == 0) {
- printf("Couldn't find EncryptionKey constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found EncryptionKey constructor\n");
- #endif /* DEBUG */
+ encryptionKeyConstructor = (*env)->GetMethodID(env, encryptionKeyClass,
+ "<init>", "(I[B)V");
+ if (encryptionKeyConstructor == 0) {
+ printf("Couldn't find EncryptionKey constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found EncryptionKey constructor\n");
+ #endif /* DEBUG */
- ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass,
- "<init>", "(I[B)V");
- if (ticketFlagsConstructor == 0) {
- printf("Couldn't find TicketFlags constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found TicketFlags constructor\n");
- #endif /* DEBUG */
+ ticketFlagsConstructor = (*env)->GetMethodID(env, ticketFlagsClass,
+ "<init>", "(I[B)V");
+ if (ticketFlagsConstructor == 0) {
+ printf("Couldn't find TicketFlags constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found TicketFlags constructor\n");
+ #endif /* DEBUG */
- kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass,
- "<init>", "(Ljava/lang/String;)V");
- if (kerberosTimeConstructor == 0) {
- printf("Couldn't find KerberosTime constructor\n");
- return JNI_ERR;
- }
- #ifdef DEBUG
- printf("Found KerberosTime constructor\n");
- #endif /* DEBUG */
+ kerberosTimeConstructor = (*env)->GetMethodID(env, kerberosTimeClass,
+ "<init>", "(Ljava/lang/String;)V");
+ if (kerberosTimeConstructor == 0) {
+ printf("Couldn't find KerberosTime constructor\n");
+ return JNI_ERR;
+ }
+ #ifdef DEBUG
+ printf("Found KerberosTime constructor\n");
+ #endif /* DEBUG */
- // load the setRealm method in PrincipalName
- setRealmMethod = (*env)->GetMethodID(env, principalNameClass,
- "setRealm", "(Ljava/lang/String;)V");
- if (setRealmMethod == 0) {
- printf("Couldn't find setRealm in PrincipalName\n");
- return JNI_ERR;
- }
+ // load the setRealm method in PrincipalName
+ setRealmMethod = (*env)->GetMethodID(env, principalNameClass,
+ "setRealm", "(Ljava/lang/String;)V");
+ if (setRealmMethod == 0) {
+ printf("Couldn't find setRealm in PrincipalName\n");
+ return JNI_ERR;
+ }
- #ifdef DEBUG
- printf("Finished OnLoad processing\n");
- #endif /* DEBUG */
+ #ifdef DEBUG
+ printf("Finished OnLoad processing\n");
+ #endif /* DEBUG */
- return JNI_VERSION_1_2;
+ return JNI_VERSION_1_2;
}
/*
@@ -325,38 +325,38 @@
*/
JNIEXPORT void JNICALL JNI_OnUnload(
- JavaVM *jvm,
- void *reserved) {
+ JavaVM *jvm,
+ void *reserved) {
- JNIEnv *env;
+ JNIEnv *env;
- if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
- return; /* Nothing else we can do */
- }
+ if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
+ return; /* Nothing else we can do */
+ }
- if (ticketClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,ticketClass);
- }
- if (derValueClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,derValueClass);
- }
- if (principalNameClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,principalNameClass);
- }
- if (encryptionKeyClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
- }
- if (ticketFlagsClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
- }
- if (kerberosTimeClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
- }
- if (javaLangStringClass != NULL) {
- (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
- }
+ if (ticketClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,ticketClass);
+ }
+ if (derValueClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,derValueClass);
+ }
+ if (principalNameClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,principalNameClass);
+ }
+ if (encryptionKeyClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,encryptionKeyClass);
+ }
+ if (ticketFlagsClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,ticketFlagsClass);
