author | phh |
Sat, 30 Nov 2019 14:33:05 -0800 | |
changeset 59330 | 5b96c12f909d |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
2 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
3 |
* |
|
4 |
* This code is free software; you can redistribute it and/or modify it |
|
5 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 6 |
* published by the Free Software Foundation. Oracle designates this |
2 | 7 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 8 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 9 |
* |
10 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
11 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
12 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
13 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
14 |
* accompanied this code). |
|
15 |
* |
|
16 |
* You should have received a copy of the GNU General Public License version |
|
17 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
18 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
19 |
* |
|
5506 | 20 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
21 |
* or visit www.oracle.com if you need additional information or have any |
|
22 |
* questions. |
|
2 | 23 |
*/ |
24 |
||
25 |
/* |
|
26 |
* |
|
27 |
* (C) Copyright IBM Corp. 1999 All Rights Reserved. |
|
28 |
* Copyright 1997 The Open Group Research Institute. All rights reserved. |
|
29 |
*/ |
|
30 |
||
31 |
package sun.security.krb5.internal; |
|
32 |
||
33 |
import sun.security.util.*; |
|
34 |
import sun.security.krb5.Asn1Exception; |
|
35 |
import java.util.Vector; |
|
36 |
import java.io.IOException; |
|
37 |
import sun.security.krb5.internal.ccache.CCacheOutputStream; |
|
38 |
||
39 |
/** |
|
40 |
* In RFC4120, the ASN.1 AuthorizationData is defined as: |
|
41 |
* |
|
42 |
* AuthorizationData ::= SEQUENCE OF SEQUENCE { |
|
43 |
* ad-type [0] Int32, |
|
44 |
* ad-data [1] OCTET STRING |
|
45 |
* } |
|
46 |
* |
|
47 |
* Here, two classes are used to implement it and they can be represented as follows: |
|
48 |
* |
|
49 |
* AuthorizationData ::= SEQUENCE OF AuthorizationDataEntry |
|
50 |
* AuthorizationDataEntry ::= SEQUENCE { |
|
51 |
* ad-type[0] Int32, |
|
52 |
* ad-data[1] OCTET STRING |
|
53 |
* } |
|
54 |
*/ |
|
55 |
public class AuthorizationData implements Cloneable { |
|
73 | 56 |
|
57 |
private AuthorizationDataEntry[] entry = null; |
|
2 | 58 |
|
73 | 59 |
private AuthorizationData() { |
60 |
} |
|
2 | 61 |
|
73 | 62 |
public AuthorizationData(AuthorizationDataEntry[] new_entries) |
63 |
throws IOException { |
|
64 |
if (new_entries != null) { |
|
65 |
entry = new AuthorizationDataEntry[new_entries.length]; |
|
66 |
for (int i = 0; i < new_entries.length; i++) { |
|
67 |
if (new_entries[i] == null) { |
|
68 |
throw new IOException("Cannot create an AuthorizationData"); |
|
69 |
} else { |
|
70 |
entry[i] = (AuthorizationDataEntry) new_entries[i].clone(); |
|
2 | 71 |
} |
73 | 72 |
} |
2 | 73 |
} |
73 | 74 |
} |
75 |
||
76 |
public AuthorizationData(AuthorizationDataEntry new_entry) { |
|
77 |
entry = new AuthorizationDataEntry[1]; |
|
78 |
entry[0] = new_entry; |
|
79 |
} |
|
80 |
||
81 |
public Object clone() { |
|
82 |
AuthorizationData new_authorizationData = |
|
83 |
new AuthorizationData(); |
|
84 |
if (entry != null) { |
|
85 |
new_authorizationData.entry = |
|
86 |
new AuthorizationDataEntry[entry.length]; |
|
87 |
for (int i = 0; i < entry.length; i++) { |
|
88 |
new_authorizationData.entry[i] = |
|
89 |
(AuthorizationDataEntry) entry[i].clone(); |
|
90 |
} |
|
91 |
} |
|
92 |
return new_authorizationData; |
|
93 |
} |
|
2 | 94 |
|
73 | 95 |
/** |
96 |
* Constructs a new <code>AuthorizationData,</code> instance. |
|
97 |
* @param der a single DER-encoded value. |
|
98 |
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. |
|
99 |
* @exception IOException if an I/O error occurs while reading encoded data. |
|
100 |
*/ |
|
101 |
public AuthorizationData(DerValue der) throws Asn1Exception, IOException { |
|
7977
f47f211cd627
7008713: diamond conversion of kerberos5 and security tools
