You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/22 22:47:40 UTC
[01/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Repository: directory-kerberos
Updated Branches:
refs/heads/master 3558a6bae -> ceacb982d
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index acf3f8f..c89e94e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,21 +15,14 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache</groupId>
- <artifactId>apache</artifactId>
- <version>16</version>
- <relativePath />
- </parent>
-
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
- <name>Haox Project</name>
- <description>Haox, just for the way</description>
- <url>http://www.haox.org</url>
+ <name>Apache Kerby Project</name>
+ <description>Apache Kerby project</description>
+ <url>http://www.kerby.org</url>
<inceptionYear>2014</inceptionYear>
<properties>
@@ -44,9 +37,12 @@
<modules>
<module>3rdparty</module>
- <module>contrib</module>
- <module>haox-kerb</module>
- <module>haox-kdc</module>
+ <module>lib</module>
+ <module>kerby-asn1</module>
+ <module>kerby-kerb</module>
+ <module>kerby-kdc</module>
+ <module>tool</module>
+ <module>kdc-backend</module>
<module>benchmark</module>
</modules>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/tool/pom.xml
----------------------------------------------------------------------
diff --git a/tool/pom.xml b/tool/pom.xml
new file mode 100644
index 0000000..6862b35
--- /dev/null
+++ b/tool/pom.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>tool</artifactId>
+ <name>Tool</name>
+ <description>Kerby KDC and client tools</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-token</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
----------------------------------------------------------------------
diff --git a/tool/src/main/java/org/apache/kerberos/tool/Kinit.java b/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
new file mode 100644
index 0000000..7362c4f
--- /dev/null
+++ b/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool;
+
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
+
+/**
+ * kinit like tool
+ */
+public class Kinit {
+
+ public static void main(String[] args) throws Exception {
+ if (args.length < 2 || args.length > 3) {
+ System.err.println(
+ "Usage: " + Kinit.class.getSimpleName() +
+ " <kdcHost> <kdcPort>");
+ return;
+ }
+
+ final String host = args[0];
+ final Integer port = Integer.parseInt(args[1]);
+ KrbClient krbClnt = new KrbClient(host, port.shortValue());
+ }
+
+}
[16/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorCode.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorCode.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorCode.java
new file mode 100644
index 0000000..43a0b07
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorCode.java
@@ -0,0 +1,128 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum KrbErrorCode implements KrbEnum {
+ KDC_ERR_NONE(0, "No error"),
+ KDC_ERR_NAME_EXP(1, "Client's entry in database has expired"),
+ KDC_ERR_SERVICE_EXP(2, "Server's entry in database has expired"),
+ KDC_ERR_BAD_PVNO(3, "Requested protocol version number not supported"),
+ KDC_ERR_C_OLD_MAST_KVNO(4, "Client's key encrypted in old master key"),
+ KDC_ERR_S_OLD_MAST_KVNO(5, "Server's key encrypted in old master key"),
+ KDC_ERR_C_PRINCIPAL_UNKNOWN(6, "Client not found in Kerberos database"),
+ KDC_ERR_S_PRINCIPAL_UNKNOWN(7, "Server not found in Kerberos database"),
+ KDC_ERR_PRINCIPAL_NOT_UNIQUE(8, "Multiple principal entries in database"),
+ KDC_ERR_NULL_KEY(9, "The client or server has a null key"),
+ KDC_ERR_CANNOT_POSTDATE(10, "Ticket not eligible for postdating"),
+ KDC_ERR_NEVER_VALID(11, "Requested start time is later than end time"),
+ KDC_ERR_POLICY(12, "KDC policy rejects request"),
+ KDC_ERR_BADOPTION(13, "KDC cannot accommodate requested option"),
+ KDC_ERR_ETYPE_NOSUPP(14, "KDC has no support for encryption type"),
+ KDC_ERR_SUMTYPE_NOSUPP(15, "KDC has no support for checksum type"),
+ KDC_ERR_PADATA_TYPE_NOSUPP(16, "KDC has no support for padata type"),
+ KDC_ERR_TRTYPE_NOSUPP(17, "KDC has no support for transited type"),
+ KDC_ERR_CLIENT_REVOKED(18, "Clients credentials have been revoked"),
+ KDC_ERR_SERVICE_REVOKED(19, "Credentials for server have been revoked"),
+ KDC_ERR_TGT_REVOKED(20, "TGT has been revoked"),
+ KDC_ERR_CLIENT_NOTYET(21, "Client not yet valid; try again later"),
+ KDC_ERR_SERVICE_NOTYET(22, "Server not yet valid; try again later"),
+ KDC_ERR_KEY_EXPIRED(23, "Password has expired; change password to reset"),
+ KDC_ERR_PREAUTH_FAILED(24, "Pre-authentication information was invalid"),
+ KDC_ERR_PREAUTH_REQUIRED(25, "Additional pre-authentication required"),
+ KDC_ERR_SERVER_NOMATCH(26, "Requested server and ticket don't match"),
+ KDC_ERR_MUST_USE_USER2USER(27, "Server valid for user2user only"),
+ KDC_ERR_PATH_NOT_ACCEPTED(28, "KDC Policy rejects transited path"),
+ KDC_ERR_SVC_UNAVAILABLE(29, "A service is not available"),
+ KRB_AP_ERR_BAD_INTEGRITY(31, "Integrity check on decrypted field failed"),
+ KRB_AP_ERR_TKT_EXPIRED(32, "Ticket expired"),
+ KRB_AP_ERR_TKT_NYV(33, "Ticket not yet valid"),
+ KRB_AP_ERR_REPEAT(34, "Request is a replay"),
+ KRB_AP_ERR_NOT_US(35, "The ticket isn't for us"),
+ KRB_AP_ERR_BADMATCH(36, "Ticket and authenticator don't match"),
+ KRB_AP_ERR_SKEW(37, "Clock skew too great"),
+ KRB_AP_ERR_BADADDR(38, "Incorrect net address"),
+ KRB_AP_ERR_BADVERSION(39, "Protocol version mismatch"),
+ KRB_AP_ERR_MSG_TYPE(40, "Invalid msg type"),
+ KRB_AP_ERR_MODIFIED(41, "Message stream modified"),
+ KRB_AP_ERR_BADORDER(42, "Message out of order"),
+ KRB_AP_ERR_BADKEYVER(44, "Specified version of key is not available"),
+ KRB_AP_ERR_NOKEY(45, "Service key not available"),
+ KRB_AP_ERR_MUT_FAIL(46, "Mutual authentication failed"),
+ KRB_AP_ERR_BADDIRECTION(47, "Incorrect message direction"),
+ KRB_AP_ERR_METHOD(48, "Alternative authentication method required"),
+ KRB_AP_ERR_BADSEQ(49, "Incorrect sequence number in message"),
+ KRB_AP_ERR_INAPP_CKSUM(50, "Inappropriate type of checksum in message"),
+ KRB_AP_PATH_NOT_ACCEPTED(51, "Policy rejects transited path"),
+ RESPONSE_TOO_BIG(52, "Response too big for UDP; retry with TCP"),
+ KRB_ERR_GENERIC(60, "Generic error (description in e-text)"),
+ FIELD_TOOLONG(61, "Field is too long for this implementation"),
+ KDC_ERR_CLIENT_NOT_TRUSTED(62, "Client is not trusted"),
+ KDC_NOT_TRUSTED(63, "KDC is not trusted"),
+ KDC_ERR_INVALID_SIG(64, "Signature is invalid"),
+ KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED(65, "Diffie-Hellman (DH) key parameters not accepted."),
+ CERTIFICATE_MISMATCH(66, "Certificates do not match"),
+ KRB_AP_ERR_NO_TGT(67, "No TGT available to validate USER-TO-USER"),
+ WRONG_REALM(68, "Wrong realm"),
+ KRB_AP_ERR_USER_TO_USER_REQUIRED(69, "Ticket must be for USER-TO-USER"),
+ KDC_ERR_CANT_VERIFY_CERTIFICATE(70, "Can't verify certificate"),
+ KDC_ERR_INVALID_CERTIFICATE(71, "Invalid certificate"),
+ KDC_ERR_REVOKED_CERTIFICATE(72, "Revoked certificate"),
+ KDC_ERR_REVOCATION_STATUS_UNKNOWN(73, "Revocation status unknown"),
+ REVOCATION_STATUS_UNAVAILABLE(74, "Revocation status unavailable"),
+ KDC_ERR_CLIENT_NAME_MISMATCH(75, "Client names do not match"),
+ KDC_NAME_MISMATCH(76, "KDC names do not match"),
+ KDC_ERR_INCONSISTENT_KEY_PURPOSE(77, "Inconsistent key purpose"),
+ KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED(78, "Digest in certificate not accepted"),
+ KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED(79, "PA checksum must be included"),
+ KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED(80, "Digest in signed data not accepted"),
+ KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED(81, "Public key encryption not supported"),
+
+ KRB_TIMEOUT(5000, "Network timeout");
+
+ private final int value;
+ private final String message;
+
+ private KrbErrorCode(int value, String message) {
+ this.value = value;
+ this.message = message;
+ }
+
+ public static KrbErrorCode fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (KrbErrorCode) e;
+ }
+ }
+ }
+
+ return KRB_ERR_GENERIC;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public String getMessage() {
+ return message;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorException.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorException.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorException.java
new file mode 100644
index 0000000..e2c2658
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbErrorException.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbError;
+
+public class KrbErrorException extends KrbException {
+ private KrbError krbError;
+
+ public KrbErrorException(KrbError krbError) {
+ super(krbError.getErrorCode().getMessage());
+ this.krbError = krbError;
+ }
+
+ public KrbError getKrbError() {
+ return krbError;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbException.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbException.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbException.java
new file mode 100644
index 0000000..878e264
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbException.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+public class KrbException extends Exception {
+
+ public KrbException(String message) {
+ super(message);
+ }
+
+ public KrbException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public KrbException(KrbErrorCode errorCode) {
+ super(errorCode.getMessage());
+ }
+
+ public KrbException(KrbErrorCode errorCode, Throwable cause) {
+ super(errorCode.getMessage(), cause);
+ }
+
+ public KrbException(KrbErrorCode errorCode, String message) {
+ super(message + " with error code: " + errorCode.name());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/codec/KrbCodec.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/codec/KrbCodec.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/codec/KrbCodec.java
new file mode 100644
index 0000000..8204267
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/codec/KrbCodec.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec;
+
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.type.AbstractAsn1Type;
+import org.apache.kerby.asn1.type.Asn1Type;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApReq;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.kdc.AsRep;
+import org.apache.kerby.kerberos.kerb.spec.kdc.AsReq;
+import org.apache.kerby.kerberos.kerb.spec.kdc.TgsRep;
+import org.apache.kerby.kerberos.kerb.spec.kdc.TgsReq;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class KrbCodec {
+
+ public static byte[] encode(Asn1Type krbObj) throws KrbException {
+ return krbObj.encode();
+ }
+
+ public static <T extends Asn1Type> T decode(byte[] content, Class<T> krbType) throws KrbException {
+ return decode(ByteBuffer.wrap(content), krbType);
+ }
+
+ public static <T extends Asn1Type> T decode(ByteBuffer content, Class<T> krbType) throws KrbException {
+ Asn1Type implObj = null;
+ try {
+ implObj = krbType.newInstance();
+ } catch (Exception e) {
+ throw new KrbException("Decoding failed", e);
+ }
+
+ try {
+ implObj.decode(content);
+ } catch (IOException e) {
+ throw new KrbException("Decoding failed", e);
+ }
+
+ return (T) implObj;
+ }
+
+ public static KrbMessage decodeMessage(ByteBuffer byteBuffer) throws IOException {
+ LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(byteBuffer);
+ int tag = AbstractAsn1Type.readTag(limitedBuffer);
+ int tagNo = AbstractAsn1Type.readTagNo(limitedBuffer, tag);
+ int length = AbstractAsn1Type.readLength(limitedBuffer);
+ LimitedByteBuffer valueBuffer = new LimitedByteBuffer(limitedBuffer, length);
+
+ KrbMessage msg = null;
+ KrbMessageType msgType = KrbMessageType.fromValue(tagNo);
+ if (msgType == KrbMessageType.TGS_REQ) {
+ msg = new TgsReq();
+ } else if (msgType == KrbMessageType.AS_REP) {
+ msg = new AsRep();
+ } else if (msgType == KrbMessageType.AS_REQ) {
+ msg = new AsReq();
+ } else if (msgType == KrbMessageType.TGS_REP) {
+ msg = new TgsRep();
+ } else if (msgType == KrbMessageType.AP_REQ) {
+ msg = new ApReq();
+ } else if (msgType == KrbMessageType.AP_REP) {
+ msg = new ApReq();
+ } else {
+ throw new IOException("To be supported krb message type with tag: " + tag);
+ }
+ msg.decode(tag, tagNo, valueBuffer);
+
+ return msg;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosString.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosString.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosString.java
new file mode 100644
index 0000000..3078b72
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosString.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1GeneralString;
+
+/**
+ KerberosString ::= GeneralString -- (IA5String)
+ */
+public class KerberosString extends Asn1GeneralString {
+ public KerberosString() {
+ }
+
+ public KerberosString(String value) {
+ super(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosStrings.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosStrings.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosStrings.java
new file mode 100644
index 0000000..ce1e79a
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosStrings.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import java.util.List;
+
+public class KerberosStrings extends KrbSequenceOfType<KerberosString> {
+
+ public KerberosStrings() {
+ super();
+ }
+
+ public KerberosStrings(List<String> strings) {
+ super();
+ setValues(strings);
+ }
+
+ public void setValues(List<String> values) {
+ clear();
+ if (values != null) {
+ for (String value : values) {
+ addElement(new KerberosString(value));
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
new file mode 100644
index 0000000..3614253
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1GeneralizedTime;
+
+import java.util.Date;
+import java.util.TimeZone;
+
+/**
+ KerberosTime ::= GeneralizedTime -- with no fractional seconds
+ */
+public class KerberosTime extends Asn1GeneralizedTime {
+ private static final TimeZone UTC = TimeZone.getTimeZone("UTC");
+
+ public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
+
+ public static final int MINUTE = 60000;
+
+ public static final int DAY = MINUTE * 1440;
+
+ public static final int WEEK = MINUTE * 10080;
+
+ public KerberosTime() {
+ super(0L);
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public KerberosTime(long time) {
+ super(time);
+ }
+
+ /**
+ * Return time in milliseconds
+ */
+ public long getTime() {
+ if (getValue() != null) {
+ return getValue().getTime();
+ }
+ return 0L;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public void setTime(long time) {
+ setValue(new Date(time));
+ }
+
+ public long getTimeInSeconds() {
+ return getTime() / 1000;
+ }
+
+ public boolean lessThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) < 0;
+ }
+
+ public boolean lessThan(long time) {
+ return getValue().getTime() <= time * 1000;
+ }
+
+ public boolean greaterThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) > 0;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public boolean isInClockSkew(long clockSkew) {
+ long delta = Math.abs(getTime() - System.currentTimeMillis());
+
+ return delta < clockSkew;
+ }
+
+ public KerberosTime copy() {
+ long time = getTime();
+ KerberosTime result = new KerberosTime(time);
+ return result;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public KerberosTime extend(long duration) {
+ long result = getTime() + duration;
+ return new KerberosTime(result);
+ }
+
+ /**
+ * Return diff time in milliseconds
+ */
+ public long diff(KerberosTime other) {
+ return getTime() - other.getTime();
+ }
+
+ public static KerberosTime now() {
+ return new KerberosTime(new Date().getTime());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbAppSequenceType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbAppSequenceType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbAppSequenceType.java
new file mode 100644
index 0000000..bee83da
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbAppSequenceType.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.TaggingSequence;
+
+/**
+ * This is for application specific sequence tagged with a number.
+ */
+public abstract class KrbAppSequenceType extends TaggingSequence {
+ public KrbAppSequenceType(int tagNo, Asn1FieldInfo[] fieldInfos) {
+ super(tagNo, fieldInfos, true);
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ KerberosTime value = getFieldAs(index, KerberosTime.class);
+ return value;
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, KrbEnum krbEnum) {
+ setFieldAsInt(index, krbEnum.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbEnum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbEnum.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbEnum.java
new file mode 100644
index 0000000..5eb184c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbEnum.java
@@ -0,0 +1,24 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+public interface KrbEnum {
+ public int getValue();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbIntegers.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbIntegers.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbIntegers.java
new file mode 100644
index 0000000..36fa3f2
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbIntegers.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1Integer;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbIntegers extends KrbSequenceOfType<Asn1Integer> {
+
+ public KrbIntegers() {
+ super();
+ }
+
+ public KrbIntegers(List<Integer> values) {
+ super();
+ setValues(values);
+ }
+
+ public void setValues(List<Integer> values) {
+ clear();
+ if (values != null) {
+ for (Integer value : values) {
+ addElement(new Asn1Integer(value));
+ }
+ }
+ }
+
+ public List<Integer> getValues() {
+ List<Integer> results = new ArrayList<Integer>();
+ for (Asn1Integer value : getElements()) {
+ results.add(value.getValue());
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceOfType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceOfType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceOfType.java
new file mode 100644
index 0000000..c4ea121
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceOfType.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1SequenceOf;
+import org.apache.kerby.asn1.type.Asn1String;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbSequenceOfType<T extends Asn1Type> extends Asn1SequenceOf<T> {
+
+ public List<String> getAsStrings() {
+ List<T> elements = getElements();
+ List<String> results = new ArrayList<String>();
+ for (T ele : elements) {
+ if (ele instanceof Asn1String) {
+ results.add(((Asn1String) ele).getValue());
+ } else {
+ throw new RuntimeException("The targeted field type isn't of string");
+ }
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceType.java
new file mode 100644
index 0000000..4cdb181
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KrbSequenceType.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1SequenceType;
+
+public abstract class KrbSequenceType extends Asn1SequenceType {
+
+ public KrbSequenceType(Asn1FieldInfo[] fieldInfos) {
+ super(fieldInfos);
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ KerberosTime value = getFieldAs(index, KerberosTime.class);
+ return value;
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, KrbEnum value) {
+ setFieldAsInt(index, value.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOption.java
new file mode 100644
index 0000000..4cd9e40
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOption.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ APOptions ::= KrbFlags
+ -- reserved(0),
+ -- use-session-key(1),
+ -- mutual-required(2)
+ */
+public enum ApOption implements KrbEnum {
+ NONE(-1),
+ RESERVED(0x80000000),
+ USE_SESSION_KEY(0x40000000),
+ MUTUAL_REQUIRED(0x20000000),
+ ETYPE_NEGOTIATION(0x00000002),
+ USE_SUBKEY(0x00000001);
+
+ private final int value;
+
+ private ApOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static ApOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (ApOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOptions.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOptions.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOptions.java
new file mode 100644
index 0000000..17d69e1
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApOptions.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+public class ApOptions extends KrbFlags {
+
+ public ApOptions() {
+ this(0);
+ }
+
+ public ApOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApRep.java
new file mode 100644
index 0000000..8da7c7b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApRep.java
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AP-REP ::= [APPLICATION 15] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (15),
+ enc-part [2] EncryptedData -- EncAPRepPart
+ }
+ */
+public class ApRep extends KrbMessage {
+ private static int ENC_PART = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, 1, Asn1Integer.class),
+ new Asn1FieldInfo(ENC_PART, 2, EncryptedData.class)
+ };
+
+ public ApRep() {
+ super(KrbMessageType.AP_REP, fieldInfos);
+ }
+
+ private EncAPRepPart encRepPart;
+
+ public EncAPRepPart getEncRepPart() {
+ return encRepPart;
+ }
+
+ public void setEncRepPart(EncAPRepPart encRepPart) {
+ this.encRepPart = encRepPart;
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApReq.java
new file mode 100644
index 0000000..5a78f6c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/ApReq.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+
+/**
+ AP-REQ ::= [APPLICATION 14] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (14),
+ ap-options [2] APOptions,
+ ticket [3] Ticket,
+ authenticator [4] EncryptedData -- Authenticator
+ }
+ */
+public class ApReq extends KrbMessage {
+ private static int AP_OPTIONS = 2;
+ private static int TICKET = 3;
+ private static int AUTHENTICATOR = 4;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(AP_OPTIONS, ApOptions.class),
+ new Asn1FieldInfo(TICKET, Ticket.class),
+ new Asn1FieldInfo(AUTHENTICATOR, EncryptedData.class)
+ };
+
+ private Authenticator authenticator;
+
+ public ApReq() {
+ super(KrbMessageType.AP_REQ, fieldInfos);
+ }
+
+ public ApOptions getApOptions() {
+ return getFieldAs(AP_OPTIONS, ApOptions.class);
+ }
+
+ public void setApOptions(ApOptions apOptions) {
+ setFieldAs(AP_OPTIONS, apOptions);
+ }
+
+ public Ticket getTicket() {
+ return getFieldAs(TICKET, Ticket.class);
+ }
+
+ public void setTicket(Ticket ticket) {
+ setFieldAs(TICKET, ticket);
+ }
+
+ public Authenticator getAuthenticator() {
+ return authenticator;
+ }
+
+ public void setAuthenticator(Authenticator authenticator) {
+ this.authenticator = authenticator;
+ }
+
+ public EncryptedData getEncryptedAuthenticator() {
+ return getFieldAs(AUTHENTICATOR, EncryptedData.class);
+ }
+
+ public void setEncryptedAuthenticator(EncryptedData encryptedAuthenticator) {
+ setFieldAs(AUTHENTICATOR, encryptedAuthenticator);
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/Authenticator.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/Authenticator.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/Authenticator.java
new file mode 100644
index 0000000..4c4dc86
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/Authenticator.java
@@ -0,0 +1,144 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+/**
+ Authenticator ::= [APPLICATION 2] SEQUENCE {
+ authenticator-vno [0] INTEGER (5),
+ crealm [1] Realm,
+ cname [2] PrincipalName,
+ cksum [3] Checksum OPTIONAL,
+ cusec [4] Microseconds,
+ ctime [5] KerberosTime,
+ subkey [6] EncryptionKey OPTIONAL,
+ seq-number [7] UInt32 OPTIONAL,
+ authorization-data [8] AuthorizationData OPTIONAL
+ }
+ */
+public class Authenticator extends KrbAppSequenceType {
+ public static int TAG = 2;
+ private static int AUTHENTICATOR_VNO = 0;
+ private static int CREALM = 1;
+ private static int CNAME = 2;
+ private static int CKSUM = 3;
+ private static int CUSEC = 4;
+ private static int CTIME = 5;
+ private static int SUBKEY = 6;
+ private static int SEQ_NUMBER = 7;
+ private static int AUTHORIZATION_DATA = 8;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AUTHENTICATOR_VNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CREALM, 1, KerberosString.class),
+ new Asn1FieldInfo(CNAME, 2, PrincipalName.class),
+ new Asn1FieldInfo(CKSUM, 3, CheckSum.class),
+ new Asn1FieldInfo(CUSEC, 4, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, 5, KerberosTime.class),
+ new Asn1FieldInfo(SUBKEY, 6, EncryptionKey.class),
+ new Asn1FieldInfo(SEQ_NUMBER, 7, Asn1Integer.class),
+ new Asn1FieldInfo(AUTHORIZATION_DATA, 8, AuthorizationData.class)
+ };
+
+ public Authenticator() {
+ super(TAG, fieldInfos);
+ }
+
+ public int getAuthenticatorVno() {
+ return getFieldAsInt(AUTHENTICATOR_VNO);
+ }
+
+ public void setAuthenticatorVno(int authenticatorVno) {
+ setFieldAsInt(AUTHENTICATOR_VNO, authenticatorVno);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String crealm) {
+ setFieldAsString(CREALM, crealm);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public CheckSum getCksum() {
+ return getFieldAs(CKSUM, CheckSum.class);
+ }
+
+ public void setCksum(CheckSum cksum) {
+ setFieldAs(CKSUM, cksum);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public EncryptionKey getSubKey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubKey(EncryptionKey subKey) {
+ setFieldAs(SUBKEY, subKey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ setFieldAs(AUTHORIZATION_DATA, authorizationData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/EncAPRepPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/EncAPRepPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/EncAPRepPart.java
new file mode 100644
index 0000000..5c35170
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ap/EncAPRepPart.java
@@ -0,0 +1,85 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ap;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+
+/**
+ EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
+ ctime [0] KerberosTime,
+ cusec [1] Microseconds,
+ subkey [2] EncryptionKey OPTIONAL,
+ seq-number [3] UInt32 OPTIONAL
+ }
+ */
+public class EncAPRepPart extends KrbAppSequenceType {
+ public static int TAG = 27;
+ private static int CTIME = 0;
+ private static int CUSEC = 1;
+ private static int SUBKEY = 2;
+ private static int SEQ_NUMBER = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CTIME, 0, KerberosTime.class),
+ new Asn1FieldInfo(CUSEC, 1, Asn1Integer.class),
+ new Asn1FieldInfo(SUBKEY, 2, EncryptionKey.class),
+ new Asn1FieldInfo(SEQ_NUMBER, 3, Asn1Integer.class)
+ };
+
+ public EncAPRepPart() {
+ super(TAG, fieldInfos);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public EncryptionKey getSubkey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubkey(EncryptionKey subkey) {
+ setFieldAs(SUBKEY, subkey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AdToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AdToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AdToken.java
new file mode 100644
index 0000000..51f9b5b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AdToken.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ AD-TOKEN ::= SEQUENCE {
+ token [0] OCTET STRING,
+ }
+*/
+public class AdToken extends KrbSequenceType {
+ private static int TOKEN = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN, KrbToken.class)
+ };
+
+ public AdToken() {
+ super(fieldInfos);
+ }
+
+ public KrbToken getToken() {
+ return getFieldAs(TOKEN, KrbToken.class);
+ }
+
+ public void setToken(KrbToken token) {
+ setFieldAs(TOKEN, token);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationData.java
new file mode 100644
index 0000000..70c1450
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationData.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationDataEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationDataEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationDataEntry.java
new file mode 100644
index 0000000..62cb19f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationDataEntry.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationDataEntry extends KrbSequenceType {
+ private static int AD_TYPE = 0;
+ private static int AD_DATA = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AD_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(AD_DATA, 1, Asn1OctetString.class)
+ };
+
+ public AuthorizationDataEntry() {
+ super(fieldInfos);
+ }
+
+ public AuthorizationType getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return AuthorizationType.fromValue(value);
+ }
+
+ public void setAuthzType(AuthorizationType authzType) {
+ setFieldAsInt(AD_TYPE, authzType.getValue());
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctets(AD_DATA);
+ }
+
+ public void setAuthzData(byte[] authzData) {
+ setFieldAsOctets(AD_DATA, authzData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationType.java
new file mode 100644
index 0000000..a8ce0cd
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/AuthorizationType.java
@@ -0,0 +1,143 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum AuthorizationType implements KrbEnum {
+ /**
+ * Constant for the "null" authorization type.
+ */
+ NULL(0),
+
+ /**
+ * Constant for the "if relevant" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IF_RELEVANT(1),
+
+ /**
+ * Constant for the "intended for server" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_SERVER(2),
+
+ /**
+ * Constant for the "intended for application class" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_APPLICATION_CLASS(3),
+
+ /**
+ * Constant for the "kdc issued" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_KDC_ISSUED(4),
+
+ /**
+ * Constant for the "or" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_OR(5),
+
+ /**
+ * Constant for the "mandatory ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_TICKET_EXTENSIONS(6),
+
+ /**
+ * Constant for the "in ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IN_TICKET_EXTENSIONS(7),
+
+ /**
+ * Constant for the "mandatory-for-kdc" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_FOR_KDC(8),
+
+ /**
+ * Constant for the "OSF DCE" authorization type.
+ *
+ * RFC 1510
+ */
+ OSF_DCE(64),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ SESAME(65),
+
+ /**
+ * Constant for the "OSF-DCE pki certid" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_OSF_DCE_PKI_CERTID(66),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_WIN2K_PAC(128),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_ETYPE_NEGOTIATION(129);
+
+ private final int value;
+
+ private AuthorizationType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static AuthorizationType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (AuthorizationType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSum.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSum.java
new file mode 100644
index 0000000..9822c02
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSum.java
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ Checksum ::= SEQUENCE {
+ cksumtype [0] Int32,
+ checksum [1] OCTET STRING
+ }
+ */
+public class CheckSum extends KrbSequenceType {
+ private static int CKSUM_TYPE = 0;
+ private static int CHECK_SUM = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CKSUM_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CHECK_SUM, 1, Asn1OctetString.class)
+ };
+
+ public CheckSum() {
+ super(fieldInfos);
+ }
+
+ public CheckSum(CheckSumType cksumType, byte[] checksum) {
+ this();
+
+ setCksumtype(cksumType);
+ setChecksum(checksum);
+ }
+
+ public CheckSum(int cksumType, byte[] checksum) {
+ this(CheckSumType.fromValue(cksumType), checksum);
+ }
+
+ public CheckSumType getCksumtype() {
+ Integer value = getFieldAsInteger(CKSUM_TYPE);
+ return CheckSumType.fromValue(value);
+ }
+
+ public void setCksumtype(CheckSumType cksumtype) {
+ setFieldAsInt(CKSUM_TYPE, cksumtype.getValue());
+ }
+
+ public byte[] getChecksum() {
+ return getFieldAsOctets(CHECK_SUM);
+ }
+
+ public void setChecksum(byte[] checksum) {
+ setFieldAsOctets(CHECK_SUM, checksum);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) return true;
+ if (other == null || getClass() != other.getClass()) return false;
+
+ CheckSum that = (CheckSum) other;
+
+ if (getCksumtype() != that.getCksumtype()) return false;
+
+ return Arrays.equals(getChecksum(), that.getChecksum());
+ }
+
+ public boolean isEqual(CheckSum other) {
+ return this.equals(other);
+ }
+
+ public boolean isEqual(byte[] cksumBytes) {
+ return Arrays.equals(getChecksum(), cksumBytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSumType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSumType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSumType.java
new file mode 100644
index 0000000..b7be286
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/CheckSumType.java
@@ -0,0 +1,115 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum CheckSumType implements KrbEnum {
+ NONE(0, "none", "None checksum type"),
+
+ CRC32(0x0001, "crc32", "CRC-32"),
+
+ RSA_MD4(0x0002, "md4", "RSA-MD4"),
+
+ RSA_MD4_DES(0x0003, "md4-des", "RSA-MD4 with DES cbc mode"),
+
+ DES_CBC(0x0004, "des-cbc", "DES cbc mode"),
+ DES_MAC(0x0004, "des-mac", "DES cbc mode"),
+
+ //des-mac-k
+
+ //rsa-md4-des-k
+
+ RSA_MD5(0x0007, "md5", "RSA-MD5"),
+
+ RSA_MD5_DES(0x0008, "md5-des", "RSA-MD5 with DES cbc mode"),
+
+ NIST_SHA(0x0009, "sha", "NIST-SHA"),
+
+ HMAC_SHA1_DES3(0x000c, "hmac-sha1-des3", "HMAC-SHA1 DES3 key"),
+ HMAC_SHA1_DES3_KD(0x000c, "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key"),
+
+ ////RFC 3962. Used with ENCTYPE_AES128_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES128(0x000f, "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key"),
+
+ //RFC 3962. Used with ENCTYPE_AES256_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES256(0x0010, "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA128(0x0011, "cmac-camellia128", "CMAC Camellia128 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA256(0x0012, "cmac-camellia256", "CMAC Camellia256 key"),
+
+ //Microsoft netlogon cksumtype
+ MD5_HMAC_ARCFOUR(-137, "md5-hmac-rc4", "Microsoft MD5 HMAC"),
+
+ //Microsoft md5 hmac cksumtype
+ HMAC_MD5_ARCFOUR(-138, "hmac-md5-arcfour", "Microsoft HMAC MD5"),
+ HMAC_MD5_ENC(-138, "hmac-md5-enc", "Microsoft HMAC MD5"),
+ HMAC_MD5_RC4(-138, "hmac-md5-rc4", "Microsoft HMAC MD5");
+
+ private final int value;
+
+ private final String name;
+
+ private final String displayName;
+
+ private CheckSumType(int value, String name, String displayName) {
+ this.value = value;
+ this.name = name;
+ this.displayName = displayName;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public static CheckSumType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (CheckSumType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ public static CheckSumType fromName(String name) {
+ if (name != null) {
+ for (CheckSumType cs : values()) {
+ if (cs.getName() == name) {
+ return (CheckSumType) cs;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptedData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptedData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptedData.java
new file mode 100644
index 0000000..3875000
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptedData.java
@@ -0,0 +1,96 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptedData ::= SEQUENCE {
+ etype [0] Int32 -- EncryptionType --,
+ kvno [1] UInt32 OPTIONAL,
+ cipher [2] OCTET STRING -- ciphertext
+ }
+ */
+public class EncryptedData extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int KVNO = 1;
+ private static int CIPHER = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(KVNO, 1, Asn1Integer.class),
+ new Asn1FieldInfo(CIPHER, 2, Asn1OctetString.class)
+ };
+
+ public EncryptedData() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEType() {
+ Integer value = getFieldAsInteger(ETYPE);
+ return EncryptionType.fromValue(value);
+ }
+
+ public void setEType(EncryptionType eType) {
+ setFieldAsInt(ETYPE, eType.getValue());
+ }
+
+ public int getKvno() {
+ Integer value = getFieldAsInteger(KVNO);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ public void setKvno(int kvno) {
+ setFieldAsInt(KVNO, kvno);
+ }
+
+ public byte[] getCipher() {
+ return getFieldAsOctets(CIPHER);
+ }
+
+ public void setCipher(byte[] cipher) {
+ setFieldAsOctets(CIPHER, cipher);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ EncryptedData that = (EncryptedData) o;
+
+ /*
+ if (getKvno() != -1 && that.getKvno() != -1 &&
+ getKvno() != that.getKvno()) return false;
+ */
+
+ if (getEType() != that.getEType()) return false;
+
+ return Arrays.equals(getCipher(), that.getCipher());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionKey.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionKey.java
new file mode 100644
index 0000000..6f7f540
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionKey.java
@@ -0,0 +1,107 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptionKey ::= SEQUENCE {
+ keytype [0] Int32 -- actually encryption type --,
+ keyvalue [1] OCTET STRING
+ }
+ */
+public class EncryptionKey extends KrbSequenceType {
+ private static int KEY_TYPE = 0;
+ private static int KEY_VALUE = 1;
+
+ private int kvno = -1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KEY_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(KEY_VALUE, 1, Asn1OctetString.class)
+ };
+
+ public EncryptionKey() {
+ super(fieldInfos);
+ }
+
+ public EncryptionKey(int keyType, byte[] keyData) {
+ this(keyType, keyData, -1);
+ }
+
+ public EncryptionKey(int keyType, byte[] keyData, int kvno) {
+ this(EncryptionType.fromValue(keyType), keyData, kvno);
+ }
+
+ public EncryptionKey(EncryptionType keyType, byte[] keyData) {
+ this(keyType, keyData, -1);
+ }
+
+ public EncryptionKey(EncryptionType keyType, byte[] keyData, int kvno) {
+ this();
+ setKeyType(keyType);
+ setKeyData(keyData);
+ setKvno(kvno);
+ }
+
+ public EncryptionType getKeyType() {
+ Integer value = getFieldAsInteger(KEY_TYPE);
+ return EncryptionType.fromValue(value);
+ }
+
+ public void setKeyType(EncryptionType keyType) {
+ setFieldAsInt(KEY_TYPE, keyType.getValue());
+ }
+
+ public byte[] getKeyData() {
+ return getFieldAsOctets(KEY_VALUE);
+ }
+
+ public void setKeyData(byte[] keyData) {
+ setFieldAsOctets(KEY_VALUE, keyData);
+ }
+
+ public void setKvno(int kvno) {
+ this.kvno = kvno;
+ }
+
+ public int getKvno() {
+ return kvno;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ EncryptionKey that = (EncryptionKey) o;
+
+ if (kvno != -1 && that.kvno != -1 && kvno != that.kvno) return false;
+
+ if (getKeyType() != that.getKeyType()) return false;
+
+ return Arrays.equals(getKeyData(), that.getKeyData());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionType.java
new file mode 100644
index 0000000..45c2427
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EncryptionType.java
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * According to krb5.hin
+ */
+public enum EncryptionType implements KrbEnum {
+
+ NONE(0, "none", "None encryption type"),
+
+ DES_CBC_CRC(0x0001, "des-cbc-crc", "DES cbc mode with CRC-32"),
+
+ DES_CBC_MD4(0x0002, "des-cbc-md4", "DES cbc mode with RSA-MD4"),
+
+ DES_CBC_MD5(0x0003, "des-cbc-md5", "DES cbc mode with RSA-MD5"),
+ DES(0x0003, "des", "DES cbc mode with RSA-MD5"),
+
+ DES_CBC_RAW(0x0004, "des-cbc-raw", "DES cbc mode raw"),
+
+ DES3_CBC_SHA(0x0005, "des3-cbc-sha", "DES-3 cbc with SHA1"),
+
+ DES3_CBC_RAW(0x0006, "des3-cbc-raw", "Triple DES cbc mode raw"),
+
+ DES_HMAC_SHA1(0x0008, "des-hmac-sha1", "DES with HMAC/sha1"),
+
+ DSA_SHA1_CMS(0x0009, "dsa-sha1-cms", "DSA with SHA1, CMS signature"),
+
+ MD5_RSA_CMS(0x000a, "md5-rsa-cms", "MD5 with RSA, CMS signature"),
+
+ SHA1_RSA_CMS(0x000b, "sha1-rsa-cms", "SHA1 with RSA, CMS signature"),
+
+ RC2_CBC_ENV(0x000c, "rc2-cbc-env", "RC2 cbc mode, CMS enveloped data"),
+
+ RSA_ENV(0x000d, "rsa-env", "RSA encryption, CMS enveloped data"),
+
+ RSA_ES_OAEP_ENV(0x000e, "rsa-es-oaep-env", "RSA w/OEAP encryption, CMS enveloped data"),
+
+ DES3_CBC_ENV(0x000f, "des3-cbc-env", "DES-3 cbc mode, CMS enveloped data"),
+
+ DES3_CBC_SHA1(0x0010, "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1"),
+ DES3_HMAC_SHA1(0x0010, "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1"),
+ DES3_CBC_SHA1_KD(0x0010, "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1"),
+
+ AES128_CTS_HMAC_SHA1_96 (0x0011, "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+ AES128_CTS (0x0011, "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+
+ AES256_CTS_HMAC_SHA1_96(0x0012, "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+ AES256_CTS(0x0012, "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+
+ ARCFOUR_HMAC(0x0017, "arcfour-hmac", "ArcFour with HMAC/md5"),
+ RC4_HMAC(0x0017, "rc4-hmac", "ArcFour with HMAC/md5"),
+ ARCFOUR_HMAC_MD5(0x0017, "arcfour-hmac-md5", "ArcFour with HMAC/md5"),
+
+ ARCFOUR_HMAC_EXP(0x0018, "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+ RC4_HMAC_EXP(0x0018, "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+ ARCFOUR_HMAC_MD5_EXP(0x0018, "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5"),
+
+ CAMELLIA128_CTS_CMAC(0x0019, "camellia128-cts-cmac", "Camellia-128 CTS mode with CMAC"),
+ CAMELLIA128_CTS(0x0019, "camellia128-cts", "Camellia-128 CTS mode with CMAC"),
+
+ CAMELLIA256_CTS_CMAC(0x001a, "camellia256-cts-cmac", "Camellia-256 CTS mode with CMAC"),
+ CAMELLIA256_CTS(0x001a, "camellia256-cts", "Camellia-256 CTS mode with CMAC");
+
+ //UNKNOWN(0x01ff, "UNKNOWN", "Unknown encryption type");
+
+ private final int value;
+
+ private final String name;
+
+ private final String displayName;
+
+ private EncryptionType(int value, String name, String displayName) {
+ this.value = value;
+ this.name = name;
+ this.displayName = displayName;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public static EncryptionType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (EncryptionType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ public static EncryptionType fromName(String name) {
+ if (name != null) {
+ for (EncryptionType e : values()) {
+ if (e.getName().equals(name)) {
+ return (EncryptionType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo.java
new file mode 100644
index 0000000..7a82e4d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY
+ */
+public class EtypeInfo extends KrbSequenceOfType<EtypeInfoEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2.java
new file mode 100644
index 0000000..0635db9
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO2 ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY
+ */
+public class EtypeInfo2 extends KrbSequenceOfType<EtypeInfo2Entry> {
+
+}
[13/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
new file mode 100644
index 0000000..4a67feb
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ExternalPrincipalIdentifier ::= SEQUENCE {
+ subjectName [0] IMPLICIT OCTET STRING OPTIONAL,
+ issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL,
+ subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL
+ }
+ */
+public class ExternalPrincipalIdentifier extends KrbSequenceType {
+ private static int SUBJECT_NAME = 0;
+ private static int ISSUER_AND_SERIAL_NUMBER = 1;
+ private static int SUBJECT_KEY_IDENTIFIER = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SUBJECT_NAME, Asn1OctetString.class, true),
+ new Asn1FieldInfo(ISSUER_AND_SERIAL_NUMBER, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SUBJECT_KEY_IDENTIFIER, Asn1OctetString.class, true)
+ };
+
+ public ExternalPrincipalIdentifier() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSubjectName() {
+ return getFieldAsOctets(SUBJECT_NAME);
+ }
+
+ public void setSubjectName(byte[] subjectName) {
+ setFieldAsOctets(SUBJECT_NAME, subjectName);
+ }
+
+ public byte[] getIssuerSerialNumber() {
+ return getFieldAsOctets(ISSUER_AND_SERIAL_NUMBER);
+ }
+
+ public void setIssuerSerialNumber(byte[] issuerSerialNumber) {
+ setFieldAsOctets(ISSUER_AND_SERIAL_NUMBER, issuerSerialNumber);
+ }
+
+ public byte[] getSubjectKeyIdentifier() {
+ return getFieldAsOctets(SUBJECT_KEY_IDENTIFIER);
+ }
+
+ public void setSubjectKeyIdentifier(byte[] subjectKeyIdentifier) {
+ setFieldAsOctets(SUBJECT_KEY_IDENTIFIER, subjectKeyIdentifier);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
new file mode 100644
index 0000000..97c6003
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1BitString;
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ KDCDHKeyInfo ::= SEQUENCE {
+ subjectPublicKey [0] BIT STRING,
+ nonce [1] INTEGER (0..4294967295),
+ dhKeyExpiration [2] KerberosTime OPTIONAL,
+ }
+ */
+public class KdcDHKeyInfo extends KrbSequenceType {
+ private static int SUBJECT_PUBLICK_KEY = 0;
+ private static int NONCE = 1;
+ private static int DH_KEY_EXPIRATION = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SUBJECT_PUBLICK_KEY, Asn1BitString.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(DH_KEY_EXPIRATION, KerberosTime.class)
+ };
+
+ public KdcDHKeyInfo() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSubjectPublicKey() {
+ return getFieldAsOctets(SUBJECT_PUBLICK_KEY);
+ }
+
+ public void setSubjectPublicKey(byte[] subjectPublicKey) {
+ setFieldAsOctets(SUBJECT_PUBLICK_KEY, subjectPublicKey);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
new file mode 100644
index 0000000..543b7c8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.common.Realm;
+
+/**
+ KRB5PrincipalName ::= SEQUENCE {
+ realm [0] Realm,
+ principalName [1] PrincipalName
+ }
+ */
+public class Krb5PrincipalName extends KrbSequenceType {
+ private static int REALM = 0;
+ private static int PRINCIPAL_NAME = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(REALM, Realm.class),
+ new Asn1FieldInfo(PRINCIPAL_NAME, PrincipalName.class)
+ };
+
+ public Krb5PrincipalName() {
+ super(fieldInfos);
+ }
+
+ public String getRelm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAsString(REALM, realm);
+ }
+
+ public PrincipalName getPrincipalName() {
+ return getFieldAs(PRINCIPAL_NAME, PrincipalName.class);
+ }
+
+ public void setPrincipalName(PrincipalName principalName) {
+ setFieldAs(PRINCIPAL_NAME, principalName);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
new file mode 100644
index 0000000..952bea6
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1Choice;
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+
+/**
+ PA-PK-AS-REP ::= CHOICE {
+ dhInfo [0] DHRepInfo,
+ encKeyPack [1] IMPLICIT OCTET STRING,
+ }
+ */
+public class PaPkAsRep extends Asn1Choice {
+ private static int DH_INFO = 0;
+ private static int ENCKEY_PACK = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(DH_INFO, DHRepInfo.class),
+ new Asn1FieldInfo(ENCKEY_PACK, Asn1OctetString.class, true)
+ };
+
+ public PaPkAsRep() {
+ super(fieldInfos);
+ }
+
+ public DHRepInfo getDHRepInfo() {
+ return getFieldAs(DH_INFO, DHRepInfo.class);
+ }
+
+ public void setDHRepInfo(DHRepInfo dhRepInfo) {
+ setFieldAs(DH_INFO, dhRepInfo);
+ }
+
+ public byte[] getEncKeyPack() {
+ return getFieldAsOctets(ENCKEY_PACK);
+ }
+
+ public void setEncKeyPack(byte[] encKeyPack) {
+ setFieldAsOctets(ENCKEY_PACK, encKeyPack);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
new file mode 100644
index 0000000..79e6e55
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-PK-AS-REQ ::= SEQUENCE {
+ signedAuthPack [0] IMPLICIT OCTET STRING,
+ trustedCertifiers [1] SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
+ kdcPkId [2] IMPLICIT OCTET STRING OPTIONAL
+ }
+ */
+public class PaPkAsReq extends KrbSequenceType {
+ private static int SIGNED_AUTH_PACK = 0;
+ private static int TRUSTED_CERTIFIERS = 1;
+ private static int KDC_PKID = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SIGNED_AUTH_PACK, Asn1OctetString.class, true),
+ new Asn1FieldInfo(TRUSTED_CERTIFIERS, TrustedCertifiers.class),
+ new Asn1FieldInfo(KDC_PKID, Asn1OctetString.class, true)
+ };
+
+ public PaPkAsReq() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSignedAuthPack() {
+ return getFieldAsOctets(SIGNED_AUTH_PACK);
+ }
+
+ public void setSignedAuthPack(byte[] signedAuthPack) {
+ setFieldAsOctets(SIGNED_AUTH_PACK, signedAuthPack);
+ }
+
+ public TrustedCertifiers getTrustedCertifiers() {
+ return getFieldAs(TRUSTED_CERTIFIERS, TrustedCertifiers.class);
+ }
+
+ public void setTrustedCertifiers(TrustedCertifiers trustedCertifiers) {
+ setFieldAs(TRUSTED_CERTIFIERS, trustedCertifiers);
+ }
+
+ public byte[] getKdcPkId() {
+ return getFieldAsOctets(KDC_PKID);
+ }
+
+ public void setKdcPkId(byte[] kdcPkId) {
+ setFieldAsOctets(KDC_PKID, kdcPkId);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
new file mode 100644
index 0000000..d1fafd7
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PKAuthenticator ::= SEQUENCE {
+ cusec [0] INTEGER (0..999999),
+ ctime [1] KerberosTime,
+ -- cusec and ctime are used as in [RFC4120], for
+ -- replay prevention.
+ nonce [2] INTEGER (0..4294967295),
+ -- Chosen randomly; this nonce does not need to
+ -- match with the nonce in the KDC-REQ-BODY.
+ paChecksum [3] OCTET STRING OPTIONAL,
+ -- MUST be present.
+ -- Contains the SHA1 checksum, performed over
+ -- KDC-REQ-BODY.
+ }
+ */
+public class PkAuthenticator extends KrbSequenceType {
+ private static int CUSEC = 0;
+ private static int CTIME = 1;
+ private static int NONCE = 2;
+ private static int PA_CHECKSUM = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, KerberosTime.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_CHECKSUM, Asn1OctetString.class)
+ };
+
+ public PkAuthenticator() {
+ super(fieldInfos);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public byte[] getPaChecksum() {
+ return getFieldAsOctets(PA_CHECKSUM);
+ }
+
+ public void setPaChecksum(byte[] paChecksum) {
+ setFieldAsOctets(PA_CHECKSUM, paChecksum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
new file mode 100644
index 0000000..af0dfc3
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+
+/**
+ ReplyKeyPack ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ asChecksum [1] Checksum,
+ }
+ */
+public class ReplyKeyPack extends KrbSequenceType {
+ private static int REPLY_KEY = 0;
+ private static int AS_CHECKSUM = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(REPLY_KEY, EncryptionKey.class),
+ new Asn1FieldInfo(AS_CHECKSUM, CheckSum.class)
+ };
+
+ public ReplyKeyPack() {
+ super(fieldInfos);
+ }
+
+ public EncryptionKey getReplyKey() {
+ return getFieldAs(REPLY_KEY, EncryptionKey.class);
+ }
+
+ public void setReplyKey(EncryptionKey replyKey) {
+ setFieldAs(REPLY_KEY, replyKey);
+ }
+
+ public CheckSum getAsChecksum() {
+ return getFieldAs(AS_CHECKSUM, CheckSum.class);
+ }
+
+ public void setAsChecksum(CheckSum checkSum) {
+ setFieldAs(AS_CHECKSUM, checkSum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
new file mode 100644
index 0000000..77e82b1
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+/**
+ * TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier
+ */
+public class TdDhParameters extends AlgorithmIdentifiers {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
new file mode 100644
index 0000000..418b213
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ trustedCertifiers SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
+ */
+public class TrustedCertifiers extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenChallenge.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
new file mode 100644
index 0000000..5956fc7
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-TOKEN-CHALLENGE ::= SEQUENCE {
+ tokenInfos [0] SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
+ }
+*/
+public class PaTokenChallenge extends KrbSequenceType {
+ private static int TOKENINFOS = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKENINFOS, TokenInfos.class)
+ };
+
+ public PaTokenChallenge() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenRequest.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenRequest.java
new file mode 100644
index 0000000..6b08a6f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/PaTokenRequest.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbToken;
+
+/**
+ PA-TOKEN-REQUEST ::= SEQUENCE {
+ token [0] OCTET STRING,
+ tokenInfo [1] TokenInfo
+ }
+*/
+public class PaTokenRequest extends KrbSequenceType {
+ private static int TOKEN_INFO = 0;
+ private static int TOKEN = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN_INFO, TokenInfo.class),
+ new Asn1FieldInfo(TOKEN, KrbToken.class)
+ };
+
+ public PaTokenRequest() {
+ super(fieldInfos);
+ }
+
+ public KrbToken getToken() {
+ return getFieldAs(TOKEN, KrbToken.class);
+ }
+
+ public void setToken(KrbToken token) {
+ setFieldAs(TOKEN, token);
+ }
+
+ public String getTokenInfo() {
+ return getFieldAsString(TOKEN_INFO);
+ }
+
+ public void setTokenInfo(TokenInfo tokenInfo) {
+ setFieldAs(TOKEN_INFO, tokenInfo);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlag.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlag.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlag.java
new file mode 100644
index 0000000..75f06f6
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlag.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum TokenFlag implements KrbEnum {
+ NONE(-1),
+ ID_TOKEN_REQUIRED(0x40000000),
+ AC_TOKEN_REQUIRED(0x20000000),
+ BEARER_TOKEN_REQUIRED(0x10000000),
+ HOK_TOKEN_REQUIRED(0x08000000);
+
+ private final int value;
+
+ private TokenFlag(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TokenFlag fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (TokenFlag) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlags.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlags.java
new file mode 100644
index 0000000..af6e0f9
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenFlags.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+import static org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
+
+public class TokenFlags extends KrbFlags {
+
+ public TokenFlags() {
+ this(0);
+ }
+
+ public TokenFlags(int value) {
+ setFlags(value);
+ }
+
+ public boolean isInvalid() {
+ return isFlagSet(INVALID.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfo.java
new file mode 100644
index 0000000..43533ca
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfo.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.type.Asn1Utf8String;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ TokenInfo ::= SEQUENCE {
+ flags [0] TokenFlags,
+ tokenVendor [1] UTF8String,
+ }
+ */
+public class TokenInfo extends KrbSequenceType {
+ private static int FLAGS = 0;
+ private static int TOKEN_VENDOR = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
+ new Asn1FieldInfo(TOKEN_VENDOR, Asn1Utf8String.class),
+ };
+
+ public TokenInfo() {
+ super(fieldInfos);
+ }
+
+ public TokenFlags getFlags() {
+ return getFieldAs(FLAGS, TokenFlags.class);
+ }
+
+ public void setFlags(TokenFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public String getTokenVendor() {
+ return getFieldAsString(TOKEN_VENDOR);
+ }
+
+ public void setTokenVendor(String tokenVendor) {
+ setFieldAs(TOKEN_VENDOR, new Asn1Utf8String(tokenVendor));
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfos.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfos.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfos.java
new file mode 100644
index 0000000..85d6e58
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/token/TokenInfos.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
+*/
+public class TokenInfos extends KrbSequenceOfType<TokenInfo> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/AbstractServiceTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
new file mode 100644
index 0000000..28f5dea
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.kdc.EncKdcRepPart;
+
+public class AbstractServiceTicket {
+ private Ticket ticket;
+ private EncKdcRepPart encKdcRepPart;
+
+ public AbstractServiceTicket(Ticket ticket, EncKdcRepPart encKdcRepPart) {
+ this.ticket = ticket;
+ this.encKdcRepPart = encKdcRepPart;
+ }
+
+ public Ticket getTicket() {
+ return ticket;
+ }
+
+ public EncKdcRepPart getEncKdcRepPart() {
+ return encKdcRepPart;
+ }
+
+ public EncryptionKey getSessionKey() {
+ return encKdcRepPart.getKey();
+ }
+
+ public String getRealm() {
+ return ticket.getRealm();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
new file mode 100644
index 0000000..86d0e33
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
@@ -0,0 +1,164 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+
+/**
+ -- Encrypted part of ticket
+ EncTicketPart ::= [APPLICATION 3] SEQUENCE {
+ flags [0] TicketFlags,
+ key [1] EncryptionKey,
+ crealm [2] Realm,
+ cname [3] PrincipalName,
+ transited [4] TransitedEncoding,
+ authtime [5] KerberosTime,
+ starttime [6] KerberosTime OPTIONAL,
+ endtime [7] KerberosTime,
+ renew-till [8] KerberosTime OPTIONAL,
+ caddr [9] HostAddresses OPTIONAL,
+ authorization-data [10] AuthorizationData OPTIONAL
+ }
+ */
+public class EncTicketPart extends KrbAppSequenceType {
+ public static final int TAG = 3;
+
+ private static int FLAGS = 0;
+ private static int KEY = 1;
+ private static int CREALM = 2;
+ private static int CNAME = 3;
+ private static int TRANSITED = 4;
+ private static int AUTHTIME = 5;
+ private static int STARTTIME = 6;
+ private static int ENDTIME = 7;
+ private static int RENEW_TILL = 8;
+ private static int CADDR = 9;
+ private static int AUTHORIZATION_DATA = 10;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, 0, TicketFlags.class),
+ new Asn1FieldInfo(KEY, 1, EncryptionKey.class),
+ new Asn1FieldInfo(CREALM, 2, KerberosString.class),
+ new Asn1FieldInfo(CNAME, 3, PrincipalName.class),
+ new Asn1FieldInfo(TRANSITED, 4, TransitedEncoding.class),
+ new Asn1FieldInfo(AUTHTIME, 5, KerberosTime.class),
+ new Asn1FieldInfo(STARTTIME, 6, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, 7, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, 8, KerberosTime.class),
+ new Asn1FieldInfo(CADDR, 9, HostAddresses.class),
+ new Asn1FieldInfo(AUTHORIZATION_DATA, 10, AuthorizationData.class)
+ };
+
+ public EncTicketPart() {
+ super(TAG, fieldInfos);
+ }
+
+ public TicketFlags getFlags() {
+ return getFieldAs(FLAGS, TicketFlags.class);
+ }
+
+ public void setFlags(TicketFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public EncryptionKey getKey() {
+ return getFieldAs(KEY, EncryptionKey.class);
+ }
+
+ public void setKey(EncryptionKey key) {
+ setFieldAs(KEY, key);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String crealm) {
+ setFieldAsString(CREALM, crealm);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public TransitedEncoding getTransited() {
+ return getFieldAs(TRANSITED, TransitedEncoding.class);
+ }
+
+ public void setTransited(TransitedEncoding transited) {
+ setFieldAs(TRANSITED, transited);
+ }
+
+ public KerberosTime getAuthTime() {
+ return getFieldAs(AUTHTIME, KerberosTime.class);
+ }
+
+ public void setAuthTime(KerberosTime authTime) {
+ setFieldAs(AUTHTIME, authTime);
+ }
+
+ public KerberosTime getStartTime() {
+ return getFieldAs(STARTTIME, KerberosTime.class);
+ }
+
+ public void setStartTime(KerberosTime startTime) {
+ setFieldAs(STARTTIME, startTime);
+ }
+
+ public KerberosTime getEndTime() {
+ return getFieldAs(ENDTIME, KerberosTime.class);
+ }
+
+ public void setEndTime(KerberosTime endTime) {
+ setFieldAs(ENDTIME, endTime);
+ }
+
+ public KerberosTime getRenewtill() {
+ return getFieldAs(RENEW_TILL, KerberosTime.class);
+ }
+
+ public void setRenewtill(KerberosTime renewtill) {
+ setFieldAs(RENEW_TILL, renewtill);
+ }
+
+ public HostAddresses getClientAddresses() {
+ return getFieldAs(CADDR, HostAddresses.class);
+ }
+
+ public void setClientAddresses(HostAddresses clientAddresses) {
+ setFieldAs(CADDR, clientAddresses);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ setFieldAs(AUTHORIZATION_DATA, authorizationData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
new file mode 100644
index 0000000..f081b41
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.kdc.EncTgsRepPart;
+
+public class ServiceTicket extends AbstractServiceTicket {
+ public ServiceTicket(Ticket ticket, EncTgsRepPart encKdcRepPart) {
+ super(ticket, encKdcRepPart);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
new file mode 100644
index 0000000..a530856
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.EncAsRepPart;
+
+public class TgtTicket extends AbstractServiceTicket {
+ private PrincipalName clientPrincipal;
+
+ public TgtTicket(Ticket ticket, EncAsRepPart encKdcRepPart, String clientPrincipal) {
+ super(ticket, encKdcRepPart);
+ this.clientPrincipal = new PrincipalName(clientPrincipal);
+ }
+
+ public PrincipalName getClientPrincipal() {
+ return clientPrincipal;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
new file mode 100644
index 0000000..543b02d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
@@ -0,0 +1,99 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+/**
+ Ticket ::= [APPLICATION 1] SEQUENCE {
+ tkt-vno [0] INTEGER (5),
+ realm [1] Realm,
+ sname [2] PrincipalName,
+ enc-part [3] EncryptedData -- EncTicketPart
+ }
+ */
+public class Ticket extends KrbAppSequenceType {
+ public static final int TKT_KVNO = KrbConstant.KRB_V5;
+ public static final int TAG = 1;
+
+ private static int TKT_VNO = 0;
+ private static int REALM = 1;
+ private static int SNAME = 2;
+ private static int ENC_PART = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TKT_VNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(REALM, 1, KerberosString.class),
+ new Asn1FieldInfo(SNAME, 2, PrincipalName.class),
+ new Asn1FieldInfo(ENC_PART, 3, EncryptedData.class)
+ };
+
+ public Ticket() {
+ super(TAG, fieldInfos);
+ setTktKvno(TKT_KVNO);
+ }
+
+ private EncTicketPart encPart;
+
+ public int getTktvno() {
+ return getFieldAsInt(TKT_VNO);
+ }
+
+ public void setTktKvno(int kvno) {
+ setFieldAsInt(TKT_VNO, kvno);
+ }
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+
+ public EncTicketPart getEncPart() {
+ return encPart;
+ }
+
+ public void setEncPart(EncTicketPart encPart) {
+ this.encPart = encPart;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
new file mode 100644
index 0000000..b9de3c8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum TicketFlag implements KrbEnum {
+ NONE(-1),
+ FORWARDABLE(0x40000000),
+ FORWARDED(0x20000000),
+ PROXIABLE(0x10000000),
+ PROXY(0x08000000),
+ MAY_POSTDATE(0x04000000),
+ POSTDATED(0x02000000),
+ INVALID(0x01000000),
+ RENEWABLE(0x00800000),
+ INITIAL(0x00400000),
+ PRE_AUTH(0x00200000),
+ HW_AUTH(0x00100000),
+ TRANSIT_POLICY_CHECKED( 0x00080000),
+ OK_AS_DELEGATE(0x00040000),
+ ENC_PA_REP(0x00010000),
+ ANONYMOUS(0x00008000);
+
+ private final int value;
+
+ private TicketFlag(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TicketFlag fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (TicketFlag) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
new file mode 100644
index 0000000..4bbadf2
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+import static org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
+
+public class TicketFlags extends KrbFlags {
+
+ public TicketFlags() {
+ this(0);
+ }
+
+ public TicketFlags(int value) {
+ setFlags(value);
+ }
+
+ public boolean isInvalid() {
+ return isFlagSet(INVALID.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
new file mode 100644
index 0000000..a7acef0
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.ticket;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ SEQUENCE OF Ticket
+ */
+public class Tickets extends KrbSequenceOfType<Ticket> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/AlgorithmIdentifier.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
new file mode 100644
index 0000000..369b99a
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.x509;
+
+import org.apache.kerby.asn1.type.*;
+
+/**
+ AlgorithmIdentifier ::= SEQUENCE {
+ algorithm OBJECT IDENTIFIER,
+ parameters ANY DEFINED BY algorithm OPTIONAL
+ }
+ */
+public class AlgorithmIdentifier extends Asn1SequenceType {
+ private static int ALGORITHM = 0;
+ private static int PARAMETERS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ALGORITHM, -1, Asn1ObjectIdentifier.class),
+ new Asn1FieldInfo(PARAMETERS, -1, Asn1Any.class)
+ };
+
+ public AlgorithmIdentifier() {
+ super(fieldInfos);
+ }
+
+ public Asn1ObjectIdentifier getAlgorithm() {
+ return getFieldAs(ALGORITHM, Asn1ObjectIdentifier.class);
+ }
+
+ public void setAlgorithm(Asn1ObjectIdentifier algorithm) {
+ setFieldAs(ALGORITHM, algorithm);
+ }
+
+ public Asn1Type getParameters() {
+ return getFieldAsAny(PARAMETERS);
+ }
+
+ public void setParameters(Asn1Type parameters) {
+ setFieldAsAny(PARAMETERS, parameters);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
new file mode 100644
index 0000000..f69345f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.x509;
+
+import org.apache.kerby.asn1.type.Asn1BitString;
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1SequenceType;
+
+/**
+ SubjectPublicKeyInfo ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ subjectPublicKey BIT STRING
+ }
+ */
+public class SubjectPublicKeyInfo extends Asn1SequenceType {
+ private static int ALGORITHM = 0;
+ private static int SUBJECT_PUBLIC_KEY = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ALGORITHM, -1, AlgorithmIdentifier.class),
+ new Asn1FieldInfo(SUBJECT_PUBLIC_KEY, -1, Asn1BitString.class)
+ };
+
+ public SubjectPublicKeyInfo() {
+ super(fieldInfos);
+ }
+
+ public AlgorithmIdentifier getAlgorithm() {
+ return getFieldAs(ALGORITHM, AlgorithmIdentifier.class);
+ }
+
+ public void setAlgorithm(AlgorithmIdentifier algorithm) {
+ setFieldAs(ALGORITHM, algorithm);
+ }
+
+ public byte[] getSubjectPubKey() {
+ return getFieldAsOctets(SUBJECT_PUBLIC_KEY);
+ }
+
+ public void setSubjectPubKey(byte[] subjectPubKey) {
+ setFieldAs(SUBJECT_PUBLIC_KEY, new Asn1BitString(subjectPubKey));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/pom.xml b/kerby-kerb/kerb-crypto/pom.xml
new file mode 100644
index 0000000..ed7e8f5
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/pom.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-crypto</artifactId>
+
+ <name>Kerby-kerb Crypto</name>
+ <description>Kerby-kerb Crypto facility</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-util</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
new file mode 100644
index 0000000..76d6a61
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+
+import java.util.Arrays;
+
+public abstract class AbstractCryptoTypeHandler implements CryptoTypeHandler {
+
+ private EncryptProvider encProvider;
+ private HashProvider hashProvider;
+
+ public AbstractCryptoTypeHandler(EncryptProvider encProvider,
+ HashProvider hashProvider) {
+ this.encProvider = encProvider;
+ this.hashProvider = hashProvider;
+ }
+
+ @Override
+ public EncryptProvider encProvider() {
+ return encProvider;
+ }
+
+ @Override
+ public HashProvider hashProvider() {
+ return hashProvider;
+ }
+
+ protected static boolean checksumEqual(byte[] cksum1, byte[] cksum2) {
+ return Arrays.equals(cksum1, cksum2);
+ }
+
+ protected static boolean checksumEqual(byte[] cksum1, byte[] cksum2, int cksum2Start, int len) {
+ if (cksum1 == cksum2)
+ return true;
+ if (cksum1 == null || cksum2 == null)
+ return false;
+
+ if (len <= cksum2.length && len <= cksum1.length) {
+ for (int i = 0; i < len; i++)
+ if (cksum1[i] != cksum2[cksum2Start + i])
+ return false;
+ } else {
+ return false;
+ }
+
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/BytesUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/BytesUtil.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/BytesUtil.java
new file mode 100644
index 0000000..43ddfe8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/BytesUtil.java
@@ -0,0 +1,183 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+public class BytesUtil {
+
+ public static short bytes2short(byte[] bytes, int offset, boolean bigEndian) {
+ short val = 0;
+
+ if (bigEndian) {
+ val += (bytes[offset + 0] & 0xff) << 8;
+ val += (bytes[offset + 1] & 0xff);
+ } else {
+ val += (bytes[offset + 1] & 0xff) << 8;
+ val += (bytes[offset + 0] & 0xff);
+ }
+
+ return val;
+ }
+
+ public static short bytes2short(byte[] bytes, boolean bigEndian) {
+ return bytes2short(bytes, 0, bigEndian);
+ }
+
+ public static byte[] short2bytes(int val, boolean bigEndian) {
+ byte[] bytes = new byte[2];
+
+ short2bytes(val, bytes, 0, bigEndian);
+
+ return bytes;
+ }
+
+ public static void short2bytes(int val, byte[] bytes, int offset, boolean bigEndian) {
+ if (bigEndian) {
+ bytes[offset + 0] = (byte) ((val >> 8) & 0xff);
+ bytes[offset + 1] = (byte) ((val) & 0xff);
+ } else {
+ bytes[offset + 1] = (byte) ((val >> 8) & 0xff);
+ bytes[offset + 0] = (byte) ((val ) & 0xff);
+ }
+ }
+
+ public static int bytes2int(byte[] bytes, boolean bigEndian) {
+ return bytes2int(bytes, 0, bigEndian);
+ }
+
+ public static int bytes2int(byte[] bytes, int offset, boolean bigEndian) {
+ int val = 0;
+
+ if (bigEndian) {
+ val += (bytes[offset + 0] & 0xff) << 24;
+ val += (bytes[offset + 1] & 0xff) << 16;
+ val += (bytes[offset + 2] & 0xff) << 8;
+ val += (bytes[offset + 3] & 0xff);
+ } else {
+ val += (bytes[offset + 3] & 0xff) << 24;
+ val += (bytes[offset + 2] & 0xff) << 16;
+ val += (bytes[offset + 1] & 0xff) << 8;
+ val += (bytes[offset + 0] & 0xff);
+ }
+
+ return val;
+ }
+
+ public static byte[] int2bytes(int val, boolean bigEndian) {
+ byte[] bytes = new byte[4];
+
+ int2bytes(val, bytes, 0, bigEndian);
+
+ return bytes;
+ }
+
+ public static void int2bytes(int val, byte[] bytes, int offset, boolean bigEndian) {
+ if (bigEndian) {
+ bytes[offset + 0] = (byte) ((val >> 24) & 0xff);
+ bytes[offset + 1] = (byte) ((val >> 16) & 0xff);
+ bytes[offset + 2] = (byte) ((val >> 8) & 0xff);
+ bytes[offset + 3] = (byte) ((val) & 0xff);
+ } else {
+ bytes[offset + 3] = (byte) ((val >> 24) & 0xff);
+ bytes[offset + 2] = (byte) ((val >> 16) & 0xff);
+ bytes[offset + 1] = (byte) ((val >> 8) & 0xff);
+ bytes[offset + 0] = (byte) ((val) & 0xff);
+ }
+ }
+
+ public static byte[] long2bytes(long val, boolean bigEndian) {
+ byte[] bytes = new byte[8];
+ long2bytes(val, bytes, 0, bigEndian);
+ return bytes;
+ }
+
+ public static void long2bytes(long val, byte[] bytes, int offset, boolean bigEndian) {
+ if (bigEndian) {
+ for (int i = 0; i < 8; i++) {
+ bytes[i + offset] = (byte) ((val >> ((7 - i) * 8)) & 0xffL);
+ }
+ } else {
+ for (int i = 0; i < 8; i++) {
+ bytes[i + offset] = (byte) ((val >> (i * 8)) & 0xffL);
+ }
+ }
+ }
+
+ public static long bytes2long(byte[] bytes, boolean bigEndian) {
+ return bytes2long(bytes, 0, bigEndian);
+ }
+
+ public static long bytes2long(byte[] bytes, int offset, boolean bigEndian) {
+ long val = 0;
+
+ if (bigEndian) {
+ for (int i = 0; i < 8; i++) {
+ val |= (((long) bytes[i + offset]) & 0xffL) << ((7 - i) * 8);
+ }
+ } else {
+ for (int i = 0; i < 8; i++) {
+ val |= (((long) bytes[i + offset]) & 0xffL) << (i * 8);
+ }
+ }
+
+ return val;
+ }
+
+ public static byte[] padding(byte[] data, int block) {
+ int len = data.length;
+ int paddingLen = len % block != 0 ? 8 - len % block : 0;
+ if (paddingLen == 0) {
+ return data;
+ }
+
+ byte[] result = new byte[len + + paddingLen];
+ System.arraycopy(data, 0, result, 0, len);
+ return result;
+ }
+
+ public static byte[] duplicate(byte[] bytes) {
+ return duplicate(bytes, 0, bytes.length);
+ }
+
+ public static byte[] duplicate(byte[] bytes, int offset, int len) {
+ byte[] dup = new byte[len];
+ System.arraycopy(bytes, offset, dup, 0, len);
+ return dup;
+ }
+
+ public static void xor(byte[] input, int offset, byte[] output) {
+ int a, b;
+ for (int i = 0; i < output.length / 4; ++i) {
+ a = BytesUtil.bytes2int(input, offset + i * 4, true);
+ b = BytesUtil.bytes2int(output, i * 4, true);
+ b = a ^ b;
+ BytesUtil.int2bytes(b, output, i * 4, true);
+ }
+ }
+
+ public static void xor(byte[] a, byte[] b, byte[] output) {
+ int av, bv, v;
+ for (int i = 0; i < a.length / 4; ++i) {
+ av = BytesUtil.bytes2int(a, i * 4, true);
+ bv = BytesUtil.bytes2int(b, i * 4, true);
+ v = av ^ bv;
+ BytesUtil.int2bytes(v, output, i * 4, true);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Camellia.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Camellia.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Camellia.java
new file mode 100644
index 0000000..3737e9d
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Camellia.java
@@ -0,0 +1,250 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+/**
+ * Camellia - based on RFC 3713, about half the size of CamelliaEngine.
+ *
+ * This is based on CamelliaEngine.java from bouncycastle library.
+ */
+
+public class Camellia {
+ private static final int BLOCK_SIZE = 16;
+ private int[] state = new int[4]; // for encryption and decryption
+
+ private CamelliaKey camKey;
+
+ public void setKey(boolean forEncryption, byte[] key) {
+ camKey = new CamelliaKey(key, forEncryption);
+ }
+
+ private void process128Block(byte[] in, int inOff,
+ byte[] out, int outOff) {
+ for (int i = 0; i < 4; i++) {
+ state[i] = BytesUtil.bytes2int(in, inOff + (i * 4), true);
+ state[i] ^= camKey.kw[i];
+ }
+
+ camKey.f2(state, camKey.subkey, 0);
+ camKey.f2(state, camKey.subkey, 4);
+ camKey.f2(state, camKey.subkey, 8);
+ camKey.fls(state, camKey.ke, 0);
+ camKey.f2(state, camKey.subkey, 12);
+ camKey.f2(state, camKey.subkey, 16);
+ camKey.f2(state, camKey.subkey, 20);
+ camKey.fls(state, camKey.ke, 4);
+ camKey.f2(state, camKey.subkey, 24);
+ camKey.f2(state, camKey.subkey, 28);
+ camKey.f2(state, camKey.subkey, 32);
+
+ state[2] ^= camKey.kw[4];
+ state[3] ^= camKey.kw[5];
+ state[0] ^= camKey.kw[6];
+ state[1] ^= camKey.kw[7];
+
+ BytesUtil.int2bytes(state[2], out, outOff, true);
+ BytesUtil.int2bytes(state[3], out, outOff + 4, true);
+ BytesUtil.int2bytes(state[0], out, outOff + 8, true);
+ BytesUtil.int2bytes(state[1], out, outOff + 12, true);
+ }
+
+ private void processBlockLargerBlock(byte[] in, int inOff,
+ byte[] out, int outOff) {
+ for (int i = 0; i < 4; i++) {
+ state[i] = BytesUtil.bytes2int(in, inOff + (i * 4), true);
+ state[i] ^= camKey.kw[i];
+ }
+
+ camKey.f2(state, camKey.subkey, 0);
+ camKey.f2(state, camKey.subkey, 4);
+ camKey.f2(state, camKey.subkey, 8);
+ camKey.fls(state, camKey.ke, 0);
+ camKey.f2(state, camKey.subkey, 12);
+ camKey.f2(state, camKey.subkey, 16);
+ camKey.f2(state, camKey.subkey, 20);
+ camKey.fls(state, camKey.ke, 4);
+ camKey.f2(state, camKey.subkey, 24);
+ camKey.f2(state, camKey.subkey, 28);
+ camKey.f2(state, camKey.subkey, 32);
+ camKey.fls(state, camKey.ke, 8);
+ camKey.f2(state, camKey.subkey, 36);
+ camKey.f2(state, camKey.subkey, 40);
+ camKey.f2(state, camKey.subkey, 44);
+
+ state[2] ^= camKey.kw[4];
+ state[3] ^= camKey.kw[5];
+ state[0] ^= camKey.kw[6];
+ state[1] ^= camKey.kw[7];
+
+ BytesUtil.int2bytes(state[2], out, outOff, true);
+ BytesUtil.int2bytes(state[3], out, outOff + 4, true);
+ BytesUtil.int2bytes(state[0], out, outOff + 8, true);
+ BytesUtil.int2bytes(state[1], out, outOff + 12, true);
+ }
+
+ public void processBlock(byte[] in, int inOff) {
+ byte[] out = new byte[BLOCK_SIZE];
+
+ if (camKey.is128()) {
+ process128Block(in, inOff, out, 0);
+ } else {
+ processBlockLargerBlock(in, inOff, out, 0);
+ }
+
+ System.arraycopy(out, 0, in, inOff, BLOCK_SIZE);
+ }
+
+ public void encrypt(byte[] data, byte[] iv) {
+ byte[] cipher = new byte[BLOCK_SIZE];
+ byte[] cipherState = new byte[BLOCK_SIZE];
+
+ int blocksNum = (data.length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+ int lastBlockLen = data.length - (blocksNum - 1) * BLOCK_SIZE;
+ if (blocksNum == 1) {
+ cbcEnc(data, 0, 1, cipherState);
+ return;
+ }
+
+ if (iv != null) {
+ System.arraycopy(iv, 0, cipherState, 0, BLOCK_SIZE);
+ }
+
+ int contBlocksNum, offset = 0;
+ while (blocksNum > 2) {
+ contBlocksNum = (data.length - offset) / BLOCK_SIZE;
+ if (contBlocksNum > 0) {
+ // Encrypt a series of contiguous blocks in place if we can, but
+ // don't touch the last two blocks.
+ contBlocksNum = (contBlocksNum > blocksNum - 2) ? blocksNum - 2 : contBlocksNum;
+ cbcEnc(data, offset, contBlocksNum, cipherState);
+ offset += contBlocksNum * BLOCK_SIZE;
+ blocksNum -= contBlocksNum;
+ } else {
+ cbcEnc(data, offset, 1, cipherState);
+ offset += BLOCK_SIZE;
+ blocksNum--;
+ }
+ }
+
+ // Encrypt the last two blocks and store the results in reverse order
+ byte[] blockN2 = new byte[BLOCK_SIZE];
+ byte[] blockN1 = new byte[BLOCK_SIZE];
+
+ System.arraycopy(data, offset, blockN2, 0, BLOCK_SIZE);
+ cbcEnc(blockN2, 0, 1, cipherState);
+ System.arraycopy(data, offset + BLOCK_SIZE, blockN1, 0, lastBlockLen);
+ cbcEnc(blockN1, 0, 1, cipherState);
+
+ System.arraycopy(blockN1, 0, data, offset, BLOCK_SIZE);
+ System.arraycopy(blockN2, 0, data, offset + BLOCK_SIZE, lastBlockLen);
+
+ if (iv != null) {
+ System.arraycopy(cipherState, 0, iv, 0, BLOCK_SIZE);
+ }
+ }
+
+ public void decrypt(byte[] data, byte[] iv) {
+ byte[] cipher = new byte[BLOCK_SIZE];
+ byte[] cipherState = new byte[BLOCK_SIZE];
+
+ int blocksNum = (data.length + BLOCK_SIZE - 1) / BLOCK_SIZE;
+ int lastBlockLen = data.length - (blocksNum - 1) * BLOCK_SIZE;
+ if (blocksNum == 1) {
+ cbcDec(data, 0, 1, cipherState);
+ return;
+ }
+
+ if (iv != null) {
+ System.arraycopy(iv, 0, cipherState, 0, BLOCK_SIZE);
+ }
+
+ int contBlocksNum, offset = 0;
+ while (blocksNum > 2) {
+ contBlocksNum = (data.length - offset) / BLOCK_SIZE;
+ if (contBlocksNum > 0) {
+ // Decrypt a series of contiguous blocks in place if we can, but
+ // don't touch the last two blocks.
+ contBlocksNum = (contBlocksNum > blocksNum - 2) ? blocksNum - 2 : contBlocksNum;
+ cbcDec(data, offset, contBlocksNum, cipherState);
+ offset += contBlocksNum * BLOCK_SIZE;
+ blocksNum -= contBlocksNum;
+ } else {
+ cbcDec(data, offset, 1, cipherState);
+ offset += BLOCK_SIZE;
+ blocksNum--;
+ }
+ }
+
+ // Decrypt the last two blocks
+ byte[] blockN2 = new byte[BLOCK_SIZE];
+ byte[] blockN1 = new byte[BLOCK_SIZE];
+ System.arraycopy(data, offset, blockN2, 0, BLOCK_SIZE);
+ System.arraycopy(data, offset + BLOCK_SIZE, blockN1, 0, lastBlockLen);
+ if (iv != null) {
+ System.arraycopy(blockN2, 0, iv, 0, BLOCK_SIZE);
+ }
+
+ byte[] tmpCipherState = new byte[BLOCK_SIZE];
+ System.arraycopy(blockN1, 0, tmpCipherState, 0, BLOCK_SIZE);
+ cbcDec(blockN2, 0, 1, tmpCipherState);
+ System.arraycopy(blockN2, lastBlockLen, blockN1, lastBlockLen, BLOCK_SIZE - lastBlockLen);
+ cbcDec(blockN1, 0, 1, cipherState);
+
+ System.arraycopy(blockN1, 0, data, offset, BLOCK_SIZE);
+ System.arraycopy(blockN2, 0, data, offset + BLOCK_SIZE, lastBlockLen);
+ }
+
+ /**
+ * CBC encrypt nblocks blocks of data in place, using and updating iv.
+ */
+ public void cbcEnc(byte[] data, int offset, int blocksNum, byte[] cipherState) {
+ byte[] cipher = new byte[BLOCK_SIZE];
+ for (int i = 0; i < blocksNum; ++i) {
+ System.arraycopy(data, offset + i * BLOCK_SIZE, cipher, 0, BLOCK_SIZE);
+ BytesUtil.xor(cipherState, 0, cipher);
+ processBlock(cipher, 0);
+ System.arraycopy(cipher, 0, data, offset + i * BLOCK_SIZE, BLOCK_SIZE);
+ System.arraycopy(cipher, 0, cipherState, 0, BLOCK_SIZE);
+ }
+ }
+
+ /**
+ * CBC encrypt nblocks blocks of data in place, using and updating iv.
+ */
+ public void cbcDec(byte[] data, int offset, int blocksNum, byte[] cipherState) {
+ byte[] lastBlock = new byte[BLOCK_SIZE];
+ byte[] cipher = new byte[BLOCK_SIZE];
+
+ System.arraycopy(data, offset + (blocksNum - 1) * BLOCK_SIZE, lastBlock, 0, BLOCK_SIZE);
+ for (int i = blocksNum; i > 0; i--) {
+ System.arraycopy(data, offset + (i - 1) * BLOCK_SIZE, cipher, 0, BLOCK_SIZE);
+ processBlock(cipher, 0);
+
+ if (i == 1) {
+ BytesUtil.xor(cipherState, 0, cipher);
+ } else {
+ BytesUtil.xor(data, offset + (i - 2) * BLOCK_SIZE, cipher);
+ }
+
+ System.arraycopy(cipher, 0, data, offset + (i - 1) * BLOCK_SIZE, BLOCK_SIZE);
+ }
+ System.arraycopy(lastBlock, 0, cipherState, 0, BLOCK_SIZE);
+ }
+}
[20/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java b/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
new file mode 100644
index 0000000..e124e17
--- /dev/null
+++ b/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.server;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.SocketChannel;
+
+public class KdcTest {
+
+ private String serverHost = "localhost";
+ private short serverPort = 8088;
+
+ private ApacheKdcServer kdcServer;
+
+ @Before
+ public void setUp() throws Exception {
+ kdcServer = new ApacheKdcServer();
+ kdcServer.setKdcHost(serverHost);
+ kdcServer.setKdcTcpPort(serverPort);
+ kdcServer.init();
+ kdcServer.start();
+ }
+
+ @Test
+ public void testKdc() throws IOException, InterruptedException {
+ Thread.sleep(10);
+
+ SocketChannel socketChannel = SocketChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.connect(sa);
+
+ String BAD_KRB_MESSAGE = "Hello World!";
+ ByteBuffer writeBuffer = ByteBuffer.allocate(4 + BAD_KRB_MESSAGE.getBytes().length);
+ writeBuffer.putInt(BAD_KRB_MESSAGE.getBytes().length);
+ writeBuffer.put(BAD_KRB_MESSAGE.getBytes());
+ writeBuffer.flip();
+
+ socketChannel.write(writeBuffer);
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ kdcServer.stop();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/README
----------------------------------------------------------------------
diff --git a/kerby-kerb/README b/kerby-kerb/README
new file mode 100644
index 0000000..e0a1507
--- /dev/null
+++ b/kerby-kerb/README
@@ -0,0 +1,2 @@
+A Kerberos protocol and standards implementation with least dependencies (only relying on JCE).
+The provided APIs and facilities can be used as embedded.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/pom.xml b/kerby-kerb/kerb-client/pom.xml
new file mode 100644
index 0000000..c4d1290
--- /dev/null
+++ b/kerby-kerb/kerb-client/pom.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-client</artifactId>
+ <name>Kerby-kerb Client</name>
+ <description>Kerby-kerb Client</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-event</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-pkix</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-token</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
new file mode 100644
index 0000000..55e9b60
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -0,0 +1,321 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.event.EventWaiter;
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.client.event.KrbClientEvent;
+import org.apache.kerby.kerberos.kerb.client.event.KrbClientEventType;
+import org.apache.kerby.kerberos.kerb.client.request.*;
+import org.apache.kerby.kerberos.kerb.common.KrbErrorUtil;
+import org.apache.kerby.kerberos.kerb.common.KrbStreamingDecoder;
+import org.apache.kerby.kerberos.kerb.KrbErrorException;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbError;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.token.KerbToken;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.tcp.TcpConnector;
+
+import java.io.IOException;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+/**
+ * A krb client API for applications to interact with KDC
+ */
+public class KrbClient {
+
+ private EventHub eventHub;
+ private EventWaiter eventWaiter;
+ private Transport transport;
+
+ private KrbHandler krbHandler;
+ private KrbContext context;
+ private KrbConfig config;
+
+ /**
+ *
+ * @param kdcHost
+ * @param kdcPort
+ */
+ public KrbClient(String kdcHost, short kdcPort) {
+ this(new KrbConfig());
+
+ setKdcHost(kdcHost);
+ setKdcPort(kdcPort);
+ }
+
+ public KrbClient(KrbConfig config) {
+ this.config = config;
+ this.context = new KrbContext();
+ context.init(config);
+ }
+
+ /**
+ * Set KDC realm for ticket request
+ * @param realm
+ */
+ public void setKdcRealm(String realm) {
+ context.setKdcRealm(realm);
+ }
+
+ /**
+ *
+ * @param kdcHost
+ */
+ public void setKdcHost(String kdcHost) {
+ context.setKdcHost(kdcHost);
+ }
+
+ /**
+ *
+ * @param kdcPort
+ */
+ public void setKdcPort(short kdcPort) {
+ context.setKdcPort(kdcPort);
+ }
+
+ /**
+ * Set time out for connection
+ * @param timeout in seconds
+ */
+ public void setTimeout(long timeout) {
+ context.setTimeout(timeout);
+ }
+
+ public void init() {
+ this.krbHandler = new KrbHandler();
+ krbHandler.init(context);
+
+ this.eventHub = new EventHub();
+ eventHub.register(krbHandler);
+
+ Connector connector = new TcpConnector(new KrbStreamingDecoder());
+ eventHub.register(connector);
+
+ eventWaiter = eventHub.waitEvent(
+ TransportEventType.NEW_TRANSPORT,
+ KrbClientEventType.TGT_RESULT,
+ KrbClientEventType.TKT_RESULT
+ );
+
+ eventHub.start();
+
+ connector.connect(context.getKdcHost(), context.getKdcPort());
+ Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ transport = ((TransportEvent) event).getTransport();
+ }
+
+ /**
+ * Attempt to request a TGT and you'll be prompted to input a credential.
+ * Whatever credential requested to provide depends on KDC admin configuration.
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public TgtTicket requestTgtTicket(String principal, KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ AsRequest asRequest = new AsRequest(context);
+ asRequest.setKrbOptions(options);
+ return requestTgtTicket(principal, asRequest);
+ }
+
+ /**
+ * Request a TGT with user plain credential
+ * @param principal
+ * @param password
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public TgtTicket requestTgtTicket(String principal, String password,
+ KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ AsRequest asRequest = new AsRequestWithPasswd(context);
+ options.add(KrbOption.USER_PASSWD, password);
+ asRequest.setKrbOptions(options);
+ return requestTgtTicket(principal, asRequest);
+ }
+
+ /**
+ * Request a TGT with user x509 certificate credential
+ * @param principal
+ * @param certificate
+ * @param privateKey
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public TgtTicket requestTgtTicket(String principal, Certificate certificate,
+ PrivateKey privateKey, KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ AsRequestWithCert asRequest = new AsRequestWithCert(context);
+ options.add(KrbOption.PKINIT_X509_CERTIFICATE, certificate);
+ options.add(KrbOption.PKINIT_X509_PRIVATE_KEY, privateKey);
+ asRequest.setKrbOptions(options);
+ return requestTgtTicket(principal, asRequest);
+ }
+
+ /**
+ * Request a TGT with using Anonymous PKINIT
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public TgtTicket requestTgtTicket(KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ AsRequestWithCert asRequest = new AsRequestWithCert(context);
+ options.add(KrbOption.PKINIT_X509_ANONYMOUS);
+ asRequest.setKrbOptions(options);
+
+ String principal = AsRequestWithCert.ANONYMOUS_PRINCIPAL;
+ return requestTgtTicket(principal, asRequest);
+ }
+
+ /**
+ * Request a TGT with user token credential
+ * @param principal
+ * @param token
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public TgtTicket requestTgtTicket(String principal, KerbToken token,
+ KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ AsRequestWithToken asRequest = new AsRequestWithToken(context);
+ options.add(KrbOption.TOKEN_USER_ID_TOKEN, token);
+ asRequest.setKrbOptions(options);
+ return requestTgtTicket(principal, asRequest);
+ }
+
+ /**
+ * Request a service ticket targeting for a server with user plain credentials
+ * @param clientPrincipal
+ * @param password
+ * @param serverPrincipal
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public ServiceTicket requestServiceTicket(String clientPrincipal, String password,
+ String serverPrincipal, KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ TgtTicket tgt = requestTgtTicket(clientPrincipal, password, options);
+ return requestServiceTicket(tgt, serverPrincipal, options);
+ }
+
+ /**
+ * Request a service ticket targeting for a server with an user Access Token
+ * @param clientPrincipal
+ * @param token
+ * @param serverPrincipal
+ * @param options
+ * @return
+ * @throws KrbException
+ */
+ public ServiceTicket requestServiceTicket(String clientPrincipal, KerbToken token,
+ String serverPrincipal, KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ TgtTicket tgt = requestTgtTicket(clientPrincipal, token, options);
+ return requestServiceTicket(tgt, serverPrincipal, options);
+ }
+
+ private TgtTicket requestTgtTicket(String clientPrincipal, AsRequest tgtTktReq) throws KrbException {
+ tgtTktReq.setClientPrincipal(new PrincipalName(clientPrincipal));
+ tgtTktReq.setTransport(transport);
+
+ try {
+ return doRequestTgtTicket(tgtTktReq);
+ } catch(KrbErrorException e) {
+ KrbError krbError = e.getKrbError();
+ if (krbError.getErrorCode() == KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED) {
+ try {
+ tgtTktReq.setEncryptionTypes(KrbErrorUtil.getEtypes(krbError));
+ } catch (IOException ioe) {
+ throw new KrbException("Failed to decode and get etypes from krbError", ioe);
+ }
+ tgtTktReq.getPreauthContext().setPreauthRequired(true);
+ return requestTgtTicket(clientPrincipal, tgtTktReq);
+ }
+ throw e;
+ }
+ }
+
+ private TgtTicket doRequestTgtTicket(AsRequest tgtTktReq) throws KrbException {
+ eventHub.dispatch(KrbClientEvent.createTgtIntentEvent(tgtTktReq));
+ Event resultEvent = null;
+ try {
+ resultEvent = eventWaiter.waitEvent(KrbClientEventType.TGT_RESULT,
+ context.getTimeout(), TimeUnit.SECONDS);
+ } catch (TimeoutException e) {
+ throw new KrbException("Network timeout", e);
+ }
+ AsRequest asResponse = (AsRequest) resultEvent.getEventData();
+
+ return asResponse.getTicket();
+ }
+
+ /**
+ * Request a service ticket with a TGT targeting for a server
+ * @param tgt
+ * @param serverPrincipal
+ * @return
+ * @throws KrbException
+ */
+ public ServiceTicket requestServiceTicket(TgtTicket tgt, String serverPrincipal,
+ KrbOptions options) throws KrbException {
+ if (options == null) options = new KrbOptions();
+
+ TgsRequest ticketReq = new TgsRequest(context, tgt);
+ ticketReq.setServerPrincipal(new PrincipalName(serverPrincipal));
+ ticketReq.setTransport(transport);
+
+ eventHub.dispatch(KrbClientEvent.createTktIntentEvent(ticketReq));
+ Event resultEvent = null;
+ try {
+ resultEvent = eventWaiter.waitEvent(KrbClientEventType.TKT_RESULT,
+ context.getTimeout(), TimeUnit.SECONDS);
+ } catch (TimeoutException e) {
+ throw new KrbException("Network timeout", e);
+ }
+ TgsRequest tgsResponse = (TgsRequest) resultEvent.getEventData();
+
+ return tgsResponse.getServiceTicket();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
new file mode 100644
index 0000000..e523c12
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
@@ -0,0 +1,161 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.config.Conf;
+import org.apache.kerby.kerberos.kerb.common.KrbConfHelper;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+import java.util.List;
+
+public class KrbConfig {
+ protected Conf conf;
+
+ public KrbConfig() {
+ this.conf = new Conf();
+ }
+
+ public Conf getConf() {
+ return this.conf;
+ }
+
+ public boolean enableDebug() {
+ return conf.getBoolean(KrbConfigKey.KRB_DEBUG);
+ }
+
+ public String getKdcHost() {
+ return conf.getString(KrbConfigKey.KDC_HOST);
+ }
+
+ public short getKdcPort() {
+ Integer kdcPort = conf.getInt(KrbConfigKey.KDC_PORT);
+ return kdcPort.shortValue();
+ }
+
+ public String getKdcRealm() {
+ return conf.getString(KrbConfigKey.KDC_REALM);
+ }
+
+ public String getKdcDomain() {
+ return conf.getString(KrbConfigKey.KDC_DOMAIN);
+ }
+
+ public boolean isPreauthRequired() {
+ return conf.getBoolean(KrbConfigKey.PREAUTH_REQUIRED);
+ }
+
+ public String getTgsPrincipal() {
+ return conf.getString(KrbConfigKey.TGS_PRINCIPAL);
+ }
+
+ public long getAllowableClockSkew() {
+ return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.CLOCKSKEW);
+ }
+
+ public boolean isEmptyAddressesAllowed() {
+ return conf.getBoolean(KrbConfigKey.EMPTY_ADDRESSES_ALLOWED);
+ }
+
+ public boolean isForwardableAllowed() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.FORWARDABLE);
+ }
+
+ public boolean isPostdatedAllowed() {
+ return conf.getBoolean(KrbConfigKey.POSTDATED_ALLOWED);
+ }
+
+ public boolean isProxiableAllowed() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.PROXIABLE);
+ }
+
+ public boolean isRenewableAllowed() {
+ return conf.getBoolean(KrbConfigKey.RENEWABLE_ALLOWED);
+ }
+
+ public long getMaximumRenewableLifetime() {
+ return conf.getLong(KrbConfigKey.MAXIMUM_RENEWABLE_LIFETIME);
+ }
+
+ public long getMaximumTicketLifetime() {
+ return conf.getLong(KrbConfigKey.MAXIMUM_TICKET_LIFETIME);
+ }
+
+ public long getMinimumTicketLifetime() {
+ return conf.getLong(KrbConfigKey.MINIMUM_TICKET_LIFETIME);
+ }
+
+ public List<EncryptionType> getEncryptionTypes() {
+ return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.PERMITTED_ENCTYPES);
+ }
+
+ public boolean isPaEncTimestampRequired() {
+ return conf.getBoolean(KrbConfigKey.PA_ENC_TIMESTAMP_REQUIRED);
+ }
+
+ public boolean isBodyChecksumVerified() {
+ return conf.getBoolean(KrbConfigKey.VERIFY_BODY_CHECKSUM);
+ }
+
+ public String getDefaultRealm() {
+ return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.DEFAULT_REALM);
+ }
+
+ public boolean getDnsLookUpKdc() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.DNS_LOOKUP_KDC);
+ }
+
+ public boolean getDnsLookUpRealm() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.DNS_LOOKUP_REALM);
+ }
+
+ public boolean getAllowWeakCrypto() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.ALLOW_WEAK_CRYPTO);
+ }
+
+ public long getTicketLifetime() {
+ return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.TICKET_LIFETIME);
+ }
+
+ public long getRenewLifetime() {
+ return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.RENEW_LIFETIME);
+ }
+
+ public List<EncryptionType> getDefaultTgsEnctypes() {
+ return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.DEFAULT_TGS_ENCTYPES);
+ }
+
+ public List<EncryptionType> getDefaultTktEnctypes() {
+ return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.DEFAULT_TKT_ENCTYPES);
+ }
+
+ public String getDefaultLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.DEFAULT);
+ }
+
+ public String getKdcLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.KDC);
+ }
+
+ public String getAdminLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.ADMIN_SERVER);
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
new file mode 100644
index 0000000..111cc67
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.kerberos.kerb.common.SectionConfigKey;
+
+public enum KrbConfigKey implements SectionConfigKey {
+ KRB_DEBUG(true),
+ KDC_HOST("localhost"),
+ KDC_PORT(8015),
+ KDC_DOMAIN("example.com"),
+ KDC_REALM("EXAMPLE.COM"),
+ TGS_PRINCIPAL("krbtgt@EXAMPLE.COM"),
+ PREAUTH_REQUIRED(true),
+ CLOCKSKEW(5 * 60L, "libdefaults"),
+ EMPTY_ADDRESSES_ALLOWED(true),
+ PA_ENC_TIMESTAMP_REQUIRED(true),
+ MAXIMUM_TICKET_LIFETIME(24 * 3600L),
+ MINIMUM_TICKET_LIFETIME(1 * 3600L),
+ MAXIMUM_RENEWABLE_LIFETIME(48 * 3600L),
+ FORWARDABLE(true, "libdefaults"),
+ POSTDATED_ALLOWED(true),
+ PROXIABLE(true, "libdefaults"),
+ RENEWABLE_ALLOWED(true),
+ VERIFY_BODY_CHECKSUM(true),
+ PERMITTED_ENCTYPES("aes128-cts-hmac-sha1-96", "libdefaults"),
+ DEFAULT_REALM("EXAMPLE.COM", "libdefaults"),
+ DNS_LOOKUP_KDC(false, "libdefaults"),
+ DNS_LOOKUP_REALM(false, "libdefaults"),
+ ALLOW_WEAK_CRYPTO(true, "libdefaults"),
+ TICKET_LIFETIME(24 * 3600L, "libdefaults"),
+ RENEW_LIFETIME(48 * 3600L, "libdefaults"),
+ DEFAULT_TGS_ENCTYPES("aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 " +
+ "des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac " +
+ "camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4",
+ "libdefaults"),
+ DEFAULT_TKT_ENCTYPES("aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 " +
+ "des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac " +
+ "camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4",
+ "libdefaults"),
+
+ //key for logging location
+ DEFAULT(null, "logging"),
+ KDC(null, "logging"),
+ ADMIN_SERVER(null, "logging");
+
+ private Object defaultValue;
+ /**
+ * The name of a section where a config key is contained in MIT Kerberos config file.
+ */
+ private String sectionName;
+
+ private KrbConfigKey() {
+ this.defaultValue = null;
+ }
+
+ private KrbConfigKey(Object defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ private KrbConfigKey(Object defaultValue, String sectionName) {
+ this(defaultValue);
+ this.sectionName = sectionName;
+ }
+
+ /**
+ * Use the propertyKey, we can get the configuration value from Object Conf.
+ */
+ @Override
+ public String getPropertyKey() {
+ return name().toLowerCase();
+ }
+
+ @Override
+ public Object getDefaultValue() {
+ return this.defaultValue;
+ }
+
+ @Override
+ public String getSectionName() {
+ return sectionName;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
new file mode 100644
index 0000000..279c486
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
@@ -0,0 +1,97 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.kerberos.kerb.client.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.crypto.Nonce;
+
+public class KrbContext {
+
+ private String kdcRealm;
+ private KrbConfig config;
+ private String kdcHost;
+ private short kdcPort;
+ private long timeout = 10L;
+ private PreauthHandler preauthHandler;
+
+ public void init(KrbConfig config) {
+ this.config = config;
+ preauthHandler = new PreauthHandler();
+ preauthHandler.init(this);
+ }
+
+ public String getKdcHost() {
+ if (kdcHost != null) {
+ return kdcHost;
+ }
+ return config.getKdcHost();
+ }
+
+ public void setKdcHost(String kdcHost) {
+ this.kdcHost = kdcHost;
+ }
+
+ public short getKdcPort() {
+ if (kdcPort > 0) {
+ return kdcPort;
+ }
+ return config.getKdcPort();
+ }
+
+ public void setKdcPort(short kdcPort) {
+ this.kdcPort = kdcPort;
+ }
+
+ public void setTimeout(long timeout) {
+ this.timeout = timeout;
+ }
+
+ public long getTimeout() {
+ return this.timeout;
+ }
+
+ public KrbConfig getConfig() {
+ return config;
+ }
+
+ public void setKdcRealm(String realm) {
+ this.kdcRealm = realm;
+ }
+
+ public String getKdcRealm() {
+ if (kdcRealm != null) {
+ return kdcRealm;
+ }
+
+ return config.getKdcRealm();
+ }
+
+ public int generateNonce() {
+ return Nonce.value();
+ }
+
+ public long getTicketValidTime() {
+ return 8 * 60 * 60 * 1000;
+ }
+
+ public PreauthHandler getPreauthHandler() {
+ return preauthHandler;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
new file mode 100644
index 0000000..085ee57
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
@@ -0,0 +1,99 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.kerberos.kerb.client.event.KrbClientEvent;
+import org.apache.kerby.kerberos.kerb.client.event.KrbClientEventType;
+import org.apache.kerby.kerberos.kerb.client.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.client.request.AsRequest;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.client.request.TgsRequest;
+import org.apache.kerby.kerberos.kerb.common.KrbUtil;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcRep;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+
+import java.nio.ByteBuffer;
+
+public class KrbHandler extends AbstractEventHandler {
+
+ private KrbContext context;
+ private PreauthHandler preauthHandler;
+
+ public void init(KrbContext context) {
+ this.context = context;
+ preauthHandler = new PreauthHandler();
+ preauthHandler.init(context);
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ TransportEventType.INBOUND_MESSAGE,
+ KrbClientEventType.TGT_INTENT,
+ KrbClientEventType.TKT_INTENT
+ };
+ }
+
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ EventType eventType = event.getEventType();
+
+ if (eventType == KrbClientEventType.TGT_INTENT ||
+ eventType == KrbClientEventType.TKT_INTENT) {
+ KdcRequest kdcRequest = (KdcRequest) event.getEventData();
+ handleKdcRequest(kdcRequest);
+ } else if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ handleMessage((MessageEvent) event);
+ }
+ }
+
+ protected void handleKdcRequest(KdcRequest kdcRequest) throws KrbException {
+ kdcRequest.process();
+ KdcReq kdcReq = kdcRequest.getKdcReq();
+ Transport transport = kdcRequest.getTransport();
+ transport.setAttachment(kdcRequest);
+ KrbUtil.sendMessage(kdcReq, transport);
+ }
+
+ protected void handleMessage(MessageEvent event) throws Exception {
+ ByteBuffer message = event.getMessage();
+ KrbMessage kdcRep = KrbUtil.decodeMessage(message);
+
+ KrbMessageType messageType = kdcRep.getMsgType();
+ if (messageType == KrbMessageType.AS_REP) {
+ KdcRequest kdcRequest = (KdcRequest) event.getTransport().getAttachment();
+ kdcRequest.processResponse((KdcRep) kdcRep);
+ dispatch(KrbClientEvent.createTgtResultEvent((AsRequest) kdcRequest));
+ } else if (messageType == KrbMessageType.TGS_REP) {
+ KdcRequest kdcRequest = (KdcRequest) event.getTransport().getAttachment();
+ kdcRequest.processResponse((KdcRep) kdcRep);
+ dispatch(KrbClientEvent.createTktResultEvent((TgsRequest) kdcRequest));
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
new file mode 100644
index 0000000..64d0d56
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+public enum KrbOption {
+ LIFE_TIME("-l lifetime"),
+ START_TIME("-s start time"),
+ RENEWABLE_TIME("-r renewable lifetime"),
+ FORWARDABLE("-f forwardable"),
+ NOT_FORWARDABLE("-F not forwardable"),
+ PROXIABLE("-p proxiable"),
+ NOT_PROXIABLE("-P not proxiable"),
+ ANONYMOUS("-n anonymous"),
+ INCLUDE_ADDRESSES("-a include addresses"),
+ NOT_INCLUDE_ADDRESSES("-A do not include addresses"),
+ VALIDATE("-v validate"),
+ RENEW("-R renew"),
+ CANONICALIZE("-C canonicalize"),
+ AS_ENTERPRISE_PN("-E client is enterprise principal name"),
+ USE_KEYTAB("-k use keytab"),
+ USE_DFT_KEYTAB("-i use default client keytab (with -k)"),
+ USER_KEYTAB_FILE("-t filename of keytab to use"),
+ KRB5_CACHE("-c Kerberos 5 cache name"),
+ SERVICE("-S service"),
+ ARMOR_CACHE("-T armor credential cache"),
+ XATTR("-X <attribute>[=<value>]"),
+
+ USER_PASSWD("user_passwd", "User plain password"),
+
+ PKINIT_X509_IDENTITY("x509_identities", "X509 user private key and cert"),
+ PKINIT_X509_PRIVATE_KEY("x509_privatekey", "X509 user private key"),
+ PKINIT_X509_CERTIFICATE("x509_cert", "X509 user certificate"),
+ PKINIT_X509_ANCHORS("x509_anchors", "X509 anchors"),
+ PKINIT_X509_ANONYMOUS("x509_anonymous", "X509 anonymous"),
+ PKINIT_USING_RSA("using_rsa_or_dh", "Using RSA or DH"),
+
+ TOKEN_USING_IDTOKEN("using_id_token", "Using identity token"),
+ TOKEN_USER_ID_TOKEN("user_id_token", "User identity token"),
+ TOKEN_USER_AC_TOKEN("user_ac_token", "User access token"),
+
+ ;
+
+ private String name;
+ private String description;
+ private Object value;
+
+ KrbOption(String description) {
+ this.description = description;
+ }
+
+ KrbOption(String name, String description) {
+ this.name = name;
+ this.description = description;
+ }
+
+ public String getName() {
+ if (name != null) {
+ return name;
+ }
+ return name();
+ }
+
+ public String getDescription() {
+ return this.description;
+ }
+
+ public void setValue(Object value) {
+ this.value = value;
+ }
+
+ public Object getValue() {
+ return value;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOptions.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOptions.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOptions.java
new file mode 100644
index 0000000..06bd361
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOptions.java
@@ -0,0 +1,96 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class KrbOptions {
+
+ private Map<KrbOption, KrbOption> options = new HashMap<KrbOption, KrbOption>(4);
+
+ public void add(KrbOption option) {
+ if (option != null) {
+ options.put(option, option);
+ }
+ }
+
+ public void add(KrbOption option, Object optionValue) {
+ option.setValue(optionValue);
+ add(option);
+ }
+
+ public boolean contains(KrbOption option) {
+ return options.containsKey(option);
+ }
+
+ public KrbOption getOption(KrbOption option) {
+ if (! options.containsKey(option)) {
+ return null;
+ }
+
+ return options.get(option);
+ }
+
+ public Object getOptionValue(KrbOption option) {
+ if (! contains(option)) {
+ return null;
+ }
+ return options.get(option).getValue();
+ }
+
+ public String getStringOption(KrbOption option) {
+ Object value = getOptionValue(option);
+ if (value != null && value instanceof String) {
+ return (String) value;
+ }
+ return null;
+ }
+
+ public boolean getBooleanOption(KrbOption option) {
+ Object value = getOptionValue(option);
+ if (value != null) {
+ if (value instanceof String) {
+ String strVal = (String) value;
+ if (strVal.equalsIgnoreCase("true") ||
+ strVal.equalsIgnoreCase("yes") ||
+ strVal.equals("1")) {
+ return true;
+ }
+ } else if (value instanceof Boolean) {
+ return (Boolean) value;
+ }
+ }
+ return false;
+ }
+
+ public int getIntegerOption(KrbOption option) {
+ Object value = getOptionValue(option);
+ if (value != null) {
+ if (value instanceof String) {
+ String strVal = (String) value;
+ return Integer.valueOf(strVal);
+ } else if (value instanceof Integer) {
+ return (Integer) value;
+ }
+ }
+ return -1;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEvent.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEvent.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEvent.java
new file mode 100644
index 0000000..291b33e
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEvent.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.event;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.kerberos.kerb.client.request.AsRequest;
+import org.apache.kerby.kerberos.kerb.client.request.TgsRequest;
+
+public class KrbClientEvent {
+
+ public static Event createTgtIntentEvent(AsRequest asRequest) {
+ return new Event(KrbClientEventType.TGT_INTENT, asRequest);
+ }
+
+ public static Event createTktIntentEvent(TgsRequest tgsRequest) {
+ return new Event(KrbClientEventType.TKT_INTENT, tgsRequest);
+ }
+
+ public static Event createTgtResultEvent(AsRequest asRequest) {
+ return new Event(KrbClientEventType.TGT_RESULT, asRequest);
+ }
+
+ public static Event createTktResultEvent(TgsRequest tgsRequest) {
+ return new Event(KrbClientEventType.TKT_RESULT, tgsRequest);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEventType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEventType.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEventType.java
new file mode 100644
index 0000000..78fd424
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/event/KrbClientEventType.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.event;
+
+import org.apache.kerby.event.EventType;
+
+public enum KrbClientEventType implements EventType {
+ TGT_INTENT,
+ TGT_RESULT,
+ TKT_INTENT,
+ TKT_RESULT
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
new file mode 100644
index 0000000..09f5c58
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
@@ -0,0 +1,122 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlag;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.util.Collections;
+import java.util.List;
+
+public class AbstractPreauthPlugin implements KrbPreauth {
+
+ private PreauthPluginMeta pluginMeta;
+ protected KrbContext context;
+
+ public AbstractPreauthPlugin(PreauthPluginMeta meta) {
+ this.pluginMeta = meta;
+ }
+
+ @Override
+ public String getName() {
+ return pluginMeta.getName();
+ }
+
+ public int getVersion() {
+ return pluginMeta.getVersion();
+ }
+
+ public PaDataType[] getPaTypes() {
+ return pluginMeta.getPaTypes();
+ }
+
+ public void init(KrbContext context) {
+ this.context = context;
+ }
+
+ @Override
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
+ return null;
+ }
+
+ @Override
+ public void prepareQuestions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) throws KrbException {
+
+ kdcRequest.needAsKey();
+ }
+
+ @Override
+ public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) {
+ return Collections.emptyList();
+ }
+
+ @Override
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext, KrbOptions options) {
+
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException {
+
+ }
+
+ @Override
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext, PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
+
+ return false;
+ }
+
+ @Override
+ public boolean tryAgain(KdcRequest kdcRequest,
+ PluginRequestContext requestContext, PaDataType preauthType,
+ PaData errPadata, PaData outPadata) {
+ return false;
+ }
+
+ @Override
+ public PaFlags getFlags(PaDataType paType) {
+ PaFlags paFlags = new PaFlags(0);
+ paFlags.setFlag(PaFlag.PA_REAL);
+
+ return paFlags;
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/FastContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/FastContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/FastContext.java
new file mode 100644
index 0000000..88f7f51
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/FastContext.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.fast.FastOptions;
+import org.apache.kerby.kerberos.kerb.spec.fast.KrbFastArmor;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+
+public class FastContext {
+
+ public KdcReq fastOuterRequest;
+ public EncryptionKey armorKey;
+ public KrbFastArmor fastArmor;
+ public FastOptions fastOptions;
+ public int nonce;
+ public int fastFlags;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/KrbPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/KrbPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/KrbPreauth.java
new file mode 100644
index 0000000..2797ca4
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/KrbPreauth.java
@@ -0,0 +1,107 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.util.List;
+
+/**
+ * Client side preauth plugin module
+ */
+public interface KrbPreauth extends PreauthPluginMeta {
+
+ /**
+ * Initializing preauth plugin context
+ */
+ public void init(KrbContext krbContext);
+
+ /**
+ * Initializing request context
+ */
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest);
+
+ /**
+ * Prepare questions to prompt to you asking for credential
+ */
+ public void prepareQuestions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) throws KrbException;
+
+ /**
+ * Get supported encryption types
+ */
+ public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
+ PluginRequestContext requestContext);
+
+ /**
+ * Set krb options passed from user
+ */
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ KrbOptions preauthOptions);
+
+ /**
+ * Attempt to try any initial padata derived from user options
+ */
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException;
+
+ /**
+ * Process server returned paData and return back any result paData
+ * Return true indicating padata is added
+ */
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException;
+
+ /**
+ * When another request to server in the 4 pass, any paData to provide?
+ * Return true indicating padata is added
+ */
+ public boolean tryAgain(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataType preauthType,
+ PaData errPadata,
+ PaData outPadata);
+
+ /**
+ * Return PA_REAL if pa_type is a real preauthentication type or PA_INFO if it is
+ * an informational type.
+ */
+ public PaFlags getFlags(PaDataType paType);
+
+ /**
+ * When exiting...