+ }
+ if (kerberosTimeClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,kerberosTimeClass);
+ }
+ if (javaLangStringClass != NULL) {
+ (*env)->DeleteWeakGlobalRef(env,javaLangStringClass);
+ }
- return;
+ return;
}
/*
@@ -365,31 +365,31 @@
* Signature: ()Lsun/security/krb5/Credentials;
*/
JNIEXPORT jobject JNICALL Java_sun_security_krb5_Credentials_acquireDefaultNativeCreds(
- JNIEnv *env,
- jclass krbcredsClass) {
+ JNIEnv *env,
+ jclass krbcredsClass) {
- KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
- PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
- PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
- PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
- NTSTATUS Status, SubStatus;
- ULONG requestSize = 0;
- ULONG responseSize = 0;
- ULONG rspSize = 0;
- HANDLE LogonHandle = NULL;
- ULONG PackageId;
- jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
- jobject ticketFlags, startTime, endTime, krbCreds = NULL;
- jobject authTime, renewTillTime, hostAddresses = NULL;
- KERB_EXTERNAL_TICKET *msticket;
- int ignore_cache = 0;
- FILETIME Now, EndTime, LocalEndTime;
+ KERB_QUERY_TKT_CACHE_REQUEST CacheRequest;
+ PKERB_RETRIEVE_TKT_RESPONSE TktCacheResponse = NULL;
+ PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
+ PKERB_RETRIEVE_TKT_RESPONSE pTicketResponse = NULL;
+ NTSTATUS Status, SubStatus;
+ ULONG requestSize = 0;
+ ULONG responseSize = 0;
+ ULONG rspSize = 0;
+ HANDLE LogonHandle = NULL;
+ ULONG PackageId;
+ jobject ticket, clientPrincipal, targetPrincipal, encryptionKey;
+ jobject ticketFlags, startTime, endTime, krbCreds = NULL;
+ jobject authTime, renewTillTime, hostAddresses = NULL;
+ KERB_EXTERNAL_TICKET *msticket;
+ int ignore_cache = 0;
+ FILETIME Now, EndTime, LocalEndTime;
- while (TRUE) {
+ while (TRUE) {
if (krbcredsConstructor == 0) {
- krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
- "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
+ krbcredsConstructor = (*env)->GetMethodID(env, krbcredsClass, "<init>",
+ "(Lsun/security/krb5/internal/Ticket;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/PrincipalName;Lsun/security/krb5/EncryptionKey;Lsun/security/krb5/internal/TicketFlags;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/KerberosTime;Lsun/security/krb5/internal/HostAddresses;)V");
if (krbcredsConstructor == 0) {
printf("Couldn't find sun.security.krb5.Credentials constructor\n");
break;
@@ -510,88 +510,88 @@
msticket = &(pTicketResponse->Ticket);
}
-/*
+ /*
-typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
- KERB_EXTERNAL_TICKET Ticket;
-} KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
+ typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
+ KERB_EXTERNAL_TICKET Ticket;
+ } KERB_RETRIEVE_TKT_RESPONSE, *PKERB_RETRIEVE_TKT_RESPONSE;
-typedef struct _KERB_EXTERNAL_TICKET {
- PKERB_EXTERNAL_NAME ServiceName;
- PKERB_EXTERNAL_NAME TargetName;
- PKERB_EXTERNAL_NAME ClientName;
- UNICODE_STRING DomainName;
- UNICODE_STRING TargetDomainName;
- UNICODE_STRING AltTargetDomainName;
- KERB_CRYPTO_KEY SessionKey;
- ULONG TicketFlags;
- ULONG Flags;
- LARGE_INTEGER KeyExpirationTime;
- LARGE_INTEGER StartTime;
- LARGE_INTEGER EndTime;
- LARGE_INTEGER RenewUntil;
- LARGE_INTEGER TimeSkew;
- ULONG EncodedTicketSize;
- PUCHAR EncodedTicket; <========== Here's the good stuff
-} KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
+ typedef struct _KERB_EXTERNAL_TICKET {
+ PKERB_EXTERNAL_NAME ServiceName;
+ PKERB_EXTERNAL_NAME TargetName;
+ PKERB_EXTERNAL_NAME ClientName;
+ UNICODE_STRING DomainName;
+ UNICODE_STRING TargetDomainName;
+ UNICODE_STRING AltTargetDomainName;
+ KERB_CRYPTO_KEY SessionKey;
+ ULONG TicketFlags;
+ ULONG Flags;
+ LARGE_INTEGER KeyExpirationTime;
+ LARGE_INTEGER StartTime;
