You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2004/11/06 02:07:25 UTC
svn commit: rev 56718 - incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store
Author: erodriguez
Date: Fri Nov 5 17:07:23 2004
New Revision: 56718
Modified:
incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java
Log:
Updated bootstrap store with auto-key creation.
Modified: incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java
==============================================================================
--- incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java (original)
+++ incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java Fri Nov 5 17:07:23 2004
@@ -16,46 +16,144 @@
*/
package org.apache.kerberos.kdc.store;
-import org.apache.kerberos.kdc.*;
+import org.apache.kerberos.kdc.KdcConfiguration;
+import org.apache.kerberos.crypto.Confounder;
+import org.apache.kerberos.crypto.DesStringToKey;
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
import java.io.*;
-import java.util.*;
+import java.util.HashMap;
+import java.util.Map;
-import javax.security.auth.kerberos.*;
-
-public class BootstrapStore implements PrincipalStore {
-
- private KdcConfiguration _config;
- private Map _entries;
+public class BootstrapStore implements PrincipalStore
+{
+ private KdcConfiguration config;
+ private Map entries;
- public BootstrapStore(KdcConfiguration config) {
- _config = config;
+ public BootstrapStore( KdcConfiguration config )
+ {
+ this.config = config;
}
- public void init() {
- try {
- FileInputStream in = new FileInputStream(_config.getKerberosKeysLocation());
- ObjectInputStream s = new ObjectInputStream(in);
- _entries = (HashMap)s.readObject();
- } catch (Exception e) {
- e.printStackTrace();
+ public void init()
+ {
+ File bootstrapStoreFile = new File( config.getKerberosKeysLocation() );
+
+ try
+ {
+ if ( bootstrapStoreFile.exists() )
+ {
+ entries = readKeyStore( bootstrapStoreFile );
+ }
+ else
+ {
+ entries = initKeyStore( bootstrapStoreFile );
+ }
}
+ catch ( IOException ioe )
+ {
+ ioe.printStackTrace();
+ }
+ catch ( ClassNotFoundException cnfe )
+ {
+ cnfe.printStackTrace();
+ }
}
-
- public PrincipalStoreEntry getEntry(KerberosPrincipal principal) {
- KerberosKey key = (KerberosKey)_entries.get(principal.getName());
- if (key == null) {
+
+ public PrincipalStoreEntry getEntry( KerberosPrincipal principal )
+ {
+ KerberosKey key = ( KerberosKey ) entries.get( principal.getName() );
+
+ if ( key == null )
+ {
return null;
}
- return getEntry(key);
+
+ return getEntry( key );
}
-
- private PrincipalStoreEntry getEntry(KerberosKey key) {
+
+ private Map readKeyStore( File keyStore ) throws IOException, ClassNotFoundException
+ {
+ FileInputStream in = new FileInputStream( keyStore );
+ ObjectInputStream s = new ObjectInputStream( in );
+
+ return ( HashMap ) s.readObject();
+ }
+
+ private Map initKeyStore( File keyStore ) throws IOException
+ {
+ Map newKeys = new HashMap();
+
+ if ( config.getKdcPrincipal() != null )
+ {
+ addToMap( newKeys, makeRandomKeyFor( config.getKdcPrincipal() ) );
+ }
+
+ if ( config.getChangepwPrincipal() != null )
+ {
+ addToMap( newKeys, makeRandomKeyFor( config.getChangepwPrincipal() ) );
+ }
+
+ if ( config.getLdapPrincipal() != null )
+ {
+ addToMap( newKeys, makePredefinedKey( config.getLdapPrincipal(), "1cb96792580404f8", 5) );
+ }
+
+ FileOutputStream out = new FileOutputStream( keyStore );
+ ObjectOutputStream s = new ObjectOutputStream( out );
+ s.writeObject( newKeys );
+ s.flush();
+
+ return newKeys;
+ }
+
+ private PrincipalStoreEntry getEntry( KerberosKey key )
+ {
PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
- modifier.setPrincipal(key.getPrincipal());
- modifier.setKey(key.getEncoded());
- modifier.setEncryptionType(key.getKeyType());
+
+ modifier.setPrincipal( key.getPrincipal() );
+ modifier.setKey( key.getEncoded() );
+ modifier.setEncryptionType( key.getKeyType() );
+
return modifier.getEntry();
+ }
+
+ private KerberosKey makeRandomKeyFor( KerberosPrincipal principal )
+ {
+ final int DES_KEY_TYPE = 3;
+ int keyVersion = 1;
+
+ byte[] randomBytes = Confounder.bytes( 8 );
+ DesStringToKey randomKey = new DesStringToKey( new String( randomBytes ) );
+
+ return new KerberosKey( principal, randomKey.getKey(), DES_KEY_TYPE, keyVersion );
+ }
+
+ private void addToMap( Map map, KerberosKey key )
+ {
+ map.put( key.getPrincipal().getName(), key );
+ }
+
+ private KerberosKey makePredefinedKey( KerberosPrincipal principal, String hexKey, int keyVersion )
+ {
+ final int DES_KEY_TYPE = 3;
+
+ byte[] bytes = getBytesFromHexString( hexKey );
+
+ return new KerberosKey( principal, bytes, DES_KEY_TYPE, keyVersion );
+ }
+
+ private byte[] getBytesFromHexString( String hex )
+ {
+ byte[] bytes = new byte[ hex.length() / 2 ];
+
+ for ( int ii = 0; ii < bytes.length; ii++ )
+ {
+ bytes[ ii ] = (byte) Integer.parseInt( hex.substring( 2*ii, 2*ii+2 ), 16 );
+ }
+
+ return bytes;
}
}