+ */
+ public void destroy();
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthContext.java
new file mode 100644
index 0000000..aa943e4
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthContext.java
@@ -0,0 +1,108 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class PreauthContext {
+ private boolean preauthRequired = true;
+ private PaData inputPaData;
+ private PaData outputPaData;
+ private PaData errorPaData;
+ private UserResponser userResponser = new UserResponser();
+ private PaDataType selectedPaType;
+ private PaDataType allowedPaType;
+ private List<PaDataType> triedPaTypes = new ArrayList<PaDataType>(1);
+ private List<PreauthHandle> handles = new ArrayList<PreauthHandle>(5);
+
+ public PreauthContext() {
+ this.selectedPaType = PaDataType.NONE;
+ this.allowedPaType = PaDataType.NONE;
+ this.outputPaData = new PaData();
+ }
+
+ public boolean isPreauthRequired() {
+ return preauthRequired;
+ }
+
+ public void setPreauthRequired(boolean preauthRequired) {
+ this.preauthRequired = preauthRequired;
+ }
+
+ public UserResponser getUserResponser() {
+ return userResponser;
+ }
+
+ public boolean isPaTypeAllowed(PaDataType paType) {
+ return (allowedPaType == PaDataType.NONE ||
+ allowedPaType == paType);
+ }
+
+ public PaData getOutputPaData() throws KrbException {
+ return outputPaData;
+ }
+
+ public boolean hasInputPaData() {
+ return (inputPaData != null && ! inputPaData.isEmpty());
+ }
+
+ public PaData getInputPaData() {
+ return inputPaData;
+ }
+
+ public void setInputPaData(PaData inputPaData) {
+ this.inputPaData = inputPaData;
+ }
+
+ public PaData getErrorPaData() {
+ return errorPaData;
+ }
+
+ public void setErrorPaData(PaData errorPaData) {
+ this.errorPaData = errorPaData;
+ }
+
+ public void setAllowedPaType(PaDataType paType) {
+ this.allowedPaType = paType;
+ }
+
+ public List<PreauthHandle> getHandles() {
+ return handles;
+ }
+
+ public PaDataType getAllowedPaType() {
+ return allowedPaType;
+ }
+
+ public boolean checkAndPutTried(PaDataType paType) {
+ for (PaDataType pt : triedPaTypes) {
+ if (pt == paType) {
+ return true;
+ }
+ }
+ triedPaTypes.add(paType);
+ return false;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandle.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandle.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandle.java
new file mode 100644
index 0000000..2491fac
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandle.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class PreauthHandle {
+
+ public KrbPreauth preauth;
+ public PluginRequestContext requestContext;
+
+ public PreauthHandle(KrbPreauth preauth) {
+ this.preauth = preauth;
+ }
+
+ public void initRequestContext(KdcRequest kdcRequest) {
+ requestContext = preauth.initRequestContext(kdcRequest);
+ }
+
+ public void prepareQuestions(KdcRequest kdcRequest) throws KrbException {
+ preauth.prepareQuestions(kdcRequest, requestContext);
+ }
+
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ KrbOptions preauthOptions) throws KrbException {
+ preauth.setPreauthOptions(kdcRequest, requestContext, preauthOptions);
+ }
+
+ public void tryFirst(KdcRequest kdcRequest, PaData outPadata) throws KrbException {
+ preauth.tryFirst(kdcRequest, requestContext, outPadata);
+ }
+
+ public boolean process(KdcRequest kdcRequest,
+ PaDataEntry inPadata, PaData outPadata) throws KrbException {
+ return preauth.process(kdcRequest, requestContext, inPadata, outPadata);
+ }
+
+ public boolean tryAgain(KdcRequest kdcRequest,
+ PaDataType paType, PaData errPadata, PaData paData) {
+ return preauth.tryAgain(kdcRequest, requestContext, paType, errPadata, paData);
+ }
+
+ public boolean isReal(PaDataType paType) {
+ PaFlags paFlags = preauth.getFlags(paType);
+ return paFlags.isReal();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandler.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandler.java
new file mode 100644
index 0000000..39fe3a8
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/PreauthHandler.java
@@ -0,0 +1,249 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.preauth.builtin.EncTsPreauth;
+import org.apache.kerby.kerberos.kerb.client.preauth.builtin.TgtPreauth;
+import org.apache.kerby.kerberos.kerb.client.preauth.pkinit.PkinitPreauth;
+import org.apache.kerby.kerberos.kerb.client.preauth.token.TokenPreauth;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EtypeInfo;
+import org.apache.kerby.kerberos.kerb.spec.common.EtypeInfo2;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class PreauthHandler {
+ private KrbContext krbContext;
+ private List<KrbPreauth> preauths;
+
+ public void init(KrbContext krbContext) {
+ this.krbContext = krbContext;
+ loadPreauthPlugins(krbContext);
+ }
+
+ private void loadPreauthPlugins(KrbContext context) {
+ preauths = new ArrayList<KrbPreauth>();
+
+ KrbPreauth preauth = new EncTsPreauth();
+ preauth.init(context);
+ preauths.add(preauth);
+
+ preauth = new TgtPreauth();
+ preauth.init(context);
+ preauths.add(preauth);
+
+ preauth = new PkinitPreauth();
+ preauth.init(context);
+ preauths.add(preauth);
+
+ preauth = new TokenPreauth();
+ preauth.init(context);
+ preauths.add(preauth);
+ }
+
+ public PreauthContext preparePreauthContext(KdcRequest kdcRequest) {
+ PreauthContext preauthContext = new PreauthContext();
+ preauthContext.setPreauthRequired(krbContext.getConfig().isPreauthRequired());
+ for (KrbPreauth preauth : preauths) {
+ PreauthHandle handle = new PreauthHandle(preauth);
+ handle.initRequestContext(kdcRequest);
+ preauthContext.getHandles().add(handle);
+ }
+
+ return preauthContext;
+ }
+
+ /**
+ * Process preauth inputs and options, prepare and generate pdata to be out
+ */
+ public void preauth(KdcRequest kdcRequest) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ if (!preauthContext.isPreauthRequired()) {
+ return;
+ }
+
+ if (!preauthContext.hasInputPaData()) {
+ tryFirst(kdcRequest, preauthContext.getOutputPaData());
+ return;
+ }
+
+ attemptETypeInfo(kdcRequest, preauthContext.getInputPaData());
+
+ setPreauthOptions(kdcRequest, kdcRequest.getPreauthOptions());
+
+ prepareUserResponses(kdcRequest, preauthContext.getInputPaData());
+
+ preauthContext.getUserResponser().respondQuestions();
+
+ if (!kdcRequest.isRetrying()) {
+ process(kdcRequest, preauthContext.getInputPaData(),
+ preauthContext.getOutputPaData());
+ } else {
+ tryAgain(kdcRequest, preauthContext.getInputPaData(),
+ preauthContext.getOutputPaData());
+ }
+ }
+
+ public void prepareUserResponses(KdcRequest kdcRequest,
+ PaData inPadata) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PaDataEntry pae : inPadata.getElements()) {
+ if (! preauthContext.isPaTypeAllowed(pae.getPaDataType())) {
+ continue;
+ }
+
+ PreauthHandle handle = findHandle(kdcRequest, pae.getPaDataType());
+ if (handle == null) {
+ continue;
+ }
+
+ handle.prepareQuestions(kdcRequest);
+ }
+ }
+
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ KrbOptions preauthOptions) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PreauthHandle handle : preauthContext.getHandles()) {
+ handle.setPreauthOptions(kdcRequest, preauthOptions);
+ }
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PaData outPadata) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ PreauthHandle handle = findHandle(kdcRequest,
+ preauthContext.getAllowedPaType());
+ handle.tryFirst(kdcRequest, outPadata);
+ }
+
+ public void process(KdcRequest kdcRequest,
+ PaData inPadata, PaData outPadata) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ /**
+ * Process all informational padata types, then the first real preauth type
+ * we succeed on
+ */
+ for (int real = 0; real <= 1; real ++) {
+ for (PaDataEntry pae : inPadata.getElements()) {
+
+ // Restrict real mechanisms to the chosen one if we have one
+ if (real >0 && !preauthContext.isPaTypeAllowed(pae.getPaDataType())) {
+ continue;
+ }
+
+ PreauthHandle handle = findHandle(kdcRequest,
+ preauthContext.getAllowedPaType());
+ if (handle == null) {
+ continue;
+ }
+
+ // Make sure this type is for the current pass
+ int tmpReal = handle.isReal(pae.getPaDataType()) ? 1 : 0;
+ if (tmpReal != real) {
+ continue;
+ }
+
+ if (real > 0 && preauthContext.checkAndPutTried(pae.getPaDataType())) {
+ continue;
+ }
+
+ boolean gotData = handle.process(kdcRequest, pae, outPadata);
+ if (real > 0 && gotData) {
+ return;
+ }
+ }
+ }
+ }
+
+ public void tryAgain(KdcRequest kdcRequest,
+ PaData inPadata, PaData outPadata) {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ PreauthHandle handle;
+ for (PaDataEntry pae : inPadata.getElements()) {
+ handle = findHandle(kdcRequest, pae.getPaDataType());
+ if (handle == null) continue;
+
+ boolean gotData = handle.tryAgain(kdcRequest,
+ pae.getPaDataType(), preauthContext.getErrorPaData(), outPadata);
+ }
+ }
+
+ public void destroy() {
+ for (KrbPreauth preauth : preauths) {
+ preauth.destroy();
+ }
+ }
+
+ private PreauthHandle findHandle(KdcRequest kdcRequest,
+ PaDataType paType) {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PreauthHandle handle : preauthContext.getHandles()) {
+ for (PaDataType pt : handle.preauth.getPaTypes()) {
+ if (pt == paType) {
+ return handle;
+ }
+ }
+ }
+ return null;
+ }
+
+ private void attemptETypeInfo(KdcRequest kdcRequest,
+ PaData inPadata) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ // Find an etype-info2 or etype-info element in padata
+ EtypeInfo etypeInfo = null;
+ EtypeInfo2 etypeInfo2 = null;
+ PaDataEntry pae = inPadata.findEntry(PaDataType.ETYPE_INFO);
+ if (pae != null) {
+ etypeInfo = KrbCodec.decode(pae.getPaDataValue(), EtypeInfo.class);
+ } else {
+ pae = inPadata.findEntry(PaDataType.ETYPE_INFO2);
+ if (pae != null) {
+ etypeInfo2 = KrbCodec.decode(pae.getPaDataValue(), EtypeInfo2.class);
+ }
+ }
+
+ if (etypeInfo == null && etypeInfo2 == null) {
+ attemptSalt(kdcRequest, inPadata);
+ }
+ }
+
+ private void attemptSalt(KdcRequest kdcRequest,
+ PaData inPadata) throws KrbException {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponseItem.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponseItem.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponseItem.java
new file mode 100644
index 0000000..bc33cc4
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponseItem.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+public class UserResponseItem {
+ protected String question;
+ protected String challenge;
+ protected String answer;
+
+ public UserResponseItem(String question, String challenge) {
+ this.question = question;
+ this.challenge = challenge;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponser.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponser.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponser.java
new file mode 100644
index 0000000..695e111
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/UserResponser.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class UserResponser {
+
+ private List<UserResponseItem> items = new ArrayList<UserResponseItem>(1);
+
+ /**
+ * Let customize an interface like CMD or WEB UI to selectively respond all the questions
+ */
+ public void respondQuestions() {
+ // TODO
+ }
+
+ public UserResponseItem findQuestion(String question) {
+ for (UserResponseItem ri : items) {
+ if (ri.question.equals(question)) {
+ return ri;
+ }
+ }
+ return null;
+ }
+
+ public void askQuestion(String question, String challenge) {
+ UserResponseItem ri = findQuestion(question);
+ if (ri == null) {
+ items.add(new UserResponseItem(question, challenge));
+ } else {
+ ri.challenge = challenge;
+ }
+ }
+
+ public String getChallenge(String question) {
+ UserResponseItem ri = findQuestion(question);
+ if (ri != null) {
+ return ri.challenge;
+ }
+ return null;
+ }
+
+ public void setAnswer(String question, String answer) {
+ UserResponseItem ri = findQuestion(question);
+ if (ri == null) {
+ throw new IllegalArgumentException("Question isn't exist for the answer");
+ }
+ ri.answer = answer;
+ }
+
+ public String getAnswer(String question) {
+ UserResponseItem ri = findQuestion(question);
+ if (ri != null) {
+ return ri.answer;
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
new file mode 100644
index 0000000..361e73b
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlag;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.builtin.EncTsPreauthMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaEncTsEnc;
+
+public class EncTsPreauth extends AbstractPreauthPlugin {
+
+ public EncTsPreauth() {
+ super(new EncTsPreauthMeta());
+ }
+
+ @Override
+ public void prepareQuestions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) throws KrbException {
+
+ kdcRequest.needAsKey();
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException {
+
+ if (kdcRequest.getAsKey() == null) {
+ kdcRequest.needAsKey();
+ }
+ outPadata.addElement(makeEntry(kdcRequest));
+ }
+
+ @Override
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
+
+ if (kdcRequest.getAsKey() == null) {
+ kdcRequest.needAsKey();
+ }
+ outPadata.addElement(makeEntry(kdcRequest));
+
+ return true;
+ }
+
+ @Override
+ public PaFlags getFlags(PaDataType paType) {
+ PaFlags paFlags = new PaFlags(0);
+ paFlags.setFlag(PaFlag.PA_REAL);
+
+ return paFlags;
+ }
+
+ private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
+ PaEncTsEnc paTs = new PaEncTsEnc();
+ paTs.setPaTimestamp(kdcRequest.getPreauthTime());
+
+ EncryptedData paDataValue = EncryptionUtil.seal(paTs,
+ kdcRequest.getAsKey(), KeyUsage.AS_REQ_PA_ENC_TS);
+ PaDataEntry tsPaEntry = new PaDataEntry();
+ tsPaEntry.setPaDataType(PaDataType.ENC_TIMESTAMP);
+ tsPaEntry.setPaDataValue(paDataValue.encode());
+
+ return tsPaEntry;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
new file mode 100644
index 0000000..d5b2e9f
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.client.request.TgsRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.builtin.TgtPreauthMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class TgtPreauth extends AbstractPreauthPlugin {
+
+ public TgtPreauth() {
+ super(new TgtPreauthMeta());
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException {
+
+ outPadata.addElement(makeEntry(kdcRequest));
+ }
+
+ @Override
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
+
+ outPadata.addElement(makeEntry(kdcRequest));
+
+ return true;
+ }
+
+ private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
+
+ TgsRequest tgsRequest = (TgsRequest) kdcRequest;
+
+ PaDataEntry paEntry = new PaDataEntry();
+ paEntry.setPaDataType(PaDataType.TGS_REQ);
+ paEntry.setPaDataValue(tgsRequest.getApReq().encode());
+
+ return paEntry;
+ }
+}
[17/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacLogonInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacLogonInfo.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacLogonInfo.java
new file mode 100644
index 0000000..8b98753
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacLogonInfo.java
@@ -0,0 +1,322 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.util.Date;
+
+public class PacLogonInfo {
+
+ private Date logonTime;
+ private Date logoffTime;
+ private Date kickOffTime;
+ private Date pwdLastChangeTime;
+ private Date pwdCanChangeTime;
+ private Date pwdMustChangeTime;
+ private short logonCount;
+ private short badPasswordCount;
+ private String userName;
+ private String userDisplayName;
+ private String logonScript;
+ private String profilePath;
+ private String homeDirectory;
+ private String homeDrive;
+ private String serverName;
+ private String domainName;
+ private PacSid userSid;
+ private PacSid groupSid;
+ private PacSid[] groupSids;
+ private PacSid[] resourceGroupSids;
+ private PacSid[] extraSids;
+ private int userAccountControl;
+ private int userFlags;
+
+ public PacLogonInfo(byte[] data) throws IOException {
+ try {
+ PacDataInputStream pacStream = new PacDataInputStream(new DataInputStream(
+ new ByteArrayInputStream(data)));
+
+ // Skip firsts
+ pacStream.skipBytes(20);
+
+ // Dates
+ logonTime = pacStream.readFiletime();
+ logoffTime = pacStream.readFiletime();
+ kickOffTime = pacStream.readFiletime();
+ pwdLastChangeTime = pacStream.readFiletime();
+ pwdCanChangeTime = pacStream.readFiletime();
+ pwdMustChangeTime = pacStream.readFiletime();
+
+ // User related strings as UnicodeStrings
+ PacUnicodeString userNameString = pacStream.readUnicodeString();
+ PacUnicodeString userDisplayNameString = pacStream.readUnicodeString();
+ PacUnicodeString logonScriptString = pacStream.readUnicodeString();
+ PacUnicodeString profilePathString = pacStream.readUnicodeString();
+ PacUnicodeString homeDirectoryString = pacStream.readUnicodeString();
+ PacUnicodeString homeDriveString = pacStream.readUnicodeString();
+
+ // Some counts
+ logonCount = pacStream.readShort();
+ badPasswordCount = pacStream.readShort();
+
+ // IDs for user
+ PacSid userId = pacStream.readId();
+ PacSid groupId = pacStream.readId();
+
+ // Groups information
+ int groupCount = pacStream.readInt();
+ int groupPointer = pacStream.readInt();
+
+ // User flags about PAC Logon Info content
+ userFlags = pacStream.readInt();
+ boolean hasExtraSids = (userFlags & PacConstants.LOGON_EXTRA_SIDS) == PacConstants.LOGON_EXTRA_SIDS;
+ boolean hasResourceGroups = (userFlags & PacConstants.LOGON_RESOURCE_GROUPS) == PacConstants.LOGON_RESOURCE_GROUPS;
+
+ // Skip some reserved fields (User Session Key)
+ pacStream.skipBytes(16);
+
+ // Server related strings as UnicodeStrings
+ PacUnicodeString serverNameString = pacStream.readUnicodeString();
+ PacUnicodeString domainNameString = pacStream.readUnicodeString();
+
+ // ID for domain (used with relative IDs to get SIDs)
+ int domainIdPointer = pacStream.readInt();
+
+ // Skip some reserved fields
+ pacStream.skipBytes(8);
+
+ userAccountControl = pacStream.readInt();
+
+ // Skip some reserved fields
+ pacStream.skipBytes(28);
+
+ // Extra SIDs information
+ int extraSidCount = pacStream.readInt();
+ int extraSidPointer = pacStream.readInt();
+
+ // ID for resource groups domain (used with IDs to get SIDs)
+ int resourceDomainIdPointer = pacStream.readInt();
+
+ // Resource groups information
+ int resourceGroupCount = pacStream.readInt();
+ int resourceGroupPointer = pacStream.readInt();
+
+ // User related strings
+ userName = userNameString.check(pacStream.readString());
+ userDisplayName = userDisplayNameString.check(pacStream.readString());
+ logonScript = logonScriptString.check(pacStream.readString());
+ profilePath = profilePathString.check(pacStream.readString());
+ homeDirectory = homeDirectoryString.check(pacStream.readString());
+ homeDrive = homeDriveString.check(pacStream.readString());
+
+ // Groups data
+ PacGroup[] groups = new PacGroup[0];
+ if(groupPointer != 0) {
+ int realGroupCount = pacStream.readInt();
+ if(realGroupCount != groupCount) {
+ Object[] args = new Object[]{groupCount, realGroupCount};
+ throw new IOException("pac.groups.invalid.size");
+ }
+ groups = new PacGroup[groupCount];
+ for(int i = 0; i < groupCount; i++) {
+ pacStream.align(4);
+ PacSid id = pacStream.readId();
+ int attributes = pacStream.readInt();
+ groups[i] = new PacGroup(id, attributes);
+ }
+ }
+
+ // Server related strings
+ serverName = serverNameString.check(pacStream.readString());
+ domainName = domainNameString.check(pacStream.readString());
+
+ // ID for domain (used with relative IDs to get SIDs)
+ PacSid domainId = null;
+ if(domainIdPointer != 0)
+ domainId = pacStream.readSid();
+
+ // Extra SIDs data
+ PacSidAttributes[] extraSidAtts = new PacSidAttributes[0];
+ if(hasExtraSids && extraSidPointer != 0) {
+ int realExtraSidCount = pacStream.readInt();
+ if(realExtraSidCount != extraSidCount) {
+ Object[] args = new Object[]{extraSidCount, realExtraSidCount};
+ throw new IOException("pac.extrasids.invalid.size");
+ }
+ extraSidAtts = new PacSidAttributes[extraSidCount];
+ int[] pointers = new int[extraSidCount];
+ int[] attributes = new int[extraSidCount];
+ for(int i = 0; i < extraSidCount; i++) {
+ pointers[i] = pacStream.readInt();
+ attributes[i] = pacStream.readInt();
+ }
+ for(int i = 0; i < extraSidCount; i++) {
+ PacSid sid = (pointers[i] != 0) ? pacStream.readSid() : null;
+ extraSidAtts[i] = new PacSidAttributes(sid, attributes[i]);
+ }
+ }
+
+ // ID for resource domain (used with relative IDs to get SIDs)
+ PacSid resourceDomainId = null;
+ if(resourceDomainIdPointer != 0)
+ resourceDomainId = pacStream.readSid();
+
+ // Resource groups data
+ PacGroup[] resourceGroups = new PacGroup[0];
+ if(hasResourceGroups && resourceGroupPointer != 0) {
+ int realResourceGroupCount = pacStream.readInt();
+ if(realResourceGroupCount != resourceGroupCount) {
+ Object[] args = new Object[]{resourceGroupCount, realResourceGroupCount};
+ throw new IOException("pac.resourcegroups.invalid.size");
+ }
+ resourceGroups = new PacGroup[resourceGroupCount];
+ for(int i = 0; i < resourceGroupCount; i++) {
+ PacSid id = pacStream.readSid();
+ int attributes = pacStream.readInt();
+ resourceGroups[i] = new PacGroup(id, attributes);
+ }
+ }
+
+ // Extract Extra SIDs
+ extraSids = new PacSid[extraSidAtts.length];
+ for(int i = 0; i < extraSidAtts.length; i++) {
+ extraSids[i] = extraSidAtts[i].getId();
+ }
+
+ // Compute Resource Group IDs with Resource Domain ID to get SIDs
+ resourceGroupSids = new PacSid[resourceGroups.length];
+ for(int i = 0; i < resourceGroups.length; i++) {
+ resourceGroupSids[i] = PacSid.append(resourceDomainId, resourceGroups[i].getId());
+ }
+
+ // Compute User IDs with Domain ID to get User SIDs
+ // First extra is user if userId is empty
+ if(!userId.isEmpty() && !userId.isBlank()) {
+ userSid = PacSid.append(domainId, userId);
+ } else if(extraSids.length > 0) {
+ userSid = extraSids[0];
+ }
+ groupSid = PacSid.append(domainId, groupId);
+
+ // Compute Group IDs with Domain ID to get Group SIDs
+ groupSids = new PacSid[groups.length];
+ for(int i = 0; i < groups.length; i++) {
+ groupSids[i] = PacSid.append(domainId, groups[i].getId());
+ }
+ } catch(IOException e) {
+ throw new IOException("pac.logoninfo.malformed", e);
+ }
+ }
+
+ public Date getLogonTime() {
+ return logonTime;
+ }
+
+ public Date getLogoffTime() {
+ return logoffTime;
+ }
+
+ public Date getKickOffTime() {
+ return kickOffTime;
+ }
+
+ public Date getPwdLastChangeTime() {
+ return pwdLastChangeTime;
+ }
+
+ public Date getPwdCanChangeTime() {
+ return pwdCanChangeTime;
+ }
+
+ public Date getPwdMustChangeTime() {
+ return pwdMustChangeTime;
+ }
+
+ public short getLogonCount() {
+ return logonCount;
+ }
+
+ public short getBadPasswordCount() {
+ return badPasswordCount;
+ }
+
+ public String getUserName() {
+ return userName;
+ }
+
+ public String getUserDisplayName() {
+ return userDisplayName;
+ }
+
+ public String getLogonScript() {
+ return logonScript;
+ }
+
+ public String getProfilePath() {
+ return profilePath;
+ }
+
+ public String getHomeDirectory() {
+ return homeDirectory;
+ }
+
+ public String getHomeDrive() {
+ return homeDrive;
+ }
+
+ public String getServerName() {
+ return serverName;
+ }
+
+ public String getDomainName() {
+ return domainName;
+ }
+
+ public PacSid getUserSid() {
+ return userSid;
+ }
+
+ public PacSid getGroupSid() {
+ return groupSid;
+ }
+
+ public PacSid[] getGroupSids() {
+ return groupSids;
+ }
+
+ public PacSid[] getResourceGroupSids() {
+ return resourceGroupSids;
+ }
+
+ public PacSid[] getExtraSids() {
+ return extraSids;
+ }
+
+ public int getUserAccountControl() {
+ return userAccountControl;
+ }
+
+ public int getUserFlags() {
+ return userFlags;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSid.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSid.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSid.java
new file mode 100644
index 0000000..9a00e3b
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSid.java
@@ -0,0 +1,130 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.IOException;
+
+public class PacSid {
+
+ private static final String FORMAT = "%1$02x";
+
+ private byte revision;
+ private byte subCount;
+ private byte[] authority;
+ private byte[] subs;
+
+ public PacSid(byte[] bytes) throws IOException {
+ if(bytes.length < 8 || ((bytes.length - 8) % 4) != 0
+ || ((bytes.length - 8) / 4) != bytes[1])
+ throw new IOException("pac.sid.malformed.size");
+
+ this.revision = bytes[0];
+ this.subCount = bytes[1];
+ this.authority = new byte[6];
+ System.arraycopy(bytes, 2, this.authority, 0, 6);
+ this.subs = new byte[bytes.length - 8];
+ System.arraycopy(bytes, 8, this.subs, 0, bytes.length - 8);
+ }
+
+ public PacSid(PacSid sid) {
+ this.revision = sid.revision;
+ this.subCount = sid.subCount;
+ this.authority = new byte[6];
+ System.arraycopy(sid.authority, 0, this.authority, 0, 6);
+ this.subs = new byte[sid.subs.length];
+ System.arraycopy(sid.subs, 0, this.subs, 0, sid.subs.length);
+ }
+
+ public String toString() {
+ StringBuilder builder = new StringBuilder();
+
+ builder.append("\\").append(String.format(FORMAT, ((int)revision) & 0xff));
+ builder.append("\\").append(String.format(FORMAT, ((int)subCount) & 0xff));
+ for(int i = 0; i < authority.length; i++) {
+ int unsignedByte = ((int)authority[i]) & 0xff;
+ builder.append("\\").append(String.format(FORMAT, unsignedByte));
+ }
+ for(int i = 0; i < subs.length; i++) {
+ int unsignedByte = ((int)subs[i]) & 0xff;
+ builder.append("\\").append(String.format(FORMAT, unsignedByte));
+ }
+
+ return builder.toString();
+ }
+
+ public boolean isEmpty() {
+ return subCount == 0;
+ }
+
+ public boolean isBlank() {
+ boolean blank = true;
+ for(byte sub : subs)
+ blank = blank && (sub == 0);
+ return blank;
+ }
+
+ public byte[] getBytes() {
+ byte[] bytes = new byte[8 + subCount * 4];
+ bytes[0] = revision;
+ bytes[1] = subCount;
+ System.arraycopy(authority, 0, bytes, 2, 6);
+ System.arraycopy(subs, 0, bytes, 8, subs.length);
+
+ return bytes;
+ }
+
+ public static String toString(byte[] bytes) {
+ StringBuilder builder = new StringBuilder();
+
+ for(int i = 0; i < bytes.length; i++) {
+ int unsignedByte = ((int)bytes[i]) & 0xff;
+ builder.append("\\").append(String.format(FORMAT, unsignedByte));
+ }
+
+ return builder.toString();
+ }
+
+ public static PacSid createFromSubs(byte[] bytes) throws IOException {
+ if((bytes.length % 4) != 0) {
+ Object[] args = new Object[]{bytes.length};
+ throw new IOException("pac.subauthority.malformed.size");
+ }
+
+ byte[] sidBytes = new byte[8 + bytes.length];
+ sidBytes[0] = 1;
+ sidBytes[1] = (byte)(bytes.length / 4);
+ System.arraycopy(new byte[]{0, 0, 0, 0, 0, 5}, 0, sidBytes, 2, 6);
+ System.arraycopy(bytes, 0, sidBytes, 8, bytes.length);
+
+ return new PacSid(sidBytes);
+ }
+
+ public static PacSid append(PacSid sid1, PacSid sid2) {
+ PacSid sid = new PacSid(sid1);
+
+ sid.subCount += sid2.subCount;
+ sid.subs = new byte[sid.subCount * 4];
+ System.arraycopy(sid1.subs, 0, sid.subs, 0, sid1.subs.length);
+ System.arraycopy(sid2.subs, 0, sid.subs, sid1.subs.length, sid2.subs.length);
+
+ return sid;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSidAttributes.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSidAttributes.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSidAttributes.java
new file mode 100644
index 0000000..33cb7f7
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSidAttributes.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+public class PacSidAttributes {
+
+ private PacSid id;
+ private int attributes;
+
+ public PacSidAttributes(PacSid id, int attributes) {
+ super();
+ this.id = id;
+ this.attributes = attributes;
+ }
+
+ public PacSid getId() {
+ return id;
+ }
+
+ public int getAttributes() {
+ return attributes;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSignature.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSignature.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSignature.java
new file mode 100644
index 0000000..c8d5e08
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacSignature.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+
+public class PacSignature {
+
+ private int type;
+ private byte[] checksum;
+
+ public PacSignature(byte[] data) throws IOException {
+ try {
+ PacDataInputStream bufferStream = new PacDataInputStream(new DataInputStream(
+ new ByteArrayInputStream(data)));
+
+ type = bufferStream.readInt();
+ checksum = new byte[bufferStream.available()];
+ bufferStream.readFully(checksum);
+ } catch(IOException e) {
+ throw new IOException("pac.signature.malformed", e);
+ }
+ }
+
+ public int getType() {
+ return type;
+ }
+
+ public byte[] getChecksum() {
+ return checksum;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacUnicodeString.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacUnicodeString.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacUnicodeString.java
new file mode 100644
index 0000000..34b311d
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacUnicodeString.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.IOException;
+
+public class PacUnicodeString {
+
+ private short length;
+ private short maxLength;
+ private int pointer;
+
+ public PacUnicodeString(short length, short maxLength, int pointer) {
+ super();
+ this.length = length;
+ this.maxLength = maxLength;
+ this.pointer = pointer;
+ }
+
+ public short getLength() {
+ return length;
+ }
+
+ public short getMaxLength() {
+ return maxLength;
+ }
+
+ public int getPointer() {
+ return pointer;
+ }
+
+ public String check(String string) throws IOException {
+ if(pointer == 0 && string != null)
+ throw new IOException("pac.string.notempty");
+
+ int expected = length / 2;
+ if(string.length() != expected) {
+ Object[] args = new Object[]{expected, string.length()};
+ throw new IOException("pac.string.invalid.size");
+ }
+
+ return string;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoConstants.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoConstants.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoConstants.java
new file mode 100644
index 0000000..9820a7e
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoConstants.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.spnego;
+
+public interface SpnegoConstants {
+
+ static final String SPNEGO_MECHANISM = "1.3.6.1.5.5.2";
+ static final String KERBEROS_MECHANISM = "1.2.840.113554.1.2.2";
+ static final String LEGACY_KERBEROS_MECHANISM = "1.2.840.48018.1.2.2";
+ static final String NTLMSSP_MECHANISM = "1.3.6.1.4.1.311.2.2.10";
+
+ static final String SPNEGO_OID = SPNEGO_MECHANISM;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoInitToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoInitToken.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoInitToken.java
new file mode 100644
index 0000000..3e661ff
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoInitToken.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.spnego;
+
+import java.io.IOException;
+
+public class SpnegoInitToken extends SpnegoToken {
+
+ public static final int DELEGATION = 0x40;
+ public static final int MUTUAL_AUTHENTICATION = 0x20;
+ public static final int REPLAY_DETECTION = 0x10;
+ public static final int SEQUENCE_CHECKING = 0x08;
+ public static final int ANONYMITY = 0x04;
+ public static final int CONFIDENTIALITY = 0x02;
+ public static final int INTEGRITY = 0x01;
+
+ private String[] mechanisms;
+ private int contextFlags;
+
+ public SpnegoInitToken(byte[] token) throws IOException {
+
+ }
+
+ public int getContextFlags() {
+ return contextFlags;
+ }
+
+ public boolean getContextFlag(int flag) {
+ return (getContextFlags() & flag) == flag;
+ }
+
+ public String[] getMechanisms() {
+ return mechanisms;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoTargToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoTargToken.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoTargToken.java
new file mode 100644
index 0000000..b830d8b
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoTargToken.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.spnego;
+
+import java.io.IOException;
+
+public class SpnegoTargToken extends SpnegoToken {
+
+ public static final int UNSPECIFIED_RESULT = -1;
+ public static final int ACCEPT_COMPLETED = 0;
+ public static final int ACCEPT_INCOMPLETE = 1;
+ public static final int REJECTED = 2;
+
+ private int result = UNSPECIFIED_RESULT;
+
+ public SpnegoTargToken(byte[] token) throws IOException {
+
+ }
+
+ public int getResult() {
+ return result;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoToken.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoToken.java
new file mode 100644
index 0000000..7c80a59
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/spnego/SpnegoToken.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.spnego;
+
+import java.io.IOException;
+
+public abstract class SpnegoToken {
+
+ // Default max size as 65K
+ public static int TOKEN_MAX_SIZE = 66560;
+
+ protected byte[] mechanismToken;
+ protected byte[] mechanismList;
+ protected String mechanism;
+
+ public static SpnegoToken parse(byte[] token) throws IOException {
+ SpnegoToken spnegoToken = null;
+
+ if(token.length <= 0)
+ throw new IOException("spnego.token.empty");
+
+ switch (token[0]) {
+ case (byte)0x60:
+ spnegoToken = new SpnegoInitToken(token);
+ break;
+ case (byte)0xa1:
+ spnegoToken = new SpnegoTargToken(token);
+ break;
+ default:
+ spnegoToken = null;
+ Object[] args = new Object[]{token[0]};
+ throw new IOException("spnego.token.invalid");
+ }
+
+ return spnegoToken;
+ }
+
+ public byte[] getMechanismToken() {
+ return mechanismToken;
+ }
+
+ public byte[] getMechanismList() {
+ return mechanismList;
+ }
+
+ public String getMechanism() {
+ return mechanism;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTest.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTest.java
new file mode 100644
index 0000000..58a57e4
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTest.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Arrays;
+
+public class CodecTest {
+
+ @Test
+ public void testCodec() throws KrbException {
+ CheckSum mcs = new CheckSum();
+ mcs.setCksumtype(CheckSumType.CRC32);
+ mcs.setChecksum(new byte[] {0x10});
+ byte[] bytes = KrbCodec.encode(mcs);
+ Assert.assertNotNull(bytes);
+
+ CheckSum restored = KrbCodec.decode(bytes, CheckSum.class);
+ Assert.assertNotNull(restored);
+ Assert.assertEquals(mcs.getCksumtype(), restored.getCksumtype());
+ Assert.assertTrue(Arrays.equals(mcs.getChecksum(), restored.getChecksum()));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTestUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTestUtil.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTestUtil.java
new file mode 100644
index 0000000..ed11259
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/CodecTestUtil.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public class CodecTestUtil {
+ /*package*/ static byte[] readBinaryFile(String path) throws IOException {
+ InputStream is = CodecTestUtil.class.getResourceAsStream(path);
+ byte[] bytes = new byte[is.available()];
+ is.read(bytes);
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsRepCodec.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsRepCodec.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsRepCodec.java
new file mode 100644
index 0000000..1b336f0
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsRepCodec.java
@@ -0,0 +1,74 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.common.NameType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.AsRep;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+/**
+ * Test AsRep message using a real 'correct' network packet captured from MS-AD to detective programming errors
+ * and compatibility issues particularly regarding Kerberos crypto.
+ */
+public class TestAsRepCodec {
+
+ @Test
+ public void test() throws IOException {
+ byte[] bytes = CodecTestUtil.readBinaryFile("/asrep.token");
+ ByteBuffer asRepToken = ByteBuffer.wrap(bytes);
+
+ AsRep asRep = new AsRep();
+ asRep.decode(asRepToken);
+
+ Assert.assertEquals(asRep.getPvno(), 5);
+ Assert.assertEquals(asRep.getMsgType(), KrbMessageType.AS_REP);
+ Assert.assertEquals(asRep.getCrealm(), "DENYDC.COM");
+
+ PrincipalName cname = asRep.getCname();
+ Assert.assertEquals(cname.getNameType(), NameType.NT_PRINCIPAL);
+ Assert.assertEquals(cname.getNameStrings().size(), 1);
+ Assert.assertEquals(cname.getNameStrings().get(0), "u5");
+
+ Ticket ticket = asRep.getTicket();
+ Assert.assertEquals(ticket.getTktvno(), 5);
+ Assert.assertEquals(ticket.getRealm(), "DENYDC.COM");
+ PrincipalName sname = ticket.getSname();
+ Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_INST);
+ Assert.assertEquals(sname.getNameStrings().size(), 2);
+ Assert.assertEquals(sname.getNameStrings().get(0), "krbtgt");
+ Assert.assertEquals(sname.getNameStrings().get(1), "DENYDC.COM");
+ //EncTicketPart encTicketPart = ticket.getEncPart();//FIXME
+ //Assert.assertEquals(encTicketPart.getKey().getKvno(), 2);
+ //Assert.assertEquals(encTicketPart.getKey().getKeyType().getValue(), 0x0017);
+ //TODO decode cinpher
+
+ //EncKdcRepPart encKdcRepPart = asRep.getEncPart();//FIXME
+ //Assert.assertEquals(encKdcRepPart.getKey().getKeyType().getValue(), 0x0017);
+ //Assert.assertEquals(encKdcRepPart.getKey().getKvno(), 7);
+ //TODO decode cinpher
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsReqCodec.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsReqCodec.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsReqCodec.java
new file mode 100644
index 0000000..f86c3de
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestAsReqCodec.java
@@ -0,0 +1,97 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.HostAddrType;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.common.NameType;
+import org.apache.kerby.kerberos.kerb.spec.kdc.AsReq;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.SimpleTimeZone;
+
+/**
+ * Test AsReq message using a real 'correct' network packet captured from MS-AD to detective programming errors
+ * and compatibility issues particularly regarding Kerberos crypto.
+ */
+public class TestAsReqCodec {
+
+ @Test
+ public void test() throws IOException, ParseException {
+ byte[] bytes = CodecTestUtil.readBinaryFile("/asreq.token");
+ ByteBuffer asreqToken = ByteBuffer.wrap(bytes);
+
+ AsReq asReq = new AsReq();
+ asReq.decode(asreqToken);
+
+ Assert.assertEquals(asReq.getPvno(), 5);
+ Assert.assertEquals(asReq.getMsgType(), KrbMessageType.AS_REQ);
+
+ Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataType(), PaDataType.ENC_TIMESTAMP);
+ byte[] paDataEncTimestampValue = Arrays.copyOfRange(bytes, 33, 96);
+ byte[] paDataEncTimestampRealValue = asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataValue();
+ Assert.assertTrue(Arrays.equals(paDataEncTimestampValue, paDataEncTimestampRealValue));
+ Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataType(), PaDataType.PAC_REQUEST);
+ byte[] paPacRequestValue = Arrays.copyOfRange(bytes, 108, 115);
+ byte[] paPacRequestRealValue = asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataValue();
+ Assert.assertTrue(Arrays.equals(paPacRequestValue, paPacRequestRealValue));
+
+ Assert.assertEquals(asReq.getReqBody().getKdcOptions().getPadding(), 0);
+ Assert.assertTrue(Arrays.equals(asReq.getReqBody().getKdcOptions().getValue(), Arrays.copyOfRange(bytes, 126, 130)));
+
+ Assert.assertEquals(asReq.getReqBody().getCname().getNameType(), NameType.NT_PRINCIPAL);
+ Assert.assertEquals(asReq.getReqBody().getCname().getName(), "des");
+ Assert.assertEquals(asReq.getReqBody().getRealm(), "DENYDC");
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameType(), NameType.NT_SRV_INST);
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(0), "krbtgt");
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(1), "DENYDC");
+
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ Date date = sdf.parse("20370913024805");
+ Assert.assertEquals(asReq.getReqBody().getTill().getTime(), date.getTime());
+ Assert.assertEquals(asReq.getReqBody().getRtime().getTime(), date.getTime());
+
+ Assert.assertEquals(asReq.getReqBody().getNonce(), 197451134);
+
+ List<EncryptionType> types = asReq.getReqBody().getEtypes();
+ Assert.assertEquals(types.get(0).getValue(), 0x0017);
+ //Assert.assertEquals(types.get(1).getValue(), 0xff7b);//FIXME
+ //Assert.assertEquals(types.get(2).getValue(), 0x0080);//FIXME
+ Assert.assertEquals(types.get(3).getValue(), 0x0003);
+ Assert.assertEquals(types.get(4).getValue(), 0x0001);
+ Assert.assertEquals(types.get(5).getValue(), 0x0018);
+ //Assert.assertEquals(types.get(6).getValue(), 0xff79);//FIXME
+
+ Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().size(), 1);
+ Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().get(0).getAddrType(), HostAddrType.ADDRTYPE_NETBIOS);
+ //FIXME net bios name
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestKerberos.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestKerberos.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestKerberos.java
new file mode 100644
index 0000000..45fb075
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestKerberos.java
@@ -0,0 +1,267 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.codec.kerberos.AuthzDataUtil;
+import org.apache.kerby.kerberos.kerb.codec.kerberos.KerberosCredentials;
+import org.apache.kerby.kerberos.kerb.codec.kerberos.KerberosTicket;
+import org.apache.kerby.kerberos.kerb.codec.kerberos.KerberosToken;
+import org.apache.kerby.kerberos.kerb.codec.pac.Pac;
+import org.apache.kerby.kerberos.kerb.codec.pac.PacLogonInfo;
+import org.apache.kerby.kerberos.kerb.codec.pac.PacSid;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+public class TestKerberos {
+
+ private byte[] rc4Token;
+ private byte[] desToken;
+ private byte[] aes128Token;
+ private byte[] aes256Token;
+ private byte[] corruptToken;
+ private EncryptionKey rc4Key;
+ private EncryptionKey desKey;
+ private EncryptionKey aes128Key;
+ private EncryptionKey aes256Key;
+ private EncryptionKey corruptKey;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream file;
+ byte[] keyData;
+
+ file = this.getClass().getClassLoader().getResourceAsStream("rc4-kerberos-data");
+ rc4Token = new byte[file.available()];
+ file.read(rc4Token);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("des-kerberos-data");
+ desToken = new byte[file.available()];
+ file.read(desToken);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes128-kerberos-data");
+ aes128Token = new byte[file.available()];
+ file.read(aes128Token);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes256-kerberos-data");
+ aes256Token = new byte[file.available()];
+ file.read(aes256Token);
+ file.close();
+
+ corruptToken = new byte[]{1, 2, 3, 4, 5, 6};
+
+ file = this.getClass().getClassLoader().getResourceAsStream("rc4-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ rc4Key = new EncryptionKey(23, keyData, 2);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("des-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ desKey = new EncryptionKey(3, keyData, 2);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes128-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ aes128Key = new EncryptionKey(17, keyData, 2);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes256-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ aes256Key = new EncryptionKey(18, keyData, 2);
+ file.close();
+
+ corruptKey = new EncryptionKey(23, new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3}, 2);
+ }
+
+ @Test
+ public void testRc4Ticket() throws Exception {
+ KerberosToken token = new KerberosToken(rc4Token, rc4Key);
+
+ Assert.assertNotNull(token);
+ Assert.assertNotNull(token.getApRequest());
+
+ KerberosTicket ticket = token.getApRequest().getTicket();
+ Assert.assertNotNull(ticket);
+ Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
+ Assert.assertEquals("user.test", ticket.getUserPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
+ }
+
+ //@Test
+ public void testDesTicket() throws Exception {
+ KerberosToken token = new KerberosToken(desToken, desKey);
+
+ Assert.assertNotNull(token);
+ Assert.assertNotNull(token.getApRequest());
+
+ KerberosTicket ticket = token.getApRequest().getTicket();
+ Assert.assertNotNull(ticket);
+ Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
+ Assert.assertEquals("user.test@domain.com", ticket.getUserPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
+ }
+
+ @Test
+ public void testAes128Ticket() throws Exception {
+ KerberosToken token = null;
+ token = new KerberosToken(aes128Token, aes128Key);
+
+ Assert.assertNotNull(token);
+ Assert.assertNotNull(token.getApRequest());
+
+ KerberosTicket ticket = token.getApRequest().getTicket();
+ Assert.assertNotNull(ticket);
+ Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
+ Assert.assertEquals("user.test", ticket.getUserPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
+ }
+
+ @Test
+ public void testAes256Ticket() throws Exception {
+ KerberosToken token = null;
+ token = new KerberosToken(aes256Token, aes256Key);
+
+ Assert.assertNotNull(token);
+ Assert.assertNotNull(token.getApRequest());
+
+ KerberosTicket ticket = token.getApRequest().getTicket();
+ Assert.assertNotNull(ticket);
+ Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
+ Assert.assertEquals("user.test", ticket.getUserPrincipalName());
+ Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
+ }
+
+ @Test
+ public void testCorruptTicket() {
+ KerberosToken token = null;
+ try {
+ token = new KerberosToken(corruptToken, rc4Key);
+ Assert.fail("Should have thrown Exception.");
+ } catch(Exception e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(token);
+ }
+ }
+
+ @Test
+ public void testEmptyTicket() {
+ KerberosToken token = null;
+ try {
+ token = new KerberosToken(new byte[0], rc4Key);
+ Assert.fail("Should have thrown Exception.");
+ } catch(Exception e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(token);
+ }
+ }
+
+ @Test
+ public void testNullTicket() throws Exception {
+ KerberosToken token = null;
+ try {
+ token = new KerberosToken(null, rc4Key);
+ Assert.fail("Should have thrown NullPointerException.");
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ } catch(NullPointerException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(token);
+ }
+ }
+
+ @Test
+ public void testCorruptKey() {
+ KerberosToken token = null;
+ try {
+ token = new KerberosToken(rc4Token, corruptKey);
+ Assert.fail("Should have thrown Exception.");
+ } catch(Exception e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(token);
+ }
+ }
+
+ @Test
+ public void testNoMatchingKey() {
+ KerberosToken token = null;
+ try {
+ token = new KerberosToken(rc4Token, desKey);
+ Assert.fail("Should have thrown Exception.");
+ } catch(Exception e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(token);
+ }
+ }
+
+ @Test
+ public void testKerberosPac() throws Exception {
+ KerberosToken token = new KerberosToken(rc4Token, rc4Key);
+
+ Assert.assertNotNull(token);
+ Assert.assertNotNull(token.getApRequest());
+
+ KerberosTicket ticket = token.getApRequest().getTicket();
+ Assert.assertNotNull(ticket);
+
+ AuthorizationData authzData = ticket.getAuthorizationData();
+ Assert.assertNotNull(authzData);
+ Assert.assertTrue(authzData.getElements().size() > 0);
+
+ EncryptionType eType = ticket.getTicket().getEncPart().getKey().getKeyType();
+ Pac pac = AuthzDataUtil.getPac(authzData,
+ KerberosCredentials.getServerKey(eType).getKeyData());
+ Assert.assertNotNull(pac);
+
+ PacLogonInfo logonInfo = pac.getLogonInfo();
+ Assert.assertNotNull(logonInfo);
+
+ List<String> sids = new ArrayList<String>();
+ if(logonInfo.getGroupSid() != null)
+ sids.add(logonInfo.getGroupSid().toString());
+ for(PacSid pacSid : logonInfo.getGroupSids())
+ sids.add(pacSid.toString());
+ for(PacSid pacSid : logonInfo.getExtraSids())
+ sids.add(pacSid.toString());
+ for(PacSid pacSid : logonInfo.getResourceGroupSids())
+ sids.add(pacSid.toString());
+
+ Assert.assertEquals(ticket.getUserPrincipalName(), logonInfo.getUserName());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestPac.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestPac.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestPac.java
new file mode 100644
index 0000000..c8ec0c9
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestPac.java
@@ -0,0 +1,154 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.codec.pac.Pac;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public class TestPac {
+
+ private byte[] rc4Data;
+ private byte[] desData;
+ private byte[] corruptData;
+ private byte[] rc4Key;
+ private byte[] desKey;
+ private byte[] corruptKey;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream file;
+ byte[] keyData;
+
+ file = this.getClass().getClassLoader().getResourceAsStream("rc4-pac-data");
+ rc4Data = new byte[file.available()];
+ file.read(rc4Data);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("des-pac-data");
+ desData = new byte[file.available()];
+ file.read(desData);
+ file.close();
+
+ corruptData = new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3};
+
+ file = this.getClass().getClassLoader().getResourceAsStream("rc4-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ rc4Key = keyData;
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("des-key-data");
+ keyData = new byte[file.available()];
+ file.read(keyData);
+ desKey = keyData;
+ file.close();
+
+ corruptKey = new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3};
+ }
+
+ @Test
+ public void testRc4Pac() throws KrbException {
+ Pac pac = new Pac(rc4Data, rc4Key);
+
+ Assert.assertNotNull(pac);
+ Assert.assertNotNull(pac.getLogonInfo());
+
+ Assert.assertEquals("user.test", pac.getLogonInfo().getUserName());
+ Assert.assertEquals("User Test", pac.getLogonInfo().getUserDisplayName());
+ Assert.assertEquals(0, pac.getLogonInfo().getBadPasswordCount());
+ Assert.assertEquals(32, pac.getLogonInfo().getUserFlags());
+ Assert.assertEquals(46, pac.getLogonInfo().getLogonCount());
+ Assert.assertEquals("DOMAIN", pac.getLogonInfo().getDomainName());
+ Assert.assertEquals("WS2008", pac.getLogonInfo().getServerName());
+ }
+
+ @Test
+ public void testDesPac() throws KrbException {
+ Pac pac = new Pac(desData, desKey);
+
+ Assert.assertNotNull(pac);
+ Assert.assertNotNull(pac.getLogonInfo());
+
+ Assert.assertEquals("user.test", pac.getLogonInfo().getUserName());
+ Assert.assertEquals("User Test", pac.getLogonInfo().getUserDisplayName());
+ Assert.assertEquals(0, pac.getLogonInfo().getBadPasswordCount());
+ Assert.assertEquals(32, pac.getLogonInfo().getUserFlags());
+ Assert.assertEquals(48, pac.getLogonInfo().getLogonCount());
+ Assert.assertEquals("DOMAIN", pac.getLogonInfo().getDomainName());
+ Assert.assertEquals("WS2008", pac.getLogonInfo().getServerName());
+ }
+
+ @Test
+ public void testCorruptPac() {
+ Pac pac = null;
+ try {
+ pac = new Pac(corruptData, rc4Key);
+ Assert.fail("Should have thrown KrbException.");
+ } catch(KrbException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(pac);
+ }
+ }
+
+ @Test
+ public void testEmptyPac() {
+ Pac pac = null;
+ try {
+ pac = new Pac(new byte[0], rc4Key);
+ Assert.fail("Should have thrown KrbException.");
+ } catch(KrbException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(pac);
+ }
+ }
+
+ @Test
+ public void testNullPac() {
+ Pac pac = null;
+ try {
+ pac = new Pac(null, rc4Key);
+ Assert.fail("Should have thrown NullPointerException.");
+ } catch(KrbException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ } catch(NullPointerException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(pac);
+ }
+ }
+
+ @Test
+ public void testCorruptKey() {
+ Pac pac = null;
+ try {
+ pac = new Pac(rc4Data, corruptKey);
+ Assert.fail("Should have thrown KrbException.");
+ } catch(KrbException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(pac);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestSpnego.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestSpnego.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestSpnego.java
new file mode 100644
index 0000000..b3c0019
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestSpnego.java
@@ -0,0 +1,172 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.codec.spnego.SpnegoConstants;
+import org.apache.kerby.kerberos.kerb.codec.spnego.SpnegoInitToken;
+import org.apache.kerby.kerberos.kerb.codec.spnego.SpnegoToken;
+import org.junit.Assert;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public class TestSpnego {
+
+ private byte[] rc4Token;
+ private byte[] desToken;
+ private byte[] aes128Token;
+ private byte[] aes256Token;
+ private byte[] corruptToken;
+
+ //@Before
+ public void setUp() throws IOException {
+ InputStream file;
+
+ file = this.getClass().getClassLoader().getResourceAsStream("rc4-spnego-data");
+ rc4Token = new byte[file.available()];
+ file.read(rc4Token);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("des-spnego-data");
+ desToken = new byte[file.available()];
+ file.read(desToken);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes128-spnego-data");
+ aes128Token = new byte[file.available()];
+ file.read(aes128Token);
+ file.close();
+
+ file = this.getClass().getClassLoader().getResourceAsStream("aes256-spnego-data");
+ aes256Token = new byte[file.available()];
+ file.read(aes256Token);
+ file.close();
+
+ corruptToken = new byte[]{5, 4, 2, 1};
+ }
+
+ //@Test
+ public void testRc4Token() {
+ try {
+ SpnegoToken spnegoToken = SpnegoToken.parse(rc4Token);
+
+ Assert.assertNotNull(spnegoToken);
+ Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
+ Assert.assertNotNull(spnegoToken.getMechanismToken());
+ Assert.assertTrue(spnegoToken.getMechanismToken().length < rc4Token.length);
+ Assert.assertNotNull(spnegoToken.getMechanism());
+ Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ }
+ }
+
+ //@Test
+ public void testDesToken() {
+ try {
+ SpnegoToken spnegoToken = SpnegoToken.parse(desToken);
+
+ Assert.assertNotNull(spnegoToken);
+ Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
+ Assert.assertNotNull(spnegoToken.getMechanismToken());
+ Assert.assertTrue(spnegoToken.getMechanismToken().length < desToken.length);
+ Assert.assertNotNull(spnegoToken.getMechanism());
+ Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ }
+ }
+
+ //@Test
+ public void testAes128Token() {
+ try {
+ SpnegoToken spnegoToken = SpnegoToken.parse(aes128Token);
+
+ Assert.assertNotNull(spnegoToken);
+ Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
+ Assert.assertNotNull(spnegoToken.getMechanismToken());
+ Assert.assertTrue(spnegoToken.getMechanismToken().length < aes128Token.length);
+ Assert.assertNotNull(spnegoToken.getMechanism());
+ Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ }
+ }
+
+ //@Test
+ public void testAes256Token() {
+ try {
+ SpnegoToken spnegoToken = SpnegoToken.parse(aes256Token);
+
+ Assert.assertNotNull(spnegoToken);
+ Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
+ Assert.assertNotNull(spnegoToken.getMechanismToken());
+ Assert.assertTrue(spnegoToken.getMechanismToken().length < aes256Token.length);
+ Assert.assertNotNull(spnegoToken.getMechanism());
+ Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ }
+ }
+
+ //@Test
+ public void testEmptyToken() {
+ SpnegoToken spnegoToken = null;
+ try {
+ spnegoToken = SpnegoToken.parse(new byte[0]);
+ Assert.fail("Should have thrown DecodingException.");
+ } catch(IOException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(spnegoToken);
+ }
+ }
+
+ //@Test
+ public void testCorruptToken() {
+ SpnegoToken spnegoToken = null;
+ try {
+ spnegoToken = SpnegoToken.parse(corruptToken);
+ Assert.fail("Should have thrown DecodingException.");
+ } catch(IOException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(spnegoToken);
+ }
+ }
+
+ //@Test
+ public void testNullToken() {
+ SpnegoToken spnegoToken = null;
+ try {
+ spnegoToken = SpnegoToken.parse(null);
+ Assert.fail("Should have thrown NullPointerException.");
+ } catch(IOException e) {
+ e.printStackTrace();
+ Assert.fail(e.getMessage());
+ } catch(NullPointerException e) {
+ Assert.assertNotNull(e);
+ Assert.assertNull(spnegoToken);
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsRepCodec.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsRepCodec.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsRepCodec.java
new file mode 100644
index 0000000..0510e6d
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsRepCodec.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.common.NameType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.TgsRep;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+/**
+ * Test TgsRep message using a real 'correct' network packet captured from MS-AD to detective programming errors
+ * and compatibility issues particularly regarding Kerberos crypto.
+ */
+public class TestTgsRepCodec {
+
+ @Test
+ public void test() throws IOException {
+ byte[] bytes = CodecTestUtil.readBinaryFile("/tgsrep.token");
+ TgsRep tgsRep = new TgsRep();
+ tgsRep.decode(bytes);
+
+ Assert.assertEquals(tgsRep.getPvno(), 5);
+ Assert.assertEquals(tgsRep.getMsgType(), KrbMessageType.TGS_REP);
+ Assert.assertEquals(tgsRep.getCrealm(), "DENYDC.COM");
+
+ PrincipalName cname = tgsRep.getCname();
+ Assert.assertEquals(cname.getNameType(), NameType.NT_PRINCIPAL);
+ Assert.assertEquals(cname.getNameStrings().size(), 1);
+ Assert.assertEquals(cname.getNameStrings().iterator().next(), "des");
+
+ Ticket ticket = tgsRep.getTicket();
+ Assert.assertEquals(ticket.getTktvno(), 5);
+ Assert.assertEquals(ticket.getRealm(), "DENYDC.COM");
+ PrincipalName sname = ticket.getSname();
+ Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_HST);
+ Assert.assertEquals(sname.getNameStrings().size(), 2);
+ Assert.assertEquals(sname.getNameStrings().get(0), "host");
+ Assert.assertEquals(sname.getNameStrings().get(1), "xp1.denydc.com");
+ //EncTicketPart encTicketPart = ticket.getEncPart();//FIXME null pointer!!
+ //Assert.assertEquals(encTicketPart.getKey().getKeyType().getValue(), 23);
+ //Assert.assertEquals(encTicketPart.getKey().getKvno(), 2);
+ //TODO decode cipher
+
+ //EncKdcRepPart encKdcRepPart = tgsRep.getEncPart();//FIXME null pointer!!
+ //Assert.assertEquals(encKdcRepPart.getKey().getKeyType().getValue(), 3);
+ //TODO decode cinpher
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsReqCodec.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsReqCodec.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsReqCodec.java
new file mode 100644
index 0000000..1c06024
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/test/TestTgsReqCodec.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.test;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.common.NameType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReqBody;
+import org.apache.kerby.kerberos.kerb.spec.kdc.TgsReq;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.SimpleTimeZone;
+
+/**
+ * Test TgsReq message using a real 'correct' network packet captured from MS-AD to detective programming errors
+ * and compatibility issues particularly regarding Kerberos crypto.
+ */
+public class TestTgsReqCodec {
+
+ @Test
+ public void test() throws IOException, ParseException {
+ byte[] bytes = CodecTestUtil.readBinaryFile("/tgsreq.token");
+ TgsReq tgsReq = new TgsReq();
+ tgsReq.decode(bytes);
+
+ Assert.assertEquals(tgsReq.getPvno(), 5);
+ Assert.assertEquals(tgsReq.getMsgType(), KrbMessageType.TGS_REQ);
+
+ PaData paData = tgsReq.getPaData();
+ Assert.assertEquals(paData.getElements().size(), 1);
+ PaDataEntry entry = paData.getElements().iterator().next();
+ Assert.assertEquals(entry.getPaDataType(), PaDataType.TGS_REQ);
+ //TODO Decode:padata-value
+
+ //request body
+ KdcReqBody body = tgsReq.getReqBody();
+ Assert.assertEquals(body.getKdcOptions().getPadding(), 0);
+ byte[] kdcOptionsValue = {64, (byte) 128, 0, 0};
+ Assert.assertTrue(Arrays.equals(body.getKdcOptions().getValue(), kdcOptionsValue));
+
+ Assert.assertEquals(body.getRealm(), "DENYDC.COM");
+
+ PrincipalName sname = body.getSname();
+ Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_HST);
+ Assert.assertEquals(sname.getNameStrings().size(), 2);
+ Assert.assertEquals(sname.getNameStrings().get(0), "host");
+ Assert.assertEquals(sname.getNameStrings().get(1), "xp1.denydc.com");
+
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ Date date = sdf.parse("20370913024805");
+ Assert.assertEquals(tgsReq.getReqBody().getTill().getTime(), date.getTime());
+
+ Assert.assertEquals(body.getNonce(), 197296424);
+
+ List<EncryptionType> eTypes = body.getEtypes();
+ Assert.assertEquals(eTypes.size(), 7);
+ Assert.assertEquals(eTypes.get(0).getValue(), 23);
+ //Assert.assertEquals(eTypes.get(1).getValue(), -133);//FIXME
+ //Assert.assertEquals(eTypes.get(2).getValue(), -128);//FIXME
+ Assert.assertEquals(eTypes.get(3).getValue(), 3);
+ Assert.assertEquals(eTypes.get(4).getValue(), 1);
+ Assert.assertEquals(eTypes.get(5).getValue(), 24);
+ //Assert.assertEquals(eTypes.get(6).getValue(), -135);//FIXME
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/pom.xml b/kerby-kerb/kerb-core/pom.xml
new file mode 100644
index 0000000..9bd0963
--- /dev/null
+++ b/kerby-kerb/kerb-core/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-core</artifactId>
+
+ <name>Kerby-kerb core</name>
+ <description>Kerby-kerb core facilities</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-asn1</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbConstant.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbConstant.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbConstant.java
new file mode 100644
index 0000000..e6eabcb
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbConstant.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+public interface KrbConstant {
+ public final static int KRB_V5 = 5;
+
+ public final static String TGS_PRINCIPAL = "krbtgt";
+}
[44/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/README.md
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/README.md b/contrib/haox-asn1/README.md
deleted file mode 100644
index eb35929..0000000
--- a/contrib/haox-asn1/README.md
+++ /dev/null
@@ -1,301 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-haox-asn1
-=========
-
-### A ASN1 parser with easy and simple API
-
-```
-// encoding
-Asn1Integer aValue = new Asn1Integer(8899);
-byte[] encoded = aValue.encode();
-
-// decoding
-byte[] contentToDecode = ...
-Asn1Integer decodedValue = new Asn1Integer();
-decodedValue.decode(contentToDecode);
-Integer value = decodedValue.getValue();
-```
-
-### Data-driven ASN1 encoding/decoding framework and parser
-
-With the following definition from Kerberos protocol
-```
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- ad-type [0] Int32,
- ad-data [1] OCTET STRING
- }
- ```
-
-You can model AuthzDataEntry as follows
-```java
-public class AuthzDataEntry extends Asn1SequenceType {
- static int AD_TYPE = 0;
- static int AD_DATA = 1;
-
- public AuthzDataEntry() {
- super(new Asn1FieldInfo[] {
- new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
- });
- }
-
- public int getAuthzType() {
- Integer value = getFieldAsInteger(AD_TYPE);
- return value;
- }
-
- public byte[] getAuthzData() {
- return getFieldAsOctetBytes(AD_DATA);
- }
-}
-```
-
-And then define AuthorizationData simply
-```java
-public class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
-
-}
-```
-
-Then you can process with above definitions, encode and decode, without caring about the details.
-
-Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
-```
-A.1 ASN.1 description of the record structure
-The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
-ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
-
-PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
- Name Name,
- title [0] VisibleString,
- number EmployeeNumber,
- dateOfHire [1] Date,
- nameOfSpouse [2] Name,
- children [3] IMPLICIT
- SEQUENCE OF ChildInformation DEFAULT {}
-}
-
-ChildInformation ::= SET {
- name Name,
- dateOfBirth [0] Date
-}
-
-Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
- givenName VisibleString,
- initial VisibleString,
- familyName VisibleString
-}
-
-EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
-Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
-```
-Similarly as above, we can have (from the unit test codes):
-```java
-public class PersonnelRecord extends TaggingSet {
- private static int NAME = 0;
- private static int TITLE = 1;
- private static int NUMBER = 2;
- private static int DATEOFHIRE= 3;
- private static int NAMEOFSPOUSE = 4;
- private static int CHILDREN = 5;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NAME, -1, Name.class),
- new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
- new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
- new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
- new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
- new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
- };
-
- public PersonnelRecord() {
- super(0, fieldInfos, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
-
- public void setName(Name name) {
- setFieldAs(NAME, name);
- }
-
- public Name getName() {
- return getFieldAs(NAME, Name.class);
- }
-
- public void setTitle(String title) {
- setFieldAs(TITLE, new Asn1VisibleString(title));
- }
-
- public String getTitle() {
- return getFieldAsString(TITLE);
- }
-
- public void setEmployeeNumber(EmployeeNumber employeeNumber) {
- setFieldAs(NUMBER, employeeNumber);
- }
-
- public EmployeeNumber getEmployeeNumber() {
- return getFieldAs(NUMBER, EmployeeNumber.class);
- }
-
- public void setDateOfHire(Date dateOfHire) {
- setFieldAs(DATEOFHIRE, dateOfHire);
- }
-
- public Date getDateOfHire() {
- return getFieldAs(DATEOFHIRE, Date.class);
- }
-
- public void setNameOfSpouse(Name spouse) {
- setFieldAs(NAMEOFSPOUSE, spouse);
- }
-
- public Name getNameOfSpouse() {
- return getFieldAs(NAMEOFSPOUSE, Name.class);
- }
-
- public void setChildren(Children children) {
- setFieldAs(CHILDREN, children);
- }
-
- public Children getChildren() {
- return getFieldAs(CHILDREN, Children.class);
- }
-
- public static class Children extends Asn1SequenceOf<ChildInformation> {
- public Children(ChildInformation ... children) {
- super();
- for (ChildInformation child : children) {
- addElement(child);
- }
- }
-
- public Children() {
- super();
- }
- }
-
- public static class ChildInformation extends Asn1SetType {
- private static int NAME = 0;
- private static int DATEOFBIRTH = 1;
-
- static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NAME, -1, Name.class),
- new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
- };
-
- public ChildInformation() {
- super(tags);
- }
-
- public void setName(Name name) {
- setFieldAs(NAME, name);
- }
-
- public Name getName() {
- return getFieldAs(NAME, Name.class);
- }
-
- public void setDateOfBirth(Date date) {
- setFieldAs(DATEOFBIRTH, date);
- }
-
- public Date getDateOfBirth() {
- return getFieldAs(DATEOFBIRTH, Date.class);
- }
- }
-
- public static class Name extends TaggingSequence {
- private static int GIVENNAME = 0;
- private static int INITIAL = 1;
- private static int FAMILYNAME = 2;
-
- static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
- new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
- new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
- new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
- };
-
- public Name() {
- super(1, tags, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
-
- public Name(String givenName, String initial, String familyName) {
- this();
- setGivenName(givenName);
- setInitial(initial);
- setFamilyName(familyName);
- }
-
- public void setGivenName(String givenName) {
- setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
- }
-
- public String getGivenName() {
- return getFieldAsString(GIVENNAME);
- }
-
- public void setInitial(String initial) {
- setFieldAs(INITIAL, new Asn1VisibleString(initial));
- }
-
- public String getInitial() {
- return getFieldAsString(INITIAL);
- }
-
- public void setFamilyName(String familyName) {
- setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
- }
-
- public String getFamilyName() {
- return getFieldAsString(FAMILYNAME);
- }
- }
-
- public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
- public EmployeeNumber(Integer value) {
- super(2, new Asn1Integer(value), true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public EmployeeNumber() {
- this(null);
- }
- }
-
- public static class Date extends Asn1Tagging<Asn1VisibleString> {
- public Date(String value) {
- super(3, new Asn1VisibleString(value), true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public Date() {
- this(null);
- }
- }
-}
-```
-### Notes
-* 90% tests coverage for DER encoding
-* For BER & CER encoding, to be fully supported
-* No extra dependency
-
-### License
-Apache V2 License
-
-
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/pom.xml b/contrib/haox-asn1/pom.xml
deleted file mode 100644
index 5100b58..0000000
--- a/contrib/haox-asn1/pom.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>contrib</artifactId>
- <groupId>org.haox</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>haox-asn1</artifactId>
-
-</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Dump.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Dump.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Dump.java
deleted file mode 100644
index e781499..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Dump.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1Item;
-import org.apache.haox.asn1.type.Asn1Simple;
-import org.apache.haox.asn1.type.Asn1Type;
-
-import java.io.IOException;
-
-public class Asn1Dump {
-
- public static void dump(byte[] content) throws IOException {
- String dumped = dumpAsString(content);
- System.out.println(dumped);
- }
-
- public static String dumpAsString(byte[] content) throws IOException {
- StringBuilder sb = new StringBuilder();
-
- Asn1InputBuffer buffer = new Asn1InputBuffer(content);
- Asn1Type value;
- while (true) {
- value = buffer.read();
- if (value == null) break;
- dump(value, sb);
- }
-
- return sb.toString();
- }
-
- public static String dumpAsString(Asn1Type value) {
- StringBuilder sb = new StringBuilder();
- dump(value, sb);
- return sb.toString();
- }
-
- private static void dump(Asn1Type value, StringBuilder buffer) {
- if (value instanceof Asn1Simple) {
- buffer.append(((Asn1Simple) value).getValue().toString());
- } else if (value instanceof Asn1Item) {
- dump((Asn1Item) value, buffer);
- }
- }
-
- private static void dump(Asn1Item value, StringBuilder buffer) {
- if (value.isFullyDecoded()) {
- dump(value.getValue(), buffer);
- } else {
- buffer.append("Asn1Item");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Factory.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Factory.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Factory.java
deleted file mode 100644
index 0578183..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1Factory.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1Collection;
-import org.apache.haox.asn1.type.Asn1Simple;
-import org.apache.haox.asn1.type.Asn1Type;
-
-public class Asn1Factory {
-
- public static Asn1Type create(int tagNo) {
- UniversalTag tagNoEnum = UniversalTag.fromValue(tagNo);
- if (tagNoEnum != UniversalTag.UNKNOWN) {
- return create(tagNoEnum);
- }
- throw new IllegalArgumentException("Unexpected tag " + tagNo);
- }
-
- public static Asn1Type create(UniversalTag tagNo) {
- if (Asn1Simple.isSimple(tagNo)) {
- return Asn1Simple.createSimple(tagNo);
- } else if (Asn1Collection.isCollection(tagNo)) {
- return Asn1Collection.createCollection(tagNo);
- }
- throw new IllegalArgumentException("Unexpected tag " + tagNo);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1InputBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1InputBuffer.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1InputBuffer.java
deleted file mode 100644
index 10799e1..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1InputBuffer.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.AbstractAsn1Type;
-import org.apache.haox.asn1.type.Asn1Item;
-import org.apache.haox.asn1.type.Asn1Type;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-/**
- * Asn1 decoder
- */
-public class Asn1InputBuffer {
- private final LimitedByteBuffer limitedBuffer;
-
- public Asn1InputBuffer(byte[] bytes) {
- this(new LimitedByteBuffer(bytes));
- }
-
- public Asn1InputBuffer(ByteBuffer byteBuffer) {
- this(new LimitedByteBuffer(byteBuffer));
- }
-
- public Asn1InputBuffer(LimitedByteBuffer limitedByteBuffer) {
- this.limitedBuffer = limitedByteBuffer;
- }
-
- public Asn1Type read() throws IOException {
- if (! limitedBuffer.available()) {
- return null;
- }
- Asn1Item one = AbstractAsn1Type.decodeOne(limitedBuffer);
- if (one.isSimple()) {
- one.decodeValueAsSimple();
- } else if (one.isCollection()) {
- one.decodeValueAsCollection();
- }
- if (one.isFullyDecoded()) {
- return one.getValue();
- }
- return one;
- }
-
- public void readBytes(byte[] bytes) throws IOException {
- limitedBuffer.readBytes(bytes);
- }
-
- public byte[] readAllLeftBytes() throws IOException {
- return limitedBuffer.readAllLeftBytes();
- }
-
- public void skipNext() throws IOException {
- if (limitedBuffer.available()) {
- AbstractAsn1Type.skipOne(limitedBuffer);
- }
- }
-
- public void skipBytes(int len) throws IOException {
- if (limitedBuffer.available()) {
- limitedBuffer.skip(len);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1OutputBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1OutputBuffer.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1OutputBuffer.java
deleted file mode 100644
index 3739498..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/Asn1OutputBuffer.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.AbstractAsn1Type;
-import org.apache.haox.asn1.type.Asn1Type;
-
-import java.nio.ByteBuffer;
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * Asn1 encoder
- */
-public class Asn1OutputBuffer {
- private List<Asn1Type> objects;
-
- public Asn1OutputBuffer() {
- this.objects = new ArrayList<Asn1Type>(3);
- }
-
- public void write(Asn1Type value) {
- objects.add(value);
- }
-
- public void write(Asn1Type value, EncodingOption option) {
- value.setEncodingOption(option);
- objects.add(value);
- }
-
- public ByteBuffer getOutput() {
- int len = encodingLength();
- ByteBuffer byteBuffer = ByteBuffer.allocate(len);
- encode(byteBuffer);
- return byteBuffer;
- }
-
- private int encodingLength() {
- int allLen = 0;
- for (Asn1Type item : objects) {
- if (item != null) {
- allLen += ((AbstractAsn1Type) item).encodingLength();
- }
- }
- return allLen;
- }
-
- private void encode(ByteBuffer buffer) {
- for (Asn1Type item : objects) {
- if (item != null) {
- item.encode(buffer);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/EncodingOption.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/EncodingOption.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/EncodingOption.java
deleted file mode 100644
index ee685ac..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/EncodingOption.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-public enum EncodingOption
-{
- UNKNOWN(-1),
- PRIMITIVE(1),
- CONSTRUCTED(2),
- CONSTRUCTED_DEFLEN(3),
- CONSTRUCTED_INDEFLEN(4),
- IMPLICIT(5),
- EXPLICIT(6),
- BER(7),
- DER(8),
- CER(9);
-
- private int value;
-
- private EncodingOption(int value) {
- this.value = value;
- }
-
- public static int CONSTRUCTED_FLAG = 0x20;
-
- public static boolean isConstructed(int tag) {
- return (tag & CONSTRUCTED_FLAG) != 0;
- }
-
- public int getValue() {
- return value;
- }
-
- public boolean isPrimitive() {
- return this == PRIMITIVE;
- }
-
- public boolean isConstructed() {
- return this == CONSTRUCTED || this == CONSTRUCTED_DEFLEN || this == CONSTRUCTED_INDEFLEN;
- }
-
- public boolean isImplicit() {
- return this == IMPLICIT;
- }
-
- public boolean isExplicit() {
- return this == EXPLICIT;
- }
-
- public boolean isDer() {
- return this == DER;
- }
-
- public boolean isCer() {
- return this == CER;
- }
-
- public static EncodingOption fromValue(int value) {
- for (EncodingOption e : values()) {
- if (e.getValue() == value) {
- return (EncodingOption) e;
- }
- }
-
- return UNKNOWN;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/LimitedByteBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/LimitedByteBuffer.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/LimitedByteBuffer.java
deleted file mode 100644
index 237ee98..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/LimitedByteBuffer.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class LimitedByteBuffer {
- private final ByteBuffer byteBuffer;
- private final int limit;
- private int startOffset;
-
- public LimitedByteBuffer(byte[] bytes) {
- this.byteBuffer = ByteBuffer.wrap(bytes);
- this.limit = bytes.length;
- this.startOffset = 0;
- }
-
- public LimitedByteBuffer(ByteBuffer byteBuffer) {
- this(byteBuffer, byteBuffer.limit());
- }
-
- public LimitedByteBuffer(ByteBuffer byteBuffer, int limit) {
- this.byteBuffer = byteBuffer;
- this.limit = limit;
- this.startOffset = byteBuffer.position();
- }
-
- public LimitedByteBuffer(LimitedByteBuffer other, int limit) {
- if (limit > other.hasLeft()) {
- throw new IllegalArgumentException("limit is too large, out of bound");
- }
- this.byteBuffer = other.byteBuffer.duplicate();
- this.limit = limit;
- this.startOffset = byteBuffer.position();
- }
-
- public boolean available() {
- return byteBuffer.hasRemaining() &&
- byteBuffer.position() - startOffset < limit;
- }
-
- public long hasRead() {
- return byteBuffer.position() - startOffset;
- }
- public long hasLeft() {
- return limit - hasRead();
- }
-
- public byte readByte() throws IOException {
- if (!available()) {
- throw new IOException("Buffer EOF");
- }
- return byteBuffer.get();
- }
-
- public byte[] readAllLeftBytes() throws IOException {
- return readBytes((int) hasLeft());
- }
-
- public void skip(int len) throws IOException {
- checkLen(len);
- int newPos = byteBuffer.position() + len;
- byteBuffer.position(newPos);
- }
-
- public byte[] readBytes(int len) throws IOException {
- checkLen(len);
-
- byte[] bytes = new byte[len];
- if (len > 0) {
- byteBuffer.get(bytes);
- }
- return bytes;
- }
-
- private void checkLen(int len) throws IOException {
- if (len < 0) {
- throw new IllegalArgumentException("Bad argument len: " + len);
- }
- if (len > 0) {
- if (!available()) {
- throw new IOException("Buffer EOF");
- }
- if (hasLeft() < len) {
- throw new IOException("Out of Buffer");
- }
- }
- }
-
- public void readBytes(byte[] bytes) throws IOException {
- if (bytes == null) {
- throw new IllegalArgumentException("Bad argument bytes: null");
- }
- if (!available()) {
- throw new IOException("Buffer EOF");
- }
- if (hasLeft() < bytes.length) {
- throw new IOException("Out of Buffer");
- }
-
- byteBuffer.get(bytes);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TagClass.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TagClass.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TagClass.java
deleted file mode 100644
index 6f517ac..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TagClass.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-public enum TagClass {
- UNKNOWN(-1),
- UNIVERSAL(0x00),
- APPLICATION(0x40),
- CONTEXT_SPECIFIC(0x80),
- PRIVATE(0xC0);
-
- private int value;
-
- private TagClass(int value) {
- this.value = value;
- }
-
- public int getValue() {
- return value;
- }
-
- public boolean isUniversal() {
- return this == UNIVERSAL;
- }
-
- public boolean isAppSpecific() {
- return this == APPLICATION;
- }
-
- public boolean isContextSpecific() {
- return this == CONTEXT_SPECIFIC;
- }
-
- public boolean isTagged() {
- return this == APPLICATION || this == CONTEXT_SPECIFIC;
- }
-
- public static TagClass fromValue(int value) {
- // Optimized by Emmanuel
- switch (value) {
- case 0x00:
- return TagClass.UNIVERSAL;
- case 0x40:
- return TagClass.APPLICATION;
- case 0x80:
- return TagClass.CONTEXT_SPECIFIC;
- case 0xC0:
- return TagClass.PRIVATE;
- default:
- return TagClass.UNKNOWN;
- }
- }
-
- public static TagClass fromTagFlags(int tag) {
- return fromValue(tag & 0xC0);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TaggingOption.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TaggingOption.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TaggingOption.java
deleted file mode 100644
index fc43e10..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/TaggingOption.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-public class TaggingOption
-{
- private int tagNo;
- private boolean isImplicit;
- private boolean isAppSpecific;
-
- public static TaggingOption newImplicitAppSpecific(int tagNo) {
- return new TaggingOption(tagNo, true, true);
- }
-
- public static TaggingOption newExplicitAppSpecific(int tagNo) {
- return new TaggingOption(tagNo, false, true);
- }
-
- public static TaggingOption newImplicitContextSpecific(int tagNo) {
- return new TaggingOption(tagNo, true, false);
- }
-
- public static TaggingOption newExplicitContextSpecific(int tagNo) {
- return new TaggingOption(tagNo, false, false);
- }
-
- private TaggingOption(int tagNo, boolean isImplicit, boolean isAppSpecific) {
- this.tagNo = tagNo;
- this.isImplicit = isImplicit;
- this.isAppSpecific = isAppSpecific;
- }
-
- public int tagFlags(boolean isTaggedConstructed) {
- boolean isConstructed = isImplicit ? isTaggedConstructed : true;
- TagClass tagClass = isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC;
- int flags = tagClass.getValue() | (isConstructed ? EncodingOption.CONSTRUCTED_FLAG : 0x00);
- return flags;
- }
-
- public int getTagNo() {
- return tagNo;
- }
-
- public boolean isAppSpecific() {
- return isAppSpecific;
- }
-
- public boolean isImplicit() {
- return isImplicit;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/UniversalTag.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/UniversalTag.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/UniversalTag.java
deleted file mode 100644
index 1229b06..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/UniversalTag.java
+++ /dev/null
@@ -1,106 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-// Optimized by Emmanuel
-public enum UniversalTag {
- UNKNOWN (-1),
- CHOICE (-2), // Only for internal using
- BOOLEAN (0x01),
- INTEGER (0x02),
- BIT_STRING (0x03),
- OCTET_STRING (0x04),
- NULL (0x05),
- OBJECT_IDENTIFIER (0x06),
- OBJECT_DESCRIPTOR (0x07), // Added for completness
- EXTERNAL (0x08),
- REAL (0x09),
- ENUMERATED (0x0a),
- EMBEDDED_PDV (0x0b), // Added for completness
- UTF8_STRING (0x0c),
- RELATIVE_OID (0x0d), // Added for completness
- RESERVED_14 (0x0e), // Added for completness
- RESERVED_15 (0x0f), // Added for completness
- SEQUENCE (0x10),
- SEQUENCE_OF (0x10),
- SET (0x11),
- SET_OF (0x11),
- NUMERIC_STRING (0x12),
- PRINTABLE_STRING (0x13),
- T61_STRING (0x14),
- VIDEOTEX_STRING (0x15),
- IA5_STRING (0x16),
- UTC_TIME (0x17),
- GENERALIZED_TIME (0x18),
- GRAPHIC_STRING (0x19),
- VISIBLE_STRING (0x1a),
- GENERAL_STRING (0x1b),
- UNIVERSAL_STRING (0x1c),
- CHARACTER_STRING (0x1d), // Added for completness
- BMP_STRING (0x1e),
- RESERVED_31 (0x1f); // Added for completness
-
- private int value;
-
- private UniversalTag(int value) {
- this.value = value;
- }
-
- public int getValue() {
- return value;
- }
-
- public static UniversalTag fromValue(int value) {
- switch (value) {
- case 0x01 : return BOOLEAN;
- case 0x02 : return INTEGER;
- case 0x03 : return BIT_STRING;
- case 0x04 : return OCTET_STRING;
- case 0x05 : return NULL;
- case 0x06 : return OBJECT_IDENTIFIER;
- case 0x07 : return OBJECT_DESCRIPTOR;
- case 0x08 : return EXTERNAL;
- case 0x09 : return REAL;
- case 0x0A : return ENUMERATED;
- case 0x0B : return EMBEDDED_PDV;
- case 0x0C : return UTF8_STRING;
- case 0x0D : return RELATIVE_OID;
- case 0x0E : return RESERVED_14;
- case 0x0F : return RESERVED_15;
- case 0x10 : return SEQUENCE;
- case 0x11 : return SET;
- case 0x12 : return NUMERIC_STRING;
- case 0x13 : return PRINTABLE_STRING;
- case 0x14 : return T61_STRING;
- case 0x15 : return VIDEOTEX_STRING;
- case 0x16 : return IA5_STRING;
- case 0x17 : return UTC_TIME;
- case 0x18 : return GENERALIZED_TIME;
- case 0x19 : return GRAPHIC_STRING;
- case 0x1A : return VISIBLE_STRING;
- case 0x1B : return GENERAL_STRING;
- case 0x1C : return UNIVERSAL_STRING;
- case 0x1D : return CHARACTER_STRING;
- case 0x1E : return BMP_STRING;
- case 0x1F : return RESERVED_31;
- default : return UNKNOWN;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/AbstractAsn1Type.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/AbstractAsn1Type.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/AbstractAsn1Type.java
deleted file mode 100644
index 576d248..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/AbstractAsn1Type.java
+++ /dev/null
@@ -1,420 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.TaggingOption;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public abstract class AbstractAsn1Type<T> implements Asn1Type {
- private TagClass tagClass = TagClass.UNKNOWN;
- private int tagNo = -1;
- private int tagFlags = -1;
- protected EncodingOption encodingOption = EncodingOption.UNKNOWN;
- private int encodingLen = -1;
- private T value;
-
- public AbstractAsn1Type(TagClass tagClass, int tagNo) {
- this(tagClass, tagNo, null);
- }
-
- public AbstractAsn1Type(int tagFlags, int tagNo) {
- this(tagFlags, tagNo, null);
- }
-
- public AbstractAsn1Type(int tagFlags, int tagNo, T value) {
- this(TagClass.fromTagFlags(tagFlags), tagNo, value);
- setTagFlags(tagFlags);
- }
-
- public AbstractAsn1Type(TagClass tagClass, int tagNo, T value) {
- this.tagClass = tagClass;
- this.tagNo = tagNo;
- this.value = value;
- }
-
- public void setEncodingOption(EncodingOption encodingOption) {
- this.encodingOption = encodingOption;
- }
-
- public T getValue() {
- return value;
- }
-
- public void setValue(T value) {
- this.value = value;
- }
-
- protected TagClass tagClass() {
- return tagClass;
- }
-
- @Override
- public int tagNo() {
- return tagNo;
- }
-
- protected void setTagFlags(int tagFlags) {
- this.tagFlags = tagFlags & 0xe0;
- }
-
- protected void setTagNo(int tagNo) {
- this.tagNo = tagNo;
- }
-
- @Override
- public byte[] encode() {
- ByteBuffer byteBuffer = ByteBuffer.allocate(encodingLength());
- encode(byteBuffer);
- byteBuffer.flip();
- return byteBuffer.array();
- }
-
- @Override
- public void encode(ByteBuffer buffer) {
- encodeTag(buffer, tagFlags(), tagNo());
- encodeLength(buffer, encodingBodyLength());
- encodeBody(buffer);
- }
-
- protected void encodeBody(ByteBuffer buffer) { }
-
- @Override
- public void decode(byte[] content) throws IOException {
- decode(new LimitedByteBuffer(content));
- }
-
- @Override
- public void decode(ByteBuffer content) throws IOException {
- decode(new LimitedByteBuffer(content));
- }
-
- @Override
- public int tagFlags() {
- if (tagFlags == -1) {
- int flags = tagClass.getValue();
- if (isConstructed()) flags |= EncodingOption.CONSTRUCTED_FLAG;
- return flags;
- }
- return tagFlags;
- }
-
- @Override
- public int encodingLength() {
- if (encodingLen == -1) {
- int bodyLen = encodingBodyLength();
- encodingLen = lengthOfTagLength(tagNo()) + lengthOfBodyLength(bodyLen) + bodyLen;
- }
- return encodingLen;
- }
-
- public boolean isConstructed() {
- if (tagFlags != -1) {
- return (tagFlags & EncodingOption.CONSTRUCTED_FLAG) != 0;
- } else {
- return false;
- }
- }
-
- public boolean isUniversal() {
- return tagClass.isUniversal();
- }
-
- public boolean isAppSpecific() {
- return tagClass.isAppSpecific();
- }
-
- public boolean isContextSpecific() {
- return tagClass.isContextSpecific();
- }
-
- public boolean isTagged() {
- return tagClass.isTagged();
- }
-
- public boolean isSimple() {
- return isUniversal() && Asn1Simple.isSimple(tagNo);
- }
-
- public boolean isCollection() {
- return isUniversal() && Asn1Collection.isCollection(tagNo);
- }
-
- protected abstract int encodingBodyLength();
-
- protected void decode(LimitedByteBuffer content) throws IOException {
- int tag = readTag(content);
- int tagNo = readTagNo(content, tag);
- int length = readLength(content);
-
- decode(tag, tagNo, new LimitedByteBuffer(content, length));
- }
-
- public void decode(int tagFlags, int tagNo, LimitedByteBuffer content) throws IOException {
- if (this.tagClass != TagClass.UNKNOWN && this.tagClass != TagClass.fromTagFlags(tagFlags)) {
- throw new IOException("Unexpected tagFlags " + tagFlags + ", expecting " + this.tagClass);
- }
- if (this.tagNo != -1 && this.tagNo != tagNo) {
- throw new IOException("Unexpected tagNo " + tagNo + ", expecting " + this.tagNo);
- }
-
- this.tagClass = TagClass.fromTagFlags(tagFlags);
- this.tagFlags = tagFlags;
- this.tagNo = tagNo;
-
- decodeBody(content);
- }
-
- protected abstract void decodeBody(LimitedByteBuffer content) throws IOException;
-
- protected int taggedEncodingLength(TaggingOption taggingOption) {
- int taggingTagNo = taggingOption.getTagNo();
- int taggingBodyLen = taggingOption.isImplicit() ? encodingBodyLength() : encodingLength();
- int taggingEncodingLen = lengthOfTagLength(taggingTagNo) + lengthOfBodyLength(taggingBodyLen) + taggingBodyLen;
- return taggingEncodingLen;
- }
-
- public byte[] taggedEncode(TaggingOption taggingOption) {
- ByteBuffer byteBuffer = ByteBuffer.allocate(taggedEncodingLength(taggingOption));
- taggedEncode(byteBuffer, taggingOption);
- byteBuffer.flip();
- return byteBuffer.array();
- }
-
- @Override
- public void taggedEncode(ByteBuffer buffer, TaggingOption taggingOption) {
- int taggingTagFlags = taggingOption.tagFlags(isConstructed());
- encodeTag(buffer, taggingTagFlags, taggingOption.getTagNo());
- int taggingBodyLen = taggingOption.isImplicit() ? encodingBodyLength() : encodingLength();
- encodeLength(buffer, taggingBodyLen);
- if (taggingOption.isImplicit()) {
- encodeBody(buffer);
- } else {
- encode(buffer);
- }
- }
-
- public void taggedDecode(byte[] content, TaggingOption taggingOption) throws IOException {
- taggedDecode(ByteBuffer.wrap(content), taggingOption);
- }
-
- @Override
- public void taggedDecode(ByteBuffer content, TaggingOption taggingOption) throws IOException {
- LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(content);
- taggedDecode(limitedBuffer, taggingOption);
- }
-
- protected void taggedDecode(LimitedByteBuffer content, TaggingOption taggingOption) throws IOException {
- int taggingTag = readTag(content);
- int taggingTagNo = readTagNo(content, taggingTag);
- int taggingLength = readLength(content);
- LimitedByteBuffer newContent = new LimitedByteBuffer(content, taggingLength);
-
- int tagFlags = taggingTag & 0xe0;
- taggedDecode(tagFlags, taggingTagNo, newContent, taggingOption);
- }
-
- protected void taggedDecode(int taggingTagFlags, int taggingTagNo, LimitedByteBuffer content, TaggingOption taggingOption) throws IOException {
- int expectedTaggingTagFlags = taggingOption.tagFlags(isConstructed());
- if (expectedTaggingTagFlags != taggingTagFlags) {
- throw new IOException("Unexpected tag flags" + taggingTagFlags + ", expecting " + expectedTaggingTagFlags);
- }
- if (taggingOption.getTagNo() != taggingTagNo) {
- throw new IOException("Unexpected tagNo " + taggingTagNo + ", expecting " + taggingOption.getTagNo());
- }
-
- if (taggingOption.isImplicit()) {
- decodeBody(content);
- } else {
- decode(content);
- }
- }
-
- public static Asn1Item decodeOne(LimitedByteBuffer content) throws IOException {
- int tag = readTag(content);
- int tagNo = readTagNo(content, tag);
- boolean isConstructed = EncodingOption.isConstructed(tag);
- int length = readLength(content);
- if (length < 0) {
- throw new IOException("Unexpected length");
- }
- LimitedByteBuffer valueContent = new LimitedByteBuffer(content, length);
- content.skip(length);
-
- Asn1Item result = new Asn1Item(tag, tagNo, valueContent);
- if (result.isSimple()) {
- result.decodeValueAsSimple();
- }
- return result;
- }
-
- public static void skipOne(LimitedByteBuffer content) throws IOException {
- int tag = readTag(content);
- int tagNo = readTagNo(content, tag);
- int length = readLength(content);
- if (length < 0) {
- throw new IOException("Unexpected length");
- }
- content.skip(length);
- }
-
- public static int lengthOfBodyLength(int bodyLength) {
- int length = 1;
-
- if (bodyLength > 127) {
- int payload = bodyLength;
- while (payload != 0) {
- payload >>= 8;
- length++;
- }
- }
-
- return length;
- }
-
- public static int lengthOfTagLength(int tagNo) {
- int length = 1;
-
- if (tagNo >= 31) {
- if (tagNo < 128) {
- length++;
- } else {
- length++;
-
- do {
- tagNo >>= 7;
- length++;
- } while (tagNo > 127);
- }
- }
-
- return length;
- }
-
- public static void encodeTag(ByteBuffer buffer, int flags, int tagNo) {
- if (tagNo < 31) {
- buffer.put((byte) (flags | tagNo));
- } else {
- buffer.put((byte) (flags | 0x1f));
- if (tagNo < 128) {
- buffer.put((byte) tagNo);
- } else {
- byte[] tmpBytes = new byte[5]; // 5 * 7 > 32
- int iPut = tmpBytes.length;
-
- tmpBytes[--iPut] = (byte)(tagNo & 0x7f);
- do {
- tagNo >>= 7;
- tmpBytes[--iPut] = (byte)(tagNo & 0x7f | 0x80);
- } while (tagNo > 127);
-
- buffer.put(tmpBytes, iPut, tmpBytes.length - iPut);
- }
- }
- }
-
- public static void encodeLength(ByteBuffer buffer, int bodyLength) {
- if (bodyLength < 128) {
- buffer.put((byte) bodyLength);
- } else {
- int length = 0;
- int payload = bodyLength;
-
- while (payload != 0) {
- payload >>= 8;
- length++;
- }
-
- buffer.put((byte) (length | 0x80));
-
- payload = bodyLength;
- for (int i = length - 1; i >= 0; i--) {
- buffer.put((byte) (payload >> (i * 8)));
- }
- }
- }
-
- public static int readTag(LimitedByteBuffer buffer) throws IOException {
- int tag = buffer.readByte() & 0xff;
- if (tag == 0) {
- throw new IOException("Bad tag 0 found");
- }
- return tag;
- }
-
- public static int readTagNo(LimitedByteBuffer buffer, int tag) throws IOException {
- int tagNo = tag & 0x1f;
-
- if (tagNo == 0x1f) {
- tagNo = 0;
-
- int b = buffer.readByte() & 0xff;
- if ((b & 0x7f) == 0) {
- throw new IOException("Invalid high tag number found");
- }
-
- while ((b >= 0) && ((b & 0x80) != 0)) {
- tagNo |= (b & 0x7f);
- tagNo <<= 7;
- b = buffer.readByte();
- }
-
- tagNo |= (b & 0x7f);
- }
-
- return tagNo;
- }
-
- public static int readLength(LimitedByteBuffer buffer) throws IOException {
- int bodyLength = buffer.readByte() & 0xff;
- if (bodyLength < 0) {
- throw new EOFException("Unexpected EOF");
- }
-
- if (bodyLength > 127) {
- int length = bodyLength & 0x7f;
- if (length > 4) {
- throw new IOException("Bad bodyLength of more than 4 bytes: " + length);
- }
-
- bodyLength = 0;
- int tmp;
- for (int i = 0; i < length; i++) {
- tmp = buffer.readByte() & 0xff;
- bodyLength = (bodyLength << 8) + tmp;
- }
-
- if (bodyLength < 0) {
- throw new IOException("Invalid bodyLength " + bodyLength);
- }
- if (bodyLength > buffer.hasLeft()) {
- throw new IOException("Corrupt stream - less data "
- + buffer.hasLeft() + " than expected " + bodyLength);
- }
- }
-
- return bodyLength;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Any.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Any.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Any.java
deleted file mode 100644
index 5c62317..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Any.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class Asn1Any extends AbstractAsn1Type<Asn1Type> {
-
- public Asn1Any(Asn1Type anyValue) {
- super(anyValue.tagFlags(), anyValue.tagNo(), anyValue);
- }
-
- @Override
- protected int encodingBodyLength() {
- return ((AbstractAsn1Type) getValue()).encodingBodyLength();
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- ((AbstractAsn1Type) getValue()).encodeBody(buffer);
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- ((AbstractAsn1Type) getValue()).decodeBody(content);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BigInteger.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BigInteger.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BigInteger.java
deleted file mode 100644
index f8bdd30..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BigInteger.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-public class Asn1BigInteger extends Asn1Simple<BigInteger>
-{
- public Asn1BigInteger() {
- this(null);
- }
-
- public Asn1BigInteger(long value) {
- this(BigInteger.valueOf(value));
- }
-
- public Asn1BigInteger(BigInteger value) {
- super(UniversalTag.INTEGER, value);
- }
-
- protected void toBytes() {
- setBytes(getValue().toByteArray());
- }
-
- protected void toValue() throws IOException {
- setValue(new BigInteger(getBytes()));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BitString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BitString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BitString.java
deleted file mode 100644
index 331a5a4..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BitString.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-
-public class Asn1BitString extends Asn1Simple<byte[]>
-{
- private int padding;
-
- public Asn1BitString() {
- this(null);
- }
-
- public Asn1BitString(byte[] value) {
- this(value, 0);
- }
-
- public Asn1BitString(byte[] value, int padding) {
- super(UniversalTag.BIT_STRING, value);
- this.padding = padding;
- }
-
- public void setPadding(int padding) {
- this.padding = padding;
- }
-
- public int getPadding() {
- return padding;
- }
-
- @Override
- protected int encodingBodyLength() {
- return getValue().length + 1;
- }
-
- @Override
- protected void toBytes() {
- byte[] bytes = new byte[encodingBodyLength()];
- bytes[0] = (byte)padding;
- System.arraycopy(getValue(), 0, bytes, 1, bytes.length - 1);
- setBytes(bytes);
- }
-
- @Override
- protected void toValue() throws IOException {
- byte[] bytes = getBytes();
- if (bytes.length < 1) {
- throw new IOException("Bad stream, zero bytes found for bitstring");
- }
- int paddingBits = bytes[0];
- validatePaddingBits(paddingBits);
- setPadding(paddingBits);
-
- byte[] newBytes = new byte[bytes.length - 1];
- if (bytes.length > 1) {
- System.arraycopy(bytes, 1, newBytes, 0, bytes.length - 1);
- }
- setValue(newBytes);
- }
-
- private void validatePaddingBits(int paddingBits) throws IOException {
- if (paddingBits < 0 || paddingBits > 7) {
- throw new IOException("Bad padding number: " + paddingBits + ", should be in [0, 7]");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BmpString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BmpString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BmpString.java
deleted file mode 100644
index b51c2a4..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1BmpString.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-
-public class Asn1BmpString extends Asn1Simple<String>
-{
- public Asn1BmpString() {
- super(null);
- }
-
- public Asn1BmpString(String value) {
- super(UniversalTag.BMP_STRING, value);
- }
-
- @Override
- protected int encodingBodyLength() {
- return getValue().length() * 2;
- }
-
- protected void toBytes(EncodingOption encodingOption) {
- String strValue = getValue();
- int len = strValue.length();
- byte[] bytes = new byte[len * 2];
- char c;
- for (int i = 0; i != len; i++) {
- c = strValue.charAt(i);
- bytes[2 * i] = (byte)(c >> 8);
- bytes[2 * i + 1] = (byte)c;
- }
- setBytes(bytes);
- }
-
- protected void toValue() throws IOException {
- byte[] bytes = getBytes();
- char[] chars = new char[bytes.length / 2];
- for (int i = 0; i != chars.length; i++) {
- chars[i] = (char)((bytes[2 * i] << 8) | (bytes[2 * i + 1] & 0xff));
- }
- setValue(new String(chars));
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- if (content.hasLeft() % 2 != 0) {
- throw new IOException("Bad stream, BMP string expecting multiple of 2 bytes");
- }
- super.decodeBody(content);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Boolean.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Boolean.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Boolean.java
deleted file mode 100644
index af9e557..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Boolean.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-
-public class Asn1Boolean extends Asn1Simple<Boolean>
-{
- private static final byte[] TRUE_BYTE = new byte[] { (byte)0xff };
- private static final byte[] FALSE_BYTE = new byte[] { (byte)0x00 };
-
- public static final Asn1Boolean TRUE = new Asn1Boolean(true);
- public static final Asn1Boolean FALSE = new Asn1Boolean(false);
-
- public Asn1Boolean() {
- this(null);
- }
-
- public Asn1Boolean(Boolean value) {
- super(UniversalTag.BOOLEAN, value);
- }
-
- @Override
- protected int encodingBodyLength() {
- return 1;
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- if (content.hasLeft() != 1) {
- throw new IOException("More than 1 byte found for Boolean");
- }
- super.decodeBody(content);
- }
-
- @Override
- protected void toBytes() {
- setBytes(getValue() ? TRUE_BYTE : FALSE_BYTE);
- }
-
- protected void toValue() throws IOException {
- byte[] bytes = getBytes();
- if (bytes[0] == 0) {
- setValue(false);
- } else if (bytes[0] == 0xff) {
- setValue(true);
- } else {
- setValue(true);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Choice.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Choice.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Choice.java
deleted file mode 100644
index c78df47..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Choice.java
+++ /dev/null
@@ -1,173 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.*;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class Asn1Choice extends AbstractAsn1Type<Asn1Type> {
-
- private Asn1FieldInfo[] fieldInfos;
- private Asn1Type[] fields;
-
- public Asn1Choice(Asn1FieldInfo[] fieldInfos) {
- super(TagClass.UNIVERSAL, UniversalTag.CHOICE.getValue());
- setValue(this);
- this.fieldInfos = fieldInfos;
- this.fields = new Asn1Type[fieldInfos.length];
- setEncodingOption(EncodingOption.CONSTRUCTED);
- }
-
- @Override
- public boolean isConstructed() {
- return true;
- }
-
- @Override
- protected int encodingBodyLength() {
- AbstractAsn1Type field;
- TaggingOption taggingOption;
- for (int i = 0; i < fields.length; ++i) {
- field = (AbstractAsn1Type) fields[i];
- if (field != null) {
- if (fieldInfos[i].isTagged()) {
- taggingOption = fieldInfos[i].getTaggingOption();
- return field.taggedEncodingLength(taggingOption);
- } else {
- return field.encodingLength();
- }
- }
- }
- return 0;
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- Asn1Type field;
- TaggingOption taggingOption;
- for (int i = 0; i < fields.length; ++i) {
- field = fields[i];
- if (field != null) {
- if (fieldInfos[i].isTagged()) {
- taggingOption = fieldInfos[i].getTaggingOption();
- field.taggedEncode(buffer, taggingOption);
- } else {
- field.encode(buffer);
- }
- break;
- }
- }
- }
-
- @Override
- protected void decode(LimitedByteBuffer content) throws IOException {
- int foundPos = -1;
- Asn1Item item = decodeOne(content);
- for (int i = 0; i < fieldInfos.length; ++i) {
- if (item.isContextSpecific()) {
- if (fieldInfos[i].getTagNo() == item.tagNo()) {
- foundPos = i;
- break;
- }
- } else {
- initField(i);
- if (fields[i].tagFlags() == item.tagFlags() &&
- fields[i].tagNo() == item.tagNo()) {
- foundPos = i;
- break;
- } else {
- fields[i] = null;
- }
- }
- }
- if (foundPos == -1) {
- throw new RuntimeException("Unexpected item with (tagFlags, tagNo): ("
- + item.tagFlags() + ", " + item.tagNo() + ")");
- }
-
- if (! item.isFullyDecoded()) {
- AbstractAsn1Type fieldValue = (AbstractAsn1Type) fields[foundPos];
- if (item.isContextSpecific()) {
- item.decodeValueWith(fieldValue, fieldInfos[foundPos].getTaggingOption());
- } else {
- item.decodeValueWith(fieldValue);
- }
- }
- fields[foundPos] = item.getValue();
- }
-
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- // Not used
- }
-
- private void initField(int idx) {
- try {
- fields[idx] = fieldInfos[idx].getType().newInstance();
- } catch (Exception e) {
- throw new IllegalArgumentException("Bad field info specified at index of " + idx, e);
- }
- }
-
- protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
- Asn1Type value = fields[index];
- if (value == null) return null;
- return (T) value;
- }
-
- protected void setFieldAs(int index, Asn1Type value) {
- fields[index] = value;
- }
-
- protected String getFieldAsString(int index) {
- Asn1Type value = fields[index];
- if (value == null) return null;
-
- if (value instanceof Asn1String) {
- return ((Asn1String) value).getValue();
- }
-
- throw new RuntimeException("The targeted field type isn't of string");
- }
-
- protected byte[] getFieldAsOctets(int index) {
- Asn1OctetString value = getFieldAs(index, Asn1OctetString.class);
- if (value != null) return value.getValue();
- return null;
- }
-
- protected void setFieldAsOctets(int index, byte[] bytes) {
- Asn1OctetString value = new Asn1OctetString(bytes);
- setFieldAs(index, value);
- }
-
- protected Integer getFieldAsInteger(int index) {
- Asn1Integer value = getFieldAs(index, Asn1Integer.class);
- if (value != null) {
- return value.getValue();
- }
- return null;
- }
-
- protected void setFieldAsInt(int index, int value) {
- setFieldAs(index, new Asn1Integer(value));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Collection.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Collection.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Collection.java
deleted file mode 100644
index cf5158b..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Collection.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.util.ArrayList;
-import java.util.List;
-
-public class Asn1Collection extends AbstractAsn1Type<List<Asn1Item>>
-{
- public Asn1Collection(TagClass tagClass, int tagNo) {
- super(tagClass, tagNo);
- setValue(new ArrayList<Asn1Item>());
- setEncodingOption(EncodingOption.CONSTRUCTED);
- }
-
- @Override
- public boolean isConstructed() {
- return true;
- }
-
- public void addItem(Asn1Type value) {
- if (value instanceof Asn1Item) {
- getValue().add((Asn1Item) value);
- } else {
- getValue().add(new Asn1Item(value));
- }
- }
-
- public void clear() {
- getValue().clear();
- }
-
- @Override
- protected int encodingBodyLength() {
- List<Asn1Item> valueItems = getValue();
- int allLen = 0;
- for (Asn1Item item : valueItems) {
- if (item != null) {
- allLen += item.encodingLength();
- }
- }
- return allLen;
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- List<Asn1Item> valueItems = getValue();
- for (Asn1Item item : valueItems) {
- if (item != null) {
- item.encode(buffer);
- }
- }
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- while (content.available()) {
- Asn1Type aValue = decodeOne(content);
- if (aValue != null) {
- if (aValue instanceof Asn1Item) {
- addItem((Asn1Item) aValue);
- } else {
- addItem(aValue);
- }
- } else {
- throw new RuntimeException("Unexpected running into here");
- }
- }
- }
-
- public static boolean isCollection(int tagNo) {
- return isCollection(UniversalTag.fromValue(tagNo));
- }
-
- public static boolean isCollection(UniversalTag tagNo) {
- switch (tagNo) {
- case SEQUENCE:
- case SEQUENCE_OF:
- case SET:
- case SET_OF:
- return true;
- default:
- return false;
- }
- }
-
- public static Asn1Type createCollection(int tagNo) {
- if (! isCollection(tagNo)) {
- throw new IllegalArgumentException("Not collection type, tag: " + tagNo);
- }
- return createCollection(UniversalTag.fromValue(tagNo));
- }
-
- public static Asn1Type createCollection(UniversalTag tagNo) {
- if (! isCollection(tagNo)) {
- throw new IllegalArgumentException("Not collection type, tag: " + tagNo);
- }
-
- switch (tagNo) {
- case SEQUENCE:
- return new Asn1Sequence();
- case SEQUENCE_OF:
- return new Asn1Sequence();
- case SET:
- return new Asn1Set();
- case SET_OF:
- return new Asn1Set();
- default:
- throw new IllegalArgumentException("Unexpected tag " + tagNo.getValue());
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionOf.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionOf.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionOf.java
deleted file mode 100644
index 106aaac..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionOf.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TagClass;
-
-import java.io.IOException;
-import java.lang.reflect.ParameterizedType;
-import java.util.ArrayList;
-import java.util.List;
-
-public abstract class Asn1CollectionOf<T extends Asn1Type> extends Asn1Collection
-{
- public Asn1CollectionOf(TagClass tagClass, int tagNo) {
- super(tagClass, tagNo);
- }
-
- public List<T> getElements() {
- List<Asn1Item> items = getValue();
- int nElements = items != null ? items.size() : 0;
- List<T> results = new ArrayList<T>(nElements);
- if (nElements > 0) {
- for (Asn1Item item : items) {
- if (!item.isFullyDecoded()) {
- try {
- item.decodeValueAs(getElementType());
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
- results.add((T) item.getValue());
- }
- }
- return results;
- }
-
- public void setElements(List<T> elements) {
- super.clear();
-
- for (T ele : elements) {
- addElement(ele);
- }
- }
-
- public void addElements(T ... elements) {
- for (T ele : elements) {
- addElement(ele);
- }
- }
-
- public void addElement(T element) {
- super.addItem(element);
- }
-
- @Override
- public void addItem(Asn1Type value) {
- Class<T> eleType = getElementType();
- if (value instanceof Asn1Item) {
- super.addItem(value);
- } else if (! eleType.isInstance(value)) {
- throw new RuntimeException("Unexpected element type " + value.getClass().getCanonicalName());
- } else {
- addElement((T) value);
- }
- }
-
- protected Class<T> getElementType() {
- Class<T> elementType = (Class<T>) ((ParameterizedType) getClass().getGenericSuperclass()).getActualTypeArguments()[0];
- return elementType;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionType.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionType.java
deleted file mode 100644
index cc6a054..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1CollectionType.java
+++ /dev/null
@@ -1,195 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.TaggingOption;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-/**
- * For collection type that may consist of tagged fields
- */
-public abstract class Asn1CollectionType extends AbstractAsn1Type<Asn1CollectionType> {
- private Asn1FieldInfo[] fieldInfos;
- private Asn1Type[] fields;
-
- public Asn1CollectionType(int universalTagNo, Asn1FieldInfo[] fieldInfos) {
- super(TagClass.UNIVERSAL, universalTagNo);
- setValue(this);
- this.fieldInfos = fieldInfos;
- this.fields = new Asn1Type[fieldInfos.length];
- setEncodingOption(EncodingOption.CONSTRUCTED);
- }
-
- @Override
- public boolean isConstructed() {
- return true;
- }
-
- @Override
- protected int encodingBodyLength() {
- int allLen = 0;
- AbstractAsn1Type field;
- TaggingOption taggingOption;
- for (int i = 0; i < fields.length; ++i) {
- field = (AbstractAsn1Type) fields[i];
- if (field != null) {
- if (fieldInfos[i].isTagged()) {
- taggingOption = fieldInfos[i].getTaggingOption();
- allLen += field.taggedEncodingLength(taggingOption);
- } else {
- allLen += field.encodingLength();
- }
- }
- }
- return allLen;
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- Asn1Type field;
- TaggingOption taggingOption;
- for (int i = 0; i < fields.length; ++i) {
- field = fields[i];
- if (field != null) {
- if (fieldInfos[i].isTagged()) {
- taggingOption = fieldInfos[i].getTaggingOption();
- field.taggedEncode(buffer, taggingOption);
- } else {
- field.encode(buffer);
- }
- }
- }
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- initFields();
-
- Asn1Collection coll = createCollection();
- coll.decode(tagFlags(), tagNo(), content);
-
- int lastPos = -1, foundPos = -1;
- for (Asn1Item item : coll.getValue()) {
- foundPos = -1;
- for (int i = lastPos + 1; i < fieldInfos.length; ++i) {
- if (item.isContextSpecific()) {
- if(fieldInfos[i].getTagNo() == item.tagNo()) {
- foundPos = i;
- break;
- }
- } else if (fields[i].tagFlags() == item.tagFlags() &&
- fields[i].tagNo() == item.tagNo()) {
- foundPos = i;
- break;
- }
- }
- if (foundPos == -1) {
- throw new RuntimeException("Unexpected item with (tagFlags, tagNo): ("
- + item.tagFlags() + ", " + item.tagNo() + ")");
- }
-
- if (! item.isFullyDecoded()) {
- AbstractAsn1Type fieldValue = (AbstractAsn1Type) fields[foundPos];
- if (item.isContextSpecific()) {
- item.decodeValueWith(fieldValue, fieldInfos[foundPos].getTaggingOption());
- } else {
- item.decodeValueWith(fieldValue);
- }
- }
- fields[foundPos] = item.getValue();
- lastPos = foundPos;
- }
- }
-
- private void initFields() {
- for (int i = 0; i < fieldInfos.length; ++i) {
- try {
- fields[i] = fieldInfos[i].getType().newInstance();
- } catch (Exception e) {
- throw new IllegalArgumentException("Bad field info specified at index of " + i, e);
- }
- }
- }
-
- protected abstract Asn1Collection createCollection();
-
- protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
- Asn1Type value = fields[index];
- if (value == null) return null;
- return (T) value;
- }
-
- protected void setFieldAs(int index, Asn1Type value) {
- fields[index] = value;
- }
-
- protected String getFieldAsString(int index) {
- Asn1Type value = fields[index];
- if (value == null) return null;
-
- if (value instanceof Asn1String) {
- return ((Asn1String) value).getValue();
- }
-
- throw new RuntimeException("The targeted field type isn't of string");
- }
-
- protected byte[] getFieldAsOctets(int index) {
- Asn1OctetString value = getFieldAs(index, Asn1OctetString.class);
- if (value != null) return value.getValue();
- return null;
- }
-
- protected void setFieldAsOctets(int index, byte[] bytes) {
- Asn1OctetString value = new Asn1OctetString(bytes);
- setFieldAs(index, value);
- }
-
- protected Integer getFieldAsInteger(int index) {
- Asn1Integer value = getFieldAs(index, Asn1Integer.class);
- if (value != null) {
- return value.getValue();
- }
- return null;
- }
-
- protected void setFieldAsInt(int index, int value) {
- setFieldAs(index, new Asn1Integer(value));
- }
-
- protected Asn1Type getFieldAsAny(int index) {
- Asn1Any any = getFieldAs(index, Asn1Any.class);
- if (any != null) {
- return any.getValue();
- }
- return null;
- }
-
- protected void setFieldAsAny(int index, Asn1Type value) {
- if (value != null) {
- setFieldAs(index, new Asn1Any(value));
- }
- }
-}
[12/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaKey.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaKey.java
new file mode 100644
index 0000000..c792910
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaKey.java
@@ -0,0 +1,433 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+/**
+ * Camellia - based on RFC 3713, about half the size of CamelliaEngine.
+ *
+ * This is based on CamelliaEngine.java from bouncycastle library.