+ LARGE_INTEGER EndTime;
+ LARGE_INTEGER RenewUntil;
+ LARGE_INTEGER TimeSkew;
+ ULONG EncodedTicketSize;
+ PUCHAR EncodedTicket; <========== Here's the good stuff
+ } KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
-typedef struct _KERB_EXTERNAL_NAME {
- SHORT NameType;
- USHORT NameCount;
- UNICODE_STRING Names[ANYSIZE_ARRAY];
-} KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
+ typedef struct _KERB_EXTERNAL_NAME {
+ SHORT NameType;
+ USHORT NameCount;
+ UNICODE_STRING Names[ANYSIZE_ARRAY];
+ } KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
-typedef struct _LSA_UNICODE_STRING {
- USHORT Length;
- USHORT MaximumLength;
- PWSTR Buffer;
-} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
+ typedef struct _LSA_UNICODE_STRING {
+ USHORT Length;
+ USHORT MaximumLength;
+ PWSTR Buffer;
+ } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
-typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
+ typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;
-typedef struct KERB_CRYPTO_KEY {
- LONG KeyType;
- ULONG Length;
- PUCHAR Value;
-} KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
+ typedef struct KERB_CRYPTO_KEY {
+ LONG KeyType;
+ ULONG Length;
+ PUCHAR Value;
+ } KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
-*/
+ */
// Build a com.sun.security.krb5.Ticket
ticket = BuildTicket(env, msticket->EncodedTicket,
msticket->EncodedTicketSize);
if (ticket == NULL) {
- break;
+ break;
}
// OK, have a Ticket, now need to get the client name
clientPrincipal = BuildPrincipal(env, msticket->ClientName,
msticket->TargetDomainName); // mdu
if (clientPrincipal == NULL) {
- break;
+ break;
}
// and the "name" of tgt
targetPrincipal = BuildPrincipal(env, msticket->ServiceName,
msticket->DomainName);
if (targetPrincipal == NULL) {
- break;
+ break;
}
// Get the encryption key
encryptionKey = BuildEncryptionKey(env, &(msticket->SessionKey));
if (encryptionKey == NULL) {
- break;
+ break;
}
// and the ticket flags
ticketFlags = BuildTicketFlags(env, &(msticket->TicketFlags));
if (ticketFlags == NULL) {
- break;
+ break;
}
// Get the start time
startTime = BuildKerberosTime(env, &(msticket->StartTime));
if (startTime == NULL) {
- break;
+ break;
}
/*
@@ -604,13 +604,13 @@
// and the end time
endTime = BuildKerberosTime(env, &(msticket->EndTime));
if (endTime == NULL) {
- break;
+ break;
}
// Get the renew till time
renewTillTime = BuildKerberosTime(env, &(msticket->RenewUntil));
if (renewTillTime == NULL) {
- break;
+ break;
}
// and now go build a KrbCreds object
@@ -630,87 +630,87 @@
hostAddresses);
break;
- } // end of WHILE
+ } // end of WHILE
- // clean up resources
- if (TktCacheResponse != NULL) {
- LsaFreeReturnBuffer(TktCacheResponse);
- }
- if (pTicketRequest) {
- LocalFree(pTicketRequest);
- }
- if (pTicketResponse != NULL) {
- LsaFreeReturnBuffer(pTicketResponse);
- }
+ // clean up resources
+ if (TktCacheResponse != NULL) {
+ LsaFreeReturnBuffer(TktCacheResponse);
+ }
+ if (pTicketRequest) {
+ LocalFree(pTicketRequest);
+ }
+ if (pTicketResponse != NULL) {
+ LsaFreeReturnBuffer(pTicketResponse);
+ }
- return krbCreds;
+ return krbCreds;
}
static NTSTATUS
ConstructTicketRequest(UNICODE_STRING DomainName,
PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize)
{
- NTSTATUS Status;
- UNICODE_STRING TargetPrefix;
- USHORT TargetSize;
- ULONG RequestSize;
- ULONG Length;
- PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
+ NTSTATUS Status;
+ UNICODE_STRING TargetPrefix;
+ USHORT TargetSize;
+ ULONG RequestSize;
+ ULONG Length;
+ PKERB_RETRIEVE_TKT_REQUEST pTicketRequest = NULL;
- *outRequest = NULL;
- *outSize = 0;
+ *outRequest = NULL;
+ *outSize = 0;
- //
- // Set up the "krbtgt/" target prefix into a UNICODE_STRING so we
- // can easily concatenate it later.
