You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2004/11/06 02:07:25 UTC

svn commit: rev 56718 - incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store

Author: erodriguez
Date: Fri Nov  5 17:07:23 2004
New Revision: 56718

Modified:
   incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java
Log:
Updated bootstrap store with auto-key creation.

Modified: incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java
==============================================================================
--- incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java	(original)
+++ incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/kdc/store/BootstrapStore.java	Fri Nov  5 17:07:23 2004
@@ -16,46 +16,144 @@
  */
 package org.apache.kerberos.kdc.store;
 
-import org.apache.kerberos.kdc.*;
+import org.apache.kerberos.kdc.KdcConfiguration;
+import org.apache.kerberos.crypto.Confounder;
+import org.apache.kerberos.crypto.DesStringToKey;
 
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
 import java.io.*;
-import java.util.*;
+import java.util.HashMap;
+import java.util.Map;
 
-import javax.security.auth.kerberos.*;
-
-public class BootstrapStore implements PrincipalStore {
-	
-	private KdcConfiguration _config;
-	private Map              _entries;
+public class BootstrapStore implements PrincipalStore
+{
+	private KdcConfiguration config;
+	private Map              entries;
 	
-	public BootstrapStore(KdcConfiguration config) {
-		_config = config;
+	public BootstrapStore( KdcConfiguration config )
+    {
+		this.config = config;
 	}
 	
-	public void init() {
-		try {
-			FileInputStream in = new FileInputStream(_config.getKerberosKeysLocation());
-			ObjectInputStream s = new ObjectInputStream(in);
-			_entries = (HashMap)s.readObject();
-		} catch (Exception e) {
-			e.printStackTrace();
+	public void init()
+    {
+        File bootstrapStoreFile = new File( config.getKerberosKeysLocation() );
+
+		try
+        {
+            if ( bootstrapStoreFile.exists() )
+            {
+                entries = readKeyStore( bootstrapStoreFile );
+            }
+            else
+            {
+                entries = initKeyStore( bootstrapStoreFile );
+            }
 		}
+        catch ( IOException ioe )
+        {
+			ioe.printStackTrace();
+		}
+        catch ( ClassNotFoundException cnfe )
+        {
+            cnfe.printStackTrace();
+        }
 	}
-	
-	public PrincipalStoreEntry getEntry(KerberosPrincipal principal) {
-		KerberosKey key = (KerberosKey)_entries.get(principal.getName());
-		if (key == null) {
+
+	public PrincipalStoreEntry getEntry( KerberosPrincipal principal )
+    {
+		KerberosKey key = ( KerberosKey ) entries.get( principal.getName() );
+
+		if ( key == null )
+        {
 			return null;
 		}
-		return getEntry(key);
+
+		return getEntry( key );
 	}
-	
-	private PrincipalStoreEntry getEntry(KerberosKey key) {
+
+    private Map readKeyStore( File keyStore ) throws IOException, ClassNotFoundException
+    {
+        FileInputStream in = new FileInputStream( keyStore );
+		ObjectInputStream s = new ObjectInputStream( in );
+
+		return ( HashMap ) s.readObject();
+    }
+
+    private Map initKeyStore( File keyStore ) throws IOException
+    {
+        Map newKeys = new HashMap();
+
+        if ( config.getKdcPrincipal() != null )
+        {
+            addToMap( newKeys, makeRandomKeyFor( config.getKdcPrincipal() ) );
+        }
+
+        if ( config.getChangepwPrincipal() != null )
+        {
+		    addToMap( newKeys, makeRandomKeyFor( config.getChangepwPrincipal() ) );
+        }
+
+        if ( config.getLdapPrincipal() != null )
+        {
+		    addToMap( newKeys, makePredefinedKey( config.getLdapPrincipal(), "1cb96792580404f8", 5) );
+        }
+
+		FileOutputStream out = new FileOutputStream( keyStore );
+		ObjectOutputStream s = new ObjectOutputStream( out );
+		s.writeObject( newKeys );
+		s.flush();
+
+        return newKeys;
+    }
+
+	private PrincipalStoreEntry getEntry( KerberosKey key )
+    {
 		PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
-		modifier.setPrincipal(key.getPrincipal());
-		modifier.setKey(key.getEncoded());
-		modifier.setEncryptionType(key.getKeyType());
+
+		modifier.setPrincipal( key.getPrincipal() );
+		modifier.setKey( key.getEncoded() );
+		modifier.setEncryptionType( key.getKeyType() );
+
 		return modifier.getEntry();
+	}
+
+    private KerberosKey makeRandomKeyFor( KerberosPrincipal principal )
+    {
+        final int DES_KEY_TYPE = 3;
+		int keyVersion = 1;
+
+		byte[] randomBytes = Confounder.bytes( 8 );
+		DesStringToKey randomKey = new DesStringToKey( new String( randomBytes ) );
+
+		return new KerberosKey( principal, randomKey.getKey(), DES_KEY_TYPE, keyVersion );
+	}
+
+    private void addToMap( Map map, KerberosKey key )
+    {
+		map.put( key.getPrincipal().getName(), key );
+	}
+
+    private KerberosKey makePredefinedKey( KerberosPrincipal principal, String hexKey, int keyVersion )
+    {
+        final int DES_KEY_TYPE = 3;
+
+		byte[] bytes = getBytesFromHexString( hexKey );
+
+		return new KerberosKey( principal, bytes, DES_KEY_TYPE, keyVersion );
+	}
+
+    private byte[] getBytesFromHexString( String hex )
+    {
+		byte[] bytes = new byte[ hex.length() / 2 ];
+
+		for ( int ii = 0; ii < bytes.length; ii++ )
+        {
+			bytes[ ii ] = (byte) Integer.parseInt( hex.substring( 2*ii, 2*ii+2 ), 16 );
+		}
+
+		return bytes;
 	}
 }