+ */
+
+public class CamelliaKey {
+ private int keySize;
+
+ protected int[] subkey = new int[24 * 4];
+ protected int[] kw = new int[4 * 2]; // for whitening
+ protected int[] ke = new int[6 * 2]; // for FL and FL^(-1)
+
+ private static final int SIGMA[] = {
+ 0xa09e667f, 0x3bcc908b,
+ 0xb67ae858, 0x4caa73b2,
+ 0xc6ef372f, 0xe94f82be,
+ 0x54ff53a5, 0xf1d36f1c,
+ 0x10e527fa, 0xde682d1d,
+ 0xb05688c2, 0xb3e6c1fd
+ };
+
+ // S-box data
+ protected static final byte SBOX1[] = {
+ (byte)112, (byte)130, (byte)44, (byte)236,
+ (byte)179, (byte)39, (byte)192, (byte)229,
+ (byte)228, (byte)133, (byte)87, (byte)53,
+ (byte)234, (byte)12, (byte)174, (byte)65,
+ (byte)35, (byte)239, (byte)107, (byte)147,
+ (byte)69, (byte)25, (byte)165, (byte)33,
+ (byte)237, (byte)14, (byte)79, (byte)78,
+ (byte)29, (byte)101, (byte)146, (byte)189,
+ (byte)134, (byte)184, (byte)175, (byte)143,
+ (byte)124, (byte)235, (byte)31, (byte)206,
+ (byte)62, (byte)48, (byte)220, (byte)95,
+ (byte)94, (byte)197, (byte)11, (byte)26,
+ (byte)166, (byte)225, (byte)57, (byte)202,
+ (byte)213, (byte)71, (byte)93, (byte)61,
+ (byte)217, (byte)1, (byte)90, (byte)214,
+ (byte)81, (byte)86, (byte)108, (byte)77,
+ (byte)139, (byte)13, (byte)154, (byte)102,
+ (byte)251, (byte)204, (byte)176, (byte)45,
+ (byte)116, (byte)18, (byte)43, (byte)32,
+ (byte)240, (byte)177, (byte)132, (byte)153,
+ (byte)223, (byte)76, (byte)203, (byte)194,
+ (byte)52, (byte)126, (byte)118, (byte)5,
+ (byte)109, (byte)183, (byte)169, (byte)49,
+ (byte)209, (byte)23, (byte)4, (byte)215,
+ (byte)20, (byte)88, (byte)58, (byte)97,
+ (byte)222, (byte)27, (byte)17, (byte)28,
+ (byte)50, (byte)15, (byte)156, (byte)22,
+ (byte)83, (byte)24, (byte)242, (byte)34,
+ (byte)254, (byte)68, (byte)207, (byte)178,
+ (byte)195, (byte)181, (byte)122, (byte)145,
+ (byte)36, (byte)8, (byte)232, (byte)168,
+ (byte)96, (byte)252, (byte)105, (byte)80,
+ (byte)170, (byte)208, (byte)160, (byte)125,
+ (byte)161, (byte)137, (byte)98, (byte)151,
+ (byte)84, (byte)91, (byte)30, (byte)149,
+ (byte)224, (byte)255, (byte)100, (byte)210,
+ (byte)16, (byte)196, (byte)0, (byte)72,
+ (byte)163, (byte)247, (byte)117, (byte)219,
+ (byte)138, (byte)3, (byte)230, (byte)218,
+ (byte)9, (byte)63, (byte)221, (byte)148,
+ (byte)135, (byte)92, (byte)131, (byte)2,
+ (byte)205, (byte)74, (byte)144, (byte)51,
+ (byte)115, (byte)103, (byte)246, (byte)243,
+ (byte)157, (byte)127, (byte)191, (byte)226,
+ (byte)82, (byte)155, (byte)216, (byte)38,
+ (byte)200, (byte)55, (byte)198, (byte)59,
+ (byte)129, (byte)150, (byte)111, (byte)75,
+ (byte)19, (byte)190, (byte)99, (byte)46,
+ (byte)233, (byte)121, (byte)167, (byte)140,
+ (byte)159, (byte)110, (byte)188, (byte)142,
+ (byte)41, (byte)245, (byte)249, (byte)182,
+ (byte)47, (byte)253, (byte)180, (byte)89,
+ (byte)120, (byte)152, (byte)6, (byte)106,
+ (byte)231, (byte)70, (byte)113, (byte)186,
+ (byte)212, (byte)37, (byte)171, (byte)66,
+ (byte)136, (byte)162, (byte)141, (byte)250,
+ (byte)114, (byte)7, (byte)185, (byte)85,
+ (byte)248, (byte)238, (byte)172, (byte)10,
+ (byte)54, (byte)73, (byte)42, (byte)104,
+ (byte)60, (byte)56, (byte)241, (byte)164,
+ (byte)64, (byte)40, (byte)211, (byte)123,
+ (byte)187, (byte)201, (byte)67, (byte)193,
+ (byte)21, (byte)227, (byte)173, (byte)244,
+ (byte)119, (byte)199, (byte)128, (byte)158
+ };
+
+ public CamelliaKey(byte[] key, boolean isEncrypt) {
+ init(key, isEncrypt);
+ }
+
+ protected boolean is128() {
+ return keySize == 16;
+ }
+
+ private static int rightRotate(int x, int s) {
+ return (((x) >>> (s)) + ((x) << (32 - s)));
+ }
+
+ private static int leftRotate(int x, int s) {
+ return ((x) << (s)) + ((x) >>> (32 - s));
+ }
+
+ private static void roldq(int rot, int[] ki, int ioff,
+ int[] ko, int ooff) {
+ ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
+ ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
+ ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
+ ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
+ ki[0 + ioff] = ko[0 + ooff];
+ ki[1 + ioff] = ko[1 + ooff];
+ ki[2 + ioff] = ko[2 + ooff];
+ ki[3 + ioff] = ko[3 + ooff];
+ }
+
+ private static void decroldq(int rot, int[] ki, int ioff,
+ int[] ko, int ooff) {
+ ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
+ ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
+ ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
+ ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
+ ki[0 + ioff] = ko[2 + ooff];
+ ki[1 + ioff] = ko[3 + ooff];
+ ki[2 + ioff] = ko[0 + ooff];
+ ki[3 + ioff] = ko[1 + ooff];
+ }
+
+ private static void roldqo32(int rot, int[] ki, int ioff,
+ int[] ko, int ooff)
+ {
+ ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
+ ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
+ ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
+ ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
+ ki[0 + ioff] = ko[0 + ooff];
+ ki[1 + ioff] = ko[1 + ooff];
+ ki[2 + ioff] = ko[2 + ooff];
+ ki[3 + ioff] = ko[3 + ooff];
+ }
+
+ private static void decroldqo32(int rot, int[] ki, int ioff,
+ int[] ko, int ooff) {
+ ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
+ ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
+ ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
+ ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
+ ki[0 + ioff] = ko[2 + ooff];
+ ki[1 + ioff] = ko[3 + ooff];
+ ki[2 + ioff] = ko[0 + ooff];
+ ki[3 + ioff] = ko[1 + ooff];
+ }
+
+ private byte lRot8(byte v, int rot)
+ {
+ return (byte)((v << rot) | ((v & 0xff) >>> (8 - rot)));
+ }
+
+ private int sbox2(int x)
+ {
+ return (lRot8(SBOX1[x], 1) & 0xff);
+ }
+
+ private int sbox3(int x)
+ {
+ return (lRot8(SBOX1[x], 7) & 0xff);
+ }
+
+ private int sbox4(int x)
+ {
+ return (SBOX1[((int)lRot8((byte)x, 1) & 0xff)] & 0xff);
+ }
+
+ protected void fls(int[] s, int[] fkey, int keyoff) {
+ s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
+ s[0] ^= fkey[1 + keyoff] | s[1];
+
+ s[2] ^= fkey[3 + keyoff] | s[3];
+ s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
+ }
+
+ protected void f2(int[] s, int[] skey, int keyoff) {
+ int t1, t2, u, v;
+
+ t1 = s[0] ^ skey[0 + keyoff];
+ u = sbox4((t1 & 0xff));
+ u |= (sbox3(((t1 >>> 8) & 0xff)) << 8);
+ u |= (sbox2(((t1 >>> 16) & 0xff)) << 16);
+ u |= ((int)(SBOX1[((t1 >>> 24) & 0xff)] & 0xff) << 24);
+
+ t2 = s[1] ^ skey[1 + keyoff];
+ v = (int)SBOX1[(t2 & 0xff)] & 0xff;
+ v |= (sbox4(((t2 >>> 8) & 0xff)) << 8);
+ v |= (sbox3(((t2 >>> 16) & 0xff)) << 16);
+ v |= (sbox2(((t2 >>> 24) & 0xff)) << 24);
+
+ v = leftRotate(v, 8);
+ u ^= v;
+ v = leftRotate(v, 8) ^ u;
+ u = rightRotate(u, 8) ^ v;
+ s[2] ^= leftRotate(v, 16) ^ u;
+ s[3] ^= leftRotate(u, 8);
+
+ t1 = s[2] ^ skey[2 + keyoff];
+ u = sbox4((t1 & 0xff));
+ u |= sbox3(((t1 >>> 8) & 0xff)) << 8;
+ u |= sbox2(((t1 >>> 16) & 0xff)) << 16;
+ u |= ((int)SBOX1[((t1 >>> 24) & 0xff)] & 0xff) << 24;
+
+ t2 = s[3] ^ skey[3 + keyoff];
+ v = ((int)SBOX1[(t2 & 0xff)] & 0xff);
+ v |= sbox4(((t2 >>> 8) & 0xff)) << 8;
+ v |= sbox3(((t2 >>> 16) & 0xff)) << 16;
+ v |= sbox2(((t2 >>> 24) & 0xff)) << 24;
+
+ v = leftRotate(v, 8);
+ u ^= v;
+ v = leftRotate(v, 8) ^ u;
+ u = rightRotate(u, 8) ^ v;
+ s[0] ^= leftRotate(v, 16) ^ u;
+ s[1] ^= leftRotate(u, 8);
+ }
+
+ private void init(byte[] key, boolean isEncrypt) {
+ keySize = key.length;
+
+ int[] k = new int[8];
+ int[] ka = new int[4];
+ int[] kb = new int[4];
+ int[] t = new int[4];
+
+ switch (key.length) {
+ case 16:
+ k[0] = BytesUtil.bytes2int(key, 0, true);
+ k[1] = BytesUtil.bytes2int(key, 4, true);
+ k[2] = BytesUtil.bytes2int(key, 8, true);
+ k[3] = BytesUtil.bytes2int(key, 12, true);
+ k[4] = k[5] = k[6] = k[7] = 0;
+ break;
+ case 24:
+ k[0] = BytesUtil.bytes2int(key, 0, true);
+ k[1] = BytesUtil.bytes2int(key, 4, true);
+ k[2] = BytesUtil.bytes2int(key, 8, true);
+ k[3] = BytesUtil.bytes2int(key, 12, true);
+ k[4] = BytesUtil.bytes2int(key, 16, true);
+ k[5] = BytesUtil.bytes2int(key, 20, true);
+ k[6] = ~k[4];
+ k[7] = ~k[5];
+ break;
+ case 32:
+ k[0] = BytesUtil.bytes2int(key, 0, true);
+ k[1] = BytesUtil.bytes2int(key, 4, true);
+ k[2] = BytesUtil.bytes2int(key, 8, true);
+ k[3] = BytesUtil.bytes2int(key, 12, true);
+ k[4] = BytesUtil.bytes2int(key, 16, true);
+ k[5] = BytesUtil.bytes2int(key, 20, true);
+ k[6] = BytesUtil.bytes2int(key, 24, true);
+ k[7] = BytesUtil.bytes2int(key, 28, true);
+ break;
+ default:
+ throw new
+ IllegalArgumentException("Invalid key size, only support 16/24/32 bytes");
+ }
+
+ for (int i = 0; i < 4; i++) {
+ ka[i] = k[i] ^ k[i + 4];
+ }
+
+ /* compute KA */
+ f2(ka, SIGMA, 0);
+ for (int i = 0; i < 4; i++) {
+ ka[i] ^= k[i];
+ }
+ f2(ka, SIGMA, 4);
+
+ if (keySize == 16) {
+ if (isEncrypt) {
+ /* KL dependant keys */
+ kw[0] = k[0];
+ kw[1] = k[1];
+ kw[2] = k[2];
+ kw[3] = k[3];
+ roldq(15, k, 0, subkey, 4);
+ roldq(30, k, 0, subkey, 12);
+ roldq(15, k, 0, t, 0);
+ subkey[18] = t[2];
+ subkey[19] = t[3];
+ roldq(17, k, 0, ke, 4);
+ roldq(17, k, 0, subkey, 24);
+ roldq(17, k, 0, subkey, 32);
+ /* KA dependant keys */
+ subkey[0] = ka[0];
+ subkey[1] = ka[1];
+ subkey[2] = ka[2];
+ subkey[3] = ka[3];
+ roldq(15, ka, 0, subkey, 8);
+ roldq(15, ka, 0, ke, 0);
+ roldq(15, ka, 0, t, 0);
+ subkey[16] = t[0];
+ subkey[17] = t[1];
+ roldq(15, ka, 0, subkey, 20);
+ roldqo32(34, ka, 0, subkey, 28);
+ roldq(17, ka, 0, kw, 4);
+
+ } else { // decryption
+ /* KL dependant keys */
+ kw[4] = k[0];
+ kw[5] = k[1];
+ kw[6] = k[2];
+ kw[7] = k[3];
+ decroldq(15, k, 0, subkey, 28);
+ decroldq(30, k, 0, subkey, 20);
+ decroldq(15, k, 0, t, 0);
+ subkey[16] = t[0];
+ subkey[17] = t[1];
+ decroldq(17, k, 0, ke, 0);
+ decroldq(17, k, 0, subkey, 8);
+ decroldq(17, k, 0, subkey, 0);
+ /* KA dependant keys */
+ subkey[34] = ka[0];
+ subkey[35] = ka[1];
+ subkey[32] = ka[2];
+ subkey[33] = ka[3];
+ decroldq(15, ka, 0, subkey, 24);
+ decroldq(15, ka, 0, ke, 4);
+ decroldq(15, ka, 0, t, 0);
+ subkey[18] = t[2];
+ subkey[19] = t[3];
+ decroldq(15, ka, 0, subkey, 12);
+ decroldqo32(34, ka, 0, subkey, 4);
+ roldq(17, ka, 0, kw, 0);
+ }
+ } else { // 192bit or 256bit
+ /* compute KB */
+ for (int i = 0; i < 4; i++) {
+ kb[i] = ka[i] ^ k[i + 4];
+ }
+ f2(kb, SIGMA, 8);
+
+ if (isEncrypt) {
+ /* KL dependant keys */
+ kw[0] = k[0];
+ kw[1] = k[1];
+ kw[2] = k[2];
+ kw[3] = k[3];
+ roldqo32(45, k, 0, subkey, 16);
+ roldq(15, k, 0, ke, 4);
+ roldq(17, k, 0, subkey, 32);
+ roldqo32(34, k, 0, subkey, 44);
+ /* KR dependant keys */
+ roldq(15, k, 4, subkey, 4);
+ roldq(15, k, 4, ke, 0);
+ roldq(30, k, 4, subkey, 24);
+ roldqo32(34, k, 4, subkey, 36);
+ /* KA dependant keys */
+ roldq(15, ka, 0, subkey, 8);
+ roldq(30, ka, 0, subkey, 20);
+ /* 32bit rotation */
+ ke[8] = ka[1];
+ ke[9] = ka[2];
+ ke[10] = ka[3];
+ ke[11] = ka[0];
+ roldqo32(49, ka, 0, subkey, 40);
+
+ /* KB dependant keys */
+ subkey[0] = kb[0];
+ subkey[1] = kb[1];
+ subkey[2] = kb[2];
+ subkey[3] = kb[3];
+ roldq(30, kb, 0, subkey, 12);
+ roldq(30, kb, 0, subkey, 28);
+ roldqo32(51, kb, 0, kw, 4);
+
+ } else { // decryption
+ /* KL dependant keys */
+ kw[4] = k[0];
+ kw[5] = k[1];
+ kw[6] = k[2];
+ kw[7] = k[3];
+ decroldqo32(45, k, 0, subkey, 28);
+ decroldq(15, k, 0, ke, 4);
+ decroldq(17, k, 0, subkey, 12);
+ decroldqo32(34, k, 0, subkey, 0);
+ /* KR dependant keys */
+ decroldq(15, k, 4, subkey, 40);
+ decroldq(15, k, 4, ke, 8);
+ decroldq(30, k, 4, subkey, 20);
+ decroldqo32(34, k, 4, subkey, 8);
+ /* KA dependant keys */
+ decroldq(15, ka, 0, subkey, 36);
+ decroldq(30, ka, 0, subkey, 24);
+ /* 32bit rotation */
+ ke[2] = ka[1];
+ ke[3] = ka[2];
+ ke[0] = ka[3];
+ ke[1] = ka[0];
+ decroldqo32(49, ka, 0, subkey, 4);
+
+ /* KB dependant keys */
+ subkey[46] = kb[0];
+ subkey[47] = kb[1];
+ subkey[44] = kb[2];
+ subkey[45] = kb[3];
+ decroldq(30, kb, 0, subkey, 32);
+ decroldq(30, kb, 0, subkey, 16);
+ roldqo32(51, kb, 0, kw, 0);
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumHandler.java
new file mode 100644
index 0000000..2cad95b
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumHandler.java
@@ -0,0 +1,153 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.*;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+
+public class CheckSumHandler {
+
+ public static CheckSumTypeHandler getCheckSumHandler(String cksumType) throws KrbException {
+ CheckSumType eTypeEnum = CheckSumType.fromName(cksumType);
+ return getCheckSumHandler(eTypeEnum);
+ }
+
+ public static CheckSumTypeHandler getCheckSumHandler(int cksumType) throws KrbException {
+ CheckSumType eTypeEnum = CheckSumType.fromValue(cksumType);
+ return getCheckSumHandler(eTypeEnum);
+ }
+
+ public static boolean isImplemented(CheckSumType cksumType) throws KrbException {
+ return getCheckSumHandler(cksumType, true) != null;
+ }
+
+ public static CheckSumTypeHandler getCheckSumHandler(CheckSumType cksumType) throws KrbException {
+ return getCheckSumHandler(cksumType, false);
+ }
+
+ private static CheckSumTypeHandler getCheckSumHandler(CheckSumType cksumType, boolean check) throws KrbException {
+ CheckSumTypeHandler cksumHandler = null;
+ switch (cksumType) {
+ case CRC32:
+ cksumHandler = new Crc32CheckSum();
+ break;
+
+ case DES_MAC:
+ cksumHandler = new DesCbcCheckSum();
+ break;
+
+ case RSA_MD4:
+ cksumHandler = new RsaMd4CheckSum();
+ break;
+
+ case RSA_MD5:
+ cksumHandler = new RsaMd5CheckSum();
+ break;
+
+ case NIST_SHA:
+ cksumHandler = new Sha1CheckSum();
+ break;
+
+ case RSA_MD4_DES:
+ cksumHandler = new RsaMd4DesCheckSum();
+ break;
+
+ case RSA_MD5_DES:
+ cksumHandler = new RsaMd5DesCheckSum();
+ break;
+
+ case HMAC_SHA1_DES3:
+ case HMAC_SHA1_DES3_KD:
+ cksumHandler = new HmacSha1Des3CheckSum();
+ break;
+
+ case HMAC_SHA1_96_AES128:
+ cksumHandler = new HmacSha1Aes128CheckSum();
+ break;
+
+ case HMAC_SHA1_96_AES256:
+ cksumHandler = new HmacSha1Aes256CheckSum();
+ break;
+
+ case CMAC_CAMELLIA128:
+ cksumHandler = new CmacCamellia128CheckSum();
+ break;
+
+ case CMAC_CAMELLIA256:
+ cksumHandler = new CmacCamellia256CheckSum();
+ break;
+
+ case HMAC_MD5_ARCFOUR:
+ cksumHandler = new HmacMd5Rc4CheckSum();
+ break;
+
+ case MD5_HMAC_ARCFOUR:
+ cksumHandler = new Md5HmacRc4CheckSum();
+ break;
+
+ default:
+ break;
+ }
+
+ if (cksumHandler == null && ! check) {
+ String message = "Unsupported checksum type: " + cksumType.name();
+ throw new KrbException(KrbErrorCode.KDC_ERR_SUMTYPE_NOSUPP, message);
+ }
+
+ return cksumHandler;
+ }
+
+ public static CheckSum checksum(CheckSumType checkSumType, byte[] bytes) throws KrbException {
+ CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
+ byte[] checksumBytes = handler.checksum(bytes);
+ CheckSum checkSum = new CheckSum();
+ checkSum.setCksumtype(checkSumType);
+ checkSum.setChecksum(checksumBytes);
+ return checkSum;
+ }
+
+ public static boolean verify(CheckSum checkSum, byte[] bytes) throws KrbException {
+ CheckSumType checkSumType = checkSum.getCksumtype();
+ CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
+ return handler.verify(bytes, checkSum.getChecksum());
+ }
+
+ public static CheckSum checksumWithKey(CheckSumType checkSumType,
+ byte[] bytes, byte[] key, KeyUsage usage) throws KrbException {
+ CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
+ byte[] checksumBytes = handler.checksumWithKey(bytes, key, usage.getValue());
+ CheckSum checkSum = new CheckSum();
+ checkSum.setCksumtype(checkSumType);
+ checkSum.setChecksum(checksumBytes);
+ return checkSum;
+ }
+
+ public static boolean verifyWithKey(CheckSum checkSum, byte[] bytes,
+ byte[] key, KeyUsage usage) throws KrbException {
+ CheckSumType checkSumType = checkSum.getCksumtype();
+ CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
+ return handler.verifyWithKey(bytes, key,
+ usage.getValue(), checkSum.getChecksum());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTypeHandler.java
new file mode 100644
index 0000000..2eff5a1
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTypeHandler.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public interface CheckSumTypeHandler extends CryptoTypeHandler {
+
+ public int confounderSize();
+
+ public CheckSumType cksumType();
+
+ public int computeSize(); // allocation size for checksum computation
+
+ public int outputSize(); // possibly truncated output size
+
+ public boolean isSafe();
+
+ public int cksumSize();
+
+ public int keySize();
+
+ public byte[] checksum(byte[] data) throws KrbException;
+
+ public byte[] checksum(byte[] data, int start, int len) throws KrbException;
+
+ public boolean verify(byte[] data, byte[] checksum) throws KrbException;
+
+ public boolean verify(byte[] data, int start, int len, byte[] checksum) throws KrbException;
+
+ public byte[] checksumWithKey(byte[] data,
+ byte[] key, int usage) throws KrbException;
+
+ public byte[] checksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException;
+
+ public boolean verifyWithKey(byte[] data,
+ byte[] key, int usage, byte[] checksum) throws KrbException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Cmac.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Cmac.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Cmac.java
new file mode 100644
index 0000000..23314da
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Cmac.java
@@ -0,0 +1,178 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.util.Arrays;
+
+/**
+ * Based on MIT krb5 cmac.c
+ */
+public class Cmac {
+
+ private static byte[] constRb = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, (byte) 0x87
+ };
+
+ public static byte[] cmac(EncryptProvider encProvider, byte[] key,
+ byte[] data, int outputSize) throws KrbException {
+ return cmac(encProvider, key, data, 0, data.length, outputSize);
+ }
+
+ public static byte[] cmac(EncryptProvider encProvider, byte[] key, byte[] data,
+ int start, int len, int outputSize) throws KrbException {
+ byte[] hash = Cmac.cmac(encProvider, key, data, start, len);
+ if (hash.length > outputSize) {
+ byte[] output = new byte[outputSize];
+ System.arraycopy(hash, 0, output, 0, outputSize);
+ return output;
+ } else {
+ return hash;
+ }
+ }
+
+ public static byte[] cmac(EncryptProvider encProvider,
+ byte[] key, byte[] data) throws KrbException {
+ return cmac(encProvider, key, data, 0, data.length);
+ }
+
+ public static byte[] cmac(EncryptProvider encProvider,
+ byte[] key, byte[] data, int start, int len) throws KrbException {
+
+ int blockSize = encProvider.blockSize();
+
+ byte[] Y = new byte[blockSize];
+ byte[] mLast = new byte[blockSize];
+ byte[] padded = new byte[blockSize];
+ byte[] K1 = new byte[blockSize];
+ byte[] K2 = new byte[blockSize];
+
+ // step 1
+ makeSubkey(encProvider, key, K1, K2);
+
+ // step 2
+ int n = (len + blockSize - 1) / blockSize;
+
+ // step 3
+ boolean lastIsComplete;
+ if (n == 0) {
+ n = 1;
+ lastIsComplete = false;
+ } else {
+ lastIsComplete = ((len % blockSize) == 0);
+ }
+
+ // Step 6 (all but last block)
+ byte[] cipherState = new byte[blockSize];
+ byte[] cipher = new byte[blockSize];
+ for (int i = 0; i < n - 1; i++) {
+ System.arraycopy(data, i * blockSize, cipher, 0, blockSize);
+ encryptBlock(encProvider, key, cipherState, cipher);
+ System.arraycopy(cipher, 0, cipherState, 0, blockSize);
+ }
+
+ // step 5
+ System.arraycopy(cipher, 0, Y, 0, blockSize);
+
+ // step 4
+ int lastPos = (n - 1) * blockSize;
+ int lastLen = lastIsComplete ? blockSize : len % blockSize;
+ byte[] lastBlock = new byte[lastLen];
+ System.arraycopy(data, lastPos, lastBlock, 0, lastLen);
+ if (lastIsComplete) {
+ BytesUtil.xor(lastBlock, K1, mLast);
+ } else {
+ padding(lastBlock, padded);
+ BytesUtil.xor(padded, K2, mLast);
+ }
+
+ // Step 6 (last block)
+ encryptBlock(encProvider, key, cipherState, mLast);
+
+ return mLast;
+ }
+
+ // Generate subkeys K1 and K2 as described in RFC 4493 figure 2.2.
+ private static void makeSubkey(EncryptProvider encProvider,
+ byte[] key, byte[] K1, byte[] K2) throws KrbException {
+
+ // L := encrypt(K, const_Zero)
+ byte[] L = new byte[K1.length];
+ Arrays.fill(L, (byte) 0);
+ encryptBlock(encProvider, key, null, L);
+
+ // K1 := (MSB(L) == 0) ? L << 1 : (L << 1) XOR const_Rb
+ if ((L[0] & 0x80) == 0) {
+ leftShiftByOne(L, K1);
+ } else {
+ byte[] tmp = new byte[K1.length];
+ leftShiftByOne(L, tmp);
+ BytesUtil.xor(tmp, constRb, K1);
+ }
+
+ // K2 := (MSB(K1) == 0) ? K1 << 1 : (K1 << 1) XOR const_Rb
+ if ((K1[0] & 0x80) == 0) {
+ leftShiftByOne(K1, K2);
+ } else {
+ byte[] tmp = new byte[K1.length];
+ leftShiftByOne(K1, tmp);
+ BytesUtil.xor(tmp, constRb, K2);
+ }
+ }
+
+ private static void encryptBlock(EncryptProvider encProvider,
+ byte[] key, byte[] cipherState, byte[] block) throws KrbException {
+ if (cipherState == null) {
+ cipherState = new byte[encProvider.blockSize()];
+ }
+ if (encProvider.supportCbcMac()) {
+ encProvider.cbcMac(key, cipherState, block);
+ } else {
+ encProvider.encrypt(key, cipherState, block);
+ }
+ }
+
+ private static void leftShiftByOne(byte[] input, byte[] output) {
+ byte overflow = 0;
+
+ for (int i = input.length - 1; i >= 0; i--) {
+ output[i] = (byte) (input[i] << 1);
+ output[i] |= overflow;
+ overflow = (byte) ((input[i] & 0x80) != 0 ? 1 : 0);
+ }
+ }
+
+ // Padding out data with a 1 bit followed by 0 bits, placing the result in pad
+ private static void padding(byte[] data, byte[] padded) {
+ int len = data.length;
+
+ // original last block
+ System.arraycopy(data, 0, padded, 0, len);
+
+ padded[len] = (byte) 0x80;
+
+ for (int i = len + 1; i < padded.length; i++) {
+ padded[i] = 0x00;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Confounder.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Confounder.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Confounder.java
new file mode 100644
index 0000000..79f5848
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Confounder.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import java.security.SecureRandom;
+
+public final class Confounder {
+
+ private static SecureRandom srand = new SecureRandom();
+
+ public static byte[] makeBytes(int size) {
+ byte[] data = new byte[size];
+ srand.nextBytes(data);
+ return data;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Crc32.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Crc32.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Crc32.java
new file mode 100644
index 0000000..59feee8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Crc32.java
@@ -0,0 +1,78 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+/**
+ * Reference: http://introcs.cs.princeton.edu/java/51data/CRC32.java
+ */
+public class Crc32 {
+
+ private static long[] table = {
+ 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3,
+ 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91,
+ 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+ 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5,
+ 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
+ 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+ 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f,
+ 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,
+ 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+ 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
+ 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457,
+ 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+ 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb,
+ 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9,
+ 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+ 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad,
+ 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683,
+ 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+ 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7,
+ 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
+ 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+ 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79,
+ 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f,
+ 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+ 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
+ 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21,
+ 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+ 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45,
+ 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db,
+ 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+ 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
+ 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d,
+ };
+
+ public static byte[] crc(byte[] data, int start, int size) {
+ long c = crc(0, data, start, size);
+ return BytesUtil.int2bytes((int) c, false);
+ }
+
+ public static long crc(long initial, byte[] data, int start, int len) {
+ long c = initial;
+
+ int idx;
+ for (int i = 0; i < len; i++) {
+ idx = (int) ((data[start + i] ^ c) & 0xff);
+ c = ((c & 0xffffffffL) >>> 8) ^ table[idx]; // why?
+ }
+
+ return c;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CryptoTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CryptoTypeHandler.java
new file mode 100644
index 0000000..23c3097
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/CryptoTypeHandler.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+
+public interface CryptoTypeHandler {
+
+ public String name();
+
+ public String displayName();
+
+ public EncryptProvider encProvider();
+
+ public HashProvider hashProvider();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Des.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Des.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Des.java
new file mode 100644
index 0000000..db3e637
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Des.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+/**
+ * Based on MIT krb5 weak_key.c
+ */
+public class Des {
+
+ /*
+ * The following are the weak DES keys:
+ */
+ static byte[][] WEAK_KEYS = {
+ /* weak keys */
+ {(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01},
+ {(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe},
+ {(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e},
+ {(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1},
+
+ /* semi-weak */
+ {(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe},
+ {(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01},
+
+ {(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1},
+ {(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e},
+
+ {(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1},
+ {(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1,(byte) 0x01},
+
+ {(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe},
+ {(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e},
+
+ {(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e},
+ {(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e,(byte) 0x01},
+
+ {(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe},
+ {(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1}
+ };
+
+ public static boolean isWeakKey(byte[] key, int offset, int len) {
+ boolean match;
+ for (byte[] weakKey : WEAK_KEYS) {
+ match = true;
+ if (weakKey.length == len) {
+ for (int i = 0; i < len; i++) {
+ if (weakKey[i] != key[i]) {
+ match = false;
+ break;
+ }
+ }
+ }
+ if (match) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * MIT krb5 FIXUP(k) in s2k_des.c
+ */
+ public static void fixKey(byte[] key, int offset, int len) {
+ if (isWeakKey(key, offset, len)) {
+ key[offset + 7] ^= (byte) 0xf0;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncTypeHandler.java
new file mode 100644
index 0000000..de0e78e
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncTypeHandler.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public interface EncTypeHandler extends CryptoTypeHandler {
+
+ public EncryptionType eType();
+
+ public int keyInputSize();
+
+ public int keySize();
+
+ public int confounderSize();
+
+ public int checksumSize();
+
+ public int paddingSize();
+
+ public byte[] str2key(String string,
+ String salt, byte[] param) throws KrbException;
+
+ public byte[] random2Key(byte[] randomBits) throws KrbException;
+
+ public CheckSumType checksumType();
+
+ public byte[] encrypt(byte[] data, byte[] key, int usage)
+ throws KrbException;
+
+ public byte[] encrypt(byte[] data, byte[] key, byte[] ivec,
+ int usage) throws KrbException;
+
+ public byte[] decrypt(byte[] cipher, byte[] key, int usage)
+ throws KrbException;
+
+ public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec,
+ int usage) throws KrbException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncryptionHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncryptionHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncryptionHandler.java
new file mode 100644
index 0000000..ac0f6be
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/EncryptionHandler.java
@@ -0,0 +1,174 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.crypto.enc.*;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+
+public class EncryptionHandler {
+
+ public static EncryptionType getEncryptionType(String eType) throws KrbException {
+ EncryptionType result = EncryptionType.fromName(eType);
+ return result;
+ }
+
+ public static EncTypeHandler getEncHandler(String eType) throws KrbException {
+ EncryptionType result = EncryptionType.fromName(eType);
+ return getEncHandler(result);
+ }
+
+ public static EncTypeHandler getEncHandler(int eType) throws KrbException {
+ EncryptionType eTypeEnum = EncryptionType.fromValue(eType);
+ return getEncHandler(eTypeEnum);
+ }
+
+ public static EncTypeHandler getEncHandler(EncryptionType eType) throws KrbException {
+ return getEncHandler(eType, false);
+ }
+
+ private static EncTypeHandler getEncHandler(EncryptionType eType, boolean check) throws KrbException {
+ EncTypeHandler encHandler = null;
+
+ switch (eType) {
+ case DES_CBC_CRC:
+ encHandler = new DesCbcCrcEnc();
+ break;
+
+ case DES_CBC_MD5:
+ case DES:
+ encHandler = new DesCbcMd5Enc();
+ break;
+
+ case DES_CBC_MD4:
+ encHandler = new DesCbcMd4Enc();
+ break;
+
+ case DES3_CBC_SHA1:
+ case DES3_CBC_SHA1_KD:
+ case DES3_HMAC_SHA1:
+ encHandler = new Des3CbcSha1Enc();
+ break;
+
+ case AES128_CTS_HMAC_SHA1_96:
+ case AES128_CTS:
+ encHandler = new Aes128CtsHmacSha1Enc();
+ break;
+
+ case AES256_CTS_HMAC_SHA1_96:
+ case AES256_CTS:
+ encHandler = new Aes256CtsHmacSha1Enc();
+ break;
+
+ case CAMELLIA128_CTS_CMAC:
+ case CAMELLIA128_CTS:
+ encHandler = new Camellia128CtsCmacEnc();
+ break;
+
+ case CAMELLIA256_CTS_CMAC:
+ case CAMELLIA256_CTS:
+ encHandler = new Camellia256CtsCmacEnc();
+ break;
+
+ case RC4_HMAC:
+ case ARCFOUR_HMAC:
+ case ARCFOUR_HMAC_MD5:
+ encHandler = new Rc4HmacEnc();
+ break;
+
+ case RC4_HMAC_EXP:
+ case ARCFOUR_HMAC_EXP:
+ case ARCFOUR_HMAC_MD5_EXP:
+ encHandler = new Rc4HmacExpEnc();
+ break;
+
+ case NONE:
+ default:
+ break;
+ }
+
+ if (encHandler == null && ! check) {
+ String message = "Unsupported encryption type: " + eType.name();
+ throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP, message);
+ }
+
+ return encHandler;
+ }
+
+ public static EncryptedData encrypt(byte[] plainText, EncryptionKey key, KeyUsage usage) throws KrbException {
+ EncTypeHandler handler = getEncHandler(key.getKeyType());
+ byte[] cipher = handler.encrypt(plainText, key.getKeyData(), usage.getValue());
+
+ EncryptedData ed = new EncryptedData();
+ ed.setCipher(cipher);
+ ed.setEType(key.getKeyType());
+ ed.setKvno(key.getKvno());
+
+ return ed;
+ }
+
+ public static byte[] decrypt(byte[] data, EncryptionKey key, KeyUsage usage) throws KrbException {
+ EncTypeHandler handler = getEncHandler(key.getKeyType());
+
+ byte[] plainData = handler.decrypt(data, key.getKeyData(), usage.getValue());
+ return plainData;
+ }
+
+ public static byte[] decrypt(EncryptedData data, EncryptionKey key, KeyUsage usage) throws KrbException {
+ EncTypeHandler handler = getEncHandler(key.getKeyType());
+
+ byte[] plainData = handler.decrypt(data.getCipher(), key.getKeyData(), usage.getValue());
+ return plainData;
+ }
+
+ public static boolean isImplemented(EncryptionType eType) {
+ EncTypeHandler handler = null;
+ try {
+ handler = getEncHandler(eType, true);
+ } catch (KrbException e) {
+ return false;
+ }
+ return handler != null;
+ }
+
+ public static EncryptionKey string2Key(String principalName,
+ String passPhrase, EncryptionType eType) throws KrbException {
+ PrincipalName principal = new PrincipalName(principalName);
+ return string2Key(passPhrase,
+ PrincipalName.makeSalt(principal), null, eType);
+ }
+
+ public static EncryptionKey string2Key(String string, String salt,
+ byte[] s2kparams, EncryptionType eType) throws KrbException {
+ EncTypeHandler handler = getEncHandler(eType);
+ byte[] keyBytes = handler.str2key(string, salt, s2kparams);
+ return new EncryptionKey(eType, keyBytes);
+ }
+
+ public static EncryptionKey random2Key(EncryptionType eType) throws KrbException {
+ EncTypeHandler handler = getEncHandler(eType);
+
+ byte[] randomBytes = Random.makeBytes(handler.keyInputSize());
+ byte[] keyBytes = handler.random2Key(randomBytes);
+ EncryptionKey encKey = new EncryptionKey(eType, keyBytes);
+ return encKey;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Hmac.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Hmac.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Hmac.java
new file mode 100644
index 0000000..e7a7614
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Hmac.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.util.Arrays;
+
+/**
+ * Based on MIT krb5 hmac.c
+ */
+public class Hmac {
+
+ public static byte[] hmac(HashProvider hashProvider, byte[] key,
+ byte[] data, int outputSize) throws KrbException {
+ return hmac(hashProvider, key, data, 0, data.length, outputSize);
+ }
+
+ public static byte[] hmac(HashProvider hashProvider, byte[] key, byte[] data,
+ int start, int len, int outputSize) throws KrbException {
+ byte[] hash = Hmac.hmac(hashProvider, key, data, start, len);
+
+ byte[] output = new byte[outputSize];
+ System.arraycopy(hash, 0, output, 0, outputSize);
+ return output;
+ }
+
+ public static byte[] hmac(HashProvider hashProvider,
+ byte[] key, byte[] data) throws KrbException {
+ return hmac(hashProvider, key, data, 0, data.length);
+ }
+
+ public static byte[] hmac(HashProvider hashProvider,
+ byte[] key, byte[] data, int start, int len) throws KrbException {
+
+ int blockLen = hashProvider.blockSize();
+ byte[] innerPaddedKey = new byte[blockLen];
+ byte[] outerPaddedKey = new byte[blockLen];
+
+ // Create the inner padded key
+ Arrays.fill(innerPaddedKey, (byte)0x36);
+ for (int i = 0; i < key.length; i++) {
+ innerPaddedKey[i] ^= key[i];
+ }
+
+ // Create the outer padded key
+ Arrays.fill(outerPaddedKey, (byte)0x5c);
+ for (int i = 0; i < key.length; i++) {
+ outerPaddedKey[i] ^= key[i];
+ }
+
+ hashProvider.hash(innerPaddedKey);
+
+ hashProvider.hash(data, start, len);
+
+ byte[] tmp = hashProvider.output();
+
+ hashProvider.hash(outerPaddedKey);
+ hashProvider.hash(tmp);
+
+ tmp = hashProvider.output();
+ return tmp;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Md4.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Md4.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Md4.java
new file mode 100644
index 0000000..4a4f1a0
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Md4.java
@@ -0,0 +1,338 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import java.security.DigestException;
+import java.security.MessageDigest;
+
+/**
+ * MD4.java - An implementation of Ron Rivest's MD4 message digest algorithm.
+ * The MD4 algorithm is designed to be quite fast on 32-bit machines. In
+ * addition, the MD4 algorithm does not require any large substitution
+ * tables.
+ *
+ * @see The <a href="http://www.ietf.org/rfc/rfc1320.txt">MD4</a> Message-
+ * Digest Algorithm by R. Rivest.
+ *
+ * @author <a href="http://mina.apache.org">Apache MINA Project</a>
+ * @since MINA 2.0.0-M3
+ */
+
+/**
+ * Copied from Mina project and modified a bit
+ */
+public class Md4 extends MessageDigest {
+
+ /**
+ * The MD4 algorithm message digest length is 16 bytes wide.
+ */
+ public static final int BYTE_DIGEST_LENGTH = 16;
+
+ /**
+ * The MD4 algorithm block length is 64 bytes wide.
+ */
+ public static final int BYTE_BLOCK_LENGTH = 64;
+
+ /**
+ * The initial values of the four registers. RFC gives the values
+ * in LE so we converted it as JAVA uses BE endianness.
+ */
+ private final static int A = 0x67452301;
+
+ private final static int B = 0xefcdab89;
+
+ private final static int C = 0x98badcfe;
+
+ private final static int D = 0x10325476;
+
+ /**
+ * The four registers initialized with the above IVs.
+ */
+ private int a = A;
+
+ private int b = B;
+
+ private int c = C;
+
+ private int d = D;
+
+ /**
+ * Counts the total length of the data being digested.
+ */
+ private long msgLength;
+
+ /**
+ * The internal buffer is {@link BLOCK_LENGTH} wide.
+ */
+ private final byte[] buffer = new byte[BYTE_BLOCK_LENGTH];
+
+ /**
+ * Default constructor.
+ */
+ public Md4() {
+ super("MD4");
+ engineReset();
+ }
+
+ /**
+ * Returns the digest length in bytes.
+ *
+ * @return the digest length in bytes.
+ */
+ protected int engineGetDigestLength() {
+ return BYTE_DIGEST_LENGTH;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ protected void engineUpdate(byte b) {
+ int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
+ buffer[pos] = b;
+ msgLength++;
+
+ // If buffer contains enough data then process it.
+ if (pos == (BYTE_BLOCK_LENGTH - 1)) {
+ process(buffer, 0);
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ protected void engineUpdate(byte[] b, int offset, int len) {
+ int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
+ int nbOfCharsToFillBuf = BYTE_BLOCK_LENGTH - pos;
+ int blkStart = 0;
+
+ msgLength += len;
+
+ // Process each full block
+ if (len >= nbOfCharsToFillBuf) {
+ System.arraycopy(b, offset, buffer, pos, nbOfCharsToFillBuf);
+ process(buffer, 0);
+ for (blkStart = nbOfCharsToFillBuf; blkStart + BYTE_BLOCK_LENGTH - 1 < len; blkStart += BYTE_BLOCK_LENGTH) {
+ process(b, offset + blkStart);
+ }
+ pos = 0;
+ }
+
+ // Fill buffer with the remaining data
+ if (blkStart < len) {
+ System.arraycopy(b, offset + blkStart, buffer, pos, len - blkStart);
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ protected byte[] engineDigest() {
+ byte[] p = pad();
+ engineUpdate(p, 0, p.length);
+ byte[] digest = { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16), (byte) (a >>> 24), (byte) b, (byte) (b >>> 8),
+ (byte) (b >>> 16), (byte) (b >>> 24), (byte) c, (byte) (c >>> 8), (byte) (c >>> 16), (byte) (c >>> 24),
+ (byte) d, (byte) (d >>> 8), (byte) (d >>> 16), (byte) (d >>> 24) };
+
+ engineReset();
+
+ return digest;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ protected int engineDigest(byte[] buf, int offset, int len) throws DigestException {
+ if (offset < 0 || offset + len >= buf.length) {
+ throw new DigestException("Wrong offset or not enough space to store the digest");
+ }
+ int destLength = Math.min(len, BYTE_DIGEST_LENGTH);
+ System.arraycopy(engineDigest(), 0, buf, offset, destLength);
+ return destLength;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ protected void engineReset() {
+ a = A;
+ b = B;
+ c = C;
+ d = D;
+ msgLength = 0;
+ }
+
+ /**
+ * Pads the buffer by appending the byte 0x80, then append as many zero
+ * bytes as necessary to make the buffer length a multiple of 64 bytes.
+ * The last 8 bytes will be filled with the length of the buffer in bits.
+ * If there's no room to store the length in bits in the block i.e the block
+ * is larger than 56 bytes then an additionnal 64-bytes block is appended.
+ *
+ * @see sections 3.1 & 3.2 of the RFC 1320.
+ *
+ * @return the pad byte array
+ */
+ private byte[] pad() {
+ int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
+ int padLength = (pos < 56) ? (64 - pos) : (128 - pos);
+ byte[] pad = new byte[padLength];
+
+ // First bit of the padding set to 1
+ pad[0] = (byte) 0x80;
+
+ long bits = msgLength << 3;
+ int index = padLength - 8;
+ for (int i = 0; i < 8; i++) {
+ pad[index++] = (byte) (bits >>> (i << 3));
+ }
+
+ return pad;
+ }
+
+ /**
+ * Process one 64-byte block. Algorithm is constituted by three rounds.
+ * Note that F, G and H functions were inlined for improved performance.
+ *
+ * @param in the byte array to process
+ * @param offset the offset at which the 64-byte block is stored
+ */
+ private void process(byte[] in, int offset) {
+ // Save previous state.
+ int aa = a;
+ int bb = b;
+ int cc = c;
+ int dd = d;
+
+ // Copy the block to process into X array
+ int[] X = new int[16];
+ for (int i = 0; i < 16; i++) {
+ X[i] = (in[offset++] & 0xff) | (in[offset++] & 0xff) << 8 | (in[offset++] & 0xff) << 16
+ | (in[offset++] & 0xff) << 24;
+ }
+
+ // Round 1
+ a += ((b & c) | (~b & d)) + X[0];
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & b) | (~a & c)) + X[1];
+ d = d << 7 | d >>> (32 - 7);
+ c += ((d & a) | (~d & b)) + X[2];
+ c = c << 11 | c >>> (32 - 11);
+ b += ((c & d) | (~c & a)) + X[3];
+ b = b << 19 | b >>> (32 - 19);
+ a += ((b & c) | (~b & d)) + X[4];
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & b) | (~a & c)) + X[5];
+ d = d << 7 | d >>> (32 - 7);
+ c += ((d & a) | (~d & b)) + X[6];
+ c = c << 11 | c >>> (32 - 11);
+ b += ((c & d) | (~c & a)) + X[7];
+ b = b << 19 | b >>> (32 - 19);
+ a += ((b & c) | (~b & d)) + X[8];
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & b) | (~a & c)) + X[9];
+ d = d << 7 | d >>> (32 - 7);
+ c += ((d & a) | (~d & b)) + X[10];
+ c = c << 11 | c >>> (32 - 11);
+ b += ((c & d) | (~c & a)) + X[11];
+ b = b << 19 | b >>> (32 - 19);
+ a += ((b & c) | (~b & d)) + X[12];
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & b) | (~a & c)) + X[13];
+ d = d << 7 | d >>> (32 - 7);
+ c += ((d & a) | (~d & b)) + X[14];
+ c = c << 11 | c >>> (32 - 11);
+ b += ((c & d) | (~c & a)) + X[15];
+ b = b << 19 | b >>> (32 - 19);
+
+ // Round 2
+ a += ((b & (c | d)) | (c & d)) + X[0] + 0x5a827999;
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & (b | c)) | (b & c)) + X[4] + 0x5a827999;
+ d = d << 5 | d >>> (32 - 5);
+ c += ((d & (a | b)) | (a & b)) + X[8] + 0x5a827999;
+ c = c << 9 | c >>> (32 - 9);
+ b += ((c & (d | a)) | (d & a)) + X[12] + 0x5a827999;
+ b = b << 13 | b >>> (32 - 13);
+ a += ((b & (c | d)) | (c & d)) + X[1] + 0x5a827999;
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & (b | c)) | (b & c)) + X[5] + 0x5a827999;
+ d = d << 5 | d >>> (32 - 5);
+ c += ((d & (a | b)) | (a & b)) + X[9] + 0x5a827999;
+ c = c << 9 | c >>> (32 - 9);
+ b += ((c & (d | a)) | (d & a)) + X[13] + 0x5a827999;
+ b = b << 13 | b >>> (32 - 13);
+ a += ((b & (c | d)) | (c & d)) + X[2] + 0x5a827999;
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & (b | c)) | (b & c)) + X[6] + 0x5a827999;
+ d = d << 5 | d >>> (32 - 5);
+ c += ((d & (a | b)) | (a & b)) + X[10] + 0x5a827999;
+ c = c << 9 | c >>> (32 - 9);
+ b += ((c & (d | a)) | (d & a)) + X[14] + 0x5a827999;
+ b = b << 13 | b >>> (32 - 13);
+ a += ((b & (c | d)) | (c & d)) + X[3] + 0x5a827999;
+ a = a << 3 | a >>> (32 - 3);
+ d += ((a & (b | c)) | (b & c)) + X[7] + 0x5a827999;
+ d = d << 5 | d >>> (32 - 5);
+ c += ((d & (a | b)) | (a & b)) + X[11] + 0x5a827999;
+ c = c << 9 | c >>> (32 - 9);
+ b += ((c & (d | a)) | (d & a)) + X[15] + 0x5a827999;
+ b = b << 13 | b >>> (32 - 13);
+
+ // Round 3
+ a += (b ^ c ^ d) + X[0] + 0x6ed9eba1;
+ a = a << 3 | a >>> (32 - 3);
+ d += (a ^ b ^ c) + X[8] + 0x6ed9eba1;
+ d = d << 9 | d >>> (32 - 9);
+ c += (d ^ a ^ b) + X[4] + 0x6ed9eba1;
+ c = c << 11 | c >>> (32 - 11);
+ b += (c ^ d ^ a) + X[12] + 0x6ed9eba1;
+ b = b << 15 | b >>> (32 - 15);
+ a += (b ^ c ^ d) + X[2] + 0x6ed9eba1;
+ a = a << 3 | a >>> (32 - 3);
+ d += (a ^ b ^ c) + X[10] + 0x6ed9eba1;
+ d = d << 9 | d >>> (32 - 9);
+ c += (d ^ a ^ b) + X[6] + 0x6ed9eba1;
+ c = c << 11 | c >>> (32 - 11);
+ b += (c ^ d ^ a) + X[14] + 0x6ed9eba1;
+ b = b << 15 | b >>> (32 - 15);
+ a += (b ^ c ^ d) + X[1] + 0x6ed9eba1;
+ a = a << 3 | a >>> (32 - 3);
+ d += (a ^ b ^ c) + X[9] + 0x6ed9eba1;
+ d = d << 9 | d >>> (32 - 9);
+ c += (d ^ a ^ b) + X[5] + 0x6ed9eba1;
+ c = c << 11 | c >>> (32 - 11);
+ b += (c ^ d ^ a) + X[13] + 0x6ed9eba1;
+ b = b << 15 | b >>> (32 - 15);
+ a += (b ^ c ^ d) + X[3] + 0x6ed9eba1;
+ a = a << 3 | a >>> (32 - 3);
+ d += (a ^ b ^ c) + X[11] + 0x6ed9eba1;
+ d = d << 9 | d >>> (32 - 9);
+ c += (d ^ a ^ b) + X[7] + 0x6ed9eba1;
+ c = c << 11 | c >>> (32 - 11);
+ b += (c ^ d ^ a) + X[15] + 0x6ed9eba1;
+ b = b << 15 | b >>> (32 - 15);
+
+ //Update state.
+ a += aa;
+ b += bb;
+ c += cc;
+ d += dd;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nfold.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nfold.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nfold.java
new file mode 100644
index 0000000..9c98fcc
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nfold.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import java.util.Arrays;
+
+/**
+ * Based on MIT krb5 nfold.c
+ */
+
+/*
+ * n-fold(k-bits):
+ * l = lcm(n,k)
+ * r = l/k
+ * s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1)
+ * compute the 1's complement sum:
+ * n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1]
+ */
+public class Nfold {
+
+ /**
+ * representation: msb first, assume n and k are multiples of 8, and
+ * that k>=16. this is the case of all the cryptosystems which are
+ * likely to be used. this function can be replaced if that
+ * assumption ever fails.
+ */
+ public static byte[] nfold(byte[] inBytes, int size) {
+ int inBytesNum = inBytes.length; // count inBytes byte
+ int outBytesNum = size; // count inBytes byte
+
+ int a, b, c, lcm;
+ a = outBytesNum;
+ b = inBytesNum;
+
+ while (b != 0) {
+ c = b;
+ b = a % b;
+ a = c;
+ }
+ lcm = (outBytesNum * inBytesNum) / a;
+
+ byte[] outBytes = new byte[outBytesNum];
+ Arrays.fill(outBytes, (byte)0);
+
+ int tmpByte = 0;
+ int msbit, i, tmp;
+
+ for (i = lcm-1; i >= 0; i--) {
+ // first, start with the msbit inBytes the first, unrotated byte
+ tmp = ((inBytesNum<<3)-1);
+ // then, for each byte, shift to the right for each repetition
+ tmp += (((inBytesNum<<3)+13)*(i/inBytesNum));
+ // last, pick outBytes the correct byte within that shifted repetition
+ tmp += ((inBytesNum-(i%inBytesNum)) << 3);
+
+ msbit = tmp % (inBytesNum << 3);
+
+ // pull outBytes the byte value itself
+ tmp = ((((inBytes[((inBytesNum - 1)-(msbit >>> 3)) % inBytesNum] & 0xff) << 8) |
+ (inBytes[((inBytesNum) - (msbit >>> 3)) % inBytesNum] & 0xff))
+ >>>((msbit & 7)+1)) & 0xff;
+
+ tmpByte += tmp;
+ tmp = (outBytes[i % outBytesNum] & 0xff);
+ tmpByte += tmp;
+
+ outBytes[i % outBytesNum] = (byte) (tmpByte & 0xff);
+
+ tmpByte >>>= 8;
+ }
+
+ // if there's a carry bit left over, add it back inBytes
+ if (tmpByte != 0) {
+ for (i = outBytesNum-1; i >= 0; i--) {
+ // do the addition
+ tmpByte += (outBytes[i] & 0xff);
+ outBytes[i] = (byte) (tmpByte & 0xff);
+
+ tmpByte >>>= 8;
+ }
+ }
+
+ return outBytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nonce.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nonce.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nonce.java
new file mode 100644
index 0000000..0f22f97
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Nonce.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import java.security.SecureRandom;
+
+public class Nonce {
+
+ private static SecureRandom srand = new SecureRandom();
+
+ public static synchronized int value() {
+ int value = srand.nextInt();
+ return value & 0x7fffffff;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Pbkdf.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Pbkdf.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Pbkdf.java
new file mode 100644
index 0000000..989772b
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Pbkdf.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import java.security.GeneralSecurityException;
+
+public class Pbkdf {
+
+ public static byte[] PBKDF2(char[] secret, byte[] salt,
+ int count, int keySize) throws GeneralSecurityException {
+
+ PBEKeySpec ks = new PBEKeySpec(secret, salt, count, keySize * 8);
+ SecretKeyFactory skf =
+ SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+ SecretKey key = skf.generateSecret(ks);
+ byte[] result = key.getEncoded();
+
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Random.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Random.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Random.java
new file mode 100644
index 0000000..cd6bf71
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Random.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import java.security.SecureRandom;
+
+public final class Random {
+
+ private static SecureRandom srand = new SecureRandom();
+
+ public static byte[] makeBytes(int size) {
+ byte[] data = new byte[size];
+ srand.nextBytes(data);
+ return data;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Rc4.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Rc4.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Rc4.java
new file mode 100644
index 0000000..b45c4eb
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/Rc4.java
@@ -0,0 +1,63 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+/**
+ * Based on MIT krb5 enc_rc4.c
+ */
+public class Rc4 {
+
+ private static byte[] L40 = "fortybits".getBytes();
+
+ public static byte[] getSalt(int usage, boolean exportable) {
+ int newUsage = convertUsage(usage);
+ byte[] salt;
+
+ if (exportable) {
+ salt = new byte[14];
+ System.arraycopy(L40, 0, salt, 0, 9);
+ BytesUtil.int2bytes(newUsage, salt, 10, false);
+ } else {
+ salt = new byte[4];
+ BytesUtil.int2bytes(newUsage, salt, 0, false);
+ }
+
+ return salt;
+ }
+
+ private static int convertUsage(int usage) {
+ switch (usage) {
+ case 1: return 1; /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */
+ case 2: return 2; /* ticket from kdc */
+ case 3: return 8; /* as-rep encrypted part */
+ case 4: return 4; /* tgs-req authz data */
+ case 5: return 5; /* tgs-req authz data in subkey */
+ case 6: return 6; /* tgs-req authenticator cksum */
+ case 7: return 7; /* tgs-req authenticator */
+ case 8: return 8;
+ case 9: return 9; /* tgs-rep encrypted with subkey */
+ case 10: return 10; /* ap-rep authentication cksum (never used by MS) */
+ case 11: return 11; /* app-req authenticator */
+ case 12: return 12; /* app-rep encrypted part */
+ case 23: return 13; /* sign wrap token*/
+ default: return usage;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
new file mode 100644
index 0000000..49a62c7
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.AbstractCryptoTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.CheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractCheckSumTypeHandler
+ extends AbstractCryptoTypeHandler implements CheckSumTypeHandler {
+
+ private int computeSize;
+ private int outputSize;
+
+ public AbstractCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
+ int computeSize, int outputSize) {
+ super(encProvider, hashProvider);
+ this.computeSize = computeSize;
+ this.outputSize = outputSize;
+ }
+
+ @Override
+ public String name() {
+ return cksumType().getName();
+ }
+
+ @Override
+ public String displayName() {
+ return cksumType().getDisplayName();
+ }
+
+ @Override
+ public int computeSize() {
+ return computeSize;
+ }
+
+ @Override
+ public int outputSize() {
+ return outputSize;
+ }
+
+ public boolean isSafe() {
+ return false;
+ }
+
+ public int cksumSize() {
+ return 4;
+ }
+
+ public int keySize() {
+ return 0;
+ }
+
+ public int confounderSize() {
+ return 0;
+ }
+
+ @Override
+ public byte[] checksum(byte[] data) throws KrbException {
+ return checksum(data, 0, data.length);
+ }
+
+ @Override
+ public byte[] checksum(byte[] data, int start, int size) throws KrbException {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public boolean verify(byte[] data, byte[] checksum) throws KrbException {
+ return verify(data, 0, data.length, checksum);
+ }
+
+ @Override
+ public boolean verify(byte[] data, int start, int size, byte[] checksum) throws KrbException {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public byte[] checksumWithKey(byte[] data,
+ byte[] key, int usage) throws KrbException {
+ return checksumWithKey(data, 0, data.length, key, usage);
+ }
+
+ @Override
+ public byte[] checksumWithKey(byte[] data, int start, int size,
+ byte[] key, int usage) throws KrbException {
+ throw new UnsupportedOperationException();
+ }
+ @Override
+ public boolean verifyWithKey(byte[] data,
+ byte[] key, int usage, byte[] checksum) throws KrbException {
+ throw new UnsupportedOperationException();
+ }
+}
[34/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
deleted file mode 100644
index 8a22aa9..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1GeneralizedTime;
-
-import java.util.Date;
-import java.util.TimeZone;
-
-/**
- KerberosTime ::= GeneralizedTime -- with no fractional seconds
- */
-public class KerberosTime extends Asn1GeneralizedTime {
- private static final TimeZone UTC = TimeZone.getTimeZone("UTC");
-
- public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
-
- public static final int MINUTE = 60000;
-
- public static final int DAY = MINUTE * 1440;
-
- public static final int WEEK = MINUTE * 10080;
-
- public KerberosTime() {
- super(0L);
- }
-
- /**
- * time in milliseconds
- */
- public KerberosTime(long time) {
- super(time);
- }
-
- /**
- * Return time in milliseconds
- */
- public long getTime() {
- if (getValue() != null) {
- return getValue().getTime();
- }
- return 0L;
- }
-
- /**
- * time in milliseconds
- */
- public void setTime(long time) {
- setValue(new Date(time));
- }
-
- public long getTimeInSeconds() {
- return getTime() / 1000;
- }
-
- public boolean lessThan(KerberosTime ktime) {
- return getValue().compareTo(ktime.getValue()) < 0;
- }
-
- public boolean lessThan(long time) {
- return getValue().getTime() <= time * 1000;
- }
-
- public boolean greaterThan(KerberosTime ktime) {
- return getValue().compareTo(ktime.getValue()) > 0;
- }
-
- /**
- * time in milliseconds
- */
- public boolean isInClockSkew(long clockSkew) {
- long delta = Math.abs(getTime() - System.currentTimeMillis());
-
- return delta < clockSkew;
- }
-
- public KerberosTime copy() {
- long time = getTime();
- KerberosTime result = new KerberosTime(time);
- return result;
- }
-
- /**
- * time in milliseconds
- */
- public KerberosTime extend(long duration) {
- long result = getTime() + duration;
- return new KerberosTime(result);
- }
-
- /**
- * Return diff time in milliseconds
- */
- public long diff(KerberosTime other) {
- return getTime() - other.getTime();
- }
-
- public static KerberosTime now() {
- return new KerberosTime(new Date().getTime());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
deleted file mode 100644
index 80ce98d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.TaggingSequence;
-
-/**
- * This is for application specific sequence tagged with a number.
- */
-public abstract class KrbAppSequenceType extends TaggingSequence {
- public KrbAppSequenceType(int tagNo, Asn1FieldInfo[] fieldInfos) {
- super(tagNo, fieldInfos, true);
- }
-
- protected int getFieldAsInt(int index) {
- Integer value = getFieldAsInteger(index);
- if (value != null) {
- return value.intValue();
- }
- return -1;
- }
-
- protected void setFieldAsString(int index, String value) {
- setFieldAs(index, new KerberosString(value));
- }
-
- protected KerberosTime getFieldAsTime(int index) {
- KerberosTime value = getFieldAs(index, KerberosTime.class);
- return value;
- }
-
- protected void setFieldAsTime(int index, long value) {
- setFieldAs(index, new KerberosTime(value));
- }
-
- protected void setField(int index, KrbEnum krbEnum) {
- setFieldAsInt(index, krbEnum.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
deleted file mode 100644
index c6ade4a..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-public interface KrbEnum {
- public int getValue();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
deleted file mode 100644
index eee7221..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1Integer;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class KrbIntegers extends KrbSequenceOfType<Asn1Integer> {
-
- public KrbIntegers() {
- super();
- }
-
- public KrbIntegers(List<Integer> values) {
- super();
- setValues(values);
- }
-
- public void setValues(List<Integer> values) {
- clear();
- if (values != null) {
- for (Integer value : values) {
- addElement(new Asn1Integer(value));
- }
- }
- }
-
- public List<Integer> getValues() {
- List<Integer> results = new ArrayList<Integer>();
- for (Asn1Integer value : getElements()) {
- results.add(value.getValue());
- }
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
deleted file mode 100644
index 910504b..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1SequenceOf;
-import org.apache.haox.asn1.type.Asn1String;
-import org.apache.haox.asn1.type.Asn1Type;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class KrbSequenceOfType<T extends Asn1Type> extends Asn1SequenceOf<T> {
-
- public List<String> getAsStrings() {
- List<T> elements = getElements();
- List<String> results = new ArrayList<String>();
- for (T ele : elements) {
- if (ele instanceof Asn1String) {
- results.add(((Asn1String) ele).getValue());
- } else {
- throw new RuntimeException("The targeted field type isn't of string");
- }
- }
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
deleted file mode 100644
index 566c7bb..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1SequenceType;
-
-public abstract class KrbSequenceType extends Asn1SequenceType {
-
- public KrbSequenceType(Asn1FieldInfo[] fieldInfos) {
- super(fieldInfos);
- }
-
- protected int getFieldAsInt(int index) {
- Integer value = getFieldAsInteger(index);
- if (value != null) {
- return value.intValue();
- }
- return -1;
- }
-
- protected void setFieldAsString(int index, String value) {
- setFieldAs(index, new KerberosString(value));
- }
-
- protected KerberosTime getFieldAsTime(int index) {
- KerberosTime value = getFieldAs(index, KerberosTime.class);
- return value;
- }
-
- protected void setFieldAsTime(int index, long value) {
- setFieldAs(index, new KerberosTime(value));
- }
-
- protected void setField(int index, KrbEnum value) {
- setFieldAsInt(index, value.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
deleted file mode 100644
index 9a6f929..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-/**
- APOptions ::= KrbFlags
- -- reserved(0),
- -- use-session-key(1),
- -- mutual-required(2)
- */
-public enum ApOption implements KrbEnum {
- NONE(-1),
- RESERVED(0x80000000),
- USE_SESSION_KEY(0x40000000),
- MUTUAL_REQUIRED(0x20000000),
- ETYPE_NEGOTIATION(0x00000002),
- USE_SUBKEY(0x00000001);
-
- private final int value;
-
- private ApOption(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static ApOption fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (ApOption) e;
- }
- }
-
- return NONE;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
deleted file mode 100644
index 9ce14ff..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-public class ApOptions extends KrbFlags {
-
- public ApOptions() {
- this(0);
- }
-
- public ApOptions(int value) {
- setFlags(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
deleted file mode 100644
index 4989c69..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-
-/**
- AP-REP ::= [APPLICATION 15] SEQUENCE {
- pvno [0] INTEGER (5),
- msg-type [1] INTEGER (15),
- enc-part [2] EncryptedData -- EncAPRepPart
- }
- */
-public class ApRep extends KrbMessage {
- private static int ENC_PART = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PVNO, 0, Asn1Integer.class),
- new Asn1FieldInfo(MSG_TYPE, 1, Asn1Integer.class),
- new Asn1FieldInfo(ENC_PART, 2, EncryptedData.class)
- };
-
- public ApRep() {
- super(KrbMessageType.AP_REP, fieldInfos);
- }
-
- private EncAPRepPart encRepPart;
-
- public EncAPRepPart getEncRepPart() {
- return encRepPart;
- }
-
- public void setEncRepPart(EncAPRepPart encRepPart) {
- this.encRepPart = encRepPart;
- }
-
- public EncryptedData getEncryptedEncPart() {
- return getFieldAs(ENC_PART, EncryptedData.class);
- }
-
- public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
- setFieldAs(ENC_PART, encryptedEncPart);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
deleted file mode 100644
index 7b3a70e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-
-/**
- AP-REQ ::= [APPLICATION 14] SEQUENCE {
- pvno [0] INTEGER (5),
- msg-type [1] INTEGER (14),
- ap-options [2] APOptions,
- ticket [3] Ticket,
- authenticator [4] EncryptedData -- Authenticator
- }
- */
-public class ApReq extends KrbMessage {
- private static int AP_OPTIONS = 2;
- private static int TICKET = 3;
- private static int AUTHENTICATOR = 4;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PVNO, Asn1Integer.class),
- new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(AP_OPTIONS, ApOptions.class),
- new Asn1FieldInfo(TICKET, Ticket.class),
- new Asn1FieldInfo(AUTHENTICATOR, EncryptedData.class)
- };
-
- private Authenticator authenticator;
-
- public ApReq() {
- super(KrbMessageType.AP_REQ, fieldInfos);
- }
-
- public ApOptions getApOptions() {
- return getFieldAs(AP_OPTIONS, ApOptions.class);
- }
-
- public void setApOptions(ApOptions apOptions) {
- setFieldAs(AP_OPTIONS, apOptions);
- }
-
- public Ticket getTicket() {
- return getFieldAs(TICKET, Ticket.class);
- }
-
- public void setTicket(Ticket ticket) {
- setFieldAs(TICKET, ticket);
- }
-
- public Authenticator getAuthenticator() {
- return authenticator;
- }
-
- public void setAuthenticator(Authenticator authenticator) {
- this.authenticator = authenticator;
- }
-
- public EncryptedData getEncryptedAuthenticator() {
- return getFieldAs(AUTHENTICATOR, EncryptedData.class);
- }
-
- public void setEncryptedAuthenticator(EncryptedData encryptedAuthenticator) {
- setFieldAs(AUTHENTICATOR, encryptedAuthenticator);
- }
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
deleted file mode 100644
index 1b94272..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
+++ /dev/null
@@ -1,144 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerberos.kerb.spec.common.AuthorizationData;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-/**
- Authenticator ::= [APPLICATION 2] SEQUENCE {
- authenticator-vno [0] INTEGER (5),
- crealm [1] Realm,
- cname [2] PrincipalName,
- cksum [3] Checksum OPTIONAL,
- cusec [4] Microseconds,
- ctime [5] KerberosTime,
- subkey [6] EncryptionKey OPTIONAL,
- seq-number [7] UInt32 OPTIONAL,
- authorization-data [8] AuthorizationData OPTIONAL
- }
- */
-public class Authenticator extends KrbAppSequenceType {
- public static int TAG = 2;
- private static int AUTHENTICATOR_VNO = 0;
- private static int CREALM = 1;
- private static int CNAME = 2;
- private static int CKSUM = 3;
- private static int CUSEC = 4;
- private static int CTIME = 5;
- private static int SUBKEY = 6;
- private static int SEQ_NUMBER = 7;
- private static int AUTHORIZATION_DATA = 8;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(AUTHENTICATOR_VNO, 0, Asn1Integer.class),
- new Asn1FieldInfo(CREALM, 1, KerberosString.class),
- new Asn1FieldInfo(CNAME, 2, PrincipalName.class),
- new Asn1FieldInfo(CKSUM, 3, CheckSum.class),
- new Asn1FieldInfo(CUSEC, 4, Asn1Integer.class),
- new Asn1FieldInfo(CTIME, 5, KerberosTime.class),
- new Asn1FieldInfo(SUBKEY, 6, EncryptionKey.class),
- new Asn1FieldInfo(SEQ_NUMBER, 7, Asn1Integer.class),
- new Asn1FieldInfo(AUTHORIZATION_DATA, 8, AuthorizationData.class)
- };
-
- public Authenticator() {
- super(TAG, fieldInfos);
- }
-
- public int getAuthenticatorVno() {
- return getFieldAsInt(AUTHENTICATOR_VNO);
- }
-
- public void setAuthenticatorVno(int authenticatorVno) {
- setFieldAsInt(AUTHENTICATOR_VNO, authenticatorVno);
- }
-
- public String getCrealm() {
- return getFieldAsString(CREALM);
- }
-
- public void setCrealm(String crealm) {
- setFieldAsString(CREALM, crealm);
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName cname) {
- setFieldAs(CNAME, cname);
- }
-
- public CheckSum getCksum() {
- return getFieldAs(CKSUM, CheckSum.class);
- }
-
- public void setCksum(CheckSum cksum) {
- setFieldAs(CKSUM, cksum);
- }
-
- public int getCusec() {
- return getFieldAsInt(CUSEC);
- }
-
- public void setCusec(int cusec) {
- setFieldAsInt(CUSEC, cusec);
- }
-
- public KerberosTime getCtime() {
- return getFieldAsTime(CTIME);
- }
-
- public void setCtime(KerberosTime ctime) {
- setFieldAs(CTIME, ctime);
- }
-
- public EncryptionKey getSubKey() {
- return getFieldAs(SUBKEY, EncryptionKey.class);
- }
-
- public void setSubKey(EncryptionKey subKey) {
- setFieldAs(SUBKEY, subKey);
- }
-
- public int getSeqNumber() {
- return getFieldAsInt(SEQ_NUMBER);
- }
-
- public void setSeqNumber(Integer seqNumber) {
- setFieldAsInt(SEQ_NUMBER, seqNumber);
- }
-
- public AuthorizationData getAuthorizationData() {
- return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
- }
-
- public void setAuthorizationData(AuthorizationData authorizationData) {
- setFieldAs(AUTHORIZATION_DATA, authorizationData);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
deleted file mode 100644
index 487353b..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ap;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-
-/**
- EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
- ctime [0] KerberosTime,
- cusec [1] Microseconds,
- subkey [2] EncryptionKey OPTIONAL,
- seq-number [3] UInt32 OPTIONAL
- }
- */
-public class EncAPRepPart extends KrbAppSequenceType {
- public static int TAG = 27;
- private static int CTIME = 0;
- private static int CUSEC = 1;
- private static int SUBKEY = 2;
- private static int SEQ_NUMBER = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(CTIME, 0, KerberosTime.class),
- new Asn1FieldInfo(CUSEC, 1, Asn1Integer.class),
- new Asn1FieldInfo(SUBKEY, 2, EncryptionKey.class),
- new Asn1FieldInfo(SEQ_NUMBER, 3, Asn1Integer.class)
- };
-
- public EncAPRepPart() {
- super(TAG, fieldInfos);
- }
-
- public KerberosTime getCtime() {
- return getFieldAsTime(CTIME);
- }
-
- public void setCtime(KerberosTime ctime) {
- setFieldAs(CTIME, ctime);
- }
-
- public int getCusec() {
- return getFieldAsInt(CUSEC);
- }
-
- public void setCusec(int cusec) {
- setFieldAsInt(CUSEC, cusec);
- }
-
- public EncryptionKey getSubkey() {
- return getFieldAs(SUBKEY, EncryptionKey.class);
- }
-
- public void setSubkey(EncryptionKey subkey) {
- setFieldAs(SUBKEY, subkey);
- }
-
- public int getSeqNumber() {
- return getFieldAsInt(SEQ_NUMBER);
- }
-
- public void setSeqNumber(Integer seqNumber) {
- setFieldAsInt(SEQ_NUMBER, seqNumber);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
deleted file mode 100644
index 16ac0fa..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- AD-TOKEN ::= SEQUENCE {
- token [0] OCTET STRING,
- }
-*/
-public class AdToken extends KrbSequenceType {
- private static int TOKEN = 0;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TOKEN, KrbToken.class)
- };
-
- public AdToken() {
- super(fieldInfos);
- }
-
- public KrbToken getToken() {
- return getFieldAs(TOKEN, KrbToken.class);
- }
-
- public void setToken(KrbToken token) {
- setFieldAs(TOKEN, token);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
deleted file mode 100644
index 9805fd5..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- ad-type [0] Int32,
- ad-data [1] OCTET STRING
- }
- */
-public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
deleted file mode 100644
index 5ead635..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- ad-type [0] Int32,
- ad-data [1] OCTET STRING
- }
- */
-public class AuthorizationDataEntry extends KrbSequenceType {
- private static int AD_TYPE = 0;
- private static int AD_DATA = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(AD_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(AD_DATA, 1, Asn1OctetString.class)
- };
-
- public AuthorizationDataEntry() {
- super(fieldInfos);
- }
-
- public AuthorizationType getAuthzType() {
- Integer value = getFieldAsInteger(AD_TYPE);
- return AuthorizationType.fromValue(value);
- }
-
- public void setAuthzType(AuthorizationType authzType) {
- setFieldAsInt(AD_TYPE, authzType.getValue());
- }
-
- public byte[] getAuthzData() {
- return getFieldAsOctets(AD_DATA);
- }
-
- public void setAuthzData(byte[] authzData) {
- setFieldAsOctets(AD_DATA, authzData);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
deleted file mode 100644
index 9a5cc6d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum AuthorizationType implements KrbEnum {
- /**
- * Constant for the "null" authorization type.
- */
- NULL(0),
-
- /**
- * Constant for the "if relevant" authorization type.
- *
- * RFC 4120
- */
- AD_IF_RELEVANT(1),
-
- /**
- * Constant for the "intended for server" authorization type.
- *
- * RFC 4120
- */
- AD_INTENDED_FOR_SERVER(2),
-
- /**
- * Constant for the "intended for application class" authorization type.
- *
- * RFC 4120
- */
- AD_INTENDED_FOR_APPLICATION_CLASS(3),
-
- /**
- * Constant for the "kdc issued" authorization type.
- *
- * RFC 4120
- */
- AD_KDC_ISSUED(4),
-
- /**
- * Constant for the "or" authorization type.
- *
- * RFC 4120
- */
- AD_OR(5),
-
- /**
- * Constant for the "mandatory ticket extensions" authorization type.
- *
- * RFC 4120
- */
- AD_MANDATORY_TICKET_EXTENSIONS(6),
-
- /**
- * Constant for the "in ticket extensions" authorization type.
- *
- * RFC 4120
- */
- AD_IN_TICKET_EXTENSIONS(7),
-
- /**
- * Constant for the "mandatory-for-kdc" authorization type.
- *
- * RFC 4120
- */
- AD_MANDATORY_FOR_KDC(8),
-
- /**
- * Constant for the "OSF DCE" authorization type.
- *
- * RFC 1510
- */
- OSF_DCE(64),
-
- /**
- * Constant for the "sesame" authorization type.
- *
- * RFC 1510
- */
- SESAME(65),
-
- /**
- * Constant for the "OSF-DCE pki certid" authorization type.
- *
- * RFC 1510
- */
- AD_OSF_DCE_PKI_CERTID(66),
-
- /**
- * Constant for the "sesame" authorization type.
- *
- * RFC 1510
- */
- AD_WIN2K_PAC(128),
-
- /**
- * Constant for the "sesame" authorization type.
- *
- * RFC 1510
- */
- AD_ETYPE_NEGOTIATION(129);
-
- private final int value;
-
- private AuthorizationType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static AuthorizationType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (AuthorizationType) e;
- }
- }
- }
-
- return NULL;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
deleted file mode 100644
index 3c3739d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.util.Arrays;
-
-/**
- Checksum ::= SEQUENCE {
- cksumtype [0] Int32,
- checksum [1] OCTET STRING
- }
- */
-public class CheckSum extends KrbSequenceType {
- private static int CKSUM_TYPE = 0;
- private static int CHECK_SUM = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(CKSUM_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(CHECK_SUM, 1, Asn1OctetString.class)
- };
-
- public CheckSum() {
- super(fieldInfos);
- }
-
- public CheckSum(CheckSumType cksumType, byte[] checksum) {
- this();
-
- setCksumtype(cksumType);
- setChecksum(checksum);
- }
-
- public CheckSum(int cksumType, byte[] checksum) {
- this(CheckSumType.fromValue(cksumType), checksum);
- }
-
- public CheckSumType getCksumtype() {
- Integer value = getFieldAsInteger(CKSUM_TYPE);
- return CheckSumType.fromValue(value);
- }
-
- public void setCksumtype(CheckSumType cksumtype) {
- setFieldAsInt(CKSUM_TYPE, cksumtype.getValue());
- }
-
- public byte[] getChecksum() {
- return getFieldAsOctets(CHECK_SUM);
- }
-
- public void setChecksum(byte[] checksum) {
- setFieldAsOctets(CHECK_SUM, checksum);
- }
-
- @Override
- public boolean equals(Object other) {
- if (this == other) return true;
- if (other == null || getClass() != other.getClass()) return false;
-
- CheckSum that = (CheckSum) other;
-
- if (getCksumtype() != that.getCksumtype()) return false;
-
- return Arrays.equals(getChecksum(), that.getChecksum());
- }
-
- public boolean isEqual(CheckSum other) {
- return this.equals(other);
- }
-
- public boolean isEqual(byte[] cksumBytes) {
- return Arrays.equals(getChecksum(), cksumBytes);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
deleted file mode 100644
index 24a8b31..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
+++ /dev/null
@@ -1,115 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum CheckSumType implements KrbEnum {
- NONE(0, "none", "None checksum type"),
-
- CRC32(0x0001, "crc32", "CRC-32"),
-
- RSA_MD4(0x0002, "md4", "RSA-MD4"),
-
- RSA_MD4_DES(0x0003, "md4-des", "RSA-MD4 with DES cbc mode"),
-
- DES_CBC(0x0004, "des-cbc", "DES cbc mode"),
- DES_MAC(0x0004, "des-mac", "DES cbc mode"),
-
- //des-mac-k
-
- //rsa-md4-des-k
-
- RSA_MD5(0x0007, "md5", "RSA-MD5"),
-
- RSA_MD5_DES(0x0008, "md5-des", "RSA-MD5 with DES cbc mode"),
-
- NIST_SHA(0x0009, "sha", "NIST-SHA"),
-
- HMAC_SHA1_DES3(0x000c, "hmac-sha1-des3", "HMAC-SHA1 DES3 key"),
- HMAC_SHA1_DES3_KD(0x000c, "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key"),
-
- ////RFC 3962. Used with ENCTYPE_AES128_CTS_HMAC_SHA1_96
- HMAC_SHA1_96_AES128(0x000f, "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key"),
-
- //RFC 3962. Used with ENCTYPE_AES256_CTS_HMAC_SHA1_96
- HMAC_SHA1_96_AES256(0x0010, "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key"),
-
- //RFC 6803
- CMAC_CAMELLIA128(0x0011, "cmac-camellia128", "CMAC Camellia128 key"),
-
- //RFC 6803
- CMAC_CAMELLIA256(0x0012, "cmac-camellia256", "CMAC Camellia256 key"),
-
- //Microsoft netlogon cksumtype
- MD5_HMAC_ARCFOUR(-137, "md5-hmac-rc4", "Microsoft MD5 HMAC"),
-
- //Microsoft md5 hmac cksumtype
- HMAC_MD5_ARCFOUR(-138, "hmac-md5-arcfour", "Microsoft HMAC MD5"),
- HMAC_MD5_ENC(-138, "hmac-md5-enc", "Microsoft HMAC MD5"),
- HMAC_MD5_RC4(-138, "hmac-md5-rc4", "Microsoft HMAC MD5");
-
- private final int value;
-
- private final String name;
-
- private final String displayName;
-
- private CheckSumType(int value, String name, String displayName) {
- this.value = value;
- this.name = name;
- this.displayName = displayName;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public String getName() {
- return name;
- }
-
- public String getDisplayName() {
- return displayName;
- }
-
- public static CheckSumType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (CheckSumType) e;
- }
- }
- }
- return NONE;
- }
-
- public static CheckSumType fromName(String name) {
- if (name != null) {
- for (CheckSumType cs : values()) {
- if (cs.getName() == name) {
- return (CheckSumType) cs;
- }
- }
- }
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
deleted file mode 100644
index b74eba1..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
+++ /dev/null
@@ -1,96 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.util.Arrays;
-
-/**
- EncryptedData ::= SEQUENCE {
- etype [0] Int32 -- EncryptionType --,
- kvno [1] UInt32 OPTIONAL,
- cipher [2] OCTET STRING -- ciphertext
- }
- */
-public class EncryptedData extends KrbSequenceType {
- private static int ETYPE = 0;
- private static int KVNO = 1;
- private static int CIPHER = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(KVNO, 1, Asn1Integer.class),
- new Asn1FieldInfo(CIPHER, 2, Asn1OctetString.class)
- };
-
- public EncryptedData() {
- super(fieldInfos);
- }
-
- public EncryptionType getEType() {
- Integer value = getFieldAsInteger(ETYPE);
- return EncryptionType.fromValue(value);
- }
-
- public void setEType(EncryptionType eType) {
- setFieldAsInt(ETYPE, eType.getValue());
- }
-
- public int getKvno() {
- Integer value = getFieldAsInteger(KVNO);
- if (value != null) {
- return value.intValue();
- }
- return -1;
- }
-
- public void setKvno(int kvno) {
- setFieldAsInt(KVNO, kvno);
- }
-
- public byte[] getCipher() {
- return getFieldAsOctets(CIPHER);
- }
-
- public void setCipher(byte[] cipher) {
- setFieldAsOctets(CIPHER, cipher);
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
-
- EncryptedData that = (EncryptedData) o;
-
- /*
- if (getKvno() != -1 && that.getKvno() != -1 &&
- getKvno() != that.getKvno()) return false;
- */
-
- if (getEType() != that.getEType()) return false;
-
- return Arrays.equals(getCipher(), that.getCipher());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
deleted file mode 100644
index c2f500e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.util.Arrays;
-
-/**
- EncryptionKey ::= SEQUENCE {
- keytype [0] Int32 -- actually encryption type --,
- keyvalue [1] OCTET STRING
- }
- */
-public class EncryptionKey extends KrbSequenceType {
- private static int KEY_TYPE = 0;
- private static int KEY_VALUE = 1;
-
- private int kvno = -1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(KEY_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(KEY_VALUE, 1, Asn1OctetString.class)
- };
-
- public EncryptionKey() {
- super(fieldInfos);
- }
-
- public EncryptionKey(int keyType, byte[] keyData) {
- this(keyType, keyData, -1);
- }
-
- public EncryptionKey(int keyType, byte[] keyData, int kvno) {
- this(EncryptionType.fromValue(keyType), keyData, kvno);
- }
-
- public EncryptionKey(EncryptionType keyType, byte[] keyData) {
- this(keyType, keyData, -1);
- }
-
- public EncryptionKey(EncryptionType keyType, byte[] keyData, int kvno) {
- this();
- setKeyType(keyType);
- setKeyData(keyData);
- setKvno(kvno);
- }
-
- public EncryptionType getKeyType() {
- Integer value = getFieldAsInteger(KEY_TYPE);
- return EncryptionType.fromValue(value);
- }
-
- public void setKeyType(EncryptionType keyType) {
- setFieldAsInt(KEY_TYPE, keyType.getValue());
- }
-
- public byte[] getKeyData() {
- return getFieldAsOctets(KEY_VALUE);
- }
-
- public void setKeyData(byte[] keyData) {
- setFieldAsOctets(KEY_VALUE, keyData);
- }
-
- public void setKvno(int kvno) {
- this.kvno = kvno;
- }
-
- public int getKvno() {
- return kvno;
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
-
- EncryptionKey that = (EncryptionKey) o;
-
- if (kvno != -1 && that.kvno != -1 && kvno != that.kvno) return false;
-
- if (getKeyType() != that.getKeyType()) return false;
-
- return Arrays.equals(getKeyData(), that.getKeyData());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
deleted file mode 100644
index 69d6fed..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-/**
- * According to krb5.hin
- */
-public enum EncryptionType implements KrbEnum {
-
- NONE(0, "none", "None encryption type"),
-
- DES_CBC_CRC(0x0001, "des-cbc-crc", "DES cbc mode with CRC-32"),
-
- DES_CBC_MD4(0x0002, "des-cbc-md4", "DES cbc mode with RSA-MD4"),
-
- DES_CBC_MD5(0x0003, "des-cbc-md5", "DES cbc mode with RSA-MD5"),
- DES(0x0003, "des", "DES cbc mode with RSA-MD5"),
-
- DES_CBC_RAW(0x0004, "des-cbc-raw", "DES cbc mode raw"),
-
- DES3_CBC_SHA(0x0005, "des3-cbc-sha", "DES-3 cbc with SHA1"),
-
- DES3_CBC_RAW(0x0006, "des3-cbc-raw", "Triple DES cbc mode raw"),
-
- DES_HMAC_SHA1(0x0008, "des-hmac-sha1", "DES with HMAC/sha1"),
-
- DSA_SHA1_CMS(0x0009, "dsa-sha1-cms", "DSA with SHA1, CMS signature"),
-
- MD5_RSA_CMS(0x000a, "md5-rsa-cms", "MD5 with RSA, CMS signature"),
-
- SHA1_RSA_CMS(0x000b, "sha1-rsa-cms", "SHA1 with RSA, CMS signature"),
-
- RC2_CBC_ENV(0x000c, "rc2-cbc-env", "RC2 cbc mode, CMS enveloped data"),
-
- RSA_ENV(0x000d, "rsa-env", "RSA encryption, CMS enveloped data"),
-
- RSA_ES_OAEP_ENV(0x000e, "rsa-es-oaep-env", "RSA w/OEAP encryption, CMS enveloped data"),
-
- DES3_CBC_ENV(0x000f, "des3-cbc-env", "DES-3 cbc mode, CMS enveloped data"),
-
- DES3_CBC_SHA1(0x0010, "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1"),
- DES3_HMAC_SHA1(0x0010, "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1"),
- DES3_CBC_SHA1_KD(0x0010, "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1"),
-
- AES128_CTS_HMAC_SHA1_96 (0x0011, "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
- AES128_CTS (0x0011, "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
-
- AES256_CTS_HMAC_SHA1_96(0x0012, "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
- AES256_CTS(0x0012, "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
-
- ARCFOUR_HMAC(0x0017, "arcfour-hmac", "ArcFour with HMAC/md5"),
- RC4_HMAC(0x0017, "rc4-hmac", "ArcFour with HMAC/md5"),
- ARCFOUR_HMAC_MD5(0x0017, "arcfour-hmac-md5", "ArcFour with HMAC/md5"),
-
- ARCFOUR_HMAC_EXP(0x0018, "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5"),
- RC4_HMAC_EXP(0x0018, "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5"),
- ARCFOUR_HMAC_MD5_EXP(0x0018, "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5"),
-
- CAMELLIA128_CTS_CMAC(0x0019, "camellia128-cts-cmac", "Camellia-128 CTS mode with CMAC"),
- CAMELLIA128_CTS(0x0019, "camellia128-cts", "Camellia-128 CTS mode with CMAC"),
-
- CAMELLIA256_CTS_CMAC(0x001a, "camellia256-cts-cmac", "Camellia-256 CTS mode with CMAC"),
- CAMELLIA256_CTS(0x001a, "camellia256-cts", "Camellia-256 CTS mode with CMAC");
-
- //UNKNOWN(0x01ff, "UNKNOWN", "Unknown encryption type");
-
- private final int value;
-
- private final String name;
-
- private final String displayName;
-
- private EncryptionType(int value, String name, String displayName) {
- this.value = value;
- this.name = name;
- this.displayName = displayName;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public String getName() {
- return name;
- }
-
- public String getDisplayName() {
- return displayName;
- }
-
- public static EncryptionType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (EncryptionType) e;
- }
- }
- }
- return NONE;
- }
-
- public static EncryptionType fromName(String name) {
- if (name != null) {
- for (EncryptionType e : values()) {
- if (e.getName().equals(name)) {
- return (EncryptionType) e;
- }
- }
- }
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
deleted file mode 100644
index fd435e1..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY
- */
-public class EtypeInfo extends KrbSequenceOfType<EtypeInfoEntry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
deleted file mode 100644
index e786912..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- ETYPE-INFO2 ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY
- */
-public class EtypeInfo2 extends KrbSequenceOfType<EtypeInfo2Entry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
deleted file mode 100644
index de05973..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- ETYPE-INFO2-ENTRY ::= SEQUENCE {
- etype [0] Int32,
- salt [1] KerberosString OPTIONAL,
- s2kparams [2] OCTET STRING OPTIONAL
- }
- */
-public class EtypeInfo2Entry extends KrbSequenceType {
- private static int ETYPE = 0;
- private static int SALT = 1;
- private static int S2KPARAMS = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(SALT, 1, KerberosString.class),
- new Asn1FieldInfo(S2KPARAMS, 2, Asn1OctetString.class)
- };
-
- public EtypeInfo2Entry() {
- super(fieldInfos);
- }
-
- public EncryptionType getEtype() {
- return EncryptionType.fromValue(getFieldAsInt(ETYPE));
- }
-
- public void setEtype(EncryptionType etype) {
- setField(ETYPE, etype);
- }
-
- public String getSalt() {
- return getFieldAsString(SALT);
- }
-
- public void setSalt(String salt) {
- setFieldAsString(SALT, salt);
- }
-
- public byte[] getS2kParams() {
- return getFieldAsOctets(S2KPARAMS);
- }
-
- public void setS2kParams(byte[] s2kParams) {
- setFieldAsOctets(S2KPARAMS, s2kParams);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
deleted file mode 100644
index 8168fe1..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- ETYPE-INFO-ENTRY ::= SEQUENCE {
- etype [0] Int32,
- salt [1] OCTET STRING OPTIONAL
- }
- */
-public class EtypeInfoEntry extends KrbSequenceType {
- private static int ETYPE = 0;
- private static int SALT = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(SALT, 1, Asn1OctetString.class)
- };
-
- public EtypeInfoEntry() {
- super(fieldInfos);
- }
-
- public EncryptionType getEtype() {
- return EncryptionType.fromValue(getFieldAsInt(ETYPE));
- }
-
- public void setEtype(EncryptionType etype) {
- setField(ETYPE, etype);
- }
-
- public byte[] getSalt() {
- return getFieldAsOctets(SALT);
- }
-
- public void setSalt(byte[] salt) {
- setFieldAsOctets(SALT, salt);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
deleted file mode 100644
index 2ce47e8..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum HostAddrType implements KrbEnum {
- /**
- * Constant for the "null" host address type.
- */
- NULL(0),
-
- /**
- * Constant for the "Internet" host address type.
- */
- ADDRTYPE_INET(2),
-
- /**
- * Constant for the "Arpanet" host address type.
- */
- ADDRTYPE_IMPLINK(3),
-
- /**
- * Constant for the "CHAOS" host address type.
- */
- ADDRTYPE_CHAOS(5),
-
- /**
- * Constant for the "XEROX Network Services" host address type.
- */
- ADDRTYPE_XNS(6),
-
- /**
- * Constant for the "OSI" host address type.
- */
- ADDRTYPE_OSI(7),
-
- /**
- * Constant for the "DECnet" host address type.
- */
- ADDRTYPE_DECNET(12),
-
- /**
- * Constant for the "AppleTalk" host address type.
- */
- ADDRTYPE_APPLETALK(16),
-
- /**
- * Constant for the "NetBios" host address type.
- *
- * Not in RFC
- */
- ADDRTYPE_NETBIOS(20),
-
- /**
- * Constant for the "Internet Protocol V6" host address type.
- */
- ADDRTYPE_INET6(24);
-
-
- private final int value;
-
- private HostAddrType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static HostAddrType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (HostAddrType) e;
- }
- }
- }
-
- return NULL;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
deleted file mode 100644
index 9606746..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.net.InetAddress;
-import java.util.Arrays;
-
-/*
-HostAddress ::= SEQUENCE {
- addr-type [0] Int32,
- address [1] OCTET STRING
-}
- */
-public class HostAddress extends KrbSequenceType {
- private static int ADDR_TYPE = 0;
- private static int ADDRESS = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ADDR_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(ADDRESS, 1, Asn1OctetString.class)
- };
-
- public HostAddress() {
- super(fieldInfos);
- }
-
- public HostAddress(InetAddress inetAddress) {
- this();
-
- setAddrType(HostAddrType.ADDRTYPE_INET);
- setAddress(inetAddress.getAddress());
- }
-
- public HostAddrType getAddrType() {
- Integer value = getFieldAsInteger(ADDR_TYPE);
- return HostAddrType.fromValue(value);
- }
-
- public void setAddrType(HostAddrType addrType) {
- setField(ADDR_TYPE, addrType);
- }
-
- public byte[] getAddress() {
- return getFieldAsOctets(ADDRESS);
- }
-
- public void setAddress(byte[] address) {
- setFieldAsOctets(ADDRESS, address);
- }
-
- public boolean equalsWith(InetAddress address) {
- if (address == null) {
- return false;
- }
- HostAddress that = new HostAddress(address);
- return that.equals(this);
- }
-
- @Override
- public boolean equals(Object other) {
- if (other == null) {
- return false;
- }
- if (other == this) {
- return true;
- } else if (! (other instanceof HostAddress)) {
- return false;
- }
-
- HostAddress that = (HostAddress) other;
- if (getAddrType() == that.getAddrType() &&
- Arrays.equals(getAddress(), that.getAddress())) {
- return true;
- }
- return false;
- }
-
- @Override
- public int hashCode() {
- int result = getAddrType().getValue();
- if (getAddress() != null) {
- result = 31 * result + getAddress().hashCode();
- }
-
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
deleted file mode 100644
index ceaf1b6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-import java.net.InetAddress;
-
-/**
- -- NOTE: HostAddresses is always used as an OPTIONAL field and
- -- should not be empty.