- //
+ //
+ // Set up the "krbtgt/" target prefix into a UNICODE_STRING so we
+ // can easily concatenate it later.
+ //
- TargetPrefix.Buffer = L"krbtgt/";
- Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR);
- TargetPrefix.Length = (USHORT)Length;
- TargetPrefix.MaximumLength = TargetPrefix.Length;
+ TargetPrefix.Buffer = L"krbtgt/";
+ Length = (ULONG)wcslen(TargetPrefix.Buffer) * sizeof(WCHAR);
+ TargetPrefix.Length = (USHORT)Length;
+ TargetPrefix.MaximumLength = TargetPrefix.Length;
- //
- // We will need to concatenate the "krbtgt/" prefix and the
- // Logon Session's DnsDomainName into our request's target name.
- //
- // Therefore, first compute the necessary buffer size for that.
- //
- // Note that we might theoretically have integer overflow.
- //
+ //
+ // We will need to concatenate the "krbtgt/" prefix and the
+ // Logon Session's DnsDomainName into our request's target name.
+ //
+ // Therefore, first compute the necessary buffer size for that.
+ //
+ // Note that we might theoretically have integer overflow.
+ //
- TargetSize = TargetPrefix.Length + DomainName.Length;
+ TargetSize = TargetPrefix.Length + DomainName.Length;
- //
- // The ticket request buffer needs to be a single buffer. That buffer
- // needs to include the buffer for the target name.
- //
+ //
+ // The ticket request buffer needs to be a single buffer. That buffer
+ // needs to include the buffer for the target name.
+ //
- RequestSize = sizeof (*pTicketRequest) + TargetSize;
+ RequestSize = sizeof (*pTicketRequest) + TargetSize;
- //
- // Allocate the request buffer and make sure it's zero-filled.
- //
+ //
+ // Allocate the request buffer and make sure it's zero-filled.
+ //
- pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST)
- LocalAlloc(LMEM_ZEROINIT, RequestSize);
- if (!pTicketRequest)
- return GetLastError();
+ pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST)
+ LocalAlloc(LMEM_ZEROINIT, RequestSize);
+ if (!pTicketRequest)
+ return GetLastError();
- //
- // Concatenate the target prefix with the previous reponse's
- // target domain.
- //
+ //
+ // Concatenate the target prefix with the previous reponse's
+ // target domain.
+ //
- pTicketRequest->TargetName.Length = 0;
- pTicketRequest->TargetName.MaximumLength = TargetSize;
- pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
- Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName),
- TargetPrefix,
- DomainName);
- *outRequest = pTicketRequest;
- *outSize = RequestSize;
- return Status;
+ pTicketRequest->TargetName.Length = 0;
+ pTicketRequest->TargetName.MaximumLength = TargetSize;
+ pTicketRequest->TargetName.Buffer = (PWSTR) (pTicketRequest + 1);
+ Status = ConcatenateUnicodeStrings(&(pTicketRequest->TargetName),
+ TargetPrefix,
+ DomainName);
+ *outRequest = pTicketRequest;
+ *outSize = RequestSize;
+ return Status;
}
DWORD
@@ -720,22 +720,22 @@
UNICODE_STRING Source2
)
{
- //
- // The buffers for Source1 and Source2 cannot overlap pTarget's
- // buffer. Source1.Length + Source2.Length must be <= 0xFFFF,
- // otherwise we overflow...
- //
+ //
+ // The buffers for Source1 and Source2 cannot overlap pTarget's
+ // buffer. Source1.Length + Source2.Length must be <= 0xFFFF,
+ // otherwise we overflow...