smarks
parents:
5506
diff
changeset
|
102 |
Vector<AuthorizationDataEntry> v = new Vector<>(); |
73 | 103 |
if (der.getTag() != DerValue.tag_Sequence) { |
104 |
throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
|
105 |
} |
|
106 |
while (der.getData().available() > 0) { |
|
107 |
v.addElement(new AuthorizationDataEntry(der.getData().getDerValue())); |
|
2 | 108 |
} |
73 | 109 |
if (v.size() > 0) { |
110 |
entry = new AuthorizationDataEntry[v.size()]; |
|
111 |
v.copyInto(entry); |
|
112 |
} |
|
113 |
} |
|
2 | 114 |
|
73 | 115 |
/** |
116 |
* Encodes an <code>AuthorizationData</code> object. |
|
117 |
* @return byte array of encoded <code>AuthorizationData</code> object. |
|
118 |
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. |
|
119 |
* @exception IOException if an I/O error occurs while reading encoded data. |
|
120 |
*/ |
|
121 |
public byte[] asn1Encode() throws Asn1Exception, IOException { |
|
122 |
DerOutputStream bytes = new DerOutputStream(); |
|
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
25859
diff
changeset
|
123 |
DerValue[] der = new DerValue[entry.length]; |
73 | 124 |
for (int i = 0; i < entry.length; i++) { |
125 |
der[i] = new DerValue(entry[i].asn1Encode()); |
|
2 | 126 |
} |
73 | 127 |
bytes.putSequence(der); |
128 |
return bytes.toByteArray(); |
|
129 |
} |
|
2 | 130 |
|
131 |
/** |
|
132 |
* Parse (unmarshal) an <code>AuthorizationData</code> object from a DER input stream. |
|
133 |
* This form of parsing might be used when expanding a value which is part of |
|
134 |
* a constructed sequence and uses explicitly tagged type. |
|
135 |
* |
|
136 |
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data. |
|
137 |
* @exception IOException if an I/O error occurs while reading encoded data. |
|
138 |
* @param data the Der input stream value, which contains one or more marshaled value. |
|
139 |
* @param explicitTag tag number. |
|
140 |
* @param optional indicates if this data field is optional |
|
141 |
* @return an instance of AuthorizationData. |
|
142 |
* |
|
143 |
*/ |
|
73 | 144 |
public static AuthorizationData parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException { |
145 |
if ((optional) && (((byte) data.peekByte() & (byte) 0x1F) != explicitTag)) { |
|
146 |
return null; |
|
147 |
} |
|
148 |
DerValue der = data.getDerValue(); |
|
149 |
if (explicitTag != (der.getTag() & (byte) 0x1F)) { |
|
150 |
throw new Asn1Exception(Krb5.ASN1_BAD_ID); |
|
151 |
} else { |
|
152 |
DerValue subDer = der.getData().getDerValue(); |
|
153 |
return new AuthorizationData(subDer); |
|
2 | 154 |
} |
73 | 155 |
} |
2 | 156 |
|
73 | 157 |
/** |
158 |
* Writes <code>AuthorizationData</code> data fields to a output stream. |
|
159 |
* |
|
160 |
* @param cos a <code>CCacheOutputStream</code> to be written to. |
|
161 |
* @exception IOException if an I/O exception occurs. |
|
162 |
*/ |
|
163 |
public void writeAuth(CCacheOutputStream cos) throws IOException { |
|
164 |
for (int i = 0; i < entry.length; i++) { |
|
165 |
entry[i].writeEntry(cos); |
|
2 | 166 |
} |
73 | 167 |
} |
2 | 168 |
|
169 |
public String toString() { |
|
170 |
String retVal = "AuthorizationData:\n"; |
|
171 |
for (int i = 0; i < entry.length; i++) { |
|
172 |
retVal += entry[i].toString(); |
|
173 |
} |
|
174 |
return retVal; |
|
175 |
} |
|
3483
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
176 |
|
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
177 |
public int count() { |
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
178 |
return entry.length; |
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
179 |
} |
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
180 |
|
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
181 |
public AuthorizationDataEntry item(int i) { |
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
182 |
return (AuthorizationDataEntry)entry[i].clone(); |
a16fce1820ef
6821190: more InquireType values for ExtendedGSSContext
weijun
parents:
73
diff
changeset
|
183 |
} |
2 | 184 |
} |