- HostAddresses -- NOTE: subtly different from rfc1510,
- -- but has a value mapping and encodes the same
- ::= SEQUENCE OF HostAddress
- */
-public class HostAddresses extends KrbSequenceOfType<HostAddress> {
-
- public boolean contains(InetAddress address) {
- for (HostAddress hostAddress : getElements()) {
- if (hostAddress.equalsWith(address)) {
- return true;
- }
- }
- return false;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
deleted file mode 100644
index 9672e18..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-/**
- * From krb5.hin
- */
-public enum KeyUsage implements KrbEnum
-{
- UNKNOWN(-1),
- NONE(0),
- //AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key
- AS_REQ_PA_ENC_TS(1),
- //AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key),
- //encrypted with the service key (Section 5.3)
- KDC_REP_TICKET(2),
- //AS-REP encrypted part (includes TGS session key or application session key),
- //encrypted with the client key (Section 5.4.2)
- AS_REP_ENCPART(3),
- //TGS-REQ KDC-REQ-BODY AuthorizationData,
- //encrypted with the TGS session key (Section 5.4.1)
- TGS_REQ_AD_SESSKEY(4),
- //TGS-REQ KDC-REQ-BODY AuthorizationData,
- //encrypted with the TGS authenticator subkey (Section 5.4.1)
- TGS_REQ_AD_SUBKEY(5),
- //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum,
- //keyed with the TGS session key (Section 5.5.1)
- TGS_REQ_AUTH_CKSUM(6),
- //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey),
- //encrypted with the TGS session key (Section 5.5.1)
- TGS_REQ_AUTH(7),
- //TGS-REP encrypted part (includes application session key),
- //encrypted with the TGS session key (Section 5.4.2)
- TGS_REP_ENCPART_SESSKEY(8),
- //TGS-REP encrypted part (includes application session key),
- //encrypted with the TGS authenticator subkey (Section 5.4.2)
- TGS_REP_ENCPART_SUBKEY(9),
- //AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
- AP_REQ_AUTH_CKSUM(10),
- //AP-REQ Authenticator (includes application authenticator subkey),
- //encrypted with the application session key (Section 5.5.1)
- AP_REQ_AUTH(11),
- //AP-REP encrypted part (includes application session subkey),
- //encrypted with the application session key (Section 5.5.2)
- AP_REP_ENCPART(12),
- //KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
- KRB_PRIV_ENCPART(13),
- KRB_CRED_ENCPART(14),
- KRB_SAFE_CKSUM(15),
- APP_DATA_ENCRYPT(16),
- APP_DATA_CKSUM(17),
- KRB_ERROR_CKSUM(18),
- AD_KDCISSUED_CKSUM(19),
- AD_MTE(20),
- AD_ITE(21),
- GSS_TOK_MIC(22),
- GSS_TOK_WRAP_INTEG(23),
- GSS_TOK_WRAP_PRIV(24),
- //Defined in Integrating SAM Mechanisms with Kerberos draft
- PA_SAM_CHALLENGE_CKSUM(25),
- //Note conflict with @ref PA_S4U_X509_USER_REQUEST
- PA_SAM_CHALLENGE_TRACKID(26),
- //Note conflict with @ref PA_S4U_X509_USER_REPLY
- PA_SAM_RESPONSE(27),
- //Defined in [MS-SFU]
- //Note conflict with @ref PA_SAM_CHALLENGE_TRACKID
- PA_S4U_X509_USER_REQUEST(26),
- //Note conflict with @ref PA_SAM_RESPONSE
- PA_S4U_X509_USER_REPLY(27),
- //unused
- PA_REFERRAL(26),
- AD_SIGNEDPATH(-21),
- IAKERB_FINISHED(42),
- PA_PKINIT_KX(44),
- PA_OTP_REQUEST(45), //See RFC 6560 section 4.2
- //define in preauth-framework
- FAST_REQ_CHKSUM(50),
- FAST_ENC(51),
- FAST_REP(52),
- FAST_FINISHED(53),
- ENC_CHALLENGE_CLIENT(54),
- ENC_CHALLENGE_KDC(55),
- AS_REQ(56);
-
- private int value;
-
- private KeyUsage(int value) {
- this.value = value;
- }
-
- public int getValue() {
- return value;
- }
-
- public static KeyUsage fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (KeyUsage) e;
- }
- }
- }
- return UNKNOWN;
- }
-
- public static final boolean isValid(int usage) {
- return usage > -1;
- }
-}
[06/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/SimpleCacheService.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/SimpleCacheService.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/SimpleCacheService.java
new file mode 100644
index 0000000..96d95c1
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/SimpleCacheService.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.replay;
+
+import java.util.HashSet;
+import java.util.Set;
+
+public class SimpleCacheService implements CacheService {
+ private Set<RequestRecord> requests;
+
+ public SimpleCacheService() {
+ requests = new HashSet<RequestRecord>();
+ }
+
+ @Override
+ public boolean checkAndCache(RequestRecord request) {
+ if (requests.contains(request)) {
+ return true;
+ } else {
+ requests.add(request);
+ }
+ return false;
+ }
+
+ @Override
+ public void clear() {
+ requests.clear();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
new file mode 100644
index 0000000..5cc6375
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.request;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.kdc.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag;
+
+public class AsRequest extends KdcRequest {
+
+ public AsRequest(AsReq asReq, KdcContext kdcContext) {
+ super(asReq, kdcContext);
+ }
+
+ @Override
+ protected void makeReply() throws KrbException {
+ Ticket ticket = getTicket();
+
+ AsRep reply = new AsRep();
+
+ reply.setCname(getClientEntry().getPrincipal());
+ reply.setCrealm(kdcContext.getServerRealm());
+ reply.setTicket(ticket);
+
+ EncKdcRepPart encKdcRepPart = makeEncKdcRepPart();
+ reply.setEncPart(encKdcRepPart);
+
+ EncryptionKey clientKey = getClientKey();
+ EncryptedData encryptedData = EncryptionUtil.seal(encKdcRepPart,
+ clientKey, KeyUsage.AS_REP_ENCPART);
+ reply.setEncryptedEncPart(encryptedData);
+
+ setReply(reply);
+ }
+
+ protected EncKdcRepPart makeEncKdcRepPart() {
+ KdcReq request = getKdcReq();
+ Ticket ticket = getTicket();
+
+ EncKdcRepPart encKdcRepPart = new EncAsRepPart();
+
+ //session key
+ encKdcRepPart.setKey(ticket.getEncPart().getKey());
+
+ LastReq lastReq = new LastReq();
+ LastReqEntry entry = new LastReqEntry();
+ entry.setLrType(LastReqType.THE_LAST_INITIAL);
+ entry.setLrValue(new KerberosTime());
+ lastReq.add(entry);
+ encKdcRepPart.setLastReq(lastReq);
+
+ encKdcRepPart.setNonce(request.getReqBody().getNonce());
+
+ encKdcRepPart.setFlags(ticket.getEncPart().getFlags());
+ encKdcRepPart.setAuthTime(ticket.getEncPart().getAuthTime());
+ encKdcRepPart.setStartTime(ticket.getEncPart().getStartTime());
+ encKdcRepPart.setEndTime(ticket.getEncPart().getEndTime());
+
+ if (ticket.getEncPart().getFlags().isFlagSet(TicketFlag.RENEWABLE)) {
+ encKdcRepPart.setRenewTill(ticket.getEncPart().getRenewtill());
+ }
+
+ encKdcRepPart.setSname(ticket.getSname());
+ encKdcRepPart.setSrealm(ticket.getRealm());
+ encKdcRepPart.setCaddr(ticket.getEncPart().getClientAddresses());
+
+ return encKdcRepPart;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
new file mode 100644
index 0000000..de3048c
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
@@ -0,0 +1,521 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.request;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.server.KdcConfig;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.FastContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.PreauthContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.KrbErrorException;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcOption;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcOptions;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcRep;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+
+import java.net.InetAddress;
+import java.nio.ByteBuffer;
+import java.util.Date;
+import java.util.List;
+
+public abstract class KdcRequest {
+
+ protected KdcContext kdcContext;
+
+ private Ticket ticket;
+ private boolean isPreAuthenticated;
+ private KdcReq kdcReq;
+ private KdcRep reply;
+ private InetAddress clientAddress;
+ private boolean isTcp;
+ private EncryptionType encryptionType;
+ private EncryptionKey clientKey;
+ private KrbIdentity clientEntry;
+ private KrbIdentity serverEntry;
+ private EncryptionKey serverKey;
+ private KrbIdentity tgsEntry;
+ private PreauthContext preauthContext;
+ private FastContext fastContext;
+ private PrincipalName serverPrincipal;
+
+ public KdcRequest(KdcReq kdcReq, KdcContext kdcContext) {
+ this.kdcReq = kdcReq;
+ this.kdcContext = kdcContext;
+ this.preauthContext = kdcContext.getPreauthHandler()
+ .preparePreauthContext(this);
+ this.fastContext = new FastContext();
+ }
+
+ public KdcContext getKdcContext() {
+ return kdcContext;
+ }
+
+ public PreauthContext getPreauthContext() {
+ return preauthContext;
+ }
+
+ public void process() throws KrbException {
+ checkVersion();
+ checkClient();
+ checkServer();
+ preauth();
+ authenticate();
+ issueTicket();
+ makeReply();
+ }
+
+ public KdcReq getKdcReq() {
+ return kdcReq;
+ }
+
+ public KrbIdentity getTgsEntry() {
+ return tgsEntry;
+ }
+
+ public void setTgsEntry(KrbIdentity tgsEntry) {
+ this.tgsEntry = tgsEntry;
+ }
+
+ public boolean isTcp() {
+ return isTcp;
+ }
+
+ public void isTcp(boolean isTcp) {
+ this.isTcp = isTcp;
+ }
+
+ public KrbMessage getReply() {
+ return reply;
+ }
+
+ public void setReply(KdcRep reply) {
+ this.reply = reply;
+ }
+
+ public InetAddress getClientAddress() {
+ return clientAddress;
+ }
+
+ public void setClientAddress(InetAddress clientAddress) {
+ this.clientAddress = clientAddress;
+ }
+
+ public EncryptionType getEncryptionType() {
+ return encryptionType;
+ }
+
+ public void setEncryptionType(EncryptionType encryptionType) {
+ this.encryptionType = encryptionType;
+ }
+
+ public Ticket getTicket() {
+ return ticket;
+ }
+
+ public void setTicket(Ticket ticket) {
+ this.ticket = ticket;
+ }
+
+ public boolean isPreAuthenticated() {
+ return isPreAuthenticated;
+ }
+
+ public void setPreAuthenticated(boolean isPreAuthenticated) {
+ this.isPreAuthenticated = isPreAuthenticated;
+ }
+
+ public KrbIdentity getServerEntry() {
+ return serverEntry;
+ }
+
+ public void setServerEntry(KrbIdentity serverEntry) {
+ this.serverEntry = serverEntry;
+ }
+
+ public KrbIdentity getClientEntry() {
+ return clientEntry;
+ }
+
+ public void setClientEntry(KrbIdentity clientEntry) {
+ this.clientEntry = clientEntry;
+ }
+
+ public EncryptionKey getClientKey(EncryptionType encType) throws KrbException {
+ return getClientEntry().getKey(encType);
+ }
+
+ public EncryptionKey getClientKey() {
+ return clientKey;
+ }
+
+ public void setClientKey(EncryptionKey clientKey) {
+ this.clientKey = clientKey;
+ }
+
+ public EncryptionKey getServerKey() {
+ return serverKey;
+ }
+
+ public void setServerKey(EncryptionKey serverKey) {
+ this.serverKey = serverKey;
+ }
+
+ public PrincipalName getTgsPrincipal() {
+ PrincipalName result = new PrincipalName(kdcContext.getConfig().getTgsPrincipal());
+ result.setRealm(kdcContext.getKdcRealm());
+ return result;
+ }
+
+ protected abstract void makeReply() throws KrbException;
+
+ protected void checkVersion() throws KrbException {
+ KdcReq request = getKdcReq();
+
+ int kerberosVersion = request.getPvno();
+ if (kerberosVersion != KrbConstant.KRB_V5) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_BAD_PVNO);
+ }
+ }
+
+ protected void checkPolicy() throws KrbException {
+ KrbIdentity entry = getClientEntry();
+
+ if (entry.isDisabled()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
+ }
+
+ if (entry.isLocked()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
+ }
+
+ if (entry.getExpireTime().lessThan(new Date().getTime())) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
+ }
+ }
+
+ protected void checkClient() throws KrbException {
+ KdcReq request = getKdcReq();
+
+ PrincipalName clientPrincipal = request.getReqBody().getCname();
+ String clientRealm = request.getReqBody().getRealm();
+ if (clientRealm == null || clientRealm.isEmpty()) {
+ clientRealm = kdcContext.getServerRealm();
+ }
+ clientPrincipal.setRealm(clientRealm);
+
+ KrbIdentity clientEntry = getEntry(clientPrincipal.getName());
+ setClientEntry(clientEntry);
+
+ EncryptionType encType = request.getReqBody().getEtypes().listIterator().next();
+ EncryptionKey clientKey = clientEntry.getKeys().get(encType);
+ setClientKey(clientKey);
+ }
+
+ protected void preauth() throws KrbException {
+ KdcReq request = getKdcReq();
+
+ PaData preAuthData = request.getPaData();
+
+ if (preauthContext.isPreauthRequired()) {
+ if (preAuthData == null || preAuthData.isEmpty()) {
+ KrbError krbError = makePreAuthenticationError(kdcContext);
+ throw new KrbErrorException(krbError);
+ } else {
+ getPreauthHandler().verify(this, preAuthData);
+ }
+ }
+
+ setPreAuthenticated(true);
+ }
+
+ protected void setPreauthRequired(boolean preauthRequired) {
+ preauthContext.setPreauthRequired(preauthRequired);
+ }
+
+ protected boolean isPreauthRequired() {
+ return preauthContext.isPreauthRequired();
+ }
+
+ protected PreauthHandler getPreauthHandler() {
+ return kdcContext.getPreauthHandler();
+ }
+
+ protected void checkEncryptionType() throws KrbException {
+ List<EncryptionType> requestedTypes = getKdcReq().getReqBody().getEtypes();
+
+ EncryptionType bestType = EncryptionUtil.getBestEncryptionType(requestedTypes,
+ kdcContext.getConfig().getEncryptionTypes());
+
+ if (bestType == null) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP);
+ }
+
+ setEncryptionType(bestType);
+ }
+
+ protected void authenticate() throws KrbException {
+ checkEncryptionType();
+ checkPolicy();
+ }
+
+ protected void issueTicket() throws KrbException {
+ KdcReq request = getKdcReq();
+
+ EncryptionType encryptionType = getEncryptionType();
+ EncryptionKey serverKey = getServerEntry().getKeys().get(encryptionType);
+
+ PrincipalName ticketPrincipal = request.getReqBody().getSname();
+
+ EncTicketPart encTicketPart = new EncTicketPart();
+ KdcConfig config = kdcContext.getConfig();
+
+ TicketFlags ticketFlags = new TicketFlags();
+ encTicketPart.setFlags(ticketFlags);
+ ticketFlags.setFlag(TicketFlag.INITIAL);
+
+ if (isPreAuthenticated()) {
+ ticketFlags.setFlag(TicketFlag.PRE_AUTH);
+ }
+
+ if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.FORWARDABLE)) {
+ if (!config.isForwardableAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+
+ ticketFlags.setFlag(TicketFlag.FORWARDABLE);
+ }
+
+ if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.PROXIABLE)) {
+ if (!config.isProxiableAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+
+ ticketFlags.setFlag(TicketFlag.PROXIABLE);
+ }
+
+ if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.ALLOW_POSTDATE)) {
+ if (!config.isPostdatedAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+
+ ticketFlags.setFlag(TicketFlag.MAY_POSTDATE);
+ }
+
+ KdcOptions kdcOptions = request.getReqBody().getKdcOptions();
+
+ EncryptionKey sessionKey = EncryptionHandler.random2Key(getEncryptionType());
+ encTicketPart.setKey(sessionKey);
+
+ encTicketPart.setCname(request.getReqBody().getCname());
+ encTicketPart.setCrealm(request.getReqBody().getRealm());
+
+ TransitedEncoding transEnc = new TransitedEncoding();
+ encTicketPart.setTransited(transEnc);
+ String serverRealm = request.getReqBody().getRealm();
+
+ KerberosTime now = KerberosTime.now();
+ encTicketPart.setAuthTime(now);
+
+ KerberosTime krbStartTime = request.getReqBody().getFrom();
+ if (krbStartTime == null || krbStartTime.lessThan(now) ||
+ krbStartTime.isInClockSkew(config.getAllowableClockSkew())) {
+ krbStartTime = now;
+ }
+ if (krbStartTime.greaterThan(now)
+ && !krbStartTime.isInClockSkew(config.getAllowableClockSkew())
+ && !kdcOptions.isFlagSet(KdcOption.POSTDATED)) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_CANNOT_POSTDATE);
+ }
+
+ if (kdcOptions.isFlagSet(KdcOption.POSTDATED)) {
+ if (!config.isPostdatedAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+
+ ticketFlags.setFlag(TicketFlag.POSTDATED);
+ encTicketPart.setStartTime(krbStartTime);
+ }
+
+ KerberosTime krbEndTime = request.getReqBody().getTill();
+ if (krbEndTime == null) {
+ krbEndTime = krbStartTime.extend(config.getMaximumTicketLifetime() * 1000);
+ } else if (krbStartTime.greaterThan(krbEndTime)) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_NEVER_VALID);
+ }
+ encTicketPart.setEndTime(krbEndTime);
+
+ long ticketLifeTime = Math.abs(krbEndTime.diff(krbStartTime));
+ if (ticketLifeTime < config.getMinimumTicketLifetime()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_NEVER_VALID);
+ }
+
+ KerberosTime krbRtime = request.getReqBody().getRtime();
+ if (kdcOptions.isFlagSet(KdcOption.RENEWABLE_OK)) {
+ kdcOptions.setFlag(KdcOption.RENEWABLE);
+ }
+ if (kdcOptions.isFlagSet(KdcOption.RENEWABLE)) {
+ if (!config.isRenewableAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+
+ ticketFlags.setFlag(TicketFlag.RENEWABLE);
+
+ if (krbRtime == null) {
+ krbRtime = KerberosTime.NEVER;
+ }
+ KerberosTime allowedMaximumRenewableTime = krbStartTime;
+ allowedMaximumRenewableTime.extend(config.getMaximumRenewableLifetime() * 1000);
+ if (krbRtime.greaterThan(allowedMaximumRenewableTime)) {
+ krbRtime = allowedMaximumRenewableTime;
+ }
+ encTicketPart.setRenewtill(krbRtime);
+ }
+
+ HostAddresses hostAddresses = request.getReqBody().getAddresses();
+ if (hostAddresses == null || hostAddresses.isEmpty()) {
+ if (!config.isEmptyAddressesAllowed()) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
+ }
+ } else {
+ encTicketPart.setClientAddresses(hostAddresses);
+ }
+
+ EncryptedData encryptedData = EncryptionUtil.seal(encTicketPart,
+ serverKey, KeyUsage.KDC_REP_TICKET);
+
+ Ticket newTicket = new Ticket();
+ newTicket.setSname(ticketPrincipal);
+ newTicket.setEncryptedEncPart(encryptedData);
+ newTicket.setRealm(serverRealm);
+ newTicket.setEncPart(encTicketPart);
+
+ setTicket(newTicket);
+ }
+
+ private void checkServer() throws KrbException {
+ KdcReq request = getKdcReq();
+
+ KrbIdentity tgsEntry = getEntry(getTgsPrincipal().getName());
+ setTgsEntry(tgsEntry);
+
+ PrincipalName principal = request.getReqBody().getSname();
+ String serverRealm = request.getReqBody().getRealm();
+ if (serverRealm == null || serverRealm.isEmpty()) {
+ serverRealm = kdcContext.getServerRealm();
+ }
+ principal.setRealm(serverRealm);
+
+ KrbIdentity serverEntry = getEntry(principal.getName());
+ setServerEntry(serverEntry);
+
+ EncryptionType encType = request.getReqBody().getEtypes().listIterator().next();
+ EncryptionKey serverKey = serverEntry.getKeys().get(encType);
+ setServerKey(serverKey);
+ }
+
+ protected KrbError makePreAuthenticationError(KdcContext kdcContext) throws KrbException {
+ EncryptionType requestedType = getEncryptionType();
+ List<EncryptionType> encryptionTypes = kdcContext.getConfig().getEncryptionTypes();
+ boolean isNewEtype = true;
+
+ EtypeInfo2 eTypeInfo2 = new EtypeInfo2();
+
+ EtypeInfo eTypeInfo = new EtypeInfo();
+
+ for (EncryptionType encryptionType : encryptionTypes) {
+ if (!isNewEtype) {
+ EtypeInfoEntry etypeInfoEntry = new EtypeInfoEntry();
+ etypeInfoEntry.setEtype(encryptionType);
+ etypeInfoEntry.setSalt(null);
+ eTypeInfo.add(etypeInfoEntry);
+ }
+
+ EtypeInfo2Entry etypeInfo2Entry = new EtypeInfo2Entry();
+ etypeInfo2Entry.setEtype(encryptionType);
+ eTypeInfo2.add(etypeInfo2Entry);
+ }
+
+ byte[] encTypeInfo = null;
+ byte[] encTypeInfo2 = null;
+ if (!isNewEtype) {
+ encTypeInfo = KrbCodec.encode(eTypeInfo);
+ }
+ encTypeInfo2 = KrbCodec.encode(eTypeInfo2);
+
+ MethodData methodData = new MethodData();
+ methodData.add(new PaDataEntry(PaDataType.ENC_TIMESTAMP, null));
+ if (!isNewEtype) {
+ methodData.add(new PaDataEntry(PaDataType.ETYPE_INFO, encTypeInfo));
+ }
+ methodData.add(new PaDataEntry(PaDataType.ETYPE_INFO2, encTypeInfo2));
+
+ KrbError krbError = new KrbError();
+ krbError.setErrorCode(KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED);
+ byte[] encodedData = KrbCodec.encode(methodData);
+ krbError.setEdata(encodedData);
+
+ return krbError;
+ }
+
+ protected KrbIdentity getEntry(String principal) throws KrbException {
+ KrbIdentity entry = null;
+ KrbErrorCode krbErrorCode = KrbErrorCode.KDC_ERR_C_PRINCIPAL_UNKNOWN;
+
+ try {
+ entry = kdcContext.getIdentityService().getIdentity(principal);
+ } catch (Exception e) {
+ throw new KrbException(krbErrorCode, e);
+ }
+
+ if (entry == null) {
+ throw new KrbException(krbErrorCode);
+ }
+
+ return entry;
+ }
+
+ public ByteBuffer getRequestBody() throws KrbException {
+ return null;
+ }
+
+ public EncryptionKey getArmorKey() throws KrbException {
+ return fastContext.armorKey;
+ }
+
+ public PrincipalName getServerPrincipal() {
+ return serverPrincipal;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
new file mode 100644
index 0000000..f60c63d
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
@@ -0,0 +1,196 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.request;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApOption;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApReq;
+import org.apache.kerby.kerberos.kerb.spec.ap.Authenticator;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.kdc.*;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag;
+
+import java.nio.ByteBuffer;
+
+public class TgsRequest extends KdcRequest {
+
+ private EncryptionKey tgtSessionKey;
+
+ public TgsRequest(TgsReq tgsReq, KdcContext kdcContext) {
+ super(tgsReq, kdcContext);
+
+ setPreauthRequired(true);
+ }
+
+ public EncryptionKey getTgtSessionKey() {
+ return tgtSessionKey;
+ }
+
+ public void setTgtSessionKey(EncryptionKey tgtSessionKey) {
+ this.tgtSessionKey = tgtSessionKey;
+ }
+
+ public void verifyAuthenticator(PaDataEntry paDataEntry) throws KrbException {
+ ApReq apReq = KrbCodec.decode(paDataEntry.getPaDataValue(), ApReq.class);
+
+ if (apReq.getPvno() != KrbConstant.KRB_V5) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADVERSION);
+ }
+
+ if (apReq.getMsgType() != KrbMessageType.AP_REQ) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_MSG_TYPE);
+ }
+
+ EncryptionType encType = getKdcReq().getReqBody().getEtypes().listIterator().next();
+ EncryptionKey tgsKey = getTgsEntry().getKeys().get(encType);
+
+ Ticket ticket = apReq.getTicket();
+ if (ticket.getTktvno() != KrbConstant.KRB_V5) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADVERSION);
+ }
+
+ EncTicketPart encPart = EncryptionUtil.unseal(ticket.getEncryptedEncPart(),
+ tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
+ ticket.setEncPart(encPart);
+
+ EncryptionKey encKey = null;
+ //if (apReq.getApOptions().isFlagSet(ApOptions.USE_SESSION_KEY)) {
+ encKey = ticket.getEncPart().getKey();
+
+ if (encKey == null) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_NOKEY);
+ }
+ Authenticator authenticator = EncryptionUtil.unseal(apReq.getEncryptedAuthenticator(),
+ encKey, KeyUsage.TGS_REQ_AUTH, Authenticator.class);
+
+ if (!authenticator.getCname().equals(ticket.getEncPart().getCname())) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADMATCH);
+ }
+
+ HostAddresses hostAddresses = ticket.getEncPart().getClientAddresses();
+ if (hostAddresses == null || hostAddresses.isEmpty()) {
+ if (!kdcContext.getConfig().isEmptyAddressesAllowed()) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADADDR);
+ }
+ } else if (!hostAddresses.contains(getClientAddress())) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADADDR);
+ }
+
+ PrincipalName serverPrincipal = ticket.getSname();
+ serverPrincipal.setRealm(ticket.getRealm());
+ PrincipalName clientPrincipal = authenticator.getCname();
+ clientPrincipal.setRealm(authenticator.getCrealm());
+
+ if (!authenticator.getCtime().isInClockSkew(
+ kdcContext.getConfig().getAllowableClockSkew() * 1000)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_SKEW);
+ }
+
+ KerberosTime now = KerberosTime.now();
+ KerberosTime startTime = ticket.getEncPart().getStartTime();
+ if (startTime == null) {
+ startTime = ticket.getEncPart().getAuthTime();
+ }
+ if (! startTime.lessThan(now)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_TKT_NYV);
+ }
+
+ KerberosTime endTime = ticket.getEncPart().getEndTime();
+ if (! endTime.greaterThan(now)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_TKT_EXPIRED);
+ }
+
+ apReq.getApOptions().setFlag(ApOption.MUTUAL_REQUIRED);
+
+ setTgtSessionKey(ticket.getEncPart().getKey());
+ }
+
+ @Override
+ protected void makeReply() throws KrbException {
+ Ticket ticket = getTicket();
+
+ TgsRep reply = new TgsRep();
+
+ reply.setCname(getClientEntry().getPrincipal());
+ reply.setCrealm(kdcContext.getServerRealm());
+ reply.setTicket(ticket);
+
+ EncKdcRepPart encKdcRepPart = makeEncKdcRepPart();
+ reply.setEncPart(encKdcRepPart);
+
+ EncryptionKey sessionKey = getTgtSessionKey();
+ EncryptedData encryptedData = EncryptionUtil.seal(encKdcRepPart,
+ sessionKey, KeyUsage.TGS_REP_ENCPART_SESSKEY);
+ reply.setEncryptedEncPart(encryptedData);
+
+ setReply(reply);
+ }
+
+ private EncKdcRepPart makeEncKdcRepPart() {
+ KdcReq request = getKdcReq();
+ Ticket ticket = getTicket();
+
+ EncKdcRepPart encKdcRepPart = new EncTgsRepPart();
+
+ //session key
+ encKdcRepPart.setKey(ticket.getEncPart().getKey());
+
+ LastReq lastReq = new LastReq();
+ LastReqEntry entry = new LastReqEntry();
+ entry.setLrType(LastReqType.THE_LAST_INITIAL);
+ entry.setLrValue(new KerberosTime());
+ lastReq.add(entry);
+ encKdcRepPart.setLastReq(lastReq);
+
+ encKdcRepPart.setNonce(request.getReqBody().getNonce());
+
+ encKdcRepPart.setFlags(ticket.getEncPart().getFlags());
+ encKdcRepPart.setAuthTime(ticket.getEncPart().getAuthTime());
+ encKdcRepPart.setStartTime(ticket.getEncPart().getStartTime());
+ encKdcRepPart.setEndTime(ticket.getEncPart().getEndTime());
+
+ if (ticket.getEncPart().getFlags().isFlagSet(TicketFlag.RENEWABLE)) {
+ encKdcRepPart.setRenewTill(ticket.getEncPart().getRenewtill());
+ }
+
+ encKdcRepPart.setSname(ticket.getSname());
+ encKdcRepPart.setSrealm(ticket.getRealm());
+ encKdcRepPart.setCaddr(ticket.getEncPart().getClientAddresses());
+
+ return encKdcRepPart;
+ }
+
+ public ByteBuffer getRequestBody() throws KrbException {
+ return null;
+ }
+
+ public EncryptionKey getArmorKey() throws KrbException {
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/resources/kdc.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/resources/kdc.conf b/kerby-kerb/kerb-server/src/main/resources/kdc.conf
new file mode 100644
index 0000000..8f286a1
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/resources/kdc.conf
@@ -0,0 +1,51 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[kdcdefaults]
+ kdc_udp_port = 88
+ kdc_tcp_port = 8014
+ restrict_anonymous_to_tgt = true
+ kdc_max_dgram_reply_size = 4096
+
+[realms]
+# ATHENA.MIT.EDU = {
+# kadmind_port = 749
+# max_life = 12h 0m 0s
+# max_renewable_life = 7d 0h 0m 0s
+# master_key_type = des3-hmac-sha1
+# supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4
+# database_module = openldap_ldapconf
+# }
+
+[dbdefaults]
+ ldap_kerberos_container_dn = cn=krbcontainer dc=mit dc=edu
+
+[dbmodules]
+# openldap_ldapconf = {
+# db_library = kldap
+# disable_last_success = true
+# ldap_kdc_dn = cn=krbadmin dc=mit,dc=edu
+# ldap_kadmind_dn = cn=krbadmin dc=mit dc=edu
+# ldap_service_password_file = /etc/kerberos/service.keyfile
+# ldap_servers = ldaps://kerberos.mit.edu
+# ldap_conns_per_server = 5
+# }
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
new file mode 100644
index 0000000..c98c00d
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.SocketChannel;
+
+public class KdcTest {
+
+ private String serverHost = "localhost";
+ private short serverPort = 8089;
+
+ private SimpleKdcServer kdcServer;
+
+ @Before
+ public void setUp() throws Exception {
+ kdcServer = new SimpleKdcServer();
+ kdcServer.setKdcHost(serverHost);
+ kdcServer.setKdcTcpPort(serverPort);
+ kdcServer.init();
+ kdcServer.start();
+ }
+
+ @Test
+ public void testKdc() throws IOException, InterruptedException {
+ Thread.sleep(15);
+
+ SocketChannel socketChannel = SocketChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.connect(sa);
+
+ String BAD_KRB_MESSAGE = "Hello World!";
+ ByteBuffer writeBuffer = ByteBuffer.allocate(4 + BAD_KRB_MESSAGE.getBytes().length);
+ writeBuffer.putInt(BAD_KRB_MESSAGE.getBytes().length);
+ writeBuffer.put(BAD_KRB_MESSAGE.getBytes());
+ writeBuffer.flip();
+
+ socketChannel.write(writeBuffer);
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ kdcServer.stop();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
new file mode 100644
index 0000000..548574f
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.config.Conf;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.URL;
+
+public class TestKdcConfigLoad {
+
+ @Test
+ public void test() throws URISyntaxException, IOException {
+ URL confFileUrl = TestKdcConfigLoad.class.getResource("/kdc.conf");
+ File confFile = new File(confFileUrl.toURI());
+
+ KdcConfig krbConfig = new KdcConfig();
+ Conf conf = krbConfig.getConf();
+ conf.addIniConfig(confFile);
+
+ Assert.assertEquals(krbConfig.getDefaultLoggingLocation(), "FILE:/var/log/krb5libs.log");
+ Assert.assertEquals(krbConfig.getKdcLoggingLocation(), "FILE:/var/log/krb5kdc.log");
+ Assert.assertEquals(krbConfig.getAdminLoggingLocation(), "FILE:/var/log/kadmind.log");
+
+ Assert.assertEquals(krbConfig.getKdcUdpPort(), 88);
+ Assert.assertEquals(krbConfig.getKdcTcpPort(), 8014);
+ Assert.assertTrue(krbConfig.isRestrictAnonymousToTgt());
+ Assert.assertEquals(krbConfig.getKdcMaxDgramReplySize(), 4096);
+
+ String[] ldapContainerDn = krbConfig.getLdapKerberosContainerDn();
+ Assert.assertEquals(ldapContainerDn.length, 3);
+ Assert.assertEquals(ldapContainerDn[0], "cn=krbcontainer");
+ Assert.assertEquals(ldapContainerDn[1], "dc=mit");
+ Assert.assertEquals(ldapContainerDn[2], "dc=edu");
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/pom.xml b/kerby-kerb/kerb-util/pom.xml
new file mode 100644
index 0000000..e50f748
--- /dev/null
+++ b/kerby-kerb/kerb-util/pom.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-util</artifactId>
+
+ <name>Kerby-kerb Util</name>
+ <description>Kerby-kerb Utilities</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-crypto</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbInputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbInputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbInputStream.java
new file mode 100644
index 0000000..224cec3
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbInputStream.java
@@ -0,0 +1,74 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+public abstract class KrbInputStream extends DataInputStream
+{
+ public KrbInputStream(InputStream in) {
+ super(in);
+ }
+
+ public KerberosTime readTime() throws IOException {
+ long value = readInt();
+ KerberosTime time = new KerberosTime(value * 1000);
+ return time;
+ }
+
+ public abstract PrincipalName readPrincipal(int version) throws IOException;
+
+ public EncryptionKey readKey(int version) throws IOException {
+ int eType = readShort();
+ EncryptionType encryptionType = EncryptionType.fromValue(eType);
+
+ byte[] keyData = readCountedOctets();
+ EncryptionKey key = new EncryptionKey(encryptionType, keyData);
+
+ return key;
+ }
+
+ public String readCountedString() throws IOException {
+ byte[] countedOctets = readCountedOctets();
+ // ASCII
+ return new String(countedOctets);
+ }
+
+ public byte[] readCountedOctets() throws IOException {
+ int len = readOctetsCount();
+ if (len == 0) {
+ return null;
+ }
+
+ byte[] data = new byte[len];
+ read(data);
+
+ return data;
+ }
+
+ public abstract int readOctetsCount() throws IOException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbOutputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbOutputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbOutputStream.java
new file mode 100644
index 0000000..7be0bdf
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/KrbOutputStream.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+public abstract class KrbOutputStream extends DataOutputStream
+{
+ public KrbOutputStream(OutputStream out) {
+ super(out);
+ }
+
+ public abstract void writePrincipal(PrincipalName principal, int version) throws IOException;
+
+ public void writeRealm(String realm) throws IOException {
+ writeCountedString(realm);
+ }
+
+ public abstract void writeKey(EncryptionKey key, int version) throws IOException;
+
+ public void writeTime(KerberosTime ktime) throws IOException {
+ int time = 0;
+ if (ktime != null) {
+ time = (int) (ktime.getValue().getTime() / 1000);
+ }
+ writeInt(time);
+ }
+
+ public void writeCountedString(String string) throws IOException {
+ byte[] data = string != null ? string.getBytes() : null; // ASCII
+
+ writeCountedOctets(data);
+ }
+
+ public void writeCountedOctets(byte[] data) throws IOException {
+ if (data != null) {
+ writeInt(data.length);
+ write(data);
+ } else {
+ writeInt(0);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheInputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheInputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheInputStream.java
new file mode 100644
index 0000000..c97deac
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheInputStream.java
@@ -0,0 +1,167 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+import org.apache.kerby.kerberos.kerb.KrbInputStream;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+public class CredCacheInputStream extends KrbInputStream
+{
+ public CredCacheInputStream(InputStream in) {
+ super(in);
+ }
+
+ @Override
+ public PrincipalName readPrincipal(int version) throws IOException {
+ NameType nameType = NameType.NT_UNKNOWN;
+ if (version != CredentialCache.FCC_FVNO_1) {
+ int typeValue = readInt();
+ nameType = NameType.fromValue(typeValue);
+ }
+
+ int numComponents = readInt();
+ if (version == CredentialCache.FCC_FVNO_1) {
+ numComponents -= 1;
+ }
+
+ String realm = readCountedString();
+
+ List<String> nameStrings = new ArrayList<String>();
+ String component;
+ for (int i = 0; i < numComponents; i++) { // sub 1 if version 0x501
+ component = readCountedString();
+ nameStrings.add(component);
+ }
+
+ PrincipalName principal = new PrincipalName(nameStrings, nameType);
+ principal.setRealm(realm);
+
+ return principal;
+ }
+
+ public EncryptionKey readKey(int version) throws IOException {
+ if (version == CredentialCache.FCC_FVNO_3) {
+ readShort(); // ignore keytype
+ }
+
+ return super.readKey(version);
+ }
+
+ public KerberosTime[] readTimes() throws IOException {
+ KerberosTime[] times = new KerberosTime[4];
+
+ for (int i = 0; i < times.length; ++i) {
+ times[i] = readTime();
+ }
+
+ return times;
+ }
+
+ public boolean readIsSkey() throws IOException {
+ int value = readByte();
+ return value == 1 ? true : false;
+ }
+
+ public HostAddresses readAddr() throws IOException {
+ int numAddresses = readInt();
+ if (numAddresses <= 0) {
+ return null;
+ }
+
+ HostAddress[] addresses = new HostAddress[numAddresses];
+ for (int i = 0; i < numAddresses; i++) {
+ addresses[i] = readAddress();
+ }
+
+ HostAddresses result = new HostAddresses();
+ result.addElements(addresses);
+ return result;
+ }
+
+ public HostAddress readAddress() throws IOException {
+ int typeValue = readShort();
+ HostAddrType addrType = HostAddrType.fromValue(typeValue);
+ byte[] addrData = readCountedOctets();
+
+ HostAddress addr = new HostAddress();
+ addr.setAddrType(addrType);
+ addr.setAddress(addrData);
+
+ return addr;
+ }
+
+ public AuthorizationData readAuthzData() throws IOException {
+ int numEntries = readInt();
+ if (numEntries <= 0) {
+ return null;
+ }
+
+ AuthorizationDataEntry[] authzData = new AuthorizationDataEntry[numEntries];
+ for (int i = 0; i < numEntries; i++) {
+ authzData[i] = readAuthzDataEntry();
+ }
+
+ AuthorizationData result = new AuthorizationData();
+ result.addElements(authzData);
+ return result;
+ }
+
+ public AuthorizationDataEntry readAuthzDataEntry() throws IOException {
+ int typeValue = readShort();
+ AuthorizationType authzType = AuthorizationType.fromValue(typeValue);
+ byte[] authzData = readCountedOctets();
+
+ AuthorizationDataEntry authzEntry = new AuthorizationDataEntry();
+ authzEntry.setAuthzType(authzType);
+ authzEntry.setAuthzData(authzData);
+
+ return authzEntry;
+ }
+
+ @Override
+ public int readOctetsCount() throws IOException {
+ return readInt();
+ }
+
+ public TicketFlags readTicketFlags() throws IOException {
+ int flags = readInt();
+ TicketFlags tktFlags = new TicketFlags(flags);
+ return tktFlags;
+ }
+
+ public Ticket readTicket() throws IOException {
+ byte[] ticketData = readCountedOctets();
+ if (ticketData == null) {
+ return null;
+ }
+
+ Ticket ticket = new Ticket();
+ ticket.decode(ticketData);
+ return ticket;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheOutputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheOutputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheOutputStream.java
new file mode 100644
index 0000000..30fcd82
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredCacheOutputStream.java
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+import org.apache.kerby.kerberos.kerb.KrbOutputStream;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+public class CredCacheOutputStream extends KrbOutputStream
+{
+ public CredCacheOutputStream(OutputStream out) {
+ super(out);
+ }
+
+ @Override
+ public void writePrincipal(PrincipalName principal, int version) throws IOException {
+ List<String> nameComponents = principal.getNameStrings();
+
+ if (version != CredentialCache.FCC_FVNO_1) {
+ writeInt(principal.getNameType().getValue());
+ }
+
+ int numComponents = nameComponents.size();
+ if (version == CredentialCache.FCC_FVNO_1) {
+ numComponents ++;
+ }
+ writeInt(numComponents);
+
+ writeRealm(principal.getRealm());
+
+ for (String nameCom : nameComponents) {
+ writeCountedString(nameCom);
+ }
+ }
+
+ @Override
+ public void writeKey(EncryptionKey key, int version) throws IOException {
+ writeShort(key.getKeyType().getValue());
+ if (version == CredentialCache.FCC_FVNO_3) {
+ writeShort(key.getKeyType().getValue());
+ }
+
+ writeCountedOctets(key.getKeyData());
+ }
+
+ public void writeTimes(KerberosTime[] times) throws IOException {
+ for (int i = 0; i < times.length; ++i) {
+ writeTime(times[i]);
+ }
+ }
+
+ public void writeAddresses(HostAddresses addrs) throws IOException {
+ if (addrs == null) {
+ writeInt(0);
+ } else {
+ List<HostAddress> addresses = addrs.getElements();
+ write(addresses.size());
+ for (HostAddress addr : addresses) {
+ writeAddress(addr);
+ }
+ }
+ }
+
+ public void writeAddress(HostAddress address) throws IOException {
+ write(address.getAddrType().getValue());
+ write(address.getAddress().length);
+ write(address.getAddress(), 0,
+ address.getAddress().length);
+ }
+
+ public void writeAuthzData(AuthorizationData authData) throws IOException {
+ if (authData == null) {
+ writeInt(0);
+ } else {
+ for (AuthorizationDataEntry entry : authData.getElements()) {
+ write(entry.getAuthzType().getValue());
+ write(entry.getAuthzData().length);
+ write(entry.getAuthzData());
+ }
+ }
+ }
+
+ public void writeTicket(Ticket t) throws IOException {
+ if (t == null) {
+ writeInt(0);
+ } else {
+ byte[] bytes = t.encode();
+ writeInt(bytes.length);
+ write(bytes);
+ }
+ }
+
+ public void writeIsSkey(boolean isEncInSKey) throws IOException {
+ writeByte(isEncInSKey ? 1 : 0);
+ }
+
+ public void writeTicketFlags(TicketFlags ticketFlags) throws IOException {
+ writeInt(ticketFlags.getFlags());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Credential.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Credential.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Credential.java
new file mode 100644
index 0000000..d0e74f4
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Credential.java
@@ -0,0 +1,225 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.HostAddresses;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.EncKdcRepPart;
+import org.apache.kerby.kerberos.kerb.spec.ticket.AbstractServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+
+import java.io.IOException;
+
+public class Credential
+{
+ private static String CONF_REALM = "X-CACHECONF:";
+
+ private PrincipalName clientName;
+ private String clientRealm;
+ private PrincipalName serverName;
+ private String serverRealm;
+ private EncryptionKey key;
+ private KerberosTime authTime;
+ private KerberosTime startTime;
+ private KerberosTime endTime;
+ private KerberosTime renewTill;
+ private HostAddresses clientAddresses;
+ private AuthorizationData authzData;
+ private boolean isEncInSKey;
+ private TicketFlags ticketFlags;
+ private Ticket ticket;
+ private Ticket secondTicket;
+
+ public Credential() {
+
+ }
+
+ public Credential(TgtTicket tgt) {
+ PrincipalName clientPrincipal = tgt.getClientPrincipal();
+
+ clientPrincipal.setRealm(tgt.getRealm());
+
+ init(tgt, clientPrincipal);
+ }
+
+ public Credential(AbstractServiceTicket tkt, PrincipalName clientPrincipal) {
+ init(tkt, clientPrincipal);
+ }
+
+ private void init(AbstractServiceTicket tkt, PrincipalName clientPrincipal) {
+ EncKdcRepPart kdcRepPart = tkt.getEncKdcRepPart();
+
+ this.serverName = kdcRepPart.getSname();
+ this.serverRealm = kdcRepPart.getSrealm();
+ this.serverName.setRealm(serverRealm);
+
+ this.clientName = clientPrincipal;
+
+ this.key = kdcRepPart.getKey();
+ this.authTime = kdcRepPart.getAuthTime();
+ this.startTime = kdcRepPart.getStartTime();
+ this.endTime = kdcRepPart.getEndTime();
+
+ this.renewTill = kdcRepPart.getRenewTill();
+
+ this.ticketFlags = kdcRepPart.getFlags();
+ this.clientAddresses = kdcRepPart.getCaddr();
+
+ this.ticket = tkt.getTicket();
+
+ this.isEncInSKey = false;
+
+ this.secondTicket = null;
+ }
+
+ public PrincipalName getServicePrincipal() {
+ return serverName;
+ }
+
+ public KerberosTime getAuthTime() {
+ return authTime;
+ }
+
+ public KerberosTime getEndTime() {
+ return endTime;
+ }
+
+ public int getEType() {
+ return key.getKeyType().getValue();
+ }
+
+ public PrincipalName getClientName() {
+ return clientName;
+ }
+
+ public PrincipalName getServerName() {
+ return serverName;
+ }
+
+ public String getClientRealm() {
+ return clientRealm;
+ }
+
+ public EncryptionKey getKey() {
+ return key;
+ }
+
+ public KerberosTime getStartTime() {
+ return startTime;
+ }
+
+ public KerberosTime getRenewTill() {
+ return renewTill;
+ }
+
+ public HostAddresses getClientAddresses() {
+ return clientAddresses;
+ }
+
+ public AuthorizationData getAuthzData() {
+ return authzData;
+ }
+
+ public boolean isEncInSKey() {
+ return isEncInSKey;
+ }
+
+ public TicketFlags getTicketFlags() {
+ return ticketFlags;
+ }
+
+ public Ticket getTicket() {
+ return ticket;
+ }
+
+ public Ticket getSecondTicket() {
+ return secondTicket;
+ }
+
+ public void load(CredCacheInputStream ccis, int version) throws IOException {
+ this.clientName = ccis.readPrincipal(version);
+ if (clientName == null) {
+ throw new IOException("Invalid client principal name");
+ }
+
+ this.serverName = ccis.readPrincipal(version);
+ if (serverName == null) {
+ throw new IOException("Invalid server principal name");
+ }
+
+ boolean isConfEntry = false;
+
+ if (serverName.getRealm().equals(CONF_REALM)) {
+ isConfEntry = true;
+ }
+
+ this.key = ccis.readKey(version);
+
+ KerberosTime[] times = ccis.readTimes();
+ this.authTime = times[0];
+ this.startTime = times[1];
+ this.endTime = times[2];
+ this.renewTill = times[3];
+
+ this.isEncInSKey = ccis.readIsSkey();
+
+ this.ticketFlags = ccis.readTicketFlags();
+
+ this.clientAddresses = ccis.readAddr();
+
+ this.authzData = ccis.readAuthzData();
+
+ if (isConfEntry) {
+ byte[] confData = ccis.readCountedOctets();
+ // ignoring confData for now
+ } else {
+ this.ticket = ccis.readTicket();
+ }
+
+ this.secondTicket = ccis.readTicket();
+
+ // might skip krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM in MIT KRB5
+ }
+
+ public void store(CredCacheOutputStream ccos, int version) throws IOException {
+ ccos.writePrincipal(clientName, version);
+ ccos.writePrincipal(serverName, version);
+ ccos.writeKey(key, version);
+
+ ccos.writeTimes(new KerberosTime[]{authTime, startTime, endTime, renewTill});
+
+ ccos.writeIsSkey(isEncInSKey);
+
+ ccos.writeTicketFlags(ticketFlags);
+
+ ccos.writeAddresses(clientAddresses);
+
+ ccos.writeAuthzData(authzData);
+
+ ccos.writeTicket(ticket);
+
+ ccos.writeTicket(secondTicket);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredentialCache.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredentialCache.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredentialCache.java
new file mode 100644
index 0000000..3598e90
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/CredentialCache.java
@@ -0,0 +1,278 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+
+import java.io.*;
+import java.util.ArrayList;
+import java.util.List;
+
+public class CredentialCache implements KrbCredentialCache
+{
+ public static final int FCC_FVNO_1 = 0x501;
+ public static final int FCC_FVNO_2 = 0x502;
+ public static final int FCC_FVNO_3 = 0x503;
+ public static final int FCC_FVNO_4 = 0x504;
+
+ public static final int FCC_TAG_DELTATIME = 1;
+ public static final int NT_UNKNOWN = 0;
+ public static final int MAXNAMELENGTH = 1024;
+
+ private int version = FCC_FVNO_4;
+ private List<Tag> tags;
+ private PrincipalName primaryPrincipal;
+ private List<Credential> credentials = new ArrayList<Credential> ();
+
+ @Override
+ public void store(File ccacheFile) throws IOException {
+ OutputStream outputStream = new FileOutputStream(ccacheFile);
+
+ store(outputStream);
+ }
+
+ @Override
+ public void store(OutputStream outputStream) throws IOException {
+ if (outputStream == null) {
+ throw new IllegalArgumentException("Invalid and null output stream");
+ }
+
+ CredCacheOutputStream ccos = new CredCacheOutputStream(outputStream);
+
+ doStore(ccos);
+
+ ccos.close();
+ }
+
+ private void doStore(CredCacheOutputStream ccos) throws IOException {
+ this.version = FCC_FVNO_3;
+
+ writeVersion(ccos);
+
+ if (version == FCC_FVNO_4) {
+ writeTags(ccos);
+ }
+
+ ccos.writePrincipal(primaryPrincipal, version);
+
+ for (Credential cred : credentials) {
+ cred.store(ccos, version);
+ }
+ }
+
+ @Override
+ public void setVersion(int version) {
+ this.version = version;
+ }
+
+ @Override
+ public PrincipalName getPrimaryPrincipal() {
+ return primaryPrincipal;
+ }
+
+ @Override
+ public void setPrimaryPrincipal(PrincipalName principal) {
+ primaryPrincipal = principal;
+ }
+
+ @Override
+ public int getVersion() {
+ return version;
+ }
+
+ public void setTags(List<Tag> tags) {
+ this.tags = tags;
+ }
+
+ public List<Tag> getTags() {
+ return this.tags;
+ }
+
+ @Override
+ public List<Credential> getCredentials() {
+ return credentials;
+ }
+
+ @Override
+ public void addCredential(Credential credential) {
+ if (credential != null) {
+ this.credentials.add(credential);
+ }
+ }
+
+ @Override
+ public void addCredentials(List<Credential> credentials) {
+ if (credentials != null) {
+ this.credentials.addAll(credentials);
+ }
+ }
+
+ @Override
+ public void removeCredentials(List<Credential> credentials) {
+ if (credentials != null) {
+ for (Credential cred : credentials) {
+ removeCredential(cred);
+ }
+ }
+ }
+
+ @Override
+ public void removeCredential(Credential credential) {
+ if (credential != null) {
+ for (Credential cred : credentials) {
+ if (cred.equals(credential)) {
+ credentials.remove(cred);
+ break;
+ }
+ }
+ }
+ }
+
+ @Override
+ public void load(File ccacheFile) throws IOException {
+ if (! ccacheFile.exists() || ! ccacheFile.canRead()) {
+ throw new IllegalArgumentException("Invalid ccache file: " + ccacheFile.getAbsolutePath());
+ }
+
+ InputStream inputStream = new FileInputStream(ccacheFile);
+
+ load(inputStream);
+ }
+
+ @Override
+ public void load(InputStream inputStream) throws IOException {
+ if (inputStream == null) {
+ throw new IllegalArgumentException("Invalid and null input stream");
+ }
+
+ CredCacheInputStream ccis = new CredCacheInputStream(inputStream);
+
+ doLoad(ccis);
+
+ ccis.close();
+ }
+
+ private void doLoad(CredCacheInputStream ccis) throws IOException {
+ this.version = readVersion(ccis);
+
+ this.tags = readTags(ccis);
+
+ this.primaryPrincipal = ccis.readPrincipal(version);
+
+ this.credentials = readCredentials(ccis);
+ }
+
+ private List<Credential> readCredentials(CredCacheInputStream ccis) throws IOException {
+ List<Credential> results = new ArrayList<Credential>(2);
+
+ Credential cred;
+ while (ccis.available() > 0) {
+ cred = new Credential();
+ cred.load(ccis, version);
+
+ results.add(cred);
+ }
+
+ return results;
+ }
+
+ private int readVersion(CredCacheInputStream ccis) throws IOException {
+ int result = ccis.readShort();
+ return result;
+ }
+
+ private List<Tag> readTags(CredCacheInputStream ccis) throws IOException {
+ int len = ccis.readShort();
+ List<Tag> tags = new ArrayList<Tag>();
+
+ int tag, tagLen, time, usec;
+ while (len > 0) {
+ tag = ccis.readShort();
+ tagLen = ccis.readShort();
+ switch (tag) {
+ case FCC_TAG_DELTATIME:
+ time = ccis.readInt();
+ usec = ccis.readInt();
+ tags.add(new Tag(tag, time, usec));
+ break;
+ default:
+ ccis.read(new byte[tagLen], 0, tagLen); // ignore unknown tag
+ }
+ len = len - (4 + tagLen);
+ }
+
+ return tags;
+ }
+
+ private void writeVersion(CredCacheOutputStream ccos) throws IOException {
+ ccos.writeShort(version);
+ }
+
+ private void writeTags(CredCacheOutputStream ccos) throws IOException {
+ if (tags == null) {
+ ccos.writeShort(0);
+ return;
+ }
+
+ int length = 0;
+ for (Tag tag : tags) {
+ if (tag.tag != FCC_TAG_DELTATIME) {
+ continue;
+ }
+ length += tag.length;
+ }
+ ccos.writeShort(length);
+
+ for (Tag tag : tags) {
+ if (tag.tag != CredentialCache.FCC_TAG_DELTATIME) {
+ continue;
+ }
+ writeTag(ccos, tag);
+ }
+ }
+
+ private void writeTag(CredCacheOutputStream ccos, Tag tag) throws IOException {
+ ccos.writeShort(tag.tag);
+ ccos.writeShort(tag.length);
+ ccos.writeInt(tag.time);
+ ccos.writeInt(tag.usec);
+ }
+
+ public static void main(String[] args) throws IOException {
+ if (args.length != 2) {
+ System.err.println("Dump credential cache file");
+ System.err.println("Usage: CredentialCache <ccache-file>");
+ System.exit(1);
+ }
+
+ String cacheFile = args[1];
+ CredentialCache cc = new CredentialCache();
+ cc.load(new File(cacheFile));
+
+ Ticket tkt;
+ for (Credential cred : cc.getCredentials()) {
+ tkt = cred.getTicket();
+ System.out.println("Tkt server name: " + tkt.getSname().getName());
+ System.out.println("Tkt client name: " + cred.getClientName().getName());
+ System.out.println("Tkt encrypt type: " + tkt.getEncryptedEncPart().getEType().getName());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/KrbCredentialCache.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/KrbCredentialCache.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/KrbCredentialCache.java
new file mode 100644
index 0000000..df70a80
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/KrbCredentialCache.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.List;
+
+public interface KrbCredentialCache {
+
+ public PrincipalName getPrimaryPrincipal();
+
+ public void setPrimaryPrincipal(PrincipalName principal);
+
+ public int getVersion();
+
+ public void setVersion(int version);
+
+ public List<Credential> getCredentials();
+
+ public void addCredential(Credential credential);
+
+ public void addCredentials(List<Credential> credentials);
+
+ public void removeCredentials(List<Credential> credentials);
+
+ public void removeCredential(Credential credential);
+
+ public void load(File ccacheFile) throws IOException;
+
+ public void load(InputStream inputStream) throws IOException;
+
+ public void store(File ccacheFile) throws IOException;
+
+ public void store(OutputStream outputStream) throws IOException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Tag.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Tag.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Tag.java
new file mode 100644
index 0000000..21b8dd7
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/Tag.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.ccache;
+
+public class Tag {
+ int tag = 0;
+ int tagLen = 8;
+ int time = 0;
+ int usec = 0;
+ int length = 2 + 2 + 8; // len(tag) + len(tagLen) + len(tagData);
+
+ public Tag(int tag, int time, int usec) {
+ this.tag = tag;
+ this.time = time;
+ this.usec = usec;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/ccache.txt
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/ccache.txt b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/ccache.txt
new file mode 100644
index 0000000..91453ea
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/ccache/ccache.txt
@@ -0,0 +1,98 @@
+The Kerberos Credential Cache Binary File Format
+Copyright (C) 2006-2013 Simon Josefsson <simon josefsson.org>
+http://josefsson.org/shishi/ccache.txt
+Last updated: Sat Sep 23 12:04:11 CEST 2006
+
+Like the MIT keytab binary format (see Michael B Allen's reverse
+engineered description in keytab.txt), the credential cache format is
+not standard nor documented anywhere.
+
+In C style notation, the MIT credential cache file format is as
+follows. All values are in network byte order. All text is ASCII.
+
+ccache {
+ uint16_t file_format_version; /* 0x0504 */
+ uint16_t headerlen; /* only if version is 0x0504 */
+ header headers[]; /* only if version is 0x0504 */
+ principal primary_principal;
+ credential credentials[*];
+};
+
+header {
+ uint16_t tag; /* 1 = DeltaTime */
+ uint16_t taglen;
+ uint8_t tagdata[taglen]
+};
+
+The ccache.taglen and ccache.tags fields are only present in 0x0504
+versions, not in earlier. Both MIT and Heimdal appear to correctly
+ignore unknown tags, so it appears safe to add them (although there is
+no central place to "register" tags).
+
+Currently only one tag is widely implemented, DeltaTime (0x0001). Its
+taglen is always 8, and tagdata will contain:
+
+DeltaTime {
+ uint32_t time_offset;
+ uint32_t usec_offset;
+};
+
+After reading the file_format_version, header tags, and default
+principal, a list of credentials follow. You deduce from the file
+length when there are no more credentials.
+
+credential {
+ principal client;
+ principal server;
+ keyblock key;
+ times time;
+ uint8_t is_skey; /* 1 if skey, 0 otherwise */
+ uint32_t tktflags; /* stored in reversed byte order */
+ uint32_t num_address;
+ address addrs[num_address];
+ uint32_t num_authdata;
+ authdata authdata[num_authdata];
+ counted_octet_string ticket;
+ counted_octet_string second_ticket;
+};
+
+keyblock {
+ uint16_t keytype;
+ uint16_t etype; /* only present if version 0x0503 */
+ uint32_t keylen; /* [drankye]: corrected, before it was uint16_t */
+ uint8_t keyvalue[keylen];
+};
+
+times {
+ uint32_t authtime;
+ uint32_t starttime;
+ uint32_t endtime;
+ uint32_t renew_till;
+};
+
+address {
+ uint16_t addrtype;
+ counted_octet_string addrdata;
+};
+
+authdata {
+ uint16_t authtype;
+ counted_octet_string authdata;
+};
+
+principal {
+ uint32_t name_type; /* not present if version 0x0501 */
+ uint32_t num_components; /* sub 1 if version 0x501 */
+ counted_octet_string realm;
+ counted_octet_string components[num_components];
+};
+
+counted_octet_string {
+ uint32_t length;
+ uint8_t data[length];
+};
+
+Permission to copy, modify, and distribute this document, with or
+without modification, for any purpose and without fee or royalty is
+hereby granted, provided that you include this copyright notice in ALL
+copies of the document or portions thereof, including modifications.
\ No newline at end of file
[14/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastReq.java
new file mode 100644
index 0000000..f4d6b3b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastReq.java
@@ -0,0 +1,78 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastReq ::= SEQUENCE {
+ fast-options [0] FastOptions,
+ -- Additional options.
+ padata [1] SEQUENCE OF PA-DATA,
+ -- padata typed holes.
+ req-body [2] KDC-REQ-BODY,
+ -- Contains the KDC request body as defined in Section
+ -- 5.4.1 of [RFC4120].
+ -- This req-body field is preferred over the outer field
+ -- in the KDC request.
+ }
+ */
+public class KrbFastReq extends KrbSequenceType {
+ private static int FAST_OPTIONS = 0;
+ private static int PADATA = 1;
+ private static int REQ_BODY = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
+ };
+
+ public KrbFastReq() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(FAST_OPTIONS, armor);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public EncryptedData getEncFastReq() {
+ return getFieldAs(REQ_BODY, EncryptedData.class);
+ }
+
+ public void setEncFastReq(EncryptedData encFastReq) {
+ setFieldAs(REQ_BODY, encFastReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastResponse.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastResponse.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastResponse.java
new file mode 100644
index 0000000..4ce3150
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastResponse.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastResponse ::= SEQUENCE {
+ padata [0] SEQUENCE OF PA-DATA,
+ -- padata typed holes.
+ strengthen-key [1] EncryptionKey OPTIONAL,
+ -- This, if present, strengthens the reply key for AS and
+ -- TGS. MUST be present for TGS.
+ -- MUST be absent in KRB-ERROR.
+ finished [2] KrbFastFinished OPTIONAL,
+ -- Present in AS or TGS reply; absent otherwise.
+ nonce [3] UInt32,
+ -- Nonce from the client request.
+ }
+ */
+public class KrbFastResponse extends KrbSequenceType {
+ private static int PADATA = 0;
+ private static int STRENGTHEN_KEY = 1;
+ private static int FINISHED = 2;
+ private static int NONCE = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(STRENGTHEN_KEY, EncryptionKey.class),
+ new Asn1FieldInfo(FINISHED, KrbFastFinished.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class)
+ };
+
+ public KrbFastResponse() {
+ super(fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public EncryptionKey getStrengthenKey() {
+ return getFieldAs(STRENGTHEN_KEY, EncryptionKey.class);
+ }
+
+ public void setStrengthenKey(EncryptionKey strengthenKey) {
+ setFieldAs(STRENGTHEN_KEY, strengthenKey);
+ }
+
+ public KrbFastFinished getFastFinished() {
+ return getFieldAs(FINISHED, KrbFastFinished.class);
+ }
+
+ public void setFastFinished(KrbFastFinished fastFinished) {
+ setFieldAs(FINISHED, fastFinished);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnEntry.java
new file mode 100644
index 0000000..b327402
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnEntry.java
@@ -0,0 +1,80 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+/**
+ PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
+ pa-type [0] Int32,
+ pa-hint [1] OCTET STRING OPTIONAL,
+ pa-value [2] OCTET STRING OPTIONAL,
+ }
+ */
+public class PaAuthnEntry extends KrbSequenceType {
+ private static int PA_TYPE = 0;
+ private static int PA_HINT = 1;
+ private static int PA_VALUE = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
+ new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
+ };
+
+ public PaAuthnEntry() {
+ super(fieldInfos);
+ }
+
+ public PaAuthnEntry(PaDataType type, byte[] paData) {
+ this();
+ setPaType(type);
+ setPaValue(paData);
+ }
+
+ public PaDataType getPaType() {
+ Integer value = getFieldAsInteger(PA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaType(PaDataType paDataType) {
+ setFieldAsInt(PA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaHint() {
+ return getFieldAsOctets(PA_HINT);
+ }
+
+ public void setPaHint(byte[] paHint) {
+ setFieldAsOctets(PA_HINT, paHint);
+ }
+
+ public byte[] getPaValue() {
+ return getFieldAsOctets(PA_VALUE);
+ }
+
+ public void setPaValue(byte[] paValue) {
+ setFieldAsOctets(PA_VALUE, paValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnSet.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnSet.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnSet.java
new file mode 100644
index 0000000..ad3330d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaAuthnSet.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
+ */
+public class PaAuthnSet extends KrbSequenceOfType<PaAuthnEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastReply.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastReply.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastReply.java
new file mode 100644
index 0000000..6023886
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastReply.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1Choice;
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+
+/**
+ PA-FX-FAST-REPLY ::= CHOICE {
+ armored-data [0] KrbFastArmoredRep,
+ }
+ */
+public class PaFxFastReply extends Asn1Choice {
+ private static int ARMORED_DATA = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredRep.class)
+ };
+
+ public PaFxFastReply() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmoredRep getFastArmoredRep() {
+ return getFieldAs(ARMORED_DATA, KrbFastArmoredRep.class);
+ }
+
+ public void setFastArmoredRep(KrbFastArmoredRep fastArmoredRep) {
+ setFieldAs(ARMORED_DATA, fastArmoredRep);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastRequest.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastRequest.java
new file mode 100644
index 0000000..148d222
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/PaFxFastRequest.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1Choice;
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+
+/**
+ PA-FX-FAST-REQUEST ::= CHOICE {
+ armored-data [0] KrbFastArmoredReq,
+ }
+ */
+public class PaFxFastRequest extends Asn1Choice {
+ private static int ARMORED_DATA = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredReq.class)
+ };
+
+ public PaFxFastRequest() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmoredReq getFastArmoredReq() {
+ return getFieldAs(ARMORED_DATA, KrbFastArmoredReq.class);
+ }
+
+ public void setFastArmoredReq(KrbFastArmoredReq fastArmoredReq) {
+ setFieldAs(ARMORED_DATA, fastArmoredReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsRep.java
new file mode 100644
index 0000000..befe8d0
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsRep.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AS-REP ::= [APPLICATION 11] KDC-REP
+ */
+public class AsRep extends KdcRep {
+
+ public AsRep() {
+ super(KrbMessageType.AS_REP);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsReq.java
new file mode 100644
index 0000000..973076c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/AsReq.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AS-REQ ::= [APPLICATION 10] KDC-REQ
+ */
+public class AsReq extends KdcReq {
+ public AsReq() {
+ super(KrbMessageType.AS_REQ);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncAsRepPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncAsRepPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncAsRepPart.java
new file mode 100644
index 0000000..7f0a459
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncAsRepPart.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+/**
+EncASRepPart ::= [APPLICATION 25] EncKDCRepPart
+*/
+public class EncAsRepPart extends EncKdcRepPart {
+ public static final int TAG = 25;
+
+ public EncAsRepPart() {
+ super(TAG);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncKdcRepPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncKdcRepPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncKdcRepPart.java
new file mode 100644
index 0000000..21ce081
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncKdcRepPart.java
@@ -0,0 +1,177 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.HostAddresses;
+import org.apache.kerby.kerberos.kerb.spec.common.LastReq;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+
+/**
+ EncKDCRepPart ::= SEQUENCE {
+ key [0] EncryptionKey,
+ last-req [1] LastReq,
+ nonce [2] UInt32,
+ key-expiration [3] KerberosTime OPTIONAL,
+ flags [4] TicketFlags,
+ authtime [5] KerberosTime,
+ starttime [6] KerberosTime OPTIONAL,
+ endtime [7] KerberosTime,
+ renew-till [8] KerberosTime OPTIONAL,
+ srealm [9] Realm,
+ sname [10] PrincipalName,
+ caddr [11] HostAddresses OPTIONAL
+ }
+ */
+public abstract class EncKdcRepPart extends KrbAppSequenceType {
+ private static int KEY = 0;
+ private static int LAST_REQ = 1;
+ private static int NONCE = 2;
+ private static int KEY_EXPIRATION = 3;
+ private static int FLAGS = 4;
+ private static int AUTHTIME = 5;
+ private static int STARTTIME = 6;
+ private static int ENDTIME = 7;
+ private static int RENEW_TILL = 8;
+ private static int SREALM = 9;
+ private static int SNAME = 10;
+ private static int CADDR = 11;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KEY, EncryptionKey.class),
+ new Asn1FieldInfo(LAST_REQ, LastReq.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(KEY_EXPIRATION, KerberosTime.class),
+ new Asn1FieldInfo(FLAGS, TicketFlags.class),
+ new Asn1FieldInfo(AUTHTIME, KerberosTime.class),
+ new Asn1FieldInfo(STARTTIME, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, KerberosTime.class),
+ new Asn1FieldInfo(RENEW_TILL, KerberosTime.class),
+ new Asn1FieldInfo(SREALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(CADDR, HostAddresses.class)
+ };
+
+ public EncKdcRepPart(int tagNo) {
+ super(tagNo, fieldInfos);
+ }
+
+ public EncryptionKey getKey() {
+ return getFieldAs(KEY, EncryptionKey.class);
+ }
+
+ public void setKey(EncryptionKey key) {
+ setFieldAs(KEY, key);
+ }
+
+ public LastReq getLastReq() {
+ return getFieldAs(LAST_REQ, LastReq.class);
+ }
+
+ public void setLastReq(LastReq lastReq) {
+ setFieldAs(LAST_REQ, lastReq);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public KerberosTime getKeyExpiration() {
+ return getFieldAsTime(KEY_EXPIRATION);
+ }
+
+ public void setKeyExpiration(KerberosTime keyExpiration) {
+ setFieldAs(KEY_EXPIRATION, keyExpiration);
+ }
+
+ public TicketFlags getFlags() {
+ return getFieldAs(FLAGS, TicketFlags.class);
+ }
+
+ public void setFlags(TicketFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public KerberosTime getAuthTime() {
+ return getFieldAsTime(AUTHTIME);
+ }
+
+ public void setAuthTime(KerberosTime authTime) {
+ setFieldAs(AUTHTIME, authTime);
+ }
+
+ public KerberosTime getStartTime() {
+ return getFieldAsTime(STARTTIME);
+ }
+
+ public void setStartTime(KerberosTime startTime) {
+ setFieldAs(STARTTIME, startTime);
+ }
+
+ public KerberosTime getEndTime() {
+ return getFieldAsTime(ENDTIME);
+ }
+
+ public void setEndTime(KerberosTime endTime) {
+ setFieldAs(ENDTIME, endTime);
+ }
+
+ public KerberosTime getRenewTill() {
+ return getFieldAsTime(RENEW_TILL);
+ }
+
+ public void setRenewTill(KerberosTime renewTill) {
+ setFieldAs(RENEW_TILL, renewTill);
+ }
+
+ public String getSrealm() {
+ return getFieldAsString(SREALM);
+ }
+
+ public void setSrealm(String srealm) {
+ setFieldAsString(SREALM, srealm);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public HostAddresses getCaddr() {
+ return getFieldAs(CADDR, HostAddresses.class);
+ }
+
+ public void setCaddr(HostAddresses caddr) {
+ setFieldAs(CADDR, caddr);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncTgsRepPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncTgsRepPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncTgsRepPart.java
new file mode 100644
index 0000000..4b3800b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/EncTgsRepPart.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+/**
+ EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
+ */
+public class EncTgsRepPart extends EncKdcRepPart {
+ public static final int TAG = 26;
+
+ public EncTgsRepPart() {
+ super(TAG);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOption.java
new file mode 100644
index 0000000..36e289e
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOption.java
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum KdcOption implements KrbEnum {
+ NONE(-1),
+ //RESERVED(0x80000000),
+ FORWARDABLE(0x40000000),
+ FORWARDED(0x20000000),
+ PROXIABLE(0x10000000),
+ PROXY(0x08000000),
+ ALLOW_POSTDATE(0x04000000),
+ POSTDATED(0x02000000),
+ //UNUSED(0x01000000),
+ RENEWABLE(0x00800000),
+ //UNUSED(0x00400000),
+ //RESERVED(0x00200000),
+ //RESERVED(0x00100000),
+ //RESERVED(0x00080000),
+ //RESERVED(0x00040000),
+ CNAME_IN_ADDL_TKT(0x00020000),
+ CANONICALIZE(0x00010000),
+ REQUEST_ANONYMOUS(0x00008000),
+ //RESERVED(0x00004000),
+ //RESERVED(0x00002000),
+ //RESERVED(0x00001000),
+ //RESERVED(0x00000800),
+ //RESERVED(0x00000400),
+ //RESERVED(0x00000200),
+ //RESERVED(0x00000100),
+ //RESERVED(0x00000080),
+ //RESERVED(0x00000040),
+ DISABLE_TRANSITED_CHECK(0x00000020),
+ RENEWABLE_OK(0x00000010),
+ ENC_TKT_IN_SKEY(0x00000008),
+ //UNUSED(0x00000004),
+ RENEW(0x00000002),
+ VALIDATE(0x00000001);
+
+ private final int value;
+
+ private KdcOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static KdcOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (KdcOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOptions.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOptions.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOptions.java
new file mode 100644
index 0000000..d22abf2
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcOptions.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+public class KdcOptions extends KrbFlags {
+
+ public KdcOptions() {
+ this(0);
+ }
+
+ public KdcOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcRep.java
new file mode 100644
index 0000000..175f463
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcRep.java
@@ -0,0 +1,116 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+
+/**
+ KDC-REP ::= SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (11 -- AS -- | 13 -- TGS --),
+ padata [2] SEQUENCE OF PA-DATA OPTIONAL
+ -- NOTE: not empty --,
+ crealm [3] Realm,
+ cname [4] PrincipalName,
+ ticket [5] Ticket,
+ enc-part [6] EncryptedData
+ -- EncASRepPart or EncTGSRepPart,
+ -- as appropriate
+ }
+ */
+public class KdcRep extends KrbMessage {
+ private static int PADATA = 2;
+ private static int CREALM = 3;
+ private static int CNAME = 4;
+ private static int TICKET = 5;
+ private static int ENC_PART = 6;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(CREALM, KerberosString.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(TICKET, Ticket.class),
+ new Asn1FieldInfo(ENC_PART, EncryptedData.class)
+ };
+
+ private EncKdcRepPart encPart;
+
+ public KdcRep(KrbMessageType msgType) {
+ super(msgType, fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName sname) {
+ setFieldAs(CNAME, sname);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String realm) {
+ setFieldAs(CREALM, new KerberosString(realm));
+ }
+
+ public Ticket getTicket() {
+ return getFieldAs(TICKET, Ticket.class);
+ }
+
+ public void setTicket(Ticket ticket) {
+ setFieldAs(TICKET, ticket);
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+
+ public EncKdcRepPart getEncPart() {
+ return encPart;
+ }
+
+ public void setEncPart(EncKdcRepPart encPart) {
+ this.encPart = encPart;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReq.java
new file mode 100644
index 0000000..8d3f9c9
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReq.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+
+/**
+ KDC-REQ ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ pvno [1] INTEGER (5) ,
+ msg-type [2] INTEGER (10 -- AS -- | 12 -- TGS --),
+ padata [3] SEQUENCE OF PA-DATA OPTIONAL
+ -- NOTE: not empty --,
+ req-encodeBody [4] KDC-REQ-BODY
+ }
+ */
+public class KdcReq extends KrbMessage {
+ private static int PADATA = 2;
+ private static int REQ_BODY = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, 1, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, 2, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA, 3, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, 4, KdcReqBody.class)
+ };
+
+ public KdcReq(KrbMessageType msgType) {
+ super(msgType, fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public void addPaData(PaDataEntry paDataEntry) {
+ if (getPaData() == null) {
+ setPaData(new PaData());
+ }
+ getPaData().addElement(paDataEntry);
+ }
+
+ public KdcReqBody getReqBody() {
+ return getFieldAs(REQ_BODY, KdcReqBody.class);
+ }
+
+ public void setReqBody(KdcReqBody reqBody) {
+ setFieldAs(REQ_BODY, reqBody);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReqBody.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReqBody.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReqBody.java
new file mode 100644
index 0000000..6a3506b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/KdcReqBody.java
@@ -0,0 +1,209 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbIntegers;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Tickets;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ KDC-REQ-BODY ::= SEQUENCE {
+ kdc-options [0] KDCOptions,
+ cname [1] PrincipalName OPTIONAL
+ -- Used only in AS-REQ --,
+ realm [2] Realm
+ -- Server's realm
+ -- Also client's in AS-REQ --,
+ sname [3] PrincipalName OPTIONAL,
+ from [4] KerberosTime OPTIONAL,
+ till [5] KerberosTime,
+ rtime [6] KerberosTime OPTIONAL,
+ nonce [7] UInt32,
+ etype [8] SEQUENCE OF Int32 -- EncryptionType
+ -- in preference order --,
+ addresses [9] HostAddresses OPTIONAL,
+ enc-authorization-data [10] EncryptedData OPTIONAL
+ -- AuthorizationData --,
+ additional-tickets [11] SEQUENCE OF Ticket OPTIONAL
+ -- NOTE: not empty
+ }
+ */
+public class KdcReqBody extends KrbSequenceType {
+ private static int KDC_OPTIONS = 0;
+ private static int CNAME = 1;
+ private static int REALM = 2;
+ private static int SNAME = 3;
+ private static int FROM = 4;
+ private static int TILL = 5;
+ private static int RTIME = 6;
+ private static int NONCE = 7;
+ private static int ETYPE = 8;
+ private static int ADDRESSES = 9;
+ private static int ENC_AUTHORIZATION_DATA = 10;
+ private static int ADDITIONAL_TICKETS = 11;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KDC_OPTIONS, KdcOptions.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(REALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(FROM, KerberosTime.class),
+ new Asn1FieldInfo(TILL, KerberosTime.class),
+ new Asn1FieldInfo(RTIME, KerberosTime.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(ETYPE, KrbIntegers.class),
+ new Asn1FieldInfo(ADDRESSES, HostAddresses.class),
+ new Asn1FieldInfo(ENC_AUTHORIZATION_DATA, AuthorizationData.class),
+ new Asn1FieldInfo(ADDITIONAL_TICKETS, Tickets.class)
+ };
+
+ public KdcReqBody() {
+ super(fieldInfos);
+ }
+
+ private AuthorizationData authorizationData;
+
+ public KerberosTime getFrom() {
+ return getFieldAs(FROM, KerberosTime.class);
+ }
+
+ public void setFrom(KerberosTime from) {
+ setFieldAs(FROM, from);
+ }
+
+ public KerberosTime getTill() {
+ return getFieldAs(TILL, KerberosTime.class);
+ }
+
+ public void setTill(KerberosTime till) {
+ setFieldAs(TILL, till);
+ }
+
+ public KerberosTime getRtime() {
+ return getFieldAs(RTIME, KerberosTime.class);
+ }
+
+ public void setRtime(KerberosTime rtime) {
+ setFieldAs(RTIME, rtime);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public List<EncryptionType> getEtypes() {
+ KrbIntegers values = getFieldAs(ETYPE, KrbIntegers.class);
+ if (values == null) {
+ return Collections.emptyList();
+ }
+
+ List<EncryptionType> results = new ArrayList<EncryptionType>();
+ for (Integer value : values.getValues()) {
+ results.add(EncryptionType.fromValue(value));
+ }
+ return results;
+ }
+
+ public void setEtypes(List<EncryptionType> etypes) {
+ List<Integer> values = new ArrayList<Integer>();
+ for (EncryptionType etype: etypes) {
+ values.add(etype.getValue());
+ }
+ KrbIntegers value = new KrbIntegers(values);
+ setFieldAs(ETYPE, value);
+ }
+
+ public HostAddresses getAddresses() {
+ return getFieldAs(ADDRESSES, HostAddresses.class);
+ }
+
+ public void setAddresses(HostAddresses addresses) {
+ setFieldAs(ADDRESSES, addresses);
+ }
+
+ public EncryptedData getEncryptedAuthorizationData() {
+ return getFieldAs(ENC_AUTHORIZATION_DATA, EncryptedData.class);
+ }
+
+ public void setEncryptedAuthorizationData(EncryptedData encAuthorizationData) {
+ setFieldAs(ENC_AUTHORIZATION_DATA, encAuthorizationData);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return authorizationData;
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ this.authorizationData = authorizationData;
+ }
+
+ public Tickets getAdditionalTickets() {
+ return getFieldAs(ADDITIONAL_TICKETS, Tickets.class);
+ }
+
+ public void setAdditionalTickets(Tickets additionalTickets) {
+ setFieldAs(ADDITIONAL_TICKETS, additionalTickets);
+ }
+
+ public KdcOptions getKdcOptions() {
+ return getFieldAs(KDC_OPTIONS, KdcOptions.class);
+ }
+
+ public void setKdcOptions(KdcOptions kdcOptions) {
+ setFieldAs(KDC_OPTIONS, kdcOptions);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsRep.java
new file mode 100644
index 0000000..0e56636
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsRep.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ TGS-REP ::= [APPLICATION 13] KDC-REP
+ */
+public class TgsRep extends KdcRep {
+ public TgsRep() {
+ super(KrbMessageType.TGS_REP);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsReq.java
new file mode 100644
index 0000000..4e8153c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/kdc/TgsReq.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.kdc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ TGS-REQ ::= [APPLICATION 12] KDC-REQ
+ */
+public class TgsReq extends KdcReq {
+
+ public TgsReq() {
+ super(KrbMessageType.TGS_REQ);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSet.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSet.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSet.java
new file mode 100644
index 0000000..922b3c7
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSet.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
+ */
+public class PaAuthenticationSet extends KrbSequenceOfType<PaAuthenticationSetElem> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
new file mode 100644
index 0000000..5a484cf
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
@@ -0,0 +1,74 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
+ pa-type [0] Int32,
+ -- same as padata-type.
+ pa-hint [1] OCTET STRING OPTIONAL,
+ pa-value [2] OCTET STRING OPTIONAL
+ }
+ */
+public class PaAuthenticationSetElem extends KrbSequenceType {
+ private static int PA_TYPE = 0;
+ private static int PA_HINT = 1;
+ private static int PA_VALUE = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
+ new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
+ };
+
+ public PaAuthenticationSetElem() {
+ super(fieldInfos);
+ }
+
+ public PaDataType getPaType() {
+ Integer value = getFieldAsInteger(PA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaType(PaDataType paDataType) {
+ setFieldAsInt(PA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaHint() {
+ return getFieldAsOctets(PA_HINT);
+ }
+
+ public void setPaHint(byte[] paHint) {
+ setFieldAsOctets(PA_HINT, paHint);
+ }
+
+ public byte[] getPaValue() {
+ return getFieldAsOctets(PA_VALUE);
+ }
+
+ public void setPaValue(byte[] paDataValue) {
+ setFieldAsOctets(PA_VALUE, paDataValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaData.java
new file mode 100644
index 0000000..3594a61
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaData.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-DATA ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ padata-type [1] Int32,
+ padata-value [2] OCTET STRING -- might be encoded AP-REQ
+ }
+ */
+public class PaData extends KrbSequenceOfType<PaDataEntry> {
+
+ public PaDataEntry findEntry(PaDataType paType) {
+ for (PaDataEntry pae : getElements()) {
+ if (pae.getPaDataType() == paType) {
+ return pae;
+ }
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataEntry.java
new file mode 100644
index 0000000..8f0714b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataEntry.java
@@ -0,0 +1,69 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-DATA ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ padata-type [1] Int32,
+ padata-value [2] OCTET STRING -- might be encoded AP-REQ
+ }
+ */
+public class PaDataEntry extends KrbSequenceType {
+ private static int PADATA_TYPE = 0;
+ private static int PADATA_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PADATA_TYPE, 1, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA_VALUE, 2, Asn1OctetString.class)
+ };
+
+ public PaDataEntry() {
+ super(fieldInfos);
+ }
+
+ public PaDataEntry(PaDataType type, byte[] paData) {
+ this();
+ setPaDataType(type);
+ setPaDataValue(paData);
+ }
+
+ public PaDataType getPaDataType() {
+ Integer value = getFieldAsInteger(PADATA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaDataType(PaDataType paDataType) {
+ setFieldAsInt(PADATA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaDataValue() {
+ return getFieldAsOctets(PADATA_VALUE);
+ }
+
+ public void setPaDataValue(byte[] paDataValue) {
+ setFieldAsOctets(PADATA_VALUE, paDataValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataType.java
new file mode 100644
index 0000000..7938277
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaDataType.java
@@ -0,0 +1,92 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * From krb5.h
+ */
+public enum PaDataType implements KrbEnum {
+ NONE (0),
+ TGS_REQ (1),
+ AP_REQ (1),
+ ENC_TIMESTAMP (2), // RFC 4120
+ PW_SALT (3), // RFC 4120
+ ENC_ENCKEY (4), // Key encrypted within itself
+ ENC_UNIX_TIME (5), // timestamp encrypted in key. RFC 4120
+ ENC_SANDIA_SECURID (6), // SecurId passcode. RFC 4120
+ SESAME (7), // Sesame project. RFC 4120
+ OSF_DCE (8), // OSF DCE. RFC 4120
+ CYBERSAFE_SECUREID (9), // Cybersafe. RFC 4120
+ AFS3_SALT (10), // Cygnus. RFC 4120, 3961
+ ETYPE_INFO (11), // Etype info for preauth. RFC 4120
+ SAM_CHALLENGE (12), // SAM/OTP
+ SAM_RESPONSE (13), // SAM/OTP
+ PK_AS_REQ (16), // PKINIT. RFC 4556
+ PK_AS_REP (17), // PKINIT. RFC 4556
+ ETYPE_INFO2 (19), // RFC 4120
+ USE_SPECIFIED_KVNO (20), // RFC 4120
+ SVR_REFERRAL_INFO (20), // Windows 2000 referrals. RFC 6820
+ SAM_REDIRECT (21), // SAM/OTP. RFC 4120
+ GET_FROM_TYPED_DATA (22), // Embedded in typed data. RFC 4120
+ REFERRAL (25), // draft referral system
+ SAM_CHALLENGE_2 (30), // draft challenge system, updated
+ SAM_RESPONSE_2 (31), // draft challenge system, updated
+ /* MS-KILE */
+ PAC_REQUEST (128), // include Windows PAC
+ FOR_USER (129), // username protocol transition request
+ S4U_X509_USER (130), // certificate protocol transition request
+ AS_CHECKSUM (132), // AS checksum
+ FX_COOKIE (133), // RFC 6113
+ FX_FAST (136), // RFC 6113
+ FX_ERROR (137), // RFC 6113
+ ENCRYPTED_CHALLENGE (138), // RFC 6113
+ OTP_CHALLENGE (141), // RFC 6560 section 4.1
+ OTP_REQUEST (142), // RFC 6560 section 4.2
+ OTP_PIN_CHANGE (144), // RFC 6560 section 4.3
+ PKINIT_KX (147), // RFC 6112
+ ENCPADATA_REQ_ENC_PA_REP (149), // RFC 6806
+ TOKEN_REQUEST (148), // TokenPreauth
+ TOKEN_CHALLENGE (149);
+
+ private final int value;
+
+ private PaDataType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static PaDataType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (PaDataType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaEncTsEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaEncTsEnc.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaEncTsEnc.java
new file mode 100644
index 0000000..b6407a8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/PaEncTsEnc.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-ENC-TS-ENC ::= SEQUENCE {
+ patimestamp [0] KerberosTime -- client's time --,
+ pausec [1] Microseconds OPTIONAL
+ }
+ */
+public class PaEncTsEnc extends KrbSequenceType {
+ private static int PATIMESTAMP = 0;
+ private static int PAUSEC = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PATIMESTAMP, 1, KerberosTime.class),
+ new Asn1FieldInfo(PAUSEC, 2, Asn1Integer.class)
+ };
+
+ public PaEncTsEnc() {
+ super(fieldInfos);
+ }
+
+ public KerberosTime getPaTimestamp() {
+ return getFieldAsTime(PATIMESTAMP);
+ }
+
+ public void setPaTimestamp(KerberosTime paTimestamp) {
+ setFieldAs(PATIMESTAMP, paTimestamp);
+ }
+
+ public int getPaUsec() {
+ return getFieldAsInt(PAUSEC);
+ }
+
+ public void setPaUsec(int paUsec) {
+ setFieldAsInt(PAUSEC, paUsec);
+ }
+
+ public KerberosTime getAllTime() {
+ KerberosTime paTimestamp = getPaTimestamp();
+ return paTimestamp.extend(getPaUsec() / 1000);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
new file mode 100644
index 0000000..b2f3340
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
@@ -0,0 +1,69 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.otp;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.type.Asn1Utf8String;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
+
+/**
+ OTP-TOKENINFO ::= SEQUENCE {
+ flags [0] OTPFlags,
+ otp-vendor [1] UTF8String OPTIONAL,
+ otp-challenge [2] OCTET STRING (SIZE(1..MAX)) OPTIONAL,
+ otp-length [3] Int32 OPTIONAL,
+ otp-format [4] OTPFormat OPTIONAL,
+ otp-tokenID [5] OCTET STRING OPTIONAL,
+ otp-algID [6] AnyURI OPTIONAL,
+ supportedHashAlg [7] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ iterationCount [8] Int32 OPTIONAL
+ }
+ */
+public class OtpTokenInfo extends KrbSequenceType {
+ private static int FLAGS = 0;
+ private static int OTP_VENDOR = 1;
+ private static int OTP_CHALLENGE = 2;
+ private static int OTP_LENGTH = 3;
+ private static int OTP_FORMAT = 4;
+ private static int OTP_TOKEN_ID = 5;
+ private static int OTP_ALG_ID = 6;
+ private static int SUPPORTED_HASH_ALG = 7;
+ private static int ITERATION_COUNT = 8;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_VENDOR, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_CHALLENGE, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_LENGTH, KerberosString.class),
+ new Asn1FieldInfo(OTP_FORMAT, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_TOKEN_ID, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_ALG_ID, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SUPPORTED_HASH_ALG, AlgorithmIdentifiers.class),
+ new Asn1FieldInfo(ITERATION_COUNT, Asn1Integer.class, true)
+ };
+
+ public OtpTokenInfo() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
new file mode 100644
index 0000000..0266a99
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.otp;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.type.Asn1Utf8String;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-OTP-CHALLENGE ::= SEQUENCE {
+ nonce [0] OCTET STRING,
+ otp-service [1] UTF8String OPTIONAL,
+ otp-tokenInfo [2] SEQUENCE (SIZE(1..MAX)) OF OTP-TOKENINFO,
+ salt [3] KerberosString OPTIONAL,
+ s2kparams [4] OCTET STRING OPTIONAL,
+ }
+ */
+public class PaOtpChallenge extends KrbSequenceType {
+ private static int NONCE = 0;
+ private static int OTP_SERVICE = 1;
+ private static int OTP_TOKEN_INFO = 2;
+ private static int SALT = 3;
+ private static int S2KPARAMS = 4;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NONCE, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_SERVICE, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_TOKEN_INFO, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SALT, KerberosString.class),
+ new Asn1FieldInfo(S2KPARAMS, Asn1OctetString.class, true)
+ };
+
+ public PaOtpChallenge() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
new file mode 100644
index 0000000..484f37b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ * AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier
+ */
+public class AdInitialVerifiedCas extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
new file mode 100644
index 0000000..2d1fa74
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+import org.apache.kerby.kerberos.kerb.spec.x509.AlgorithmIdentifier;
+
+/**
+ trustedCertifiers SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ */
+public class AlgorithmIdentifiers extends KrbSequenceOfType<AlgorithmIdentifier> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AuthPack.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AuthPack.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AuthPack.java
new file mode 100644
index 0000000..98757e8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/AuthPack.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.x509.SubjectPublicKeyInfo;
+
+/**
+ AuthPack ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
+ supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ clientDHNonce [3] DHNonce OPTIONAL
+ }
+ */
+public class AuthPack extends KrbSequenceType {
+ private static int PK_AUTHENTICATOR = 0;
+ private static int CLIENT_PUBLIC_VALUE = 1;
+ private static int SUPPORTED_CMS_TYPES = 2;
+ private static int CLIENT_DH_NONCE = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PK_AUTHENTICATOR, PkAuthenticator.class),
+ new Asn1FieldInfo(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class),
+ new Asn1FieldInfo(SUPPORTED_CMS_TYPES, AlgorithmIdentifiers.class),
+ new Asn1FieldInfo(CLIENT_DH_NONCE, DHNonce.class)
+ };
+
+ public AuthPack() {
+ super(fieldInfos);
+ }
+
+ public PkAuthenticator getPkAuthenticator() {
+ return getFieldAs(PK_AUTHENTICATOR, PkAuthenticator.class);
+ }
+
+ public void setPkAuthenticator(PkAuthenticator pkAuthenticator) {
+ setFieldAs(PK_AUTHENTICATOR, pkAuthenticator);
+ }
+
+ public SubjectPublicKeyInfo getClientPublicValue() {
+ return getFieldAs(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class);
+ }
+
+ public void setClientPublicValue(SubjectPublicKeyInfo clientPublicValue) {
+ setFieldAs(CLIENT_PUBLIC_VALUE, clientPublicValue);
+ }
+
+ public AlgorithmIdentifiers getsupportedCmsTypes() {
+ return getFieldAs(CLIENT_DH_NONCE, AlgorithmIdentifiers.class);
+ }
+
+ public void setsupportedCmsTypes(AlgorithmIdentifiers supportedCMSTypes) {
+ setFieldAs(CLIENT_DH_NONCE, supportedCMSTypes);
+ }
+
+ public DHNonce getClientDhNonce() {
+ return getFieldAs(CLIENT_DH_NONCE, DHNonce.class);
+ }
+
+ public void setClientDhNonce(DHNonce dhNonce) {
+ setFieldAs(CLIENT_DH_NONCE, dhNonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHNonce.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHNonce.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHNonce.java
new file mode 100644
index 0000000..4e51adb
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHNonce.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1OctetString;
+
+/**
+ * DHNonce ::= OCTET STRING
+ */
+public class DHNonce extends Asn1OctetString {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
new file mode 100644
index 0000000..9844615
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ DHRepInfo ::= SEQUENCE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ serverDHNonce [1] DHNonce OPTIONAL
+ }
+ */
+public class DHRepInfo extends KrbSequenceType {
+ private static int DH_SIGNED_DATA = 0;
+ private static int SERVER_DH_NONCE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(DH_SIGNED_DATA, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SERVER_DH_NONCE, DHNonce.class)
+ };
+
+ public DHRepInfo() {
+ super(fieldInfos);
+ }
+
+ public byte[] getDHSignedData() {
+ return getFieldAsOctets(DH_SIGNED_DATA);
+ }
+
+ public void setDHSignedData(byte[] dhSignedData) {
+ setFieldAsOctets(DH_SIGNED_DATA, dhSignedData);
+ }
+
+ public DHNonce getServerDhNonce() {
+ return getFieldAs(SERVER_DH_NONCE, DHNonce.class);
+ }
+
+ public void setServerDhNonce(DHNonce dhNonce) {
+ setFieldAs(SERVER_DH_NONCE, dhNonce);
+ }
+}
[25/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
deleted file mode 100644
index 4a4dc41..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class AbstractPreauthPlugin implements KdcPreauth {
-
- private PreauthPluginMeta pluginMeta;
-
- public AbstractPreauthPlugin(PreauthPluginMeta meta) {
- this.pluginMeta = meta;
- }
-
- @Override
- public String getName() {
- return pluginMeta.getName();
- }
-
- public int getVersion() {
- return pluginMeta.getVersion();
- }
-
- public PaDataType[] getPaTypes() {
- return pluginMeta.getPaTypes();
- }
-
- @Override
- public void initWith(KdcContext kdcContext) {
-
- }
-
- @Override
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
- return null;
- }
-
- @Override
- public void provideEdata(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaData outPaData) throws KrbException {
-
- }
-
- @Override
- public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataEntry paData) throws KrbException {
- return false;
- }
-
- @Override
- public void providePaData(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaData paData) {
-
- }
-
- @Override
- public PaFlags getFlags(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataType paType) {
- return null;
- }
-
- @Override
- public void destroy() {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/FastContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/FastContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/FastContext.java
deleted file mode 100644
index a426f7d..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/FastContext.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.fast.FastOptions;
-import org.apache.kerberos.kerb.spec.fast.KrbFastArmor;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-
-public class FastContext {
-
- public KdcReq fastOuterRequest;
- public EncryptionKey armorKey;
- public KrbFastArmor fastArmor;
- public FastOptions fastOptions;
- public int nonce;
- public int fastFlags;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/KdcPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/KdcPreauth.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/KdcPreauth.java
deleted file mode 100644
index c137b6a..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/KdcPreauth.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-/**
- * KDC side preauth plugin module
- */
-public interface KdcPreauth extends PreauthPluginMeta {
-
- /**
- * Initializing plugin context for each realm
- */
- public void initWith(KdcContext context);
-
- /**
- * Initializing request context
- */
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest);
-
- /**
- * Optional: provide pa_data to send to the client as part of the "you need to
- * use preauthentication" error.
- */
- public void provideEdata(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaData outPaData) throws KrbException;
-
- /**
- * Optional: verify preauthentication data sent by the client, setting the
- * TKT_FLG_PRE_AUTH or TKT_FLG_HW_AUTH flag in the enc_tkt_reply's "flags"
- * field as appropriate.
- */
- public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataEntry paData) throws KrbException;
-
- /**
- * Optional: generate preauthentication response data to send to the client as
- * part of the AS-REP.
- */
- public void providePaData(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaData paData);
-
- /**
- * Return PA_REAL if pa_type is a real preauthentication type or PA_INFO if it is
- * an informational type.
- */
- public PaFlags getFlags(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataType paType);
-
- /**
- * When exiting...
- */
- public void destroy();
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthContext.java
deleted file mode 100644
index d2812e9..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthContext.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class PreauthContext {
- private boolean preauthRequired = true;
- private List<PreauthHandle> handles = new ArrayList<PreauthHandle>(5);
-
- public PreauthContext() {
-
- }
-
- public boolean isPreauthRequired() {
- return preauthRequired;
- }
-
- public void setPreauthRequired(boolean preauthRequired) {
- this.preauthRequired = preauthRequired;
- }
-
- public List<PreauthHandle> getHandles() {
- return handles;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandle.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandle.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandle.java
deleted file mode 100644
index 90f8724..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandle.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-
-public class PreauthHandle {
-
- public KdcPreauth preauth;
- public PluginRequestContext requestContext;
-
- public PreauthHandle(KdcPreauth preauth) {
- this.preauth = preauth;
- }
-
- public void initRequestContext(KdcRequest kdcRequest) {
- requestContext = preauth.initRequestContext(kdcRequest);
- }
-
- public void provideEdata(KdcRequest kdcRequest, PaData outPaData) throws KrbException {
- preauth.provideEdata(kdcRequest, requestContext, outPaData);
- }
-
- public void verify(KdcRequest kdcRequest, PaDataEntry paData) throws KrbException {
- preauth.verify(kdcRequest, requestContext, paData);
- }
-
- public void providePaData(KdcRequest kdcRequest, PaData paData) {
- preauth.providePaData(kdcRequest, requestContext, paData);
- }
-
- public void destroy() {
- preauth.destroy();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandler.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandler.java
deleted file mode 100644
index d8d9bca..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/PreauthHandler.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth;
-
-import org.apache.kerberos.kerb.server.KdcConfig;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.preauth.builtin.EncTsPreauth;
-import org.apache.kerberos.kerb.server.preauth.builtin.TgtPreauth;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class PreauthHandler {
-
- private List<KdcPreauth> preauths;
-
- /**
- * Should be called only once, for global
- */
- public void init(KdcConfig kdcConfig) {
- loadPreauthPlugins(kdcConfig);
- }
-
- private void loadPreauthPlugins(KdcConfig kdcConfig) {
- preauths = new ArrayList<KdcPreauth>();
-
- KdcPreauth preauth = new EncTsPreauth();
- preauths.add(preauth);
-
- preauth = new TgtPreauth();
- preauths.add(preauth);
- }
-
- /**
- * Should be called per realm
- * @param context
- */
- public void initWith(KdcContext context) {
- for (KdcPreauth preauth : preauths) {
- preauth.initWith(context);
- }
- }
-
- public PreauthContext preparePreauthContext(KdcRequest kdcRequest) {
- PreauthContext preauthContext = new PreauthContext();
-
- KdcContext kdcContext = kdcRequest.getKdcContext();
- preauthContext.setPreauthRequired(kdcContext.getConfig().isPreauthRequired());
-
- for (KdcPreauth preauth : preauths) {
- PreauthHandle handle = new PreauthHandle(preauth);
- handle.initRequestContext(kdcRequest);
- preauthContext.getHandles().add(handle);
- }
-
- return preauthContext;
- }
-
- public void provideEdata(KdcRequest kdcRequest, PaData outPaData) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PreauthHandle handle : preauthContext.getHandles()) {
- handle.provideEdata(kdcRequest, outPaData);
- }
- }
-
- public void verify(KdcRequest kdcRequest, PaData paData) throws KrbException {
- for (PaDataEntry paEntry : paData.getElements()) {
- PreauthHandle handle = findHandle(kdcRequest, paEntry.getPaDataType());
- if (handle != null) {
- handle.verify(kdcRequest, paEntry);
- }
- }
- }
-
- public void providePaData(KdcRequest kdcRequest, PaData paData) {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PreauthHandle handle : preauthContext.getHandles()) {
- handle.providePaData(kdcRequest, paData);
- }
- }
-
- private PreauthHandle findHandle(KdcRequest kdcRequest, PaDataType paType) {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PreauthHandle handle : preauthContext.getHandles()) {
- for (PaDataType pt : handle.preauth.getPaTypes()) {
- if (pt == paType) {
- return handle;
- }
- }
- }
- return null;
- }
-
- public void destroy() {
- for (KdcPreauth preauth : preauths) {
- preauth.destroy();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
deleted file mode 100644
index 5c7e6d0..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.builtin;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.builtin.EncTsPreauthMeta;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaEncTsEnc;
-
-public class EncTsPreauth extends AbstractPreauthPlugin {
-
- public EncTsPreauth() {
- super(new EncTsPreauthMeta());
- }
-
- @Override
- public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataEntry paData) throws KrbException {
- EncryptedData encData = KrbCodec.decode(paData.getPaDataValue(), EncryptedData.class);
- EncryptionKey clientKey = kdcRequest.getClientKey(encData.getEType());
- PaEncTsEnc timestamp = EncryptionUtil.unseal(encData, clientKey,
- KeyUsage.AS_REQ_PA_ENC_TS, PaEncTsEnc.class);
-
- KdcContext kdcContext = kdcRequest.getKdcContext();
- long clockSkew = kdcContext.getConfig().getAllowableClockSkew() * 1000;
- if (!timestamp.getAllTime().isInClockSkew(clockSkew)) {
- throw new KrbException(KrbErrorCode.KDC_ERR_PREAUTH_FAILED);
- }
-
- return true;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/TgtPreauth.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
deleted file mode 100644
index 0cdc582..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.builtin;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.builtin.TgtPreauthMeta;
-import org.apache.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.server.request.TgsRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-
-public class TgtPreauth extends AbstractPreauthPlugin {
-
- public TgtPreauth() {
- super(new TgtPreauthMeta());
- }
-
- @Override
- public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataEntry paData) throws KrbException {
-
- TgsRequest tgsRequest = (TgsRequest) kdcRequest;
- tgsRequest.verifyAuthenticator(paData);
- return true;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
deleted file mode 100644
index 19e8561..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.pkinit;
-
-import org.apache.kerberos.kerb.preauth.pkinit.IdentityOpts;
-import org.apache.kerberos.kerb.preauth.pkinit.PluginOpts;
-
-public class PkinitKdcContext {
-
- public PluginOpts pluginOpts;
- public IdentityOpts identityOpts;
- public String realm;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
deleted file mode 100644
index 7d621e7..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.pkinit;
-
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.pkinit.PkinitPreauthMeta;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.pa.pkinit.PaPkAsReq;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class PkinitPreauth extends AbstractPreauthPlugin {
-
- private Map<String, PkinitKdcContext> pkinitContexts;
-
- public PkinitPreauth() {
- super(new PkinitPreauthMeta());
-
- pkinitContexts = new HashMap<String, PkinitKdcContext>(1);
- }
-
- @Override
- public void initWith(KdcContext kdcContext) {
- super.initWith(kdcContext);
-
- PkinitKdcContext tmp = new PkinitKdcContext();
- tmp.realm = kdcContext.getKdcRealm();
- pkinitContexts.put(kdcContext.getKdcRealm(), tmp);
- }
-
- @Override
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
- PkinitRequestContext reqCtx = new PkinitRequestContext();
-
- //reqCtx.updateRequestOpts(pkinitContext.pluginOpts);
-
- return reqCtx;
- }
-
- @Override
- public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
- PaDataEntry paData) throws KrbException {
-
- PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
- PkinitKdcContext pkinitContext = findContext(kdcRequest.getServerPrincipal());
- if (pkinitContext == null) {
- return false;
- }
-
- reqCtx.paType = paData.getPaDataType();
- if (paData.getPaDataType() == PaDataType.PK_AS_REQ) {
- PaPkAsReq paPkAsReq = KrbCodec.decode(paData.getPaDataValue(), PaPkAsReq.class);
- if (paPkAsReq == null) {
- return false;
- }
- }
-
- return true;
- }
-
- private PkinitKdcContext findContext(PrincipalName principal) {
- String realm = principal.getRealm();
- if (pkinitContexts.containsKey(realm)) {
- return pkinitContexts.get(realm);
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
deleted file mode 100644
index e207fe4..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.pkinit;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.pa.pkinit.AuthPack;
-
-public class PkinitRequestContext implements PluginRequestContext {
-
- public AuthPack authPack;
- public PaDataType paType;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/token/TokenRequestContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/token/TokenRequestContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/token/TokenRequestContext.java
deleted file mode 100644
index fa88900..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/preauth/token/TokenRequestContext.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.preauth.token;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class TokenRequestContext implements PluginRequestContext {
-
- public boolean doIdentityMatching;
- public PaDataType paType;
- public boolean identityInitialized;
- public boolean identityPrompted;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/CacheService.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/CacheService.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/CacheService.java
deleted file mode 100644
index 78fb168..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/CacheService.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.replay;
-
-public interface CacheService
-{
- boolean checkAndCache(RequestRecord request);
- void clear();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckService.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckService.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckService.java
deleted file mode 100644
index c1232ce..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckService.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.replay;
-
-public interface ReplayCheckService
-{
- boolean checkReplay(String clientPrincipal, String serverPrincipal, long requestTime, int microseconds);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
deleted file mode 100644
index 43f1444..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.replay;
-
-public class ReplayCheckServiceImpl implements ReplayCheckService
-{
- private CacheService cacheService;
-
- public ReplayCheckServiceImpl(CacheService cacheService) {
- this.cacheService = cacheService;
- }
-
- public ReplayCheckServiceImpl() {
- this(new SimpleCacheService());
- }
-
- @Override
- public boolean checkReplay(String clientPrincipal, String serverPrincipal,
- long requestTime, int microseconds) {
- RequestRecord record = new RequestRecord(clientPrincipal, serverPrincipal, requestTime, microseconds);
- return cacheService.checkAndCache(record);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/RequestRecord.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/RequestRecord.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/RequestRecord.java
deleted file mode 100644
index 4f1dd84..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/RequestRecord.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.replay;
-
-public class RequestRecord {
- private String clientPrincipal;
- private String serverPrincipal;
- private long requestTime;
- private int microseconds;
-
- public RequestRecord(String clientPrincipal, String serverPrincipal, long requestTime, int microseconds) {
- this.clientPrincipal = clientPrincipal;
- this.serverPrincipal = serverPrincipal;
- this.requestTime = requestTime;
- this.microseconds = microseconds;
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
-
- RequestRecord that = (RequestRecord) o;
-
- if (microseconds != that.microseconds) return false;
- if (requestTime != that.requestTime) return false;
- if (!clientPrincipal.equals(that.clientPrincipal)) return false;
- if (!serverPrincipal.equals(that.serverPrincipal)) return false;
-
- return true;
- }
-
- @Override
- public int hashCode() {
- int result = clientPrincipal.hashCode();
- result = 31 * result + serverPrincipal.hashCode();
- result = 31 * result + (int) (requestTime ^ (requestTime >>> 32));
- result = 31 * result + microseconds;
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/SimpleCacheService.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/SimpleCacheService.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/SimpleCacheService.java
deleted file mode 100644
index f471f43..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/replay/SimpleCacheService.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.replay;
-
-import java.util.HashSet;
-import java.util.Set;
-
-public class SimpleCacheService implements CacheService {
- private Set<RequestRecord> requests;
-
- public SimpleCacheService() {
- requests = new HashSet<RequestRecord>();
- }
-
- @Override
- public boolean checkAndCache(RequestRecord request) {
- if (requests.contains(request)) {
- return true;
- } else {
- requests.add(request);
- }
- return false;
- }
-
- @Override
- public void clear() {
- requests.clear();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/AsRequest.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/AsRequest.java
deleted file mode 100644
index f6d0026..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/AsRequest.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.request;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.kdc.*;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlag;
-
-public class AsRequest extends KdcRequest {
-
- public AsRequest(AsReq asReq, KdcContext kdcContext) {
- super(asReq, kdcContext);
- }
-
- @Override
- protected void makeReply() throws KrbException {
- Ticket ticket = getTicket();
-
- AsRep reply = new AsRep();
-
- reply.setCname(getClientEntry().getPrincipal());
- reply.setCrealm(kdcContext.getServerRealm());
- reply.setTicket(ticket);
-
- EncKdcRepPart encKdcRepPart = makeEncKdcRepPart();
- reply.setEncPart(encKdcRepPart);
-
- EncryptionKey clientKey = getClientKey();
- EncryptedData encryptedData = EncryptionUtil.seal(encKdcRepPart,
- clientKey, KeyUsage.AS_REP_ENCPART);
- reply.setEncryptedEncPart(encryptedData);
-
- setReply(reply);
- }
-
- protected EncKdcRepPart makeEncKdcRepPart() {
- KdcReq request = getKdcReq();
- Ticket ticket = getTicket();
-
- EncKdcRepPart encKdcRepPart = new EncAsRepPart();
-
- //session key
- encKdcRepPart.setKey(ticket.getEncPart().getKey());
-
- LastReq lastReq = new LastReq();
- LastReqEntry entry = new LastReqEntry();
- entry.setLrType(LastReqType.THE_LAST_INITIAL);
- entry.setLrValue(new KerberosTime());
- lastReq.add(entry);
- encKdcRepPart.setLastReq(lastReq);
-
- encKdcRepPart.setNonce(request.getReqBody().getNonce());
-
- encKdcRepPart.setFlags(ticket.getEncPart().getFlags());
- encKdcRepPart.setAuthTime(ticket.getEncPart().getAuthTime());
- encKdcRepPart.setStartTime(ticket.getEncPart().getStartTime());
- encKdcRepPart.setEndTime(ticket.getEncPart().getEndTime());
-
- if (ticket.getEncPart().getFlags().isFlagSet(TicketFlag.RENEWABLE)) {
- encKdcRepPart.setRenewTill(ticket.getEncPart().getRenewtill());
- }
-
- encKdcRepPart.setSname(ticket.getSname());
- encKdcRepPart.setSrealm(ticket.getRealm());
- encKdcRepPart.setCaddr(ticket.getEncPart().getClientAddresses());
-
- return encKdcRepPart;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/KdcRequest.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/KdcRequest.java
deleted file mode 100644
index 41dcc10..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/KdcRequest.java
+++ /dev/null
@@ -1,521 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.request;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerberos.kerb.server.KdcConfig;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.server.preauth.FastContext;
-import org.apache.kerberos.kerb.server.preauth.PreauthContext;
-import org.apache.kerberos.kerb.server.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.KrbConstant;
-import org.apache.kerberos.kerb.KrbErrorException;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.kdc.KdcOption;
-import org.apache.kerberos.kerb.spec.kdc.KdcOptions;
-import org.apache.kerberos.kerb.spec.kdc.KdcRep;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.ticket.EncTicketPart;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlag;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
-
-import java.net.InetAddress;
-import java.nio.ByteBuffer;
-import java.util.Date;
-import java.util.List;
-
-public abstract class KdcRequest {
-
- protected KdcContext kdcContext;
-
- private Ticket ticket;
- private boolean isPreAuthenticated;
- private KdcReq kdcReq;
- private KdcRep reply;
- private InetAddress clientAddress;
- private boolean isTcp;
- private EncryptionType encryptionType;
- private EncryptionKey clientKey;
- private KrbIdentity clientEntry;
- private KrbIdentity serverEntry;
- private EncryptionKey serverKey;
- private KrbIdentity tgsEntry;
- private PreauthContext preauthContext;
- private FastContext fastContext;
- private PrincipalName serverPrincipal;
-
- public KdcRequest(KdcReq kdcReq, KdcContext kdcContext) {
- this.kdcReq = kdcReq;
- this.kdcContext = kdcContext;
- this.preauthContext = kdcContext.getPreauthHandler()
- .preparePreauthContext(this);
- this.fastContext = new FastContext();
- }
-
- public KdcContext getKdcContext() {
- return kdcContext;
- }
-
- public PreauthContext getPreauthContext() {
- return preauthContext;
- }
-
- public void process() throws KrbException {
- checkVersion();
- checkClient();
- checkServer();
- preauth();
- authenticate();
- issueTicket();
- makeReply();
- }
-
- public KdcReq getKdcReq() {
- return kdcReq;
- }
-
- public KrbIdentity getTgsEntry() {
- return tgsEntry;
- }
-
- public void setTgsEntry(KrbIdentity tgsEntry) {
- this.tgsEntry = tgsEntry;
- }
-
- public boolean isTcp() {
- return isTcp;
- }
-
- public void isTcp(boolean isTcp) {
- this.isTcp = isTcp;
- }
-
- public KrbMessage getReply() {
- return reply;
- }
-
- public void setReply(KdcRep reply) {
- this.reply = reply;
- }
-
- public InetAddress getClientAddress() {
- return clientAddress;
- }
-
- public void setClientAddress(InetAddress clientAddress) {
- this.clientAddress = clientAddress;
- }
-
- public EncryptionType getEncryptionType() {
- return encryptionType;
- }
-
- public void setEncryptionType(EncryptionType encryptionType) {
- this.encryptionType = encryptionType;
- }
-
- public Ticket getTicket() {
- return ticket;
- }
-
- public void setTicket(Ticket ticket) {
- this.ticket = ticket;
- }
-
- public boolean isPreAuthenticated() {
- return isPreAuthenticated;
- }
-
- public void setPreAuthenticated(boolean isPreAuthenticated) {
- this.isPreAuthenticated = isPreAuthenticated;
- }
-
- public KrbIdentity getServerEntry() {
- return serverEntry;
- }
-
- public void setServerEntry(KrbIdentity serverEntry) {
- this.serverEntry = serverEntry;
- }
-
- public KrbIdentity getClientEntry() {
- return clientEntry;
- }
-
- public void setClientEntry(KrbIdentity clientEntry) {
- this.clientEntry = clientEntry;
- }
-
- public EncryptionKey getClientKey(EncryptionType encType) throws KrbException {
- return getClientEntry().getKey(encType);
- }
-
- public EncryptionKey getClientKey() {
- return clientKey;
- }
-
- public void setClientKey(EncryptionKey clientKey) {
- this.clientKey = clientKey;
- }
-
- public EncryptionKey getServerKey() {
- return serverKey;
- }
-
- public void setServerKey(EncryptionKey serverKey) {
- this.serverKey = serverKey;
- }
-
- public PrincipalName getTgsPrincipal() {
- PrincipalName result = new PrincipalName(kdcContext.getConfig().getTgsPrincipal());
- result.setRealm(kdcContext.getKdcRealm());
- return result;
- }
-
- protected abstract void makeReply() throws KrbException;
-
- protected void checkVersion() throws KrbException {
- KdcReq request = getKdcReq();
-
- int kerberosVersion = request.getPvno();
- if (kerberosVersion != KrbConstant.KRB_V5) {
- throw new KrbException(KrbErrorCode.KDC_ERR_BAD_PVNO);
- }
- }
-
- protected void checkPolicy() throws KrbException {
- KrbIdentity entry = getClientEntry();
-
- if (entry.isDisabled()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
- }
-
- if (entry.isLocked()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
- }
-
- if (entry.getExpireTime().lessThan(new Date().getTime())) {
- throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
- }
- }
-
- protected void checkClient() throws KrbException {
- KdcReq request = getKdcReq();
-
- PrincipalName clientPrincipal = request.getReqBody().getCname();
- String clientRealm = request.getReqBody().getRealm();
- if (clientRealm == null || clientRealm.isEmpty()) {
- clientRealm = kdcContext.getServerRealm();
- }
- clientPrincipal.setRealm(clientRealm);
-
- KrbIdentity clientEntry = getEntry(clientPrincipal.getName());
- setClientEntry(clientEntry);
-
- EncryptionType encType = request.getReqBody().getEtypes().listIterator().next();
- EncryptionKey clientKey = clientEntry.getKeys().get(encType);
- setClientKey(clientKey);
- }
-
- protected void preauth() throws KrbException {
- KdcReq request = getKdcReq();
-
- PaData preAuthData = request.getPaData();
-
- if (preauthContext.isPreauthRequired()) {
- if (preAuthData == null || preAuthData.isEmpty()) {
- KrbError krbError = makePreAuthenticationError(kdcContext);
- throw new KrbErrorException(krbError);
- } else {
- getPreauthHandler().verify(this, preAuthData);
- }
- }
-
- setPreAuthenticated(true);
- }
-
- protected void setPreauthRequired(boolean preauthRequired) {
- preauthContext.setPreauthRequired(preauthRequired);
- }
-
- protected boolean isPreauthRequired() {
- return preauthContext.isPreauthRequired();
- }
-
- protected PreauthHandler getPreauthHandler() {
- return kdcContext.getPreauthHandler();
- }
-
- protected void checkEncryptionType() throws KrbException {
- List<EncryptionType> requestedTypes = getKdcReq().getReqBody().getEtypes();
-
- EncryptionType bestType = EncryptionUtil.getBestEncryptionType(requestedTypes,
- kdcContext.getConfig().getEncryptionTypes());
-
- if (bestType == null) {
- throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP);
- }
-
- setEncryptionType(bestType);
- }
-
- protected void authenticate() throws KrbException {
- checkEncryptionType();
- checkPolicy();
- }
-
- protected void issueTicket() throws KrbException {
- KdcReq request = getKdcReq();
-
- EncryptionType encryptionType = getEncryptionType();
- EncryptionKey serverKey = getServerEntry().getKeys().get(encryptionType);
-
- PrincipalName ticketPrincipal = request.getReqBody().getSname();
-
- EncTicketPart encTicketPart = new EncTicketPart();
- KdcConfig config = kdcContext.getConfig();
-
- TicketFlags ticketFlags = new TicketFlags();
- encTicketPart.setFlags(ticketFlags);
- ticketFlags.setFlag(TicketFlag.INITIAL);
-
- if (isPreAuthenticated()) {
- ticketFlags.setFlag(TicketFlag.PRE_AUTH);
- }
-
- if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.FORWARDABLE)) {
- if (!config.isForwardableAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
-
- ticketFlags.setFlag(TicketFlag.FORWARDABLE);
- }
-
- if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.PROXIABLE)) {
- if (!config.isProxiableAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
-
- ticketFlags.setFlag(TicketFlag.PROXIABLE);
- }
-
- if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.ALLOW_POSTDATE)) {
- if (!config.isPostdatedAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
-
- ticketFlags.setFlag(TicketFlag.MAY_POSTDATE);
- }
-
- KdcOptions kdcOptions = request.getReqBody().getKdcOptions();
-
- EncryptionKey sessionKey = EncryptionHandler.random2Key(getEncryptionType());
- encTicketPart.setKey(sessionKey);
-
- encTicketPart.setCname(request.getReqBody().getCname());
- encTicketPart.setCrealm(request.getReqBody().getRealm());
-
- TransitedEncoding transEnc = new TransitedEncoding();
- encTicketPart.setTransited(transEnc);
- String serverRealm = request.getReqBody().getRealm();
-
- KerberosTime now = KerberosTime.now();
- encTicketPart.setAuthTime(now);
-
- KerberosTime krbStartTime = request.getReqBody().getFrom();
- if (krbStartTime == null || krbStartTime.lessThan(now) ||
- krbStartTime.isInClockSkew(config.getAllowableClockSkew())) {
- krbStartTime = now;
- }
- if (krbStartTime.greaterThan(now)
- && !krbStartTime.isInClockSkew(config.getAllowableClockSkew())
- && !kdcOptions.isFlagSet(KdcOption.POSTDATED)) {
- throw new KrbException(KrbErrorCode.KDC_ERR_CANNOT_POSTDATE);
- }
-
- if (kdcOptions.isFlagSet(KdcOption.POSTDATED)) {
- if (!config.isPostdatedAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
-
- ticketFlags.setFlag(TicketFlag.POSTDATED);
- encTicketPart.setStartTime(krbStartTime);
- }
-
- KerberosTime krbEndTime = request.getReqBody().getTill();
- if (krbEndTime == null) {
- krbEndTime = krbStartTime.extend(config.getMaximumTicketLifetime() * 1000);
- } else if (krbStartTime.greaterThan(krbEndTime)) {
- throw new KrbException(KrbErrorCode.KDC_ERR_NEVER_VALID);
- }
- encTicketPart.setEndTime(krbEndTime);
-
- long ticketLifeTime = Math.abs(krbEndTime.diff(krbStartTime));
- if (ticketLifeTime < config.getMinimumTicketLifetime()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_NEVER_VALID);
- }
-
- KerberosTime krbRtime = request.getReqBody().getRtime();
- if (kdcOptions.isFlagSet(KdcOption.RENEWABLE_OK)) {
- kdcOptions.setFlag(KdcOption.RENEWABLE);
- }
- if (kdcOptions.isFlagSet(KdcOption.RENEWABLE)) {
- if (!config.isRenewableAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
-
- ticketFlags.setFlag(TicketFlag.RENEWABLE);
-
- if (krbRtime == null) {
- krbRtime = KerberosTime.NEVER;
- }
- KerberosTime allowedMaximumRenewableTime = krbStartTime;
- allowedMaximumRenewableTime.extend(config.getMaximumRenewableLifetime() * 1000);
- if (krbRtime.greaterThan(allowedMaximumRenewableTime)) {
- krbRtime = allowedMaximumRenewableTime;
- }
- encTicketPart.setRenewtill(krbRtime);
- }
-
- HostAddresses hostAddresses = request.getReqBody().getAddresses();
- if (hostAddresses == null || hostAddresses.isEmpty()) {
- if (!config.isEmptyAddressesAllowed()) {
- throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
- }
- } else {
- encTicketPart.setClientAddresses(hostAddresses);
- }
-
- EncryptedData encryptedData = EncryptionUtil.seal(encTicketPart,
- serverKey, KeyUsage.KDC_REP_TICKET);
-
- Ticket newTicket = new Ticket();
- newTicket.setSname(ticketPrincipal);
- newTicket.setEncryptedEncPart(encryptedData);
- newTicket.setRealm(serverRealm);
- newTicket.setEncPart(encTicketPart);
-
- setTicket(newTicket);
- }
-
- private void checkServer() throws KrbException {
- KdcReq request = getKdcReq();
-
- KrbIdentity tgsEntry = getEntry(getTgsPrincipal().getName());
- setTgsEntry(tgsEntry);
-
- PrincipalName principal = request.getReqBody().getSname();
- String serverRealm = request.getReqBody().getRealm();
- if (serverRealm == null || serverRealm.isEmpty()) {
- serverRealm = kdcContext.getServerRealm();
- }
- principal.setRealm(serverRealm);
-
- KrbIdentity serverEntry = getEntry(principal.getName());
- setServerEntry(serverEntry);
-
- EncryptionType encType = request.getReqBody().getEtypes().listIterator().next();
- EncryptionKey serverKey = serverEntry.getKeys().get(encType);
- setServerKey(serverKey);
- }
-
- protected KrbError makePreAuthenticationError(KdcContext kdcContext) throws KrbException {
- EncryptionType requestedType = getEncryptionType();
- List<EncryptionType> encryptionTypes = kdcContext.getConfig().getEncryptionTypes();
- boolean isNewEtype = true;
-
- EtypeInfo2 eTypeInfo2 = new EtypeInfo2();
-
- EtypeInfo eTypeInfo = new EtypeInfo();
-
- for (EncryptionType encryptionType : encryptionTypes) {
- if (!isNewEtype) {
- EtypeInfoEntry etypeInfoEntry = new EtypeInfoEntry();
- etypeInfoEntry.setEtype(encryptionType);
- etypeInfoEntry.setSalt(null);
- eTypeInfo.add(etypeInfoEntry);
- }
-
- EtypeInfo2Entry etypeInfo2Entry = new EtypeInfo2Entry();
- etypeInfo2Entry.setEtype(encryptionType);
- eTypeInfo2.add(etypeInfo2Entry);
- }
-
- byte[] encTypeInfo = null;
- byte[] encTypeInfo2 = null;
- if (!isNewEtype) {
- encTypeInfo = KrbCodec.encode(eTypeInfo);
- }
- encTypeInfo2 = KrbCodec.encode(eTypeInfo2);
-
- MethodData methodData = new MethodData();
- methodData.add(new PaDataEntry(PaDataType.ENC_TIMESTAMP, null));
- if (!isNewEtype) {
- methodData.add(new PaDataEntry(PaDataType.ETYPE_INFO, encTypeInfo));
- }
- methodData.add(new PaDataEntry(PaDataType.ETYPE_INFO2, encTypeInfo2));
-
- KrbError krbError = new KrbError();
- krbError.setErrorCode(KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED);
- byte[] encodedData = KrbCodec.encode(methodData);
- krbError.setEdata(encodedData);
-
- return krbError;
- }
-
- protected KrbIdentity getEntry(String principal) throws KrbException {
- KrbIdentity entry = null;
- KrbErrorCode krbErrorCode = KrbErrorCode.KDC_ERR_C_PRINCIPAL_UNKNOWN;
-
- try {
- entry = kdcContext.getIdentityService().getIdentity(principal);
- } catch (Exception e) {
- throw new KrbException(krbErrorCode, e);
- }
-
- if (entry == null) {
- throw new KrbException(krbErrorCode);
- }
-
- return entry;
- }
-
- public ByteBuffer getRequestBody() throws KrbException {
- return null;
- }
-
- public EncryptionKey getArmorKey() throws KrbException {
- return fastContext.armorKey;
- }
-
- public PrincipalName getServerPrincipal() {
- return serverPrincipal;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/TgsRequest.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/TgsRequest.java
deleted file mode 100644
index 289e2e4..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/request/TgsRequest.java
+++ /dev/null
@@ -1,196 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server.request;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.server.KdcContext;
-import org.apache.kerberos.kerb.KrbConstant;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.ap.ApOption;
-import org.apache.kerberos.kerb.spec.ap.ApReq;
-import org.apache.kerberos.kerb.spec.ap.Authenticator;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.kdc.*;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.ticket.EncTicketPart;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlag;
-
-import java.nio.ByteBuffer;
-
-public class TgsRequest extends KdcRequest {
-
- private EncryptionKey tgtSessionKey;
-
- public TgsRequest(TgsReq tgsReq, KdcContext kdcContext) {
- super(tgsReq, kdcContext);
-
- setPreauthRequired(true);
- }
-
- public EncryptionKey getTgtSessionKey() {
- return tgtSessionKey;
- }
-
- public void setTgtSessionKey(EncryptionKey tgtSessionKey) {
- this.tgtSessionKey = tgtSessionKey;
- }
-
- public void verifyAuthenticator(PaDataEntry paDataEntry) throws KrbException {
- ApReq apReq = KrbCodec.decode(paDataEntry.getPaDataValue(), ApReq.class);
-
- if (apReq.getPvno() != KrbConstant.KRB_V5) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADVERSION);
- }
-
- if (apReq.getMsgType() != KrbMessageType.AP_REQ) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_MSG_TYPE);
- }
-
- EncryptionType encType = getKdcReq().getReqBody().getEtypes().listIterator().next();
- EncryptionKey tgsKey = getTgsEntry().getKeys().get(encType);
-
- Ticket ticket = apReq.getTicket();
- if (ticket.getTktvno() != KrbConstant.KRB_V5) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADVERSION);
- }
-
- EncTicketPart encPart = EncryptionUtil.unseal(ticket.getEncryptedEncPart(),
- tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
- ticket.setEncPart(encPart);
-
- EncryptionKey encKey = null;
- //if (apReq.getApOptions().isFlagSet(ApOptions.USE_SESSION_KEY)) {
- encKey = ticket.getEncPart().getKey();
-
- if (encKey == null) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_NOKEY);
- }
- Authenticator authenticator = EncryptionUtil.unseal(apReq.getEncryptedAuthenticator(),
- encKey, KeyUsage.TGS_REQ_AUTH, Authenticator.class);
-
- if (!authenticator.getCname().equals(ticket.getEncPart().getCname())) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADMATCH);
- }
-
- HostAddresses hostAddresses = ticket.getEncPart().getClientAddresses();
- if (hostAddresses == null || hostAddresses.isEmpty()) {
- if (!kdcContext.getConfig().isEmptyAddressesAllowed()) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADADDR);
- }
- } else if (!hostAddresses.contains(getClientAddress())) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADADDR);
- }
-
- PrincipalName serverPrincipal = ticket.getSname();
- serverPrincipal.setRealm(ticket.getRealm());
- PrincipalName clientPrincipal = authenticator.getCname();
- clientPrincipal.setRealm(authenticator.getCrealm());
-
- if (!authenticator.getCtime().isInClockSkew(
- kdcContext.getConfig().getAllowableClockSkew() * 1000)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_SKEW);
- }
-
- KerberosTime now = KerberosTime.now();
- KerberosTime startTime = ticket.getEncPart().getStartTime();
- if (startTime == null) {
- startTime = ticket.getEncPart().getAuthTime();
- }
- if (! startTime.lessThan(now)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_TKT_NYV);
- }
-
- KerberosTime endTime = ticket.getEncPart().getEndTime();
- if (! endTime.greaterThan(now)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_TKT_EXPIRED);
- }
-
- apReq.getApOptions().setFlag(ApOption.MUTUAL_REQUIRED);
-
- setTgtSessionKey(ticket.getEncPart().getKey());
- }
-
- @Override
- protected void makeReply() throws KrbException {
- Ticket ticket = getTicket();
-
- TgsRep reply = new TgsRep();
-
- reply.setCname(getClientEntry().getPrincipal());
- reply.setCrealm(kdcContext.getServerRealm());
- reply.setTicket(ticket);
-
- EncKdcRepPart encKdcRepPart = makeEncKdcRepPart();
- reply.setEncPart(encKdcRepPart);
-
- EncryptionKey sessionKey = getTgtSessionKey();
- EncryptedData encryptedData = EncryptionUtil.seal(encKdcRepPart,
- sessionKey, KeyUsage.TGS_REP_ENCPART_SESSKEY);
- reply.setEncryptedEncPart(encryptedData);
-
- setReply(reply);
- }
-
- private EncKdcRepPart makeEncKdcRepPart() {
- KdcReq request = getKdcReq();
- Ticket ticket = getTicket();
-
- EncKdcRepPart encKdcRepPart = new EncTgsRepPart();
-
- //session key
- encKdcRepPart.setKey(ticket.getEncPart().getKey());
-
- LastReq lastReq = new LastReq();
- LastReqEntry entry = new LastReqEntry();
- entry.setLrType(LastReqType.THE_LAST_INITIAL);
- entry.setLrValue(new KerberosTime());
- lastReq.add(entry);
- encKdcRepPart.setLastReq(lastReq);
-
- encKdcRepPart.setNonce(request.getReqBody().getNonce());
-
- encKdcRepPart.setFlags(ticket.getEncPart().getFlags());
- encKdcRepPart.setAuthTime(ticket.getEncPart().getAuthTime());
- encKdcRepPart.setStartTime(ticket.getEncPart().getStartTime());
- encKdcRepPart.setEndTime(ticket.getEncPart().getEndTime());
-
- if (ticket.getEncPart().getFlags().isFlagSet(TicketFlag.RENEWABLE)) {
- encKdcRepPart.setRenewTill(ticket.getEncPart().getRenewtill());
- }
-
- encKdcRepPart.setSname(ticket.getSname());
- encKdcRepPart.setSrealm(ticket.getRealm());
- encKdcRepPart.setCaddr(ticket.getEncPart().getClientAddresses());
-
- return encKdcRepPart;
- }
-
- public ByteBuffer getRequestBody() throws KrbException {
- return null;
- }
-
- public EncryptionKey getArmorKey() throws KrbException {
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/resources/kdc.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/resources/kdc.conf b/haox-kerb/kerb-server/src/main/resources/kdc.conf
deleted file mode 100644
index 8f286a1..0000000
--- a/haox-kerb/kerb-server/src/main/resources/kdc.conf
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
-
-[kdcdefaults]
- kdc_udp_port = 88
- kdc_tcp_port = 8014
- restrict_anonymous_to_tgt = true
- kdc_max_dgram_reply_size = 4096
-
-[realms]
-# ATHENA.MIT.EDU = {
-# kadmind_port = 749
-# max_life = 12h 0m 0s
-# max_renewable_life = 7d 0h 0m 0s
-# master_key_type = des3-hmac-sha1
-# supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4
-# database_module = openldap_ldapconf
-# }
-
-[dbdefaults]
- ldap_kerberos_container_dn = cn=krbcontainer dc=mit dc=edu
-
-[dbmodules]
-# openldap_ldapconf = {
-# db_library = kldap
-# disable_last_success = true
-# ldap_kdc_dn = cn=krbadmin dc=mit,dc=edu
-# ldap_kadmind_dn = cn=krbadmin dc=mit dc=edu
-# ldap_service_password_file = /etc/kerberos/service.keyfile
-# ldap_servers = ldaps://kerberos.mit.edu
-# ldap_conns_per_server = 5
-# }
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java b/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
deleted file mode 100644
index ebab9df..0000000
--- a/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.SocketChannel;
-
-public class KdcTest {
-
- private String serverHost = "localhost";
- private short serverPort = 8089;
-
- private SimpleKdcServer kdcServer;
-
- @Before
- public void setUp() throws Exception {
- kdcServer = new SimpleKdcServer();
- kdcServer.setKdcHost(serverHost);
- kdcServer.setKdcTcpPort(serverPort);
- kdcServer.init();
- kdcServer.start();
- }
-
- @Test
- public void testKdc() throws IOException, InterruptedException {
- Thread.sleep(15);
-
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.connect(sa);
-
- String BAD_KRB_MESSAGE = "Hello World!";
- ByteBuffer writeBuffer = ByteBuffer.allocate(4 + BAD_KRB_MESSAGE.getBytes().length);
- writeBuffer.putInt(BAD_KRB_MESSAGE.getBytes().length);
- writeBuffer.put(BAD_KRB_MESSAGE.getBytes());
- writeBuffer.flip();
-
- socketChannel.write(writeBuffer);
- }
-
- @After
- public void tearDown() throws Exception {
- kdcServer.stop();
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/TestKdcConfigLoad.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/TestKdcConfigLoad.java b/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/TestKdcConfigLoad.java
deleted file mode 100644
index 923861a..0000000
--- a/haox-kerb/kerb-server/src/test/java/org/apache/kerberos/kerb/server/TestKdcConfigLoad.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.haox.config.Conf;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.File;
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.net.URL;
-
-public class TestKdcConfigLoad {
-
- @Test
- public void test() throws URISyntaxException, IOException {
- URL confFileUrl = TestKdcConfigLoad.class.getResource("/kdc.conf");
- File confFile = new File(confFileUrl.toURI());
-
- KdcConfig krbConfig = new KdcConfig();
- Conf conf = krbConfig.getConf();
- conf.addIniConfig(confFile);
-
- Assert.assertEquals(krbConfig.getDefaultLoggingLocation(), "FILE:/var/log/krb5libs.log");
- Assert.assertEquals(krbConfig.getKdcLoggingLocation(), "FILE:/var/log/krb5kdc.log");
- Assert.assertEquals(krbConfig.getAdminLoggingLocation(), "FILE:/var/log/kadmind.log");
-
- Assert.assertEquals(krbConfig.getKdcUdpPort(), 88);
- Assert.assertEquals(krbConfig.getKdcTcpPort(), 8014);
- Assert.assertTrue(krbConfig.isRestrictAnonymousToTgt());
- Assert.assertEquals(krbConfig.getKdcMaxDgramReplySize(), 4096);
-
- String[] ldapContainerDn = krbConfig.getLdapKerberosContainerDn();
- Assert.assertEquals(ldapContainerDn.length, 3);
- Assert.assertEquals(ldapContainerDn[0], "cn=krbcontainer");
- Assert.assertEquals(ldapContainerDn[1], "dc=mit");
- Assert.assertEquals(ldapContainerDn[2], "dc=edu");
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/pom.xml b/haox-kerb/kerb-util/pom.xml
deleted file mode 100644
index 6a0d367..0000000
--- a/haox-kerb/kerb-util/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-util</artifactId>
-
- <name>Haox-kerb Util</name>
- <description>Haox-kerb Utilities</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-crypto</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbInputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbInputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbInputStream.java
deleted file mode 100644
index e8d430d..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbInputStream.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-public abstract class KrbInputStream extends DataInputStream
-{
- public KrbInputStream(InputStream in) {
- super(in);
- }
-
- public KerberosTime readTime() throws IOException {
- long value = readInt();
- KerberosTime time = new KerberosTime(value * 1000);
- return time;
- }
-
- public abstract PrincipalName readPrincipal(int version) throws IOException;
-
- public EncryptionKey readKey(int version) throws IOException {
- int eType = readShort();
- EncryptionType encryptionType = EncryptionType.fromValue(eType);
-
- byte[] keyData = readCountedOctets();
- EncryptionKey key = new EncryptionKey(encryptionType, keyData);
-
- return key;
- }
-
- public String readCountedString() throws IOException {
- byte[] countedOctets = readCountedOctets();
- // ASCII
- return new String(countedOctets);
- }
-
- public byte[] readCountedOctets() throws IOException {
- int len = readOctetsCount();
- if (len == 0) {
- return null;
- }
-
- byte[] data = new byte[len];
- read(data);
-
- return data;
- }
-
- public abstract int readOctetsCount() throws IOException;
-}
[28/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
deleted file mode 100644
index 8d2a693..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractEncryptProvider implements EncryptProvider {
- private int blockSize;
- private int keyInputSize;
- private int keySize;
-
- public AbstractEncryptProvider(int blockSize, int keyInputSize, int keySize) {
- this.blockSize = blockSize;
- this.keyInputSize = keyInputSize;
- this.keySize = keySize;
- }
-
- @Override
- public int keyInputSize() {
- return keyInputSize;
- }
-
- @Override
- public int keySize() {
- return keySize;
- }
-
- @Override
- public int blockSize() {
- return blockSize;
- }
-
- @Override
- public byte[] initState(byte[] key, int keyUsage) {
- return new byte[0];
- }
-
- @Override
- public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
- doEncrypt(data, key, cipherState, true);
- }
-
- @Override
- public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
- doEncrypt(data, key, cipherState, false);
- }
-
- @Override
- public void encrypt(byte[] key, byte[] data) throws KrbException {
- byte[] cipherState = new byte[blockSize()];
- encrypt(key, cipherState, data);
- }
-
- @Override
- public void decrypt(byte[] key, byte[] data) throws KrbException {
- byte[] cipherState = new byte[blockSize()];
- decrypt(key, cipherState, data);
- }
-
- protected abstract void doEncrypt(byte[] data, byte[] key, byte[] cipherState, boolean encrypt) throws KrbException;
-
- @Override
- public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public boolean supportCbcMac() {
- return false;
- }
-
- @Override
- public void cleanState() {
-
- }
-
- @Override
- public void cleanKey() {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
deleted file mode 100644
index 52157e6..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-public class Aes128Provider extends AesProvider {
-
- public Aes128Provider() {
- super(16, 16, 16);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
deleted file mode 100644
index 91c1b49..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-public class Aes256Provider extends AesProvider {
-
- public Aes256Provider() {
- super(16, 32, 32);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java
deleted file mode 100644
index 334f8c9..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-import java.security.GeneralSecurityException;
-
-public abstract class AesProvider extends AbstractEncryptProvider {
-
- public AesProvider(int blockSize, int keyInputSize, int keySize) {
- super(blockSize, keyInputSize, keySize);
- }
-
- @Override
- protected void doEncrypt(byte[] data, byte[] key,
- byte[] cipherState, boolean encrypt) throws KrbException {
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance("AES/CTS/NoPadding");
- } catch (GeneralSecurityException e) {
- KrbException ke = new KrbException("JCE provider may not be installed. "
- + e.getMessage());
- ke.initCause(e);
- throw ke;
- }
-
- try {
- SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
- IvParameterSpec param = new IvParameterSpec(cipherState);
-
- cipher.init(encrypt ?
- Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, param);
- byte[] output = cipher.doFinal(data);
- System.arraycopy(output, 0, data, 0, output.length);
- } catch (GeneralSecurityException e) {
- KrbException ke = new KrbException(e.getMessage());
- ke.initCause(e);
- throw ke;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
deleted file mode 100644
index 50096dc..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-public class Camellia128Provider extends CamelliaProvider {
-
- public Camellia128Provider() {
- super(16, 16, 16);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
deleted file mode 100644
index 0561847..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-public class Camellia256Provider extends CamelliaProvider {
-
- public Camellia256Provider() {
- super(16, 32, 32);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
deleted file mode 100644
index 8c41b5e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.crypto.Camellia;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class CamelliaProvider extends AbstractEncryptProvider {
-
- public CamelliaProvider(int blockSize, int keyInputSize, int keySize) {
- super(blockSize, keyInputSize, keySize);
- }
-
- @Override
- protected void doEncrypt(byte[] data, byte[] key,
- byte[] cipherState, boolean encrypt) throws KrbException {
-
- Camellia cipher = new Camellia();
- cipher.setKey(encrypt, key);
- if (encrypt) {
- cipher.encrypt(data, cipherState);
- } else {
- cipher.decrypt(data, cipherState);
- }
- }
-
- @Override
- public boolean supportCbcMac() {
- return true;
- }
-
- @Override
- public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) {
- Camellia cipher = new Camellia();
- cipher.setKey(true, key);
-
- int blocksNum = data.length / blockSize();
- cipher.cbcEnc(data, 0, blocksNum, cipherState);
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java
deleted file mode 100644
index 6e78d8a..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.IvParameterSpec;
-import java.security.GeneralSecurityException;
-import java.security.spec.KeySpec;
-
-public class Des3Provider extends AbstractEncryptProvider {
-
- public Des3Provider() {
- super(8, 21, 24);
- }
-
- @Override
- protected void doEncrypt(byte[] input, byte[] key,
- byte[] cipherState, boolean encrypt) throws KrbException {
-
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance("DESede/CBC/NoPadding");
- } catch (GeneralSecurityException e) {
- throw new KrbException("Failed to init cipher", e);
- }
-
- try {
- IvParameterSpec params = new IvParameterSpec(cipherState);
- KeySpec skSpec = new DESedeKeySpec(key, 0);
-
- SecretKeyFactory skf = SecretKeyFactory.getInstance("desede");
- SecretKey secretKey = skf.generateSecret(skSpec);
-
- cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, params);
-
- byte[] output = cipher.doFinal(input);
- System.arraycopy(output, 0, input, 0, output.length);
- } catch (GeneralSecurityException e) {
- throw new KrbException("Failed to doEncrypt", e);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java
deleted file mode 100644
index 9caa308..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-import java.security.GeneralSecurityException;
-
-public class DesProvider extends AbstractEncryptProvider {
-
- public DesProvider() {
- super(8, 7, 8);
- }
-
- @Override
- protected void doEncrypt(byte[] input, byte[] key,
- byte[] cipherState, boolean encrypt) throws KrbException {
-
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance("DES/CBC/NoPadding");
- } catch (GeneralSecurityException e) {
- throw new KrbException("Failed to init cipher", e);
- }
- IvParameterSpec params = new IvParameterSpec(cipherState);
- SecretKeySpec skSpec = new SecretKeySpec(key, "DES");
- try {
- SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
- SecretKey sk = (SecretKey) skSpec;
-
- cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, sk, params);
-
- byte[] output = cipher.doFinal(input);
- System.arraycopy(output, 0, input, 0, output.length);
- } catch (GeneralSecurityException e) {
- KrbException ke = new KrbException(e.getMessage());
- ke.initCause(e);
- throw ke;
- }
- }
-
- @Override
- public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
- Cipher cipher = null;
- try {
- cipher = Cipher.getInstance("DES/CBC/NoPadding");
- } catch (GeneralSecurityException e) {
- throw new KrbException("Failed to init cipher", e);
- }
- IvParameterSpec params = new IvParameterSpec(cipherState);
- SecretKeySpec skSpec = new SecretKeySpec(key, "DES");
-
- byte[] output = null;
- try {
- SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
- // SecretKey sk = skf.generateSecret(skSpec);
- SecretKey sk = (SecretKey) skSpec;
- cipher.init(Cipher.ENCRYPT_MODE, sk, params);
- for (int i = 0; i < data.length / 8; i++) {
- output = cipher.doFinal(data, i * 8, 8);
- cipher.init(Cipher.ENCRYPT_MODE, sk, (new IvParameterSpec(output)));
- }
- }
- catch (GeneralSecurityException e) {
- KrbException ke = new KrbException(e.getMessage());
- ke.initCause(e);
- throw ke;
- }
- return output;
- }
-
- @Override
- public boolean supportCbcMac() {
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
deleted file mode 100644
index 5836ad0..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc.provider;
-
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.SecretKeySpec;
-import java.security.GeneralSecurityException;
-
-public class Rc4Provider extends AbstractEncryptProvider {
-
- public Rc4Provider() {
- super(1, 16, 16);
- }
-
- @Override
- protected void doEncrypt(byte[] data, byte[] key,
- byte[] cipherState, boolean encrypt) throws KrbException {
- try {
- Cipher cipher = Cipher.getInstance("ARCFOUR");
- SecretKeySpec secretKey = new SecretKeySpec(key, "ARCFOUR");
- cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey);
- byte[] output = cipher.doFinal(data);
- System.arraycopy(output, 0, data, 0, output.length);
- } catch (GeneralSecurityException e) {
- KrbException ke = new KrbException(e.getMessage());
- ke.initCause(e);
- throw ke;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
deleted file mode 100644
index 69b5576..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.io.UnsupportedEncodingException;
-
-public abstract class AbstractKeyMaker implements KeyMaker {
-
- protected static final byte[] KERBEROS_CONSTANT = "kerberos".getBytes();
-
- private EncryptProvider encProvider;
-
- public AbstractKeyMaker(EncryptProvider encProvider) {
- this.encProvider = encProvider;
- }
-
- protected EncryptProvider encProvider() {
- return encProvider;
- }
-
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- return new byte[0];
- }
-
- /**
- * Visible for test
- */
- public static byte[] makePasswdSalt(String password, String salt) {
- char[] chars = new char[password.length() + salt.length()];
- System.arraycopy(password.toCharArray(), 0, chars, 0, password.length());
- System.arraycopy(salt.toCharArray(), 0, chars, password.length(), salt.length());
-
- try {
- return new String(chars).getBytes("UTF-8");
- } catch (UnsupportedEncodingException e) {
- throw new RuntimeException("Character decoding failed", e);
- }
- }
-
- protected static int getIterCount(byte[] param, int defCount) {
- int iterCount = defCount;
-
- if (param != null) {
- if (param.length != 4) {
- throw new IllegalArgumentException("Invalid param to str2Key");
- }
- iterCount = BytesUtil.bytes2int(param, 0, true);
- }
-
- return iterCount;
- }
-
- protected static byte[] getSaltBytes(String salt, String pepper)
- throws UnsupportedEncodingException {
- byte[] saltBytes = salt.getBytes("UTF-8");
- if (pepper != null && ! pepper.isEmpty()) {
- byte[] pepperBytes = pepper.getBytes("UTF-8");
- int len = saltBytes.length;
- len += 1 + pepperBytes.length;
- byte[] results = new byte[len];
- System.arraycopy(pepperBytes, 0, results, 0, pepperBytes.length);
- results[pepperBytes.length] = (byte) 0;
- System.arraycopy(saltBytes, 0,
- results, pepperBytes.length + 1, saltBytes.length);
-
- return results;
- } else {
- return saltBytes;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java
deleted file mode 100644
index b370bfe..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.Pbkdf;
-import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider;
-
-import java.io.UnsupportedEncodingException;
-import java.security.GeneralSecurityException;
-
-public class AesKeyMaker extends DkKeyMaker {
-
- public AesKeyMaker(AesProvider encProvider) {
- super(encProvider);
- }
-
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- return randomBits;
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- int iterCount = getIterCount(param, 4096);
-
- byte[] saltBytes = null;
- try {
- saltBytes = getSaltBytes(salt, null);
- } catch (UnsupportedEncodingException e) {
- throw new RuntimeException(e);
- }
-
- int keySize = encProvider().keySize();
- byte[] random = new byte[0];
- try {
- random = Pbkdf.PBKDF2(string.toCharArray(), saltBytes, iterCount, keySize);
- } catch (GeneralSecurityException e) {
- throw new KrbException("PBKDF2 failed", e);
- }
-
- byte[] tmpKey = random2Key(random);
- byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
-
- return result;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/CamelliaKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
deleted file mode 100644
index 5330189..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.Cmac;
-import org.apache.kerberos.kerb.crypto.Pbkdf;
-import org.apache.kerberos.kerb.crypto.enc.provider.CamelliaProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.io.UnsupportedEncodingException;
-import java.security.GeneralSecurityException;
-
-public class CamelliaKeyMaker extends DkKeyMaker {
-
- public CamelliaKeyMaker(CamelliaProvider encProvider) {
- super(encProvider);
- }
-
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- return randomBits;
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- int iterCount = getIterCount(param, 32768);
-
- byte[] saltBytes = null;
- try {
- saltBytes = getSaltBytes(salt, getPepper());
- } catch (UnsupportedEncodingException e) {
- throw new RuntimeException(e);
- }
-
- int keySize = encProvider().keySize();
- byte[] random = new byte[0];
- try {
- random = Pbkdf.PBKDF2(string.toCharArray(), saltBytes, iterCount, keySize);
- } catch (GeneralSecurityException e) {
- throw new KrbException("PBKDF2 failed", e);
- }
-
- byte[] tmpKey = random2Key(random);
- byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
-
- return result;
- }
-
- private String getPepper() {
- int keySize = encProvider().keySize();
- String pepper = keySize == 16 ? "camellia128-cts-cmac" : "camellia256-cts-cmac";
- return pepper;
- }
-
- /*
- * NIST SP800-108 KDF in feedback mode (section 5.2).
- */
- @Override
- protected byte[] dr(byte[] key, byte[] constant) throws KrbException {
-
- int blocksize = encProvider().blockSize();
- int keyInuptSize = encProvider().keyInputSize();
- byte[] keyBytes = new byte[keyInuptSize];
- byte[] Ki;
-
- int len = 0;
- // K(i-1): the previous block of PRF output, initially all-zeros.
- len += blocksize;
- // four-byte big-endian binary string giving the block counter
- len += 4;
- // the fixed derived-key input
- len += constant.length;
- // 0x00: separator byte
- len += 1;
- // four-byte big-endian binary string giving the output length
- len += 4;
-
- Ki = new byte[len];
- System.arraycopy(constant, 0, Ki, blocksize + 4, constant.length);
- BytesUtil.int2bytes(keyInuptSize * 8, Ki, len - 4, true);
-
- int i, n = 0;
- byte[] tmp;
- for (i = 1, n = 0; n < keyInuptSize; i++) {
- // Update the block counter
- BytesUtil.int2bytes(i, Ki, blocksize, true);
-
- // Compute a CMAC checksum, update Ki with the result
- tmp = Cmac.cmac(encProvider(), key, Ki);
- System.arraycopy(tmp, 0, Ki, 0, blocksize);
-
- if (n + blocksize >= keyInuptSize) {
- System.arraycopy(Ki, 0, keyBytes, n, keyInuptSize - n);
- break;
- }
-
- System.arraycopy(Ki, 0, keyBytes, n, blocksize);
- n += blocksize;
- }
-
- return keyBytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
deleted file mode 100644
index 9b98a5e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Des3KeyMaker.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.Des;
-import org.apache.kerberos.kerb.crypto.Nfold;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-public class Des3KeyMaker extends DkKeyMaker {
-
- public Des3KeyMaker(EncryptProvider encProvider) {
- super(encProvider);
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- byte[] utf8Bytes = makePasswdSalt(string, salt);
- int keyInputSize = encProvider().keyInputSize();
- byte[] tmpKey = random2Key(Nfold.nfold(utf8Bytes, keyInputSize));
- return dk(tmpKey, KERBEROS_CONSTANT);
- }
-
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- if (randomBits.length != encProvider().keyInputSize()) {
- throw new KrbException("Invalid random bits, not of correct bytes size");
- }
- /**
- * Ref. k5_rand2key_des3 in random_to_key.c in MIT krb5
- * Take the seven bytes, move them around into the top 7 bits of the
- * 8 key bytes, then compute the parity bits. Do this three times.
- */
- byte[] key = new byte[encProvider().keySize()];
- int nthByte;
- int tmp;
- for (int i = 0; i < 3; i++) {
- System.arraycopy(randomBits, i * 7, key, i * 8, 7);
- nthByte = i * 8;
-
- key[nthByte + 7] = (byte) (((key[nthByte + 0] & 1) << 1) |
- ((key[nthByte + 1] & 1) << 2) |
- ((key[nthByte + 2] & 1) << 3) |
- ((key[nthByte + 3] & 1) << 4) |
- ((key[nthByte + 4] & 1) << 5) |
- ((key[nthByte + 5] & 1) << 6) |
- ((key[nthByte + 6] & 1) << 7));
-
- for (int j = 0; j < 8; j++) {
- tmp = key[nthByte + j] & 0xfe;
- tmp |= (Integer.bitCount(tmp) & 1) ^ 1;
- key[nthByte + j] = (byte) tmp;
- }
- }
-
- for (int i = 0; i < 3; i++) {
- Des.fixKey(key, i * 8, 8);
- }
-
- return key;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
deleted file mode 100644
index cc91fb7..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
+++ /dev/null
@@ -1,282 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.Des;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-public class DesKeyMaker extends AbstractKeyMaker {
-
- public DesKeyMaker(EncryptProvider encProvider) {
- super(encProvider);
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- String error = null;
- int type = 0;
-
- if (param != null) {
- if (param.length != 1) {
- error = "Invalid param to S2K";
- }
- type = param[0];
- if (type != 0 && type != 1) {
- error = "Invalid param to S2K";
- }
- }
- if (type == 1) {
- error = "AFS not supported yet";
- }
-
- if (error != null) {
- throw new KrbException(error);
- }
-
- byte[] key = toKey(string, salt);
- return key;
- }
-
- /**
- mit_des_string_to_key(string,salt) {
- odd = 1;
- s = string | salt;
- tempstring = 0; // 56-bit string
- pad(s); // with nulls to 8 byte boundary
- for (8byteblock in s) {
- 56bitstring = removeMSBits(8byteblock);
- if (odd == 0) reverse(56bitstring);
- odd = ! odd;
- tempstring = tempstring XOR 56bitstring;
- }
- tempkey = key_correction(add_parity_bits(tempstring));
- key = key_correction(DES-CBC-check(s,tempkey));
- return(key);
- }
- */
- private byte[] toKey(String string, String salt) throws KrbException {
- byte[] bytes = makePasswdSalt(string, salt);
- // padded with zero-valued octets to a multiple of eight octets.
- byte[] paddedBytes = BytesUtil.padding(bytes, 8);
-
- byte[] fanFoldedKey = fanFold(string, salt, paddedBytes);
-
- byte[] intermediateKey = intermediateKey(fanFoldedKey);
-
- byte[] key = desEncryptedKey(intermediateKey, paddedBytes);
- keyCorrection(key);
-
- return key;
- }
-
- /**
- * Visible for test
- */
- public static byte[] fanFold(String string, String salt, byte[] paddedBytes) {
- if (paddedBytes == null) {
- byte[] bytes = makePasswdSalt(string, salt);
- // padded with zero-valued octets to a multiple of eight octets.
- paddedBytes = BytesUtil.padding(bytes, 8);
- }
-
- int blocksOfbytes8 = paddedBytes.length / 8;
- boolean odd = true;
- byte[] bits56 = new byte[8];
- byte[] tempString = new byte[8];
- for (int i = 0; i < blocksOfbytes8; ++i) {
- System.arraycopy(paddedBytes, 8 * i, bits56, 0, 8);
- removeMSBits(bits56);
- if (!odd) {
- reverse(bits56);
- }
- odd = !odd;
- BytesUtil.xor(bits56, 0, tempString);
- }
-
- return tempString;
- }
-
- /**
- * Visible for test
- */
- public static byte[] intermediateKey(byte[] fanFoldedKey) {
- byte[] keyBytes = addParityBits(fanFoldedKey);
- keyCorrection(keyBytes);
-
- return keyBytes;
- }
-
- private byte[] desEncryptedKey(byte[] intermediateKey, byte[] originalBytes) throws KrbException {
- byte[] resultKey = null;
- if (encProvider().supportCbcMac()) {
- resultKey = encProvider().cbcMac(intermediateKey, intermediateKey, originalBytes);
- } else {
- throw new KrbException("cbcMac should be supported by the provider: "
- + encProvider().getClass());
- }
-
- keyCorrection(resultKey);
-
- return resultKey;
- }
-
- /**
- * Note this isn't hit any test yet, and very probably problematic
- */
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- if (randomBits.length != encProvider().keyInputSize()) {
- throw new KrbException("Invalid random bits, not of correct bytes size");
- }
-
- byte[] keyBytes = addParityBits(randomBits);
- keyCorrection(keyBytes);
-
- return keyBytes;
- }
-
- // Processing an 8bytesblock
- private static byte[] removeMSBits(byte[] bits56) {
- /**
- Treats a 64 bit block as 8 octets and removes the MSB in
- each octet (in big endian mode) and concatenates the result.
- E.g., the input octet string:
- 01110000 01100001 11110011 01110011 11110111 01101111 11110010 01100100
- =>
- 1110000 1100001 1110011 1110011 1110111 1101111 1110010 1100100
- */
-
- /**
- * We probably do nothing here, just pretending the MSB bit to be discarded,
- * and ensure the MSB will not be used in the following processing.
- */
-
- return bits56;
- }
-
- // Processing an 56bitblock
- private static void reverse(byte[] bits56) {
- /**
- Treats a 56-bit block as a binary string and reverses it.
- E.g., the input string:
- 1000001 1010100 1001000 1000101 1001110 1000001 0101110 1001101
- =>
- 1000001 0010101 0001001 1010001 0111001 1000001 0101110 1011001
- =>
- 1011001 0111010 1000001 0111001 1010001 0001001 0010101 1000001
- */
-
- // Reversing in a 7bit
- int t1, t2;
- byte bt;
- for (int i = 0; i < 8; ++i) {
- bt = bits56[i];
-
- t1 = (bt >> 6) & 1;
- t2 = (bt >> 0) & 1;
- if (t1 != t2) bt ^= (1 << 6 | 1 << 0);
-
- t1 = (bt >> 5) & 1;
- t2 = (bt >> 1) & 1;
- if (t1 != t2) bt ^= (1 << 5 | 1 << 1);
-
- t1 = (bt >> 4) & 1;
- t2 = (bt >> 2) & 1;
- if (t1 != t2) bt ^= (1 << 4 | 1 << 2);
-
- bits56[i] = bt;
- }
-
- // Reversing the 8 7bit
- bt = bits56[7];
- bits56[7] = bits56[0];
- bits56[0] = bt;
-
- bt = bits56[6];
- bits56[6] = bits56[1];
- bits56[1] = bt;
-
- bt = bits56[5];
- bits56[5] = bits56[2];
- bits56[2] = bt;
-
- bt = bits56[4];
- bits56[4] = bits56[3];
- bits56[3] = bt;
- }
-
- private static byte[] addParityBits(byte[] bits56) {
- /**
- Copies a 56-bit block into a 64-bit block, left shifts
- content in each octet, and add DES parity bit.
- E.g., the input string:
- 1100000 0001111 0011100 0110100 1000101 1100100 0110110 0010111
- =>
- 11000001 00011111 00111000 01101000 10001010 11001000 01101101 00101111
- */
- byte bt;
- for (int i = 0; i < 8; i++) {
- bits56[i] <<= 1;
- }
-
- addParity(bits56);
-
- return bits56;
- }
-
- private static void keyCorrection(byte[] key) {
- addParity(key);
- Des.fixKey(key, 0, key.length);
- }
-
- private static int smask(int step) {
- return (1 << step) - 1;
- }
-
- private static byte pstep(byte x, int step) {
- return (byte) ((x & smask(step)) ^ ((x >> step) & smask(step)));
- }
-
- private static byte parityChar(byte abyte) {
- //#define smask(step) ((1<<step)-1)
- //#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
- //#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
- return pstep(pstep(pstep(abyte, 4), 2), 1);
- }
-
- private static void addParity(byte[] key) {
- for (int i = 0; i < key.length; ++i) {
- key[i] &= 0xfe;
- key[i] |= 1 ^ parityChar(key[i]);
- }
- }
-
- // Returns true if the key has correct des parity
- private static boolean checkKeyParity(byte[] key) {
- for (int i = 0; i < key.length; ++i) {
- if ((key[i] & 1) == parityChar((byte) (key[i] & 0xfe))) {
- return false;
- }
- }
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DkKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DkKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DkKeyMaker.java
deleted file mode 100644
index 982e10a..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DkKeyMaker.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.Nfold;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-public abstract class DkKeyMaker extends AbstractKeyMaker {
-
- public DkKeyMaker(EncryptProvider encProvider) {
- super(encProvider);
- }
-
- // DK(Key, Constant) = random-to-key(DR(Key, Constant))
- public byte[] dk(byte[] key, byte[] constant) throws KrbException {
- return random2Key(dr(key, constant));
- }
-
- /*
- * K1 = E(Key, n-fold(Constant), initial-cipher-state)
- * K2 = E(Key, K1, initial-cipher-state)
- * K3 = E(Key, K2, initial-cipher-state)
- * K4 = ...
- * DR(Key, Constant) = k-truncate(K1 | K2 | K3 | K4 ...)
- */
- protected byte[] dr(byte[] key, byte[] constant) throws KrbException {
-
- int blocksize = encProvider().blockSize();
- int keyInuptSize = encProvider().keyInputSize();
- byte[] keyBytes = new byte[keyInuptSize];
- byte[] Ki;
-
- if (constant.length != blocksize) {
- Ki = Nfold.nfold(constant, blocksize);
- } else {
- Ki = new byte[constant.length];
- System.arraycopy(constant, 0, Ki, 0, constant.length);
- }
-
- int n = 0, len;
- while (n < keyInuptSize) {
- encProvider().encrypt(key, Ki);
-
- if (n + blocksize >= keyInuptSize) {
- System.arraycopy(Ki, 0, keyBytes, n, keyInuptSize - n);
- break;
- }
-
- System.arraycopy(Ki, 0, keyBytes, n, blocksize);
- n += blocksize;
- }
-
- return keyBytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/KeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/KeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/KeyMaker.java
deleted file mode 100644
index a7a0f2d..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/KeyMaker.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.KrbException;
-
-public interface KeyMaker {
-
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException;
-
- public byte[] random2Key(byte[] randomBits) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Rc4KeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Rc4KeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Rc4KeyMaker.java
deleted file mode 100644
index 07b1d98..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/Rc4KeyMaker.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.key;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-import sun.security.provider.MD4;
-
-import java.io.UnsupportedEncodingException;
-import java.security.MessageDigest;
-
-public class Rc4KeyMaker extends AbstractKeyMaker {
-
- public Rc4KeyMaker(EncryptProvider encProvider) {
- super(encProvider);
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
-
- if (param != null && param.length > 0) {
- throw new RuntimeException("Invalid param to str2Key");
- }
-
- try {
- byte[] passwd = string.getBytes("UTF-16LE"); // to unicode
- MessageDigest md = MD4.getInstance();
- md.update(passwd);
- return md.digest();
- } catch (UnsupportedEncodingException e) {
- throw new KrbException("str2key failed", e);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf b/haox-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
deleted file mode 100644
index d118dd1..0000000
--- a/haox-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = {0}
- udp_preference_limit = 1
-
-[realms]
- {0} = '{'
- kdc = {1}:{2}
- '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/resources/kdc.ldiff b/haox-kerb/kerb-crypto/src/main/resources/kdc.ldiff
deleted file mode 100644
index bc989c3..0000000
--- a/haox-kerb/kerb-crypto/src/main/resources/kdc.ldiff
+++ /dev/null
@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-dn: ou=users,dc=${0},dc=${1}
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: KDC Service
-sn: Service
-uid: krbtgt
-userPassword: secret
-krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
-krb5KeyVersionNumber: 0
-
-dn: uid=ldap,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: LDAP
-sn: Service
-uid: ldap
-userPassword: secret
-krb5PrincipalName: ldap/${4}@${2}.${3}
-krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CamelliaEncTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CamelliaEncTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CamelliaEncTest.java
deleted file mode 100644
index dcf063b..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CamelliaEncTest.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
-import org.haox.util.HexUtil;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-public class CamelliaEncTest {
-
- private List<String> outputs = new ArrayList<String>();
- private int keySize;
-
- private byte[] plain = new byte[16];
- private byte[] cipher = new byte[16];
- private EncryptProvider encProvider;
-
- private List<String> getExpectedLines() throws IOException {
- InputStream res = CamelliaEncTest.class.getResourceAsStream("/camellia-expect-vt.txt");
- BufferedReader br = new BufferedReader(new InputStreamReader(res));
-
- List<String> results = new ArrayList<String>();
- String line;
- while ((line = br.readLine()) != null) {
- line = line.trim();
- if (! line.isEmpty()) {
- results.add(line);
- }
- }
- return results;
- }
-
- @Test
- public void testEnc() throws IOException, KrbException {
- List<String> expectedLines = getExpectedLines();
-
- testWith(16);
- outputs.add("==========");
- testWith(32);
- outputs.add("==========");
-
- List<String> newLines = expectedLines;
- Assert.assertEquals("Comparing new lines with expected lines",
- expectedLines, outputs);
- }
-
- private void testWith(int keySize) throws KrbException {
- this.keySize = keySize;
- outputs.add("KEYSIZE=" + (keySize * 8));
-
- encProvider = keySize == 16 ?
- new Camellia128Provider() : new Camellia256Provider();
-
- byte[] key = new byte[keySize];
- Arrays.fill(key, (byte) 0);
- hexDump("KEY", key);
-
- for (int i = 0; i < 16 * 8; ++i) {
- Arrays.fill(plain, (byte) 0);
- setBit(plain, i);
- outputs.add("I=" + (i + 1));
- hexDump("PT", plain);
- encWith(key);
- hexDump("CT", cipher);
- }
- }
-
- private void hexDump(String label, byte[] bytes) {
- String line = label + "=" + HexUtil.bytesToHex(bytes);
- outputs.add(line);
- }
-
- private static void setBit(byte[] bytes, int bitnum) {
- int bytenum = bitnum / 8;
- bitnum %= 8;
- // First bit is the high bit!
- bytes[bytenum] = (byte) (1 << (7 - bitnum));
- }
-
- private void encWith(byte[] key) throws KrbException {
- System.arraycopy(plain, 0, cipher, 0, plain.length);
- encProvider.encrypt(key, cipher);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumTest.java
deleted file mode 100644
index 9937e91..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.spec.common.*;
-import org.haox.util.HexUtil;
-import org.junit.Test;
-
-/**
- * Only used to test for rsa-md4-des and rsa-md5-des
- */
-public class CheckSumTest {
-
- static class CksumTest {
- CheckSumType cksumType;
- String plainText;
- String knownChecksum;
-
- CksumTest(CheckSumType cksumType, String plainText, String knownChecksum) {
- this.cksumType = cksumType;
- this.plainText = plainText;
- this.knownChecksum = knownChecksum;
- }
- }
-
- static CksumTest[] testCases = new CksumTest[] {
- new CksumTest(
- CheckSumType.RSA_MD4_DES,
- "this is a test",
- "e3f76a07f3401e3536b43a3f54226c39422c35682c354835"
- ),
- new CksumTest(
- CheckSumType.RSA_MD5_DES,
- "this is a test",
- "e3f76a07f3401e351143ee6f4c09be1edb4264d55015db53"
- )
- };
-
- static byte[] TESTKEY = { (byte)0x45, (byte)0x01, (byte)0x49, (byte)0x61, (byte)0x58,
- (byte)0x19, (byte)0x1a, (byte)0x3d };
-
- @Test
- public void testCheckSums() {
- for (CksumTest tc : testCases) {
- System.err.println("Checksum testing for " + tc.cksumType.getName());
- try {
- testWith(tc);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }
-
- private void testWith(CksumTest testCase) throws Exception {
- byte[] knownChecksum = HexUtil.hex2bytes(testCase.knownChecksum);
- byte[] plainData = testCase.plainText.getBytes();
- CheckSum newCksum;
-
- if (! CheckSumHandler.isImplemented(testCase.cksumType)) {
- System.err.println("Checksum type not supported yet: "
- + testCase.cksumType.getName());
- return;
- }
-
- EncryptionKey key = new EncryptionKey(EncryptionType.DES_CBC_CRC, TESTKEY);
-
- newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key.getKeyData(), KeyUsage.NONE);
-
- if (CheckSumHandler.verifyWithKey(newCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
- System.err.println("Checksum verifying is OK for " + testCase.cksumType.getName());
- } else {
- System.err.println("Checksum verifying failed for " + testCase.cksumType.getName());
- }
-
- // corrupt and verify again
- byte[] cont = newCksum.getChecksum();
- cont[0]++;
- newCksum.setChecksum(cont);
- if (CheckSumHandler.verifyWithKey(newCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
- System.err.println("Checksum verifying failed with corrupt data for " + testCase.cksumType.getName());
- } else {
- System.err.println("Checksum verifying is OK with corrupt data for " + testCase.cksumType.getName());
- }
-
- CheckSum knwnCksum = new CheckSum(testCase.cksumType, knownChecksum);
- if (CheckSumHandler.verifyWithKey(knwnCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
- System.err.println("Checksum verifying is OK with known checksum for " + testCase.cksumType.getName());
- } else {
- System.err.println("Checksum verifying failed with known checksum for " + testCase.cksumType.getName());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumsTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumsTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumsTest.java
deleted file mode 100644
index 68f5a85..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CheckSumsTest.java
+++ /dev/null
@@ -1,233 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.haox.util.HexUtil;
-import org.junit.Test;
-
-import static org.junit.Assert.fail;
-
-/**
- * These are to test the checksums of good answers, and the checksums
- * are deterministic. For other cases, look at CheckSumTest.
- */
-public class CheckSumsTest {
-
- private static class CksumTest {
- String plainText;
- CheckSumType cksumType;
- EncryptionType encType;
- String key;
- int keyUsage;
- String answer;
-
- CksumTest(String plainText, CheckSumType cksumType, EncryptionType encType,
- int keyUsage, String key, String answer) {
- this.plainText = plainText;
- this.cksumType = cksumType;
- this.encType = encType;
- this.key = key;
- this.keyUsage = keyUsage;
- this.answer = answer;
- }
- }
-
- @Test
- public void testCheckSums_CRC32() throws Exception {
- performTest(new CksumTest(
- "abc",
- CheckSumType.CRC32, EncryptionType.NONE, 0, "",
- "D09865CA"
- ));
- }
-
- @Test
- public void testCheckSums_RSA_MD4() throws Exception {
- performTest(new CksumTest(
- "one",
- CheckSumType.RSA_MD4, EncryptionType.NONE, 0, "",
- "305DCC2C0FDD5339969552C7B8996348"
- ));
- }
-
- @Test
- public void testCheckSums_RSA_MD5() throws Exception {
- performTest(new CksumTest(
- "two three four five",
- CheckSumType.RSA_MD5, EncryptionType.NONE, 0, "",
- "BAB5321551E1084490869635B3C26815"
- ));
- }
-
- @Test
- public void testCheckSums_NIST_SHA() throws Exception {
- performTest(new CksumTest(
- "",
- CheckSumType.NIST_SHA, EncryptionType.NONE, 0, "",
- "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709"
- ));
- }
-
- @Test
- public void testCheckSums_HMAC_SHA1_DES3() throws Exception {
- performTest(new CksumTest(
- "six seven",
- CheckSumType.HMAC_SHA1_DES3, EncryptionType.DES3_CBC_SHA1, 2,
- "7A25DF8992296DCEDA0E135BC4046E2375B3C14C98FBC162",
- "0EEFC9C3E049AABC1BA5C401677D9AB699082BB4"
- ));
- }
-
- @Test
- public void testCheckSums_HMAC_SHA1_96_AES128() throws Exception {
- performTest(new CksumTest(
- "eight nine ten eleven twelve thirteen",
- CheckSumType.HMAC_SHA1_96_AES128, EncryptionType.AES128_CTS_HMAC_SHA1_96, 3,
- "9062430C8CDA3388922E6D6A509F5B7A",
- "01A4B088D45628F6946614E3"
- ));
- }
-
- @Test
- public void testCheckSums_HMAC_SHA1_96_AES256() throws Exception {
- performTest(new CksumTest(
- "fourteen",
- CheckSumType.HMAC_SHA1_96_AES256, EncryptionType.AES256_CTS_HMAC_SHA1_96, 4,
- "B1AE4CD8462AFF1677053CC9279AAC30B796FB81CE21474DD3DDBCFEA4EC76D7",
- "E08739E3279E2903EC8E3836"
- ));
- }
-
- @Test
- public void testCheckSums_MD5_HMAC_ARCFOUR() throws Exception {
- performTest(new CksumTest(
- "fifteen sixteen",
- CheckSumType.MD5_HMAC_ARCFOUR, EncryptionType.ARCFOUR_HMAC, 5,
- "F7D3A155AF5E238A0B7A871A96BA2AB2",
- "9F41DF304907DE735447001FD2A197B9"
- ));
- }
-
- @Test
- public void testCheckSums_HMAC_MD5_ARCFOUR() throws Exception {
- performTest(new CksumTest(
- "seventeen eighteen nineteen twenty",
- CheckSumType.HMAC_MD5_ARCFOUR, EncryptionType.ARCFOUR_HMAC, 6,
- "F7D3A155AF5E238A0B7A871A96BA2AB2",
- "EB38CC97E2230F59DA4117DC5859D7EC"
- ));
- }
-
- @Test
- public void testCheckSums_CMAC_CAMELLIA128_1() throws Exception {
- performTest(new CksumTest(
- "abcdefghijk",
- CheckSumType.CMAC_CAMELLIA128, EncryptionType.CAMELLIA128_CTS_CMAC, 7,
- "1DC46A8D763F4F93742BCBA3387576C3",
- "1178E6C5C47A8C1AE0C4B9C7D4EB7B6B"
- ));
- }
-
- @Test
- public void testCheckSums_CMAC_CAMELLIA128_2() throws Exception {
- performTest(new CksumTest(
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- CheckSumType.CMAC_CAMELLIA128, EncryptionType.CAMELLIA128_CTS_CMAC, 8,
- "5027BC231D0F3A9D23333F1CA6FDBE7C",
- "D1B34F7004A731F23A0C00BF6C3F753A"
- ));
- }
-
- @Test
- public void testCheckSums_CMAC_CAMELLIA256_1() throws Exception {
- performTest(new CksumTest(
- "123456789",
- CheckSumType.CMAC_CAMELLIA256, EncryptionType.CAMELLIA256_CTS_CMAC, 9,
- "B61C86CC4E5D2757545AD423399FB7031ECAB913CBB900BD7A3C6DD8BF92015B",
- "87A12CFD2B96214810F01C826E7744B1"
- ));
- }
-
- @Test
- public void testCheckSums_CMAC_CAMELLIA256_2() throws Exception {
- performTest(new CksumTest(
- "!@#$%^&*()!@#$%^&*()!@#$%^&*()",
- CheckSumType.CMAC_CAMELLIA256, EncryptionType.CAMELLIA256_CTS_CMAC, 10,
- "32164C5B434D1D1538E4CFD9BE8040FE8C4AC7ACC4B93D3314D2133668147A05",
- "3FA0B42355E52B189187294AA252AB64"
- ));
- }
-
- /**
- * Perform checksum checks using the testcase data object
- * @param testCase
- * @throws Exception
- */
- private static void performTest(CksumTest testCase) throws Exception {
- byte[] answer = HexUtil.hex2bytes(testCase.answer);
- byte[] plainData = testCase.plainText.getBytes();
- CheckSum newCksum;
-
- if (! CheckSumHandler.isImplemented(testCase.cksumType)) {
- fail("Checksum type not supported yet: "
- + testCase.cksumType.getName());
- return;
- }
-
- if (testCase.encType != EncryptionType.NONE) {
- /**
- * For keyed checksum types
- */
- if (! EncryptionHandler.isImplemented(testCase.encType)) {
- fail("Key type not supported yet: " + testCase.encType.getName());
- return;
- }
-
- byte[] key = HexUtil.hex2bytes(testCase.key);
- KeyUsage keyUsage = KeyUsage.fromValue(testCase.keyUsage);
- newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key, keyUsage);
- if (CheckSumHandler.verifyWithKey(newCksum, plainData, key, keyUsage)) {
- System.out.println("Checksum test OK for " + testCase.cksumType.getName());
- } else {
- fail("Checksum test failed for " + testCase.cksumType.getName());
- }
- } else {
- /**
- * For un-keyed checksum types
- */
- newCksum = CheckSumHandler.checksum(testCase.cksumType, plainData);
- if (CheckSumHandler.verify(newCksum, plainData)) {
- System.out.println("Checksum and verifying OK for " + testCase.cksumType.getName());
- } else {
- fail("Checksum and verifying failed for " + testCase.cksumType.getName());
- }
- }
-
- if (! newCksum.isEqual(answer)) {
- fail("Checksum test failed for " + testCase.cksumType.getName());
- } else {
- System.out.println("Checksum test OK for " + testCase.cksumType.getName());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CmacTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CmacTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CmacTest.java
deleted file mode 100644
index 08f7e1c..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/CmacTest.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
-import org.haox.util.HexUtil;
-import org.junit.Assert;
-import org.junit.Test;
-
-public class CmacTest {
-
- /* All examples use the following Camellia-128 key. */
- static String keyBytes = "2b7e151628aed2a6" +
- "abf7158809cf4f3c";
-
- /* Example inputs are this message truncated to 0, 16, 40, and 64 bytes. */
- static String inputBytes = "6bc1bee22e409f96" +
- "e93d7e117393172a" +
- "ae2d8a571e03ac9c" +
- "9eb76fac45af8e51" +
- "30c81c46a35ce411" +
- "e5fbc1191a0a52ef" +
- "f69f2445df4f9b17" +
- "ad2b417be66c3710";
-
- /* Expected result of CMAC on empty inputBytes. */
- static String cmac1 = "ba925782aaa1f5d9" +
- "a00f89648094fc71";
-
- /* Expected result of CMAC on first 16 bytes of inputBytes. */
- static String cmac2 = "6d962854a3b9fda5" +
- "6d7d45a95ee17993";
-
- /* Expected result of CMAC on first 40 bytes of inputBytes. */
- static String cmac3 = "5c18d119ccd67661" +
- "44ac1866131d9f22";
-
- /* Expected result of CMAC on all 64 bytes of inputBytes. */
- static String cmac4 = "c2699a6eba55ce9d" +
- "939a8a4e19466ee9";
-
-
- @Test
- public void testCmac() throws KrbException, KrbException {
- byte[] key = HexUtil.hex2bytes(keyBytes);
- byte[] input = HexUtil.hex2bytes(inputBytes);
- EncryptProvider encProvider = new Camellia128Provider();
- byte[] result;
-
- // test 1
- result = Cmac.cmac(encProvider, key, input, 0, 0);
- Assert.assertArrayEquals("Test 1", HexUtil.hex2bytes(cmac1), result);
-
- // test 2
- result = Cmac.cmac(encProvider, key, input, 0, 16);
- Assert.assertArrayEquals("Test 2", HexUtil.hex2bytes(cmac2), result);
-
- // test 3
- result = Cmac.cmac(encProvider, key, input, 0, 40);
- Assert.assertArrayEquals("Test 3", HexUtil.hex2bytes(cmac3), result);
-
- // test 4
- result = Cmac.cmac(encProvider, key, input, 0, 64);
- Assert.assertArrayEquals("Test 4", HexUtil.hex2bytes(cmac4), result);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/Crc32Test.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/Crc32Test.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/Crc32Test.java
deleted file mode 100644
index bf21d8a..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/Crc32Test.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.haox.util.HexUtil;
-import org.junit.Assert;
-import org.junit.Test;
-
-public class Crc32Test {
-
- static class TestCase {
- String data;
- long answer;
-
- public TestCase(String data, long answer) {
- this.data = data;
- this.answer = answer;
- }
- }
-
- static TestCase[] testCases = new TestCase[] {
- new TestCase("01", 0x77073096),
- new TestCase("02", 0xee0e612c),
- new TestCase("04", 0x076dc419),
- new TestCase("08", 0x0edb8832),
- new TestCase("10", 0x1db71064),
- new TestCase("20", 0x3b6e20c8),
- new TestCase("40", 0x76dc4190),
- new TestCase("80", 0xedb88320),
- new TestCase("0100", 0x191b3141),
- new TestCase("0200", 0x32366282),
- new TestCase("0400", 0x646cc504),
- new TestCase("0800", 0xc8d98a08),
- new TestCase("1000", 0x4ac21251),
- new TestCase("2000", 0x958424a2),
- new TestCase("4000", 0xf0794f05),
- new TestCase("8000", 0x3b83984b),
- new TestCase("0001", 0x77073096),
- new TestCase("0002", 0xee0e612c),
- new TestCase("0004", 0x076dc419),
- new TestCase("0008", 0x0edb8832),
- new TestCase("0010", 0x1db71064),
- new TestCase("0020", 0x3b6e20c8),
- new TestCase("0040", 0x76dc4190),
- new TestCase("0080", 0xedb88320),
- new TestCase("01000000", 0xb8bc6765),
- new TestCase("02000000", 0xaa09c88b),
- new TestCase("04000000", 0x8f629757),
- new TestCase("08000000", 0xc5b428ef),
- new TestCase("10000000", 0x5019579f),
- new TestCase("20000000", 0xa032af3e),
- new TestCase("40000000", 0x9b14583d),
- new TestCase("80000000", 0xed59b63b),
- new TestCase("00010000", 0x01c26a37),
- new TestCase("00020000", 0x0384d46e),
- new TestCase("00040000", 0x0709a8dc),
- new TestCase("00080000", 0x0e1351b8),
- new TestCase("00100000", 0x1c26a370),
- new TestCase("00200000", 0x384d46e0),
- new TestCase("00400000", 0x709a8dc0),
- new TestCase("00800000", 0xe1351b80),
- new TestCase("00000100", 0x191b3141),
- new TestCase("00000200", 0x32366282),
- new TestCase("00000400", 0x646cc504),
- new TestCase("00000800", 0xc8d98a08),
- new TestCase("00001000", 0x4ac21251),
- new TestCase("00002000", 0x958424a2),
- new TestCase("00004000", 0xf0794f05),
- new TestCase("00008000", 0x3b83984b),
- new TestCase("00000001", 0x77073096),
- new TestCase("00000002", 0xee0e612c),
- new TestCase("00000004", 0x076dc419),
- new TestCase("00000008", 0x0edb8832),
- new TestCase("00000010", 0x1db71064),
- new TestCase("00000020", 0x3b6e20c8),
- new TestCase("00000040", 0x76dc4190),
- new TestCase("00000080", 0xedb88320),
- new TestCase("666F6F", 0x7332bc33),
- new TestCase("7465737430313233343536373839", 0xb83e88d6),
- new TestCase("4D4153534143485653455454532049" +
- "4E53544954565445204F4620544543484E4F4C4F4759", 0xe34180f7)
- };
-
- @Test
- public void testCrc32() {
- boolean isOk = true;
- for (TestCase tc : testCases) {
- if (! testWith(tc)) {
- isOk = false;
- System.err.println("Test with data " + tc.data + " failed");
- }
- }
-
- Assert.assertTrue(isOk);
- }
-
- private boolean testWith(TestCase testCase) {
- byte[] data = HexUtil.hex2bytes(testCase.data);
- long value = Crc32.crc(0, data, 0, data.length);
- return value == testCase.answer;
- }
-}
[31/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
deleted file mode 100644
index 1d3c347..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- trustedCertifiers SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
- */
-public class TrustedCertifiers extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
deleted file mode 100644
index cb0ec8d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-TOKEN-CHALLENGE ::= SEQUENCE {
- tokenInfos [0] SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
- }
-*/
-public class PaTokenChallenge extends KrbSequenceType {
- private static int TOKENINFOS = 0;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TOKENINFOS, TokenInfos.class)
- };
-
- public PaTokenChallenge() {
- super(fieldInfos);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
deleted file mode 100644
index 7e138b6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.KrbToken;
-
-/**
- PA-TOKEN-REQUEST ::= SEQUENCE {
- token [0] OCTET STRING,
- tokenInfo [1] TokenInfo
- }
-*/
-public class PaTokenRequest extends KrbSequenceType {
- private static int TOKEN_INFO = 0;
- private static int TOKEN = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TOKEN_INFO, TokenInfo.class),
- new Asn1FieldInfo(TOKEN, KrbToken.class)
- };
-
- public PaTokenRequest() {
- super(fieldInfos);
- }
-
- public KrbToken getToken() {
- return getFieldAs(TOKEN, KrbToken.class);
- }
-
- public void setToken(KrbToken token) {
- setFieldAs(TOKEN, token);
- }
-
- public String getTokenInfo() {
- return getFieldAsString(TOKEN_INFO);
- }
-
- public void setTokenInfo(TokenInfo tokenInfo) {
- setFieldAs(TOKEN_INFO, tokenInfo);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
deleted file mode 100644
index dd5edd6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum TokenFlag implements KrbEnum {
- NONE(-1),
- ID_TOKEN_REQUIRED(0x40000000),
- AC_TOKEN_REQUIRED(0x20000000),
- BEARER_TOKEN_REQUIRED(0x10000000),
- HOK_TOKEN_REQUIRED(0x08000000);
-
- private final int value;
-
- private TokenFlag(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static TokenFlag fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (TokenFlag) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
deleted file mode 100644
index dde5ca7..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-import static org.apache.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
-
-public class TokenFlags extends KrbFlags {
-
- public TokenFlags() {
- this(0);
- }
-
- public TokenFlags(int value) {
- setFlags(value);
- }
-
- public boolean isInvalid() {
- return isFlagSet(INVALID.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
deleted file mode 100644
index d1e7067..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.haox.asn1.type.Asn1Utf8String;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- TokenInfo ::= SEQUENCE {
- flags [0] TokenFlags,
- tokenVendor [1] UTF8String,
- }
- */
-public class TokenInfo extends KrbSequenceType {
- private static int FLAGS = 0;
- private static int TOKEN_VENDOR = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
- new Asn1FieldInfo(TOKEN_VENDOR, Asn1Utf8String.class),
- };
-
- public TokenInfo() {
- super(fieldInfos);
- }
-
- public TokenFlags getFlags() {
- return getFieldAs(FLAGS, TokenFlags.class);
- }
-
- public void setFlags(TokenFlags flags) {
- setFieldAs(FLAGS, flags);
- }
-
- public String getTokenVendor() {
- return getFieldAsString(TOKEN_VENDOR);
- }
-
- public void setTokenVendor(String tokenVendor) {
- setFieldAs(TOKEN_VENDOR, new Asn1Utf8String(tokenVendor));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
deleted file mode 100644
index 127213c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.token;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
-*/
-public class TokenInfos extends KrbSequenceOfType<TokenInfo> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
deleted file mode 100644
index b8f7a55..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.kdc.EncKdcRepPart;
-
-public class AbstractServiceTicket {
- private Ticket ticket;
- private EncKdcRepPart encKdcRepPart;
-
- public AbstractServiceTicket(Ticket ticket, EncKdcRepPart encKdcRepPart) {
- this.ticket = ticket;
- this.encKdcRepPart = encKdcRepPart;
- }
-
- public Ticket getTicket() {
- return ticket;
- }
-
- public EncKdcRepPart getEncKdcRepPart() {
- return encKdcRepPart;
- }
-
- public EncryptionKey getSessionKey() {
- return encKdcRepPart.getKey();
- }
-
- public String getRealm() {
- return ticket.getRealm();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
deleted file mode 100644
index b5599ed..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerberos.kerb.spec.common.*;
-
-/**
- -- Encrypted part of ticket
- EncTicketPart ::= [APPLICATION 3] SEQUENCE {
- flags [0] TicketFlags,
- key [1] EncryptionKey,
- crealm [2] Realm,
- cname [3] PrincipalName,
- transited [4] TransitedEncoding,
- authtime [5] KerberosTime,
- starttime [6] KerberosTime OPTIONAL,
- endtime [7] KerberosTime,
- renew-till [8] KerberosTime OPTIONAL,
- caddr [9] HostAddresses OPTIONAL,
- authorization-data [10] AuthorizationData OPTIONAL
- }
- */
-public class EncTicketPart extends KrbAppSequenceType {
- public static final int TAG = 3;
-
- private static int FLAGS = 0;
- private static int KEY = 1;
- private static int CREALM = 2;
- private static int CNAME = 3;
- private static int TRANSITED = 4;
- private static int AUTHTIME = 5;
- private static int STARTTIME = 6;
- private static int ENDTIME = 7;
- private static int RENEW_TILL = 8;
- private static int CADDR = 9;
- private static int AUTHORIZATION_DATA = 10;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(FLAGS, 0, TicketFlags.class),
- new Asn1FieldInfo(KEY, 1, EncryptionKey.class),
- new Asn1FieldInfo(CREALM, 2, KerberosString.class),
- new Asn1FieldInfo(CNAME, 3, PrincipalName.class),
- new Asn1FieldInfo(TRANSITED, 4, TransitedEncoding.class),
- new Asn1FieldInfo(AUTHTIME, 5, KerberosTime.class),
- new Asn1FieldInfo(STARTTIME, 6, KerberosTime.class),
- new Asn1FieldInfo(ENDTIME, 7, KerberosTime.class),
- new Asn1FieldInfo(ENDTIME, 8, KerberosTime.class),
- new Asn1FieldInfo(CADDR, 9, HostAddresses.class),
- new Asn1FieldInfo(AUTHORIZATION_DATA, 10, AuthorizationData.class)
- };
-
- public EncTicketPart() {
- super(TAG, fieldInfos);
- }
-
- public TicketFlags getFlags() {
- return getFieldAs(FLAGS, TicketFlags.class);
- }
-
- public void setFlags(TicketFlags flags) {
- setFieldAs(FLAGS, flags);
- }
-
- public EncryptionKey getKey() {
- return getFieldAs(KEY, EncryptionKey.class);
- }
-
- public void setKey(EncryptionKey key) {
- setFieldAs(KEY, key);
- }
-
- public String getCrealm() {
- return getFieldAsString(CREALM);
- }
-
- public void setCrealm(String crealm) {
- setFieldAsString(CREALM, crealm);
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName cname) {
- setFieldAs(CNAME, cname);
- }
-
- public TransitedEncoding getTransited() {
- return getFieldAs(TRANSITED, TransitedEncoding.class);
- }
-
- public void setTransited(TransitedEncoding transited) {
- setFieldAs(TRANSITED, transited);
- }
-
- public KerberosTime getAuthTime() {
- return getFieldAs(AUTHTIME, KerberosTime.class);
- }
-
- public void setAuthTime(KerberosTime authTime) {
- setFieldAs(AUTHTIME, authTime);
- }
-
- public KerberosTime getStartTime() {
- return getFieldAs(STARTTIME, KerberosTime.class);
- }
-
- public void setStartTime(KerberosTime startTime) {
- setFieldAs(STARTTIME, startTime);
- }
-
- public KerberosTime getEndTime() {
- return getFieldAs(ENDTIME, KerberosTime.class);
- }
-
- public void setEndTime(KerberosTime endTime) {
- setFieldAs(ENDTIME, endTime);
- }
-
- public KerberosTime getRenewtill() {
- return getFieldAs(RENEW_TILL, KerberosTime.class);
- }
-
- public void setRenewtill(KerberosTime renewtill) {
- setFieldAs(RENEW_TILL, renewtill);
- }
-
- public HostAddresses getClientAddresses() {
- return getFieldAs(CADDR, HostAddresses.class);
- }
-
- public void setClientAddresses(HostAddresses clientAddresses) {
- setFieldAs(CADDR, clientAddresses);
- }
-
- public AuthorizationData getAuthorizationData() {
- return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
- }
-
- public void setAuthorizationData(AuthorizationData authorizationData) {
- setFieldAs(AUTHORIZATION_DATA, authorizationData);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
deleted file mode 100644
index 1475440..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.kdc.EncTgsRepPart;
-
-public class ServiceTicket extends AbstractServiceTicket {
- public ServiceTicket(Ticket ticket, EncTgsRepPart encKdcRepPart) {
- super(ticket, encKdcRepPart);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
deleted file mode 100644
index 592b8e3..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.EncAsRepPart;
-
-public class TgtTicket extends AbstractServiceTicket {
- private PrincipalName clientPrincipal;
-
- public TgtTicket(Ticket ticket, EncAsRepPart encKdcRepPart, String clientPrincipal) {
- super(ticket, encKdcRepPart);
- this.clientPrincipal = new PrincipalName(clientPrincipal);
- }
-
- public PrincipalName getClientPrincipal() {
- return clientPrincipal;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
deleted file mode 100644
index 504ff5f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.KrbConstant;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-/**
- Ticket ::= [APPLICATION 1] SEQUENCE {
- tkt-vno [0] INTEGER (5),
- realm [1] Realm,
- sname [2] PrincipalName,
- enc-part [3] EncryptedData -- EncTicketPart
- }
- */
-public class Ticket extends KrbAppSequenceType {
- public static final int TKT_KVNO = KrbConstant.KRB_V5;
- public static final int TAG = 1;
-
- private static int TKT_VNO = 0;
- private static int REALM = 1;
- private static int SNAME = 2;
- private static int ENC_PART = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TKT_VNO, 0, Asn1Integer.class),
- new Asn1FieldInfo(REALM, 1, KerberosString.class),
- new Asn1FieldInfo(SNAME, 2, PrincipalName.class),
- new Asn1FieldInfo(ENC_PART, 3, EncryptedData.class)
- };
-
- public Ticket() {
- super(TAG, fieldInfos);
- setTktKvno(TKT_KVNO);
- }
-
- private EncTicketPart encPart;
-
- public int getTktvno() {
- return getFieldAsInt(TKT_VNO);
- }
-
- public void setTktKvno(int kvno) {
- setFieldAsInt(TKT_VNO, kvno);
- }
- public PrincipalName getSname() {
- return getFieldAs(SNAME, PrincipalName.class);
- }
-
- public void setSname(PrincipalName sname) {
- setFieldAs(SNAME, sname);
- }
-
- public String getRealm() {
- return getFieldAsString(REALM);
- }
-
- public void setRealm(String realm) {
- setFieldAs(REALM, new KerberosString(realm));
- }
-
- public EncryptedData getEncryptedEncPart() {
- return getFieldAs(ENC_PART, EncryptedData.class);
- }
-
- public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
- setFieldAs(ENC_PART, encryptedEncPart);
- }
-
- public EncTicketPart getEncPart() {
- return encPart;
- }
-
- public void setEncPart(EncTicketPart encPart) {
- this.encPart = encPart;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
deleted file mode 100644
index 4aec901..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum TicketFlag implements KrbEnum {
- NONE(-1),
- FORWARDABLE(0x40000000),
- FORWARDED(0x20000000),
- PROXIABLE(0x10000000),
- PROXY(0x08000000),
- MAY_POSTDATE(0x04000000),
- POSTDATED(0x02000000),
- INVALID(0x01000000),
- RENEWABLE(0x00800000),
- INITIAL(0x00400000),
- PRE_AUTH(0x00200000),
- HW_AUTH(0x00100000),
- TRANSIT_POLICY_CHECKED( 0x00080000),
- OK_AS_DELEGATE(0x00040000),
- ENC_PA_REP(0x00010000),
- ANONYMOUS(0x00008000);
-
- private final int value;
-
- private TicketFlag(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static TicketFlag fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (TicketFlag) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
deleted file mode 100644
index c81d53f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-import static org.apache.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
-
-public class TicketFlags extends KrbFlags {
-
- public TicketFlags() {
- this(0);
- }
-
- public TicketFlags(int value) {
- setFlags(value);
- }
-
- public boolean isInvalid() {
- return isFlagSet(INVALID.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
deleted file mode 100644
index f4d04b5..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.ticket;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- SEQUENCE OF Ticket
- */
-public class Tickets extends KrbSequenceOfType<Ticket> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
deleted file mode 100644
index 86f3c6c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.x509;
-
-import org.apache.haox.asn1.type.*;
-
-/**
- AlgorithmIdentifier ::= SEQUENCE {
- algorithm OBJECT IDENTIFIER,
- parameters ANY DEFINED BY algorithm OPTIONAL
- }
- */
-public class AlgorithmIdentifier extends Asn1SequenceType {
- private static int ALGORITHM = 0;
- private static int PARAMETERS = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ALGORITHM, -1, Asn1ObjectIdentifier.class),
- new Asn1FieldInfo(PARAMETERS, -1, Asn1Any.class)
- };
-
- public AlgorithmIdentifier() {
- super(fieldInfos);
- }
-
- public Asn1ObjectIdentifier getAlgorithm() {
- return getFieldAs(ALGORITHM, Asn1ObjectIdentifier.class);
- }
-
- public void setAlgorithm(Asn1ObjectIdentifier algorithm) {
- setFieldAs(ALGORITHM, algorithm);
- }
-
- public Asn1Type getParameters() {
- return getFieldAsAny(PARAMETERS);
- }
-
- public void setParameters(Asn1Type parameters) {
- setFieldAsAny(PARAMETERS, parameters);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
deleted file mode 100644
index cf49990..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.x509;
-
-import org.apache.haox.asn1.type.Asn1BitString;
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1SequenceType;
-
-/**
- SubjectPublicKeyInfo ::= SEQUENCE {
- algorithm AlgorithmIdentifier,
- subjectPublicKey BIT STRING
- }
- */
-public class SubjectPublicKeyInfo extends Asn1SequenceType {
- private static int ALGORITHM = 0;
- private static int SUBJECT_PUBLIC_KEY = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ALGORITHM, -1, AlgorithmIdentifier.class),
- new Asn1FieldInfo(SUBJECT_PUBLIC_KEY, -1, Asn1BitString.class)
- };
-
- public SubjectPublicKeyInfo() {
- super(fieldInfos);
- }
-
- public AlgorithmIdentifier getAlgorithm() {
- return getFieldAs(ALGORITHM, AlgorithmIdentifier.class);
- }
-
- public void setAlgorithm(AlgorithmIdentifier algorithm) {
- setFieldAs(ALGORITHM, algorithm);
- }
-
- public byte[] getSubjectPubKey() {
- return getFieldAsOctets(SUBJECT_PUBLIC_KEY);
- }
-
- public void setSubjectPubKey(byte[] subjectPubKey) {
- setFieldAs(SUBJECT_PUBLIC_KEY, new Asn1BitString(subjectPubKey));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/pom.xml b/haox-kerb/kerb-crypto/pom.xml
deleted file mode 100644
index aee0762..0000000
--- a/haox-kerb/kerb-crypto/pom.xml
+++ /dev/null
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-crypto</artifactId>
-
- <name>Haox-kerb Crypto</name>
- <description>Haox-kerb Crypto facility</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-util</artifactId>
- <version>${project.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
deleted file mode 100644
index 0ee9a49..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-import java.util.Arrays;
-
-public abstract class AbstractCryptoTypeHandler implements CryptoTypeHandler {
-
- private EncryptProvider encProvider;
- private HashProvider hashProvider;
-
- public AbstractCryptoTypeHandler(EncryptProvider encProvider,
- HashProvider hashProvider) {
- this.encProvider = encProvider;
- this.hashProvider = hashProvider;
- }
-
- @Override
- public EncryptProvider encProvider() {
- return encProvider;
- }
-
- @Override
- public HashProvider hashProvider() {
- return hashProvider;
- }
-
- protected static boolean checksumEqual(byte[] cksum1, byte[] cksum2) {
- return Arrays.equals(cksum1, cksum2);
- }
-
- protected static boolean checksumEqual(byte[] cksum1, byte[] cksum2, int cksum2Start, int len) {
- if (cksum1 == cksum2)
- return true;
- if (cksum1 == null || cksum2 == null)
- return false;
-
- if (len <= cksum2.length && len <= cksum1.length) {
- for (int i = 0; i < len; i++)
- if (cksum1[i] != cksum2[cksum2Start + i])
- return false;
- } else {
- return false;
- }
-
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/BytesUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/BytesUtil.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/BytesUtil.java
deleted file mode 100644
index b6ee367..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/BytesUtil.java
+++ /dev/null
@@ -1,183 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-public class BytesUtil {
-
- public static short bytes2short(byte[] bytes, int offset, boolean bigEndian) {
- short val = 0;
-
- if (bigEndian) {
- val += (bytes[offset + 0] & 0xff) << 8;
- val += (bytes[offset + 1] & 0xff);
- } else {
- val += (bytes[offset + 1] & 0xff) << 8;
- val += (bytes[offset + 0] & 0xff);
- }
-
- return val;
- }
-
- public static short bytes2short(byte[] bytes, boolean bigEndian) {
- return bytes2short(bytes, 0, bigEndian);
- }
-
- public static byte[] short2bytes(int val, boolean bigEndian) {
- byte[] bytes = new byte[2];
-
- short2bytes(val, bytes, 0, bigEndian);
-
- return bytes;
- }
-
- public static void short2bytes(int val, byte[] bytes, int offset, boolean bigEndian) {
- if (bigEndian) {
- bytes[offset + 0] = (byte) ((val >> 8) & 0xff);
- bytes[offset + 1] = (byte) ((val) & 0xff);
- } else {
- bytes[offset + 1] = (byte) ((val >> 8) & 0xff);
- bytes[offset + 0] = (byte) ((val ) & 0xff);
- }
- }
-
- public static int bytes2int(byte[] bytes, boolean bigEndian) {
- return bytes2int(bytes, 0, bigEndian);
- }
-
- public static int bytes2int(byte[] bytes, int offset, boolean bigEndian) {
- int val = 0;
-
- if (bigEndian) {
- val += (bytes[offset + 0] & 0xff) << 24;
- val += (bytes[offset + 1] & 0xff) << 16;
- val += (bytes[offset + 2] & 0xff) << 8;
- val += (bytes[offset + 3] & 0xff);
- } else {
- val += (bytes[offset + 3] & 0xff) << 24;
- val += (bytes[offset + 2] & 0xff) << 16;
- val += (bytes[offset + 1] & 0xff) << 8;
- val += (bytes[offset + 0] & 0xff);
- }
-
- return val;
- }
-
- public static byte[] int2bytes(int val, boolean bigEndian) {
- byte[] bytes = new byte[4];
-
- int2bytes(val, bytes, 0, bigEndian);
-
- return bytes;
- }
-
- public static void int2bytes(int val, byte[] bytes, int offset, boolean bigEndian) {
- if (bigEndian) {
- bytes[offset + 0] = (byte) ((val >> 24) & 0xff);
- bytes[offset + 1] = (byte) ((val >> 16) & 0xff);
- bytes[offset + 2] = (byte) ((val >> 8) & 0xff);
- bytes[offset + 3] = (byte) ((val) & 0xff);
- } else {
- bytes[offset + 3] = (byte) ((val >> 24) & 0xff);
- bytes[offset + 2] = (byte) ((val >> 16) & 0xff);
- bytes[offset + 1] = (byte) ((val >> 8) & 0xff);
- bytes[offset + 0] = (byte) ((val) & 0xff);
- }
- }
-
- public static byte[] long2bytes(long val, boolean bigEndian) {
- byte[] bytes = new byte[8];
- long2bytes(val, bytes, 0, bigEndian);
- return bytes;
- }
-
- public static void long2bytes(long val, byte[] bytes, int offset, boolean bigEndian) {
- if (bigEndian) {
- for (int i = 0; i < 8; i++) {
- bytes[i + offset] = (byte) ((val >> ((7 - i) * 8)) & 0xffL);
- }
- } else {
- for (int i = 0; i < 8; i++) {
- bytes[i + offset] = (byte) ((val >> (i * 8)) & 0xffL);
- }
- }
- }
-
- public static long bytes2long(byte[] bytes, boolean bigEndian) {
- return bytes2long(bytes, 0, bigEndian);
- }
-
- public static long bytes2long(byte[] bytes, int offset, boolean bigEndian) {
- long val = 0;
-
- if (bigEndian) {
- for (int i = 0; i < 8; i++) {
- val |= (((long) bytes[i + offset]) & 0xffL) << ((7 - i) * 8);
- }
- } else {
- for (int i = 0; i < 8; i++) {
- val |= (((long) bytes[i + offset]) & 0xffL) << (i * 8);
- }
- }
-
- return val;
- }
-
- public static byte[] padding(byte[] data, int block) {
- int len = data.length;
- int paddingLen = len % block != 0 ? 8 - len % block : 0;
- if (paddingLen == 0) {
- return data;
- }
-
- byte[] result = new byte[len + + paddingLen];
- System.arraycopy(data, 0, result, 0, len);
- return result;
- }
-
- public static byte[] duplicate(byte[] bytes) {
- return duplicate(bytes, 0, bytes.length);
- }
-
- public static byte[] duplicate(byte[] bytes, int offset, int len) {
- byte[] dup = new byte[len];
- System.arraycopy(bytes, offset, dup, 0, len);
- return dup;
- }
-
- public static void xor(byte[] input, int offset, byte[] output) {
- int a, b;
- for (int i = 0; i < output.length / 4; ++i) {
- a = BytesUtil.bytes2int(input, offset + i * 4, true);
- b = BytesUtil.bytes2int(output, i * 4, true);
- b = a ^ b;
- BytesUtil.int2bytes(b, output, i * 4, true);
- }
- }
-
- public static void xor(byte[] a, byte[] b, byte[] output) {
- int av, bv, v;
- for (int i = 0; i < a.length / 4; ++i) {
- av = BytesUtil.bytes2int(a, i * 4, true);
- bv = BytesUtil.bytes2int(b, i * 4, true);
- v = av ^ bv;
- BytesUtil.int2bytes(v, output, i * 4, true);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Camellia.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Camellia.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Camellia.java
deleted file mode 100644
index e44ae86..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Camellia.java
+++ /dev/null
@@ -1,250 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Camellia - based on RFC 3713, about half the size of CamelliaEngine.
- *
- * This is based on CamelliaEngine.java from bouncycastle library.
- */
-
-public class Camellia {
- private static final int BLOCK_SIZE = 16;
- private int[] state = new int[4]; // for encryption and decryption
-
- private CamelliaKey camKey;
-
- public void setKey(boolean forEncryption, byte[] key) {
- camKey = new CamelliaKey(key, forEncryption);
- }
-
- private void process128Block(byte[] in, int inOff,
- byte[] out, int outOff) {
- for (int i = 0; i < 4; i++) {
- state[i] = BytesUtil.bytes2int(in, inOff + (i * 4), true);
- state[i] ^= camKey.kw[i];
- }
-
- camKey.f2(state, camKey.subkey, 0);
- camKey.f2(state, camKey.subkey, 4);
- camKey.f2(state, camKey.subkey, 8);
- camKey.fls(state, camKey.ke, 0);
- camKey.f2(state, camKey.subkey, 12);
- camKey.f2(state, camKey.subkey, 16);
- camKey.f2(state, camKey.subkey, 20);
- camKey.fls(state, camKey.ke, 4);
- camKey.f2(state, camKey.subkey, 24);
- camKey.f2(state, camKey.subkey, 28);
- camKey.f2(state, camKey.subkey, 32);
-
- state[2] ^= camKey.kw[4];
- state[3] ^= camKey.kw[5];
- state[0] ^= camKey.kw[6];
- state[1] ^= camKey.kw[7];
-
- BytesUtil.int2bytes(state[2], out, outOff, true);
- BytesUtil.int2bytes(state[3], out, outOff + 4, true);
- BytesUtil.int2bytes(state[0], out, outOff + 8, true);
- BytesUtil.int2bytes(state[1], out, outOff + 12, true);
- }
-
- private void processBlockLargerBlock(byte[] in, int inOff,
- byte[] out, int outOff) {
- for (int i = 0; i < 4; i++) {
- state[i] = BytesUtil.bytes2int(in, inOff + (i * 4), true);
- state[i] ^= camKey.kw[i];
- }
-
- camKey.f2(state, camKey.subkey, 0);
- camKey.f2(state, camKey.subkey, 4);
- camKey.f2(state, camKey.subkey, 8);
- camKey.fls(state, camKey.ke, 0);
- camKey.f2(state, camKey.subkey, 12);
- camKey.f2(state, camKey.subkey, 16);
- camKey.f2(state, camKey.subkey, 20);
- camKey.fls(state, camKey.ke, 4);
- camKey.f2(state, camKey.subkey, 24);
- camKey.f2(state, camKey.subkey, 28);
- camKey.f2(state, camKey.subkey, 32);
- camKey.fls(state, camKey.ke, 8);
- camKey.f2(state, camKey.subkey, 36);
- camKey.f2(state, camKey.subkey, 40);
- camKey.f2(state, camKey.subkey, 44);
-
- state[2] ^= camKey.kw[4];
- state[3] ^= camKey.kw[5];
- state[0] ^= camKey.kw[6];
- state[1] ^= camKey.kw[7];
-
- BytesUtil.int2bytes(state[2], out, outOff, true);
- BytesUtil.int2bytes(state[3], out, outOff + 4, true);
- BytesUtil.int2bytes(state[0], out, outOff + 8, true);
- BytesUtil.int2bytes(state[1], out, outOff + 12, true);
- }
-
- public void processBlock(byte[] in, int inOff) {
- byte[] out = new byte[BLOCK_SIZE];
-
- if (camKey.is128()) {
- process128Block(in, inOff, out, 0);
- } else {
- processBlockLargerBlock(in, inOff, out, 0);
- }
-
- System.arraycopy(out, 0, in, inOff, BLOCK_SIZE);
- }
-
- public void encrypt(byte[] data, byte[] iv) {
- byte[] cipher = new byte[BLOCK_SIZE];
- byte[] cipherState = new byte[BLOCK_SIZE];
-
- int blocksNum = (data.length + BLOCK_SIZE - 1) / BLOCK_SIZE;
- int lastBlockLen = data.length - (blocksNum - 1) * BLOCK_SIZE;
- if (blocksNum == 1) {
- cbcEnc(data, 0, 1, cipherState);
- return;
- }
-
- if (iv != null) {
- System.arraycopy(iv, 0, cipherState, 0, BLOCK_SIZE);
- }
-
- int contBlocksNum, offset = 0;
- while (blocksNum > 2) {
- contBlocksNum = (data.length - offset) / BLOCK_SIZE;
- if (contBlocksNum > 0) {
- // Encrypt a series of contiguous blocks in place if we can, but
- // don't touch the last two blocks.
- contBlocksNum = (contBlocksNum > blocksNum - 2) ? blocksNum - 2 : contBlocksNum;
- cbcEnc(data, offset, contBlocksNum, cipherState);
- offset += contBlocksNum * BLOCK_SIZE;
- blocksNum -= contBlocksNum;
- } else {
- cbcEnc(data, offset, 1, cipherState);
- offset += BLOCK_SIZE;
- blocksNum--;
- }
- }
-
- // Encrypt the last two blocks and store the results in reverse order
- byte[] blockN2 = new byte[BLOCK_SIZE];
- byte[] blockN1 = new byte[BLOCK_SIZE];
-
- System.arraycopy(data, offset, blockN2, 0, BLOCK_SIZE);
- cbcEnc(blockN2, 0, 1, cipherState);
- System.arraycopy(data, offset + BLOCK_SIZE, blockN1, 0, lastBlockLen);
- cbcEnc(blockN1, 0, 1, cipherState);
-
- System.arraycopy(blockN1, 0, data, offset, BLOCK_SIZE);
- System.arraycopy(blockN2, 0, data, offset + BLOCK_SIZE, lastBlockLen);
-
- if (iv != null) {
- System.arraycopy(cipherState, 0, iv, 0, BLOCK_SIZE);
- }
- }
-
- public void decrypt(byte[] data, byte[] iv) {
- byte[] cipher = new byte[BLOCK_SIZE];
- byte[] cipherState = new byte[BLOCK_SIZE];
-
- int blocksNum = (data.length + BLOCK_SIZE - 1) / BLOCK_SIZE;
- int lastBlockLen = data.length - (blocksNum - 1) * BLOCK_SIZE;
- if (blocksNum == 1) {
- cbcDec(data, 0, 1, cipherState);
- return;
- }
-
- if (iv != null) {
- System.arraycopy(iv, 0, cipherState, 0, BLOCK_SIZE);
- }
-
- int contBlocksNum, offset = 0;
- while (blocksNum > 2) {
- contBlocksNum = (data.length - offset) / BLOCK_SIZE;
- if (contBlocksNum > 0) {
- // Decrypt a series of contiguous blocks in place if we can, but
- // don't touch the last two blocks.
- contBlocksNum = (contBlocksNum > blocksNum - 2) ? blocksNum - 2 : contBlocksNum;
- cbcDec(data, offset, contBlocksNum, cipherState);
- offset += contBlocksNum * BLOCK_SIZE;
- blocksNum -= contBlocksNum;
- } else {
- cbcDec(data, offset, 1, cipherState);
- offset += BLOCK_SIZE;
- blocksNum--;
- }
- }
-
- // Decrypt the last two blocks
- byte[] blockN2 = new byte[BLOCK_SIZE];
- byte[] blockN1 = new byte[BLOCK_SIZE];
- System.arraycopy(data, offset, blockN2, 0, BLOCK_SIZE);
- System.arraycopy(data, offset + BLOCK_SIZE, blockN1, 0, lastBlockLen);
- if (iv != null) {
- System.arraycopy(blockN2, 0, iv, 0, BLOCK_SIZE);
- }
-
- byte[] tmpCipherState = new byte[BLOCK_SIZE];
- System.arraycopy(blockN1, 0, tmpCipherState, 0, BLOCK_SIZE);
- cbcDec(blockN2, 0, 1, tmpCipherState);
- System.arraycopy(blockN2, lastBlockLen, blockN1, lastBlockLen, BLOCK_SIZE - lastBlockLen);
- cbcDec(blockN1, 0, 1, cipherState);
-
- System.arraycopy(blockN1, 0, data, offset, BLOCK_SIZE);
- System.arraycopy(blockN2, 0, data, offset + BLOCK_SIZE, lastBlockLen);
- }
-
- /**
- * CBC encrypt nblocks blocks of data in place, using and updating iv.
- */
- public void cbcEnc(byte[] data, int offset, int blocksNum, byte[] cipherState) {
- byte[] cipher = new byte[BLOCK_SIZE];
- for (int i = 0; i < blocksNum; ++i) {
- System.arraycopy(data, offset + i * BLOCK_SIZE, cipher, 0, BLOCK_SIZE);
- BytesUtil.xor(cipherState, 0, cipher);
- processBlock(cipher, 0);
- System.arraycopy(cipher, 0, data, offset + i * BLOCK_SIZE, BLOCK_SIZE);
- System.arraycopy(cipher, 0, cipherState, 0, BLOCK_SIZE);
- }
- }
-
- /**
- * CBC encrypt nblocks blocks of data in place, using and updating iv.
- */
- public void cbcDec(byte[] data, int offset, int blocksNum, byte[] cipherState) {
- byte[] lastBlock = new byte[BLOCK_SIZE];
- byte[] cipher = new byte[BLOCK_SIZE];
-
- System.arraycopy(data, offset + (blocksNum - 1) * BLOCK_SIZE, lastBlock, 0, BLOCK_SIZE);
- for (int i = blocksNum; i > 0; i--) {
- System.arraycopy(data, offset + (i - 1) * BLOCK_SIZE, cipher, 0, BLOCK_SIZE);
- processBlock(cipher, 0);
-
- if (i == 1) {
- BytesUtil.xor(cipherState, 0, cipher);
- } else {
- BytesUtil.xor(data, offset + (i - 2) * BLOCK_SIZE, cipher);
- }
-
- System.arraycopy(cipher, 0, data, offset + (i - 1) * BLOCK_SIZE, BLOCK_SIZE);
- }
- System.arraycopy(lastBlock, 0, cipherState, 0, BLOCK_SIZE);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CamelliaKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CamelliaKey.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CamelliaKey.java
deleted file mode 100644
index 0f35d62..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CamelliaKey.java
+++ /dev/null
@@ -1,433 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Camellia - based on RFC 3713, about half the size of CamelliaEngine.
- *
- * This is based on CamelliaEngine.java from bouncycastle library.
- */
-
-public class CamelliaKey {
- private int keySize;
-
- protected int[] subkey = new int[24 * 4];
- protected int[] kw = new int[4 * 2]; // for whitening
- protected int[] ke = new int[6 * 2]; // for FL and FL^(-1)
-
- private static final int SIGMA[] = {
- 0xa09e667f, 0x3bcc908b,
- 0xb67ae858, 0x4caa73b2,
- 0xc6ef372f, 0xe94f82be,
- 0x54ff53a5, 0xf1d36f1c,
- 0x10e527fa, 0xde682d1d,
- 0xb05688c2, 0xb3e6c1fd
- };
-
- // S-box data
- protected static final byte SBOX1[] = {
- (byte)112, (byte)130, (byte)44, (byte)236,
- (byte)179, (byte)39, (byte)192, (byte)229,
- (byte)228, (byte)133, (byte)87, (byte)53,
- (byte)234, (byte)12, (byte)174, (byte)65,
- (byte)35, (byte)239, (byte)107, (byte)147,
- (byte)69, (byte)25, (byte)165, (byte)33,
- (byte)237, (byte)14, (byte)79, (byte)78,
- (byte)29, (byte)101, (byte)146, (byte)189,
- (byte)134, (byte)184, (byte)175, (byte)143,
- (byte)124, (byte)235, (byte)31, (byte)206,
- (byte)62, (byte)48, (byte)220, (byte)95,
- (byte)94, (byte)197, (byte)11, (byte)26,
- (byte)166, (byte)225, (byte)57, (byte)202,
- (byte)213, (byte)71, (byte)93, (byte)61,
- (byte)217, (byte)1, (byte)90, (byte)214,
- (byte)81, (byte)86, (byte)108, (byte)77,
- (byte)139, (byte)13, (byte)154, (byte)102,
- (byte)251, (byte)204, (byte)176, (byte)45,
- (byte)116, (byte)18, (byte)43, (byte)32,
- (byte)240, (byte)177, (byte)132, (byte)153,
- (byte)223, (byte)76, (byte)203, (byte)194,
- (byte)52, (byte)126, (byte)118, (byte)5,
- (byte)109, (byte)183, (byte)169, (byte)49,
- (byte)209, (byte)23, (byte)4, (byte)215,
- (byte)20, (byte)88, (byte)58, (byte)97,
- (byte)222, (byte)27, (byte)17, (byte)28,
- (byte)50, (byte)15, (byte)156, (byte)22,
- (byte)83, (byte)24, (byte)242, (byte)34,
- (byte)254, (byte)68, (byte)207, (byte)178,
- (byte)195, (byte)181, (byte)122, (byte)145,
- (byte)36, (byte)8, (byte)232, (byte)168,
- (byte)96, (byte)252, (byte)105, (byte)80,
- (byte)170, (byte)208, (byte)160, (byte)125,
- (byte)161, (byte)137, (byte)98, (byte)151,
- (byte)84, (byte)91, (byte)30, (byte)149,
- (byte)224, (byte)255, (byte)100, (byte)210,
- (byte)16, (byte)196, (byte)0, (byte)72,
- (byte)163, (byte)247, (byte)117, (byte)219,
- (byte)138, (byte)3, (byte)230, (byte)218,
- (byte)9, (byte)63, (byte)221, (byte)148,
- (byte)135, (byte)92, (byte)131, (byte)2,
- (byte)205, (byte)74, (byte)144, (byte)51,
- (byte)115, (byte)103, (byte)246, (byte)243,
- (byte)157, (byte)127, (byte)191, (byte)226,
- (byte)82, (byte)155, (byte)216, (byte)38,
- (byte)200, (byte)55, (byte)198, (byte)59,
- (byte)129, (byte)150, (byte)111, (byte)75,
- (byte)19, (byte)190, (byte)99, (byte)46,
- (byte)233, (byte)121, (byte)167, (byte)140,
- (byte)159, (byte)110, (byte)188, (byte)142,
- (byte)41, (byte)245, (byte)249, (byte)182,
- (byte)47, (byte)253, (byte)180, (byte)89,
- (byte)120, (byte)152, (byte)6, (byte)106,
- (byte)231, (byte)70, (byte)113, (byte)186,
- (byte)212, (byte)37, (byte)171, (byte)66,
- (byte)136, (byte)162, (byte)141, (byte)250,
- (byte)114, (byte)7, (byte)185, (byte)85,
- (byte)248, (byte)238, (byte)172, (byte)10,
- (byte)54, (byte)73, (byte)42, (byte)104,
- (byte)60, (byte)56, (byte)241, (byte)164,
- (byte)64, (byte)40, (byte)211, (byte)123,
- (byte)187, (byte)201, (byte)67, (byte)193,
- (byte)21, (byte)227, (byte)173, (byte)244,
- (byte)119, (byte)199, (byte)128, (byte)158
- };
-
- public CamelliaKey(byte[] key, boolean isEncrypt) {
- init(key, isEncrypt);
- }
-
- protected boolean is128() {
- return keySize == 16;
- }
-
- private static int rightRotate(int x, int s) {
- return (((x) >>> (s)) + ((x) << (32 - s)));
- }
-
- private static int leftRotate(int x, int s) {
- return ((x) << (s)) + ((x) >>> (32 - s));
- }
-
- private static void roldq(int rot, int[] ki, int ioff,
- int[] ko, int ooff) {
- ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
- ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
- ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
- ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
- ki[0 + ioff] = ko[0 + ooff];
- ki[1 + ioff] = ko[1 + ooff];
- ki[2 + ioff] = ko[2 + ooff];
- ki[3 + ioff] = ko[3 + ooff];
- }
-
- private static void decroldq(int rot, int[] ki, int ioff,
- int[] ko, int ooff) {
- ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
- ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
- ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
- ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
- ki[0 + ioff] = ko[2 + ooff];
- ki[1 + ioff] = ko[3 + ooff];
- ki[2 + ioff] = ko[0 + ooff];
- ki[3 + ioff] = ko[1 + ooff];
- }
-
- private static void roldqo32(int rot, int[] ki, int ioff,
- int[] ko, int ooff)
- {
- ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
- ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
- ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
- ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
- ki[0 + ioff] = ko[0 + ooff];
- ki[1 + ioff] = ko[1 + ooff];
- ki[2 + ioff] = ko[2 + ooff];
- ki[3 + ioff] = ko[3 + ooff];
- }
-
- private static void decroldqo32(int rot, int[] ki, int ioff,
- int[] ko, int ooff) {
- ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
- ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
- ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
- ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
- ki[0 + ioff] = ko[2 + ooff];
- ki[1 + ioff] = ko[3 + ooff];
- ki[2 + ioff] = ko[0 + ooff];
- ki[3 + ioff] = ko[1 + ooff];
- }
-
- private byte lRot8(byte v, int rot)
- {
- return (byte)((v << rot) | ((v & 0xff) >>> (8 - rot)));
- }
-
- private int sbox2(int x)
- {
- return (lRot8(SBOX1[x], 1) & 0xff);
- }
-
- private int sbox3(int x)
- {
- return (lRot8(SBOX1[x], 7) & 0xff);
- }
-
- private int sbox4(int x)
- {
- return (SBOX1[((int)lRot8((byte)x, 1) & 0xff)] & 0xff);
- }
-
- protected void fls(int[] s, int[] fkey, int keyoff) {
- s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
- s[0] ^= fkey[1 + keyoff] | s[1];
-
- s[2] ^= fkey[3 + keyoff] | s[3];
- s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
- }
-
- protected void f2(int[] s, int[] skey, int keyoff) {
- int t1, t2, u, v;
-
- t1 = s[0] ^ skey[0 + keyoff];
- u = sbox4((t1 & 0xff));
- u |= (sbox3(((t1 >>> 8) & 0xff)) << 8);
- u |= (sbox2(((t1 >>> 16) & 0xff)) << 16);
- u |= ((int)(SBOX1[((t1 >>> 24) & 0xff)] & 0xff) << 24);
-
- t2 = s[1] ^ skey[1 + keyoff];
- v = (int)SBOX1[(t2 & 0xff)] & 0xff;
- v |= (sbox4(((t2 >>> 8) & 0xff)) << 8);
- v |= (sbox3(((t2 >>> 16) & 0xff)) << 16);
- v |= (sbox2(((t2 >>> 24) & 0xff)) << 24);
-
- v = leftRotate(v, 8);
- u ^= v;
- v = leftRotate(v, 8) ^ u;
- u = rightRotate(u, 8) ^ v;
- s[2] ^= leftRotate(v, 16) ^ u;
- s[3] ^= leftRotate(u, 8);
-
- t1 = s[2] ^ skey[2 + keyoff];
- u = sbox4((t1 & 0xff));
- u |= sbox3(((t1 >>> 8) & 0xff)) << 8;
- u |= sbox2(((t1 >>> 16) & 0xff)) << 16;
- u |= ((int)SBOX1[((t1 >>> 24) & 0xff)] & 0xff) << 24;
-
- t2 = s[3] ^ skey[3 + keyoff];
- v = ((int)SBOX1[(t2 & 0xff)] & 0xff);
- v |= sbox4(((t2 >>> 8) & 0xff)) << 8;
- v |= sbox3(((t2 >>> 16) & 0xff)) << 16;
- v |= sbox2(((t2 >>> 24) & 0xff)) << 24;
-
- v = leftRotate(v, 8);
- u ^= v;
- v = leftRotate(v, 8) ^ u;
- u = rightRotate(u, 8) ^ v;
- s[0] ^= leftRotate(v, 16) ^ u;
- s[1] ^= leftRotate(u, 8);
- }
-
- private void init(byte[] key, boolean isEncrypt) {
- keySize = key.length;
-
- int[] k = new int[8];
- int[] ka = new int[4];
- int[] kb = new int[4];
- int[] t = new int[4];
-
- switch (key.length) {
- case 16:
- k[0] = BytesUtil.bytes2int(key, 0, true);
- k[1] = BytesUtil.bytes2int(key, 4, true);
- k[2] = BytesUtil.bytes2int(key, 8, true);
- k[3] = BytesUtil.bytes2int(key, 12, true);
- k[4] = k[5] = k[6] = k[7] = 0;
- break;
- case 24:
- k[0] = BytesUtil.bytes2int(key, 0, true);
- k[1] = BytesUtil.bytes2int(key, 4, true);
- k[2] = BytesUtil.bytes2int(key, 8, true);
- k[3] = BytesUtil.bytes2int(key, 12, true);
- k[4] = BytesUtil.bytes2int(key, 16, true);
- k[5] = BytesUtil.bytes2int(key, 20, true);
- k[6] = ~k[4];
- k[7] = ~k[5];
- break;
- case 32:
- k[0] = BytesUtil.bytes2int(key, 0, true);
- k[1] = BytesUtil.bytes2int(key, 4, true);
- k[2] = BytesUtil.bytes2int(key, 8, true);
- k[3] = BytesUtil.bytes2int(key, 12, true);
- k[4] = BytesUtil.bytes2int(key, 16, true);
- k[5] = BytesUtil.bytes2int(key, 20, true);
- k[6] = BytesUtil.bytes2int(key, 24, true);
- k[7] = BytesUtil.bytes2int(key, 28, true);
- break;
- default:
- throw new
- IllegalArgumentException("Invalid key size, only support 16/24/32 bytes");
- }
-
- for (int i = 0; i < 4; i++) {
- ka[i] = k[i] ^ k[i + 4];
- }
-
- /* compute KA */
- f2(ka, SIGMA, 0);
- for (int i = 0; i < 4; i++) {
- ka[i] ^= k[i];
- }
- f2(ka, SIGMA, 4);
-
- if (keySize == 16) {
- if (isEncrypt) {
- /* KL dependant keys */
- kw[0] = k[0];
- kw[1] = k[1];
- kw[2] = k[2];
- kw[3] = k[3];
- roldq(15, k, 0, subkey, 4);
- roldq(30, k, 0, subkey, 12);
- roldq(15, k, 0, t, 0);
- subkey[18] = t[2];
- subkey[19] = t[3];
- roldq(17, k, 0, ke, 4);
- roldq(17, k, 0, subkey, 24);
- roldq(17, k, 0, subkey, 32);
- /* KA dependant keys */
- subkey[0] = ka[0];
- subkey[1] = ka[1];
- subkey[2] = ka[2];
- subkey[3] = ka[3];
- roldq(15, ka, 0, subkey, 8);
- roldq(15, ka, 0, ke, 0);
- roldq(15, ka, 0, t, 0);
- subkey[16] = t[0];
- subkey[17] = t[1];
- roldq(15, ka, 0, subkey, 20);
- roldqo32(34, ka, 0, subkey, 28);
- roldq(17, ka, 0, kw, 4);
-
- } else { // decryption
- /* KL dependant keys */
- kw[4] = k[0];
- kw[5] = k[1];
- kw[6] = k[2];
- kw[7] = k[3];
- decroldq(15, k, 0, subkey, 28);
- decroldq(30, k, 0, subkey, 20);
- decroldq(15, k, 0, t, 0);
- subkey[16] = t[0];
- subkey[17] = t[1];
- decroldq(17, k, 0, ke, 0);
- decroldq(17, k, 0, subkey, 8);
- decroldq(17, k, 0, subkey, 0);
- /* KA dependant keys */
- subkey[34] = ka[0];
- subkey[35] = ka[1];
- subkey[32] = ka[2];
- subkey[33] = ka[3];
- decroldq(15, ka, 0, subkey, 24);
- decroldq(15, ka, 0, ke, 4);
- decroldq(15, ka, 0, t, 0);
- subkey[18] = t[2];
- subkey[19] = t[3];
- decroldq(15, ka, 0, subkey, 12);
- decroldqo32(34, ka, 0, subkey, 4);
- roldq(17, ka, 0, kw, 0);
- }
- } else { // 192bit or 256bit
- /* compute KB */
- for (int i = 0; i < 4; i++) {
- kb[i] = ka[i] ^ k[i + 4];
- }
- f2(kb, SIGMA, 8);
-
- if (isEncrypt) {
- /* KL dependant keys */
- kw[0] = k[0];
- kw[1] = k[1];
- kw[2] = k[2];
- kw[3] = k[3];
- roldqo32(45, k, 0, subkey, 16);
- roldq(15, k, 0, ke, 4);
- roldq(17, k, 0, subkey, 32);
- roldqo32(34, k, 0, subkey, 44);
- /* KR dependant keys */
- roldq(15, k, 4, subkey, 4);
- roldq(15, k, 4, ke, 0);
- roldq(30, k, 4, subkey, 24);
- roldqo32(34, k, 4, subkey, 36);
- /* KA dependant keys */
- roldq(15, ka, 0, subkey, 8);
- roldq(30, ka, 0, subkey, 20);
- /* 32bit rotation */
- ke[8] = ka[1];
- ke[9] = ka[2];
- ke[10] = ka[3];
- ke[11] = ka[0];
- roldqo32(49, ka, 0, subkey, 40);
-
- /* KB dependant keys */
- subkey[0] = kb[0];
- subkey[1] = kb[1];
- subkey[2] = kb[2];
- subkey[3] = kb[3];
- roldq(30, kb, 0, subkey, 12);
- roldq(30, kb, 0, subkey, 28);
- roldqo32(51, kb, 0, kw, 4);
-
- } else { // decryption
- /* KL dependant keys */
- kw[4] = k[0];
- kw[5] = k[1];
- kw[6] = k[2];
- kw[7] = k[3];
- decroldqo32(45, k, 0, subkey, 28);
- decroldq(15, k, 0, ke, 4);
- decroldq(17, k, 0, subkey, 12);
- decroldqo32(34, k, 0, subkey, 0);
- /* KR dependant keys */
- decroldq(15, k, 4, subkey, 40);
- decroldq(15, k, 4, ke, 8);
- decroldq(30, k, 4, subkey, 20);
- decroldqo32(34, k, 4, subkey, 8);
- /* KA dependant keys */
- decroldq(15, ka, 0, subkey, 36);
- decroldq(30, ka, 0, subkey, 24);
- /* 32bit rotation */
- ke[2] = ka[1];
- ke[3] = ka[2];
- ke[0] = ka[3];
- ke[1] = ka[0];
- decroldqo32(49, ka, 0, subkey, 4);
-
- /* KB dependant keys */
- subkey[46] = kb[0];
- subkey[47] = kb[1];
- subkey[44] = kb[2];
- subkey[45] = kb[3];
- decroldq(30, kb, 0, subkey, 32);
- decroldq(30, kb, 0, subkey, 16);
- roldqo32(51, kb, 0, kw, 0);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumHandler.java
deleted file mode 100644
index 7e5dada..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumHandler.java
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.cksum.*;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-
-public class CheckSumHandler {
-
- public static CheckSumTypeHandler getCheckSumHandler(String cksumType) throws KrbException {
- CheckSumType eTypeEnum = CheckSumType.fromName(cksumType);
- return getCheckSumHandler(eTypeEnum);
- }
-
- public static CheckSumTypeHandler getCheckSumHandler(int cksumType) throws KrbException {
- CheckSumType eTypeEnum = CheckSumType.fromValue(cksumType);
- return getCheckSumHandler(eTypeEnum);
- }
-
- public static boolean isImplemented(CheckSumType cksumType) throws KrbException {
- return getCheckSumHandler(cksumType, true) != null;
- }
-
- public static CheckSumTypeHandler getCheckSumHandler(CheckSumType cksumType) throws KrbException {
- return getCheckSumHandler(cksumType, false);
- }
-
- private static CheckSumTypeHandler getCheckSumHandler(CheckSumType cksumType, boolean check) throws KrbException {
- CheckSumTypeHandler cksumHandler = null;
- switch (cksumType) {
- case CRC32:
- cksumHandler = new Crc32CheckSum();
- break;
-
- case DES_MAC:
- cksumHandler = new DesCbcCheckSum();
- break;
-
- case RSA_MD4:
- cksumHandler = new RsaMd4CheckSum();
- break;
-
- case RSA_MD5:
- cksumHandler = new RsaMd5CheckSum();
- break;
-
- case NIST_SHA:
- cksumHandler = new Sha1CheckSum();
- break;
-
- case RSA_MD4_DES:
- cksumHandler = new RsaMd4DesCheckSum();
- break;
-
- case RSA_MD5_DES:
- cksumHandler = new RsaMd5DesCheckSum();
- break;
-
- case HMAC_SHA1_DES3:
- case HMAC_SHA1_DES3_KD:
- cksumHandler = new HmacSha1Des3CheckSum();
- break;
-
- case HMAC_SHA1_96_AES128:
- cksumHandler = new HmacSha1Aes128CheckSum();
- break;
-
- case HMAC_SHA1_96_AES256:
- cksumHandler = new HmacSha1Aes256CheckSum();
- break;
-
- case CMAC_CAMELLIA128:
- cksumHandler = new CmacCamellia128CheckSum();
- break;
-
- case CMAC_CAMELLIA256:
- cksumHandler = new CmacCamellia256CheckSum();
- break;
-
- case HMAC_MD5_ARCFOUR:
- cksumHandler = new HmacMd5Rc4CheckSum();
- break;
-
- case MD5_HMAC_ARCFOUR:
- cksumHandler = new Md5HmacRc4CheckSum();
- break;
-
- default:
- break;
- }
-
- if (cksumHandler == null && ! check) {
- String message = "Unsupported checksum type: " + cksumType.name();
- throw new KrbException(KrbErrorCode.KDC_ERR_SUMTYPE_NOSUPP, message);
- }
-
- return cksumHandler;
- }
-
- public static CheckSum checksum(CheckSumType checkSumType, byte[] bytes) throws KrbException {
- CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
- byte[] checksumBytes = handler.checksum(bytes);
- CheckSum checkSum = new CheckSum();
- checkSum.setCksumtype(checkSumType);
- checkSum.setChecksum(checksumBytes);
- return checkSum;
- }
-
- public static boolean verify(CheckSum checkSum, byte[] bytes) throws KrbException {
- CheckSumType checkSumType = checkSum.getCksumtype();
- CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
- return handler.verify(bytes, checkSum.getChecksum());
- }
-
- public static CheckSum checksumWithKey(CheckSumType checkSumType,
- byte[] bytes, byte[] key, KeyUsage usage) throws KrbException {
- CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
- byte[] checksumBytes = handler.checksumWithKey(bytes, key, usage.getValue());
- CheckSum checkSum = new CheckSum();
- checkSum.setCksumtype(checkSumType);
- checkSum.setChecksum(checksumBytes);
- return checkSum;
- }
-
- public static boolean verifyWithKey(CheckSum checkSum, byte[] bytes,
- byte[] key, KeyUsage usage) throws KrbException {
- CheckSumType checkSumType = checkSum.getCksumtype();
- CheckSumTypeHandler handler = getCheckSumHandler(checkSumType);
- return handler.verifyWithKey(bytes, key,
- usage.getValue(), checkSum.getChecksum());
- }
-}
[05/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/Keytab.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/Keytab.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/Keytab.java
new file mode 100644
index 0000000..46891d0
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/Keytab.java
@@ -0,0 +1,197 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.keytab;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.*;
+import java.nio.ByteBuffer;
+import java.util.*;
+
+public class Keytab implements KrbKeytab {
+
+ public static final int V501 = 0x0501;
+ public static final int V502 = 0x0502;
+
+ private int version = V502;
+
+ private Map<PrincipalName, List<KeytabEntry>> principalEntries;
+
+ public Keytab() {
+ this.principalEntries = new HashMap<PrincipalName, List<KeytabEntry>>();
+ }
+
+ @Override
+ public List<PrincipalName> getPrincipals() {
+ return new ArrayList<PrincipalName>(principalEntries.keySet());
+ }
+
+ @Override
+ public void addKeytabEntries(List<KeytabEntry> entries) {
+ for (KeytabEntry entry : entries) {
+ addEntry(entry);
+ }
+ }
+
+ @Override
+ public void removeKeytabEntries(PrincipalName principal) {
+ principalEntries.remove(principal);
+ }
+
+ @Override
+ public void removeKeytabEntry(KeytabEntry entry) {
+ PrincipalName principal = entry.getPrincipal();
+ List<KeytabEntry> entries = principalEntries.get(principal);
+ if (entries != null) {
+ Iterator<KeytabEntry> iter = entries.iterator();
+ KeytabEntry tmp;
+ while (iter.hasNext()) {
+ tmp = iter.next();
+ if (entry.equals(tmp)) {
+ iter.remove();
+ break;
+ }
+ }
+ }
+ }
+
+ @Override
+ public List<KeytabEntry> getKeytabEntries(PrincipalName principal) {
+ return principalEntries.get(principal);
+ }
+
+ @Override
+ public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType) {
+ List<KeytabEntry> entries = getKeytabEntries(principal);
+ for (KeytabEntry ke : entries) {
+ if (ke.getKey().getKeyType() == keyType) {
+ return ke.getKey();
+ }
+ }
+
+ return null;
+ }
+
+ @Override
+ public void load(File keytabFile) throws IOException {
+ if (! keytabFile.exists() || ! keytabFile.canRead()) {
+ throw new IllegalArgumentException("Invalid keytab file: " + keytabFile.getAbsolutePath());
+ }
+
+ InputStream is = new FileInputStream(keytabFile);
+
+ load(is);
+ }
+
+ @Override
+ public void load(InputStream inputStream) throws IOException {
+ if (inputStream == null) {
+ throw new IllegalArgumentException("Invalid and null input stream");
+ }
+
+ KeytabInputStream kis = new KeytabInputStream(inputStream);
+
+ doLoad(kis);
+ }
+
+ private void doLoad(KeytabInputStream kis) throws IOException {
+ this.version = readVersion(kis);
+
+ List<KeytabEntry> entries = readEntries(kis);
+ addKeytabEntries(entries);
+ }
+
+ @Override
+ public void addEntry(KeytabEntry entry) {
+ PrincipalName principal = entry.getPrincipal();
+ List<KeytabEntry> entries = principalEntries.get(principal);
+ if (entries == null) {
+ entries = new ArrayList<KeytabEntry>();
+ principalEntries.put(principal, entries);
+ }
+ entries.add(entry);
+ }
+
+ private int readVersion(KeytabInputStream kis) throws IOException {
+ return kis.readShort();
+ }
+
+ private List<KeytabEntry> readEntries(KeytabInputStream kis) throws IOException {
+ List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
+
+ int entrySize;
+ ByteBuffer entryData;
+ KeytabEntry entry;
+ while (kis.available() > 0) {
+ entrySize = kis.readInt();
+ if (kis.available() < entrySize) {
+ throw new IOException("Bad input stream with less data than expected: " + entrySize);
+ }
+ entry = readEntry(kis);
+ entries.add(entry);
+ }
+
+ return entries;
+ }
+
+ private KeytabEntry readEntry(KeytabInputStream kis) throws IOException {
+ KeytabEntry entry = new KeytabEntry();
+ entry.load(kis, version);
+ return entry;
+ }
+
+ @Override
+ public void store(File keytabFile) throws IOException {
+ OutputStream outputStream = new FileOutputStream(keytabFile);
+
+ store(outputStream);
+ }
+
+ @Override
+ public void store(OutputStream outputStream) throws IOException {
+ if (outputStream == null) {
+ throw new IllegalArgumentException("Invalid and null output stream");
+ }
+
+ KeytabOutputStream kos = new KeytabOutputStream(outputStream);
+
+ writeVersion(kos);
+ writeEntries(kos);
+ }
+
+ private void writeVersion(KeytabOutputStream kos) throws IOException {
+ byte[] bytes = new byte[2];
+ bytes[0] = (byte) 0x05;
+ bytes[1] = version == V502 ? (byte) 0x02 : (byte) 0x01;
+
+ kos.write(bytes);
+ }
+
+ private void writeEntries(KeytabOutputStream kos) throws IOException {
+ for (PrincipalName principal : principalEntries.keySet()) {
+ for (KeytabEntry entry : principalEntries.get(principal)) {
+ entry.store(kos);
+ }
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabEntry.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabEntry.java
new file mode 100644
index 0000000..a0b7351
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabEntry.java
@@ -0,0 +1,121 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.keytab;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+public class KeytabEntry
+{
+ private PrincipalName principal;
+ private KerberosTime timestamp;
+ private int kvno;
+ private EncryptionKey key;
+
+ public KeytabEntry(PrincipalName principal, KerberosTime timestamp,
+ int kvno, EncryptionKey key) {
+ this.principal = principal;
+ this.timestamp = timestamp;
+ this.kvno = kvno;
+ this.key = key;
+ }
+
+ public KeytabEntry() {
+
+ }
+
+ public void load(KeytabInputStream kis, int version) throws IOException {
+ this.principal = kis.readPrincipal(version);
+
+ this.timestamp = kis.readTime();
+
+ this.kvno = kis.readByte();
+
+ this.key = kis.readKey();
+ }
+
+ public void store(KeytabOutputStream kos) throws IOException {
+ byte[] body = null;
+
+ // compute entry body content first so that to get and write the size
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ KeytabOutputStream subKos = new KeytabOutputStream(baos);
+ writeBody(subKos, 0); // todo: consider the version
+ subKos.flush();
+ body = baos.toByteArray();
+
+ kos.writeInt(body.length);
+ kos.write(body);
+ }
+
+ public EncryptionKey getKey() {
+ return key;
+ }
+
+ public int getKvno() {
+ return kvno;
+ }
+
+ public PrincipalName getPrincipal() {
+ return principal;
+ }
+
+ public KerberosTime getTimestamp() {
+ return timestamp;
+ }
+
+ public void writeBody(KeytabOutputStream kos, int version) throws IOException {
+ kos.writePrincipal(principal, version);
+
+ kos.writeTime(timestamp);
+
+ kos.writeByte(kvno);
+
+ kos.writeKey(key, version);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ KeytabEntry that = (KeytabEntry) o;
+
+ if (kvno != that.kvno) return false;
+ if (!key.equals(that.key)) return false;
+ if (!principal.equals(that.principal)) return false;
+ if (!timestamp.equals(that.timestamp)) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = principal.hashCode();
+ result = 31 * result + timestamp.hashCode();
+ result = 31 * result + kvno;
+ result = 31 * result + key.hashCode();
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabInputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabInputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabInputStream.java
new file mode 100644
index 0000000..4638080
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabInputStream.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.keytab;
+
+import org.apache.kerby.kerberos.kerb.KrbInputStream;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.NameType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+public class KeytabInputStream extends KrbInputStream
+{
+ public KeytabInputStream(InputStream in) {
+ super(in);
+ }
+
+ public KerberosTime readTime() throws IOException {
+ long value = readInt();
+ KerberosTime time = new KerberosTime(value * 1000);
+ return time;
+ }
+
+ @Override
+ public PrincipalName readPrincipal(int version) throws IOException {
+ int numComponents = readShort();
+ if (version == Keytab.V501) {
+ numComponents -= 1;
+ }
+
+ String realm = readCountedString();
+
+ List<String> nameStrings = new ArrayList<String>();
+ String component;
+ for (int i = 0; i < numComponents; i++) { // sub 1 if version 0x501
+ component = readCountedString();
+ nameStrings.add(component);
+ }
+ int type = readInt(); // not present if version 0x501
+ NameType nameType = NameType.fromValue(type);
+ PrincipalName principal = new PrincipalName(nameStrings, nameType);
+ principal.setRealm(realm);
+
+ return principal;
+ }
+
+ public EncryptionKey readKey() throws IOException {
+ int eType = readShort();
+ EncryptionType encryptionType = EncryptionType.fromValue(eType);
+
+ byte[] keyData = readCountedOctets();
+ EncryptionKey key = new EncryptionKey(encryptionType, keyData);
+
+ return key;
+ }
+
+ public String readCountedString() throws IOException {
+ byte[] countedOctets = readCountedOctets();
+ // ASCII
+ return new String(countedOctets);
+ }
+
+ @Override
+ public int readOctetsCount() throws IOException {
+ return readShort();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabOutputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabOutputStream.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabOutputStream.java
new file mode 100644
index 0000000..d69308f
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KeytabOutputStream.java
@@ -0,0 +1,63 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.keytab;
+
+import org.apache.kerby.kerberos.kerb.KrbOutputStream;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.List;
+
+public class KeytabOutputStream extends KrbOutputStream
+{
+ public KeytabOutputStream(OutputStream out) {
+ super(out);
+ }
+
+ public void writePrincipal(PrincipalName principal, int version) throws IOException {
+ List<String> nameStrings = principal.getNameStrings();
+ int numComponents = principal.getNameStrings().size();
+ String realm = principal.getRealm();
+
+ writeShort(numComponents);
+
+ writeCountedString(realm);
+
+ for (String nameCom : nameStrings) {
+ writeCountedString(nameCom);
+ }
+
+ writeInt(principal.getNameType().getValue()); // todo: consider the version
+ }
+
+ @Override
+ public void writeKey(EncryptionKey key, int version) throws IOException {
+ writeShort(key.getKeyType().getValue());
+ writeCountedOctets(key.getKeyData());
+ }
+
+ @Override
+ public void writeCountedOctets(byte[] data) throws IOException {
+ writeShort(data.length);
+ write(data);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KrbKeytab.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KrbKeytab.java b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KrbKeytab.java
new file mode 100644
index 0000000..1b01fc2
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/KrbKeytab.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.keytab;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.List;
+
+public interface KrbKeytab {
+
+ public List<PrincipalName> getPrincipals();
+
+ public void addKeytabEntries(List<KeytabEntry> entries);
+
+ public void removeKeytabEntries(PrincipalName principal);
+
+ public void removeKeytabEntry(KeytabEntry entry);
+
+ public List<KeytabEntry> getKeytabEntries(PrincipalName principal);
+
+ public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType);
+
+ public void load(File keytabFile) throws IOException;
+
+ public void load(InputStream inputStream) throws IOException;
+
+ void addEntry(KeytabEntry entry);
+
+ public void store(File keytabFile) throws IOException;
+
+ public void store(OutputStream outputStream) throws IOException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/keytab.txt
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/keytab.txt b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/keytab.txt
new file mode 100644
index 0000000..88a7b46
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/main/java/org/apache/kerby/kerberos/kerb/keytab/keytab.txt
@@ -0,0 +1,106 @@
+The Kerberos Keytab Binary File Format
+Copyright (C) 2006 Michael B Allen <mba2000 ioplex.com>
+http://www.ioplex.com/utilities/keytab.txt
+Last updated: Fri May 5 13:39:40 EDT 2006
+
+The MIT keytab binary format is not a standard format, nor is it
+documented anywhere in detail. The format has evolved and may continue
+to. It is however understood by several Kerberos implementations including
+Heimdal and of course MIT and keytab files are created by the ktpass.exe
+utility from Windows. So it has established itself as the defacto format
+for storing Kerberos keys.
+
+The following C-like structure definitions illustrate the MIT keytab
+file format. All values are in network byte order. All text is ASCII.
+
+ keytab {
+ uint16_t file_format_version; /* 0x502 */
+ keytab_entry entries[*];
+ };
+
+ keytab_entry {
+ int32_t size;
+ uint16_t num_components; /* sub 1 if version 0x501 */
+ counted_octet_string realm;
+ counted_octet_string components[num_components];
+ uint32_t name_type; /* not present if version 0x501 */
+ uint32_t timestamp;
+ uint8_t vno8;
+ keyblock key;
+ uint32_t vno; /* only present if >= 4 bytes left in entry */
+ };
+
+ counted_octet_string {
+ uint16_t length;
+ uint8_t data[length];
+ };
+
+ keyblock {
+ uint16_t type;
+ counted_octet_string;
+ };
+
+The keytab file format begins with the 16 bit file_format_version which
+at the time this document was authored is 0x502. The format of older
+keytabs is described at the end of this document.
+
+The file_format_version is immediately followed by an array of
+keytab_entry structures which are prefixed with a 32 bit size indicating
+the number of bytes that follow in the entry. Note that the size should be
+evaluated as signed. This is because a negative value indicates that the
+entry is in fact empty (e.g. it has been deleted) and that the negative
+value of that negative value (which is of course a positive value) is
+the offset to the next keytab_entry. Based on these size values alone
+the entire keytab file can be traversed.
+
+The size is followed by a 16 bit num_components field indicating the
+number of counted_octet_string components in the components array.
+
+The num_components field is followed by a counted_octet_string
+representing the realm of the principal.
+
+A counted_octet_string is simply an array of bytes prefixed with a 16
+bit length. For the realm and name components, the counted_octet_string
+bytes are ASCII encoded text with no zero terminator.
+
+Following the realm is the components array that represents the name of
+the principal. The text of these components may be joined with slashs
+to construct the typical SPN representation. For example, the service
+principal HTTP/www.foo.net@FOO.NET would consist of name components
+"HTTP" followed by "www.foo.net".