+ //
- USHORT TotalSize = Source1.Length + Source2.Length;
- PBYTE buffer = (PBYTE) pTarget->Buffer;
+ USHORT TotalSize = Source1.Length + Source2.Length;
+ PBYTE buffer = (PBYTE) pTarget->Buffer;
- if (TotalSize > pTarget->MaximumLength)
- return ERROR_INSUFFICIENT_BUFFER;
+ if (TotalSize > pTarget->MaximumLength)
+ return ERROR_INSUFFICIENT_BUFFER;
- pTarget->Length = TotalSize;
- memcpy(buffer, Source1.Buffer, Source1.Length);
- memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length);
- return ERROR_SUCCESS;
+ pTarget->Length = TotalSize;
+ memcpy(buffer, Source1.Buffer, Source1.Length);
+ memcpy(buffer + Source1.Length, Source2.Buffer, Source2.Length);
+ return ERROR_SUCCESS;
}
BOOL
@@ -783,27 +783,27 @@
DWORD dwError
)
{
- #define MAX_MSG_SIZE 256
+ #define MAX_MSG_SIZE 256
- static WCHAR szMsgBuf[MAX_MSG_SIZE];
- DWORD dwRes;
+ static WCHAR szMsgBuf[MAX_MSG_SIZE];
+ DWORD dwRes;
- printf("Error calling function %s: %lu\n", szAPI, dwError);
+ printf("Error calling function %s: %lu\n", szAPI, dwError);
- dwRes = FormatMessage (
- FORMAT_MESSAGE_FROM_SYSTEM,
- NULL,
- dwError,
- 0,
- szMsgBuf,
- MAX_MSG_SIZE,
- NULL);
- if (0 == dwRes) {
- printf("FormatMessage failed with %d\n", GetLastError());
- // ExitProcess(EXIT_FAILURE);
- } else {
- printf("%S",szMsgBuf);
- }
+ dwRes = FormatMessage (
+ FORMAT_MESSAGE_FROM_SYSTEM,
+ NULL,
+ dwError,
+ 0,
+ szMsgBuf,
+ MAX_MSG_SIZE,
+ NULL);
+ if (0 == dwRes) {
+ printf("FormatMessage failed with %d\n", GetLastError());
+ // ExitProcess(EXIT_FAILURE);
+ } else {
+ printf("%S",szMsgBuf);
+ }
}
VOID
@@ -831,189 +831,189 @@
Length = (ULONG)wcslen( SourceString ) * sizeof( WCHAR );
DestinationString->Length = (USHORT)Length;
DestinationString->MaximumLength = (USHORT)(Length + sizeof(UNICODE_NULL));
- }
+ }
else {
DestinationString->MaximumLength = 0;
DestinationString->Length = 0;
- }
+ }
}
jobject BuildTicket(JNIEnv *env, PUCHAR encodedTicket, ULONG encodedTicketSize) {
- /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
- * But before we can do that, we need to make a byte array out of the ET.
- */
+ /* To build a Ticket, we first need to build a DerValue out of the EncodedTicket.
+ * But before we can do that, we need to make a byte array out of the ET.
+ */
- jobject derValue, ticket;
- jbyteArray ary;
+ jobject derValue, ticket;
+ jbyteArray ary;
- ary = (*env)->NewByteArray(env,encodedTicketSize);
- if ((*env)->ExceptionOccurred(env)) {
- return (jobject) NULL;
- }
+ ary = (*env)->NewByteArray(env,encodedTicketSize);
+ if ((*env)->ExceptionOccurred(env)) {
+ return (jobject) NULL;
+ }
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize,
- (jbyte *)encodedTicket);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- return (jobject) NULL;
- }
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, encodedTicketSize,
+ (jbyte *)encodedTicket);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ return (jobject) NULL;
+ }
- derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- return (jobject) NULL;
- }
-
+ derValue = (*env)->NewObject(env, derValueClass, derValueConstructor, ary);
+ if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, ary);
- ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, derValue);
- return (jobject) NULL;
- }
+ return (jobject) NULL;
+ }
+
+ (*env)->DeleteLocalRef(env, ary);
+ ticket = (*env)->NewObject(env, ticketClass, ticketConstructor, derValue);
+ if ((*env)->ExceptionOccurred(env)) {
(*env)->DeleteLocalRef(env, derValue);
- return ticket;
+ return (jobject) NULL;
+ }
+ (*env)->DeleteLocalRef(env, derValue);
+ return ticket;
}
// mdu
jobject BuildPrincipal(JNIEnv *env, PKERB_EXTERNAL_NAME principalName,
UNICODE_STRING domainName) {
- /*
- * To build the Principal, we need to get the names out of
- * this goofy MS structure
- */
- jobject principal = NULL;
- jobject realmStr = NULL;
- jobjectArray stringArray;
- jstring tempString;
- int nameCount,i;
- PUNICODE_STRING scanner;
- WCHAR *realm;
- ULONG realmLen;
+ /*
+ * To build the Principal, we need to get the names out of
+ * this goofy MS structure
+ */
+ jobject principal = NULL;
+ jobject realmStr = NULL;
