equal
deleted
inserted
replaced
553 EType.toString(etype) + " is not supported/enabled"); |
553 EType.toString(etype) + " is not supported/enabled"); |
554 } |
554 } |
555 |
555 |
556 int ktype; |
556 int ktype; |
557 boolean etypeFound = false; |
557 boolean etypeFound = false; |
|
558 |
|
559 // When no matched kvno is found, returns tke key of the same |
|
560 // etype with the highest kvno |
|
561 int kvno_found = 0; |
|
562 EncryptionKey key_found = null; |
|
563 |
558 for (int i = 0; i < keys.length; i++) { |
564 for (int i = 0; i < keys.length; i++) { |
559 ktype = keys[i].getEType(); |
565 ktype = keys[i].getEType(); |
560 if (EType.isSupported(ktype)) { |
566 if (EType.isSupported(ktype)) { |
561 Integer kv = keys[i].getKeyVersionNumber(); |
567 Integer kv = keys[i].getKeyVersionNumber(); |
562 if (etype == ktype) { |
568 if (etype == ktype) { |
563 etypeFound = true; |
569 etypeFound = true; |
564 if (versionMatches(kvno, kv)) { |
570 if (versionMatches(kvno, kv)) { |
565 return keys[i]; |
571 return keys[i]; |
|
572 } else if (kv > kvno_found) { |
|
573 // kv is not null |
|
574 key_found = keys[i]; |
|
575 kvno_found = kv; |
566 } |
576 } |
567 } |
577 } |
568 } |
578 } |
569 } |
579 } |
570 |
580 |
578 ktype == EncryptedData.ETYPE_DES_CBC_MD5) { |
588 ktype == EncryptedData.ETYPE_DES_CBC_MD5) { |
579 Integer kv = keys[i].getKeyVersionNumber(); |
589 Integer kv = keys[i].getKeyVersionNumber(); |
580 etypeFound = true; |
590 etypeFound = true; |
581 if (versionMatches(kvno, kv)) { |
591 if (versionMatches(kvno, kv)) { |
582 return new EncryptionKey(etype, keys[i].getBytes()); |
592 return new EncryptionKey(etype, keys[i].getBytes()); |
|
593 } else if (kv > kvno_found) { |
|
594 key_found = new EncryptionKey(etype, keys[i].getBytes()); |
|
595 kvno_found = kv; |
583 } |
596 } |
584 } |
597 } |
585 } |
598 } |
586 } |
599 } |
587 if (etypeFound) { |
600 if (etypeFound) { |
588 throw new KrbException(Krb5.KRB_AP_ERR_BADKEYVER); |
601 return key_found; |
|
602 // For compatibility, will not fail here. |
|
603 //throw new KrbException(Krb5.KRB_AP_ERR_BADKEYVER); |
589 } |
604 } |
590 return null; |
605 return null; |
591 } |
606 } |
592 } |
607 } |