+
+Following the components array is the 32 bit name_type (e.g. 1 is
+KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In
+practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL.
+
+The 32 bit timestamp indicates the time the key was established for that
+principal. The value represents the number of seconds since Jan 1, 1970.
+
+The 8 bit vno8 field is the version number of the key. This value is
+overridden by the 32 bit vno field if it is present.
+
+The keyblock structure consists of a 16 bit value indicating the keytype
+(e.g. 3 is des-cbc-md5, 23 is arcfour-hmac-md5, 16 is des3-cbc-sha1,
+etc). This is followed by a counted_octet_string containing the key.
+
+The last field of the keytab_entry structure is optional. If the size of
+the keytab_entry indicates that there are at least 4 bytes remaining,
+a 32 bit value representing the key version number is present. This
+value supersedes the 8 bit vno8 value preceeding the keyblock.
+
+Older keytabs with a file_format_version of 0x501 are different in
+three ways:
+
+ 1) All integers are in host byte order [1].
+ 2) The num_components field is 1 too large (i.e. after decoding,
+ decrement by 1).
+ 3) The 32 bit name_type field is not present.
+
+[1] The file_format_version field should really be treated as two
+ separate 8 bit quantities representing the major and minor version
+ number respectively.
+
+Permission to copy, modify, and distribute this document, with or
+without modification, for any purpose and without fee or royalty is
+hereby granted, provided that you include this copyright notice in ALL
+copies of the document or portions thereof, including modifications.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
new file mode 100644
index 0000000..bd5a685
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.util;
+
+import org.apache.kerby.kerberos.kerb.ccache.CredentialCache;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+/*
+Default principal: drankye@SH.INTEL.COM
+
+Valid starting Expires Service principal
+08/05/2014 00:13:17 08/05/2014 10:13:17 krbtgt/SH.INTEL.COM@SH.INTEL.COM
+ Flags: FIA, Etype (skey, tkt): des3-cbc-sha1, des3-cbc-sha1
+ */
+public class CcacheTest {
+
+ private CredentialCache cc;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream cis = CcacheTest.class.getResourceAsStream("/test.cc");
+ cc = new CredentialCache();
+ cc.load(cis);
+ }
+
+ @Test
+ public void testCc() {
+ Assert.assertNotNull(cc);
+
+ PrincipalName princ = cc.getPrimaryPrincipal();
+ Assert.assertNotNull(princ);
+ Assert.assertTrue(princ.getName().equals("drankye@SH.INTEL.COM"));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
new file mode 100644
index 0000000..e632839
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
@@ -0,0 +1,148 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.util;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.ccache.CredentialCache;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+import java.util.List;
+
+/*
+The principal keys for krbtgt/SH.INTEL.COM@SH.INTEL.COM
+
+KVNO Principal
+---- --------------------------------------------------------------------------
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des-cbc-crc)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des3-cbc-raw)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des-hmac-sha1)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (arcfour-hmac)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (camellia256-cts-cmac)
+ 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (camellia128-cts-cmac)
+ */
+public class EncryptionTest {
+
+ private Keytab keytab;
+ private CredentialCache cc;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream kis = EncryptionTest.class.getResourceAsStream("/krbtgt.keytab");
+ keytab = new Keytab();
+ keytab.load(kis);
+ }
+
+ @Test
+ public void testAes128() throws IOException, KrbException {
+ testEncWith("aes128-cts-hmac-sha1-96.cc");
+ }
+
+ @Test
+ public void testAes256() throws IOException, KrbException {
+ testEncWith("aes256-cts-hmac-sha1-96.cc");
+ }
+
+ @Test
+ public void testRc4() throws IOException, KrbException {
+ testEncWith("arcfour-hmac.cc");
+ }
+
+ @Test
+ public void testCamellia128() throws IOException, KrbException {
+ testEncWith("camellia128-cts-cmac.cc");
+ }
+
+ @Test
+ public void testCamellia256() throws IOException, KrbException {
+ testEncWith("camellia256-cts-cmac.cc");
+ }
+
+ @Test
+ public void testDesCbcCrc() throws IOException, KrbException {
+ testEncWith("des-cbc-crc.cc");
+ }
+
+ @Test
+ public void testDes3CbcSha1() throws IOException, KrbException {
+ testEncWith("des3-cbc-sha1.cc");
+ }
+
+ private void testEncWith(String ccFile) throws IOException, KrbException, KrbException {
+ InputStream cis = CcacheTest.class.getResourceAsStream("/" + ccFile);
+ cc = new CredentialCache();
+ cc.load(cis);
+
+ Ticket ticket = getTicket();
+ EncryptionType keyType = ticket.getEncryptedEncPart().getEType();
+ EncryptionKey key = getServerKey(keyType);
+ if (! EncryptionHandler.isImplemented(keyType)) {
+ System.err.println("Key type not supported yet: " + keyType.getName());
+ return;
+ }
+
+ byte[] decrypted = EncryptionHandler.decrypt(
+ ticket.getEncryptedEncPart(), key, KeyUsage.KDC_REP_TICKET);
+ Assert.assertNotNull(decrypted);
+
+ EncTicketPart encPart = KrbCodec.decode(decrypted, EncTicketPart.class);
+ Assert.assertNotNull(encPart);
+ ticket.setEncPart(encPart);
+
+ EncryptedData encrypted = EncryptionHandler.encrypt(
+ decrypted, key, KeyUsage.KDC_REP_TICKET);
+
+ byte[] decrypted2 = EncryptionHandler.decrypt(
+ encrypted, key, KeyUsage.KDC_REP_TICKET);
+ if (! Arrays.equals(decrypted, decrypted2)) {
+ System.err.println("Encryption checking failed after decryption for key type: "
+ + keyType.getName());
+ }
+ }
+
+ private EncryptionKey getServerKey(EncryptionType keyType) {
+ return keytab.getKey(getServer(), keyType);
+ }
+
+ private PrincipalName getServer() {
+ // only one, krbtgt/SH.INTEL.COM@SH.INTEL.COM
+ List<PrincipalName> principals = keytab.getPrincipals();
+
+ PrincipalName server = principals.get(0);
+
+ return server;
+ }
+
+ private Ticket getTicket() {
+ return cc.getCredentials().get(0).getTicket();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
new file mode 100644
index 0000000..c32854f
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.util;
+
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+
+/*
+The principal was created with password '123456'
+KVNO Principal
+---- --------------------------------------------------------------------------
+ 1 test@SH.INTEL.COM (des-cbc-crc)
+ 1 test@SH.INTEL.COM (des3-cbc-sha1)
+ 1 test@SH.INTEL.COM (des-hmac-sha1)
+ 1 test@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
+ 1 test@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
+ 1 test@SH.INTEL.COM (arcfour-hmac)
+ 1 test@SH.INTEL.COM (camellia256-cts-cmac)
+ 1 test@SH.INTEL.COM (camellia128-cts-cmac)
+ */
+public class KeysTest {
+ private static String TEST_PASSWORD = "123456";
+
+ private Keytab keytab;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream kis = KeysTest.class.getResourceAsStream("/test.keytab");
+ keytab = new Keytab();
+ keytab.load(kis);
+ }
+
+ @Test
+ public void testString2Key() throws KrbException {
+ List<PrincipalName> principals = keytab.getPrincipals();
+ PrincipalName principal = principals.get(0);
+ List<KeytabEntry> entries = keytab.getKeytabEntries(principal);
+ EncryptionKey genKey;
+ EncryptionType keyType;
+ for (KeytabEntry ke : entries) {
+ keyType = ke.getKey().getKeyType();
+ if (EncryptionHandler.isImplemented(keyType)) {
+ genKey = EncryptionHandler.string2Key(principal.getName(),
+ TEST_PASSWORD, keyType);
+ if(! ke.getKey().equals(genKey)) {
+ Assert.fail("str2key failed for key type: " + keyType.getName());
+ //System.err.println("str2key failed for key type: " + keyType.getName());
+ }
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
new file mode 100644
index 0000000..01cdaed
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.util;
+
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+
+/*
+The principal was created with password '123456'
+
+KVNO Principal
+---- --------------------------------------------------------------------------
+ 1 test@SH.INTEL.COM (des-cbc-crc)
+ 1 test@SH.INTEL.COM (des3-cbc-sha1)
+ 1 test@SH.INTEL.COM (des-hmac-sha1)
+ 1 test@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
+ 1 test@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
+ 1 test@SH.INTEL.COM (arcfour-hmac)
+ 1 test@SH.INTEL.COM (camellia256-cts-cmac)
+ 1 test@SH.INTEL.COM (camellia128-cts-cmac)
+ */
+public class KeytabTest {
+
+ private Keytab keytab;
+
+ @Before
+ public void setUp() throws IOException {
+ InputStream kis = KeytabTest.class.getResourceAsStream("/test.keytab");
+ keytab = new Keytab();
+ keytab.load(kis);
+ }
+
+ @Test
+ public void testKeytab() {
+ Assert.assertNotNull(keytab);
+
+ List<PrincipalName> principals = keytab.getPrincipals();
+ PrincipalName principal = principals.get(0);
+ List<KeytabEntry> entries = keytab.getKeytabEntries(principal);
+ for (KeytabEntry ke : entries) {
+ Assert.assertTrue(ke.getKvno() == 1);
+ }
+ }
+
+ public static void main(String[] args) throws IOException {
+ InputStream kis = KeytabTest.class.getResourceAsStream("test.keytab");
+ Keytab keytab = new Keytab();
+ keytab.load(kis);
+ System.out.println("Principals:" + keytab.getPrincipals().size());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc b/kerby-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc
new file mode 100644
index 0000000..2ae9f6e
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc b/kerby-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc
new file mode 100644
index 0000000..929c40e
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/arcfour-hmac.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/arcfour-hmac.cc b/kerby-kerb/kerb-util/src/test/resources/arcfour-hmac.cc
new file mode 100644
index 0000000..f7bb88d
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/arcfour-hmac.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt b/kerby-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
new file mode 100644
index 0000000..e6ebe8a
--- /dev/null
+++ b/kerby-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
@@ -0,0 +1,1036 @@
+
+KEYSIZE=128
+
+KEY=00000000000000000000000000000000
+
+I=1
+PT=80000000000000000000000000000000
+CT=07923A39EB0A817D1C4D87BDB82D1F1C
+
+I=2
+PT=40000000000000000000000000000000
+CT=48CD6419809672D2349260D89A08D3D3
+
+I=3
+PT=20000000000000000000000000000000
+CT=D07493CCB2E95CE0B4945A05ACC97D82
+
+I=4
+PT=10000000000000000000000000000000
+CT=5DBE1EAC9F7080A88DBED7F6DA101448
+
+I=5
+PT=08000000000000000000000000000000
+CT=F01EE477D199DF2701027034B229622F
+
+I=6
+PT=04000000000000000000000000000000
+CT=C841587ABD9A912E563774CB569D051E
+
+I=7
+PT=02000000000000000000000000000000
+CT=1D9BC0C04546F0915C8CCD11391A455C
+
+I=8
+PT=01000000000000000000000000000000
+CT=05E6EBB4BA167F5C479CEFF3152F943B
+
+I=9
+PT=00800000000000000000000000000000
+CT=93211E0F788845B9FC0E4551FFE92AC9
+
+I=10
+PT=00400000000000000000000000000000
+CT=B6D35701CD8FADDE383BBE8E6B70BAF7
+
+I=11
+PT=00200000000000000000000000000000
+CT=8358F9F4EBCFEE348CB30551ACB151A0
+
+I=12
+PT=00100000000000000000000000000000
+CT=D57516EB5AD93C523E40521BF447AFCE
+
+I=13
+PT=00080000000000000000000000000000
+CT=66B2534C279C439133F52E5AD8B439A9
+
+I=14
+PT=00040000000000000000000000000000
+CT=A71C69184A9F63C2992A5F18F77C1FE9
+
+I=15
+PT=00020000000000000000000000000000
+CT=1ADCBE49AEACB9ECEBBD492B10E82C7B
+
+I=16
+PT=00010000000000000000000000000000
+CT=27E3BCFB227C5561DB6CF7FC30387036
+
+I=17
+PT=00008000000000000000000000000000
+CT=F4AE20365CC9D06B0CAE6B695ED2CEC1
+
+I=18
+PT=00004000000000000000000000000000
+CT=3DD682F0B641ED32AD3D43EA2A0456E4
+
+I=19
+PT=00002000000000000000000000000000
+CT=6E5D14A95ECC290B509EA6B673652E3A
+
+I=20
+PT=00001000000000000000000000000000
+CT=F1CDF0F8D7B3FFD95422D7CC0CF40B7B
+
+I=21
+PT=00000800000000000000000000000000
+CT=A9253D459A34C385A1F1B2CFFA3935C5
+
+I=22
+PT=00000400000000000000000000000000
+CT=291024D99FF09A47A1DEE45BA700AE52
+
+I=23
+PT=00000200000000000000000000000000
+CT=49241D9459B277187BB10081C60361C0
+
+I=24
+PT=00000100000000000000000000000000
+CT=AD9BA365CC4DD5553D2D9FE303841D88
+
+I=25
+PT=00000080000000000000000000000000
+CT=C2ECA616664A249DC622CC11196B4AE1
+
+I=26
+PT=00000040000000000000000000000000
+CT=6E1A2D4794BB0DC08777A0BC7523E70E
+
+I=27
+PT=00000020000000000000000000000000
+CT=6DB1F0CF59656BDD235E82B8CEF0BE8E
+
+I=28
+PT=00000010000000000000000000000000
+CT=52F239C5EAF401EBDC54D2F011FF4B6A
+
+I=29
+PT=00000008000000000000000000000000
+CT=6B58A08F648414B67FD6847D2AA51CBF
+
+I=30
+PT=00000004000000000000000000000000
+CT=2959DD5367885A75EB48053CF3251A36
+
+I=31
+PT=00000002000000000000000000000000
+CT=630B292E3B88EF641CDFD531E206605E
+
+I=32
+PT=00000001000000000000000000000000
+CT=4BBB88EF82B70593FCC56AFD91540FDB
+
+I=33
+PT=00000000800000000000000000000000
+CT=0A13055B118A45C606999257BD191426
+
+I=34
+PT=00000000400000000000000000000000
+CT=5CF8E5C9F15D7E4F865020224853EB77
+
+I=35
+PT=00000000200000000000000000000000
+CT=3898805042C7A4315C5EE51AF2DE47E2
+
+I=36
+PT=00000000100000000000000000000000
+CT=8D3F96372E87CBB0B375425B3A10B9E7
+
+I=37
+PT=00000000080000000000000000000000
+CT=4D9510A378BD784A70A66BCC75B7D3C8
+
+I=38
+PT=00000000040000000000000000000000
+CT=70DB1902D37CFBDFB98F7C516F79D416
+
+I=39
+PT=00000000020000000000000000000000
+CT=383C6C2AABEF7FDE25CD470BF774A331
+
+I=40
+PT=00000000010000000000000000000000
+CT=47CBCB5288349B1A15DC9F81FBEE6B8F
+
+I=41
+PT=00000000008000000000000000000000
+CT=21DA34D4468EEB13AED95DAE0FF48310
+
+I=42
+PT=00000000004000000000000000000000
+CT=021C9A8E6BD36FBD036411E5D852A80F
+
+I=43
+PT=00000000002000000000000000000000
+CT=6A459E2F839AF60ACDE83774D0BB5574
+
+I=44
+PT=00000000001000000000000000000000
+CT=C19255121F1B933CAE09E58AEC0E9977
+
+I=45
+PT=00000000000800000000000000000000
+CT=7BA949E27B2BE148A6B801F9305F43D5
+
+I=46
+PT=00000000000400000000000000000000
+CT=E8CEB1026BCF7BCEA32E8A380EA76DB7
+
+I=47
+PT=00000000000200000000000000000000
+CT=63F97747ED56A8F521B20CC65F6F9465
+
+I=48
+PT=00000000000100000000000000000000
+CT=2091CFDC629819106188424AC694F75B
+
+I=49
+PT=00000000000080000000000000000000
+CT=A91BDF8E8B88407942423CCE000527C4
+
+I=50
+PT=00000000000040000000000000000000
+CT=73F9B44B9635A3FD683DBF8D49E9825B
+
+I=51
+PT=00000000000020000000000000000000
+CT=9DC64B2133FAD5069FD9A7CC2FFFD1CC
+
+I=52
+PT=00000000000010000000000000000000
+CT=28240F81FEC36B71E13F1FEA7A7641E3
+
+I=53
+PT=00000000000008000000000000000000
+CT=20DD39FEE96CD2EFF972872A692B28FD
+
+I=54
+PT=00000000000004000000000000000000
+CT=47A9E40483EC1925B635E47E964E8E93
+
+I=55
+PT=00000000000002000000000000000000
+CT=9C0EBD822C49FB3D853DF5B315A87BA0
+
+I=56
+PT=00000000000001000000000000000000
+CT=C18D813FDB45A594C6DC24E5A1F6CE32
+
+I=57
+PT=00000000000000800000000000000000
+CT=7E5467FF245ECF80CB55C2D8E91F0711
+
+I=58
+PT=00000000000000400000000000000000
+CT=394D4365B77954FDEA4145FCF7A7A041
+
+I=59
+PT=00000000000000200000000000000000
+CT=B1D8311A492ED11F11E57B29221610C4
+
+I=60
+PT=00000000000000100000000000000000
+CT=E5FBB947A63AEA90163AF04AD6951EF8
+
+I=61
+PT=00000000000000080000000000000000
+CT=CA0627DDF580F0E7D59562825C9D0492
+
+I=62
+PT=00000000000000040000000000000000
+CT=EF98FFD1AED295AAE1860F0274C8F555
+
+I=63
+PT=00000000000000020000000000000000
+CT=8C698E5CFFF08FACE10C2DC5FF1E2A81
+
+I=64
+PT=00000000000000010000000000000000
+CT=35A7767E02032C35B5CE1A6F49C57C28
+
+I=65
+PT=00000000000000008000000000000000
+CT=AB36F8734E76EBA306CF00D6763D90B0
+
+I=66
+PT=00000000000000004000000000000000
+CT=E854EB66D4EC66889B5E6CD4F44A5806
+
+I=67
+PT=00000000000000002000000000000000
+CT=15B66DF1455ACD640B8716BCF5DB2D69
+
+I=68
+PT=00000000000000001000000000000000
+CT=4C57AB5333E5C2D4B7E30A007E449F48
+
+I=69
+PT=00000000000000000800000000000000
+CT=BA3E7FF28EB38EA09D8DB1440A9A3552
+
+I=70
+PT=00000000000000000400000000000000
+CT=64E60227AFD80C40C70186CC94804C1A
+
+I=71
+PT=00000000000000000200000000000000
+CT=CEB4423C20B4C91C2551F6FC227C9514
+
+I=72
+PT=00000000000000000100000000000000
+CT=F736894B843EF32DA28576DE500D448C
+
+I=73
+PT=00000000000000000080000000000000
+CT=58FDA98B678D15053D4B6C060368108C
+
+I=74
+PT=00000000000000000040000000000000
+CT=E28CAE384E578F47657755EBCD97996C
+
+I=75
+PT=00000000000000000020000000000000
+CT=0A64617BD4B5B166668240D105B7B6A2
+
+I=76
+PT=00000000000000000010000000000000
+CT=4BD090C7E3D365B5EA80F19B4798881E
+
+I=77
+PT=00000000000000000008000000000000
+CT=BC7B6CB9BFF4F72973BB2CD20A512C06
+
+I=78
+PT=00000000000000000004000000000000
+CT=4C7ADDC5C867594E9EE75F0AA6AB9C23
+
+I=79
+PT=00000000000000000002000000000000
+CT=1FBD05C71A36691AC6566A5298101D53
+
+I=80
+PT=00000000000000000001000000000000
+CT=42D7D6B1F499D412F8793972BD968DA2
+
+I=81
+PT=00000000000000000000800000000000
+CT=260EC86E2786FC68824576B934F32814
+
+I=82
+PT=00000000000000000000400000000000
+CT=576C26DFD7046F9357F34BEA7DFB26A0
+
+I=83
+PT=00000000000000000000200000000000
+CT=6D55E54BFB6F927174A02294C95E0F8F
+
+I=84
+PT=00000000000000000000100000000000
+CT=1A6CE91DD458229C7675A34950D10E23
+
+I=85
+PT=00000000000000000000080000000000
+CT=DAD0D5E7E000652825AA34D228EA8D8F
+
+I=86
+PT=00000000000000000000040000000000
+CT=E68013F48D75EAD2BBC0B0BDA5E690BF
+
+I=87
+PT=00000000000000000000020000000000
+CT=A07D92312FBAE37BFE8A834210AE4F9C
+
+I=88
+PT=00000000000000000000010000000000
+CT=6EEE5F8544CD7D456366EB448813989A
+
+I=89
+PT=00000000000000000000008000000000
+CT=F8E5C7FF4B79D7ABE8BFA2DD148820A8
+
+I=90
+PT=00000000000000000000004000000000
+CT=C6349D75C7472BBD66F95B3A07C79C91
+
+I=91
+PT=00000000000000000000002000000000
+CT=B85713C12D8658951CD1AD21C74D2CD2
+
+I=92
+PT=00000000000000000000001000000000
+CT=907AA00B9F7D47A97623FB55BA911F29
+
+I=93
+PT=00000000000000000000000800000000
+CT=DC3CD0ED23D11776FAB43A2A6A8F3557
+
+I=94
+PT=00000000000000000000000400000000
+CT=4BFE58A8FD69179C14765B09AB70B705
+
+I=95
+PT=00000000000000000000000200000000
+CT=A23996E0EA67EC280356E5F77130A551
+
+I=96
+PT=00000000000000000000000100000000
+CT=CDEADE859B3AACD273CCA85A3E2E45F2
+
+I=97
+PT=00000000000000000000000080000000
+CT=E0FC78489857D84DA03F40CE97147174
+
+I=98
+PT=00000000000000000000000040000000
+CT=7615EA6351F6BB12855E8579C6995D8E
+
+I=99
+PT=00000000000000000000000020000000
+CT=13E184344FE28C2E70ED0E4D0A8037F9
+
+I=100
+PT=00000000000000000000000010000000
+CT=A5FE395F568482B87BC3EB208C81C942
+
+I=101
+PT=00000000000000000000000008000000
+CT=B3103E11AF06C85565823F8CAA3159F6
+
+I=102
+PT=00000000000000000000000004000000
+CT=7EBC2234D271B89C519C396985300030
+
+I=103
+PT=00000000000000000000000002000000
+CT=0661D338F2E0C939BA1687820A768467
+
+I=104
+PT=00000000000000000000000001000000
+CT=EC2B42667C0195A90715499617884DA5
+
+I=105
+PT=00000000000000000000000000800000
+CT=AE077BA19D24E7188DDD3682FF196892
+
+I=106
+PT=00000000000000000000000000400000
+CT=98823C24B9C65A66073C7952DC2B4B5E
+
+I=107
+PT=00000000000000000000000000200000
+CT=6AB58432CBB3C2F503DA2D16796CC297
+
+I=108
+PT=00000000000000000000000000100000
+CT=EEB5EBB3A53E4196C2F22BC1A4DDF5E8
+
+I=109
+PT=00000000000000000000000000080000
+CT=33DC40AC5FDC126D38878416AF6C0FA6
+
+I=110
+PT=00000000000000000000000000040000
+CT=38EDDC08E18B4AD982CEA921D2765A9A
+
+I=111
+PT=00000000000000000000000000020000
+CT=7D6BEA038E9347C642E18631660A9558
+
+I=112
+PT=00000000000000000000000000010000
+CT=FDA57921A473B5EE3700AD5ADF035019
+
+I=113
+PT=00000000000000000000000000008000
+CT=699B4812E200337E9C1D2C397F0DFE4E
+
+I=114
+PT=00000000000000000000000000004000
+CT=7A1EADF68B0807145D6C414852DECFC8
+
+I=115
+PT=00000000000000000000000000002000
+CT=1645FFAA8AD76689C01DA8C40882781F
+
+I=116
+PT=00000000000000000000000000001000
+CT=BA0C053BE702FA62FC66D8FEB12FC97E
+
+I=117
+PT=00000000000000000000000000000800
+CT=841FD8AF69CF2C31F7D4D7B6959662B5
+
+I=118
+PT=00000000000000000000000000000400
+CT=F675D59BDB33231861268F539829DA0B
+
+I=119
+PT=00000000000000000000000000000200
+CT=A4967F45ABB4E8C7DC5E3806680F35E0
+
+I=120
+PT=00000000000000000000000000000100
+CT=4D7E08081CC82F92ABA7C58C99F8343F
+
+I=121
+PT=00000000000000000000000000000080
+CT=9AEFDB287C119B82353612B60ECCBFD8
+
+I=122
+PT=00000000000000000000000000000040
+CT=979BB6A1553A17592A86E78DF144A699
+
+I=123
+PT=00000000000000000000000000000020
+CT=A6FA8CAB06FD2E5BF3A858983C01757A
+
+I=124
+PT=00000000000000000000000000000010
+CT=BE8511254C31E25420B91D6FEF1710ED
+
+I=125
+PT=00000000000000000000000000000008
+CT=F589A908D18A21894971C0433581E1A5
+
+I=126
+PT=00000000000000000000000000000004
+CT=4237585130E7C9F715235EB1D8C94DE7
+
+I=127
+PT=00000000000000000000000000000002
+CT=DEFE3E0B5C54C94B4F2A0F5A46F6210D
+
+I=128
+PT=00000000000000000000000000000001
+CT=F5574ACC3148DFCB9015200631024DF9
+
+==========
+
+KEYSIZE=256
+
+KEY=0000000000000000000000000000000000000000000000000000000000000000
+
+I=1
+PT=80000000000000000000000000000000
+CT=B0C6B88AEA518AB09E847248E91B1B9D
+
+I=2
+PT=40000000000000000000000000000000
+CT=B8D7684E35FA1DB15BDCEE7A48659858
+
+I=3
+PT=20000000000000000000000000000000
+CT=F0CAD59AF92FBB79F36951E697492750
+
+I=4
+PT=10000000000000000000000000000000
+CT=117100F6635389560DC4A2DA24EBA70F
+
+I=5
+PT=08000000000000000000000000000000
+CT=DBDD62355553019ED84C35886421E532
+
+I=6
+PT=04000000000000000000000000000000
+CT=9CB8D04FA506F19848F7B9110518BFC8
+
+I=7
+PT=02000000000000000000000000000000
+CT=E4308E253BC3444D293500701BA82C6A
+
+I=8
+PT=01000000000000000000000000000000
+CT=EA2FAE53F7F30C0170A20E95A068503E
+
+I=9
+PT=00800000000000000000000000000000
+CT=14B14839EA221880B2C64D1FE000B93D
+
+I=10
+PT=00400000000000000000000000000000
+CT=A5CFC075B342D5101AACC334E73058BB
+
+I=11
+PT=00200000000000000000000000000000
+CT=477EA56B2EBAD0F8AC5E1936866560FF
+
+I=12
+PT=00100000000000000000000000000000
+CT=107E8598418404196EC59F63E45B7F6D
+
+I=13
+PT=00080000000000000000000000000000
+CT=FF6A891E7C1C074A68FEC291928FDD8D
+
+I=14
+PT=00040000000000000000000000000000
+CT=F64C250A13F45D377ADB7545B2B157A9
+
+I=15
+PT=00020000000000000000000000000000
+CT=FAD0F252086F11C830C65B63197CBC38
+
+I=16
+PT=00010000000000000000000000000000
+CT=9DCB89B209441F02AD0D25C6AB826629
+
+I=17
+PT=00008000000000000000000000000000
+CT=E62E4ED4E4F34EDC563710D960E09D4C
+
+I=18
+PT=00004000000000000000000000000000
+CT=98A1B926BA06895C3F2E84CCBACBC356
+
+I=19
+PT=00002000000000000000000000000000
+CT=29BE0BE4DB7F4D196718AEA38F3B0BFD
+
+I=20
+PT=00001000000000000000000000000000
+CT=F670C4EBECBA0B43E71F6D752BFD4854
+
+I=21
+PT=00000800000000000000000000000000
+CT=7D7666B4484CDB7E3605468E093A787C
+
+I=22
+PT=00000400000000000000000000000000
+CT=562D06B181C091DA6C43642AE99460C6
+
+I=23
+PT=00000200000000000000000000000000
+CT=AB0EFB5975E6186B7D76BC9672453488
+
+I=24
+PT=00000100000000000000000000000000
+CT=10C0756538E7BFF88D19AE2B1F7B859A
+
+I=25
+PT=00000080000000000000000000000000
+CT=AF7FCD5248F8C72F1695AA05DD1CADE0
+
+I=26
+PT=00000040000000000000000000000000
+CT=9841E555655609A75D7BE20B8A90EF1E
+
+I=27
+PT=00000020000000000000000000000000
+CT=27F9546E6A1B7464780000561783569C
+
+I=28
+PT=00000010000000000000000000000000
+CT=8671D935D7A8354EECB7288803D42D7A
+
+I=29
+PT=00000008000000000000000000000000
+CT=0DA44F508DEBC6F044394624FCEB8EBE
+
+I=30
+PT=00000004000000000000000000000000
+CT=AB137369BE6D93FBB18006BDB236EC09
+
+I=31
+PT=00000002000000000000000000000000
+CT=EB90C4E597A7E1779FFA260886E26F75
+
+I=32
+PT=00000001000000000000000000000000
+CT=618CF3588D5C128EAF252616230E08F7
+
+I=33
+PT=00000000800000000000000000000000
+CT=98DC4DB49D197AB9152D12B9DE2D73CA
+
+I=34
+PT=00000000400000000000000000000000
+CT=5BDDE24B15702A35E1F140C57D206443
+
+I=35
+PT=00000000200000000000000000000000
+CT=CF755809882BED8BA2F9F1A4ED296A2B
+
+I=36
+PT=00000000100000000000000000000000
+CT=F1A8DBB999538AE89D16F92A7F4D1DF1
+
+I=37
+PT=00000000080000000000000000000000
+CT=775222FDDAAECB81CF675C4E0B98179E
+
+I=38
+PT=00000000040000000000000000000000
+CT=12A648CADCD153C760A965826683119A
+
+I=39
+PT=00000000020000000000000000000000
+CT=0503FB10AB241E7CF45D8CDEEE474335
+
+I=40
+PT=00000000010000000000000000000000
+CT=3D299C0070CBBD831B802690B8E7CA24
+
+I=41
+PT=00000000008000000000000000000000
+CT=33105BD4D11D66753DC34D128BEFE3F4
+
+I=42
+PT=00000000004000000000000000000000
+CT=5EFCE2B4B987C0F77D27B44836881682
+
+I=43
+PT=00000000002000000000000000000000
+CT=7835449454128035D7F0EA99E327577B
+
+I=44
+PT=00000000001000000000000000000000
+CT=27BEDDA0601BE35122FB1D272D73AB3E
+
+I=45
+PT=00000000000800000000000000000000
+CT=54C3F99FF48E318CC515EDE75800C4B3
+
+I=46
+PT=00000000000400000000000000000000
+CT=C627C329F8E48299F6FDB23B9DBEA0BB
+
+I=47
+PT=00000000000200000000000000000000
+CT=1B6578F9E23BD8C1845A02431C5F9AA3
+
+I=48
+PT=00000000000100000000000000000000
+CT=6DB2FB8C0B9344D0547C0FF1292020C6
+
+I=49
+PT=00000000000080000000000000000000
+CT=4FAD9B2C37C131493FBEF53581FA4F83
+
+I=50
+PT=00000000000040000000000000000000
+CT=47502A01E93D2C87BD5584F6AFD3D99D
+
+I=51
+PT=00000000000020000000000000000000
+CT=056E1C6F651BFE50271B3B7A18E76D84
+
+I=52
+PT=00000000000010000000000000000000
+CT=5632BAF6627B3D96AD4E06FA6A561F55
+
+I=53
+PT=00000000000008000000000000000000
+CT=E29807CAACDFA2D41A7D9E91FA7FD8EB
+
+I=54
+PT=00000000000004000000000000000000
+CT=81DD44BB5D1822DEE605F9E6FF01D7B3
+
+I=55
+PT=00000000000002000000000000000000
+CT=5C3649925E47D7FF96482A8FBD9666FD
+
+I=56
+PT=00000000000001000000000000000000
+CT=695415A836E66E737887845EC08A1ADB
+
+I=57
+PT=00000000000000800000000000000000
+CT=F5416BCE292D9E2CEA5D1CC70BBAEED1
+
+I=58
+PT=00000000000000400000000000000000
+CT=7AEC4F1388FC29C47F7FED74ADDE8485
+
+I=59
+PT=00000000000000200000000000000000
+CT=82A9F1A6CE08BC4876E649D8A8EA7EB6
+
+I=60
+PT=00000000000000100000000000000000
+CT=B6296C88ADF1A792908B065EEB04BFC2
+
+I=61
+PT=00000000000000080000000000000000
+CT=E766A39AECCA40BDBFBE6FF3FA292913
+
+I=62
+PT=00000000000000040000000000000000
+CT=C6D081454EA00D83C23B5A62C84359E1
+
+I=63
+PT=00000000000000020000000000000000
+CT=85D259A79CCA80484504D1603F7A8F53
+
+I=64
+PT=00000000000000010000000000000000
+CT=D8291FA1C6DC250078824B2D0A20883F
+
+I=65
+PT=00000000000000008000000000000000
+CT=95387CB74C48FFBD1F8D64A6CC45E074
+
+I=66
+PT=00000000000000004000000000000000
+CT=A17F975F538F56CDF629B516011DE837
+
+I=67
+PT=00000000000000002000000000000000
+CT=B50B615A1654C6E1CB6AB33716C097FE
+
+I=68
+PT=00000000000000001000000000000000
+CT=7BBB2CBB874DF6C8B821DA7FB0F9011B
+
+I=69
+PT=00000000000000000800000000000000
+CT=E9EFE074D096A275E47CD2E6206DF6A1
+
+I=70
+PT=00000000000000000400000000000000
+CT=88F2F8D5A836406AE8BBB98C65BBDA55
+
+I=71
+PT=00000000000000000200000000000000
+CT=F64620D8D87585A3EF038B9AD58F5EA0
+
+I=72
+PT=00000000000000000100000000000000
+CT=694438EC141C8ED5F2F898B4554A298F
+
+I=73
+PT=00000000000000000080000000000000
+CT=3E6226EC7726A1EE5F5FA9B18CCE8C44
+
+I=74
+PT=00000000000000000040000000000000
+CT=8AB6949E79911647800B9E87362AB97A
+
+I=75
+PT=00000000000000000020000000000000
+CT=093C5CF24EDAF7F9F1C8A80DE4FF50A9
+
+I=76
+PT=00000000000000000010000000000000
+CT=28A36E50061F19E240351ED0E378CBF4
+
+I=77
+PT=00000000000000000008000000000000
+CT=B93BB36CB88BF26EA79198652AA51D3C
+
+I=78
+PT=00000000000000000004000000000000
+CT=DE4948083D044FAC9BCA6DA8CD67B8A6
+
+I=79
+PT=00000000000000000002000000000000
+CT=6E778B5BDA6CA118117E47470D080D3C
+
+I=80
+PT=00000000000000000001000000000000
+CT=0A9107324DA32B4281D032A3487EF875
+
+I=81
+PT=00000000000000000000800000000000
+CT=18ED5635312D71ABD123CCE779D4D68A
+
+I=82
+PT=00000000000000000000400000000000
+CT=2E3C63F95C4BC1F944BAB06DEDC9AA8E
+
+I=83
+PT=00000000000000000000200000000000
+CT=ACCC869EF07004C8C3C709083BE7BA2F
+
+I=84
+PT=00000000000000000000100000000000
+CT=DF60B34FB1A59147CC1FB049C1578206
+
+I=85
+PT=00000000000000000000080000000000
+CT=4228DC636C08E41021054AA0E1E2227A
+
+I=86
+PT=00000000000000000000040000000000
+CT=7CE27F66EFD735FFD6B3E1738C50495B
+
+I=87
+PT=00000000000000000000020000000000
+CT=F8E74B33A9CDE351DA0BBC06D69093D7
+
+I=88
+PT=00000000000000000000010000000000
+CT=AE0D22A5B37B8DC5D81CC641EED334D0
+
+I=89
+PT=00000000000000000000008000000000
+CT=C181C6CA5E163743458B9167A0B6A16A
+
+I=90
+PT=00000000000000000000004000000000
+CT=5171F4F6095E4B276CFBA1F07223FBE6
+
+I=91
+PT=00000000000000000000002000000000
+CT=2732F4D3A8C9D1D8D493840D6E0B864F
+
+I=92
+PT=00000000000000000000001000000000
+CT=3EF04E0059A061D973532CA5C1DFBE7B
+
+I=93
+PT=00000000000000000000000800000000
+CT=6D9A8F23579E4978EBAA87B5ADEB77E5
+
+I=94
+PT=00000000000000000000000400000000
+CT=BBD08873CC44BA4253C0C41FEEB7F124
+
+I=95
+PT=00000000000000000000000200000000
+CT=72E4B2437CBD283F3809CE686F6A591E
+
+I=96
+PT=00000000000000000000000100000000
+CT=6E5580514B92512B1BF4B1B987B9AA1B
+
+I=97
+PT=00000000000000000000000080000000
+CT=5EF5D0C5BCBDCB604D3A083B68CE0FA3
+
+I=98
+PT=00000000000000000000000040000000
+CT=9D991FDD723AD2182777A15CA0E0F665
+
+I=99
+PT=00000000000000000000000020000000
+CT=24440626EFC8F86BEA7DE78085AB8A22
+
+I=100
+PT=00000000000000000000000010000000
+CT=17C3630D62D13C1E826C0FCCBD74A864
+
+I=101
+PT=00000000000000000000000008000000
+CT=4CF5AB86A56AB134A7FE46CCE3F9FCE9
+
+I=102
+PT=00000000000000000000000004000000
+CT=3E6B9C0388F6D9B8F458F30221907607
+
+I=103
+PT=00000000000000000000000002000000
+CT=AD9C926B8A5CD98EEE88200617E59958
+
+I=104
+PT=00000000000000000000000001000000
+CT=AFF8AED5E075E02AF720CA4BF0028B3B
+
+I=105
+PT=00000000000000000000000000800000
+CT=D90EAFF909202BB209BB3BB8C7F9A954
+
+I=106
+PT=00000000000000000000000000400000
+CT=2C709B00E6A22F00F64A7D8EE341853F
+
+I=107
+PT=00000000000000000000000000200000
+CT=CCEC598F0D9F0BF201B2F487136D54A4
+
+I=108
+PT=00000000000000000000000000100000
+CT=73B2883A0A166AAE1BF14E60A5195FA3
+
+I=109
+PT=00000000000000000000000000080000
+CT=E676867BD9AD5EF915143388496779D7
+
+I=110
+PT=00000000000000000000000000040000
+CT=CDCB73D1BFCFD4BE7F1DAA9B1C6A4055
+
+I=111
+PT=00000000000000000000000000020000
+CT=02A3A5C89DAA24CD2C517F7A73286A89
+
+I=112
+PT=00000000000000000000000000010000
+CT=C0FA2AC9E92EE58C2DD12D6D43AB7035
+
+I=113
+PT=00000000000000000000000000008000
+CT=EDC2CB1F7291353BDBF2385519E6AE16
+
+I=114
+PT=00000000000000000000000000004000
+CT=B4B62D16D197A98CD3B978812B9D9884
+
+I=115
+PT=00000000000000000000000000002000
+CT=5CDFC95A529A905101CEA26BC1B891ED
+
+I=116
+PT=00000000000000000000000000001000
+CT=CC7150CD3650B98363296C7C4ED368D1
+
+I=117
+PT=00000000000000000000000000000800
+CT=CC57706B0C6526B8E25A5DBD32EACBDB
+
+I=118
+PT=00000000000000000000000000000400
+CT=30D30456AD98B182D64C649648F6AEC9
+
+I=119
+PT=00000000000000000000000000000200
+CT=D7E9DA7F631938EB649A08AF82FBD75F
+
+I=120
+PT=00000000000000000000000000000100
+CT=B8DA2AF6600B07895B5D0FFAF4991469
+
+I=121
+PT=00000000000000000000000000000080
+CT=0F6F64F930BA6C178943322B98114599
+
+I=122
+PT=00000000000000000000000000000040
+CT=8B1F247802E47C91BEE2AA34ECFD7A01
+
+I=123
+PT=00000000000000000000000000000020
+CT=7A6985778D3A66E97F23E01F0D0E45E7
+
+I=124
+PT=00000000000000000000000000000010
+CT=BA664AC39855518DFDEE10D1B3111FAE
+
+I=125
+PT=00000000000000000000000000000008
+CT=7C92854D801A1648F65CA81813DDBF83
+
+I=126
+PT=00000000000000000000000000000004
+CT=6A3F25AAB7E92D9CF378E5D9C040F26B
+
+I=127
+PT=00000000000000000000000000000002
+CT=3D4B2CDE666761BA5DFB305178E667FB
+
+I=128
+PT=00000000000000000000000000000001
+CT=9CDB269B5D293BC5DB9C55B057D9B591
+
+==========
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc b/kerby-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc
new file mode 100644
index 0000000..5d6f8a5
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc b/kerby-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc
new file mode 100644
index 0000000..c9a6ecd
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/des-cbc-crc.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/des-cbc-crc.cc b/kerby-kerb/kerb-util/src/test/resources/des-cbc-crc.cc
new file mode 100644
index 0000000..b43fe30
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/des-cbc-crc.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc b/kerby-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc
new file mode 100644
index 0000000..ba2f6ea
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/krbtgt.keytab
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/krbtgt.keytab b/kerby-kerb/kerb-util/src/test/resources/krbtgt.keytab
new file mode 100644
index 0000000..08bd0c1
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/krbtgt.keytab differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/test.cc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/test.cc b/kerby-kerb/kerb-util/src/test/resources/test.cc
new file mode 100644
index 0000000..22a27e8
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/test.cc differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-util/src/test/resources/test.keytab
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-util/src/test/resources/test.keytab b/kerby-kerb/kerb-util/src/test/resources/test.keytab
new file mode 100644
index 0000000..5a9c733
Binary files /dev/null and b/kerby-kerb/kerb-util/src/test/resources/test.keytab differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/pom.xml b/kerby-kerb/pom.xml
new file mode 100644
index 0000000..048736b
--- /dev/null
+++ b/kerby-kerb/pom.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-kerb</artifactId>
+ <name>Kerby-kerb Project</name>
+ <version>1.0-SNAPSHOT</version>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>kerb-core</module>
+ <module>kerb-core-test</module>
+ <module>kerb-common</module>
+ <module>kerb-util</module>
+ <module>kerb-crypto</module>
+ <module>kerb-identity</module>
+ <module>kerb-client</module>
+ <module>kerb-server</module>
+ <module>kerb-kdc-test</module>
+ </modules>
+
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/README
----------------------------------------------------------------------
diff --git a/lib/kerby-config/README b/lib/kerby-config/README
new file mode 100644
index 0000000..37eb019
--- /dev/null
+++ b/lib/kerby-config/README
@@ -0,0 +1 @@
+An unified configuration API that crosses various popular configuration formats like XML, JSON, INI and etc.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-config/pom.xml b/lib/kerby-config/pom.xml
new file mode 100644
index 0000000..1499d09
--- /dev/null
+++ b/lib/kerby-config/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>kerby-config</artifactId>
+ <name>Kerby Config</name>
+ <description>Kerby config library</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/Conf.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/Conf.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/Conf.java
new file mode 100644
index 0000000..3327fa3
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/Conf.java
@@ -0,0 +1,285 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.*;
+
+public class Conf implements Config {
+ private static final Logger logger = LoggerFactory.getLogger(Conf.class);
+
+ private List<ConfigLoader> resourceConfigs;
+ private final ConfigImpl config;
+ private boolean needReload;
+
+ public Conf() {
+ this.resourceConfigs = new ArrayList<ConfigLoader>(1);
+ this.config = new ConfigImpl("Conf");
+ this.needReload = true;
+ }
+
+ public void addXmlConfig(File xmlFile) throws IOException {
+ addResource(Resource.createXmlResource(xmlFile));
+ }
+
+ public void addIniConfig(File iniFile) throws IOException {
+ addResource(Resource.createIniResource(iniFile));
+ }
+
+ public void addJsonConfig(File jsonFile) throws IOException {
+ addResource(Resource.createJsonResource(jsonFile));
+ }
+
+ public void addPropertiesConfig(File propertiesFile) throws IOException {
+ addResource(Resource.createPropertiesFileResource(propertiesFile));
+ }
+
+ public void addPropertiesConfig(Properties propertiesConfig) {
+ addResource(Resource.createPropertiesResource(propertiesConfig));
+ }
+
+ public void addMapConfig(Map<String, String> mapConfig) {
+ addResource(Resource.createMapResource(mapConfig));
+ }
+
+ public void addResource(Resource resource) {
+ ConfigLoader loader = getLoader(resource);
+ resourceConfigs.add(loader);
+ needReload = true;
+ }
+
+ private static ConfigLoader getLoader(Resource resource) {
+ ConfigLoader loader = null;
+
+ Class<? extends ConfigLoader> loaderClass = resource.getFormat().getLoaderClass();
+ try {
+ loader = loaderClass.newInstance();
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to create org.haox.config loader for " + loaderClass.getName(), e);
+ }
+ loader.setResource(resource);
+ return loader;
+ }
+
+ private void checkAndLoad() {
+ if (needReload) {
+ reload();
+ needReload = false;
+ }
+ }
+
+ public void reload() {
+ config.reset();
+ if (resourceConfigs.size() == 1) {
+ ConfigLoader loader = resourceConfigs.get(0);
+ loader.setConfig(config);
+ loader.load();
+ } else {
+ for (ConfigLoader loader : resourceConfigs) {
+ Config loaded = loader.load();
+ config.add(loaded);
+ }
+ }
+ }
+
+ @Override
+ public String getResource() {
+ checkAndLoad();
+ return config.getResource();
+ }
+
+ @Override
+ public Set<String> getNames() {
+ checkAndLoad();
+ return config.getNames();
+ }
+
+ @Override
+ public String getString(String name) {
+ checkAndLoad();
+ return config.getString(name);
+ }
+
+ @Override
+ public String getString(ConfigKey name) {
+ checkAndLoad();
+ return config.getString(name);
+ }
+
+ @Override
+ public String getString(String name, String defaultValue) {
+ checkAndLoad();
+ return config.getString(name, defaultValue);
+ }
+
+ @Override
+ public String getTrimmed(String name) {
+ checkAndLoad();
+ return config.getTrimmed(name);
+ }
+
+ @Override
+ public String getTrimmed(ConfigKey name) {
+ checkAndLoad();
+ return config.getTrimmed(name);
+ }
+
+ @Override
+ public Boolean getBoolean(String name) {
+ checkAndLoad();
+ return config.getBoolean(name);
+ }
+
+ @Override
+ public Boolean getBoolean(ConfigKey name) {
+ checkAndLoad();
+ return config.getBoolean(name);
+ }
+
+ @Override
+ public Boolean getBoolean(String name, boolean defaultValue) {
+ checkAndLoad();
+ return config.getBoolean(name, defaultValue);
+ }
+
+ @Override
+ public Integer getInt(String name) {
+ checkAndLoad();
+ return config.getInt(name);
+ }
+
+ @Override
+ public Integer getInt(ConfigKey name) {
+ checkAndLoad();
+ return config.getInt(name);
+ }
+
+ @Override
+ public Integer getInt(String name, int defaultValue) {
+ checkAndLoad();
+ return config.getInt(name, defaultValue);
+ }
+
+ @Override
+ public Long getLong(String name) {
+ checkAndLoad();
+ return config.getLong(name);
+ }
+
+ @Override
+ public Long getLong(ConfigKey name) {
+ checkAndLoad();
+ return config.getLong(name);
+ }
+
+ @Override
+ public Long getLong(String name, long defaultValue) {
+ checkAndLoad();
+ return config.getLong(name, defaultValue);
+ }
+
+ @Override
+ public Float getFloat(String name) {
+ checkAndLoad();
+ return config.getFloat(name);
+ }
+
+ @Override
+ public Float getFloat(ConfigKey name) {
+ checkAndLoad();
+ return config.getFloat(name);
+ }
+
+ @Override
+ public Float getFloat(String name, float defaultValue) {
+ checkAndLoad();
+ return config.getFloat(name, defaultValue);
+ }
+
+ @Override
+ public List<String> getList(String name) {
+ checkAndLoad();
+ return config.getList(name);
+ }
+
+ @Override
+ public List<String> getList(String name, String[] defaultValue) {
+ checkAndLoad();
+ return config.getList(name, defaultValue);
+ }
+
+ @Override
+ public List<String> getList(ConfigKey name) {
+ checkAndLoad();
+ return config.getList(name);
+ }
+
+ @Override
+ public Config getConfig(String name) {
+ checkAndLoad();
+ return config.getConfig(name);
+ }
+
+ @Override
+ public Config getConfig(ConfigKey name) {
+ checkAndLoad();
+ return config.getConfig(name);
+ }
+
+ @Override
+ public Class<?> getClass(String name) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getClass(name);
+ }
+
+ @Override
+ public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getClass(name, defaultValue);
+ }
+
+ @Override
+ public Class<?> getClass(ConfigKey name) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getClass(name);
+ }
+
+ @Override
+ public <T> T getInstance(String name) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getInstance(name);
+ }
+
+ @Override
+ public <T> T getInstance(ConfigKey name) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getInstance(name);
+ }
+
+ @Override
+ public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException {
+ checkAndLoad();
+ return config.getInstance(name, xface);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/Config.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/Config.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/Config.java
new file mode 100644
index 0000000..14bfb16
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/Config.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.util.List;
+import java.util.Set;
+
+public interface Config {
+ public String getResource();
+ public Set<String> getNames();
+
+ public String getString(String name);
+ public String getString(ConfigKey name);
+ public String getString(String name, String defaultValue);
+ public String getTrimmed(String name);
+ public String getTrimmed(ConfigKey name);
+ public Boolean getBoolean(String name);
+ public Boolean getBoolean(ConfigKey name);
+ public Boolean getBoolean(String name, boolean defaultValue);
+ public Integer getInt(String name);
+ public Integer getInt(ConfigKey name);
+ public Integer getInt(String name, int defaultValue);
+ public Long getLong(String name);
+ public Long getLong(ConfigKey name);
+ public Long getLong(String name, long defaultValue);
+ public Float getFloat(String name);
+ public Float getFloat(ConfigKey name);
+ public Float getFloat(String name, float defaultValue);
+ public List<String> getList(String name);
+ public List<String> getList(String name, String[] defaultValue);
+ public List<String> getList(ConfigKey name);
+ public Config getConfig(String name);
+ public Config getConfig(ConfigKey name);
+
+ public Class<?> getClass(String name) throws ClassNotFoundException;
+ public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException;
+ public Class<?> getClass(ConfigKey name) throws ClassNotFoundException;
+ public <T> T getInstance(String name) throws ClassNotFoundException;
+ public <T> T getInstance(ConfigKey name) throws ClassNotFoundException;
+ public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException;
+}
[41/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/Resource.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/Resource.java b/contrib/haox-config/src/main/java/org/apache/haox/config/Resource.java
deleted file mode 100644
index 090c381..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/Resource.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.net.URL;
-import java.util.Map;
-import java.util.Properties;
-
-public class Resource {
- public static enum Format {
- XML_FILE(XmlConfigLoader.class),
- INI_FILE(IniConfigLoader.class),
- JSON_FILE(JsonConfigLoader.class),
- PROPERTIES_FILE(PropertiesFileConfigLoader.class),
- MAP(MapConfigLoader.class),
- PROPERTIES(PropertiesConfigLoader.class);
-
- private Class<? extends ConfigLoader> loaderClass;
-
- private Format(Class<? extends ConfigLoader> loaderClass) {
- this.loaderClass = loaderClass;
- }
-
- public Class<? extends ConfigLoader> getLoaderClass() {
- return loaderClass;
- }
- }
-
- private String name;
- private Object resource;
- private Format format;
-
- public static Resource createXmlResource(File xmlFile) throws IOException {
- return new Resource(xmlFile.getName(), xmlFile, Format.XML_FILE);
- }
-
- public static Resource createIniResource(File iniFile) throws IOException {
- return new Resource(iniFile.getName(), iniFile, Format.INI_FILE);
- }
-
- public static Resource createJsonResource(File jsonFile) throws IOException {
- return new Resource(jsonFile.getName(), jsonFile, Format.JSON_FILE);
- }
-
- public static Resource createXmlResource(URL xmlUrl) throws IOException {
- return new Resource(xmlUrl, Format.XML_FILE);
- }
-
- public static Resource createIniResource(URL iniUrl) throws IOException {
- return new Resource(iniUrl, Format.INI_FILE);
- }
-
- public static Resource createJsonResource(URL jsonUrl) throws IOException {
- return new Resource(jsonUrl, Format.JSON_FILE);
- }
-
- public static Resource createMapResource(Map<String,String> mapConfig) {
- return new Resource("mapConfig", mapConfig, Format.MAP);
- }
-
- public static Resource createPropertiesFileResource(File propFile) throws IOException {
- return new Resource(propFile.getName(), propFile, Format.PROPERTIES_FILE);
- }
-
- public static Resource createPropertiesResource(Properties propertiesConfig) {
- return new Resource("propConfig", propertiesConfig, Format.PROPERTIES);
- }
-
- private Resource(String name, File resourceFile, Format format) throws FileNotFoundException {
- this(name, new FileInputStream(resourceFile), format);
- }
-
- private Resource(URL resourceUrl, Format format) throws IOException {
- this(resourceUrl.toString(), resourceUrl.openStream(), format);
- }
-
- private Resource(String name, Object resourceStream, Format format) {
- this.name = name;
- this.resource = resourceStream;
- this.format = format;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-
- public String getName() {
- return name;
- }
-
- public Object getResource() {
- return resource;
- }
-
- public Format getFormat() {
- return format;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/XmlConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/XmlConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/XmlConfigLoader.java
deleted file mode 100644
index b507363..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/XmlConfigLoader.java
+++ /dev/null
@@ -1,159 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.*;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-public class XmlConfigLoader extends ConfigLoader {
- private static final Logger logger = LoggerFactory.getLogger(Config.class);
-
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
- Element doc = loadResourceDocument(resource);
- loadConfig((ConfigImpl) config, doc);
- }
-
- private Element loadResourceDocument(Resource resource) throws Exception {
- DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
-
- docBuilderFactory.setIgnoringComments(true);
- docBuilderFactory.setNamespaceAware(true);
- try {
- docBuilderFactory.setXIncludeAware(true);
- } catch (UnsupportedOperationException e) {
- logger.error("Failed to set setXIncludeAware(true) for parser", e);
- }
- DocumentBuilder builder = docBuilderFactory.newDocumentBuilder();
- InputStream is = (InputStream) resource.getResource();
- Document doc = null;
- try {
- doc = builder.parse(is);
- } finally {
- is.close();
- }
-
- Element root = doc.getDocumentElement();
- validateConfig(root);
-
- return root;
- }
-
- private boolean validateConfig(Element root) {
- boolean valid = false;
-
- if ("config".equals(root.getTagName())) {
- valid = true;
- } else {
- logger.error("bad conf element: top-level element not <configuration>");
- }
-
- return valid;
- }
-
- private void loadConfig(ConfigImpl conifg, Element element) {
- String name;
- ConfigObject value;
-
- NodeList props = element.getChildNodes();
- for (int i = 0; i < props.getLength(); i++) {
- Node subNode = props.item(i);
- if (!(subNode instanceof Element)) {
- continue;
- }
-
- Element prop = (Element)subNode;
- name = getElementName(prop);
- if (name == null) {
- continue;
- }
-
- value = null;
- String tagName = prop.getTagName();
- if ("property".equals(tagName) && prop.hasChildNodes()) {
- value = loadProperty(prop);
- } else if ("config".equals(tagName) && prop.hasChildNodes()) {
- ConfigImpl cfg = new ConfigImpl(name);
- loadConfig(cfg, prop);
- value = new ConfigObject(cfg);
- }
-
- if (name != null) {
- conifg.set(name, value);
- }
- }
- }
-
- private static ConfigObject loadProperty(Element ele) {
- String value = null;
- if (ele.getFirstChild() instanceof Text) {
- value = ((Text)ele.getFirstChild()).getData();
- return new ConfigObject(value);
- }
-
- ConfigObject result = null;
- NodeList nodes = ele.getChildNodes();
- List<String> values = new ArrayList<String>(nodes.getLength());
- for (int i = 0; i < nodes.getLength(); i++) {
- value = null;
- Node valueNode = nodes.item(i);
- if (!(valueNode instanceof Element))
- continue;
-
- Element valueEle = (Element)valueNode;
- if ("value".equals(valueEle.getTagName()) && valueEle.hasChildNodes()) {
- value = ((Text)valueEle.getFirstChild()).getData();
- }
-
- if (value != null) {
- values.add(value);
- }
- }
- return new ConfigObject(values);
- }
-
- private static String getElementName(Element ele) {
- String name, value;
- Node node;
- Attr attr;
-
- NamedNodeMap nnm = ele.getAttributes();
- for (int i = 0; i < nnm.getLength(); ++i) {
- node = nnm.item(i);
- if (!(node instanceof Attr))
- continue;
- attr = (Attr) node;
- name = attr.getName();
- value = attr.getValue();
-
- if ("name".equals(name)) {
- return value;
- }
- }
- return null;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/test/java/org/apache/haox/config/ConfTest.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/test/java/org/apache/haox/config/ConfTest.java b/contrib/haox-config/src/test/java/org/apache/haox/config/ConfTest.java
deleted file mode 100644
index 592ed3d..0000000
--- a/contrib/haox-config/src/test/java/org/apache/haox/config/ConfTest.java
+++ /dev/null
@@ -1,135 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.apache.haox.config.Conf;
-import org.apache.haox.config.ConfigKey;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-/**
- * The test is base on the Conf level.
- * We hope users use the Conf object only, and don't need to care about its internal implementation.
- */
-public class ConfTest {
-
- @Test
- public void testMapConfig() {
- String strProp = "hello";
- Integer intProp = 123456;
- Boolean boolProp = true;
- Map<String, String> mapConfig = new HashMap<String, String>();
- mapConfig.put("strProp", strProp);
- mapConfig.put("intProp", String.valueOf(intProp));
- mapConfig.put("boolProp", String.valueOf(boolProp));
-
- Conf conf = new Conf();
- conf.addMapConfig(mapConfig);
- Assert.assertEquals(conf.getString("strProp"), strProp);
- Assert.assertEquals(conf.getInt("intProp"), intProp);
- Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
- }
-
- @Test
- public void testPropertiesConfig() {
- String strProp = "hello";
- Integer intProp = 123456;
- Boolean boolProp = true;
- Properties properties = new Properties();
- properties.setProperty("strProp", strProp);
- properties.setProperty("intProp", String.valueOf(intProp));
- properties.setProperty("boolProp", String.valueOf(boolProp));
-
- Conf conf = new Conf();
- conf.addPropertiesConfig(properties);
- Assert.assertEquals(conf.getString("strProp"), strProp);
- Assert.assertEquals(conf.getInt("intProp"), intProp);
- Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
- }
-
- /**
- * Test for whether can get right value form the conf which contains many config resources.
- */
- @Test
- public void testMixedConfig() {
- String mapStrProp = "hello map";
- Integer intProp = 123456;
- Map<String, String> mapConfig = new HashMap<String, String>();
- mapConfig.put("mapStrProp", mapStrProp);
- mapConfig.put("intProp", String.valueOf(intProp));
-
- String propertiesStrProp = "hello properties";
- Boolean boolProp = true;
- Properties properties = new Properties();
- properties.setProperty("propertiesStrProp", propertiesStrProp);
- properties.setProperty("boolProp", String.valueOf(boolProp));
-
- Conf conf = new Conf();
- conf.addMapConfig(mapConfig);
- conf.addPropertiesConfig(properties);
- Assert.assertEquals(conf.getConfig("mapConfig"), null);
- Assert.assertEquals(conf.getString("mapStrProp"), mapStrProp);
- Assert.assertEquals(conf.getString("propertiesStrProp"), propertiesStrProp);
- Assert.assertEquals(conf.getInt("intProp"), intProp);
- Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
- }
-
- static enum TestConfKey implements ConfigKey {
- ADDRESS("127.0.0.1"),
- PORT(8015),
- ENABLE(false);
-
- private Object defaultValue;
-
- private TestConfKey(Object defaultValue) {
- this.defaultValue = defaultValue;
- }
-
- @Override
- public String getPropertyKey() {
- return name().toLowerCase();
- }
-
- @Override
- public Object getDefaultValue() {
- return this.defaultValue;
- }
- }
-
- @Test
- public void testConfKey() {
- Conf conf = new Conf();
- Assert.assertEquals(conf.getString(TestConfKey.ADDRESS),
- TestConfKey.ADDRESS.getDefaultValue());
- Map<String, String> mapConfig = new HashMap<String, String>();
- String myAddress = "www.google.com";
- mapConfig.put(TestConfKey.ADDRESS.getPropertyKey(), myAddress);
- conf.addMapConfig(mapConfig);
- Assert.assertEquals(conf.getString(TestConfKey.ADDRESS), myAddress);
- Assert.assertEquals(conf.getInt(TestConfKey.PORT),
- TestConfKey.PORT.getDefaultValue());
- Assert.assertEquals(conf.getBoolean(TestConfKey.ENABLE),
- TestConfKey.ENABLE.getDefaultValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/test/java/org/apache/haox/config/ConfigImplTest.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/test/java/org/apache/haox/config/ConfigImplTest.java b/contrib/haox-config/src/test/java/org/apache/haox/config/ConfigImplTest.java
deleted file mode 100644
index fd491e2..0000000
--- a/contrib/haox-config/src/test/java/org/apache/haox/config/ConfigImplTest.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-/**
- * The test is on ConfigImpl level.
- * ConfigImpl is the internal implementation of Conf, only visual by developers.
- */
-public class ConfigImplTest {
-
- /**
- * Test for section config support.
- */
- @Test
- public void testSectionConfig() {
- ConfigImpl rootConfig = new ConfigImpl(null);
- rootConfig.set("globalConfig", "true");
-
- ConfigImpl sectionA = new ConfigImpl("libdefaults");
- rootConfig.set("libdefaults", sectionA);
- sectionA.set("default_realm", "EXAMPLE.COM");
- sectionA.set("forwardable", "true");
- sectionA.set("dns_lookup_realm", "false");
-
- ConfigImpl sectionB = new ConfigImpl("logging");
- rootConfig.set("logging", sectionB);
- sectionB.set("kdc", "FILE:/var/log/krb5kdc.log");
-
- Assert.assertEquals(rootConfig.getString("globalConfig"), "true");
- Assert.assertEquals(rootConfig.getString("default_realm"), null);
-
- Config subA = rootConfig.getConfig("libdefaults");
- Assert.assertEquals(subA.getString("default_realm"), "EXAMPLE.COM");
- Assert.assertEquals(subA.getString("globalConfig"), null);
- Assert.assertEquals(subA.getString("kdc"), null);
-
- Config subB = rootConfig.getConfig("logging");
- Assert.assertEquals(subB.getString("kdc"), "FILE:/var/log/krb5kdc.log");
- Assert.assertEquals(subB.getString("globalConfig"), null);
- Assert.assertEquals(subB.getBoolean("forwardable"), null);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/test/java/org/apache/haox/config/IniConfigTest.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/test/java/org/apache/haox/config/IniConfigTest.java b/contrib/haox-config/src/test/java/org/apache/haox/config/IniConfigTest.java
deleted file mode 100644
index bd2f93b..0000000
--- a/contrib/haox-config/src/test/java/org/apache/haox/config/IniConfigTest.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.File;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-public class IniConfigTest {
-
- private final static String TEST_DIR = new File(System.getProperty(
- "test.build.data", "/tmp")).getAbsolutePath();
- private final static File TEST_FILE = new File(TEST_DIR, "test-ini-config");
-
- /**
- * Build a INI format configuration file.
- */
- private void buildFile() throws IOException {
- PrintWriter out = new PrintWriter(new FileWriter(TEST_FILE));
- out.println("#note = notenote");
- out.println("default = FILE:/var/log/krb5libs.log");
- out.println("kdc = FILE:/var/log/krb5kdc.log");
- out.println("admin_server = FILE:/var/log/kadmind.log");
- out.println("[libdefaults]");
- out.println("default_realm = EXAMPLE.COM");
- out.println("dns_lookup_realm = false");
- out.println("dns_lookup_kdc = false");
- out.println("ticket_lifetime = 24h");
- out.println("renew_lifetime = 7d");
- out.println("forwardable = true");
- out.println("[lib1]");
- out.println("default_realm = EXAMPLE.COM1");
- out.println("dns_lookup_realm = true");
- out.close();
- }
-
- @Test
- public void testIniConfig() throws IOException {
- buildFile();
-
- Conf conf = new Conf();
- conf.addIniConfig(TEST_FILE);
-
- Assert.assertEquals(conf.getString("default"), "FILE:/var/log/krb5libs.log");
- Assert.assertEquals(conf.getString("#note"), null);//Comments should be ignored when loading.
-
- Config config = conf.getConfig("libdefaults");
- Assert.assertFalse(config.getBoolean("dns_lookup_realm"));
- Assert.assertTrue(config.getBoolean("forwardable"));
-
- Config config1 = conf.getConfig("lib1");
- Assert.assertTrue(config1.getBoolean("dns_lookup_realm"));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/README
----------------------------------------------------------------------
diff --git a/contrib/haox-event/README b/contrib/haox-event/README
deleted file mode 100644
index cb3b88a..0000000
--- a/contrib/haox-event/README
+++ /dev/null
@@ -1 +0,0 @@
-An event driven application framework with mixed (TCP, UDP) x (connector, acceptor) supported.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-event/pom.xml b/contrib/haox-event/pom.xml
deleted file mode 100644
index 5e3b215..0000000
--- a/contrib/haox-event/pom.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <artifactId>contrib</artifactId>
- <groupId>org.haox</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-event</artifactId>
-
- <name>Haox Event</name>
- <description>Haox Event and Transport facilities for both client and server</description>
-
- <dependencies>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractEventHandler.java
deleted file mode 100644
index 517b585..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractEventHandler.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public abstract class AbstractEventHandler implements EventHandler {
-
- private Dispatcher dispatcher;
-
- public AbstractEventHandler() {
-
- }
-
- protected void dispatch(Event event) {
- dispatcher.dispatch(event);
- }
-
- @Override
- public Dispatcher getDispatcher() {
- return dispatcher;
- }
-
- @Override
- public void setDispatcher(Dispatcher dispatcher) {
- this.dispatcher = dispatcher;
- }
-
- @Override
- public void handle(Event event) {
- try {
- doHandle(event);
- } catch (Exception e) {
- throw new RuntimeException(event.toString(), e);
- }
- }
-
- protected abstract void doHandle(Event event) throws Exception;
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractInternalEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractInternalEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractInternalEventHandler.java
deleted file mode 100644
index f0bc944..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/AbstractInternalEventHandler.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.atomic.AtomicInteger;
-
-public abstract class AbstractInternalEventHandler extends AbstractEventHandler
- implements InternalEventHandler {
-
- private int id = -1;
- protected EventHandler handler;
-
- private static AtomicInteger idGen = new AtomicInteger(1);
-
- public AbstractInternalEventHandler() {
- super();
-
- this.id = idGen.getAndIncrement();
-
- init();
- }
-
- public AbstractInternalEventHandler(EventHandler handler) {
- this();
-
- this.handler = handler;
- }
-
- protected void setEventHandler(EventHandler handler) {
- this.handler = handler;
- }
-
- @Override
- public int id() {
- return id;
- }
-
- public abstract void init();
-
- protected void process(Event event) {
- handler.handle(event);
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return handler.getInterestedEvents();
- }
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/BufferedEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/BufferedEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/BufferedEventHandler.java
deleted file mode 100644
index 6d9da9c..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/BufferedEventHandler.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.ArrayBlockingQueue;
-import java.util.concurrent.BlockingQueue;
-
-/**
- * An EventHandler wrapper buffering events and processing them later
- */
-public abstract class BufferedEventHandler extends AbstractInternalEventHandler {
-
- protected BlockingQueue<Event> eventQueue;
-
- public BufferedEventHandler(EventHandler handler) {
- super(handler);
- }
-
- public BufferedEventHandler() {
- super();
- }
-
- @Override
- public void init() {
- this.eventQueue = new ArrayBlockingQueue<Event>(2);
- }
-
- @Override
- protected void doHandle(Event event) throws Exception {
- try {
- eventQueue.put(event);
- } catch (InterruptedException e) {
- throw new RuntimeException(e);
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/Dispatcher.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/Dispatcher.java b/contrib/haox-event/src/main/java/org/apache/haox/event/Dispatcher.java
deleted file mode 100644
index e3387c5..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/Dispatcher.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public interface Dispatcher {
-
- public void dispatch(Event event);
-
- public void register(EventHandler handler);
-
- public void register(InternalEventHandler internalHandler);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/Event.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/Event.java b/contrib/haox-event/src/main/java/org/apache/haox/event/Event.java
deleted file mode 100644
index 19d405c..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/Event.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public class Event {
-
- private EventType eventType;
- private Object eventData;
-
- public Event(EventType eventType) {
- this.eventType = eventType;
- }
-
- public Event(EventType eventType, Object eventData) {
- this.eventType = eventType;
- this.eventData = eventData;
- }
-
- public EventType getEventType() {
- return eventType;
- }
-
- public Object getEventData() {
- return eventData;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/EventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/EventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/EventHandler.java
deleted file mode 100644
index d84ead9..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/EventHandler.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public interface EventHandler {
-
- public void handle(Event event);
-
- public EventType[] getInterestedEvents();
-
- public Dispatcher getDispatcher();
-
- public void setDispatcher(Dispatcher dispatcher);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/EventHub.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/EventHub.java b/contrib/haox-event/src/main/java/org/apache/haox/event/EventHub.java
deleted file mode 100644
index 6a4d989..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/EventHub.java
+++ /dev/null
@@ -1,192 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
-
-public class EventHub implements Dispatcher {
-
- private enum BuiltInEventType implements EventType {
- STOP,
- ALL
- }
-
- private boolean started = false;
-
- private Map<Integer, InternalEventHandler> handlers =
- new ConcurrentHashMap<Integer, InternalEventHandler>();
-
- private Map<EventType, Set<Integer>> eventHandlersMap =
- new ConcurrentHashMap<EventType, Set<Integer>>();
-
- private InternalEventHandler builtInHandler;
-
- class BuiltInEventHandler extends AbstractEventHandler {
- public BuiltInEventHandler() {
- super();
- }
-
- @Override
- protected void doHandle(Event event) {
-
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return BuiltInEventType.values();
- }
- }
-
- public EventHub() {
- init();
- }
-
- private void init() {
- EventHandler eh = new BuiltInEventHandler();
- builtInHandler = new ExecutedEventHandler(eh);
- register(builtInHandler);
- }
-
- @Override
- public void dispatch(Event event) {
- process(event);
- }
-
- @Override
- public void register(EventHandler handler) {
- handler.setDispatcher(this);
- InternalEventHandler ieh = new ExecutedEventHandler(handler);
- register(ieh);
- }
-
- @Override
- public void register(InternalEventHandler handler) {
- handler.setDispatcher(this);
- handler.init();
- handlers.put(handler.id(), handler);
-
- if (started) {
- handler.start();
- }
-
- EventType[] interestedEvents = handler.getInterestedEvents();
- Set<Integer> tmpHandlers;
- for (EventType eventType : interestedEvents) {
- if (eventHandlersMap.containsKey(eventType)) {
- tmpHandlers = eventHandlersMap.get(eventType);
- } else {
- tmpHandlers = new HashSet<Integer>();
- eventHandlersMap.put(eventType, tmpHandlers);
- }
- tmpHandlers.add(handler.id());
- }
- }
-
- public EventWaiter waitEvent(final EventType event) {
- return waitEvent(new EventType[] { event } );
- }
-
- public EventWaiter waitEvent(final EventType... events) {
- EventHandler handler = new AbstractEventHandler() {
- @Override
- protected void doHandle(Event event) throws Exception {
- // no op;
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return events;
- }
- };
-
- handler.setDispatcher(this);
- final WaitEventHandler waitEventHandler = new WaitEventHandler(handler);
- register(waitEventHandler);
- EventWaiter waiter = new EventWaiter() {
- @Override
- public Event waitEvent(EventType event) {
- return waitEventHandler.waitEvent(event);
- }
-
- @Override
- public Event waitEvent() {
- return waitEventHandler.waitEvent();
- }
-
- @Override
- public Event waitEvent(EventType event, long timeout,
- TimeUnit timeUnit) throws TimeoutException {
- return waitEventHandler.waitEvent(event, timeout, timeUnit);
- }
-
- @Override
- public Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException {
- return waitEventHandler.waitEvent(timeout, timeUnit);
- }
- };
-
- return waiter;
- }
-
- private void process(Event event) {
- EventType eventType = event.getEventType();
- InternalEventHandler handler;
- Set<Integer> handlerIds;
-
- if (eventHandlersMap.containsKey(eventType)) {
- handlerIds = eventHandlersMap.get(eventType);
- for (Integer hid : handlerIds) {
- handler = handlers.get(hid);
- handler.handle(event);
- }
- }
-
- if (eventHandlersMap.containsKey(BuiltInEventType.ALL)) {
- handlerIds = eventHandlersMap.get(BuiltInEventType.ALL);
- for (Integer hid : handlerIds) {
- handler = handlers.get(hid);
- handler.handle(event);
- }
- }
- }
-
- public void start() {
- if (!started) {
- for (InternalEventHandler handler : handlers.values()) {
- handler.start();
- }
- started = true;
- }
- }
-
- public void stop() {
- if (started) {
- for (InternalEventHandler handler : handlers.values()) {
- handler.stop();
- }
- started = false;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/EventType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/EventType.java b/contrib/haox-event/src/main/java/org/apache/haox/event/EventType.java
deleted file mode 100644
index 49b35bc..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/EventType.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public interface EventType {
- // no op
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/EventWaiter.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/EventWaiter.java b/contrib/haox-event/src/main/java/org/apache/haox/event/EventWaiter.java
deleted file mode 100644
index dc8cf22..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/EventWaiter.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
-
-public interface EventWaiter {
-
- public abstract Event waitEvent(EventType event);
-
- public abstract Event waitEvent();
-
- public abstract Event waitEvent(EventType event, long timeout, TimeUnit timeUnit) throws TimeoutException;
-
- public abstract Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/ExecutedEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/ExecutedEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/ExecutedEventHandler.java
deleted file mode 100644
index c707648..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/ExecutedEventHandler.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-
-/**
- * An EventHandler wrapper processing events using an ExecutorService
- */
-public class ExecutedEventHandler extends AbstractInternalEventHandler {
-
- private ExecutorService executorService;
-
- public ExecutedEventHandler(EventHandler handler) {
- super(handler);
- }
-
- @Override
- protected void doHandle(final Event event) throws Exception {
- if (executorService.isTerminated()) {
- return;
- }
-
- executorService.execute(new Runnable() {
- @Override
- public void run() {
- try {
- process(event);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
- });
- }
-
- @Override
- public void start() {
- executorService = Executors.newFixedThreadPool(2);
- }
-
- @Override
- public void stop() {
- if (executorService.isShutdown()) {
- return;
- }
- executorService.shutdownNow();
- }
-
- @Override
- public boolean isStopped() {
- return executorService.isShutdown();
- }
-
- @Override
- public void init() {
-
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/InternalEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/InternalEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/InternalEventHandler.java
deleted file mode 100644
index 799d712..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/InternalEventHandler.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-public interface InternalEventHandler extends EventHandler {
-
- public int id();
-
- public void init();
-
- public void start();
-
- public void stop();
-
- public boolean isStopped();
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/LongRunningEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/LongRunningEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/LongRunningEventHandler.java
deleted file mode 100644
index dc71498..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/LongRunningEventHandler.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-
-public abstract class LongRunningEventHandler extends BufferedEventHandler {
-
- private ExecutorService executorService;
-
- public LongRunningEventHandler(EventHandler handler) {
- super(handler);
- }
-
- public LongRunningEventHandler() {
- super();
- }
-
- protected abstract void loopOnce();
-
- @Override
- public void start() {
- executorService = Executors.newFixedThreadPool(1);
- executorService.execute(new Runnable() {
- @Override
- public void run() {
- while (true) {
-
- processEvents();
-
- loopOnce();
- }
- }
- });
- }
-
- @Override
- public void stop() {
- if (executorService.isShutdown()) {
- return;
- }
- executorService.shutdownNow();
- }
-
- @Override
- public boolean isStopped() {
- return executorService.isShutdown();
- }
-
- protected void processEvents() {
- while (! eventQueue.isEmpty()) {
- try {
- process(eventQueue.take());
- } catch (InterruptedException e) {
- throw new RuntimeException(e);
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/event/WaitEventHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/event/WaitEventHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/event/WaitEventHandler.java
deleted file mode 100644
index c6d287e..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/event/WaitEventHandler.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import java.util.concurrent.*;
-
-public class WaitEventHandler extends BufferedEventHandler {
-
- private ExecutorService executorService;
-
- public WaitEventHandler(EventHandler handler) {
- super(handler);
- }
-
- public Event waitEvent() {
- return waitEvent(null);
- }
-
- public Event waitEvent(final EventType eventType) {
- Future<Event> future = doWaitEvent(eventType);
-
- try {
- return future.get();
- } catch (InterruptedException e) {
- throw new RuntimeException(e);
- } catch (ExecutionException e) {
- throw new RuntimeException(e);
- }
- }
-
- public Event waitEvent(final EventType eventType,
- long timeout, TimeUnit timeUnit) throws TimeoutException {
- Future<Event> future = doWaitEvent(eventType);
-
- try {
- return future.get(timeout, timeUnit);
- } catch (InterruptedException e) {
- throw new RuntimeException(e);
- } catch (ExecutionException e) {
- throw new RuntimeException(e);
- }
- }
-
- public Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException {
- Future<Event> future = doWaitEvent(null);
-
- try {
- return future.get(timeout, timeUnit);
- } catch (InterruptedException e) {
- throw new RuntimeException(e);
- } catch (ExecutionException e) {
- throw new RuntimeException(e);
- }
- }
-
- private Future<Event> doWaitEvent(final EventType eventType) {
- Future<Event> future = executorService.submit(new Callable<Event>() {
- @Override
- public Event call() throws Exception {
- if (eventType != null) {
- return checkEvent(eventType);
- } else {
- return checkEvent();
- }
- }
- });
-
- return future;
- }
-
- private Event checkEvent() throws Exception {
- return eventQueue.take();
- }
-
- private Event checkEvent(EventType eventType) throws Exception {
- Event event = null;
-
- while (true) {
- if (eventQueue.size() == 1) {
- if (eventQueue.peek().getEventType() == eventType) {
- return eventQueue.take();
- }
- } else {
- event = eventQueue.take();
- if (event.getEventType() == eventType) {
- return event;
- } else {
- eventQueue.put(event); // put back since not wanted
- }
- }
- }
- }
-
- @Override
- public void start() {
- executorService = Executors.newFixedThreadPool(2);
- }
-
- @Override
- public void stop() {
- if (executorService.isShutdown()) {
- return;
- }
- executorService.shutdown();
- }
-
- @Override
- public boolean isStopped() {
- return executorService.isShutdown();
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/Acceptor.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/Acceptor.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/Acceptor.java
deleted file mode 100644
index 540fe30..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/Acceptor.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import java.net.InetSocketAddress;
-
-public abstract class Acceptor extends TransportSelector {
-
- public Acceptor(TransportHandler transportHandler) {
- super(transportHandler);
- }
-
- public void listen(String address, short listenPort) {
- InetSocketAddress socketAddress = new InetSocketAddress(address, listenPort);
- doListen(socketAddress);
- }
-
- protected abstract void doListen(InetSocketAddress socketAddress);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/Connector.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/Connector.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/Connector.java
deleted file mode 100644
index a021689..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/Connector.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import java.net.InetSocketAddress;
-
-public abstract class Connector extends TransportSelector {
-
- public Connector(TransportHandler transportHandler) {
- super(transportHandler);
- }
-
- public void connect(String serverAddress, short serverPort) {
- InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
- doConnect(sa);
- }
-
- protected abstract void doConnect(InetSocketAddress sa);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/MessageHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/MessageHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/MessageHandler.java
deleted file mode 100644
index 1d3bb41..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/MessageHandler.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEventType;
-
-public abstract class MessageHandler extends AbstractEventHandler {
-
- @Override
- protected void doHandle(Event event) throws Exception {
- handleMessage((MessageEvent) event);
- }
-
- protected abstract void handleMessage(MessageEvent event) throws Exception;
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] { TransportEventType.INBOUND_MESSAGE };
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/Network.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/Network.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/Network.java
deleted file mode 100644
index a61925e..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/Network.java
+++ /dev/null
@@ -1,297 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.event.LongRunningEventHandler;
-import org.apache.haox.transport.event.AddressEvent;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.tcp.*;
-import org.apache.haox.transport.udp.UdpAddressEvent;
-import org.apache.haox.transport.udp.UdpEventType;
-import org.apache.haox.transport.udp.UdpTransport;
-import org.apache.haox.transport.udp.UdpTransportHandler;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.nio.channels.*;
-import java.util.Iterator;
-import java.util.Set;
-
-/**
- * A combined and mixed network facility handling UDP and TCP in both connect and accept sides
- */
-public class Network extends LongRunningEventHandler {
-
- private Selector selector;
- private StreamingDecoder streamingDecoder;
- private UdpTransportHandler udpTransportHandler;
- private TcpTransportHandler tcpTransportHandler;
-
- class MyEventHandler extends AbstractEventHandler {
- @Override
- protected void doHandle(Event event) throws Exception {
- if (event.getEventType() == UdpEventType.ADDRESS_CONNECT) {
- doUdpConnect((AddressEvent) event);
- } else if (event.getEventType() == UdpEventType.ADDRESS_BIND) {
- doUdpBind((AddressEvent) event);
- } else if (event.getEventType() == TcpEventType.ADDRESS_CONNECT) {
- doTcpConnect((AddressEvent) event);
- } else if (event.getEventType() == TcpEventType.ADDRESS_BIND) {
- doTcpBind((AddressEvent) event);
- }
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[]{
- UdpEventType.ADDRESS_CONNECT,
- UdpEventType.ADDRESS_BIND,
- TcpEventType.ADDRESS_CONNECT,
- TcpEventType.ADDRESS_BIND
- };
- }
- }
-
- public Network() {
- setEventHandler(new MyEventHandler());
- }
-
- @Override
- public void init() {
- super.init();
-
- try {
- selector = Selector.open();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * TCP transport only, for decoding tcp streaming into messages
- * @param streamingDecoder
- */
- public void setStreamingDecoder(StreamingDecoder streamingDecoder) {
- this.streamingDecoder = streamingDecoder;
- }
-
- /**
- * TCP only. Connect on the given server address. Can be called multiple times
- * for multiple servers
- * @param serverAddress
- * @param serverPort
- */
- public void tcpConnect(String serverAddress, short serverPort) {
- InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
- checkTcpTransportHandler();
- doTcpConnect(sa);
- }
-
- /**
- * UDP only. Connect on the given server address. Can be called multiple times
- * for multiple servers
- * @param serverAddress
- * @param serverPort
- */
- public void udpConnect(String serverAddress, short serverPort) {
- InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
- checkUdpTransportHandler();
- doUdpConnect(sa);
- }
-
- /**
- * TCP only. Listen and accept connections on the address. Can be called multiple
- * times for multiple server addresses.
- * @param serverAddress
- * @param serverPort
- */
- public void tcpListen(String serverAddress, short serverPort) {
- InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
- checkTcpTransportHandler();
- doTcpListen(sa);
- }
-
- /**
- * UDP only. Listen and accept connections on the address. Can be called multiple
- * times for multiple server addresses.
- * @param serverAddress
- * @param serverPort
- */
- public void udpListen(String serverAddress, short serverPort) {
- InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
- checkUdpTransportHandler();
- doUdpListen(sa);
- }
-
- @Override
- protected void loopOnce() {
- try {
- selectOnce();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- protected void selectOnce() throws IOException {
- if (selector.isOpen() && selector.select(2) > 0 && selector.isOpen()) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- dealKey(selectionKey);
- iterator.remove();
- }
- selectionKeys.clear();
- }
- }
-
- private void checkTcpTransportHandler() {
- if (tcpTransportHandler == null) {
- if (streamingDecoder == null) {
- throw new IllegalArgumentException("No streaming decoder set yet");
- }
- tcpTransportHandler = new TcpTransportHandler(streamingDecoder);
- getDispatcher().register(tcpTransportHandler);
- }
- }
-
- private void checkUdpTransportHandler() {
- if (udpTransportHandler == null) {
- udpTransportHandler = new UdpTransportHandler();
- getDispatcher().register(udpTransportHandler);
- }
- }
-
- private void dealKey(SelectionKey selectionKey) throws IOException {
- if (selectionKey.isConnectable()) {
- doTcpConnect(selectionKey);
- } else if (selectionKey.isAcceptable()) {
- doTcpAccept(selectionKey);
- } else {
- helpHandleSelectionKey(selectionKey);
- }
- }
-
- private void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
- SelectableChannel channel = selectionKey.channel();
- if (channel instanceof DatagramChannel) {
- udpTransportHandler.helpHandleSelectionKey(selectionKey);
- } else {
- tcpTransportHandler.helpHandleSelectionKey(selectionKey);
- }
- }
-
- private void doUdpConnect(InetSocketAddress sa) {
- AddressEvent event = UdpAddressEvent.createAddressConnectEvent(sa);
- dispatch(event);
- }
-
- private void doUdpConnect(AddressEvent event) throws IOException {
- InetSocketAddress address = event.getAddress();
- DatagramChannel channel = DatagramChannel.open();
- channel.configureBlocking(false);
- channel.connect(address);
-
- channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE);
-
- UdpTransport transport = new UdpTransport(channel, address);
- onNewTransport(transport);
- }
-
- protected void doUdpListen(InetSocketAddress socketAddress) {
- AddressEvent event = UdpAddressEvent.createAddressBindEvent(socketAddress);
- dispatch(event);
- }
-
- private void doUdpBind(AddressEvent event) throws IOException {
- DatagramChannel serverChannel = DatagramChannel.open();
- serverChannel.configureBlocking(false);
- serverChannel.bind(event.getAddress());
- serverChannel.register(selector, SelectionKey.OP_READ);
- }
-
- protected void doTcpConnect(InetSocketAddress sa) {
- AddressEvent event = TcpAddressEvent.createAddressConnectEvent(sa);
- dispatch(event);
- }
-
- private void doTcpConnect(AddressEvent event) throws IOException {
- SocketChannel channel = SocketChannel.open();
- channel.configureBlocking(false);
- channel.connect(event.getAddress());
- channel.register(selector,
- SelectionKey.OP_CONNECT | SelectionKey.OP_READ | SelectionKey.OP_WRITE);
- }
-
- private void doTcpConnect(SelectionKey key) throws IOException {
- SocketChannel channel = (SocketChannel) key.channel();
- if (channel.isConnectionPending()) {
- channel.finishConnect();
- }
-
- Transport transport = new TcpTransport(channel, tcpTransportHandler.getStreamingDecoder());
- channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
- onNewTransport(transport);
- }
-
- protected void doTcpListen(InetSocketAddress socketAddress) {
- AddressEvent event = TcpAddressEvent.createAddressBindEvent(socketAddress);
- dispatch(event);
- }
-
- protected void doTcpAccept(SelectionKey key) throws IOException {
- ServerSocketChannel server = (ServerSocketChannel) key.channel();
- SocketChannel channel;
-
- try {
- while ((channel = server.accept()) != null) {
- channel.configureBlocking(false);
- channel.socket().setTcpNoDelay(true);
- channel.socket().setKeepAlive(true);
-
- Transport transport = new TcpTransport(channel,
- tcpTransportHandler.getStreamingDecoder());
-
- channel.register(selector,
- SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
- onNewTransport(transport);
- }
- } catch (ClosedByInterruptException e) {
- // No op as normal
- }
- }
-
- protected void doTcpBind(AddressEvent event) throws IOException {
- ServerSocketChannel serverSocketChannel = ServerSocketChannel.open();
- serverSocketChannel.configureBlocking(false);
- ServerSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(event.getAddress());
- serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT, serverSocketChannel);
- }
-
- private void onNewTransport(Transport transport) {
- transport.setDispatcher(getDispatcher());
- dispatch(TransportEvent.createNewTransportEvent(transport));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/Transport.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/Transport.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/Transport.java
deleted file mode 100644
index d4239f7..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/Transport.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import org.apache.haox.event.Dispatcher;
-import org.apache.haox.transport.buffer.TransBuffer;
-import org.apache.haox.transport.event.TransportEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-
-public abstract class Transport {
- private InetSocketAddress remoteAddress;
- protected Dispatcher dispatcher;
- private Object attachment;
-
- protected TransBuffer sendBuffer;
-
- private int readableCount = 0;
- private int writableCount = 0;
-
- public Transport(InetSocketAddress remoteAddress) {
- this.remoteAddress = remoteAddress;
- this.sendBuffer = new TransBuffer();
- }
-
- public void setDispatcher(Dispatcher dispatcher) {
- this.dispatcher = dispatcher;
- }
-
- public InetSocketAddress getRemoteAddress() {
- return remoteAddress;
- }
-
- public void sendMessage(ByteBuffer message) {
- if (message != null) {
- sendBuffer.write(message);
- dispatcher.dispatch(TransportEvent.createWritableTransportEvent(this));
- }
- }
-
- public void onWriteable() throws IOException {
- this.writableCount ++;
-
- if (! sendBuffer.isEmpty()) {
- ByteBuffer message = sendBuffer.read();
- if (message != null) {
- sendOutMessage(message);
- }
- }
- }
-
- public void onReadable() throws IOException {
- this.readableCount++;
- }
-
- protected abstract void sendOutMessage(ByteBuffer message) throws IOException;
-
- public void setAttachment(Object attachment) {
- this.attachment = attachment;
- }
-
- public Object getAttachment() {
- return attachment;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportHandler.java
deleted file mode 100644
index fd5a7f2..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportHandler.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import org.apache.haox.event.AbstractEventHandler;
-
-import java.io.IOException;
-import java.nio.channels.SelectionKey;
-
-/**
- * Handling readable and writable events
- */
-public abstract class TransportHandler extends AbstractEventHandler {
-
- public abstract void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportSelector.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportSelector.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportSelector.java
deleted file mode 100644
index 33424a4..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/TransportSelector.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport;
-
-import org.apache.haox.event.Dispatcher;
-import org.apache.haox.event.LongRunningEventHandler;
-import org.apache.haox.transport.event.TransportEvent;
-
-import java.io.IOException;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.Selector;
-import java.util.Iterator;
-import java.util.Set;
-
-public abstract class TransportSelector extends LongRunningEventHandler {
-
- protected Selector selector;
- protected TransportHandler transportHandler;
-
- public TransportSelector(TransportHandler transportHandler) {
- super();
- this.transportHandler = transportHandler;
- }
-
- @Override
- public void setDispatcher(Dispatcher dispatcher) {
- super.setDispatcher(dispatcher);
- dispatcher.register(transportHandler);
- }
-
- @Override
- public void init() {
- super.init();
-
- try {
- selector = Selector.open();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- @Override
- protected void loopOnce() {
- try {
- selectOnce();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- protected void selectOnce() throws IOException {
- if (selector.isOpen() && selector.select(10) > 0 && selector.isOpen()) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- dealKey(selectionKey);
- iterator.remove();
- }
- selectionKeys.clear();
- }
- }
-
- protected void dealKey(SelectionKey selectionKey) throws IOException {
- transportHandler.helpHandleSelectionKey(selectionKey);
- }
-
- protected void onNewTransport(Transport transport) {
- transport.setDispatcher(getDispatcher());
- dispatch(TransportEvent.createNewTransportEvent(transport));
- }
-
- @Override
- public void stop() {
- super.stop();
-
- try {
- selector.close();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferPool.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferPool.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferPool.java
deleted file mode 100644
index 213ec1f..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferPool.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.buffer;
-
-import java.nio.ByteBuffer;
-
-public class BufferPool {
-
- public static ByteBuffer allocate(int len) {
- return ByteBuffer.allocate(len);
- }
-
- public static void release(ByteBuffer buffer) {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferUtil.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferUtil.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferUtil.java
deleted file mode 100644
index 292349a..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/BufferUtil.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.buffer;
-
-import java.nio.BufferOverflowException;
-import java.nio.ByteBuffer;
-
-public class BufferUtil {
-
- /**
- * Read len bytes from src buffer
- */
- public static ByteBuffer read(ByteBuffer src, int len) {
- if (len > src.remaining())
- throw new BufferOverflowException();
-
- ByteBuffer result = ByteBuffer.allocate(len);
- int n = src.remaining();
- for (int i = 0; i < n; i++) {
- result.put(src.get());
- }
-
- return result;
- }
-}
[38/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbClient.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbClient.java
deleted file mode 100644
index 8e99204..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbClient.java
+++ /dev/null
@@ -1,321 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.event.EventWaiter;
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.client.event.KrbClientEvent;
-import org.apache.kerberos.kerb.client.event.KrbClientEventType;
-import org.apache.kerberos.kerb.client.request.*;
-import org.apache.kerberos.kerb.common.KrbErrorUtil;
-import org.apache.kerberos.kerb.common.KrbStreamingDecoder;
-import org.apache.kerberos.kerb.KrbErrorException;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.KrbError;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.ticket.ServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-import org.haox.token.KerbToken;
-import org.apache.haox.transport.Connector;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.apache.haox.transport.tcp.TcpConnector;
-
-import java.io.IOException;
-import java.security.PrivateKey;
-import java.security.cert.Certificate;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
-
-/**
- * A krb client API for applications to interact with KDC
- */
-public class KrbClient {
-
- private EventHub eventHub;
- private EventWaiter eventWaiter;
- private Transport transport;
-
- private KrbHandler krbHandler;
- private KrbContext context;
- private KrbConfig config;
-
- /**
- *
- * @param kdcHost
- * @param kdcPort
- */
- public KrbClient(String kdcHost, short kdcPort) {
- this(new KrbConfig());
-
- setKdcHost(kdcHost);
- setKdcPort(kdcPort);
- }
-
- public KrbClient(KrbConfig config) {
- this.config = config;
- this.context = new KrbContext();
- context.init(config);
- }
-
- /**
- * Set KDC realm for ticket request
- * @param realm
- */
- public void setKdcRealm(String realm) {
- context.setKdcRealm(realm);
- }
-
- /**
- *
- * @param kdcHost
- */
- public void setKdcHost(String kdcHost) {
- context.setKdcHost(kdcHost);
- }
-
- /**
- *
- * @param kdcPort
- */
- public void setKdcPort(short kdcPort) {
- context.setKdcPort(kdcPort);
- }
-
- /**
- * Set time out for connection
- * @param timeout in seconds
- */
- public void setTimeout(long timeout) {
- context.setTimeout(timeout);
- }
-
- public void init() {
- this.krbHandler = new KrbHandler();
- krbHandler.init(context);
-
- this.eventHub = new EventHub();
- eventHub.register(krbHandler);
-
- Connector connector = new TcpConnector(new KrbStreamingDecoder());
- eventHub.register(connector);
-
- eventWaiter = eventHub.waitEvent(
- TransportEventType.NEW_TRANSPORT,
- KrbClientEventType.TGT_RESULT,
- KrbClientEventType.TKT_RESULT
- );
-
- eventHub.start();
-
- connector.connect(context.getKdcHost(), context.getKdcPort());
- Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
- transport = ((TransportEvent) event).getTransport();
- }
-
- /**
- * Attempt to request a TGT and you'll be prompted to input a credential.
- * Whatever credential requested to provide depends on KDC admin configuration.
- * @param options
- * @return
- * @throws KrbException
- */
- public TgtTicket requestTgtTicket(String principal, KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- AsRequest asRequest = new AsRequest(context);
- asRequest.setKrbOptions(options);
- return requestTgtTicket(principal, asRequest);
- }
-
- /**
- * Request a TGT with user plain credential
- * @param principal
- * @param password
- * @param options
- * @return
- * @throws KrbException
- */
- public TgtTicket requestTgtTicket(String principal, String password,
- KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- AsRequest asRequest = new AsRequestWithPasswd(context);
- options.add(KrbOption.USER_PASSWD, password);
- asRequest.setKrbOptions(options);
- return requestTgtTicket(principal, asRequest);
- }
-
- /**
- * Request a TGT with user x509 certificate credential
- * @param principal
- * @param certificate
- * @param privateKey
- * @param options
- * @return
- * @throws KrbException
- */
- public TgtTicket requestTgtTicket(String principal, Certificate certificate,
- PrivateKey privateKey, KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- AsRequestWithCert asRequest = new AsRequestWithCert(context);
- options.add(KrbOption.PKINIT_X509_CERTIFICATE, certificate);
- options.add(KrbOption.PKINIT_X509_PRIVATE_KEY, privateKey);
- asRequest.setKrbOptions(options);
- return requestTgtTicket(principal, asRequest);
- }
-
- /**
- * Request a TGT with using Anonymous PKINIT
- * @param options
- * @return
- * @throws KrbException
- */
- public TgtTicket requestTgtTicket(KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- AsRequestWithCert asRequest = new AsRequestWithCert(context);
- options.add(KrbOption.PKINIT_X509_ANONYMOUS);
- asRequest.setKrbOptions(options);
-
- String principal = AsRequestWithCert.ANONYMOUS_PRINCIPAL;
- return requestTgtTicket(principal, asRequest);
- }
-
- /**
- * Request a TGT with user token credential
- * @param principal
- * @param token
- * @param options
- * @return
- * @throws KrbException
- */
- public TgtTicket requestTgtTicket(String principal, KerbToken token,
- KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- AsRequestWithToken asRequest = new AsRequestWithToken(context);
- options.add(KrbOption.TOKEN_USER_ID_TOKEN, token);
- asRequest.setKrbOptions(options);
- return requestTgtTicket(principal, asRequest);
- }
-
- /**
- * Request a service ticket targeting for a server with user plain credentials
- * @param clientPrincipal
- * @param password
- * @param serverPrincipal
- * @param options
- * @return
- * @throws KrbException
- */
- public ServiceTicket requestServiceTicket(String clientPrincipal, String password,
- String serverPrincipal, KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- TgtTicket tgt = requestTgtTicket(clientPrincipal, password, options);
- return requestServiceTicket(tgt, serverPrincipal, options);
- }
-
- /**
- * Request a service ticket targeting for a server with an user Access Token
- * @param clientPrincipal
- * @param token
- * @param serverPrincipal
- * @param options
- * @return
- * @throws KrbException
- */
- public ServiceTicket requestServiceTicket(String clientPrincipal, KerbToken token,
- String serverPrincipal, KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- TgtTicket tgt = requestTgtTicket(clientPrincipal, token, options);
- return requestServiceTicket(tgt, serverPrincipal, options);
- }
-
- private TgtTicket requestTgtTicket(String clientPrincipal, AsRequest tgtTktReq) throws KrbException {
- tgtTktReq.setClientPrincipal(new PrincipalName(clientPrincipal));
- tgtTktReq.setTransport(transport);
-
- try {
- return doRequestTgtTicket(tgtTktReq);
- } catch(KrbErrorException e) {
- KrbError krbError = e.getKrbError();
- if (krbError.getErrorCode() == KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED) {
- try {
- tgtTktReq.setEncryptionTypes(KrbErrorUtil.getEtypes(krbError));
- } catch (IOException ioe) {
- throw new KrbException("Failed to decode and get etypes from krbError", ioe);
- }
- tgtTktReq.getPreauthContext().setPreauthRequired(true);
- return requestTgtTicket(clientPrincipal, tgtTktReq);
- }
- throw e;
- }
- }
-
- private TgtTicket doRequestTgtTicket(AsRequest tgtTktReq) throws KrbException {
- eventHub.dispatch(KrbClientEvent.createTgtIntentEvent(tgtTktReq));
- Event resultEvent = null;
- try {
- resultEvent = eventWaiter.waitEvent(KrbClientEventType.TGT_RESULT,
- context.getTimeout(), TimeUnit.SECONDS);
- } catch (TimeoutException e) {
- throw new KrbException("Network timeout", e);
- }
- AsRequest asResponse = (AsRequest) resultEvent.getEventData();
-
- return asResponse.getTicket();
- }
-
- /**
- * Request a service ticket with a TGT targeting for a server
- * @param tgt
- * @param serverPrincipal
- * @return
- * @throws KrbException
- */
- public ServiceTicket requestServiceTicket(TgtTicket tgt, String serverPrincipal,
- KrbOptions options) throws KrbException {
- if (options == null) options = new KrbOptions();
-
- TgsRequest ticketReq = new TgsRequest(context, tgt);
- ticketReq.setServerPrincipal(new PrincipalName(serverPrincipal));
- ticketReq.setTransport(transport);
-
- eventHub.dispatch(KrbClientEvent.createTktIntentEvent(ticketReq));
- Event resultEvent = null;
- try {
- resultEvent = eventWaiter.waitEvent(KrbClientEventType.TKT_RESULT,
- context.getTimeout(), TimeUnit.SECONDS);
- } catch (TimeoutException e) {
- throw new KrbException("Network timeout", e);
- }
- TgsRequest tgsResponse = (TgsRequest) resultEvent.getEventData();
-
- return tgsResponse.getServiceTicket();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfig.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfig.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfig.java
deleted file mode 100644
index e9008c4..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfig.java
+++ /dev/null
@@ -1,161 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.haox.config.Conf;
-import org.apache.kerberos.kerb.common.KrbConfHelper;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-import java.util.List;
-
-public class KrbConfig {
- protected Conf conf;
-
- public KrbConfig() {
- this.conf = new Conf();
- }
-
- public Conf getConf() {
- return this.conf;
- }
-
- public boolean enableDebug() {
- return conf.getBoolean(KrbConfigKey.KRB_DEBUG);
- }
-
- public String getKdcHost() {
- return conf.getString(KrbConfigKey.KDC_HOST);
- }
-
- public short getKdcPort() {
- Integer kdcPort = conf.getInt(KrbConfigKey.KDC_PORT);
- return kdcPort.shortValue();
- }
-
- public String getKdcRealm() {
- return conf.getString(KrbConfigKey.KDC_REALM);
- }
-
- public String getKdcDomain() {
- return conf.getString(KrbConfigKey.KDC_DOMAIN);
- }
-
- public boolean isPreauthRequired() {
- return conf.getBoolean(KrbConfigKey.PREAUTH_REQUIRED);
- }
-
- public String getTgsPrincipal() {
- return conf.getString(KrbConfigKey.TGS_PRINCIPAL);
- }
-
- public long getAllowableClockSkew() {
- return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.CLOCKSKEW);
- }
-
- public boolean isEmptyAddressesAllowed() {
- return conf.getBoolean(KrbConfigKey.EMPTY_ADDRESSES_ALLOWED);
- }
-
- public boolean isForwardableAllowed() {
- return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.FORWARDABLE);
- }
-
- public boolean isPostdatedAllowed() {
- return conf.getBoolean(KrbConfigKey.POSTDATED_ALLOWED);
- }
-
- public boolean isProxiableAllowed() {
- return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.PROXIABLE);
- }
-
- public boolean isRenewableAllowed() {
- return conf.getBoolean(KrbConfigKey.RENEWABLE_ALLOWED);
- }
-
- public long getMaximumRenewableLifetime() {
- return conf.getLong(KrbConfigKey.MAXIMUM_RENEWABLE_LIFETIME);
- }
-
- public long getMaximumTicketLifetime() {
- return conf.getLong(KrbConfigKey.MAXIMUM_TICKET_LIFETIME);
- }
-
- public long getMinimumTicketLifetime() {
- return conf.getLong(KrbConfigKey.MINIMUM_TICKET_LIFETIME);
- }
-
- public List<EncryptionType> getEncryptionTypes() {
- return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.PERMITTED_ENCTYPES);
- }
-
- public boolean isPaEncTimestampRequired() {
- return conf.getBoolean(KrbConfigKey.PA_ENC_TIMESTAMP_REQUIRED);
- }
-
- public boolean isBodyChecksumVerified() {
- return conf.getBoolean(KrbConfigKey.VERIFY_BODY_CHECKSUM);
- }
-
- public String getDefaultRealm() {
- return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.DEFAULT_REALM);
- }
-
- public boolean getDnsLookUpKdc() {
- return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.DNS_LOOKUP_KDC);
- }
-
- public boolean getDnsLookUpRealm() {
- return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.DNS_LOOKUP_REALM);
- }
-
- public boolean getAllowWeakCrypto() {
- return KrbConfHelper.getBooleanUnderSection(conf, KrbConfigKey.ALLOW_WEAK_CRYPTO);
- }
-
- public long getTicketLifetime() {
- return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.TICKET_LIFETIME);
- }
-
- public long getRenewLifetime() {
- return KrbConfHelper.getLongUnderSection(conf, KrbConfigKey.RENEW_LIFETIME);
- }
-
- public List<EncryptionType> getDefaultTgsEnctypes() {
- return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.DEFAULT_TGS_ENCTYPES);
- }
-
- public List<EncryptionType> getDefaultTktEnctypes() {
- return KrbConfHelper.getEncTypesUnderSection(conf, KrbConfigKey.DEFAULT_TKT_ENCTYPES);
- }
-
- public String getDefaultLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.DEFAULT);
- }
-
- public String getKdcLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.KDC);
- }
-
- public String getAdminLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KrbConfigKey.ADMIN_SERVER);
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
deleted file mode 100644
index d56a741..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.haox.config.ConfigKey;
-import org.apache.kerberos.kerb.common.SectionConfigKey;
-
-public enum KrbConfigKey implements SectionConfigKey {
- KRB_DEBUG(true),
- KDC_HOST("localhost"),
- KDC_PORT(8015),
- KDC_DOMAIN("example.com"),
- KDC_REALM("EXAMPLE.COM"),
- TGS_PRINCIPAL("krbtgt@EXAMPLE.COM"),
- PREAUTH_REQUIRED(true),
- CLOCKSKEW(5 * 60L, "libdefaults"),
- EMPTY_ADDRESSES_ALLOWED(true),
- PA_ENC_TIMESTAMP_REQUIRED(true),
- MAXIMUM_TICKET_LIFETIME(24 * 3600L),
- MINIMUM_TICKET_LIFETIME(1 * 3600L),
- MAXIMUM_RENEWABLE_LIFETIME(48 * 3600L),
- FORWARDABLE(true, "libdefaults"),
- POSTDATED_ALLOWED(true),
- PROXIABLE(true, "libdefaults"),
- RENEWABLE_ALLOWED(true),
- VERIFY_BODY_CHECKSUM(true),
- PERMITTED_ENCTYPES("aes128-cts-hmac-sha1-96", "libdefaults"),
- DEFAULT_REALM("EXAMPLE.COM", "libdefaults"),
- DNS_LOOKUP_KDC(false, "libdefaults"),
- DNS_LOOKUP_REALM(false, "libdefaults"),
- ALLOW_WEAK_CRYPTO(true, "libdefaults"),
- TICKET_LIFETIME(24 * 3600L, "libdefaults"),
- RENEW_LIFETIME(48 * 3600L, "libdefaults"),
- DEFAULT_TGS_ENCTYPES("aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 " +
- "des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac " +
- "camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4",
- "libdefaults"),
- DEFAULT_TKT_ENCTYPES("aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 " +
- "des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac " +
- "camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4",
- "libdefaults"),
-
- //key for logging location
- DEFAULT(null, "logging"),
- KDC(null, "logging"),
- ADMIN_SERVER(null, "logging");
-
- private Object defaultValue;
- /**
- * The name of a section where a config key is contained in MIT Kerberos config file.
- */
- private String sectionName;
-
- private KrbConfigKey() {
- this.defaultValue = null;
- }
-
- private KrbConfigKey(Object defaultValue) {
- this.defaultValue = defaultValue;
- }
-
- private KrbConfigKey(Object defaultValue, String sectionName) {
- this(defaultValue);
- this.sectionName = sectionName;
- }
-
- /**
- * Use the propertyKey, we can get the configuration value from Object Conf.