+ jobjectArray stringArray;
+ jstring tempString;
+ int nameCount,i;
+ PUNICODE_STRING scanner;
+ WCHAR *realm;
+ ULONG realmLen;
- realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT,
- ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL)));
- wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR));
+ realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT,
+ ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL)));
+ wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR));
- #ifdef DEBUG
- printf("Principal domain is %S\n", realm);
- printf("Name type is %x\n", principalName->NameType);
- printf("Name count is %x\n", principalName->NameCount);
- #endif
+ #ifdef DEBUG
+ printf("Principal domain is %S\n", realm);
+ printf("Name type is %x\n", principalName->NameType);
+ printf("Name count is %x\n", principalName->NameCount);
+ #endif
- nameCount = principalName->NameCount;
- stringArray = (*env)->NewObjectArray(env, nameCount,
- javaLangStringClass, NULL);
- if (stringArray == NULL) {
- printf("Can't allocate String array for Principal\n");
- LocalFree(realm);
- return principal;
- }
+ nameCount = principalName->NameCount;
+ stringArray = (*env)->NewObjectArray(env, nameCount,
+ javaLangStringClass, NULL);
+ if (stringArray == NULL) {
+ printf("Can't allocate String array for Principal\n");
+ LocalFree(realm);
+ return principal;
+ }
- for (i=0; i<nameCount; i++) {
- // get the principal name
- scanner = &(principalName->Names[i]);
+ for (i=0; i<nameCount; i++) {
+ // get the principal name
+ scanner = &(principalName->Names[i]);
- // OK, got a Char array, so construct a String
- tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer,
- scanner->Length/sizeof(WCHAR));
- // Set the String into the StringArray
- (*env)->SetObjectArrayElement(env, stringArray, i, tempString);
+ // OK, got a Char array, so construct a String
+ tempString = (*env)->NewString(env, (const jchar*)scanner->Buffer,
+ scanner->Length/sizeof(WCHAR));
+ // Set the String into the StringArray
+ (*env)->SetObjectArrayElement(env, stringArray, i, tempString);
- // Do I have to worry about storage reclamation here?
- }
- principal = (*env)->NewObject(env, principalNameClass,
- principalNameConstructor, stringArray);
+ // Do I have to worry about storage reclamation here?
+ }
+ principal = (*env)->NewObject(env, principalNameClass,
+ principalNameConstructor, stringArray);
- // now set the realm in the principal
- realmLen = (ULONG)wcslen((PWCHAR)realm);
- realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen);
- (*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr);
+ // now set the realm in the principal
+ realmLen = (ULONG)wcslen((PWCHAR)realm);
+ realmStr = (*env)->NewString(env, (PWCHAR)realm, (USHORT)realmLen);
+ (*env)->CallVoidMethod(env, principal, setRealmMethod, realmStr);
- // free local resources
- LocalFree(realm);
+ // free local resources
+ LocalFree(realm);
- return principal;
+ return principal;
}
jobject BuildEncryptionKey(JNIEnv *env, PKERB_CRYPTO_KEY cryptoKey) {
- // First, need to build a byte array
- jbyteArray ary;
- jobject encryptionKey = NULL;
+ // First, need to build a byte array
+ jbyteArray ary;
+ jobject encryptionKey = NULL;
- ary = (*env)->NewByteArray(env,cryptoKey->Length);
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length,
- (jbyte *)cryptoKey->Value);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- } else {
- encryptionKey = (*env)->NewObject(env, encryptionKeyClass,
- encryptionKeyConstructor, cryptoKey->KeyType, ary);
- }
+ ary = (*env)->NewByteArray(env,cryptoKey->Length);
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length,
+ (jbyte *)cryptoKey->Value);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ } else {
+ encryptionKey = (*env)->NewObject(env, encryptionKeyClass,
+ encryptionKeyConstructor, cryptoKey->KeyType, ary);
+ }
- return encryptionKey;
+ return encryptionKey;
}
jobject BuildTicketFlags(JNIEnv *env, PULONG flags) {
- jobject ticketFlags = NULL;
- jbyteArray ary;
- /*
- * mdu: Convert the bytes to nework byte order before copying
- * them to a Java byte array.
- */
- ULONG nlflags = htonl(*flags);
+ jobject ticketFlags = NULL;
+ jbyteArray ary;
+ /*
+ * mdu: Convert the bytes to nework byte order before copying
+ * them to a Java byte array.
+ */
+ ULONG nlflags = htonl(*flags);
- ary = (*env)->NewByteArray(env, sizeof(*flags));
- (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags),
- (jbyte *)&nlflags);
- if ((*env)->ExceptionOccurred(env)) {
- (*env)->DeleteLocalRef(env, ary);
- } else {
- ticketFlags = (*env)->NewObject(env, ticketFlagsClass,
- ticketFlagsConstructor, sizeof(*flags)*8, ary);
- }
+ ary = (*env)->NewByteArray(env, sizeof(*flags));
+ (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags),
+ (jbyte *)&nlflags);
+ if ((*env)->ExceptionOccurred(env)) {
+ (*env)->DeleteLocalRef(env, ary);
+ } else {
+ ticketFlags = (*env)->NewObject(env, ticketFlagsClass,
+ ticketFlagsConstructor, sizeof(*flags)*8, ary);
+ }
- return ticketFlags;
+ return ticketFlags;
}
jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime) {
- jobject kerberosTime = NULL;
- jstring stringTime = NULL;
- SYSTEMTIME systemTime;
- WCHAR timeString[16];
- WCHAR month[3];
- WCHAR day[3];
- WCHAR hour[3];
- WCHAR minute[3];
- WCHAR second[3];
+ jobject kerberosTime = NULL;
+ jstring stringTime = NULL;
+ SYSTEMTIME systemTime;
+ WCHAR timeString[16];
+ WCHAR month[3];
+ WCHAR day[3];
+ WCHAR hour[3];
+ WCHAR minute[3];
+ WCHAR second[3];
- if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
-// XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
-// So, print them to strings, and then print them to the master string with a
-// format pattern that makes it two digits and prefix with a 0 if necessary.
- swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
- swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
- swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
- swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute);
- swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond);
- swprintf( (wchar_t *)timeString,
- L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ",
+ if (FileTimeToSystemTime((FILETIME *)kerbtime, &systemTime)) {
+ // XXX Cannot use %02.2ld, because the leading 0 is ignored for integers.
+ // So, print them to strings, and then print them to the master string with a
+ // format pattern that makes it two digits and prefix with a 0 if necessary.
+ swprintf( (wchar_t *)month, L"%2.2d", systemTime.wMonth);
+ swprintf( (wchar_t *)day, L"%2.2d", systemTime.wDay);
+ swprintf( (wchar_t *)hour, L"%2.2d", systemTime.wHour);
+ swprintf( (wchar_t *)minute, L"%2.2d", systemTime.wMinute);
+ swprintf( (wchar_t *)second, L"%2.2d", systemTime.wSecond);
+ swprintf( (wchar_t *)timeString,
+ L"%ld%02.2s%02.2s%02.2s%02.2s%02.2sZ",
systemTime.wYear,
month,
day,
hour,
minute,
second );
- #ifdef DEBUG
- printf("%S\n", (wchar_t *)timeString);
- #endif /* DEBUG */
- stringTime = (*env)->NewString(env, timeString,
- (sizeof(timeString)/sizeof(WCHAR))-1);
- if (stringTime != NULL) { // everything's OK so far
- kerberosTime = (*env)->NewObject(env, kerberosTimeClass,
- kerberosTimeConstructor, stringTime);
- }
+ #ifdef DEBUG
+ printf("%S\n", (wchar_t *)timeString);
+ #endif /* DEBUG */
+ stringTime = (*env)->NewString(env, timeString,
+ (sizeof(timeString)/sizeof(WCHAR))-1);
+ if (stringTime != NULL) { // everything's OK so far
+ kerberosTime = (*env)->NewObject(env, kerberosTimeClass,
+ kerberosTimeConstructor, stringTime);
}
- return kerberosTime;
+ }
+ return kerberosTime;
}