- */
- @Override
- public String getPropertyKey() {
- return name().toLowerCase();
- }
-
- @Override
- public Object getDefaultValue() {
- return this.defaultValue;
- }
-
- @Override
- public String getSectionName() {
- return sectionName;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbContext.java
deleted file mode 100644
index 16cb088..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbContext.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.kerberos.kerb.client.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.crypto.Nonce;
-
-public class KrbContext {
-
- private String kdcRealm;
- private KrbConfig config;
- private String kdcHost;
- private short kdcPort;
- private long timeout = 10L;
- private PreauthHandler preauthHandler;
-
- public void init(KrbConfig config) {
- this.config = config;
- preauthHandler = new PreauthHandler();
- preauthHandler.init(this);
- }
-
- public String getKdcHost() {
- if (kdcHost != null) {
- return kdcHost;
- }
- return config.getKdcHost();
- }
-
- public void setKdcHost(String kdcHost) {
- this.kdcHost = kdcHost;
- }
-
- public short getKdcPort() {
- if (kdcPort > 0) {
- return kdcPort;
- }
- return config.getKdcPort();
- }
-
- public void setKdcPort(short kdcPort) {
- this.kdcPort = kdcPort;
- }
-
- public void setTimeout(long timeout) {
- this.timeout = timeout;
- }
-
- public long getTimeout() {
- return this.timeout;
- }
-
- public KrbConfig getConfig() {
- return config;
- }
-
- public void setKdcRealm(String realm) {
- this.kdcRealm = realm;
- }
-
- public String getKdcRealm() {
- if (kdcRealm != null) {
- return kdcRealm;
- }
-
- return config.getKdcRealm();
- }
-
- public int generateNonce() {
- return Nonce.value();
- }
-
- public long getTicketValidTime() {
- return 8 * 60 * 60 * 1000;
- }
-
- public PreauthHandler getPreauthHandler() {
- return preauthHandler;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbHandler.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbHandler.java
deleted file mode 100644
index 961134f..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbHandler.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.kerberos.kerb.client.event.KrbClientEvent;
-import org.apache.kerberos.kerb.client.event.KrbClientEventType;
-import org.apache.kerberos.kerb.client.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.client.request.AsRequest;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.client.request.TgsRequest;
-import org.apache.kerberos.kerb.common.KrbUtil;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.kdc.KdcRep;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEventType;
-
-import java.nio.ByteBuffer;
-
-public class KrbHandler extends AbstractEventHandler {
-
- private KrbContext context;
- private PreauthHandler preauthHandler;
-
- public void init(KrbContext context) {
- this.context = context;
- preauthHandler = new PreauthHandler();
- preauthHandler.init(context);
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- TransportEventType.INBOUND_MESSAGE,
- KrbClientEventType.TGT_INTENT,
- KrbClientEventType.TKT_INTENT
- };
- }
-
- @Override
- protected void doHandle(Event event) throws Exception {
- EventType eventType = event.getEventType();
-
- if (eventType == KrbClientEventType.TGT_INTENT ||
- eventType == KrbClientEventType.TKT_INTENT) {
- KdcRequest kdcRequest = (KdcRequest) event.getEventData();
- handleKdcRequest(kdcRequest);
- } else if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- handleMessage((MessageEvent) event);
- }
- }
-
- protected void handleKdcRequest(KdcRequest kdcRequest) throws KrbException {
- kdcRequest.process();
- KdcReq kdcReq = kdcRequest.getKdcReq();
- Transport transport = kdcRequest.getTransport();
- transport.setAttachment(kdcRequest);
- KrbUtil.sendMessage(kdcReq, transport);
- }
-
- protected void handleMessage(MessageEvent event) throws Exception {
- ByteBuffer message = event.getMessage();
- KrbMessage kdcRep = KrbUtil.decodeMessage(message);
-
- KrbMessageType messageType = kdcRep.getMsgType();
- if (messageType == KrbMessageType.AS_REP) {
- KdcRequest kdcRequest = (KdcRequest) event.getTransport().getAttachment();
- kdcRequest.processResponse((KdcRep) kdcRep);
- dispatch(KrbClientEvent.createTgtResultEvent((AsRequest) kdcRequest));
- } else if (messageType == KrbMessageType.TGS_REP) {
- KdcRequest kdcRequest = (KdcRequest) event.getTransport().getAttachment();
- kdcRequest.processResponse((KdcRep) kdcRep);
- dispatch(KrbClientEvent.createTktResultEvent((TgsRequest) kdcRequest));
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOption.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOption.java
deleted file mode 100644
index d2aa79a..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOption.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-public enum KrbOption {
- LIFE_TIME("-l lifetime"),
- START_TIME("-s start time"),
- RENEWABLE_TIME("-r renewable lifetime"),
- FORWARDABLE("-f forwardable"),
- NOT_FORWARDABLE("-F not forwardable"),
- PROXIABLE("-p proxiable"),
- NOT_PROXIABLE("-P not proxiable"),
- ANONYMOUS("-n anonymous"),
- INCLUDE_ADDRESSES("-a include addresses"),
- NOT_INCLUDE_ADDRESSES("-A do not include addresses"),
- VALIDATE("-v validate"),
- RENEW("-R renew"),
- CANONICALIZE("-C canonicalize"),
- AS_ENTERPRISE_PN("-E client is enterprise principal name"),
- USE_KEYTAB("-k use keytab"),
- USE_DFT_KEYTAB("-i use default client keytab (with -k)"),
- USER_KEYTAB_FILE("-t filename of keytab to use"),
- KRB5_CACHE("-c Kerberos 5 cache name"),
- SERVICE("-S service"),
- ARMOR_CACHE("-T armor credential cache"),
- XATTR("-X <attribute>[=<value>]"),
-
- USER_PASSWD("user_passwd", "User plain password"),
-
- PKINIT_X509_IDENTITY("x509_identities", "X509 user private key and cert"),
- PKINIT_X509_PRIVATE_KEY("x509_privatekey", "X509 user private key"),
- PKINIT_X509_CERTIFICATE("x509_cert", "X509 user certificate"),
- PKINIT_X509_ANCHORS("x509_anchors", "X509 anchors"),
- PKINIT_X509_ANONYMOUS("x509_anonymous", "X509 anonymous"),
- PKINIT_USING_RSA("using_rsa_or_dh", "Using RSA or DH"),
-
- TOKEN_USING_IDTOKEN("using_id_token", "Using identity token"),
- TOKEN_USER_ID_TOKEN("user_id_token", "User identity token"),
- TOKEN_USER_AC_TOKEN("user_ac_token", "User access token"),
-
- ;
-
- private String name;
- private String description;
- private Object value;
-
- KrbOption(String description) {
- this.description = description;
- }
-
- KrbOption(String name, String description) {
- this.name = name;
- this.description = description;
- }
-
- public String getName() {
- if (name != null) {
- return name;
- }
- return name();
- }
-
- public String getDescription() {
- return this.description;
- }
-
- public void setValue(Object value) {
- this.value = value;
- }
-
- public Object getValue() {
- return value;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOptions.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOptions.java
deleted file mode 100644
index 911ba72..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbOptions.java
+++ /dev/null
@@ -1,96 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class KrbOptions {
-
- private Map<KrbOption, KrbOption> options = new HashMap<KrbOption, KrbOption>(4);
-
- public void add(KrbOption option) {
- if (option != null) {
- options.put(option, option);
- }
- }
-
- public void add(KrbOption option, Object optionValue) {
- option.setValue(optionValue);
- add(option);
- }
-
- public boolean contains(KrbOption option) {
- return options.containsKey(option);
- }
-
- public KrbOption getOption(KrbOption option) {
- if (! options.containsKey(option)) {
- return null;
- }
-
- return options.get(option);
- }
-
- public Object getOptionValue(KrbOption option) {
- if (! contains(option)) {
- return null;
- }
- return options.get(option).getValue();
- }
-
- public String getStringOption(KrbOption option) {
- Object value = getOptionValue(option);
- if (value != null && value instanceof String) {
- return (String) value;
- }
- return null;
- }
-
- public boolean getBooleanOption(KrbOption option) {
- Object value = getOptionValue(option);
- if (value != null) {
- if (value instanceof String) {
- String strVal = (String) value;
- if (strVal.equalsIgnoreCase("true") ||
- strVal.equalsIgnoreCase("yes") ||
- strVal.equals("1")) {
- return true;
- }
- } else if (value instanceof Boolean) {
- return (Boolean) value;
- }
- }
- return false;
- }
-
- public int getIntegerOption(KrbOption option) {
- Object value = getOptionValue(option);
- if (value != null) {
- if (value instanceof String) {
- String strVal = (String) value;
- return Integer.valueOf(strVal);
- } else if (value instanceof Integer) {
- return (Integer) value;
- }
- }
- return -1;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEvent.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEvent.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEvent.java
deleted file mode 100644
index 3c8ffc9..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEvent.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.event;
-
-import org.apache.haox.event.Event;
-import org.apache.kerberos.kerb.client.request.AsRequest;
-import org.apache.kerberos.kerb.client.request.TgsRequest;
-
-public class KrbClientEvent {
-
- public static Event createTgtIntentEvent(AsRequest asRequest) {
- return new Event(KrbClientEventType.TGT_INTENT, asRequest);
- }
-
- public static Event createTktIntentEvent(TgsRequest tgsRequest) {
- return new Event(KrbClientEventType.TKT_INTENT, tgsRequest);
- }
-
- public static Event createTgtResultEvent(AsRequest asRequest) {
- return new Event(KrbClientEventType.TGT_RESULT, asRequest);
- }
-
- public static Event createTktResultEvent(TgsRequest tgsRequest) {
- return new Event(KrbClientEventType.TKT_RESULT, tgsRequest);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEventType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEventType.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEventType.java
deleted file mode 100644
index bf271f1..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/event/KrbClientEventType.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.event;
-
-import org.apache.haox.event.EventType;
-
-public enum KrbClientEventType implements EventType {
- TGT_INTENT,
- TGT_RESULT,
- TKT_INTENT,
- TKT_RESULT
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
deleted file mode 100644
index 4f34181..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.preauth.PaFlag;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.util.Collections;
-import java.util.List;
-
-public class AbstractPreauthPlugin implements KrbPreauth {
-
- private PreauthPluginMeta pluginMeta;
- protected KrbContext context;
-
- public AbstractPreauthPlugin(PreauthPluginMeta meta) {
- this.pluginMeta = meta;
- }
-
- @Override
- public String getName() {
- return pluginMeta.getName();
- }
-
- public int getVersion() {
- return pluginMeta.getVersion();
- }
-
- public PaDataType[] getPaTypes() {
- return pluginMeta.getPaTypes();
- }
-
- public void init(KrbContext context) {
- this.context = context;
- }
-
- @Override
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
- return null;
- }
-
- @Override
- public void prepareQuestions(KdcRequest kdcRequest,
- PluginRequestContext requestContext) throws KrbException {
-
- kdcRequest.needAsKey();
- }
-
- @Override
- public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
- PluginRequestContext requestContext) {
- return Collections.emptyList();
- }
-
- @Override
- public void setPreauthOptions(KdcRequest kdcRequest,
- PluginRequestContext requestContext, KrbOptions options) {
-
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException {
-
- }
-
- @Override
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext, PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
-
- return false;
- }
-
- @Override
- public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext, PaDataType preauthType,
- PaData errPadata, PaData outPadata) {
- return false;
- }
-
- @Override
- public PaFlags getFlags(PaDataType paType) {
- PaFlags paFlags = new PaFlags(0);
- paFlags.setFlag(PaFlag.PA_REAL);
-
- return paFlags;
- }
-
- @Override
- public void destroy() {
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/FastContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/FastContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/FastContext.java
deleted file mode 100644
index 82a0240..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/FastContext.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.fast.FastOptions;
-import org.apache.kerberos.kerb.spec.fast.KrbFastArmor;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-
-public class FastContext {
-
- public KdcReq fastOuterRequest;
- public EncryptionKey armorKey;
- public KrbFastArmor fastArmor;
- public FastOptions fastOptions;
- public int nonce;
- public int fastFlags;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/KrbPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/KrbPreauth.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/KrbPreauth.java
deleted file mode 100644
index 66e1de4..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/KrbPreauth.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.util.List;
-
-/**
- * Client side preauth plugin module
- */
-public interface KrbPreauth extends PreauthPluginMeta {
-
- /**
- * Initializing preauth plugin context
- */
- public void init(KrbContext krbContext);
-
- /**
- * Initializing request context
- */
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest);
-
- /**
- * Prepare questions to prompt to you asking for credential
- */
- public void prepareQuestions(KdcRequest kdcRequest,
- PluginRequestContext requestContext) throws KrbException;
-
- /**
- * Get supported encryption types
- */
- public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
- PluginRequestContext requestContext);
-
- /**
- * Set krb options passed from user
- */
- public void setPreauthOptions(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- KrbOptions preauthOptions);
-
- /**
- * Attempt to try any initial padata derived from user options
- */
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException;
-
- /**
- * Process server returned paData and return back any result paData
- * Return true indicating padata is added
- */
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException;
-
- /**
- * When another request to server in the 4 pass, any paData to provide?
- * Return true indicating padata is added
- */
- public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataType preauthType,
- PaData errPadata,
- PaData outPadata);
-
- /**
- * Return PA_REAL if pa_type is a real preauthentication type or PA_INFO if it is
- * an informational type.
- */
- public PaFlags getFlags(PaDataType paType);
-
- /**
- * When exiting...
- */
- public void destroy();
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthContext.java
deleted file mode 100644
index 7bd55f1..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthContext.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class PreauthContext {
- private boolean preauthRequired = true;
- private PaData inputPaData;
- private PaData outputPaData;
- private PaData errorPaData;
- private UserResponser userResponser = new UserResponser();
- private PaDataType selectedPaType;
- private PaDataType allowedPaType;
- private List<PaDataType> triedPaTypes = new ArrayList<PaDataType>(1);
- private List<PreauthHandle> handles = new ArrayList<PreauthHandle>(5);
-
- public PreauthContext() {
- this.selectedPaType = PaDataType.NONE;
- this.allowedPaType = PaDataType.NONE;
- this.outputPaData = new PaData();
- }
-
- public boolean isPreauthRequired() {
- return preauthRequired;
- }
-
- public void setPreauthRequired(boolean preauthRequired) {
- this.preauthRequired = preauthRequired;
- }
-
- public UserResponser getUserResponser() {
- return userResponser;
- }
-
- public boolean isPaTypeAllowed(PaDataType paType) {
- return (allowedPaType == PaDataType.NONE ||
- allowedPaType == paType);
- }
-
- public PaData getOutputPaData() throws KrbException {
- return outputPaData;
- }
-
- public boolean hasInputPaData() {
- return (inputPaData != null && ! inputPaData.isEmpty());
- }
-
- public PaData getInputPaData() {
- return inputPaData;
- }
-
- public void setInputPaData(PaData inputPaData) {
- this.inputPaData = inputPaData;
- }
-
- public PaData getErrorPaData() {
- return errorPaData;
- }
-
- public void setErrorPaData(PaData errorPaData) {
- this.errorPaData = errorPaData;
- }
-
- public void setAllowedPaType(PaDataType paType) {
- this.allowedPaType = paType;
- }
-
- public List<PreauthHandle> getHandles() {
- return handles;
- }
-
- public PaDataType getAllowedPaType() {
- return allowedPaType;
- }
-
- public boolean checkAndPutTried(PaDataType paType) {
- for (PaDataType pt : triedPaTypes) {
- if (pt == paType) {
- return true;
- }
- }
- triedPaTypes.add(paType);
- return false;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandle.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandle.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandle.java
deleted file mode 100644
index 0d594cb..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandle.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class PreauthHandle {
-
- public KrbPreauth preauth;
- public PluginRequestContext requestContext;
-
- public PreauthHandle(KrbPreauth preauth) {
- this.preauth = preauth;
- }
-
- public void initRequestContext(KdcRequest kdcRequest) {
- requestContext = preauth.initRequestContext(kdcRequest);
- }
-
- public void prepareQuestions(KdcRequest kdcRequest) throws KrbException {
- preauth.prepareQuestions(kdcRequest, requestContext);
- }
-
- public void setPreauthOptions(KdcRequest kdcRequest,
- KrbOptions preauthOptions) throws KrbException {
- preauth.setPreauthOptions(kdcRequest, requestContext, preauthOptions);
- }
-
- public void tryFirst(KdcRequest kdcRequest, PaData outPadata) throws KrbException {
- preauth.tryFirst(kdcRequest, requestContext, outPadata);
- }
-
- public boolean process(KdcRequest kdcRequest,
- PaDataEntry inPadata, PaData outPadata) throws KrbException {
- return preauth.process(kdcRequest, requestContext, inPadata, outPadata);
- }
-
- public boolean tryAgain(KdcRequest kdcRequest,
- PaDataType paType, PaData errPadata, PaData paData) {
- return preauth.tryAgain(kdcRequest, requestContext, paType, errPadata, paData);
- }
-
- public boolean isReal(PaDataType paType) {
- PaFlags paFlags = preauth.getFlags(paType);
- return paFlags.isReal();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandler.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandler.java
deleted file mode 100644
index 00048d7..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/PreauthHandler.java
+++ /dev/null
@@ -1,249 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.preauth.builtin.EncTsPreauth;
-import org.apache.kerberos.kerb.client.preauth.builtin.TgtPreauth;
-import org.apache.kerberos.kerb.client.preauth.pkinit.PkinitPreauth;
-import org.apache.kerberos.kerb.client.preauth.token.TokenPreauth;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EtypeInfo;
-import org.apache.kerberos.kerb.spec.common.EtypeInfo2;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class PreauthHandler {
- private KrbContext krbContext;
- private List<KrbPreauth> preauths;
-
- public void init(KrbContext krbContext) {
- this.krbContext = krbContext;
- loadPreauthPlugins(krbContext);
- }
-
- private void loadPreauthPlugins(KrbContext context) {
- preauths = new ArrayList<KrbPreauth>();
-
- KrbPreauth preauth = new EncTsPreauth();
- preauth.init(context);
- preauths.add(preauth);
-
- preauth = new TgtPreauth();
- preauth.init(context);
- preauths.add(preauth);
-
- preauth = new PkinitPreauth();
- preauth.init(context);
- preauths.add(preauth);
-
- preauth = new TokenPreauth();
- preauth.init(context);
- preauths.add(preauth);
- }
-
- public PreauthContext preparePreauthContext(KdcRequest kdcRequest) {
- PreauthContext preauthContext = new PreauthContext();
- preauthContext.setPreauthRequired(krbContext.getConfig().isPreauthRequired());
- for (KrbPreauth preauth : preauths) {
- PreauthHandle handle = new PreauthHandle(preauth);
- handle.initRequestContext(kdcRequest);
- preauthContext.getHandles().add(handle);
- }
-
- return preauthContext;
- }
-
- /**
- * Process preauth inputs and options, prepare and generate pdata to be out
- */
- public void preauth(KdcRequest kdcRequest) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- if (!preauthContext.isPreauthRequired()) {
- return;
- }
-
- if (!preauthContext.hasInputPaData()) {
- tryFirst(kdcRequest, preauthContext.getOutputPaData());
- return;
- }
-
- attemptETypeInfo(kdcRequest, preauthContext.getInputPaData());
-
- setPreauthOptions(kdcRequest, kdcRequest.getPreauthOptions());
-
- prepareUserResponses(kdcRequest, preauthContext.getInputPaData());
-
- preauthContext.getUserResponser().respondQuestions();
-
- if (!kdcRequest.isRetrying()) {
- process(kdcRequest, preauthContext.getInputPaData(),
- preauthContext.getOutputPaData());
- } else {
- tryAgain(kdcRequest, preauthContext.getInputPaData(),
- preauthContext.getOutputPaData());
- }
- }
-
- public void prepareUserResponses(KdcRequest kdcRequest,
- PaData inPadata) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PaDataEntry pae : inPadata.getElements()) {
- if (! preauthContext.isPaTypeAllowed(pae.getPaDataType())) {
- continue;
- }
-
- PreauthHandle handle = findHandle(kdcRequest, pae.getPaDataType());
- if (handle == null) {
- continue;
- }
-
- handle.prepareQuestions(kdcRequest);
- }
- }
-
- public void setPreauthOptions(KdcRequest kdcRequest,
- KrbOptions preauthOptions) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PreauthHandle handle : preauthContext.getHandles()) {
- handle.setPreauthOptions(kdcRequest, preauthOptions);
- }
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PaData outPadata) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- PreauthHandle handle = findHandle(kdcRequest,
- preauthContext.getAllowedPaType());
- handle.tryFirst(kdcRequest, outPadata);
- }
-
- public void process(KdcRequest kdcRequest,
- PaData inPadata, PaData outPadata) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- /**
- * Process all informational padata types, then the first real preauth type
- * we succeed on
- */
- for (int real = 0; real <= 1; real ++) {
- for (PaDataEntry pae : inPadata.getElements()) {
-
- // Restrict real mechanisms to the chosen one if we have one
- if (real >0 && !preauthContext.isPaTypeAllowed(pae.getPaDataType())) {
- continue;
- }
-
- PreauthHandle handle = findHandle(kdcRequest,
- preauthContext.getAllowedPaType());
- if (handle == null) {
- continue;
- }
-
- // Make sure this type is for the current pass
- int tmpReal = handle.isReal(pae.getPaDataType()) ? 1 : 0;
- if (tmpReal != real) {
- continue;
- }
-
- if (real > 0 && preauthContext.checkAndPutTried(pae.getPaDataType())) {
- continue;
- }
-
- boolean gotData = handle.process(kdcRequest, pae, outPadata);
- if (real > 0 && gotData) {
- return;
- }
- }
- }
- }
-
- public void tryAgain(KdcRequest kdcRequest,
- PaData inPadata, PaData outPadata) {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- PreauthHandle handle;
- for (PaDataEntry pae : inPadata.getElements()) {
- handle = findHandle(kdcRequest, pae.getPaDataType());
- if (handle == null) continue;
-
- boolean gotData = handle.tryAgain(kdcRequest,
- pae.getPaDataType(), preauthContext.getErrorPaData(), outPadata);
- }
- }
-
- public void destroy() {
- for (KrbPreauth preauth : preauths) {
- preauth.destroy();
- }
- }
-
- private PreauthHandle findHandle(KdcRequest kdcRequest,
- PaDataType paType) {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- for (PreauthHandle handle : preauthContext.getHandles()) {
- for (PaDataType pt : handle.preauth.getPaTypes()) {
- if (pt == paType) {
- return handle;
- }
- }
- }
- return null;
- }
-
- private void attemptETypeInfo(KdcRequest kdcRequest,
- PaData inPadata) throws KrbException {
- PreauthContext preauthContext = kdcRequest.getPreauthContext();
-
- // Find an etype-info2 or etype-info element in padata
- EtypeInfo etypeInfo = null;
- EtypeInfo2 etypeInfo2 = null;
- PaDataEntry pae = inPadata.findEntry(PaDataType.ETYPE_INFO);
- if (pae != null) {
- etypeInfo = KrbCodec.decode(pae.getPaDataValue(), EtypeInfo.class);
- } else {
- pae = inPadata.findEntry(PaDataType.ETYPE_INFO2);
- if (pae != null) {
- etypeInfo2 = KrbCodec.decode(pae.getPaDataValue(), EtypeInfo2.class);
- }
- }
-
- if (etypeInfo == null && etypeInfo2 == null) {
- attemptSalt(kdcRequest, inPadata);
- }
- }
-
- private void attemptSalt(KdcRequest kdcRequest,
- PaData inPadata) throws KrbException {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponseItem.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponseItem.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponseItem.java
deleted file mode 100644
index bd30bf6..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponseItem.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-public class UserResponseItem {
- protected String question;
- protected String challenge;
- protected String answer;
-
- public UserResponseItem(String question, String challenge) {
- this.question = question;
- this.challenge = challenge;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponser.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponser.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponser.java
deleted file mode 100644
index 1b9ae9f..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/UserResponser.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class UserResponser {
-
- private List<UserResponseItem> items = new ArrayList<UserResponseItem>(1);
-
- /**
- * Let customize an interface like CMD or WEB UI to selectively respond all the questions
- */
- public void respondQuestions() {
- // TODO
- }
-
- public UserResponseItem findQuestion(String question) {
- for (UserResponseItem ri : items) {
- if (ri.question.equals(question)) {
- return ri;
- }
- }
- return null;
- }
-
- public void askQuestion(String question, String challenge) {
- UserResponseItem ri = findQuestion(question);
- if (ri == null) {
- items.add(new UserResponseItem(question, challenge));
- } else {
- ri.challenge = challenge;
- }
- }
-
- public String getChallenge(String question) {
- UserResponseItem ri = findQuestion(question);
- if (ri != null) {
- return ri.challenge;
- }
- return null;
- }
-
- public void setAnswer(String question, String answer) {
- UserResponseItem ri = findQuestion(question);
- if (ri == null) {
- throw new IllegalArgumentException("Question isn't exist for the answer");
- }
- ri.answer = answer;
- }
-
- public String getAnswer(String question) {
- UserResponseItem ri = findQuestion(question);
- if (ri != null) {
- return ri.answer;
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
deleted file mode 100644
index b04e09f..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.builtin;
-
-import org.apache.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.preauth.PaFlag;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.builtin.EncTsPreauthMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.pa.PaEncTsEnc;
-
-public class EncTsPreauth extends AbstractPreauthPlugin {
-
- public EncTsPreauth() {
- super(new EncTsPreauthMeta());
- }
-
- @Override
- public void prepareQuestions(KdcRequest kdcRequest,
- PluginRequestContext requestContext) throws KrbException {
-
- kdcRequest.needAsKey();
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException {
-
- if (kdcRequest.getAsKey() == null) {
- kdcRequest.needAsKey();
- }
- outPadata.addElement(makeEntry(kdcRequest));
- }
-
- @Override
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
-
- if (kdcRequest.getAsKey() == null) {
- kdcRequest.needAsKey();
- }
- outPadata.addElement(makeEntry(kdcRequest));
-
- return true;
- }
-
- @Override
- public PaFlags getFlags(PaDataType paType) {
- PaFlags paFlags = new PaFlags(0);
- paFlags.setFlag(PaFlag.PA_REAL);
-
- return paFlags;
- }
-
- private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
- PaEncTsEnc paTs = new PaEncTsEnc();
- paTs.setPaTimestamp(kdcRequest.getPreauthTime());
-
- EncryptedData paDataValue = EncryptionUtil.seal(paTs,
- kdcRequest.getAsKey(), KeyUsage.AS_REQ_PA_ENC_TS);
- PaDataEntry tsPaEntry = new PaDataEntry();
- tsPaEntry.setPaDataType(PaDataType.ENC_TIMESTAMP);
- tsPaEntry.setPaDataValue(paDataValue.encode());
-
- return tsPaEntry;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/TgtPreauth.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
deleted file mode 100644
index 19459d0..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.builtin;
-
-import org.apache.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.client.request.TgsRequest;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.builtin.TgtPreauthMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class TgtPreauth extends AbstractPreauthPlugin {
-
- public TgtPreauth() {
- super(new TgtPreauthMeta());
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException {
-
- outPadata.addElement(makeEntry(kdcRequest));
- }
-
- @Override
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
-
- outPadata.addElement(makeEntry(kdcRequest));
-
- return true;
- }
-
- private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
-
- TgsRequest tgsRequest = (TgsRequest) kdcRequest;
-
- PaDataEntry paEntry = new PaDataEntry();
- paEntry.setPaDataType(PaDataType.TGS_REQ);
- paEntry.setPaDataValue(tgsRequest.getApReq().encode());
-
- return paEntry;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
deleted file mode 100644
index 820eafd..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.pkinit;
-
-import org.apache.kerberos.kerb.preauth.pkinit.IdentityOpts;
-import org.apache.kerberos.kerb.preauth.pkinit.PluginOpts;
-
-public class PkinitContext {
-
- public PluginOpts pluginOpts = new PluginOpts();
- public IdentityOpts identityOpts = new IdentityOpts();
-
-}
[45/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
DIRKRB-149 New layout structure with the new name "Apache Kerby"
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/ceacb982
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/ceacb982
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/ceacb982
Branch: refs/heads/master
Commit: ceacb982d01016b58fd17065da1ed5f43856f05b
Parents: 3558a6b
Author: Drankye <dr...@gmail.com>
Authored: Fri Jan 23 13:41:07 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Fri Jan 23 13:41:07 2015 +0800
----------------------------------------------------------------------
3rdparty/not-yet-commons-ssl/pom.xml | 2 +-
3rdparty/pom.xml | 4 +-
benchmark/pom.xml | 212 ++--
.../kerberos/benchmark/KrbCodecPerfTest.java | 79 --
.../kerberos/benchmark/KrbCodecPerfTest.java | 79 ++
contrib/haox-asn1/README.md | 301 -----
contrib/haox-asn1/pom.xml | 27 -
.../java/org/apache/haox/asn1/Asn1Dump.java | 70 --
.../java/org/apache/haox/asn1/Asn1Factory.java | 44 -
.../org/apache/haox/asn1/Asn1InputBuffer.java | 82 --
.../org/apache/haox/asn1/Asn1OutputBuffer.java | 72 --
.../org/apache/haox/asn1/EncodingOption.java | 84 --
.../org/apache/haox/asn1/LimitedByteBuffer.java | 121 --
.../java/org/apache/haox/asn1/TagClass.java | 74 --
.../org/apache/haox/asn1/TaggingOption.java | 68 --
.../java/org/apache/haox/asn1/UniversalTag.java | 106 --
.../apache/haox/asn1/type/AbstractAsn1Type.java | 420 -------
.../java/org/apache/haox/asn1/type/Asn1Any.java | 47 -
.../apache/haox/asn1/type/Asn1BigInteger.java | 48 -
.../apache/haox/asn1/type/Asn1BitString.java | 86 --
.../apache/haox/asn1/type/Asn1BmpString.java | 72 --
.../org/apache/haox/asn1/type/Asn1Boolean.java | 71 --
.../org/apache/haox/asn1/type/Asn1Choice.java | 173 ---
.../apache/haox/asn1/type/Asn1Collection.java | 137 ---
.../apache/haox/asn1/type/Asn1CollectionOf.java | 88 --
.../haox/asn1/type/Asn1CollectionType.java | 195 ----
.../apache/haox/asn1/type/Asn1FieldInfo.java | 76 --
.../haox/asn1/type/Asn1GeneralString.java | 33 -
.../haox/asn1/type/Asn1GeneralizedTime.java | 134 ---
.../apache/haox/asn1/type/Asn1IA5String.java | 33 -
.../org/apache/haox/asn1/type/Asn1Integer.java | 46 -
.../org/apache/haox/asn1/type/Asn1Item.java | 155 ---
.../org/apache/haox/asn1/type/Asn1Null.java | 52 -
.../haox/asn1/type/Asn1NumericsString.java | 50 -
.../haox/asn1/type/Asn1ObjectIdentifier.java | 164 ---
.../apache/haox/asn1/type/Asn1OctetString.java | 51 -
.../haox/asn1/type/Asn1PrintableString.java | 33 -
.../org/apache/haox/asn1/type/Asn1Sequence.java | 30 -
.../apache/haox/asn1/type/Asn1SequenceOf.java | 38 -
.../apache/haox/asn1/type/Asn1SequenceType.java | 37 -
.../java/org/apache/haox/asn1/type/Asn1Set.java | 30 -
.../org/apache/haox/asn1/type/Asn1SetOf.java | 30 -
.../org/apache/haox/asn1/type/Asn1SetType.java | 37 -
.../org/apache/haox/asn1/type/Asn1Simple.java | 184 ----
.../org/apache/haox/asn1/type/Asn1String.java | 292 -----
.../apache/haox/asn1/type/Asn1T61String.java | 33 -
.../haox/asn1/type/Asn1T61Utf8String.java | 43 -
.../org/apache/haox/asn1/type/Asn1Tagging.java | 104 --
.../org/apache/haox/asn1/type/Asn1Type.java | 41 -
.../haox/asn1/type/Asn1UniversalString.java | 33 -
.../org/apache/haox/asn1/type/Asn1UtcTime.java | 89 --
.../apache/haox/asn1/type/Asn1Utf8String.java | 47 -
.../haox/asn1/type/Asn1VisibleString.java | 33 -
.../haox/asn1/type/TaggingCollection.java | 105 --
.../apache/haox/asn1/type/TaggingSequence.java | 35 -
.../org/apache/haox/asn1/type/TaggingSet.java | 35 -
.../org/apache/haox/asn1/PersonnelRecord.java | 209 ----
.../org/apache/haox/asn1/TestAsn1Boolean.java | 56 -
.../apache/haox/asn1/TestAsn1Collection.java | 55 -
.../org/apache/haox/asn1/TestAsn1Input.java | 35 -
.../org/apache/haox/asn1/TestAsn1Integer.java | 70 --
.../haox/asn1/TestAsn1ObjectIdentifier.java | 64 --
.../org/apache/haox/asn1/TestAsn1UtcTime.java | 70 --
.../java/org/apache/haox/asn1/TestData.java | 129 ---
.../apache/haox/asn1/TestPersonnelRecord.java | 126 ---
.../apache/haox/asn1/TestTaggingEncoding.java | 205 ----
.../test/java/org/apache/haox/asn1/Util.java | 72 --
contrib/haox-config/README | 1 -
contrib/haox-config/pom.xml | 35 -
.../main/java/org/apache/haox/config/Conf.java | 285 -----
.../java/org/apache/haox/config/Config.java | 58 -
.../java/org/apache/haox/config/ConfigImpl.java | 346 ------
.../java/org/apache/haox/config/ConfigKey.java | 25 -
.../org/apache/haox/config/ConfigLoader.java | 50 -
.../org/apache/haox/config/ConfigObject.java | 80 --
.../org/apache/haox/config/IniConfigLoader.java | 69 --
.../apache/haox/config/JsonConfigLoader.java | 27 -
.../org/apache/haox/config/MapConfigLoader.java | 34 -
.../haox/config/PropertiesConfigLoader.java | 43 -
.../haox/config/PropertiesFileConfigLoader.java | 33 -
.../java/org/apache/haox/config/Resource.java | 119 --
.../org/apache/haox/config/XmlConfigLoader.java | 159 ---
.../java/org/apache/haox/config/ConfTest.java | 135 ---
.../org/apache/haox/config/ConfigImplTest.java | 62 --
.../org/apache/haox/config/IniConfigTest.java | 76 --
contrib/haox-event/README | 1 -
contrib/haox-event/pom.xml | 31 -
.../apache/haox/event/AbstractEventHandler.java | 55 -
.../event/AbstractInternalEventHandler.java | 66 --
.../apache/haox/event/BufferedEventHandler.java | 53 -
.../java/org/apache/haox/event/Dispatcher.java | 29 -
.../main/java/org/apache/haox/event/Event.java | 43 -
.../org/apache/haox/event/EventHandler.java | 31 -
.../java/org/apache/haox/event/EventHub.java | 192 ----
.../java/org/apache/haox/event/EventType.java | 24 -
.../java/org/apache/haox/event/EventWaiter.java | 35 -
.../apache/haox/event/ExecutedEventHandler.java | 76 --
.../apache/haox/event/InternalEventHandler.java | 34 -
.../haox/event/LongRunningEventHandler.java | 77 --
.../org/apache/haox/event/WaitEventHandler.java | 128 ---
.../org/apache/haox/transport/Acceptor.java | 36 -
.../org/apache/haox/transport/Connector.java | 36 -
.../apache/haox/transport/MessageHandler.java | 42 -
.../java/org/apache/haox/transport/Network.java | 297 -----
.../org/apache/haox/transport/Transport.java | 84 --
.../apache/haox/transport/TransportHandler.java | 34 -
.../haox/transport/TransportSelector.java | 100 --
.../haox/transport/buffer/BufferPool.java | 33 -
.../haox/transport/buffer/BufferUtil.java | 42 -
.../haox/transport/buffer/RecvBuffer.java | 155 ---
.../haox/transport/buffer/TransBuffer.java | 49 -
.../haox/transport/event/AddressEvent.java | 39 -
.../haox/transport/event/MessageEvent.java | 41 -
.../haox/transport/event/TransportEvent.java | 56 -
.../transport/event/TransportEventType.java | 29 -
.../haox/transport/tcp/DecodingCallback.java | 38 -
.../haox/transport/tcp/StreamingDecoder.java | 26 -
.../apache/haox/transport/tcp/TcpAcceptor.java | 112 --
.../haox/transport/tcp/TcpAddressEvent.java | 36 -
.../apache/haox/transport/tcp/TcpConnector.java | 94 --
.../apache/haox/transport/tcp/TcpEventType.java | 27 -
.../apache/haox/transport/tcp/TcpTransport.java | 110 --
.../haox/transport/tcp/TcpTransportHandler.java | 77 --
.../apache/haox/transport/udp/UdpAcceptor.java | 84 --
.../haox/transport/udp/UdpAddressEvent.java | 36 -
.../haox/transport/udp/UdpChannelEvent.java | 47 -
.../apache/haox/transport/udp/UdpConnector.java | 76 --
.../apache/haox/transport/udp/UdpEventType.java | 29 -
.../apache/haox/transport/udp/UdpTransport.java | 65 --
.../haox/transport/udp/UdpTransportHandler.java | 109 --
.../java/org/apache/haox/event/TestBuffer.java | 50 -
.../haox/event/network/TestNetworkBase.java | 58 -
.../haox/event/network/TestNetworkClient.java | 212 ----
.../haox/event/network/TestNetworkServer.java | 110 --
.../org/apache/haox/event/tcp/TestTcpBase.java | 57 -
.../apache/haox/event/tcp/TestTcpClient.java | 160 ---
.../apache/haox/event/tcp/TestTcpServer.java | 90 --
.../org/apache/haox/event/udp/TestUdpBase.java | 41 -
.../apache/haox/event/udp/TestUdpClient.java | 149 ---
.../apache/haox/event/udp/TestUdpServer.java | 89 --
contrib/haox-pkix/pom.xml | 38 -
.../src/main/java/org/haox/pki/Pkix.java | 87 --
contrib/haox-pkix/src/main/resources/cacert.pem | 23 -
contrib/haox-pkix/src/main/resources/cakey.pem | 27 -
.../haox-pkix/src/main/resources/extensions.kdc | 36 -
.../haox-pkix/src/main/resources/kdccert.pem | 26 -
contrib/haox-pkix/src/main/resources/kdckey.pem | 27 -
.../haox-pkix/src/main/resources/usercert.pem | 26 -
.../haox-pkix/src/main/resources/userkey.pem | 27 -
.../src/test/java/org/haox/pki/PkixTest.java | 60 -
contrib/haox-token/pom.xml | 44 -
.../java/org/haox/token/AuthzDataEntry.java | 52 -
.../src/main/java/org/haox/token/KerbToken.java | 47 -
.../main/java/org/haox/token/TokenCache.java | 82 --
.../java/org/haox/token/TokenExtractor.java | 101 --
.../src/main/java/org/haox/token/TokenTool.java | 124 ---
contrib/haox-util/pom.xml | 31 -
.../src/main/java/org/haox/util/HexUtil.java | 58 -
contrib/pom.xml | 46 -
haox-kdc/README | 5 -
haox-kdc/kdc-server/pom.xml | 56 -
.../kerberos/kdc/server/ApacheKdcServer.java | 41 -
.../org/apache/kerberos/kdc/server/KdcTest.java | 70 --
haox-kdc/ldap-identity-backend/pom.xml | 41 -
.../identitybackend/LdapIdentityBackend.java | 77 --
haox-kdc/pom.xml | 34 -
haox-kdc/tools/pom.xml | 46 -
.../java/org/apache/kerberos/tool/Kinit.java | 42 -
haox-kerb/README | 2 -
haox-kerb/kerb-client/pom.xml | 61 --
.../apache/kerberos/kerb/client/KrbClient.java | 321 ------
.../apache/kerberos/kerb/client/KrbConfig.java | 161 ---
.../kerberos/kerb/client/KrbConfigKey.java | 101 --
.../apache/kerberos/kerb/client/KrbContext.java | 97 --
.../apache/kerberos/kerb/client/KrbHandler.java | 99 --
.../apache/kerberos/kerb/client/KrbOption.java | 91 --
.../apache/kerberos/kerb/client/KrbOptions.java | 96 --
.../kerb/client/event/KrbClientEvent.java | 43 -
.../kerb/client/event/KrbClientEventType.java | 29 -
.../client/preauth/AbstractPreauthPlugin.java | 122 ---
.../kerb/client/preauth/FastContext.java | 36 -
.../kerb/client/preauth/KrbPreauth.java | 107 --
.../kerb/client/preauth/PreauthContext.java | 108 --
.../kerb/client/preauth/PreauthHandle.java | 72 --
.../kerb/client/preauth/PreauthHandler.java | 249 -----
.../kerb/client/preauth/UserResponseItem.java | 31 -
.../kerb/client/preauth/UserResponser.java | 77 --
.../client/preauth/builtin/EncTsPreauth.java | 94 --
.../kerb/client/preauth/builtin/TgtPreauth.java | 66 --
.../client/preauth/pkinit/PkinitContext.java | 30 -
.../client/preauth/pkinit/PkinitPreauth.java | 233 ----
.../preauth/pkinit/PkinitRequestContext.java | 44 -
.../preauth/pkinit/PkinitRequestOpts.java | 40 -
.../kerb/client/preauth/token/TokenContext.java | 28 -
.../kerb/client/preauth/token/TokenPreauth.java | 124 ---
.../preauth/token/TokenRequestContext.java | 32 -
.../kerberos/kerb/client/request/AsRequest.java | 127 ---
.../kerb/client/request/AsRequestWithCert.java | 57 -
.../client/request/AsRequestWithPasswd.java | 50 -
.../kerb/client/request/AsRequestWithToken.java | 52 -
.../kerb/client/request/KdcRequest.java | 358 ------
.../kerb/client/request/TgsRequest.java | 136 ---
.../src/main/resources/kdc-krb5.conf | 25 -
.../kerb-client/src/main/resources/kdc.ldiff | 46 -
.../kerb-client/src/main/resources/krb5.conf | 57 -
.../kerberos/kerb/client/TestKrbConfigLoad.java | 71 --
haox-kerb/kerb-common/pom.xml | 51 -
.../java/org/apache/kerberos/kerb/KrbThrow.java | 35 -
.../java/org/apache/kerberos/kerb/Message.java | 43 -
.../org/apache/kerberos/kerb/MessageCode.java | 24 -
.../kerberos/kerb/common/EncryptionUtil.java | 98 --
.../kerberos/kerb/common/KrbConfHelper.java | 104 --
.../kerberos/kerb/common/KrbErrorUtil.java | 67 --
.../kerb/common/KrbStreamingDecoder.java | 42 -
.../apache/kerberos/kerb/common/KrbUtil.java | 49 -
.../kerberos/kerb/common/SectionConfigKey.java | 31 -
.../apache/kerberos/kerb/preauth/PaFlag.java | 49 -
.../apache/kerberos/kerb/preauth/PaFlags.java | 37 -
.../kerb/preauth/PluginRequestContext.java | 27 -
.../kerb/preauth/PreauthPluginMeta.java | 32 -
.../kerb/preauth/builtin/EncTsPreauthMeta.java | 45 -
.../kerb/preauth/builtin/TgtPreauthMeta.java | 48 -
.../kerb/preauth/pkinit/IdentityOpts.java | 44 -
.../kerb/preauth/pkinit/IdentityType.java | 29 -
.../kerb/preauth/pkinit/PkinitIdenity.java | 128 ---
.../kerb/preauth/pkinit/PkinitPreauthMeta.java | 46 -
.../kerb/preauth/pkinit/PluginOpts.java | 67 --
.../kerb/preauth/token/TokenPreauthMeta.java | 46 -
haox-kerb/kerb-core-test/pom.xml | 46 -
.../src/main/resources/aes128-kerberos-data | Bin 1712 -> 0 bytes
.../src/main/resources/aes128-key-data | 1 -
.../src/main/resources/aes128-spnego-data | Bin 1778 -> 0 bytes
.../src/main/resources/aes256-kerberos-data | Bin 1744 -> 0 bytes
.../src/main/resources/aes256-key-data | Bin 32 -> 0 bytes
.../src/main/resources/aes256-spnego-data | Bin 1810 -> 0 bytes
.../src/main/resources/asrep.token | Bin 1241 -> 0 bytes
.../src/main/resources/asreq.token | Bin 291 -> 0 bytes
.../src/main/resources/des-kerberos-data | Bin 1773 -> 0 bytes
.../src/main/resources/des-key-data | 1 -
.../src/main/resources/des-pac-data | Bin 1072 -> 0 bytes
.../src/main/resources/des-spnego-data | Bin 1839 -> 0 bytes
.../src/main/resources/exceptions.properties | 55 -
.../src/main/resources/rc4-kerberos-data | Bin 1735 -> 0 bytes
.../src/main/resources/rc4-key-data | 1 -
.../src/main/resources/rc4-pac-data | Bin 1048 -> 0 bytes
.../src/main/resources/rc4-spnego-data | Bin 1801 -> 0 bytes
.../src/main/resources/server.keytab | Bin 387 -> 0 bytes
.../src/main/resources/tgsrep.token | Bin 1189 -> 0 bytes
.../src/main/resources/tgsreq.token | Bin 1211 -> 0 bytes
.../org/apache/kerberos/kerb/codec/README.txt | 5 -
.../kerb/codec/kerberos/AuthzDataUtil.java | 67 --
.../kerb/codec/kerberos/KerberosApRequest.java | 51 -
.../kerb/codec/kerberos/KerberosConstants.java | 44 -
.../codec/kerberos/KerberosCredentials.java | 55 -
.../kerb/codec/kerberos/KerberosTicket.java | 86 --
.../kerb/codec/kerberos/KerberosToken.java | 58 -
.../org/apache/kerberos/kerb/codec/pac/Pac.java | 113 --
.../kerberos/kerb/codec/pac/PacConstants.java | 39 -
.../kerb/codec/pac/PacCredentialType.java | 41 -
.../kerb/codec/pac/PacDataInputStream.java | 158 ---
.../kerberos/kerb/codec/pac/PacGroup.java | 41 -
.../kerberos/kerb/codec/pac/PacLogonInfo.java | 322 ------
.../apache/kerberos/kerb/codec/pac/PacSid.java | 130 ---
.../kerb/codec/pac/PacSidAttributes.java | 41 -
.../kerberos/kerb/codec/pac/PacSignature.java | 52 -
.../kerb/codec/pac/PacUnicodeString.java | 61 --
.../kerb/codec/spnego/SpnegoConstants.java | 31 -
.../kerb/codec/spnego/SpnegoInitToken.java | 53 -
.../kerb/codec/spnego/SpnegoTargToken.java | 41 -
.../kerberos/kerb/codec/spnego/SpnegoToken.java | 67 --
.../kerberos/kerb/codec/test/CodecTest.java | 46 -
.../kerberos/kerb/codec/test/CodecTestUtil.java | 32 -
.../kerb/codec/test/TestAsRepCodec.java | 76 --
.../kerb/codec/test/TestAsReqCodec.java | 97 --
.../kerberos/kerb/codec/test/TestKerberos.java | 267 -----
.../kerberos/kerb/codec/test/TestPac.java | 154 ---
.../kerberos/kerb/codec/test/TestSpnego.java | 172 ---
.../kerb/codec/test/TestTgsRepCodec.java | 70 --
.../kerb/codec/test/TestTgsReqCodec.java | 94 --
haox-kerb/kerb-core/pom.xml | 37 -
.../org/apache/kerberos/kerb/KrbConstant.java | 26 -
.../org/apache/kerberos/kerb/KrbErrorCode.java | 128 ---
.../apache/kerberos/kerb/KrbErrorException.java | 35 -
.../org/apache/kerberos/kerb/KrbException.java | 43 -
.../apache/kerberos/kerb/codec/KrbCodec.java | 93 --
.../kerberos/kerb/spec/KerberosString.java | 34 -
.../kerberos/kerb/spec/KerberosStrings.java | 43 -
.../apache/kerberos/kerb/spec/KerberosTime.java | 118 --
.../kerberos/kerb/spec/KrbAppSequenceType.java | 57 -
.../org/apache/kerberos/kerb/spec/KrbEnum.java | 24 -
.../apache/kerberos/kerb/spec/KrbIntegers.java | 54 -
.../kerberos/kerb/spec/KrbSequenceOfType.java | 43 -
.../kerberos/kerb/spec/KrbSequenceType.java | 55 -
.../apache/kerberos/kerb/spec/ap/ApOption.java | 58 -
.../apache/kerberos/kerb/spec/ap/ApOptions.java | 33 -
.../org/apache/kerberos/kerb/spec/ap/ApRep.java | 65 --
.../org/apache/kerberos/kerb/spec/ap/ApReq.java | 89 --
.../kerberos/kerb/spec/ap/Authenticator.java | 144 ---
.../kerberos/kerb/spec/ap/EncAPRepPart.java | 85 --
.../kerberos/kerb/spec/common/AdToken.java | 49 -
.../kerb/spec/common/AuthorizationData.java | 32 -
.../spec/common/AuthorizationDataEntry.java | 62 --
.../kerb/spec/common/AuthorizationType.java | 143 ---
.../kerberos/kerb/spec/common/CheckSum.java | 95 --
.../kerberos/kerb/spec/common/CheckSumType.java | 115 --
.../kerb/spec/common/EncryptedData.java | 96 --
.../kerb/spec/common/EncryptionKey.java | 107 --
.../kerb/spec/common/EncryptionType.java | 132 ---
.../kerberos/kerb/spec/common/EtypeInfo.java | 29 -
.../kerberos/kerb/spec/common/EtypeInfo2.java | 29 -
.../kerb/spec/common/EtypeInfo2Entry.java | 73 --
.../kerb/spec/common/EtypeInfoEntry.java | 61 --
.../kerberos/kerb/spec/common/HostAddrType.java | 100 --
.../kerberos/kerb/spec/common/HostAddress.java | 109 --
.../kerb/spec/common/HostAddresses.java | 43 -
.../kerberos/kerb/spec/common/KeyUsage.java | 128 ---
.../kerberos/kerb/spec/common/KrbError.java | 166 ---
.../kerberos/kerb/spec/common/KrbFlags.java | 118 --
.../kerberos/kerb/spec/common/KrbMessage.java | 54 -
.../kerb/spec/common/KrbMessageType.java | 59 -
.../kerberos/kerb/spec/common/KrbToken.java | 99 --
.../kerb/spec/common/KrbTokenEncoder.java | 28 -
.../kerberos/kerb/spec/common/LastReq.java | 32 -
.../kerberos/kerb/spec/common/LastReqEntry.java | 62 --
.../kerberos/kerb/spec/common/LastReqType.java | 62 --
.../kerberos/kerb/spec/common/MethodData.java | 30 -
.../kerberos/kerb/spec/common/NameType.java | 54 -
.../kerb/spec/common/PrincipalName.java | 199 ----
.../apache/kerberos/kerb/spec/common/Realm.java | 34 -
.../kerberos/kerb/spec/common/SamType.java | 66 --
.../kerberos/kerb/spec/common/TokenFormat.java | 50 -
.../kerb/spec/common/TransitedEncoding.java | 62 --
.../kerb/spec/common/TransitedEncodingType.java | 51 -
.../kerberos/kerb/spec/fast/ArmorType.java | 50 -
.../kerberos/kerb/spec/fast/FastOption.java | 51 -
.../kerberos/kerb/spec/fast/FastOptions.java | 33 -
.../kerberos/kerb/spec/fast/KrbFastArmor.java | 64 --
.../kerb/spec/fast/KrbFastArmoredRep.java | 52 -
.../kerb/spec/fast/KrbFastArmoredReq.java | 95 --
.../kerb/spec/fast/KrbFastFinished.java | 82 --
.../kerberos/kerb/spec/fast/KrbFastReq.java | 78 --
.../kerb/spec/fast/KrbFastResponse.java | 90 --
.../kerberos/kerb/spec/fast/PaAuthnEntry.java | 80 --
.../kerberos/kerb/spec/fast/PaAuthnSet.java | 29 -
.../kerberos/kerb/spec/fast/PaFxFastReply.java | 48 -
.../kerb/spec/fast/PaFxFastRequest.java | 48 -
.../apache/kerberos/kerb/spec/kdc/AsRep.java | 32 -
.../apache/kerberos/kerb/spec/kdc/AsReq.java | 31 -
.../kerberos/kerb/spec/kdc/EncAsRepPart.java | 31 -
.../kerberos/kerb/spec/kdc/EncKdcRepPart.java | 177 ---
.../kerberos/kerb/spec/kdc/EncTgsRepPart.java | 31 -
.../kerberos/kerb/spec/kdc/KdcOption.java | 79 --
.../kerberos/kerb/spec/kdc/KdcOptions.java | 33 -
.../apache/kerberos/kerb/spec/kdc/KdcRep.java | 116 --
.../apache/kerberos/kerb/spec/kdc/KdcReq.java | 76 --
.../kerberos/kerb/spec/kdc/KdcReqBody.java | 209 ----
.../apache/kerberos/kerb/spec/kdc/TgsRep.java | 31 -
.../apache/kerberos/kerb/spec/kdc/TgsReq.java | 32 -
.../kerb/spec/pa/PaAuthenticationSet.java | 29 -
.../kerb/spec/pa/PaAuthenticationSetElem.java | 74 --
.../apache/kerberos/kerb/spec/pa/PaData.java | 41 -
.../kerberos/kerb/spec/pa/PaDataEntry.java | 69 --
.../kerberos/kerb/spec/pa/PaDataType.java | 92 --
.../kerberos/kerb/spec/pa/PaEncTsEnc.java | 66 --
.../kerberos/kerb/spec/pa/otp/OtpTokenInfo.java | 69 --
.../kerb/spec/pa/otp/PaOtpChallenge.java | 55 -
.../spec/pa/pkinit/AdInitialVerifiedCas.java | 28 -
.../spec/pa/pkinit/AlgorithmIdentifiers.java | 30 -
.../kerberos/kerb/spec/pa/pkinit/AuthPack.java | 82 --
.../kerberos/kerb/spec/pa/pkinit/DHNonce.java | 28 -
.../kerberos/kerb/spec/pa/pkinit/DHRepInfo.java | 60 -
.../pa/pkinit/ExternalPrincipalIdentifier.java | 71 --
.../kerb/spec/pa/pkinit/KdcDHKeyInfo.java | 65 --
.../kerb/spec/pa/pkinit/Krb5PrincipalName.java | 61 --
.../kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java | 60 -
.../kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java | 71 --
.../kerb/spec/pa/pkinit/PkAuthenticator.java | 91 --
.../kerb/spec/pa/pkinit/ReplyKeyPack.java | 61 --
.../kerb/spec/pa/pkinit/TdDhParameters.java | 26 -
.../kerb/spec/pa/pkinit/TrustedCertifiers.java | 29 -
.../kerb/spec/pa/token/PaTokenChallenge.java | 40 -
.../kerb/spec/pa/token/PaTokenRequest.java | 61 --
.../kerberos/kerb/spec/pa/token/TokenFlag.java | 51 -
.../kerberos/kerb/spec/pa/token/TokenFlags.java | 39 -
.../kerberos/kerb/spec/pa/token/TokenInfo.java | 62 --
.../kerberos/kerb/spec/pa/token/TokenInfos.java | 29 -
.../kerb/spec/ticket/AbstractServiceTicket.java | 49 -
.../kerb/spec/ticket/EncTicketPart.java | 164 ---
.../kerb/spec/ticket/ServiceTicket.java | 28 -
.../kerberos/kerb/spec/ticket/TgtTicket.java | 36 -
.../kerberos/kerb/spec/ticket/Ticket.java | 99 --
.../kerberos/kerb/spec/ticket/TicketFlag.java | 62 --
.../kerberos/kerb/spec/ticket/TicketFlags.java | 39 -
.../kerberos/kerb/spec/ticket/Tickets.java | 29 -
.../kerb/spec/x509/AlgorithmIdentifier.java | 58 -
.../kerb/spec/x509/SubjectPublicKeyInfo.java | 60 -
haox-kerb/kerb-crypto/pom.xml | 42 -
.../kerb/crypto/AbstractCryptoTypeHandler.java | 68 --
.../apache/kerberos/kerb/crypto/BytesUtil.java | 183 ----
.../apache/kerberos/kerb/crypto/Camellia.java | 250 -----
.../kerberos/kerb/crypto/CamelliaKey.java | 433 --------
.../kerberos/kerb/crypto/CheckSumHandler.java | 153 ---
.../kerb/crypto/CheckSumTypeHandler.java | 57 -
.../org/apache/kerberos/kerb/crypto/Cmac.java | 178 ---
.../apache/kerberos/kerb/crypto/Confounder.java | 33 -
.../org/apache/kerberos/kerb/crypto/Crc32.java | 78 --
.../kerberos/kerb/crypto/CryptoTypeHandler.java | 34 -
.../org/apache/kerberos/kerb/crypto/Des.java | 86 --
.../kerberos/kerb/crypto/EncTypeHandler.java | 58 -
.../kerberos/kerb/crypto/EncryptionHandler.java | 174 ---
.../org/apache/kerberos/kerb/crypto/Hmac.java | 82 --
.../org/apache/kerberos/kerb/crypto/Md4.java | 339 ------
.../org/apache/kerberos/kerb/crypto/Nfold.java | 102 --
.../org/apache/kerberos/kerb/crypto/Nonce.java | 32 -
.../org/apache/kerberos/kerb/crypto/Pbkdf.java | 40 -
.../org/apache/kerberos/kerb/crypto/Random.java | 33 -
.../org/apache/kerberos/kerb/crypto/Rc4.java | 63 --
.../cksum/AbstractCheckSumTypeHandler.java | 112 --
.../cksum/AbstractKeyedCheckSumTypeHandler.java | 75 --
.../crypto/cksum/CmacCamellia128CheckSum.java | 53 -
.../crypto/cksum/CmacCamellia256CheckSum.java | 53 -
.../kerb/crypto/cksum/CmacKcCheckSum.java | 36 -
.../crypto/cksum/ConfounderedDesCheckSum.java | 120 --
.../kerb/crypto/cksum/Crc32CheckSum.java | 35 -
.../kerb/crypto/cksum/DesCbcCheckSum.java | 33 -
.../kerb/crypto/cksum/HashProvider.java | 35 -
.../kerb/crypto/cksum/HmacKcCheckSum.java | 37 -
.../kerb/crypto/cksum/HmacMd5Rc4CheckSum.java | 73 --
.../crypto/cksum/HmacSha1Aes128CheckSum.java | 53 -
.../crypto/cksum/HmacSha1Aes256CheckSum.java | 53 -
.../kerb/crypto/cksum/HmacSha1Des3CheckSum.java | 53 -
.../kerberos/kerb/crypto/cksum/KcCheckSum.java | 48 -
.../kerb/crypto/cksum/Md5HmacRc4CheckSum.java | 70 --
.../kerb/crypto/cksum/RsaMd4CheckSum.java | 35 -
.../kerb/crypto/cksum/RsaMd4DesCheckSum.java | 34 -
.../kerb/crypto/cksum/RsaMd5CheckSum.java | 35 -
.../kerb/crypto/cksum/RsaMd5DesCheckSum.java | 34 -
.../kerb/crypto/cksum/Sha1CheckSum.java | 35 -
.../cksum/provider/AbstractHashProvider.java | 52 -
.../AbstractUnkeyedCheckSumTypeHandler.java | 54 -
.../crypto/cksum/provider/Crc32Provider.java | 40 -
.../kerb/crypto/cksum/provider/Md4Provider.java | 34 -
.../kerb/crypto/cksum/provider/Md5Provider.java | 27 -
.../provider/MessageDigestHashProvider.java | 56 -
.../crypto/cksum/provider/Sha1Provider.java | 27 -
.../kerb/crypto/enc/AbstractEncTypeHandler.java | 160 ---
.../kerb/crypto/enc/Aes128CtsHmacSha1Enc.java | 48 -
.../kerb/crypto/enc/Aes256CtsHmacSha1Enc.java | 48 -
.../kerb/crypto/enc/Camellia128CtsCmacEnc.java | 41 -
.../kerb/crypto/enc/Camellia256CtsCmacEnc.java | 41 -
.../kerb/crypto/enc/Des3CbcSha1Enc.java | 42 -
.../kerberos/kerb/crypto/enc/DesCbcCrcEnc.java | 55 -
.../kerberos/kerb/crypto/enc/DesCbcEnc.java | 88 --
.../kerberos/kerb/crypto/enc/DesCbcMd4Enc.java | 39 -
.../kerberos/kerb/crypto/enc/DesCbcMd5Enc.java | 39 -
.../kerb/crypto/enc/EncryptProvider.java | 43 -
.../kerberos/kerb/crypto/enc/KeKiCmacEnc.java | 53 -
.../kerberos/kerb/crypto/enc/KeKiEnc.java | 129 ---
.../kerb/crypto/enc/KeKiHmacSha1Enc.java | 50 -
.../kerberos/kerb/crypto/enc/Rc4HmacEnc.java | 149 ---
.../kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java | 33 -
.../enc/provider/AbstractEncryptProvider.java | 99 --
.../crypto/enc/provider/Aes128Provider.java | 27 -
.../crypto/enc/provider/Aes256Provider.java | 27 -
.../kerb/crypto/enc/provider/AesProvider.java | 62 --
.../enc/provider/Camellia128Provider.java | 27 -
.../enc/provider/Camellia256Provider.java | 27 -
.../crypto/enc/provider/CamelliaProvider.java | 58 -
.../kerb/crypto/enc/provider/Des3Provider.java | 65 --
.../kerb/crypto/enc/provider/DesProvider.java | 98 --
.../kerb/crypto/enc/provider/Rc4Provider.java | 49 -
.../kerb/crypto/key/AbstractKeyMaker.java | 93 --
.../kerberos/kerb/crypto/key/AesKeyMaker.java | 65 --
.../kerb/crypto/key/CamelliaKeyMaker.java | 121 --
.../kerberos/kerb/crypto/key/Des3KeyMaker.java | 79 --
.../kerberos/kerb/crypto/key/DesKeyMaker.java | 282 -----
.../kerberos/kerb/crypto/key/DkKeyMaker.java | 73 --
.../kerberos/kerb/crypto/key/KeyMaker.java | 29 -
.../kerberos/kerb/crypto/key/Rc4KeyMaker.java | 52 -
.../src/main/resources/kdc-krb5.conf | 25 -
.../kerb-crypto/src/main/resources/kdc.ldiff | 46 -
.../kerberos/kerb/crypto/CamelliaEncTest.java | 113 --
.../kerberos/kerb/crypto/CheckSumTest.java | 109 --
.../kerberos/kerb/crypto/CheckSumsTest.java | 233 ----
.../apache/kerberos/kerb/crypto/CmacTest.java | 85 --
.../apache/kerberos/kerb/crypto/Crc32Test.java | 119 --
.../kerberos/kerb/crypto/DecryptionTest.java | 985 -----------------
.../kerberos/kerb/crypto/DesKeyMakerTest.java | 65 --
.../kerberos/kerb/crypto/KeyDeriveTest.java | 228 ----
.../kerberos/kerb/crypto/String2keyTest.java | 583 ----------
.../src/test/resources/camellia-expect-vt.txt | 1036 ------------------
haox-kerb/kerb-identity/pom.xml | 46 -
.../kerberos/kerb/identity/Attribute.java | 36 -
.../kerb/identity/ComplexAttribute.java | 42 -
.../apache/kerberos/kerb/identity/Identity.java | 67 --
.../kerberos/kerb/identity/IdentityService.java | 31 -
.../kerberos/kerb/identity/KrbAttributes.java | 25 -
.../kerberos/kerb/identity/KrbIdentity.java | 126 ---
.../kerberos/kerb/identity/SimpleAttribute.java | 37 -
.../backend/AbstractIdentityBackend.java | 26 -
.../backend/InMemoryIdentityBackend.java | 76 --
.../identity/backend/SimpleIdentityBackend.java | 46 -
haox-kerb/kerb-kdc-test/pom.xml | 61 --
.../kerberos/kerb/server/TestKdcServer.java | 122 ---
.../kerb-kdc-test/src/main/resources/cacert.pem | 23 -
.../kerb-kdc-test/src/main/resources/cakey.pem | 27 -
.../src/main/resources/extensions.kdc | 36 -
.../src/main/resources/kdc-krb5.conf | 25 -
.../kerb-kdc-test/src/main/resources/kdc.ldiff | 46 -
.../src/main/resources/kdccert.pem | 26 -
.../kerb-kdc-test/src/main/resources/kdckey.pem | 27 -
.../src/main/resources/usercert.pem | 26 -
.../src/main/resources/userkey.pem | 27 -
.../apache/kerberos/kerb/server/KdcTest.java | 49 -
.../kerberos/kerb/server/KdcTestBase.java | 72 --
.../kerberos/kerb/server/WithCertKdcTest.java | 90 --
.../kerberos/kerb/server/WithTokenKdcTest.java | 57 -
haox-kerb/kerb-server/pom.xml | 61 --
.../apache/kerberos/kerb/server/KdcConfig.java | 153 ---
.../kerberos/kerb/server/KdcConfigKey.java | 95 --
.../apache/kerberos/kerb/server/KdcContext.java | 91 --
.../apache/kerberos/kerb/server/KdcHandler.java | 148 ---
.../apache/kerberos/kerb/server/KdcServer.java | 196 ----
.../kerberos/kerb/server/SimpleKdcServer.java | 43 -
.../server/preauth/AbstractPreauthPlugin.java | 91 --
.../kerb/server/preauth/FastContext.java | 36 -
.../kerb/server/preauth/KdcPreauth.java | 81 --
.../kerb/server/preauth/PreauthContext.java | 44 -
.../kerb/server/preauth/PreauthHandle.java | 56 -
.../kerb/server/preauth/PreauthHandler.java | 124 ---
.../server/preauth/builtin/EncTsPreauth.java | 60 -
.../kerb/server/preauth/builtin/TgtPreauth.java | 45 -
.../server/preauth/pkinit/PkinitKdcContext.java | 30 -
.../server/preauth/pkinit/PkinitPreauth.java | 93 --
.../preauth/pkinit/PkinitRequestContext.java | 30 -
.../preauth/token/TokenRequestContext.java | 32 -
.../kerb/server/replay/CacheService.java | 26 -
.../kerb/server/replay/ReplayCheckService.java | 25 -
.../server/replay/ReplayCheckServiceImpl.java | 40 -
.../kerb/server/replay/RequestRecord.java | 58 -
.../kerb/server/replay/SimpleCacheService.java | 46 -
.../kerberos/kerb/server/request/AsRequest.java | 91 --
.../kerb/server/request/KdcRequest.java | 521 ---------
.../kerb/server/request/TgsRequest.java | 196 ----
.../kerb-server/src/main/resources/kdc.conf | 51 -
.../apache/kerberos/kerb/server/KdcTest.java | 70 --
.../kerberos/kerb/server/TestKdcConfigLoad.java | 57 -
haox-kerb/kerb-util/pom.xml | 46 -
.../apache/kerberos/kerb/KrbInputStream.java | 74 --
.../apache/kerberos/kerb/KrbOutputStream.java | 66 --
.../kerb/ccache/CredCacheInputStream.java | 167 ---
.../kerb/ccache/CredCacheOutputStream.java | 123 ---
.../apache/kerberos/kerb/ccache/Credential.java | 225 ----
.../kerberos/kerb/ccache/CredentialCache.java | 278 -----
.../kerb/ccache/KrbCredentialCache.java | 57 -
.../org/apache/kerberos/kerb/ccache/Tag.java | 34 -
.../org/apache/kerberos/kerb/ccache/ccache.txt | 98 --
.../org/apache/kerberos/kerb/keytab/Keytab.java | 197 ----
.../kerberos/kerb/keytab/KeytabEntry.java | 121 --
.../kerberos/kerb/keytab/KeytabInputStream.java | 89 --
.../kerb/keytab/KeytabOutputStream.java | 63 --
.../apache/kerberos/kerb/keytab/KrbKeytab.java | 55 -
.../org/apache/kerberos/kerb/keytab/keytab.txt | 106 --
.../apache/kerberos/kerb/util/CcacheTest.java | 57 -
.../kerberos/kerb/util/EncryptionTest.java | 148 ---
.../org/apache/kerberos/kerb/util/KeysTest.java | 81 --
.../apache/kerberos/kerb/util/KeytabTest.java | 76 --
.../test/resources/aes128-cts-hmac-sha1-96.cc | Bin 691 -> 0 bytes
.../test/resources/aes256-cts-hmac-sha1-96.cc | Bin 725 -> 0 bytes
.../src/test/resources/arcfour-hmac.cc | Bin 692 -> 0 bytes
.../src/test/resources/camellia-expect-vt.txt | 1036 ------------------
.../src/test/resources/camellia128-cts-cmac.cc | Bin 700 -> 0 bytes
.../src/test/resources/camellia256-cts-cmac.cc | Bin 734 -> 0 bytes
.../kerb-util/src/test/resources/des-cbc-crc.cc | Bin 676 -> 0 bytes
.../src/test/resources/des3-cbc-sha1.cc | Bin 724 -> 0 bytes
.../kerb-util/src/test/resources/krbtgt.keytab | Bin 594 -> 0 bytes
haox-kerb/kerb-util/src/test/resources/test.cc | Bin 890 -> 0 bytes
.../kerb-util/src/test/resources/test.keytab | Bin 466 -> 0 bytes
haox-kerb/pom.xml | 48 -
kdc-backend/README | 5 +
kdc-backend/ldap-identity-backend/pom.xml | 41 +
.../identitybackend/LdapIdentityBackend.java | 77 ++
kdc-backend/pom.xml | 32 +
kerby-asn1/README.md | 301 +++++
kerby-asn1/pom.xml | 39 +
.../java/org/apache/kerby/asn1/Asn1Dump.java | 70 ++
.../java/org/apache/kerby/asn1/Asn1Factory.java | 44 +
.../org/apache/kerby/asn1/Asn1InputBuffer.java | 82 ++
.../org/apache/kerby/asn1/Asn1OutputBuffer.java | 72 ++
.../org/apache/kerby/asn1/EncodingOption.java | 84 ++
.../apache/kerby/asn1/LimitedByteBuffer.java | 121 ++
.../java/org/apache/kerby/asn1/TagClass.java | 74 ++
.../org/apache/kerby/asn1/TaggingOption.java | 68 ++
.../org/apache/kerby/asn1/UniversalTag.java | 106 ++
.../kerby/asn1/type/AbstractAsn1Type.java | 420 +++++++
.../org/apache/kerby/asn1/type/Asn1Any.java | 47 +
.../apache/kerby/asn1/type/Asn1BigInteger.java | 48 +
.../apache/kerby/asn1/type/Asn1BitString.java | 86 ++
.../apache/kerby/asn1/type/Asn1BmpString.java | 72 ++
.../org/apache/kerby/asn1/type/Asn1Boolean.java | 71 ++
.../org/apache/kerby/asn1/type/Asn1Choice.java | 173 +++
.../apache/kerby/asn1/type/Asn1Collection.java | 137 +++
.../kerby/asn1/type/Asn1CollectionOf.java | 88 ++
.../kerby/asn1/type/Asn1CollectionType.java | 195 ++++
.../apache/kerby/asn1/type/Asn1FieldInfo.java | 76 ++
.../kerby/asn1/type/Asn1GeneralString.java | 33 +
.../kerby/asn1/type/Asn1GeneralizedTime.java | 134 +++
.../apache/kerby/asn1/type/Asn1IA5String.java | 33 +
.../org/apache/kerby/asn1/type/Asn1Integer.java | 46 +
.../org/apache/kerby/asn1/type/Asn1Item.java | 155 +++
.../org/apache/kerby/asn1/type/Asn1Null.java | 52 +
.../kerby/asn1/type/Asn1NumericsString.java | 50 +
.../kerby/asn1/type/Asn1ObjectIdentifier.java | 164 +++
.../apache/kerby/asn1/type/Asn1OctetString.java | 51 +
.../kerby/asn1/type/Asn1PrintableString.java | 33 +
.../apache/kerby/asn1/type/Asn1Sequence.java | 30 +
.../apache/kerby/asn1/type/Asn1SequenceOf.java | 38 +
.../kerby/asn1/type/Asn1SequenceType.java | 37 +
.../org/apache/kerby/asn1/type/Asn1Set.java | 30 +
.../org/apache/kerby/asn1/type/Asn1SetOf.java | 30 +
.../org/apache/kerby/asn1/type/Asn1SetType.java | 37 +
.../org/apache/kerby/asn1/type/Asn1Simple.java | 184 ++++
.../org/apache/kerby/asn1/type/Asn1String.java | 292 +++++
.../apache/kerby/asn1/type/Asn1T61String.java | 33 +
.../kerby/asn1/type/Asn1T61Utf8String.java | 43 +
.../org/apache/kerby/asn1/type/Asn1Tagging.java | 104 ++
.../org/apache/kerby/asn1/type/Asn1Type.java | 41 +
.../kerby/asn1/type/Asn1UniversalString.java | 33 +
.../org/apache/kerby/asn1/type/Asn1UtcTime.java | 89 ++
.../apache/kerby/asn1/type/Asn1Utf8String.java | 47 +
.../kerby/asn1/type/Asn1VisibleString.java | 33 +
.../kerby/asn1/type/TaggingCollection.java | 105 ++
.../apache/kerby/asn1/type/TaggingSequence.java | 35 +
.../org/apache/kerby/asn1/type/TaggingSet.java | 35 +
.../org/apache/kerby/asn1/PersonnelRecord.java | 208 ++++
.../org/apache/kerby/asn1/TestAsn1Boolean.java | 56 +
.../apache/kerby/asn1/TestAsn1Collection.java | 58 +
.../org/apache/kerby/asn1/TestAsn1Input.java | 35 +
.../org/apache/kerby/asn1/TestAsn1Integer.java | 70 ++
.../kerby/asn1/TestAsn1ObjectIdentifier.java | 64 ++
.../org/apache/kerby/asn1/TestAsn1UtcTime.java | 70 ++
.../java/org/apache/kerby/asn1/TestData.java | 127 +++
.../apache/kerby/asn1/TestPersonnelRecord.java | 126 +++
.../apache/kerby/asn1/TestTaggingEncoding.java | 203 ++++
.../test/java/org/apache/kerby/asn1/Util.java | 72 ++
kerby-kdc/pom.xml | 55 +
.../kerberos/kdc/server/ApacheKdcServer.java | 41 +
.../kerby/kerberos/kdc/server/KdcTest.java | 70 ++
kerby-kerb/README | 2 +
kerby-kerb/kerb-client/pom.xml | 60 +
.../kerby/kerberos/kerb/client/KrbClient.java | 321 ++++++
.../kerby/kerberos/kerb/client/KrbConfig.java | 161 +++
.../kerberos/kerb/client/KrbConfigKey.java | 100 ++
.../kerby/kerberos/kerb/client/KrbContext.java | 97 ++
.../kerby/kerberos/kerb/client/KrbHandler.java | 99 ++
.../kerby/kerberos/kerb/client/KrbOption.java | 91 ++
.../kerby/kerberos/kerb/client/KrbOptions.java | 96 ++
.../kerb/client/event/KrbClientEvent.java | 43 +
.../kerb/client/event/KrbClientEventType.java | 29 +
.../client/preauth/AbstractPreauthPlugin.java | 122 +++
.../kerb/client/preauth/FastContext.java | 36 +
.../kerb/client/preauth/KrbPreauth.java | 107 ++
.../kerb/client/preauth/PreauthContext.java | 108 ++
.../kerb/client/preauth/PreauthHandle.java | 72 ++
.../kerb/client/preauth/PreauthHandler.java | 249 +++++
.../kerb/client/preauth/UserResponseItem.java | 31 +
.../kerb/client/preauth/UserResponser.java | 77 ++
.../client/preauth/builtin/EncTsPreauth.java | 94 ++
.../kerb/client/preauth/builtin/TgtPreauth.java | 66 ++
.../client/preauth/pkinit/PkinitContext.java | 30 +
.../client/preauth/pkinit/PkinitPreauth.java | 233 ++++
.../preauth/pkinit/PkinitRequestContext.java | 44 +
.../preauth/pkinit/PkinitRequestOpts.java | 40 +
.../kerb/client/preauth/token/TokenContext.java | 28 +
.../kerb/client/preauth/token/TokenPreauth.java | 124 +++
.../preauth/token/TokenRequestContext.java | 32 +
.../kerberos/kerb/client/request/AsRequest.java | 127 +++
.../kerb/client/request/AsRequestWithCert.java | 57 +
.../client/request/AsRequestWithPasswd.java | 50 +
.../kerb/client/request/AsRequestWithToken.java | 52 +
.../kerb/client/request/KdcRequest.java | 358 ++++++
.../kerb/client/request/TgsRequest.java | 136 +++
.../src/main/resources/kdc-krb5.conf | 25 +
.../kerb-client/src/main/resources/kdc.ldiff | 46 +
.../kerb-client/src/main/resources/krb5.conf | 57 +
.../kerberos/kerb/client/TestKrbConfigLoad.java | 71 ++
kerby-kerb/kerb-common/pom.xml | 50 +
.../apache/kerby/kerberos/kerb/KrbThrow.java | 35 +
.../org/apache/kerby/kerberos/kerb/Message.java | 43 +
.../apache/kerby/kerberos/kerb/MessageCode.java | 24 +
.../kerberos/kerb/common/EncryptionUtil.java | 98 ++
.../kerberos/kerb/common/KrbConfHelper.java | 104 ++
.../kerberos/kerb/common/KrbErrorUtil.java | 67 ++
.../kerb/common/KrbStreamingDecoder.java | 42 +
.../kerby/kerberos/kerb/common/KrbUtil.java | 49 +
.../kerberos/kerb/common/SectionConfigKey.java | 31 +
.../kerby/kerberos/kerb/preauth/PaFlag.java | 49 +
.../kerby/kerberos/kerb/preauth/PaFlags.java | 37 +
.../kerb/preauth/PluginRequestContext.java | 27 +
.../kerb/preauth/PreauthPluginMeta.java | 32 +
.../kerb/preauth/builtin/EncTsPreauthMeta.java | 45 +
.../kerb/preauth/builtin/TgtPreauthMeta.java | 48 +
.../kerb/preauth/pkinit/IdentityOpts.java | 44 +
.../kerb/preauth/pkinit/IdentityType.java | 29 +
.../kerb/preauth/pkinit/PkinitIdenity.java | 128 +++
.../kerb/preauth/pkinit/PkinitPreauthMeta.java | 46 +
.../kerb/preauth/pkinit/PluginOpts.java | 67 ++
.../kerb/preauth/token/TokenPreauthMeta.java | 46 +
kerby-kerb/kerb-core-test/pom.xml | 46 +
.../src/main/resources/aes128-kerberos-data | Bin 0 -> 1712 bytes
.../src/main/resources/aes128-key-data | 1 +
.../src/main/resources/aes128-spnego-data | Bin 0 -> 1778 bytes
.../src/main/resources/aes256-kerberos-data | Bin 0 -> 1744 bytes
.../src/main/resources/aes256-key-data | Bin 0 -> 32 bytes
.../src/main/resources/aes256-spnego-data | Bin 0 -> 1810 bytes
.../src/main/resources/asrep.token | Bin 0 -> 1241 bytes
.../src/main/resources/asreq.token | Bin 0 -> 291 bytes
.../src/main/resources/des-kerberos-data | Bin 0 -> 1773 bytes
.../src/main/resources/des-key-data | 1 +
.../src/main/resources/des-pac-data | Bin 0 -> 1072 bytes
.../src/main/resources/des-spnego-data | Bin 0 -> 1839 bytes
.../src/main/resources/exceptions.properties | 55 +
.../src/main/resources/rc4-kerberos-data | Bin 0 -> 1735 bytes
.../src/main/resources/rc4-key-data | 1 +
.../src/main/resources/rc4-pac-data | Bin 0 -> 1048 bytes
.../src/main/resources/rc4-spnego-data | Bin 0 -> 1801 bytes
.../src/main/resources/server.keytab | Bin 0 -> 387 bytes
.../src/main/resources/tgsrep.token | Bin 0 -> 1189 bytes
.../src/main/resources/tgsreq.token | Bin 0 -> 1211 bytes
.../apache/kerby/kerberos/kerb/codec/README.txt | 5 +
.../kerb/codec/kerberos/AuthzDataUtil.java | 67 ++
.../kerb/codec/kerberos/KerberosApRequest.java | 51 +
.../kerb/codec/kerberos/KerberosConstants.java | 44 +
.../codec/kerberos/KerberosCredentials.java | 55 +
.../kerb/codec/kerberos/KerberosTicket.java | 86 ++
.../kerb/codec/kerberos/KerberosToken.java | 58 +
.../kerby/kerberos/kerb/codec/pac/Pac.java | 113 ++
.../kerberos/kerb/codec/pac/PacConstants.java | 39 +
.../kerb/codec/pac/PacCredentialType.java | 41 +
.../kerb/codec/pac/PacDataInputStream.java | 158 +++
.../kerby/kerberos/kerb/codec/pac/PacGroup.java | 41 +
.../kerberos/kerb/codec/pac/PacLogonInfo.java | 322 ++++++
.../kerby/kerberos/kerb/codec/pac/PacSid.java | 130 +++
.../kerb/codec/pac/PacSidAttributes.java | 41 +
.../kerberos/kerb/codec/pac/PacSignature.java | 52 +
.../kerb/codec/pac/PacUnicodeString.java | 61 ++
.../kerb/codec/spnego/SpnegoConstants.java | 31 +
.../kerb/codec/spnego/SpnegoInitToken.java | 53 +
.../kerb/codec/spnego/SpnegoTargToken.java | 41 +
.../kerberos/kerb/codec/spnego/SpnegoToken.java | 67 ++
.../kerberos/kerb/codec/test/CodecTest.java | 46 +
.../kerberos/kerb/codec/test/CodecTestUtil.java | 32 +
.../kerb/codec/test/TestAsRepCodec.java | 74 ++
.../kerb/codec/test/TestAsReqCodec.java | 97 ++
.../kerberos/kerb/codec/test/TestKerberos.java | 267 +++++
.../kerby/kerberos/kerb/codec/test/TestPac.java | 154 +++
.../kerberos/kerb/codec/test/TestSpnego.java | 172 +++
.../kerb/codec/test/TestTgsRepCodec.java | 70 ++
.../kerb/codec/test/TestTgsReqCodec.java | 94 ++
kerby-kerb/kerb-core/pom.xml | 37 +
.../apache/kerby/kerberos/kerb/KrbConstant.java | 26 +
.../kerby/kerberos/kerb/KrbErrorCode.java | 128 +++
.../kerby/kerberos/kerb/KrbErrorException.java | 35 +
.../kerby/kerberos/kerb/KrbException.java | 43 +
.../kerby/kerberos/kerb/codec/KrbCodec.java | 93 ++
.../kerberos/kerb/spec/KerberosString.java | 34 +
.../kerberos/kerb/spec/KerberosStrings.java | 43 +
.../kerby/kerberos/kerb/spec/KerberosTime.java | 118 ++
.../kerberos/kerb/spec/KrbAppSequenceType.java | 57 +
.../kerby/kerberos/kerb/spec/KrbEnum.java | 24 +
.../kerby/kerberos/kerb/spec/KrbIntegers.java | 54 +
.../kerberos/kerb/spec/KrbSequenceOfType.java | 43 +
.../kerberos/kerb/spec/KrbSequenceType.java | 55 +
.../kerby/kerberos/kerb/spec/ap/ApOption.java | 58 +
.../kerby/kerberos/kerb/spec/ap/ApOptions.java | 33 +
.../kerby/kerberos/kerb/spec/ap/ApRep.java | 65 ++
.../kerby/kerberos/kerb/spec/ap/ApReq.java | 89 ++
.../kerberos/kerb/spec/ap/Authenticator.java | 144 +++
.../kerberos/kerb/spec/ap/EncAPRepPart.java | 85 ++
.../kerberos/kerb/spec/common/AdToken.java | 49 +
.../kerb/spec/common/AuthorizationData.java | 32 +
.../spec/common/AuthorizationDataEntry.java | 62 ++
.../kerb/spec/common/AuthorizationType.java | 143 +++
.../kerberos/kerb/spec/common/CheckSum.java | 95 ++
.../kerberos/kerb/spec/common/CheckSumType.java | 115 ++
.../kerb/spec/common/EncryptedData.java | 96 ++
.../kerb/spec/common/EncryptionKey.java | 107 ++
.../kerb/spec/common/EncryptionType.java | 132 +++
.../kerberos/kerb/spec/common/EtypeInfo.java | 29 +
.../kerberos/kerb/spec/common/EtypeInfo2.java | 29 +
.../kerb/spec/common/EtypeInfo2Entry.java | 73 ++
.../kerb/spec/common/EtypeInfoEntry.java | 61 ++
.../kerberos/kerb/spec/common/HostAddrType.java | 100 ++
.../kerberos/kerb/spec/common/HostAddress.java | 109 ++
.../kerb/spec/common/HostAddresses.java | 43 +
.../kerberos/kerb/spec/common/KeyUsage.java | 128 +++
.../kerberos/kerb/spec/common/KrbError.java | 166 +++
.../kerberos/kerb/spec/common/KrbFlags.java | 118 ++
.../kerberos/kerb/spec/common/KrbMessage.java | 54 +
.../kerb/spec/common/KrbMessageType.java | 59 +
.../kerberos/kerb/spec/common/KrbToken.java | 99 ++
.../kerb/spec/common/KrbTokenEncoder.java | 28 +
.../kerberos/kerb/spec/common/LastReq.java | 32 +
.../kerberos/kerb/spec/common/LastReqEntry.java | 62 ++
.../kerberos/kerb/spec/common/LastReqType.java | 62 ++
.../kerberos/kerb/spec/common/MethodData.java | 30 +
.../kerberos/kerb/spec/common/NameType.java | 54 +
.../kerb/spec/common/PrincipalName.java | 199 ++++
.../kerby/kerberos/kerb/spec/common/Realm.java | 34 +
.../kerberos/kerb/spec/common/SamType.java | 66 ++
.../kerberos/kerb/spec/common/TokenFormat.java | 50 +
.../kerb/spec/common/TransitedEncoding.java | 62 ++
.../kerb/spec/common/TransitedEncodingType.java | 51 +
.../kerberos/kerb/spec/fast/ArmorType.java | 50 +
.../kerberos/kerb/spec/fast/FastOption.java | 51 +
.../kerberos/kerb/spec/fast/FastOptions.java | 33 +
.../kerberos/kerb/spec/fast/KrbFastArmor.java | 64 ++
.../kerb/spec/fast/KrbFastArmoredRep.java | 52 +
.../kerb/spec/fast/KrbFastArmoredReq.java | 95 ++
.../kerb/spec/fast/KrbFastFinished.java | 82 ++
.../kerberos/kerb/spec/fast/KrbFastReq.java | 78 ++
.../kerb/spec/fast/KrbFastResponse.java | 90 ++
.../kerberos/kerb/spec/fast/PaAuthnEntry.java | 80 ++
.../kerberos/kerb/spec/fast/PaAuthnSet.java | 29 +
.../kerberos/kerb/spec/fast/PaFxFastReply.java | 48 +
.../kerb/spec/fast/PaFxFastRequest.java | 48 +
.../kerby/kerberos/kerb/spec/kdc/AsRep.java | 32 +
.../kerby/kerberos/kerb/spec/kdc/AsReq.java | 31 +
.../kerberos/kerb/spec/kdc/EncAsRepPart.java | 31 +
.../kerberos/kerb/spec/kdc/EncKdcRepPart.java | 177 +++
.../kerberos/kerb/spec/kdc/EncTgsRepPart.java | 31 +
.../kerby/kerberos/kerb/spec/kdc/KdcOption.java | 79 ++
.../kerberos/kerb/spec/kdc/KdcOptions.java | 33 +
.../kerby/kerberos/kerb/spec/kdc/KdcRep.java | 116 ++
.../kerby/kerberos/kerb/spec/kdc/KdcReq.java | 76 ++
.../kerberos/kerb/spec/kdc/KdcReqBody.java | 209 ++++
.../kerby/kerberos/kerb/spec/kdc/TgsRep.java | 31 +
.../kerby/kerberos/kerb/spec/kdc/TgsReq.java | 32 +
.../kerb/spec/pa/PaAuthenticationSet.java | 29 +
.../kerb/spec/pa/PaAuthenticationSetElem.java | 74 ++
.../kerby/kerberos/kerb/spec/pa/PaData.java | 41 +
.../kerberos/kerb/spec/pa/PaDataEntry.java | 69 ++
.../kerby/kerberos/kerb/spec/pa/PaDataType.java | 92 ++
.../kerby/kerberos/kerb/spec/pa/PaEncTsEnc.java | 66 ++
.../kerberos/kerb/spec/pa/otp/OtpTokenInfo.java | 69 ++
.../kerb/spec/pa/otp/PaOtpChallenge.java | 55 +
.../spec/pa/pkinit/AdInitialVerifiedCas.java | 28 +
.../spec/pa/pkinit/AlgorithmIdentifiers.java | 30 +
.../kerberos/kerb/spec/pa/pkinit/AuthPack.java | 82 ++
.../kerberos/kerb/spec/pa/pkinit/DHNonce.java | 28 +
.../kerberos/kerb/spec/pa/pkinit/DHRepInfo.java | 60 +
.../pa/pkinit/ExternalPrincipalIdentifier.java | 71 ++
.../kerb/spec/pa/pkinit/KdcDHKeyInfo.java | 65 ++
.../kerb/spec/pa/pkinit/Krb5PrincipalName.java | 61 ++
.../kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java | 60 +
.../kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java | 71 ++
.../kerb/spec/pa/pkinit/PkAuthenticator.java | 91 ++
.../kerb/spec/pa/pkinit/ReplyKeyPack.java | 61 ++
.../kerb/spec/pa/pkinit/TdDhParameters.java | 26 +
.../kerb/spec/pa/pkinit/TrustedCertifiers.java | 29 +
.../kerb/spec/pa/token/PaTokenChallenge.java | 40 +
.../kerb/spec/pa/token/PaTokenRequest.java | 61 ++
.../kerberos/kerb/spec/pa/token/TokenFlag.java | 51 +
.../kerberos/kerb/spec/pa/token/TokenFlags.java | 39 +
.../kerberos/kerb/spec/pa/token/TokenInfo.java | 62 ++
.../kerberos/kerb/spec/pa/token/TokenInfos.java | 29 +
.../kerb/spec/ticket/AbstractServiceTicket.java | 49 +
.../kerb/spec/ticket/EncTicketPart.java | 164 +++
.../kerb/spec/ticket/ServiceTicket.java | 28 +
.../kerberos/kerb/spec/ticket/TgtTicket.java | 36 +
.../kerby/kerberos/kerb/spec/ticket/Ticket.java | 99 ++
.../kerberos/kerb/spec/ticket/TicketFlag.java | 62 ++
.../kerberos/kerb/spec/ticket/TicketFlags.java | 39 +
.../kerberos/kerb/spec/ticket/Tickets.java | 29 +
.../kerb/spec/x509/AlgorithmIdentifier.java | 58 +
.../kerb/spec/x509/SubjectPublicKeyInfo.java | 60 +
kerby-kerb/kerb-crypto/pom.xml | 42 +
.../kerb/crypto/AbstractCryptoTypeHandler.java | 68 ++
.../kerby/kerberos/kerb/crypto/BytesUtil.java | 183 ++++
.../kerby/kerberos/kerb/crypto/Camellia.java | 250 +++++
.../kerby/kerberos/kerb/crypto/CamelliaKey.java | 433 ++++++++
.../kerberos/kerb/crypto/CheckSumHandler.java | 153 +++
.../kerb/crypto/CheckSumTypeHandler.java | 57 +
.../apache/kerby/kerberos/kerb/crypto/Cmac.java | 178 +++
.../kerby/kerberos/kerb/crypto/Confounder.java | 33 +
.../kerby/kerberos/kerb/crypto/Crc32.java | 78 ++
.../kerberos/kerb/crypto/CryptoTypeHandler.java | 34 +
.../apache/kerby/kerberos/kerb/crypto/Des.java | 84 ++
.../kerberos/kerb/crypto/EncTypeHandler.java | 58 +
.../kerberos/kerb/crypto/EncryptionHandler.java | 174 +++
.../apache/kerby/kerberos/kerb/crypto/Hmac.java | 82 ++
.../apache/kerby/kerberos/kerb/crypto/Md4.java | 338 ++++++
.../kerby/kerberos/kerb/crypto/Nfold.java | 102 ++
.../kerby/kerberos/kerb/crypto/Nonce.java | 32 +
.../kerby/kerberos/kerb/crypto/Pbkdf.java | 40 +
.../kerby/kerberos/kerb/crypto/Random.java | 33 +
.../apache/kerby/kerberos/kerb/crypto/Rc4.java | 63 ++
.../cksum/AbstractCheckSumTypeHandler.java | 112 ++
.../cksum/AbstractKeyedCheckSumTypeHandler.java | 75 ++
.../crypto/cksum/CmacCamellia128CheckSum.java | 53 +
.../crypto/cksum/CmacCamellia256CheckSum.java | 53 +
.../kerb/crypto/cksum/CmacKcCheckSum.java | 36 +
.../crypto/cksum/ConfounderedDesCheckSum.java | 120 ++
.../kerb/crypto/cksum/Crc32CheckSum.java | 35 +
.../kerb/crypto/cksum/DesCbcCheckSum.java | 33 +
.../kerb/crypto/cksum/HashProvider.java | 35 +
.../kerb/crypto/cksum/HmacKcCheckSum.java | 37 +
.../kerb/crypto/cksum/HmacMd5Rc4CheckSum.java | 73 ++
.../crypto/cksum/HmacSha1Aes128CheckSum.java | 53 +
.../crypto/cksum/HmacSha1Aes256CheckSum.java | 53 +
.../kerb/crypto/cksum/HmacSha1Des3CheckSum.java | 53 +
.../kerberos/kerb/crypto/cksum/KcCheckSum.java | 48 +
.../kerb/crypto/cksum/Md5HmacRc4CheckSum.java | 70 ++
.../kerb/crypto/cksum/RsaMd4CheckSum.java | 35 +
.../kerb/crypto/cksum/RsaMd4DesCheckSum.java | 34 +
.../kerb/crypto/cksum/RsaMd5CheckSum.java | 35 +
.../kerb/crypto/cksum/RsaMd5DesCheckSum.java | 34 +
.../kerb/crypto/cksum/Sha1CheckSum.java | 35 +
.../cksum/provider/AbstractHashProvider.java | 52 +
.../AbstractUnkeyedCheckSumTypeHandler.java | 54 +
.../crypto/cksum/provider/Crc32Provider.java | 40 +
.../kerb/crypto/cksum/provider/Md4Provider.java | 34 +
.../kerb/crypto/cksum/provider/Md5Provider.java | 27 +
.../provider/MessageDigestHashProvider.java | 56 +
.../crypto/cksum/provider/Sha1Provider.java | 27 +
.../kerb/crypto/enc/AbstractEncTypeHandler.java | 160 +++
.../kerb/crypto/enc/Aes128CtsHmacSha1Enc.java | 48 +
.../kerb/crypto/enc/Aes256CtsHmacSha1Enc.java | 48 +
.../kerb/crypto/enc/Camellia128CtsCmacEnc.java | 41 +
.../kerb/crypto/enc/Camellia256CtsCmacEnc.java | 41 +
.../kerb/crypto/enc/Des3CbcSha1Enc.java | 42 +
.../kerberos/kerb/crypto/enc/DesCbcCrcEnc.java | 55 +
.../kerberos/kerb/crypto/enc/DesCbcEnc.java | 88 ++
.../kerberos/kerb/crypto/enc/DesCbcMd4Enc.java | 39 +
.../kerberos/kerb/crypto/enc/DesCbcMd5Enc.java | 39 +
.../kerb/crypto/enc/EncryptProvider.java | 43 +
.../kerberos/kerb/crypto/enc/KeKiCmacEnc.java | 53 +
.../kerby/kerberos/kerb/crypto/enc/KeKiEnc.java | 129 +++
.../kerb/crypto/enc/KeKiHmacSha1Enc.java | 50 +
.../kerberos/kerb/crypto/enc/Rc4HmacEnc.java | 149 +++
.../kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java | 33 +
.../enc/provider/AbstractEncryptProvider.java | 99 ++
.../crypto/enc/provider/Aes128Provider.java | 27 +
.../crypto/enc/provider/Aes256Provider.java | 27 +
.../kerb/crypto/enc/provider/AesProvider.java | 62 ++
.../enc/provider/Camellia128Provider.java | 27 +
.../enc/provider/Camellia256Provider.java | 27 +
.../crypto/enc/provider/CamelliaProvider.java | 58 +
.../kerb/crypto/enc/provider/Des3Provider.java | 65 ++
.../kerb/crypto/enc/provider/DesProvider.java | 98 ++
.../kerb/crypto/enc/provider/Rc4Provider.java | 49 +
.../kerb/crypto/key/AbstractKeyMaker.java | 93 ++
.../kerberos/kerb/crypto/key/AesKeyMaker.java | 65 ++
.../kerb/crypto/key/CamelliaKeyMaker.java | 121 ++
.../kerberos/kerb/crypto/key/Des3KeyMaker.java | 79 ++
.../kerberos/kerb/crypto/key/DesKeyMaker.java | 282 +++++
.../kerberos/kerb/crypto/key/DkKeyMaker.java | 73 ++
.../kerberos/kerb/crypto/key/KeyMaker.java | 29 +
.../kerberos/kerb/crypto/key/Rc4KeyMaker.java | 52 +
.../src/main/resources/kdc-krb5.conf | 25 +
.../kerb-crypto/src/main/resources/kdc.ldiff | 46 +
.../kerberos/kerb/crypto/CamelliaEncTest.java | 113 ++
.../kerberos/kerb/crypto/CheckSumTest.java | 109 ++
.../kerberos/kerb/crypto/CheckSumsTest.java | 233 ++++
.../kerby/kerberos/kerb/crypto/CmacTest.java | 85 ++
.../kerby/kerberos/kerb/crypto/Crc32Test.java | 119 ++
.../kerberos/kerb/crypto/DecryptionTest.java | 985 +++++++++++++++++
.../kerberos/kerb/crypto/DesKeyMakerTest.java | 64 ++
.../kerberos/kerb/crypto/KeyDeriveTest.java | 228 ++++
.../kerberos/kerb/crypto/String2keyTest.java | 583 ++++++++++
.../src/test/resources/camellia-expect-vt.txt | 1036 ++++++++++++++++++
kerby-kerb/kerb-identity/pom.xml | 46 +
.../kerby/kerberos/kerb/identity/Attribute.java | 36 +
.../kerb/identity/ComplexAttribute.java | 42 +
.../kerby/kerberos/kerb/identity/Identity.java | 67 ++
.../kerberos/kerb/identity/IdentityService.java | 31 +
.../kerberos/kerb/identity/KrbAttributes.java | 25 +
.../kerberos/kerb/identity/KrbIdentity.java | 126 +++
.../kerberos/kerb/identity/SimpleAttribute.java | 37 +
.../backend/AbstractIdentityBackend.java | 26 +
.../backend/InMemoryIdentityBackend.java | 76 ++
.../identity/backend/SimpleIdentityBackend.java | 46 +
kerby-kerb/kerb-kdc-test/pom.xml | 61 ++
.../kerberos/kerb/server/TestKdcServer.java | 122 +++
.../kerb-kdc-test/src/main/resources/cacert.pem | 23 +
.../kerb-kdc-test/src/main/resources/cakey.pem | 27 +
.../src/main/resources/extensions.kdc | 36 +
.../src/main/resources/kdc-krb5.conf | 25 +
.../kerb-kdc-test/src/main/resources/kdc.ldiff | 46 +
.../src/main/resources/kdccert.pem | 26 +
.../kerb-kdc-test/src/main/resources/kdckey.pem | 27 +
.../src/main/resources/usercert.pem | 26 +
.../src/main/resources/userkey.pem | 27 +
.../kerby/kerberos/kerb/server/KdcTest.java | 49 +
.../kerby/kerberos/kerb/server/KdcTestBase.java | 71 ++
.../kerberos/kerb/server/WithCertKdcTest.java | 89 ++
.../kerberos/kerb/server/WithTokenKdcTest.java | 56 +
kerby-kerb/kerb-server/pom.xml | 61 ++
.../kerby/kerberos/kerb/server/KdcConfig.java | 153 +++
.../kerberos/kerb/server/KdcConfigKey.java | 94 ++
.../kerby/kerberos/kerb/server/KdcContext.java | 91 ++
.../kerby/kerberos/kerb/server/KdcHandler.java | 148 +++
.../kerby/kerberos/kerb/server/KdcServer.java | 196 ++++
.../kerberos/kerb/server/SimpleKdcServer.java | 43 +
.../server/preauth/AbstractPreauthPlugin.java | 91 ++
.../kerb/server/preauth/FastContext.java | 36 +
.../kerb/server/preauth/KdcPreauth.java | 81 ++
.../kerb/server/preauth/PreauthContext.java | 44 +
.../kerb/server/preauth/PreauthHandle.java | 56 +
.../kerb/server/preauth/PreauthHandler.java | 124 +++
.../server/preauth/builtin/EncTsPreauth.java | 60 +
.../kerb/server/preauth/builtin/TgtPreauth.java | 45 +
.../server/preauth/pkinit/PkinitKdcContext.java | 30 +
.../server/preauth/pkinit/PkinitPreauth.java | 93 ++
.../preauth/pkinit/PkinitRequestContext.java | 30 +
.../preauth/token/TokenRequestContext.java | 32 +
.../kerb/server/replay/CacheService.java | 26 +
.../kerb/server/replay/ReplayCheckService.java | 25 +
.../server/replay/ReplayCheckServiceImpl.java | 40 +
.../kerb/server/replay/RequestRecord.java | 58 +
.../kerb/server/replay/SimpleCacheService.java | 46 +
.../kerberos/kerb/server/request/AsRequest.java | 91 ++
.../kerb/server/request/KdcRequest.java | 521 +++++++++
.../kerb/server/request/TgsRequest.java | 196 ++++
.../kerb-server/src/main/resources/kdc.conf | 51 +
.../kerby/kerberos/kerb/server/KdcTest.java | 70 ++
.../kerberos/kerb/server/TestKdcConfigLoad.java | 57 +
kerby-kerb/kerb-util/pom.xml | 46 +
.../kerby/kerberos/kerb/KrbInputStream.java | 74 ++
.../kerby/kerberos/kerb/KrbOutputStream.java | 66 ++
.../kerb/ccache/CredCacheInputStream.java | 167 +++
.../kerb/ccache/CredCacheOutputStream.java | 123 +++
.../kerby/kerberos/kerb/ccache/Credential.java | 225 ++++
.../kerberos/kerb/ccache/CredentialCache.java | 278 +++++
.../kerb/ccache/KrbCredentialCache.java | 57 +
.../apache/kerby/kerberos/kerb/ccache/Tag.java | 34 +
.../kerby/kerberos/kerb/ccache/ccache.txt | 98 ++
.../kerby/kerberos/kerb/keytab/Keytab.java | 197 ++++
.../kerby/kerberos/kerb/keytab/KeytabEntry.java | 121 ++
.../kerberos/kerb/keytab/KeytabInputStream.java | 89 ++
.../kerb/keytab/KeytabOutputStream.java | 63 ++
.../kerby/kerberos/kerb/keytab/KrbKeytab.java | 55 +
.../kerby/kerberos/kerb/keytab/keytab.txt | 106 ++
.../kerby/kerberos/kerb/util/CcacheTest.java | 57 +
.../kerberos/kerb/util/EncryptionTest.java | 148 +++
.../kerby/kerberos/kerb/util/KeysTest.java | 81 ++
.../kerby/kerberos/kerb/util/KeytabTest.java | 76 ++
.../test/resources/aes128-cts-hmac-sha1-96.cc | Bin 0 -> 691 bytes
.../test/resources/aes256-cts-hmac-sha1-96.cc | Bin 0 -> 725 bytes
.../src/test/resources/arcfour-hmac.cc | Bin 0 -> 692 bytes
.../src/test/resources/camellia-expect-vt.txt | 1036 ++++++++++++++++++
.../src/test/resources/camellia128-cts-cmac.cc | Bin 0 -> 700 bytes
.../src/test/resources/camellia256-cts-cmac.cc | Bin 0 -> 734 bytes
.../kerb-util/src/test/resources/des-cbc-crc.cc | Bin 0 -> 676 bytes
.../src/test/resources/des3-cbc-sha1.cc | Bin 0 -> 724 bytes
.../kerb-util/src/test/resources/krbtgt.keytab | Bin 0 -> 594 bytes
kerby-kerb/kerb-util/src/test/resources/test.cc | Bin 0 -> 890 bytes
.../kerb-util/src/test/resources/test.keytab | Bin 0 -> 466 bytes
kerby-kerb/pom.xml | 48 +
lib/kerby-config/README | 1 +
lib/kerby-config/pom.xml | 37 +
.../main/java/org/apache/kerby/config/Conf.java | 285 +++++
.../java/org/apache/kerby/config/Config.java | 58 +
.../org/apache/kerby/config/ConfigImpl.java | 346 ++++++
.../java/org/apache/kerby/config/ConfigKey.java | 25 +
.../org/apache/kerby/config/ConfigLoader.java | 50 +
.../org/apache/kerby/config/ConfigObject.java | 80 ++
.../apache/kerby/config/IniConfigLoader.java | 69 ++
.../apache/kerby/config/JsonConfigLoader.java | 27 +
.../apache/kerby/config/MapConfigLoader.java | 34 +
.../kerby/config/PropertiesConfigLoader.java | 43 +
.../config/PropertiesFileConfigLoader.java | 33 +
.../java/org/apache/kerby/config/Resource.java | 119 ++
.../apache/kerby/config/XmlConfigLoader.java | 159 +++
.../java/org/apache/kerby/config/ConfTest.java | 133 +++
.../org/apache/kerby/config/ConfigImplTest.java | 62 ++
.../org/apache/kerby/config/IniConfigTest.java | 76 ++
lib/kerby-event/README | 1 +
lib/kerby-event/pom.xml | 28 +
.../kerby/event/AbstractEventHandler.java | 55 +
.../event/AbstractInternalEventHandler.java | 66 ++
.../kerby/event/BufferedEventHandler.java | 53 +
.../java/org/apache/kerby/event/Dispatcher.java | 29 +
.../main/java/org/apache/kerby/event/Event.java | 43 +
.../org/apache/kerby/event/EventHandler.java | 31 +
.../java/org/apache/kerby/event/EventHub.java | 192 ++++
.../java/org/apache/kerby/event/EventType.java | 24 +
.../org/apache/kerby/event/EventWaiter.java | 35 +
.../kerby/event/ExecutedEventHandler.java | 76 ++
.../kerby/event/InternalEventHandler.java | 34 +
.../kerby/event/LongRunningEventHandler.java | 77 ++
.../apache/kerby/event/WaitEventHandler.java | 128 +++
.../org/apache/kerby/transport/Acceptor.java | 36 +
.../org/apache/kerby/transport/Connector.java | 36 +
.../apache/kerby/transport/MessageHandler.java | 42 +
.../org/apache/kerby/transport/Network.java | 297 +++++
.../org/apache/kerby/transport/Transport.java | 84 ++
.../kerby/transport/TransportHandler.java | 34 +
.../kerby/transport/TransportSelector.java | 100 ++
.../kerby/transport/buffer/BufferPool.java | 33 +
.../kerby/transport/buffer/BufferUtil.java | 42 +
.../kerby/transport/buffer/RecvBuffer.java | 155 +++
.../kerby/transport/buffer/TransBuffer.java | 49 +
.../kerby/transport/event/AddressEvent.java | 39 +
.../kerby/transport/event/MessageEvent.java | 41 +
.../kerby/transport/event/TransportEvent.java | 56 +
.../transport/event/TransportEventType.java | 29 +
.../kerby/transport/tcp/DecodingCallback.java | 38 +
.../kerby/transport/tcp/StreamingDecoder.java | 26 +
.../apache/kerby/transport/tcp/TcpAcceptor.java | 112 ++
.../kerby/transport/tcp/TcpAddressEvent.java | 36 +
.../kerby/transport/tcp/TcpConnector.java | 94 ++
.../kerby/transport/tcp/TcpEventType.java | 27 +
.../kerby/transport/tcp/TcpTransport.java | 110 ++
.../transport/tcp/TcpTransportHandler.java | 77 ++
.../apache/kerby/transport/udp/UdpAcceptor.java | 84 ++
.../kerby/transport/udp/UdpAddressEvent.java | 36 +
.../kerby/transport/udp/UdpChannelEvent.java | 47 +
.../kerby/transport/udp/UdpConnector.java | 76 ++
.../kerby/transport/udp/UdpEventType.java | 29 +
.../kerby/transport/udp/UdpTransport.java | 65 ++
.../transport/udp/UdpTransportHandler.java | 109 ++
.../java/org/apache/kerby/event/TestBuffer.java | 50 +
.../kerby/event/network/TestNetworkBase.java | 58 +
.../kerby/event/network/TestNetworkClient.java | 212 ++++
.../kerby/event/network/TestNetworkServer.java | 110 ++
.../org/apache/kerby/event/tcp/TestTcpBase.java | 57 +
.../apache/kerby/event/tcp/TestTcpClient.java | 160 +++
.../apache/kerby/event/tcp/TestTcpServer.java | 90 ++
.../org/apache/kerby/event/udp/TestUdpBase.java | 41 +
.../apache/kerby/event/udp/TestUdpClient.java | 149 +++
.../apache/kerby/event/udp/TestUdpServer.java | 89 ++
lib/kerby-pkix/pom.xml | 39 +
.../main/java/org/apache/kerby/pki/Pkix.java | 87 ++
lib/kerby-pkix/src/main/resources/cacert.pem | 23 +
lib/kerby-pkix/src/main/resources/cakey.pem | 27 +
.../src/main/resources/extensions.kdc | 36 +
lib/kerby-pkix/src/main/resources/kdccert.pem | 26 +
lib/kerby-pkix/src/main/resources/kdckey.pem | 27 +
lib/kerby-pkix/src/main/resources/usercert.pem | 26 +
lib/kerby-pkix/src/main/resources/userkey.pem | 27 +
.../java/org/apache/kerby/pki/PkixTest.java | 60 +
lib/kerby-token/pom.xml | 44 +
.../org/apache/kerby/token/AuthzDataEntry.java | 52 +
.../java/org/apache/kerby/token/KerbToken.java | 47 +
.../java/org/apache/kerby/token/TokenCache.java | 82 ++
.../org/apache/kerby/token/TokenExtractor.java | 101 ++
.../java/org/apache/kerby/token/TokenTool.java | 124 +++
lib/kerby-util/pom.xml | 29 +
.../java/org/apache/kerby/util/HexUtil.java | 58 +
lib/pom.xml | 45 +
pom.xml | 26 +-
tool/pom.xml | 45 +
.../java/org/apache/kerberos/tool/Kinit.java | 42 +
1154 files changed, 44969 insertions(+), 44989 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/3rdparty/not-yet-commons-ssl/pom.xml
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/pom.xml b/3rdparty/not-yet-commons-ssl/pom.xml
index b975ebf..92dcd42 100644
--- a/3rdparty/not-yet-commons-ssl/pom.xml
+++ b/3rdparty/not-yet-commons-ssl/pom.xml
@@ -16,7 +16,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
- <groupId>org.haox</groupId>
+ <groupId>org.apache.kerby</groupId>
<artifactId>3rdparty</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/3rdparty/pom.xml
----------------------------------------------------------------------
diff --git a/3rdparty/pom.xml b/3rdparty/pom.xml
index 5323f4d..9474003 100644
--- a/3rdparty/pom.xml
+++ b/3rdparty/pom.xml
@@ -16,8 +16,8 @@
<modelVersion>4.0.0</modelVersion>
<parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/benchmark/pom.xml
----------------------------------------------------------------------
diff --git a/benchmark/pom.xml b/benchmark/pom.xml
index 902d77c..aa81e51 100644
--- a/benchmark/pom.xml
+++ b/benchmark/pom.xml
@@ -13,115 +13,111 @@
limitations under the License. See accompanying LICENSE file.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <artifactId>haox-all</artifactId>
- <groupId>org.haox</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
+ <modelVersion>4.0.0</modelVersion>
- <artifactId>benchmark</artifactId>
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
- <name>Haox benchmark</name>
- <description>Haox benchmark tests</description>
+ <artifactId>benchmark</artifactId>
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-asn1</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-util</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-core-api</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-ldap-schema-data</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-interceptor-kerberos</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-ldap-schema-data</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-protocol-shared</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-protocol-kerberos</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- <exclusions>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-ldif-partition</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-ldap-schema-data</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-mavibot-partition</artifactId>
- <version>2.0.0-M15</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-ldap-schema-data</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-all</artifactId>
- <version>1.0.0-M20</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>xml-apis</groupId>
- <artifactId>xml-apis</artifactId>
- </exclusion>
- <exclusion>
- <groupId>xpp3</groupId>
- <artifactId>xpp3</artifactId>
- </exclusion>
- <exclusion>
- <groupId>dom4j</groupId>
- <artifactId>dom4j</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- </dependencies>
+ <name>Kerby benchmark</name>
+ <description>Kerby benchmark tests</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-asn1</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-core-api</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-schema-data</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-interceptor-kerberos</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-schema-data</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-protocol-shared</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-protocol-kerberos</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ <exclusions>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-ldif-partition</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-schema-data</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-mavibot-partition</artifactId>
+ <version>2.0.0-M15</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-schema-data</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-all</artifactId>
+ <version>1.0.0-M20</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>xml-apis</groupId>
+ <artifactId>xml-apis</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xpp3</groupId>
+ <artifactId>xpp3</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>dom4j</groupId>
+ <artifactId>dom4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ </dependencies>
</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/benchmark/src/test/java/org/apache/kerberos/benchmark/KrbCodecPerfTest.java
----------------------------------------------------------------------
diff --git a/benchmark/src/test/java/org/apache/kerberos/benchmark/KrbCodecPerfTest.java b/benchmark/src/test/java/org/apache/kerberos/benchmark/KrbCodecPerfTest.java
deleted file mode 100644
index b1864d4..0000000
--- a/benchmark/src/test/java/org/apache/kerberos/benchmark/KrbCodecPerfTest.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.benchmark;
-
-import org.apache.directory.api.asn1.DecoderException;
-import org.apache.directory.api.asn1.EncoderException;
-import org.apache.directory.api.asn1.ber.Asn1Decoder;
-import org.apache.directory.shared.kerberos.codec.apReq.ApReqContainer;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.ap.ApReq;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.ByteBuffer;
-
-public class KrbCodecPerfTest {
-
- public static void main(String[] args) throws KrbException, IOException, DecoderException, EncoderException {
- InputStream is = KrbCodecPerfTest.class.getResourceAsStream("/apreq.token");
- byte[] bytes = new byte[is.available()];
- is.read(bytes);
-
- int times = 1000000;
- perfApacheDS(ByteBuffer.wrap(bytes), times);
- perfHaox(ByteBuffer.wrap(bytes), times);
- }
-
- private static void perfHaox(ByteBuffer apreqToken, int times) throws KrbException, IOException {
- long start = System.currentTimeMillis();
-
- for (int i = 0; i < times; ++i) {
- //ApReq apReq = KrbCodec.decode(apreqToken, ApReq.class);
- ApReq apReq = new ApReq(); apReq.decode(apreqToken);
- if (apReq == null) {
- throw new RuntimeException("Decoding failed");
- }
- String serverName = apReq.getTicket().getSname().toString();
-
- apreqToken.rewind();
- }
-
- long end = System.currentTimeMillis();
- System.out.println("HaoxCodec takes:" + (end - start));
- }
-
- private static void perfApacheDS(ByteBuffer apreqToken, int times) throws EncoderException, DecoderException {
- long start = System.currentTimeMillis();
-
- for (int i = 0; i < times; ++i) {
- Asn1Decoder krbDecoder = new Asn1Decoder();
- ApReqContainer apreqContainer = new ApReqContainer(apreqToken);
- krbDecoder.decode(apreqToken, apreqContainer);
- String serverName = apreqContainer.getApReq().getTicket().getSName().toString();
-
- apreqToken.rewind();
- }
-
- long end = System.currentTimeMillis();
- System.out.println("ApacheDS takes:" + (end - start));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/benchmark/src/test/java/org/apache/kerby/kerberos/benchmark/KrbCodecPerfTest.java
----------------------------------------------------------------------
diff --git a/benchmark/src/test/java/org/apache/kerby/kerberos/benchmark/KrbCodecPerfTest.java b/benchmark/src/test/java/org/apache/kerby/kerberos/benchmark/KrbCodecPerfTest.java
new file mode 100644
index 0000000..cf151dc
--- /dev/null
+++ b/benchmark/src/test/java/org/apache/kerby/kerberos/benchmark/KrbCodecPerfTest.java
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.benchmark;
+
+import org.apache.directory.api.asn1.DecoderException;
+import org.apache.directory.api.asn1.EncoderException;
+import org.apache.directory.api.asn1.ber.Asn1Decoder;
+import org.apache.directory.shared.kerberos.codec.apReq.ApReqContainer;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApReq;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.ByteBuffer;
+
+public class KrbCodecPerfTest {
+
+ public static void main(String[] args) throws KrbException, IOException, DecoderException, EncoderException {
+ InputStream is = KrbCodecPerfTest.class.getResourceAsStream("/apreq.token");
+ byte[] bytes = new byte[is.available()];
+ is.read(bytes);
+
+ int times = 1000000;
+ perfApacheDS(ByteBuffer.wrap(bytes), times);
+ perfHaox(ByteBuffer.wrap(bytes), times);
+ }
+
+ private static void perfHaox(ByteBuffer apreqToken, int times) throws KrbException, IOException {
+ long start = System.currentTimeMillis();
+
+ for (int i = 0; i < times; ++i) {
+ //ApReq apReq = KrbCodec.decode(apreqToken, ApReq.class);
+ ApReq apReq = new ApReq(); apReq.decode(apreqToken);
+ if (apReq == null) {
+ throw new RuntimeException("Decoding failed");
+ }
+ String serverName = apReq.getTicket().getSname().toString();
+
+ apreqToken.rewind();
+ }
+
+ long end = System.currentTimeMillis();
+ System.out.println("HaoxCodec takes:" + (end - start));
+ }
+
+ private static void perfApacheDS(ByteBuffer apreqToken, int times) throws EncoderException, DecoderException {
+ long start = System.currentTimeMillis();
+
+ for (int i = 0; i < times; ++i) {
+ Asn1Decoder krbDecoder = new Asn1Decoder();
+ ApReqContainer apreqContainer = new ApReqContainer(apreqToken);
+ krbDecoder.decode(apreqToken, apreqContainer);
+ String serverName = apreqContainer.getApReq().getTicket().getSName().toString();
+
+ apreqToken.rewind();
+ }
+
+ long end = System.currentTimeMillis();
+ System.out.println("ApacheDS takes:" + (end - start));
+ }
+
+}
[15/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2Entry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2Entry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2Entry.java
new file mode 100644
index 0000000..f435b93
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfo2Entry.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO2-ENTRY ::= SEQUENCE {
+ etype [0] Int32,
+ salt [1] KerberosString OPTIONAL,
+ s2kparams [2] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfo2Entry extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int SALT = 1;
+ private static int S2KPARAMS = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(SALT, 1, KerberosString.class),
+ new Asn1FieldInfo(S2KPARAMS, 2, Asn1OctetString.class)
+ };
+
+ public EtypeInfo2Entry() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEtype() {
+ return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+ }
+
+ public void setEtype(EncryptionType etype) {
+ setField(ETYPE, etype);
+ }
+
+ public String getSalt() {
+ return getFieldAsString(SALT);
+ }
+
+ public void setSalt(String salt) {
+ setFieldAsString(SALT, salt);
+ }
+
+ public byte[] getS2kParams() {
+ return getFieldAsOctets(S2KPARAMS);
+ }
+
+ public void setS2kParams(byte[] s2kParams) {
+ setFieldAsOctets(S2KPARAMS, s2kParams);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfoEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfoEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfoEntry.java
new file mode 100644
index 0000000..a93951d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/EtypeInfoEntry.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO-ENTRY ::= SEQUENCE {
+ etype [0] Int32,
+ salt [1] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfoEntry extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int SALT = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(SALT, 1, Asn1OctetString.class)
+ };
+
+ public EtypeInfoEntry() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEtype() {
+ return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+ }
+
+ public void setEtype(EncryptionType etype) {
+ setField(ETYPE, etype);
+ }
+
+ public byte[] getSalt() {
+ return getFieldAsOctets(SALT);
+ }
+
+ public void setSalt(byte[] salt) {
+ setFieldAsOctets(SALT, salt);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddrType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddrType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddrType.java
new file mode 100644
index 0000000..0fdb752
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddrType.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum HostAddrType implements KrbEnum {
+ /**
+ * Constant for the "null" host address type.
+ */
+ NULL(0),
+
+ /**
+ * Constant for the "Internet" host address type.
+ */
+ ADDRTYPE_INET(2),
+
+ /**
+ * Constant for the "Arpanet" host address type.
+ */
+ ADDRTYPE_IMPLINK(3),
+
+ /**
+ * Constant for the "CHAOS" host address type.
+ */
+ ADDRTYPE_CHAOS(5),
+
+ /**
+ * Constant for the "XEROX Network Services" host address type.
+ */
+ ADDRTYPE_XNS(6),
+
+ /**
+ * Constant for the "OSI" host address type.
+ */
+ ADDRTYPE_OSI(7),
+
+ /**
+ * Constant for the "DECnet" host address type.
+ */
+ ADDRTYPE_DECNET(12),
+
+ /**
+ * Constant for the "AppleTalk" host address type.
+ */
+ ADDRTYPE_APPLETALK(16),
+
+ /**
+ * Constant for the "NetBios" host address type.
+ *
+ * Not in RFC
+ */
+ ADDRTYPE_NETBIOS(20),
+
+ /**
+ * Constant for the "Internet Protocol V6" host address type.
+ */
+ ADDRTYPE_INET6(24);
+
+
+ private final int value;
+
+ private HostAddrType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static HostAddrType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (HostAddrType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddress.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddress.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddress.java
new file mode 100644
index 0000000..51928c6
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddress.java
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.net.InetAddress;
+import java.util.Arrays;
+
+/*
+HostAddress ::= SEQUENCE {
+ addr-type [0] Int32,
+ address [1] OCTET STRING
+}
+ */
+public class HostAddress extends KrbSequenceType {
+ private static int ADDR_TYPE = 0;
+ private static int ADDRESS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ADDR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(ADDRESS, 1, Asn1OctetString.class)
+ };
+
+ public HostAddress() {
+ super(fieldInfos);
+ }
+
+ public HostAddress(InetAddress inetAddress) {
+ this();
+
+ setAddrType(HostAddrType.ADDRTYPE_INET);
+ setAddress(inetAddress.getAddress());
+ }
+
+ public HostAddrType getAddrType() {
+ Integer value = getFieldAsInteger(ADDR_TYPE);
+ return HostAddrType.fromValue(value);
+ }
+
+ public void setAddrType(HostAddrType addrType) {
+ setField(ADDR_TYPE, addrType);
+ }
+
+ public byte[] getAddress() {
+ return getFieldAsOctets(ADDRESS);
+ }
+
+ public void setAddress(byte[] address) {
+ setFieldAsOctets(ADDRESS, address);
+ }
+
+ public boolean equalsWith(InetAddress address) {
+ if (address == null) {
+ return false;
+ }
+ HostAddress that = new HostAddress(address);
+ return that.equals(this);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (other == null) {
+ return false;
+ }
+ if (other == this) {
+ return true;
+ } else if (! (other instanceof HostAddress)) {
+ return false;
+ }
+
+ HostAddress that = (HostAddress) other;
+ if (getAddrType() == that.getAddrType() &&
+ Arrays.equals(getAddress(), that.getAddress())) {
+ return true;
+ }
+ return false;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = getAddrType().getValue();
+ if (getAddress() != null) {
+ result = 31 * result + getAddress().hashCode();
+ }
+
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddresses.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddresses.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddresses.java
new file mode 100644
index 0000000..9121ce5
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/HostAddresses.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+import java.net.InetAddress;
+
+/**
+ -- NOTE: HostAddresses is always used as an OPTIONAL field and
+ -- should not be empty.
+ HostAddresses -- NOTE: subtly different from rfc1510,
+ -- but has a value mapping and encodes the same
+ ::= SEQUENCE OF HostAddress
+ */
+public class HostAddresses extends KrbSequenceOfType<HostAddress> {
+
+ public boolean contains(InetAddress address) {
+ for (HostAddress hostAddress : getElements()) {
+ if (hostAddress.equalsWith(address)) {
+ return true;
+ }
+ }
+ return false;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KeyUsage.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KeyUsage.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KeyUsage.java
new file mode 100644
index 0000000..a1055da
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KeyUsage.java
@@ -0,0 +1,128 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * From krb5.hin
+ */
+public enum KeyUsage implements KrbEnum
+{
+ UNKNOWN(-1),
+ NONE(0),
+ //AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key
+ AS_REQ_PA_ENC_TS(1),
+ //AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key),
+ //encrypted with the service key (Section 5.3)
+ KDC_REP_TICKET(2),
+ //AS-REP encrypted part (includes TGS session key or application session key),
+ //encrypted with the client key (Section 5.4.2)
+ AS_REP_ENCPART(3),
+ //TGS-REQ KDC-REQ-BODY AuthorizationData,
+ //encrypted with the TGS session key (Section 5.4.1)
+ TGS_REQ_AD_SESSKEY(4),
+ //TGS-REQ KDC-REQ-BODY AuthorizationData,
+ //encrypted with the TGS authenticator subkey (Section 5.4.1)
+ TGS_REQ_AD_SUBKEY(5),
+ //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum,
+ //keyed with the TGS session key (Section 5.5.1)
+ TGS_REQ_AUTH_CKSUM(6),
+ //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey),
+ //encrypted with the TGS session key (Section 5.5.1)
+ TGS_REQ_AUTH(7),
+ //TGS-REP encrypted part (includes application session key),
+ //encrypted with the TGS session key (Section 5.4.2)
+ TGS_REP_ENCPART_SESSKEY(8),
+ //TGS-REP encrypted part (includes application session key),
+ //encrypted with the TGS authenticator subkey (Section 5.4.2)
+ TGS_REP_ENCPART_SUBKEY(9),
+ //AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
+ AP_REQ_AUTH_CKSUM(10),
+ //AP-REQ Authenticator (includes application authenticator subkey),
+ //encrypted with the application session key (Section 5.5.1)
+ AP_REQ_AUTH(11),
+ //AP-REP encrypted part (includes application session subkey),
+ //encrypted with the application session key (Section 5.5.2)
+ AP_REP_ENCPART(12),
+ //KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
+ KRB_PRIV_ENCPART(13),
+ KRB_CRED_ENCPART(14),
+ KRB_SAFE_CKSUM(15),
+ APP_DATA_ENCRYPT(16),
+ APP_DATA_CKSUM(17),
+ KRB_ERROR_CKSUM(18),
+ AD_KDCISSUED_CKSUM(19),
+ AD_MTE(20),
+ AD_ITE(21),
+ GSS_TOK_MIC(22),
+ GSS_TOK_WRAP_INTEG(23),
+ GSS_TOK_WRAP_PRIV(24),
+ //Defined in Integrating SAM Mechanisms with Kerberos draft
+ PA_SAM_CHALLENGE_CKSUM(25),
+ //Note conflict with @ref PA_S4U_X509_USER_REQUEST
+ PA_SAM_CHALLENGE_TRACKID(26),
+ //Note conflict with @ref PA_S4U_X509_USER_REPLY
+ PA_SAM_RESPONSE(27),
+ //Defined in [MS-SFU]
+ //Note conflict with @ref PA_SAM_CHALLENGE_TRACKID
+ PA_S4U_X509_USER_REQUEST(26),
+ //Note conflict with @ref PA_SAM_RESPONSE
+ PA_S4U_X509_USER_REPLY(27),
+ //unused
+ PA_REFERRAL(26),
+ AD_SIGNEDPATH(-21),
+ IAKERB_FINISHED(42),
+ PA_PKINIT_KX(44),
+ PA_OTP_REQUEST(45), //See RFC 6560 section 4.2
+ //define in preauth-framework
+ FAST_REQ_CHKSUM(50),
+ FAST_ENC(51),
+ FAST_REP(52),
+ FAST_FINISHED(53),
+ ENC_CHALLENGE_CLIENT(54),
+ ENC_CHALLENGE_KDC(55),
+ AS_REQ(56);
+
+ private int value;
+
+ private KeyUsage(int value) {
+ this.value = value;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public static KeyUsage fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (KeyUsage) e;
+ }
+ }
+ }
+ return UNKNOWN;
+ }
+
+ public static final boolean isValid(int usage) {
+ return usage > -1;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbError.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbError.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbError.java
new file mode 100644
index 0000000..1d19c88
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbError.java
@@ -0,0 +1,166 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+
+/**
+ KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (30),
+ ctime [2] KerberosTime OPTIONAL,
+ cusec [3] Microseconds OPTIONAL,
+ stime [4] KerberosTime,
+ susec [5] Microseconds,
+ error-code [6] Int32,
+ crealm [7] Realm OPTIONAL,
+ cname [8] PrincipalName OPTIONAL,
+ realm [9] Realm -- service realm --,
+ sname [10] PrincipalName -- service name --,
+ e-text [11] KerberosString OPTIONAL,
+ e-data [12] OCTET STRING OPTIONAL
+ }
+ */
+public class KrbError extends KrbMessage {
+ private static int CTIME = 2;
+ private static int CUSEC = 3;
+ private static int STIME = 4;
+ private static int SUSEC = 5;
+ private static int ERROR_CODE = 6;
+ private static int CREALM = 7;
+ private static int CNAME = 8;
+ private static int REALM = 9;
+ private static int SNAME = 10;
+ private static int ETEXT = 11;
+ private static int EDATA = 12;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, KerberosTime.class),
+ new Asn1FieldInfo(CUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(STIME, KerberosTime.class),
+ new Asn1FieldInfo(SUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(ERROR_CODE, Asn1Integer.class),
+ new Asn1FieldInfo(CREALM, KerberosString.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(REALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(ETEXT, KerberosString.class),
+ new Asn1FieldInfo(EDATA, Asn1OctetString.class)
+ };
+
+ public KrbError() {
+ super(KrbMessageType.KRB_ERROR, fieldInfos);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAs(CTIME, KerberosTime.class);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(0, cusec);
+ }
+
+ public KerberosTime getStime() {
+ return getFieldAs(STIME, KerberosTime.class);
+ }
+
+ public void setStime(KerberosTime stime) {
+ setFieldAs(STIME, stime);
+ }
+
+ public int getSusec() {
+ return getFieldAsInt(SUSEC);
+ }
+
+ public void setSusec(int susec) {
+ setFieldAsInt(0, susec);
+ }
+
+ public KrbErrorCode getErrorCode() {
+ return KrbErrorCode.fromValue(getFieldAsInt(ERROR_CODE));
+ }
+
+ public void setErrorCode(KrbErrorCode errorCode) {
+ setField(0, errorCode);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String realm) {
+ setFieldAs(CREALM, new KerberosString(realm));
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName sname) {
+ setFieldAs(CNAME, sname);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+
+ public String getEtext() {
+ return getFieldAsString(ETEXT);
+ }
+
+ public void setEtext(String realm) {
+ setFieldAs(ETEXT, new KerberosString(realm));
+ }
+
+ public byte[] getEdata() {
+ return getFieldAsOctetBytes(EDATA);
+ }
+
+ public void setEdata(byte[] edata) {
+ setFieldAsOctetBytes(EDATA, edata);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbFlags.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbFlags.java
new file mode 100644
index 0000000..426516c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbFlags.java
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1BitString;
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+import java.io.IOException;
+
+/**
+ KrbFlags ::= BIT STRING (SIZE (32..MAX))
+ -- minimum number of bits shall be sent,
+ -- but no fewer than 32
+ */
+public class KrbFlags extends Asn1BitString {
+ private static final int MAX_SIZE = 32;
+ private int flags;
+
+ public KrbFlags() {
+ this(0);
+ }
+
+ public KrbFlags(int value) {
+ super();
+ setFlags(value);
+ }
+
+ public void setFlags(int flags) {
+ this.flags = flags;
+ flags2Value();
+ }
+
+ public int getFlags() {
+ return flags;
+ }
+
+ public boolean isFlagSet(int flag) {
+ return (flags & (1 << flagPos(flag))) != 0;
+ }
+
+ public void setFlag(int flag) {
+ int newFlags = flags | 1 << flagPos(flag);
+ setFlags(newFlags);
+ }
+
+ public void clearFlag(int flag) {
+ int newFlags = flags & ~(1 << flagPos(flag));
+ setFlags(newFlags);
+ }
+
+ public void clear() {
+ setFlags(0);
+ }
+
+ public boolean isFlagSet(KrbEnum flag) {
+ return isFlagSet(flag.getValue());
+ }
+
+ public void setFlag(KrbEnum flag) {
+ setFlag(flag.getValue());
+ }
+
+ public void setFlag(KrbEnum flag, boolean isSet) {
+ if (isSet) {
+ setFlag(flag.getValue());
+ } else {
+ clearFlag(flag);
+ }
+ }
+
+ public void clearFlag(KrbEnum flag) {
+ clearFlag(flag.getValue());
+ }
+
+ private int flagPos(int flag) {
+ return MAX_SIZE - 1 - flag;
+ }
+
+ private void flags2Value() {
+ byte[] bytes = new byte[4];
+ bytes[0] = (byte) (flags >> 24);
+ bytes[1] = (byte) ((flags >> 16) & 0xFF);
+ bytes[2] = (byte) ((flags >> 8) & 0xFF);
+ bytes[3] = (byte) (flags & 0xFF);
+
+ setValue(bytes);
+ }
+
+ @Override
+ protected void toValue() throws IOException {
+ super.toValue();
+
+ if (getPadding() != 0 || getValue().length != 4) {
+ throw new IOException("Bad bitstring decoded as invalid krb flags");
+ }
+
+ byte[] valueBytes = getValue();
+ flags = ((valueBytes[0] & 0xFF) << 24) | ((valueBytes[1] & 0xFF) << 16) |
+ ((valueBytes[2] & 0xFF) << 8) | (0xFF & valueBytes[3]);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessage.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessage.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessage.java
new file mode 100644
index 0000000..965147f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessage.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+
+public abstract class KrbMessage extends KrbAppSequenceType {
+ protected static int PVNO = 0;
+ protected static int MSG_TYPE = 1;
+
+ private final int pvno = KrbConstant.KRB_V5;
+
+ public KrbMessage(KrbMessageType msgType, Asn1FieldInfo[] fieldInfos) {
+ super(msgType.getValue(), fieldInfos);
+ setPvno(pvno);
+ setMsgType(msgType);
+ }
+
+ public int getPvno() {
+ return pvno;
+ }
+
+ protected void setPvno(int pvno) {
+ setFieldAsInt(0, pvno);
+ }
+
+ public KrbMessageType getMsgType() {
+ Integer value = getFieldAsInteger(MSG_TYPE);
+ return KrbMessageType.fromValue(value);
+ }
+
+ public void setMsgType(KrbMessageType msgType) {
+ setFieldAsInt(MSG_TYPE, msgType.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessageType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessageType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessageType.java
new file mode 100644
index 0000000..0f6cb59
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbMessageType.java
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum KrbMessageType implements KrbEnum {
+ NONE(-1),
+ AS_REQ(10),
+ AS_REP(11),
+ TGS_REQ(12),
+ TGS_REP(13),
+ AP_REQ(14),
+ AP_REP(15),
+ KRB_SAFE(20),
+ KRB_PRIV(21),
+ KRB_CRED(22),
+ KRB_ERROR(30);
+
+ private int value;
+
+ private KrbMessageType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static KrbMessageType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (KrbMessageType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbToken.java
new file mode 100644
index 0000000..19da8a7
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbToken.java
@@ -0,0 +1,99 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.nio.ByteBuffer;
+import java.util.Map;
+
+/**
+ KRB-TOKEN_VALUE ::= SEQUENCE {
+ token-format [0] INTEGER,
+ token-value [1] OCTET STRING,
+ }
+ */
+public class KrbToken extends KrbSequenceType {
+ private static KrbTokenEncoder tokenEncoder;
+
+ private static int TOKEN_FORMAT = 0;
+ private static int TOKEN_VALUE = 1;
+
+ private Map<String, Object> attributes;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN_FORMAT, 0, Asn1Integer.class),
+ new Asn1FieldInfo(TOKEN_VALUE, 1, Asn1OctetString.class)
+ };
+
+ public KrbToken() {
+ super(fieldInfos);
+ }
+
+ @Override
+ public void encode(ByteBuffer buffer) {
+ setTokenValue(tokenEncoder.encode(this));
+ super.encode(buffer);
+ }
+
+ /*
+ @Override
+ public void decode(ByteBuffer content) throws IOException {
+ super.decode(content);
+ this.attributes = tokenEncoder.decode(this);
+ }
+ */
+
+ public static void setTokenEncoder(KrbTokenEncoder encoder) {
+ tokenEncoder = encoder;
+ }
+
+ public TokenFormat getTokenFormat() {
+ Integer value = getFieldAsInteger(TOKEN_FORMAT);
+ return TokenFormat.fromValue(value);
+ }
+
+ public void setTokenFormat(TokenFormat tokenFormat) {
+ setFieldAsInt(TOKEN_FORMAT, tokenFormat.getValue());
+ }
+
+ public byte[] getTokenValue() {
+ return getFieldAsOctets(TOKEN_VALUE);
+ }
+
+ public void setTokenValue(byte[] tokenValue) {
+ setFieldAsOctets(TOKEN_VALUE, tokenValue);
+ }
+
+ public Map<String, Object> getAttributes() {
+ if (attributes == null) {
+ this.attributes = tokenEncoder.decode(this);
+ }
+ return attributes;
+ }
+
+ public String getPrincipal() {
+ return (String) attributes.get("sub");
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbTokenEncoder.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbTokenEncoder.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbTokenEncoder.java
new file mode 100644
index 0000000..761b353
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/KrbTokenEncoder.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import java.util.Map;
+
+public interface KrbTokenEncoder {
+
+ public byte[] encode(KrbToken token);
+ public Map<String, Object> decode(KrbToken token);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReq.java
new file mode 100644
index 0000000..b22906e
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReq.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ LastReq ::= SEQUENCE OF SEQUENCE {
+ lr-type [0] Int32,
+ lr-value [1] KerberosTime
+ }
+ */
+public class LastReq extends KrbSequenceOfType<LastReqEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqEntry.java
new file mode 100644
index 0000000..d3c11a8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqEntry.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ LastReq ::= SEQUENCE OF SEQUENCE {
+ lr-type [0] Int32,
+ lr-value [1] KerberosTime
+ }
+ */
+public class LastReqEntry extends KrbSequenceType {
+ private static int LR_TYPE = 0;
+ private static int LR_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(LR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(LR_VALUE, 1, KerberosTime.class)
+ };
+
+ public LastReqEntry() {
+ super(fieldInfos);
+ }
+
+ public LastReqType getLrType() {
+ Integer value = getFieldAsInteger(LR_TYPE);
+ return LastReqType.fromValue(value);
+ }
+
+ public void setLrType(LastReqType lrType) {
+ setFieldAsInt(LR_TYPE, lrType.getValue());
+ }
+
+ public KerberosTime getLrValue() {
+ return getFieldAs(LR_VALUE, KerberosTime.class);
+ }
+
+ public void setLrValue(KerberosTime lrValue) {
+ setFieldAs(LR_VALUE, lrValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqType.java
new file mode 100644
index 0000000..bed2c93
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/LastReqType.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum LastReqType implements KrbEnum {
+ NONE(0),
+ ALL_LAST_TGT(1),
+ THE_LAST_TGT(-1),
+ ALL_LAST_INITIAL(2),
+ THE_LAST_INITIAL(-2),
+ ALL_LAST_TGT_ISSUED(3),
+ THE_LAST_TGT_ISSUED(-3),
+ ALL_LAST_RENEWAL(4),
+ THE_LAST_RENEWAL(-4),
+ ALL_LAST_REQ(5),
+ THE_LAST_REQ(-5),
+ ALL_PW_EXPTIME(6),
+ THE_PW_EXPTIME(-6),
+ ALL_ACCT_EXPTIME(7),
+ THE_ACCT_EXPTIME(-7);
+
+ private int value;
+
+ private LastReqType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static LastReqType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (LastReqType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/MethodData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/MethodData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/MethodData.java
new file mode 100644
index 0000000..e576e8c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/MethodData.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+
+/**
+ METHOD-DATA ::= SEQUENCE OF PA-DATA
+ */
+public class MethodData extends KrbSequenceOfType<PaDataEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/NameType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/NameType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/NameType.java
new file mode 100644
index 0000000..849f9f9
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/NameType.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum NameType implements KrbEnum {
+ NT_UNKNOWN(0),
+ NT_PRINCIPAL(1),
+ NT_SRV_INST(2),
+ NT_SRV_HST(3),
+ NT_SRV_XHST(4),
+ NT_UID(5);
+
+ private int value;
+
+ private NameType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static NameType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (NameType) e;
+ }
+ }
+ }
+
+ return NT_UNKNOWN;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/PrincipalName.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/PrincipalName.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/PrincipalName.java
new file mode 100644
index 0000000..eef8ede
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/PrincipalName.java
@@ -0,0 +1,199 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosStrings;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ PrincipalName ::= SEQUENCE {
+ name-type [0] Int32,
+ name-string [1] SEQUENCE OF KerberosString
+ }
+ */
+public class PrincipalName extends KrbSequenceType {
+ private String realm;
+
+ private static int NAME_TYPE = 0;
+ private static int NAME_STRING = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(NAME_STRING, KerberosStrings.class)
+ };
+
+ public PrincipalName() {
+ super(fieldInfos);
+ }
+
+ public PrincipalName(String nameString) {
+ this();
+ setNameType(NameType.NT_PRINCIPAL);
+ fromNameString(nameString);
+ }
+
+ public PrincipalName(List<String> nameStrings, NameType type) {
+ this();
+ setNameStrings(nameStrings);
+ setNameType(type);
+ }
+
+ public NameType getNameType() {
+ Integer value = getFieldAsInteger(NAME_TYPE);
+ return NameType.fromValue(value);
+ }
+
+ public void setNameType(NameType nameType) {
+ setFieldAsInt(NAME_TYPE, nameType.getValue());
+ }
+
+ public List<String> getNameStrings() {
+ KerberosStrings krbStrings = getFieldAs(NAME_STRING, KerberosStrings.class);
+ if (krbStrings != null) {
+ return krbStrings.getAsStrings();
+ }
+ return Collections.EMPTY_LIST;
+ }
+
+ public void setNameStrings(List<String> nameStrings) {
+ setFieldAs(NAME_STRING, new KerberosStrings(nameStrings));
+ }
+
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
+
+ public String getRealm() {
+ return this.realm;
+ }
+
+ public String getName() {
+ return makeSingleName();
+ }
+
+ private String makeSingleName() {
+ List<String> names = getNameStrings();
+ StringBuilder sb = new StringBuilder();
+ boolean isFirst = true;
+ for (String name : names) {
+ sb.append(name);
+ if (isFirst && names.size() > 1) {
+ sb.append('/');
+ }
+ isFirst = false;
+ }
+
+ String realm = getRealm();
+ if (realm != null && !realm.isEmpty()) {
+ sb.append('@');
+ sb.append(realm);
+ }
+
+ return sb.toString();
+ }
+
+ @Override
+ public String toString() {
+ return getName();
+ }
+
+ @Override
+ public int hashCode() {
+ return getName().hashCode();
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (other == null) {
+ return false;
+ } else if (this == other) {
+ return true;
+ } else if (other instanceof String) {
+ String otherPrincipal = (String) other;
+ String thisPrincipal = getName();
+ return thisPrincipal.equals(otherPrincipal);
+ } else if (! (other instanceof PrincipalName)) {
+ return false;
+ }
+
+ PrincipalName otherPrincipal = (PrincipalName) other;
+ if (getNameType() != ((PrincipalName) other).getNameType()) {
+ return false;
+ }
+
+ return getName().equals(otherPrincipal.getName());
+ }
+
+ private void fromNameString(String nameString) {
+ String tmpRealm = null;
+ List<String> nameStrings;
+ int pos = nameString.indexOf('@');
+ String nameParts = nameString;
+ if (pos != -1) {
+ nameParts = nameString.substring(0, pos);
+ tmpRealm = nameString.substring(pos + 1);
+ }
+ String parts[] = nameParts.split("\\/");
+ nameStrings = Arrays.asList(parts);
+
+ setNameStrings(nameStrings);
+ setRealm(tmpRealm);
+ }
+
+ public static String extractRealm(String principal) {
+ int pos = principal.indexOf('@');
+
+ if (pos > 0) {
+ return principal.substring(pos + 1);
+ }
+
+ throw new IllegalArgumentException("Not a valid principal, missing realm name");
+ }
+
+
+ public static String extractName(String principal) {
+ int pos = principal.indexOf('@');
+
+ if (pos < 0) {
+ return principal;
+ }
+
+ return principal.substring(0, pos);
+ }
+
+ public static String makeSalt(PrincipalName principalName) {
+ StringBuilder salt = new StringBuilder();
+ if (principalName.getRealm() != null) {
+ salt.append(principalName.getRealm().toString());
+ }
+ List<String> nameStrings = principalName.getNameStrings();
+ for (String ns : nameStrings) {
+ salt.append(ns);
+ }
+ return salt.toString();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/Realm.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/Realm.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/Realm.java
new file mode 100644
index 0000000..696ea99
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/Realm.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+
+/**
+ * Realm ::= KerberosString
+ */
+public class Realm extends KerberosString {
+ public Realm() {
+ }
+
+ public Realm(String value) {
+ super(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/SamType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/SamType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/SamType.java
new file mode 100644
index 0000000..75e876f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/SamType.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum SamType implements KrbEnum
+{
+ SAM_NONE(0),
+ /** safe SAM type enum for Enigma Logic */
+ SAM_TYPE_ENIGMA(1), // Enigma Logic"
+
+ /** safe SAM type enum for Digital Pathways */
+ SAM_TYPE_DIGI_PATH(2), // Digital Pathways
+
+ /** safe SAM type enum for S/key where KDC has key 0 */
+ SAM_TYPE_SKEY_K0(3), // S/key where KDC has key 0
+
+ /** safe SAM type enum for Traditional S/Key */
+ SAM_TYPE_SKEY(4), // Traditional S/Key
+
+ /** safe SAM type enum for Security Dynamics */
+ SAM_TYPE_SECURID(5), // Security Dynamics
+
+ /** safe SAM type enum for CRYPTOCard */
+ SAM_TYPE_CRYPTOCARD(6); // CRYPTOCard
+
+ private int value;
+
+ private SamType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static SamType fromValue(Integer value) {
+ if (value != null) {
+ for (SamType st : SamType.values() ) {
+ if (value == st.getValue()) {
+ return st;
+ }
+ }
+ }
+ return SAM_NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TokenFormat.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TokenFormat.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TokenFormat.java
new file mode 100644
index 0000000..b14751b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TokenFormat.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum TokenFormat implements KrbEnum {
+ NONE (0),
+ JWT (1);
+
+ private final int value;
+
+ private TokenFormat(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TokenFormat fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (TokenFormat) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncoding.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncoding.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncoding.java
new file mode 100644
index 0000000..3cbd995
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncoding.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ TransitedEncoding ::= SEQUENCE {
+ tr-type [0] Int32 -- must be registered --,
+ contents [1] OCTET STRING
+ }
+ */
+public class TransitedEncoding extends KrbSequenceType {
+ private static int TR_TYPE = 0;
+ private static int CONTENTS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CONTENTS, 1, Asn1OctetString.class)
+ };
+
+ public TransitedEncoding() {
+ super(fieldInfos);
+ }
+
+ public TransitedEncodingType getTrType() {
+ Integer value = getFieldAsInteger(TR_TYPE);
+ return TransitedEncodingType.fromValue(value);
+ }
+
+ public void setTrType(TransitedEncodingType trType) {
+ setField(TR_TYPE, trType);
+ }
+
+ public byte[] getContents() {
+ return getFieldAsOctets(CONTENTS);
+ }
+
+ public void setContents(byte[] contents) {
+ setFieldAsOctets(CONTENTS, contents);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncodingType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncodingType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncodingType.java
new file mode 100644
index 0000000..8acfb1b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/common/TransitedEncodingType.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.common;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum TransitedEncodingType implements KrbEnum {
+ UNKNOWN(-1),
+ NULL(0),
+ DOMAIN_X500_COMPRESS(1);
+
+ private final int value;
+
+ private TransitedEncodingType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TransitedEncodingType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (TransitedEncodingType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/ArmorType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/ArmorType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/ArmorType.java
new file mode 100644
index 0000000..1bd0589
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/ArmorType.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum ArmorType implements KrbEnum {
+ NONE (0),
+ ARMOR_AP_REQUEST (1);
+
+ private final int value;
+
+ private ArmorType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static ArmorType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (ArmorType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOption.java
new file mode 100644
index 0000000..5819d7c
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOption.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum FastOption implements KrbEnum {
+ NONE(-1),
+ RESERVED(0),
+ HIDE_CLIENT_NAMES(1),
+
+ KDC_FOLLOW_REFERRALS(16);
+
+ private final int value;
+
+ private FastOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static FastOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (FastOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOptions.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOptions.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOptions.java
new file mode 100644
index 0000000..80ab325
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/FastOptions.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+public class FastOptions extends KrbFlags {
+
+ public FastOptions() {
+ this(0);
+ }
+
+ public FastOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmor.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmor.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmor.java
new file mode 100644
index 0000000..6fd36af
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmor.java
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ KrbFastArmor ::= SEQUENCE {
+ armor-type [0] Int32,
+ -- Type of the armor.
+ armor-value [1] OCTET STRING,
+ -- Value of the armor.
+ }
+ */
+public class KrbFastArmor extends KrbSequenceType {
+ private static int ARMOR_TYPE = 0;
+ private static int ARMOR_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMOR_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(ARMOR_VALUE, Asn1OctetString.class)
+ };
+
+ public KrbFastArmor() {
+ super(fieldInfos);
+ }
+
+ public ArmorType getArmorType() {
+ Integer value = getFieldAsInteger(ARMOR_TYPE);
+ return ArmorType.fromValue(value);
+ }
+
+ public void setArmorType(ArmorType armorType) {
+ setFieldAsInt(ARMOR_TYPE, armorType.getValue());
+ }
+
+ public byte[] getArmorValue() {
+ return getFieldAsOctets(ARMOR_VALUE);
+ }
+
+ public void setArmorValue(byte[] armorValue) {
+ setFieldAsOctets(ARMOR_VALUE, armorValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
new file mode 100644
index 0000000..5b4542f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+
+/**
+ KrbFastArmoredRep ::= SEQUENCE {
+ enc-fast-rep [0] EncryptedData, -- KrbFastResponse --
+ -- The encryption key is the armor key in the request, and
+ -- the key usage number is KEY_USAGE_FAST_REP.
+ }
+ */
+public class KrbFastArmoredRep extends KrbSequenceType {
+ private static int ENC_FAST_REP = 0;
+
+ //private
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ENC_FAST_REP, EncryptedData.class)
+ };
+
+ public KrbFastArmoredRep() {
+ super(fieldInfos);
+ }
+
+ public EncryptedData getEncFastRep() {
+ return getFieldAs(ENC_FAST_REP, EncryptedData.class);
+ }
+
+ public void setEncFastRep(EncryptedData encFastRep) {
+ setFieldAs(ENC_FAST_REP, encFastRep);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
new file mode 100644
index 0000000..2434103
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+
+/**
+ KrbFastArmoredReq ::= SEQUENCE {
+ armor [0] KrbFastArmor OPTIONAL,
+ -- Contains the armor that identifies the armor key.
+ -- MUST be present in AS-REQ.
+ req-checksum [1] Checksum,
+ -- For AS, contains the checksum performed over the type
+ -- KDC-REQ-BODY for the req-body field of the KDC-REQ
+ -- structure;
+ -- For TGS, contains the checksum performed over the type
+ -- AP-REQ in the PA-TGS-REQ padata.
+ -- The checksum key is the armor key, the checksum
+ -- type is the required checksum type for the enctype of
+ -- the armor key, and the key usage number is
+ -- KEY_USAGE_FAST_REQ_CHKSUM.
+ enc-fast-req [2] EncryptedData, -- KrbFastReq --
+ -- The encryption key is the armor key, and the key usage
+ -- number is KEY_USAGE_FAST_ENC.
+ }
+ */
+public class KrbFastArmoredReq extends KrbSequenceType {
+ private static int ARMOR = 0;
+ private static int REQ_CHECKSUM = 1;
+ private static int ENC_FAST_REQ = 2;
+
+ private KrbFastReq fastReq;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMOR, KrbFastArmor.class),
+ new Asn1FieldInfo(REQ_CHECKSUM, CheckSum.class),
+ new Asn1FieldInfo(ENC_FAST_REQ, EncryptedData.class),
+ };
+
+ public KrbFastArmoredReq() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(ARMOR, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(ARMOR, armor);
+ }
+
+ public CheckSum getReqChecksum() {
+ return getFieldAs(REQ_CHECKSUM, CheckSum.class);
+ }
+
+ public void setReqChecksum(CheckSum checkSum) {
+ setFieldAs(REQ_CHECKSUM, checkSum);
+ }
+
+ public KrbFastReq getFastReq() {
+ return fastReq;
+ }
+
+ public void setFastReq(KrbFastReq fastReq) {
+ this.fastReq = fastReq;
+ }
+
+ public EncryptedData getEncryptedFastReq() {
+ return getFieldAs(ENC_FAST_REQ, EncryptedData.class);
+ }
+
+ public void setEncryptedFastReq(EncryptedData encFastReq) {
+ setFieldAs(ENC_FAST_REQ, encFastReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastFinished.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastFinished.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastFinished.java
new file mode 100644
index 0000000..22f3ba8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/fast/KrbFastFinished.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.fast;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastFinished ::= SEQUENCE {
+ timestamp [0] KerberosTime,
+ usec [1] Microseconds,
+ -- timestamp and usec represent the time on the KDC when
+ -- the reply was generated.
+ crealm [2] Realm,
+ cname [3] PrincipalName,
+ -- Contains the client realm and the client name.
+ ticket-checksum [4] Checksum,
+ -- checksum of the ticket in the KDC-REP using the armor
+ -- and the key usage is KEY_USAGE_FAST_FINISH.
+ -- The checksum type is the required checksum type
+ -- of the armor key.
+ }
+ */
+public class KrbFastFinished extends KrbSequenceType {
+ private static int FAST_OPTIONS = 0;
+ private static int PADATA = 1;
+ private static int REQ_BODY = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
+ };
+
+ public KrbFastFinished() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(FAST_OPTIONS, armor);
+ }
+
+ public CheckSum getReqChecksum() {
+ return getFieldAs(PADATA, CheckSum.class);
+ }
+
+ public void setReqChecksum(CheckSum checkSum) {
+ setFieldAs(PADATA, checkSum);
+ }
+
+ public EncryptedData getEncFastReq() {
+ return getFieldAs(REQ_BODY, EncryptedData.class);
+ }
+
+ public void setEncFastReq(EncryptedData encFastReq) {
+ setFieldAs(REQ_BODY, encFastReq);
+ }
+}
[37/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
deleted file mode 100644
index 178dbba..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
+++ /dev/null
@@ -1,233 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.pkinit;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOption;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.preauth.PaFlag;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.pkinit.PkinitIdenity;
-import org.apache.kerberos.kerb.preauth.pkinit.PkinitPreauthMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.pa.pkinit.*;
-import org.apache.kerberos.kerb.spec.x509.SubjectPublicKeyInfo;
-
-public class PkinitPreauth extends AbstractPreauthPlugin {
-
- private PkinitContext pkinitContext;
-
- public PkinitPreauth() {
- super(new PkinitPreauthMeta());
- }
-
- @Override
- public void init(KrbContext context) {
- super.init(context);
- this.pkinitContext = new PkinitContext();
- }
-
- @Override
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
- PkinitRequestContext reqCtx = new PkinitRequestContext();
-
- reqCtx.updateRequestOpts(pkinitContext.pluginOpts);
-
- return reqCtx;
- }
-
- @Override
- public void setPreauthOptions(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- KrbOptions options) {
- if (options.contains(KrbOption.PKINIT_X509_IDENTITY)) {
- pkinitContext.identityOpts.identity =
- options.getStringOption(KrbOption.PKINIT_X509_IDENTITY);
- }
-
- if (options.contains(KrbOption.PKINIT_X509_ANCHORS)) {
- pkinitContext.identityOpts.anchors.add(
- options.getStringOption(KrbOption.PKINIT_X509_ANCHORS));
- }
-
- if (options.contains(KrbOption.PKINIT_USING_RSA)) {
- pkinitContext.pluginOpts.usingRsa =
- options.getBooleanOption(KrbOption.PKINIT_USING_RSA);
- }
-
- }
-
- @Override
- public void prepareQuestions(KdcRequest kdcRequest,
- PluginRequestContext requestContext) {
-
- PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
-
- if (!reqCtx.identityInitialized) {
- PkinitIdenity.initialize(reqCtx.identityOpts, kdcRequest.getClientPrincipal());
- reqCtx.identityInitialized = true;
- }
-
- // Might have questions asking for password to access the private key
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException {
-
- }
-
- @Override
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
-
- PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
- if (inPadata == null) return false;
-
- boolean processingRequest = false;
- switch (inPadata.getPaDataType()) {
- case PK_AS_REQ:
- processingRequest = true;
- break;
- case PK_AS_REP:
- break;
- }
-
- if (processingRequest) {
- generateRequest(reqCtx, kdcRequest, outPadata);
- } else {
- EncryptionType encType = kdcRequest.getEncType();
- processReply(kdcRequest, reqCtx, inPadata, encType);
- }
-
- return false;
- }
-
- private void generateRequest(PkinitRequestContext reqCtx, KdcRequest kdcRequest,
- PaData outPadata) {
-
- }
-
- private PaPkAsReq makePaPkAsReq(PkinitContext pkinitContext, PkinitRequestContext reqCtx,
- KerberosTime ctime, int cusec, int nonce, byte[] checksum,
- PrincipalName client, PrincipalName server) {
-
- PaPkAsReq paPkAsReq = new PaPkAsReq();
- AuthPack authPack = new AuthPack();
- SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo();
- PkAuthenticator pkAuthen = new PkAuthenticator();
-
- boolean usingRsa = reqCtx.requestOpts.usingRsa;
- PaDataType paType = reqCtx.paType = PaDataType.PK_AS_REQ;
-
- pkAuthen.setCtime(ctime);
- pkAuthen.setCusec(cusec);
- pkAuthen.setNonce(nonce);
- pkAuthen.setPaChecksum(checksum);
-
- authPack.setPkAuthenticator(pkAuthen);
- DHNonce dhNonce = new DHNonce();
- authPack.setClientDhNonce(dhNonce);
- authPack.setClientPublicValue(pubInfo);
-
- authPack.setsupportedCmsTypes(pkinitContext.pluginOpts.createSupportedCMSTypes());
-
- if (usingRsa) {
- // DH case
- } else {
- authPack.setClientPublicValue(null);
- }
-
- byte[] signedAuthPack = signAuthPack(pkinitContext, reqCtx, authPack);
- paPkAsReq.setSignedAuthPack(signedAuthPack);
-
- TrustedCertifiers trustedCertifiers = pkinitContext.pluginOpts.createTrustedCertifiers();
- paPkAsReq.setTrustedCertifiers(trustedCertifiers);
-
- byte[] kdcPkId = pkinitContext.pluginOpts.createIssuerAndSerial();
- paPkAsReq.setKdcPkId(kdcPkId);
-
- return paPkAsReq;
- }
-
- private byte[] signAuthPack(PkinitContext pkinitContext,
- PkinitRequestContext reqCtx, AuthPack authPack) {
- return null;
- }
-
- private void processReply(KdcRequest kdcRequest,
- PkinitRequestContext reqCtx,
- PaDataEntry inPadata,
- EncryptionType encType) {
-
- EncryptionKey asKey = null;
-
- // TODO
-
- kdcRequest.setAsKey(asKey);
- }
-
- @Override
- public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataType preauthType,
- PaData errPadata,
- PaData outPadata) {
-
- PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
- if (reqCtx.paType != preauthType && errPadata == null) {
- return false;
- }
-
- boolean doAgain = false;
- for (PaDataEntry pde : errPadata.getElements()) {
- switch (pde.getPaDataType()) {
- // TODO
- }
- }
-
- if (doAgain) {
- generateRequest(reqCtx, kdcRequest, outPadata);
- }
-
- return false;
- }
-
- @Override
- public PaFlags getFlags(PaDataType paType) {
- PaFlags paFlags = new PaFlags(0);
- paFlags.setFlag(PaFlag.PA_REAL);
-
- return paFlags;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
deleted file mode 100644
index 94d10d2..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.pkinit;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.preauth.pkinit.IdentityOpts;
-import org.apache.kerberos.kerb.preauth.pkinit.PluginOpts;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class PkinitRequestContext implements PluginRequestContext {
-
- public PkinitRequestOpts requestOpts = new PkinitRequestOpts();
- public IdentityOpts identityOpts = new IdentityOpts();
- public boolean doIdentityMatching;
- public PaDataType paType;
- public boolean rfc6112Kdc;
- public boolean identityInitialized;
- public boolean identityPrompted;
-
- public void updateRequestOpts(PluginOpts pluginOpts) {
- requestOpts.requireEku = pluginOpts.requireEku;
- requestOpts.acceptSecondaryEku = pluginOpts.acceptSecondaryEku;
- requestOpts.allowUpn = pluginOpts.allowUpn;
- requestOpts.usingRsa = pluginOpts.usingRsa;
- requestOpts.requireCrlChecking = pluginOpts.requireCrlChecking;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
deleted file mode 100644
index be803c9..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.pkinit;
-
-public class PkinitRequestOpts {
-
- // From MIT Krb5 _pkinit_plg_opts
-
- // require EKU checking (default is true)
- public boolean requireEku = true;
- // accept secondary EKU (default is false)
- public boolean acceptSecondaryEku = false;
- // allow UPN-SAN instead of pkinit-SAN
- public boolean allowUpn = true;
- // selects DH or RSA based pkinit
- public boolean usingRsa = true;
- // require CRL for a CA (default is false)
- public boolean requireCrlChecking = false;
- // initial request DH modulus size (default=1024)
- public int dhSize = 1024;
-
- public boolean requireHostnameMatch = true;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenContext.java
deleted file mode 100644
index 12320df..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenContext.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.token;
-
-import org.haox.token.KerbToken;
-
-public class TokenContext {
-
- public boolean usingIdToken = true;
- public KerbToken token = null;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenPreauth.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenPreauth.java
deleted file mode 100644
index ec614e7..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenPreauth.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.token;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOption;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.client.request.KdcRequest;
-import org.apache.kerberos.kerb.preauth.PaFlag;
-import org.apache.kerberos.kerb.preauth.PaFlags;
-import org.apache.kerberos.kerb.preauth.token.TokenPreauthMeta;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.haox.token.KerbToken;
-
-import java.util.Collections;
-import java.util.List;
-
-public class TokenPreauth extends AbstractPreauthPlugin {
-
- private TokenContext tokenContext;
-
- public TokenPreauth() {
- super(new TokenPreauthMeta());
- }
-
- public void init(KrbContext context) {
- super.init(context);
- this.tokenContext = new TokenContext();
- }
-
- @Override
- public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
- TokenRequestContext reqCtx = new TokenRequestContext();
-
- return reqCtx;
- }
-
- @Override
- public void prepareQuestions(KdcRequest kdcRequest,
- PluginRequestContext requestContext) {
-
- }
-
- @Override
- public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
- PluginRequestContext requestContext) {
- return Collections.emptyList();
- }
-
- @Override
- public void setPreauthOptions(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- KrbOptions options) {
-
- tokenContext.usingIdToken = options.getBooleanOption(KrbOption.TOKEN_USING_IDTOKEN);
- if (tokenContext.usingIdToken) {
- if (options.contains(KrbOption.TOKEN_USER_ID_TOKEN)) {
- tokenContext.token =
- (KerbToken) options.getOptionValue(KrbOption.TOKEN_USER_ID_TOKEN);
- }
- } else {
- if (options.contains(KrbOption.TOKEN_USER_AC_TOKEN)) {
- tokenContext.token =
- (KerbToken) options.getOptionValue(KrbOption.TOKEN_USER_AC_TOKEN);
- }
- }
-
- }
-
- public void tryFirst(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaData outPadata) throws KrbException {
-
- }
-
- @Override
- public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
-
- return false;
- }
-
- @Override
- public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataType preauthType,
- PaData errPadata,
- PaData outPadata) {
- return false;
- }
-
- @Override
- public PaFlags getFlags(PaDataType paType) {
- PaFlags paFlags = new PaFlags(0);
- paFlags.setFlag(PaFlag.PA_REAL);
-
- return paFlags;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenRequestContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenRequestContext.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenRequestContext.java
deleted file mode 100644
index 02697ee..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/preauth/token/TokenRequestContext.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.preauth.token;
-
-import org.apache.kerberos.kerb.preauth.PluginRequestContext;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class TokenRequestContext implements PluginRequestContext {
-
- public boolean doIdentityMatching;
- public PaDataType paType;
- public boolean identityInitialized;
- public boolean identityPrompted;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequest.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequest.java
deleted file mode 100644
index f3d0079..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequest.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.KrbConstant;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.kdc.*;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-
-import java.io.IOException;
-import java.util.List;
-
-public class AsRequest extends KdcRequest {
-
- private PrincipalName clientPrincipal;
- private EncryptionKey clientKey;
-
- public AsRequest(KrbContext context) {
- super(context);
-
- setServerPrincipal(makeTgsPrincipal());
- }
-
- public PrincipalName getClientPrincipal() {
- return clientPrincipal;
- }
-
- public void setClientPrincipal(PrincipalName clientPrincipal) {
- this.clientPrincipal = clientPrincipal;
- }
-
- public void setClientKey(EncryptionKey clientKey) {
- this.clientKey = clientKey;
- }
-
- public EncryptionKey getClientKey() throws KrbException {
- return clientKey;
- }
-
- @Override
- public void process() throws KrbException {
- super.process();
-
- KdcReqBody body = makeReqBody();
-
- AsReq asReq = new AsReq();
- asReq.setReqBody(body);
- asReq.setPaData(getPreauthContext().getOutputPaData());
-
- setKdcReq(asReq);
- }
-
- @Override
- public void processResponse(KdcRep kdcRep) throws KrbException {
- setKdcRep(kdcRep);
-
- PrincipalName clientPrincipal = getKdcRep().getCname();
- String clientRealm = getKdcRep().getCrealm();
- clientPrincipal.setRealm(clientRealm);
- if (! clientPrincipal.equals(getClientPrincipal())) {
- throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_NAME_MISMATCH);
- }
-
- byte[] decryptedData = decryptWithClientKey(getKdcRep().getEncryptedEncPart(),
- KeyUsage.AS_REP_ENCPART);
- EncKdcRepPart encKdcRepPart = new EncAsRepPart();
- try {
- encKdcRepPart.decode(decryptedData);
- } catch (IOException e) {
- throw new KrbException("Failed to decode EncAsRepPart", e);
- }
- getKdcRep().setEncPart(encKdcRepPart);
-
- if (getChosenNonce() != encKdcRepPart.getNonce()) {
- throw new KrbException("Nonce didn't match");
- }
-
- PrincipalName serverPrincipal = encKdcRepPart.getSname();
- serverPrincipal.setRealm(encKdcRepPart.getSrealm());
- if (! serverPrincipal.equals(getServerPrincipal())) {
- throw new KrbException(KrbErrorCode.KDC_ERR_SERVER_NOMATCH);
- }
-
- HostAddresses hostAddresses = getHostAddresses();
- if (hostAddresses != null) {
- List<HostAddress> requestHosts = hostAddresses.getElements();
- if (!requestHosts.isEmpty()) {
- List<HostAddress> responseHosts = encKdcRepPart.getCaddr().getElements();
- for (HostAddress h : requestHosts) {
- if (!responseHosts.contains(h)) {
- throw new KrbException("Unexpected client host");
- }
- }
- }
- }
- }
-
- public TgtTicket getTicket() {
- TgtTicket TgtTicket = new TgtTicket(getKdcRep().getTicket(),
- (EncAsRepPart) getKdcRep().getEncPart(), getKdcRep().getCname().getName());
- return TgtTicket;
- }
-
- private PrincipalName makeTgsPrincipal() {
- return new PrincipalName(KrbConstant.TGS_PRINCIPAL + "@" + getContext().getKdcRealm());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithCert.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithCert.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithCert.java
deleted file mode 100644
index ac808c2..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithCert.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOption;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class AsRequestWithCert extends AsRequest {
-
- public static final String ANONYMOUS_PRINCIPAL = "ANONYMOUS@WELLKNOWN:ANONYMOUS";
-
- public AsRequestWithCert(KrbContext context) {
- super(context);
-
- setAllowedPreauth(PaDataType.PK_AS_REQ);
- }
-
- @Override
- public void process() throws KrbException {
- throw new RuntimeException("To be implemented");
- }
-
- @Override
- public KrbOptions getPreauthOptions() {
- KrbOptions results = new KrbOptions();
-
- KrbOptions krbOptions = getKrbOptions();
- results.add(krbOptions.getOption(KrbOption.PKINIT_X509_CERTIFICATE));
- results.add(krbOptions.getOption(KrbOption.PKINIT_X509_ANCHORS));
- results.add(krbOptions.getOption(KrbOption.PKINIT_X509_PRIVATE_KEY));
- results.add(krbOptions.getOption(KrbOption.PKINIT_X509_IDENTITY));
- results.add(krbOptions.getOption(KrbOption.PKINIT_USING_RSA));
-
- return results;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithPasswd.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithPasswd.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithPasswd.java
deleted file mode 100644
index 7a97b33..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithPasswd.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOption;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class AsRequestWithPasswd extends AsRequest {
-
- public AsRequestWithPasswd(KrbContext context) {
- super(context);
-
- setAllowedPreauth(PaDataType.ENC_TIMESTAMP);
- }
-
- public String getPassword() {
- return getKrbOptions().getStringOption(KrbOption.USER_PASSWD);
- }
-
- @Override
- public EncryptionKey getClientKey() throws KrbException {
- if (super.getClientKey() == null) {
- EncryptionKey tmpKey = EncryptionHandler.string2Key(getClientPrincipal().getName(),
- getPassword(), getChosenEncryptionType());
- setClientKey(tmpKey);
- }
- return super.getClientKey();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithToken.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithToken.java
deleted file mode 100644
index 9c73937..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/AsRequestWithToken.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOption;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class AsRequestWithToken extends AsRequest {
-
- public AsRequestWithToken(KrbContext context) {
- super(context);
-
- setAllowedPreauth(PaDataType.TOKEN_REQUEST);
- }
-
- @Override
- public void process() throws KrbException {
- throw new RuntimeException("To be implemented");
- }
-
- @Override
- public KrbOptions getPreauthOptions() {
- KrbOptions results = new KrbOptions();
-
- KrbOptions krbOptions = getKrbOptions();
- results.add(krbOptions.getOption(KrbOption.TOKEN_USING_IDTOKEN));
- results.add(krbOptions.getOption(KrbOption.TOKEN_USER_ID_TOKEN));
- results.add(krbOptions.getOption(KrbOption.TOKEN_USER_AC_TOKEN));
-
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/KdcRequest.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/KdcRequest.java
deleted file mode 100644
index bdde086..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/KdcRequest.java
+++ /dev/null
@@ -1,358 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.client.KrbOptions;
-import org.apache.kerberos.kerb.client.preauth.FastContext;
-import org.apache.kerberos.kerb.client.preauth.PreauthContext;
-import org.apache.kerberos.kerb.client.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.kdc.KdcOptions;
-import org.apache.kerberos.kerb.spec.kdc.KdcRep;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-import org.apache.kerberos.kerb.spec.kdc.KdcReqBody;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.haox.transport.Transport;
-
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-/**
- * A wrapper for KdcReq request
- */
-public abstract class KdcRequest {
- private KrbContext context;
- private Transport transport;
-
- private KrbOptions krbOptions;
- private PrincipalName serverPrincipal;
- private List<HostAddress> hostAddresses = new ArrayList<HostAddress>();
- private KdcOptions kdcOptions = new KdcOptions();
- private List<EncryptionType> encryptionTypes;
- private EncryptionType chosenEncryptionType;
- private int chosenNonce;
- private KdcReq kdcReq;
- private KdcRep kdcRep;
- protected Map<String, Object> credCache;
- private PreauthContext preauthContext;
- private FastContext fastContext;
- private EncryptionKey asKey;
-
- private KrbError errorReply;
- private boolean isRetrying;
-
- public KdcRequest(KrbContext context) {
- this.context = context;
- this.isRetrying = false;
- this.credCache = new HashMap<String, Object>();
- this.preauthContext = context.getPreauthHandler()
- .preparePreauthContext(this);
- this.fastContext = new FastContext();
- }
-
- public void setTransport(Transport transport) {
- this.transport = transport;
- }
-
- public Transport getTransport() {
- return this.transport;
- }
-
- public void setKrbOptions(KrbOptions options) {
- this.krbOptions = options;
- }
-
- public KrbOptions getKrbOptions() {
- return krbOptions;
- }
-
- public boolean isRetrying() {
- return isRetrying;
- }
-
- public void setAsKey(EncryptionKey asKey) {
- this.asKey = asKey;
- }
-
- public EncryptionKey getAsKey() throws KrbException {
- return asKey;
- }
-
- public void setAllowedPreauth(PaDataType paType) {
- preauthContext.setAllowedPaType(paType);
- }
-
- public Map<String, Object> getCredCache() {
- return credCache;
- }
-
- public void setPreauthRequired(boolean preauthRequired) {
- preauthContext.setPreauthRequired(preauthRequired);
- }
-
- public PreauthContext getPreauthContext() {
- return preauthContext;
- }
-
- protected void loadCredCache() {
- // TODO
- }
-
- public KdcReq getKdcReq() {
- return kdcReq;
- }
-
- public void setKdcReq(KdcReq kdcReq) {
- this.kdcReq = kdcReq;
- }
-
- public KdcRep getKdcRep() {
- return kdcRep;
- }
-
- public void setKdcRep(KdcRep kdcRep) {
- this.kdcRep = kdcRep;
- }
-
- protected KdcReqBody makeReqBody() throws KrbException {
- KdcReqBody body = new KdcReqBody();
-
- long startTime = System.currentTimeMillis();
- body.setFrom(new KerberosTime(startTime));
-
- PrincipalName cName = null;
- cName = getClientPrincipal();
- body.setCname(cName);
-
- body.setRealm(cName.getRealm());
-
- PrincipalName sName = getServerPrincipal();
- body.setSname(sName);
-
- body.setTill(new KerberosTime(startTime + getTicketValidTime()));
-
- int nonce = generateNonce();
- body.setNonce(nonce);
- setChosenNonce(nonce);
-
- body.setKdcOptions(getKdcOptions());
-
- HostAddresses addresses = getHostAddresses();
- if (addresses != null) {
- body.setAddresses(addresses);
- }
-
- body.setEtypes(getEncryptionTypes());
-
- return body;
- }
-
- public KdcOptions getKdcOptions() {
- return kdcOptions;
- }
-
- public HostAddresses getHostAddresses() {
- HostAddresses addresses = null;
- if (!hostAddresses.isEmpty()) {
- addresses = new HostAddresses();
- for(HostAddress ha : hostAddresses) {
- addresses.addElement(ha);
- }
- }
- return addresses;
- }
-
- public KrbContext getContext() {
- return context;
- }
-
- protected byte[] decryptWithClientKey(EncryptedData data, KeyUsage usage) throws KrbException {
- return EncryptionHandler.decrypt(data, getClientKey(), usage);
- }
-
- public void setContext(KrbContext context) {
- this.context = context;
- }
-
- public void setHostAddresses(List<HostAddress> hostAddresses) {
- this.hostAddresses = hostAddresses;
- }
-
- public void setKdcOptions(KdcOptions kdcOptions) {
- this.kdcOptions = kdcOptions;
- }
-
- public abstract PrincipalName getClientPrincipal();
-
- public PrincipalName getServerPrincipal() {
- return serverPrincipal;
- }
-
- public void setServerPrincipal(PrincipalName serverPrincipal) {
- this.serverPrincipal = serverPrincipal;
- }
-
- public List<EncryptionType> getEncryptionTypes() {
- if (encryptionTypes == null) {
- encryptionTypes = context.getConfig().getEncryptionTypes();
- }
- return encryptionTypes;
- }
-
- public void setEncryptionTypes(List<EncryptionType> encryptionTypes) {
- this.encryptionTypes = encryptionTypes;
- }
-
- public EncryptionType getChosenEncryptionType() {
- return chosenEncryptionType;
- }
-
- public void setChosenEncryptionType(EncryptionType chosenEncryptionType) {
- this.chosenEncryptionType = chosenEncryptionType;
- }
-
- public int generateNonce() {
- return context.generateNonce();
- }
-
- public int getChosenNonce() {
- return chosenNonce;
- }
-
- public void setChosenNonce(int nonce) {
- this.chosenNonce = nonce;
- }
-
- public abstract EncryptionKey getClientKey() throws KrbException;
-
- public long getTicketValidTime() {
- return context.getTicketValidTime();
- }
-
- public KerberosTime getTicketTillTime() {
- long now = System.currentTimeMillis();
- return new KerberosTime(now + KerberosTime.MINUTE * 60 * 1000);
- }
-
- public void addHost(String hostNameOrIpAddress) throws UnknownHostException {
- InetAddress address = InetAddress.getByName(hostNameOrIpAddress);
- hostAddresses.add(new HostAddress(address));
- }
-
- public void process() throws KrbException {
- preauth();
- }
-
- public abstract void processResponse(KdcRep kdcRep) throws KrbException;
-
- public KrbOptions getPreauthOptions() {
- return new KrbOptions();
- }
-
- protected void preauth() throws KrbException {
- loadCredCache();
-
- List<EncryptionType> etypes = getEncryptionTypes();
- if (etypes.isEmpty()) {
- throw new KrbException("No encryption type is configured and available");
- }
- EncryptionType encryptionType = etypes.iterator().next();
- setChosenEncryptionType(encryptionType);
-
- getPreauthHandler().preauth(this);
- }
-
- protected PreauthHandler getPreauthHandler() {
- return getContext().getPreauthHandler();
- }
-
- /**
- * Indicate interest in the AS key.
- */
- public void needAsKey() throws KrbException {
- EncryptionKey clientKey = getClientKey();
- if (clientKey == null) {
- throw new RuntimeException("Client key should be prepared or prompted at this time!");
- }
- setAsKey(clientKey);
- }
-
- /**
- * Get the enctype expected to be used to encrypt the encrypted portion of
- * the AS_REP packet. When handling a PREAUTH_REQUIRED error, this
- * typically comes from etype-info2. When handling an AS reply, it is
- * initialized from the AS reply itself.
- */
- public EncryptionType getEncType() {
-
- return getChosenEncryptionType();
- }
-
- public void askQuestion(String question, String challenge) {
- preauthContext.getUserResponser().askQuestion(question, challenge);
- }
-
- /**
- * Get a pointer to the FAST armor key, or NULL if the client is not using FAST.
- */
- public EncryptionKey getArmorKey() {
- return fastContext.armorKey;
- }
-
- /**
- * Get the current time for use in a preauth response. If
- * allow_unauth_time is true and the library has been configured to allow
- * it, the current time will be offset using unauthenticated timestamp
- * information received from the KDC in the preauth-required error, if one
- * has been received. Otherwise, the timestamp in a preauth-required error
- * will only be used if it is protected by a FAST channel. Only set
- * allow_unauth_time if using an unauthenticated time offset would not
- * create a security issue.
- */
- public KerberosTime getPreauthTime() {
- return KerberosTime.now();
- }
-
- /**
- * Get a state item from an input ccache, which may allow it
- * to retrace the steps it took last time. The returned data string is an
- * alias and should not be freed.
- */
- public Object getCacheValue(String key) {
- return credCache.get(key);
- }
-
- /**
- * Set a state item which will be recorded to an output
- * ccache, if the calling application supplied one. Both key and data
- * should be valid UTF-8 text.
- */
- public void cacheValue(String key, Object value) {
- credCache.put(key, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/TgsRequest.java b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/TgsRequest.java
deleted file mode 100644
index c528cfb..0000000
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/request/TgsRequest.java
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client.request;
-
-import org.apache.kerberos.kerb.client.KrbContext;
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.ap.ApOptions;
-import org.apache.kerberos.kerb.spec.ap.ApReq;
-import org.apache.kerberos.kerb.spec.ap.Authenticator;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.*;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.apache.kerberos.kerb.spec.ticket.ServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-
-public class TgsRequest extends KdcRequest {
- private TgtTicket tgt;
- private ApReq apReq;
-
- public TgsRequest(KrbContext context, TgtTicket tgtTicket) {
- super(context);
- this.tgt = tgtTicket;
-
- setAllowedPreauth(PaDataType.TGS_REQ);
- }
-
- public PrincipalName getClientPrincipal() {
- return tgt.getClientPrincipal();
- }
-
- @Override
- public EncryptionKey getClientKey() throws KrbException {
- return getSessionKey();
- }
-
- public EncryptionKey getSessionKey() {
- return tgt.getSessionKey();
- }
-
- @Override
- protected void preauth() throws KrbException {
- apReq = makeApReq();
- super.preauth();
- }
-
- @Override
- public void process() throws KrbException {
- super.process();
-
- TgsReq tgsReq = new TgsReq();
-
- KdcReqBody tgsReqBody = makeReqBody();
- tgsReq.setReqBody(tgsReqBody);
- tgsReq.setPaData(getPreauthContext().getOutputPaData());
-
- setKdcReq(tgsReq);
- }
-
- private ApReq makeApReq() throws KrbException {
- ApReq apReq = new ApReq();
-
- Authenticator authenticator = makeAuthenticator();
- EncryptionKey sessionKey = tgt.getSessionKey();
- EncryptedData authnData = EncryptionUtil.seal(authenticator,
- sessionKey, KeyUsage.TGS_REQ_AUTH);
- apReq.setEncryptedAuthenticator(authnData);
-
- apReq.setTicket(tgt.getTicket());
- ApOptions apOptions = new ApOptions();
- apReq.setApOptions(apOptions);
-
- return apReq;
- }
-
- private Authenticator makeAuthenticator() {
- Authenticator authenticator = new Authenticator();
- authenticator.setCname(getClientPrincipal());
- authenticator.setCrealm(tgt.getRealm());
-
- authenticator.setCtime(KerberosTime.now());
- authenticator.setCusec(0);
-
- EncryptionKey sessionKey = tgt.getSessionKey();
- authenticator.setSubKey(sessionKey);
-
- return authenticator;
- }
-
- @Override
- public void processResponse(KdcRep kdcRep) throws KrbException {
- setKdcRep(kdcRep);
-
- TgsRep tgsRep = (TgsRep) getKdcRep();
- EncTgsRepPart encTgsRepPart = EncryptionUtil.unseal(tgsRep.getEncryptedEncPart(),
- getSessionKey(),
- KeyUsage.TGS_REP_ENCPART_SESSKEY, EncTgsRepPart.class);
-
- tgsRep.setEncPart(encTgsRepPart);
-
- if (getChosenNonce() != encTgsRepPart.getNonce()) {
- throw new KrbException("Nonce didn't match");
- }
- }
-
- public ServiceTicket getServiceTicket() {
- ServiceTicket serviceTkt = new ServiceTicket(getKdcRep().getTicket(),
- (EncTgsRepPart) getKdcRep().getEncPart());
- return serviceTkt;
- }
-
- public ApReq getApReq() {
- return apReq;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/resources/kdc-krb5.conf b/haox-kerb/kerb-client/src/main/resources/kdc-krb5.conf
deleted file mode 100644
index d118dd1..0000000
--- a/haox-kerb/kerb-client/src/main/resources/kdc-krb5.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = {0}
- udp_preference_limit = 1
-
-[realms]
- {0} = '{'
- kdc = {1}:{2}
- '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/resources/kdc.ldiff b/haox-kerb/kerb-client/src/main/resources/kdc.ldiff
deleted file mode 100644
index bc989c3..0000000
--- a/haox-kerb/kerb-client/src/main/resources/kdc.ldiff
+++ /dev/null
@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-dn: ou=users,dc=${0},dc=${1}
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: KDC Service
-sn: Service
-uid: krbtgt
-userPassword: secret
-krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
-krb5KeyVersionNumber: 0
-
-dn: uid=ldap,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: LDAP
-sn: Service
-uid: ldap
-userPassword: secret
-krb5PrincipalName: ldap/${4}@${2}.${3}
-krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/main/resources/krb5.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/resources/krb5.conf b/haox-kerb/kerb-client/src/main/resources/krb5.conf
deleted file mode 100644
index 4222475..0000000
--- a/haox-kerb/kerb-client/src/main/resources/krb5.conf
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = KRB.COM
- dns_lookup_kdc = false
- dns_lookup_realm = false
- allow_weak_crypto = true
- ticket_lifetime = 86400
- renew_lifetime = 604800
- forwardable = true
- permitted_enctypes = des-cbc-crc aes128-cts-hmac-sha1-96
- clockskew = 300
- proxiable = true
- default_tgs_enctypes = des-cbc-crc
- default_tkt_enctypes = des-cbc-crc
-[realms]
-# ATHENA.MIT.EDU = {
-# admin_server = KERBEROS.MIT.EDU
-# default_domain = MIT.EDU
-# v4_instance_convert = {
-# mit = mit.edu
-# lithium = lithium.lcs.mit.edu
-# }
-# }
-# ANDREW.CMU.EDU = {
-# admin_server = vice28.fs.andrew.cmu.edu
-# }
-# GNU.ORG = {
-# kdc = kerberos.gnu.org
-# kdc = kerberos-2.gnu.org
-# admin_server = kerberos.gnu.org
-# }
-[domain_realm]
- .mit.edu = ATHENA.MIT.EDU
- mit.edu = ATHENA.MIT.EDU
- .media.mit.edu = MEDIA-LAB.MIT.EDU
- media.mit.edu = MEDIA-LAB.MIT.EDU
- .ucsc.edu = CATS.UCSC.EDU
-[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/src/test/java/org/apache/kerberos/kerb/client/TestKrbConfigLoad.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/test/java/org/apache/kerberos/kerb/client/TestKrbConfigLoad.java b/haox-kerb/kerb-client/src/test/java/org/apache/kerberos/kerb/client/TestKrbConfigLoad.java
deleted file mode 100644
index 450a085..0000000
--- a/haox-kerb/kerb-client/src/test/java/org/apache/kerberos/kerb/client/TestKrbConfigLoad.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.client;
-
-import org.apache.haox.config.Conf;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-import java.io.File;
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.net.URL;
-
-import org.junit.Test;
-import org.junit.Assert;
-
-
-/**
- * Test for loading configurations form krb5.conf.
- * krb5.conf is the configuration file in MIT Kerberos.
- */
-public class TestKrbConfigLoad {
-
- @Test
- public void test() throws IOException, URISyntaxException {
- URL confFileUrl = TestKrbConfigLoad.class.getResource("/krb5.conf");
- File confFile = new File(confFileUrl.toURI());
-
- KrbConfig krbConfig = new KrbConfig();
- Conf conf = krbConfig.getConf();
- conf.addIniConfig(confFile);
-
- Assert.assertEquals(krbConfig.getDefaultRealm(), "KRB.COM");
- Assert.assertFalse(krbConfig.getDnsLookUpKdc());
- Assert.assertFalse(krbConfig.getDnsLookUpRealm());
- Assert.assertTrue(krbConfig.getAllowWeakCrypto());
- Assert.assertEquals(krbConfig.getTicketLifetime(), 24 * 3600);
- Assert.assertEquals(krbConfig.getRenewLifetime(), 7 * 24 * 3600);
- Assert.assertTrue(krbConfig.isForwardableAllowed());
- Assert.assertEquals(krbConfig.getEncryptionTypes().size(), 2);
- Assert.assertEquals(krbConfig.getEncryptionTypes().get(0), EncryptionType.DES_CBC_CRC);
- Assert.assertEquals(krbConfig.getEncryptionTypes().get(1), EncryptionType.AES128_CTS_HMAC_SHA1_96);
- Assert.assertEquals(krbConfig.getAllowableClockSkew(), 300);
- Assert.assertTrue(krbConfig.isProxiableAllowed());
- Assert.assertEquals(krbConfig.getDefaultTgsEnctypes().size(), 1);
- Assert.assertEquals(krbConfig.getDefaultTgsEnctypes().get(0), EncryptionType.DES_CBC_CRC);
- Assert.assertEquals(krbConfig.getDefaultTktEnctypes().size(), 1);
- Assert.assertEquals(krbConfig.getDefaultTktEnctypes().get(0), EncryptionType.DES_CBC_CRC);
-
- Assert.assertEquals(krbConfig.getDefaultLoggingLocation(), "FILE:/var/log/krb5libs.log");
- Assert.assertEquals(krbConfig.getKdcLoggingLocation(), "FILE:/var/log/krb5kdc.log");
- Assert.assertEquals(krbConfig.getAdminLoggingLocation(), "FILE:/var/log/kadmind.log");
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/pom.xml b/haox-kerb/kerb-common/pom.xml
deleted file mode 100644
index f4e939b..0000000
--- a/haox-kerb/kerb-common/pom.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-common</artifactId>
-
- <name>Haox-kerb Common</name>
- <description>Haox-kerb Common facilities for both client and server</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-event</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-crypto</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/KrbThrow.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/KrbThrow.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/KrbThrow.java
deleted file mode 100644
index ea1f56a..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/KrbThrow.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-public class KrbThrow {
-
- public static KrbException out(MessageCode messageCode) throws KrbException {
- throw new KrbException(Message.getMessage(messageCode));
- }
-
- public static void out(MessageCode messageCode, Exception e) throws KrbException {
- throw new KrbException(Message.getMessage(messageCode), e);
- }
-
- public static void out(MessageCode messageCode, String message) throws KrbException {
- throw new KrbException(Message.getMessage(messageCode) + ":" + message);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/Message.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/Message.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/Message.java
deleted file mode 100644
index 19a22a5..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/Message.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class Message {
- private static Map<MessageCode, String> entries = new HashMap<MessageCode, String>();
-
- public static void init() {
-
- }
-
- public static void define(MessageCode code, String message) {
- entries.put(code, message);
- }
-
- public static String getMessage(MessageCode code) {
- String msg = entries.get(code);
- if (msg == null) {
- msg = code.getCodeName();
- }
- return msg;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/MessageCode.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/MessageCode.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/MessageCode.java
deleted file mode 100644
index e95caf0..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/MessageCode.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-public interface MessageCode {
- public String getCodeName();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/EncryptionUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/EncryptionUtil.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/EncryptionUtil.java
deleted file mode 100644
index 0903843..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/EncryptionUtil.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.haox.asn1.type.AbstractAsn1Type;
-import org.apache.haox.asn1.type.Asn1Type;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.crypto.EncTypeHandler;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class EncryptionUtil {
-
- public static List<EncryptionKey> generateKeys(List<EncryptionType> encryptionTypes) throws KrbException {
- List<EncryptionKey> results = new ArrayList<EncryptionKey>(encryptionTypes.size());
- EncryptionKey encKey;
- for (EncryptionType eType : encryptionTypes) {
- encKey = EncryptionHandler.random2Key(eType);
- results.add(encKey);
- }
-
- return results;
- }
-
- public static List<EncryptionKey> generateKeys(String principal, String passwd,
- List<EncryptionType> encryptionTypes) throws KrbException {
- List<EncryptionKey> results = new ArrayList<EncryptionKey>(encryptionTypes.size());
- EncryptionKey encKey;
- for (EncryptionType eType : encryptionTypes) {
- encKey = EncryptionHandler.string2Key(principal, passwd, eType);
- results.add(encKey);
- }
-
- return results;
- }
-
- public static EncryptionType getBestEncryptionType(List<EncryptionType> requestedTypes,
- List<EncryptionType> configuredTypes) {
- for (EncryptionType encryptionType : configuredTypes) {
- if (requestedTypes.contains(encryptionType)) {
- return encryptionType;
- }
- }
-
- return null;
- }
-
- public static EncryptedData seal(AbstractAsn1Type asn1Type,
- EncryptionKey key, KeyUsage usage) throws KrbException {
- byte[] encoded = asn1Type.encode();
- EncryptedData encrypted = EncryptionHandler.encrypt(encoded, key, usage);
- return encrypted;
- }
-
- public static <T extends Asn1Type> T unseal(EncryptedData encrypted, EncryptionKey key,
- KeyUsage usage, Class<T> krbType) throws KrbException {
- byte[] encoded = EncryptionHandler.decrypt(encrypted, key, usage);
- return KrbCodec.decode(encoded, krbType);
- }
-
- public static byte[] encrypt(EncryptionKey key,
- byte[] plaintext, int usage) throws KrbException {
- EncTypeHandler encType = EncryptionHandler.getEncHandler(key.getKeyType());
- byte[] cipherData = encType.encrypt(plaintext, key.getKeyData(), usage);
- return cipherData;
- }
-
- public static byte[] decrypt(EncryptionKey key,
- byte[] cipherData, int usage) throws KrbException {
- EncTypeHandler encType = EncryptionHandler.getEncHandler(key.getKeyType());
- byte[] plainData = encType.decrypt(cipherData, key.getKeyData(), usage);
- return plainData;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbConfHelper.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbConfHelper.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbConfHelper.java
deleted file mode 100644
index 41f9d86..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbConfHelper.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
-
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.haox.config.Conf;
-import org.apache.haox.config.Config;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-/**
- * Help KrbConfig and KdcConfig to load configs.
- */
-public class KrbConfHelper {
- /**
- * The regex to split a config value(string) to a list of config value(string list).
- */
- private static final String LIST_SPLITTER = " ";
-
- public static String getStringUnderSection(Conf conf, SectionConfigKey key) {
- Config subConfig = conf.getConfig(key.getSectionName());
- if (subConfig != null) {
- return subConfig.getString(key);
- } else {
- return (String) key.getDefaultValue();
- }
- }
-
- public static boolean getBooleanUnderSection(Conf conf, SectionConfigKey key) {
- Config subConfig = conf.getConfig(key.getSectionName());
- if (subConfig != null) {
- return subConfig.getBoolean(key);
- } else {
- return (Boolean) key.getDefaultValue();
- }
- }
-
- public static long getLongUnderSection(Conf conf, SectionConfigKey key) {
- Config subConfig = conf.getConfig(key.getSectionName());
- if (subConfig != null) {
- return subConfig.getLong(key);
- } else {
- return (Long) key.getDefaultValue();
- }
- }
-
- public static int getIntUnderSection(Conf conf, SectionConfigKey key) {
- Config subConfig = conf.getConfig(key.getSectionName());
- if (subConfig != null) {
- return subConfig.getInt(key);
- } else {
- return (Integer) key.getDefaultValue();
- }
- }
-
- public static String[] getStringArrayUnderSection(Conf conf, SectionConfigKey key) {
- String value = getStringUnderSection(conf, key);
- String[] values = value.split(LIST_SPLITTER);
- return values;
- }
-
- public static List<EncryptionType> getEncTypesUnderSection(Conf conf, SectionConfigKey key) {
- String[] encTypesNames = getStringArrayUnderSection(conf, key);
- return getEncryptionTypes(encTypesNames);
- }
-
- public static List<EncryptionType> getEncryptionTypes(String[] encTypeNames) {
- return getEncryptionTypes(Arrays.asList(encTypeNames));
- }
-
- public static List<EncryptionType> getEncryptionTypes(List<String> encTypeNames) {
- List<EncryptionType> results = new ArrayList<EncryptionType>(encTypeNames.size());
-
- EncryptionType eType;
- for (String eTypeName : encTypeNames) {
- eType = EncryptionType.fromName(eTypeName);
- if (eType != EncryptionType.NONE) {
- results.add(eType);
- }
- }
- return results;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbErrorUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbErrorUtil.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbErrorUtil.java
deleted file mode 100644
index 1bd3b18..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbErrorUtil.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-public class KrbErrorUtil {
-
- public static List<EncryptionType> getEtypes(KrbError error) throws IOException {
- MethodData methodData = new MethodData();
- methodData.decode(error.getEdata());
-
- for( PaDataEntry pd : methodData.getElements()) {
- if( pd.getPaDataType() == PaDataType.ETYPE_INFO2 ) {
- return getEtypes2(pd.getPaDataValue());
- }
- else if( pd.getPaDataType() == PaDataType.ETYPE_INFO ) {
- return getEtypes(pd.getPaDataValue());
- }
- }
- return Collections.EMPTY_LIST;
- }
-
- private static List<EncryptionType> getEtypes(byte[] data) throws IOException {
- EtypeInfo info = new EtypeInfo();
- info.decode(data);
- List<EncryptionType> results = new ArrayList<EncryptionType>();
- for( EtypeInfoEntry entry : info.getElements() ) {
- results.add(entry.getEtype());
- }
- return results;
- }
-
- private static List<EncryptionType> getEtypes2(byte[] data) throws IOException {
- EtypeInfo2 info2 = new EtypeInfo2();
- info2.decode(data);
- List<EncryptionType> results = new ArrayList<EncryptionType>();
- for( EtypeInfo2Entry entry : info2.getElements() ) {
- results.add(entry.getEtype());
- }
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbStreamingDecoder.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbStreamingDecoder.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbStreamingDecoder.java
deleted file mode 100644
index de9a67d..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbStreamingDecoder.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.haox.transport.tcp.DecodingCallback;
-import org.apache.haox.transport.tcp.StreamingDecoder;
-
-import java.nio.ByteBuffer;
-
-public class KrbStreamingDecoder implements StreamingDecoder {
-
- @Override
- public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
- if (streamingBuffer.remaining() >= 4) {
- int len = streamingBuffer.getInt();
- if (streamingBuffer.remaining() >= len) {
- callback.onMessageComplete(len + 4);
- } else {
- callback.onMoreDataNeeded(len + 4);
- }
- } else {
- callback.onMoreDataNeeded();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbUtil.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbUtil.java
deleted file mode 100644
index 3669509..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/KrbUtil.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.haox.transport.Transport;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class KrbUtil {
-
- public static void sendMessage(KrbMessage message, Transport transport) {
- int bodyLen = message.encodingLength();
- ByteBuffer buffer = ByteBuffer.allocate(bodyLen + 4);
- buffer.putInt(bodyLen);
- message.encode(buffer);
- buffer.flip();
- transport.sendMessage(buffer);
- }
-
- public static KrbMessage decodeMessage(ByteBuffer message) throws IOException {
- int bodyLen = message.getInt();
- assert (message.remaining() >= bodyLen);
-
- KrbMessage krbMessage = KrbCodec.decodeMessage(message);
-
- return krbMessage;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/SectionConfigKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/SectionConfigKey.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/SectionConfigKey.java
deleted file mode 100644
index 8249132..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/common/SectionConfigKey.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.common;
-
-import org.apache.haox.config.ConfigKey;
-
-/**
- * Config Keys with section name.
- * Use by MIT Kerberos config keys.
- */
-public interface SectionConfigKey extends ConfigKey {
-
- public String getSectionName();
-}
[40/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/RecvBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/RecvBuffer.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/RecvBuffer.java
deleted file mode 100644
index a8d5b7b..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/RecvBuffer.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.buffer;
-
-import java.nio.BufferOverflowException;
-import java.nio.ByteBuffer;
-import java.util.Iterator;
-import java.util.LinkedList;
-
-public class RecvBuffer {
-
- private LinkedList<ByteBuffer> bufferQueue;
-
- public RecvBuffer() {
- bufferQueue = new LinkedList<ByteBuffer>();
- }
-
- public synchronized void write(ByteBuffer buffer) {
- bufferQueue.addLast(buffer);
- }
-
- /**
- * Put buffer as the first into the buffer queue
- */
- public synchronized void writeFirst(ByteBuffer buffer) {
- bufferQueue.addFirst(buffer);
- }
-
- /**
- * Read and return the first buffer if available
- */
- public synchronized ByteBuffer readFirst() {
- if (! bufferQueue.isEmpty()) {
- return bufferQueue.removeFirst();
- }
- return null;
- }
-
- /**
- * Read most available bytes into the dst buffer
- */
- public synchronized ByteBuffer readMostBytes() {
- int len = remaining();
- return readBytes(len);
- }
-
- /**
- * Read len bytes into the dst buffer if available
- */
- public synchronized ByteBuffer readBytes(int len) {
- if (remaining() < len) { // no enough data that's available
- throw new BufferOverflowException();
- }
-
- ByteBuffer result = null;
-
- ByteBuffer takenBuffer;
- if (bufferQueue.size() == 1) {
- takenBuffer = bufferQueue.removeFirst();
-
- if (takenBuffer.remaining() == len) {
- return takenBuffer;
- }
-
- result = BufferPool.allocate(len);
- for (int i = 0; i < len; i++) {
- result.put(takenBuffer.get());
- }
- // Has left bytes so put it back for future reading
- if (takenBuffer.remaining() > 0) {
- bufferQueue.addFirst(takenBuffer);
- }
- } else {
- result = BufferPool.allocate(len);
-
- Iterator<ByteBuffer> iter = bufferQueue.iterator();
- int alreadyGot = 0, toGet;
- while (iter.hasNext()) {
- takenBuffer = iter.next();
- iter.remove();
-
- toGet = takenBuffer.remaining() < len - alreadyGot ?
- takenBuffer.remaining() : len -alreadyGot;
- byte[] toGetBytes = new byte[toGet];
- takenBuffer.get(toGetBytes);
- result.put(toGetBytes);
-
- if (takenBuffer.remaining() > 0) {
- bufferQueue.addFirst(takenBuffer);
- }
-
- alreadyGot += toGet;
- if (alreadyGot == len) {
- break;
- }
- }
- }
- result.flip();
-
- return result;
- }
-
- public boolean isEmpty() {
- return bufferQueue.isEmpty();
- }
-
- /**
- * Return count of remaining and left bytes that's available
- */
- public int remaining() {
- if (bufferQueue.isEmpty()) {
- return 0;
- } else if (bufferQueue.size() == 1) {
- return bufferQueue.getFirst().remaining();
- }
-
- int result = 0;
- Iterator<ByteBuffer> iter = bufferQueue.iterator();
- while (iter.hasNext()) {
- result += iter.next().remaining();
- }
- return result;
- }
-
- public synchronized void clear() {
- if (bufferQueue.isEmpty()) {
- return;
- } else if (bufferQueue.size() == 1) {
- BufferPool.release(bufferQueue.getFirst());
- }
-
- Iterator<ByteBuffer> iter = bufferQueue.iterator();
- while (iter.hasNext()) {
- BufferPool.release(iter.next());
- }
- bufferQueue.clear();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/TransBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/TransBuffer.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/TransBuffer.java
deleted file mode 100644
index 6ddb011..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/buffer/TransBuffer.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.buffer;
-
-import java.nio.ByteBuffer;
-import java.util.concurrent.ArrayBlockingQueue;
-import java.util.concurrent.BlockingQueue;
-
-public class TransBuffer {
-
- private BlockingQueue<ByteBuffer> bufferQueue;
-
- public TransBuffer() {
- bufferQueue = new ArrayBlockingQueue<ByteBuffer>(2);
- }
-
- public void write(ByteBuffer buffer) {
- bufferQueue.add(buffer);
- }
-
- public void write(byte[] buffer) {
- write(ByteBuffer.wrap(buffer));
- }
-
- public ByteBuffer read() {
- return bufferQueue.poll();
- }
-
- public boolean isEmpty() {
- return bufferQueue.isEmpty();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/event/AddressEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/AddressEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/event/AddressEvent.java
deleted file mode 100644
index 3bc8e37..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/AddressEvent.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.event;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-
-import java.net.InetSocketAddress;
-
-public class AddressEvent extends Event {
-
- private InetSocketAddress address;
-
- public AddressEvent(InetSocketAddress address, EventType eventType) {
- super(eventType);
- this.address = address;
- }
-
- public InetSocketAddress getAddress() {
- return address;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/event/MessageEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/MessageEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/event/MessageEvent.java
deleted file mode 100644
index 4aacbfb..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/MessageEvent.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.event;
-
-import org.apache.haox.transport.Transport;
-
-import java.nio.ByteBuffer;
-
-public class MessageEvent extends TransportEvent {
-
- private MessageEvent(Transport transport, ByteBuffer message) {
- super(transport, TransportEventType.INBOUND_MESSAGE, message);
- }
-
- public ByteBuffer getMessage() {
- return (ByteBuffer) getEventData();
- }
-
- public static MessageEvent createInboundMessageEvent(
- Transport transport, ByteBuffer message) {
- return new MessageEvent(transport, message);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEvent.java
deleted file mode 100644
index 8399111..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEvent.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.event;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Transport;
-
-public class TransportEvent extends Event {
-
- private Transport transport;
-
- public TransportEvent(Transport transport, EventType eventType) {
- super(eventType);
- this.transport = transport;
- }
-
- public TransportEvent(Transport transport, EventType eventType, Object eventData) {
- super(eventType, eventData);
- this.transport = transport;
- }
-
- public Transport getTransport() {
- return transport;
- }
-
- public static TransportEvent createWritableTransportEvent(Transport transport) {
- return new TransportEvent(transport, TransportEventType.TRANSPORT_WRITABLE);
- }
-
- public static TransportEvent createReadableTransportEvent(Transport transport) {
- return new TransportEvent(transport, TransportEventType.TRANSPORT_READABLE);
- }
-
- public static TransportEvent createNewTransportEvent(Transport transport) {
- return new TransportEvent(transport, TransportEventType.NEW_TRANSPORT);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEventType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEventType.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEventType.java
deleted file mode 100644
index effcf36..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/event/TransportEventType.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.event;
-
-import org.apache.haox.event.EventType;
-
-public enum TransportEventType implements EventType {
- NEW_TRANSPORT,
- TRANSPORT_WRITABLE,
- TRANSPORT_READABLE,
- INBOUND_MESSAGE
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/DecodingCallback.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/DecodingCallback.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/DecodingCallback.java
deleted file mode 100644
index d9408ca..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/DecodingCallback.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-public interface DecodingCallback {
-
- /**
- * OK, enough data is ready, a message can be out
- */
- public void onMessageComplete(int messageLength);
-
- /**
- * Need more data to be available
- */
- public void onMoreDataNeeded();
-
- /**
- * Need more data to be available, with determined more data length given
- */
- public void onMoreDataNeeded(int needDataLength);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/StreamingDecoder.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/StreamingDecoder.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/StreamingDecoder.java
deleted file mode 100644
index 03dd511..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/StreamingDecoder.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import java.nio.ByteBuffer;
-
-public interface StreamingDecoder {
- public void decode(ByteBuffer streamingBuffer, DecodingCallback callback);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAcceptor.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAcceptor.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAcceptor.java
deleted file mode 100644
index 32d6614..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAcceptor.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Acceptor;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.nio.channels.ClosedByInterruptException;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.ServerSocketChannel;
-import java.nio.channels.SocketChannel;
-
-public class TcpAcceptor extends Acceptor {
-
- public TcpAcceptor(StreamingDecoder streamingDecoder) {
- this(new TcpTransportHandler(streamingDecoder));
- }
-
- public TcpAcceptor(TcpTransportHandler transportHandler) {
- super(transportHandler);
-
- setEventHandler(new AbstractEventHandler() {
- @Override
- protected void doHandle(Event event) throws Exception {
- if (event.getEventType() == TcpEventType.ADDRESS_BIND) {
- try {
- doBind((AddressEvent) event);
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- TcpEventType.ADDRESS_BIND
- };
- }
- });
- }
-
- @Override
- protected void doListen(InetSocketAddress socketAddress) {
- AddressEvent event = TcpAddressEvent.createAddressBindEvent(socketAddress);
- dispatch(event);
- }
-
- @Override
- protected void dealKey(SelectionKey selectionKey) throws IOException {
- if (selectionKey.isAcceptable()) {
- doAccept(selectionKey);
- } else {
- super.dealKey(selectionKey);
- }
- }
-
- void doAccept(SelectionKey key) throws IOException {
- ServerSocketChannel server = (ServerSocketChannel) key.channel();
- SocketChannel channel;
-
- try {
- while ((channel = server.accept()) != null) {
- channel.configureBlocking(false);
- channel.socket().setTcpNoDelay(true);
- channel.socket().setKeepAlive(true);
-
- Transport transport = new TcpTransport(channel,
- ((TcpTransportHandler) transportHandler).getStreamingDecoder());
-
- channel.register(selector,
- SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
- onNewTransport(transport);
- }
- } catch (ClosedByInterruptException e) {
- // No op as normal
- }
- }
-
- protected void doBind(AddressEvent event) throws IOException {
- ServerSocketChannel serverSocketChannel = ServerSocketChannel.open();
- serverSocketChannel.configureBlocking(false);
- ServerSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(event.getAddress());
- serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT, serverSocketChannel);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAddressEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAddressEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAddressEvent.java
deleted file mode 100644
index 3284582..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpAddressEvent.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.net.InetSocketAddress;
-
-public class TcpAddressEvent {
-
- public static AddressEvent createAddressBindEvent(InetSocketAddress address) {
- return new AddressEvent(address, TcpEventType.ADDRESS_BIND);
- }
-
- public static AddressEvent createAddressConnectEvent(InetSocketAddress address) {
- return new AddressEvent(address, TcpEventType.ADDRESS_CONNECT);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpConnector.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpConnector.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpConnector.java
deleted file mode 100644
index 2c742a9..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpConnector.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Connector;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.SocketChannel;
-
-public class TcpConnector extends Connector {
-
- public TcpConnector(StreamingDecoder streamingDecoder) {
- this(new TcpTransportHandler(streamingDecoder));
- }
-
- public TcpConnector(TcpTransportHandler transportHandler) {
- super(transportHandler);
-
- setEventHandler(new AbstractEventHandler() {
- @Override
- protected void doHandle(Event event) throws Exception {
- if (event.getEventType() == TcpEventType.ADDRESS_CONNECT) {
- doConnect((AddressEvent) event);
- }
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- TcpEventType.ADDRESS_CONNECT
- };
- }
- });
- }
-
- @Override
- protected void doConnect(InetSocketAddress sa) {
- AddressEvent event = TcpAddressEvent.createAddressConnectEvent(sa);
- dispatch(event);
- }
-
- private void doConnect(AddressEvent event) throws IOException {
- SocketChannel channel = SocketChannel.open();
- channel.configureBlocking(false);
- channel.connect(event.getAddress());
- channel.register(selector,
- SelectionKey.OP_CONNECT | SelectionKey.OP_READ | SelectionKey.OP_WRITE);
- }
-
- @Override
- protected void dealKey(SelectionKey selectionKey) throws IOException {
- if (selectionKey.isConnectable()) {
- doConnect(selectionKey);
- } else {
- super.dealKey(selectionKey);
- }
- }
-
- private void doConnect(SelectionKey key) throws IOException {
- SocketChannel channel = (SocketChannel) key.channel();
- if (channel.isConnectionPending()) {
- channel.finishConnect();
- }
-
- Transport transport = new TcpTransport(channel,
- ((TcpTransportHandler) transportHandler).getStreamingDecoder());
- channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
- onNewTransport(transport);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpEventType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpEventType.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpEventType.java
deleted file mode 100644
index 3426053..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpEventType.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.event.EventType;
-
-public enum TcpEventType implements EventType {
- ADDRESS_BIND,
- ADDRESS_CONNECT
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransport.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransport.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransport.java
deleted file mode 100644
index e914b80..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransport.java
+++ /dev/null
@@ -1,110 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.buffer.BufferPool;
-import org.apache.haox.transport.buffer.RecvBuffer;
-import org.apache.haox.transport.event.MessageEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.SocketChannel;
-
-public class TcpTransport extends Transport {
-
- private SocketChannel channel;
-
- private StreamingDecoder streamingDecoder;
-
- private RecvBuffer recvBuffer;
-
- public TcpTransport(SocketChannel channel,
- StreamingDecoder streamingDecoder) throws IOException {
- super((InetSocketAddress) channel.getRemoteAddress());
- this.channel = channel;
- this.streamingDecoder = streamingDecoder;
-
- this.recvBuffer = new RecvBuffer();
- }
-
- @Override
- protected void sendOutMessage(ByteBuffer message) throws IOException {
- channel.write(message);
- }
-
- public void onReadable() throws IOException {
- ByteBuffer writeBuffer = BufferPool.allocate(65536);
- if (channel.read(writeBuffer) <= 0) {
- BufferPool.release(writeBuffer);
- return;
- }
-
- writeBuffer.flip();
- recvBuffer.write(writeBuffer);
-
- WithReadDataHander rdHandler = new WithReadDataHander();
- rdHandler.handle();
- }
-
- class WithReadDataHander implements DecodingCallback {
- private ByteBuffer streamingBuffer;
-
- @Override
- public void onMessageComplete(int messageLength) {
- ByteBuffer message = null;
-
- int remaining = streamingBuffer.remaining();
- if (remaining == messageLength) {
- message = streamingBuffer;
- } else if (remaining > messageLength) {
- message = streamingBuffer.duplicate();
- int newLimit = streamingBuffer.position() + messageLength;
- message.limit(newLimit);
-
- streamingBuffer.position(newLimit);
- recvBuffer.writeFirst(streamingBuffer);
- }
-
- if (message != null) {
- dispatcher.dispatch(MessageEvent.createInboundMessageEvent(TcpTransport.this, message));
- }
- }
-
- @Override
- public void onMoreDataNeeded() {
- recvBuffer.writeFirst(streamingBuffer);
- }
-
- @Override
- public void onMoreDataNeeded(int needDataLength) {
- recvBuffer.writeFirst(streamingBuffer);
- }
-
- public void handle() {
- if (recvBuffer.isEmpty()) return;
-
- streamingBuffer = recvBuffer.readMostBytes();
-
- streamingDecoder.decode(streamingBuffer.duplicate(), this);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransportHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransportHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransportHandler.java
deleted file mode 100644
index 2cf7b11..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/tcp/TcpTransportHandler.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.tcp;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.TransportEventType;
-import org.apache.haox.transport.TransportHandler;
-import org.apache.haox.transport.event.TransportEvent;
-
-import java.io.IOException;
-import java.nio.channels.SelectionKey;
-
-public class TcpTransportHandler extends TransportHandler {
-
- private StreamingDecoder streamingDecoder;
-
- public TcpTransportHandler(StreamingDecoder streamingDecoder) {
- this.streamingDecoder = streamingDecoder;
- }
-
- public StreamingDecoder getStreamingDecoder() {
- return streamingDecoder;
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new TransportEventType[] {
- TransportEventType.TRANSPORT_READABLE,
- TransportEventType.TRANSPORT_WRITABLE
- };
- }
-
- @Override
- protected void doHandle(Event event) throws Exception {
- EventType eventType = event.getEventType();
- TransportEvent te = (TransportEvent) event;
- Transport transport = te.getTransport();
- if (eventType == TransportEventType.TRANSPORT_READABLE) {
- transport.onReadable();
- } else if (eventType == TransportEventType.TRANSPORT_WRITABLE) {
- transport.onWriteable();
- }
- }
-
- @Override
- public void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
- if (selectionKey.isReadable()) {
- selectionKey.interestOps(SelectionKey.OP_READ | SelectionKey.OP_WRITE);
- TcpTransport transport = (TcpTransport) selectionKey.attachment();
- dispatch(TransportEvent.createReadableTransportEvent(transport));
- } else if (selectionKey.isWritable()) {
- selectionKey.interestOps(SelectionKey.OP_READ);
- TcpTransport transport = (TcpTransport) selectionKey.attachment();
- dispatch(TransportEvent.createWritableTransportEvent(transport));
- }
- }
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAcceptor.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAcceptor.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAcceptor.java
deleted file mode 100644
index 8ee6f0d..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAcceptor.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Acceptor;
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.channels.DatagramChannel;
-import java.nio.channels.SelectionKey;
-
-public class UdpAcceptor extends Acceptor {
-
- private DatagramChannel serverChannel;
-
- public UdpAcceptor() {
- this(new UdpTransportHandler());
- }
-
- public UdpAcceptor(UdpTransportHandler udpTransportHandler) {
- super(udpTransportHandler);
-
- setEventHandler(new AbstractEventHandler() {
- @Override
- protected void doHandle(Event event) throws Exception {
- if (event.getEventType() == UdpEventType.ADDRESS_BIND) {
- doBind((AddressEvent) event);
- }
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- UdpEventType.ADDRESS_BIND
- };
- }
- });
- }
-
- @Override
- protected void doListen(InetSocketAddress socketAddress) {
- AddressEvent event = UdpAddressEvent.createAddressBindEvent(socketAddress);
- dispatch(event);
- }
-
- private void doBind(AddressEvent event) throws IOException {
- serverChannel = DatagramChannel.open();
- serverChannel.configureBlocking(false);
- serverChannel.bind(event.getAddress());
- serverChannel.register(selector, SelectionKey.OP_READ);
- }
-
- @Override
- public void stop() {
- super.stop();
-
- try {
- serverChannel.close();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAddressEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAddressEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAddressEvent.java
deleted file mode 100644
index 9b6c03d..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpAddressEvent.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.net.InetSocketAddress;
-
-public class UdpAddressEvent {
-
- public static AddressEvent createAddressBindEvent(InetSocketAddress address) {
- return new AddressEvent(address, UdpEventType.ADDRESS_BIND);
- }
-
- public static AddressEvent createAddressConnectEvent(InetSocketAddress address) {
- return new AddressEvent(address, UdpEventType.ADDRESS_CONNECT);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpChannelEvent.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpChannelEvent.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpChannelEvent.java
deleted file mode 100644
index fbf2b88..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpChannelEvent.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-
-import java.nio.channels.DatagramChannel;
-
-public class UdpChannelEvent extends Event {
-
- private DatagramChannel channel;
-
- private UdpChannelEvent(DatagramChannel channel, EventType eventType) {
- super(eventType);
- this.channel = channel;
- }
-
- public DatagramChannel getChannel() {
- return channel;
- }
-
- public static UdpChannelEvent makeWritableChannelEvent(DatagramChannel channel) {
- return new UdpChannelEvent(channel, UdpEventType.CHANNEL_WRITABLE);
- }
-
- public static UdpChannelEvent makeReadableChannelEvent(DatagramChannel channel) {
- return new UdpChannelEvent(channel, UdpEventType.CHANNEL_READABLE);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpConnector.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpConnector.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpConnector.java
deleted file mode 100644
index 896a51f..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpConnector.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.event.AbstractEventHandler;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Connector;
-import org.apache.haox.transport.event.AddressEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.channels.DatagramChannel;
-import java.nio.channels.SelectionKey;
-
-public class UdpConnector extends Connector {
-
- public UdpConnector() {
- this(new UdpTransportHandler());
- }
-
- public UdpConnector(UdpTransportHandler transportHandler) {
- super(transportHandler);
-
- setEventHandler(new AbstractEventHandler() {
- @Override
- protected void doHandle(Event event) throws Exception {
- if (event.getEventType() == UdpEventType.ADDRESS_CONNECT) {
- doConnect((AddressEvent) event);
- }
- }
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- UdpEventType.ADDRESS_CONNECT
- };
- }
- });
- }
-
- @Override
- protected void doConnect(InetSocketAddress sa) {
- AddressEvent event = UdpAddressEvent.createAddressConnectEvent(sa);
- dispatch(event);
- }
-
- private void doConnect(AddressEvent event) throws IOException {
- InetSocketAddress address = event.getAddress();
- DatagramChannel channel = DatagramChannel.open();
- channel.configureBlocking(false);
- channel.connect(address);
-
- channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE);
-
- UdpTransport transport = new UdpTransport(channel, address);
- onNewTransport(transport);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpEventType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpEventType.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpEventType.java
deleted file mode 100644
index 4f7ac4d..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpEventType.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.event.EventType;
-
-public enum UdpEventType implements EventType {
- ADDRESS_BIND,
- ADDRESS_CONNECT,
- CHANNEL_WRITABLE,
- CHANNEL_READABLE
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransport.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransport.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransport.java
deleted file mode 100644
index b3bf127..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransport.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.buffer.TransBuffer;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEvent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.DatagramChannel;
-
-public class UdpTransport extends Transport {
- private DatagramChannel channel;
-
- protected TransBuffer recvBuffer;
-
- public UdpTransport(DatagramChannel channel,
- InetSocketAddress remoteAddress) {
- super(remoteAddress);
- this.channel = channel;
- this.recvBuffer = new TransBuffer();
- }
-
- protected void onRecvData(ByteBuffer data) {
- if (data != null) {
- recvBuffer.write(data);
- dispatcher.dispatch(TransportEvent.createReadableTransportEvent(this));
- }
- }
-
- @Override
- public void onReadable() throws IOException {
- super.onReadable();
-
- if (! recvBuffer.isEmpty()) {
- ByteBuffer message = recvBuffer.read();
- dispatcher.dispatch(MessageEvent.createInboundMessageEvent(this, message));
- }
- }
-
- @Override
- protected void sendOutMessage(ByteBuffer message) throws IOException {
- channel.send(message, getRemoteAddress());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransportHandler.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransportHandler.java b/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransportHandler.java
deleted file mode 100644
index eb2699a..0000000
--- a/contrib/haox-event/src/main/java/org/apache/haox/transport/udp/UdpTransportHandler.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.transport.udp;
-
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.TransportHandler;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.event.TransportEventType;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.DatagramChannel;
-import java.nio.channels.SelectionKey;
-import java.util.HashMap;
-import java.util.Map;
-
-public class UdpTransportHandler extends TransportHandler {
-
- protected Map<InetSocketAddress, UdpTransport> transports =
- new HashMap<InetSocketAddress, UdpTransport>();
-
- @Override
- public EventType[] getInterestedEvents() {
- return new EventType[] {
- UdpEventType.CHANNEL_READABLE,
- TransportEventType.TRANSPORT_WRITABLE,
- TransportEventType.TRANSPORT_READABLE,
- TransportEventType.NEW_TRANSPORT
- };
- }
-
- @Override
- protected void doHandle(Event event) throws Exception {
- EventType eventType = event.getEventType();
- if (eventType == UdpEventType.CHANNEL_READABLE) {
- UdpChannelEvent ce = (UdpChannelEvent) event;
- DatagramChannel channel = ce.getChannel();
- doRead(channel);
- } else if (eventType == TransportEventType.TRANSPORT_READABLE) {
- TransportEvent te = (TransportEvent) event;
- Transport transport = te.getTransport();
- transport.onReadable();
- } else if (eventType == TransportEventType.TRANSPORT_WRITABLE) {
- TransportEvent te = (TransportEvent) event;
- Transport transport = te.getTransport();
- transport.onWriteable();
- } else if (eventType == TransportEventType.NEW_TRANSPORT) {
- TransportEvent te = (TransportEvent) event;
- Transport transport = te.getTransport();
- if (transport instanceof UdpTransport) {
- InetSocketAddress remoteAddress = transport.getRemoteAddress();
- if (! transports.containsKey(remoteAddress)) {
- transports.put(remoteAddress, (UdpTransport) transport);
- }
- }
- }
- }
-
- private void doRead(DatagramChannel channel) throws IOException {
- ByteBuffer recvBuffer = ByteBuffer.allocate(65536); // to optimize
- InetSocketAddress fromAddress = (InetSocketAddress) channel.receive(recvBuffer);
- if (fromAddress != null) {
- recvBuffer.flip();
- UdpTransport transport = transports.get(fromAddress);
- if (transport == null) {
- // should be from acceptor
- transport = new UdpTransport(channel, fromAddress);
- transport.setDispatcher(getDispatcher());
- dispatch(TransportEvent.createNewTransportEvent(transport));
- }
- transport.onRecvData(recvBuffer);
- }
- }
-
- @Override
- public void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
- DatagramChannel channel =
- (DatagramChannel) selectionKey.channel();
-
- if (selectionKey.isReadable()) {
- dispatch(UdpChannelEvent.makeReadableChannelEvent(channel));
- } else if (selectionKey.isWritable()) {
- dispatch(UdpChannelEvent.makeWritableChannelEvent(channel));
- }
- // Udp channel is always writable, so not usable
- selectionKey.interestOps(SelectionKey.OP_READ);
- }
-}
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/TestBuffer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/TestBuffer.java b/contrib/haox-event/src/test/java/org/apache/haox/event/TestBuffer.java
deleted file mode 100644
index 37a415b..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/TestBuffer.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event;
-
-import org.apache.haox.transport.buffer.RecvBuffer;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.nio.ByteBuffer;
-
-public class TestBuffer {
-
- @Test
- public void testRecvBuffer() {
- String testString = "HELLO WORLD";
- ByteBuffer testMessage = ByteBuffer.wrap(testString.getBytes());
- ByteBuffer tmp;
-
- RecvBuffer testBuffer = new RecvBuffer();
- testBuffer.write(testMessage);
- tmp = testBuffer.readMostBytes();
- Assert.assertArrayEquals(testString.getBytes(), tmp.array());
-
- int nTimes = 10;
- testBuffer.clear();
- for (int i = 0; i < nTimes; ++i) {
- testBuffer.write(ByteBuffer.wrap(testString.getBytes()));
- }
- int expectedBytes = nTimes * testMessage.limit();
- tmp = testBuffer.readMostBytes();
- Assert.assertEquals(expectedBytes, tmp.limit());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkBase.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkBase.java b/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkBase.java
deleted file mode 100644
index d2bfdc3..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkBase.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.network;
-
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.tcp.DecodingCallback;
-import org.apache.haox.transport.tcp.StreamingDecoder;
-
-import java.nio.ByteBuffer;
-
-public class TestNetworkBase {
- protected String serverHost = "127.0.0.1";
- protected short tcpPort = 8183;
- protected short udpPort = 8184;
- protected String TEST_MESSAGE = "Hello world!";
- protected String clientRecvedMessage;
-
- protected enum TestEventType implements EventType {
- FINISHED
- }
-
- protected String recvBuffer2String(ByteBuffer buffer) {
- byte[] bytes = new byte[buffer.remaining()];
- buffer.get(bytes);
- return new String(bytes);
- }
-
- protected StreamingDecoder createStreamingDecoder() {
- return new StreamingDecoder() {
- @Override
- public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
- int expectedMessageLength = TEST_MESSAGE.getBytes().length;
- if (streamingBuffer.remaining() >= expectedMessageLength) {
- callback.onMessageComplete(expectedMessageLength);
- } else {
- callback.onMoreDataNeeded(expectedMessageLength);
- }
- }
- };
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkClient.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkClient.java b/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkClient.java
deleted file mode 100644
index 8af0874..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkClient.java
+++ /dev/null
@@ -1,212 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.network;
-
-import junit.framework.Assert;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.event.EventWaiter;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.Network;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.DatagramSocket;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.nio.ByteBuffer;
-import java.nio.channels.*;
-import java.util.Iterator;
-import java.util.Set;
-
-public class TestNetworkClient extends TestNetworkBase {
-
- private EventHub eventHub;
- private EventWaiter eventWaiter;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- setUpClient();
- }
-
- private void setUpServer() {
- new Thread(new Runnable() {
- @Override
- public void run() {
- try {
- doRunTcpServer();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }).start();
-
- new Thread(new Runnable() {
- @Override
- public void run() {
- try {
- doRunUdpServer();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }).start();
- }
-
- private void doRunTcpServer() throws IOException {
- ServerSocketChannel serverSocketChannel;
- Selector selector = Selector.open();
- serverSocketChannel = ServerSocketChannel .open();
- serverSocketChannel.configureBlocking(false);
- ServerSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(new InetSocketAddress(tcpPort));
- serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT);
-
- SocketChannel socketChannel;
- while (true) {
- if (selector.selectNow() > 0) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- iterator.remove();
-
- if (selectionKey.isAcceptable()) {
- while ((socketChannel = serverSocketChannel.accept()) != null) {
- socketChannel.configureBlocking(false);
- socketChannel.socket().setTcpNoDelay(true);
- socketChannel.socket().setKeepAlive(true);
- socketChannel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, socketChannel);
- //selectionKey.attach(socketChannel);
- }
- } else if (selectionKey.isReadable()) {
- ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
- socketChannel = (SocketChannel) selectionKey.attachment();
- if (socketChannel.read(recvBuffer) > 0) {
- recvBuffer.flip();
- socketChannel.write(recvBuffer);
- }
- }
- }
-
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- e.printStackTrace();
- }
- }
- }
- }
-
- private void doRunUdpServer() throws IOException {
- DatagramChannel serverSocketChannel;
- Selector selector = Selector.open();
- serverSocketChannel = DatagramChannel.open();
- serverSocketChannel.configureBlocking(false);
- DatagramSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(new InetSocketAddress(udpPort));
- serverSocketChannel.register(selector, SelectionKey.OP_READ);
-
- while (true) {
- if (selector.selectNow() > 0) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- iterator.remove();
- if (selectionKey.isReadable()) {
- ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
- InetSocketAddress fromAddress = (InetSocketAddress) serverSocketChannel.receive(recvBuffer);
- if (fromAddress != null) {
- recvBuffer.flip();
- serverSocketChannel.send(recvBuffer, fromAddress);
- }
- }
- }
-
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- e.printStackTrace();
- }
- }
- }
- }
-
- private void setUpClient() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent event) {
- if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- ByteBuffer buffer = event.getMessage();
- if (buffer != null) {
- clientRecvedMessage = recvBuffer2String(buffer);
- System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
- Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
- dispatch(new Event(TestEventType.FINISHED, result));
- }
- }
- }
- };
- eventHub.register(messageHandler);
-
- Network network = new Network();
- network.setStreamingDecoder(createStreamingDecoder());
- eventHub.register(network);
-
- eventWaiter = eventHub.waitEvent(
- TestEventType.FINISHED,
- TransportEventType.NEW_TRANSPORT);
-
- eventHub.start();
- network.tcpConnect(serverHost, tcpPort);
- network.udpConnect(serverHost, udpPort);
- }
-
- @Test
- public void testNetworkClient() {
- Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
- Transport transport = ((TransportEvent) event).getTransport();
- transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
- event = eventWaiter.waitEvent(TestEventType.FINISHED);
- Assert.assertTrue((Boolean) event.getEventData());
-
- event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
- transport = ((TransportEvent) event).getTransport();
- transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
- event = eventWaiter.waitEvent(TestEventType.FINISHED);
- Assert.assertTrue((Boolean) event.getEventData());
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkServer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkServer.java b/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkServer.java
deleted file mode 100644
index c7b47a2..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/network/TestNetworkServer.java
+++ /dev/null
@@ -1,110 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.network;
-
-import junit.framework.Assert;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.Network;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.DatagramChannel;
-import java.nio.channels.SocketChannel;
-
-public class TestNetworkServer extends TestNetworkBase {
-
- private EventHub eventHub;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- }
-
- private void setUpServer() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent msgEvent) {
- if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- msgEvent.getTransport().sendMessage(msgEvent.getMessage());
- }
- }
- };
- eventHub.register(messageHandler);
-
- Network network = new Network();
- network.setStreamingDecoder(createStreamingDecoder());
- eventHub.register(network);
-
- eventHub.start();
- network.tcpListen(serverHost, tcpPort);
- network.udpListen(serverHost, udpPort);
- }
-
- @Test
- public void testNetworkServer() throws IOException, InterruptedException {
- testTcpTransport();
- testUdpTransport();
- }
-
- private void testTcpTransport() throws IOException, InterruptedException {
- Thread.sleep(10);
-
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, tcpPort);
- socketChannel.connect(sa);
- socketChannel.write(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
- ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
- socketChannel.read(byteBuffer);
- byteBuffer.flip();
- clientRecvedMessage = recvBuffer2String(byteBuffer);
- Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
- }
-
- private void testUdpTransport() throws IOException, InterruptedException {
- Thread.sleep(10);
-
- DatagramChannel socketChannel = DatagramChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, udpPort);
- socketChannel.send(ByteBuffer.wrap(TEST_MESSAGE.getBytes()), sa);
- ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
- socketChannel.receive(byteBuffer);
- byteBuffer.flip();
- clientRecvedMessage = recvBuffer2String(byteBuffer);
- Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpBase.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpBase.java b/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpBase.java
deleted file mode 100644
index 512d2db..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpBase.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.tcp;
-
-import org.apache.haox.event.EventType;
-import org.apache.haox.transport.tcp.DecodingCallback;
-import org.apache.haox.transport.tcp.StreamingDecoder;
-
-import java.nio.ByteBuffer;
-
-public class TestTcpBase {
- protected String serverHost = "127.0.0.1";
- protected short serverPort = 8181;
- protected String TEST_MESSAGE = "Hello world!";
- protected String clientRecvedMessage;
-
- protected enum TestEventType implements EventType {
- FINISHED
- }
-
- protected String recvBuffer2String(ByteBuffer buffer) {
- byte[] bytes = new byte[buffer.remaining()];
- buffer.get(bytes);
- return new String(bytes);
- }
-
- protected StreamingDecoder createStreamingDecoder() {
- return new StreamingDecoder() {
- @Override
- public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
- int expectedMessageLength = TEST_MESSAGE.getBytes().length;
- if (streamingBuffer.remaining() >= expectedMessageLength) {
- callback.onMessageComplete(expectedMessageLength);
- } else {
- callback.onMoreDataNeeded(expectedMessageLength);
- }
- }
- };
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpClient.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpClient.java b/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpClient.java
deleted file mode 100644
index 56f8931..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpClient.java
+++ /dev/null
@@ -1,160 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.tcp;
-
-import junit.framework.Assert;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.event.EventWaiter;
-import org.apache.haox.transport.Connector;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.apache.haox.transport.tcp.TcpConnector;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.nio.ByteBuffer;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.Selector;
-import java.nio.channels.ServerSocketChannel;
-import java.nio.channels.SocketChannel;
-import java.util.Iterator;
-import java.util.Set;
-
-public class TestTcpClient extends TestTcpBase {
-
- private EventHub eventHub;
- private EventWaiter eventWaiter;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- setUpClient();
- }
-
- private void setUpServer() {
- new Thread(new Runnable() {
- @Override
- public void run() {
- try {
- doRunServer();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }).start();
- }
-
- private void doRunServer() throws IOException {
- ServerSocketChannel serverSocketChannel;
- Selector selector = Selector.open();
- serverSocketChannel = ServerSocketChannel .open();
- serverSocketChannel.configureBlocking(false);
- ServerSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(new InetSocketAddress(serverPort));
- serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT);
-
- SocketChannel socketChannel;
- while (true) {
- if (selector.selectNow() > 0) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- iterator.remove();
-
- if (selectionKey.isAcceptable()) {
- while ((socketChannel = serverSocketChannel.accept()) != null) {
- socketChannel.configureBlocking(false);
- socketChannel.socket().setTcpNoDelay(true);
- socketChannel.socket().setKeepAlive(true);
- socketChannel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, socketChannel);
- //selectionKey.attach(socketChannel);
- }
- } else if (selectionKey.isReadable()) {
- ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
- socketChannel = (SocketChannel) selectionKey.attachment();
- if (socketChannel.read(recvBuffer) > 0) {
- recvBuffer.flip();
- socketChannel.write(recvBuffer);
- }
- }
- }
-
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- e.printStackTrace();
- }
- }
- }
- }
-
- private void setUpClient() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent event) {
- if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- ByteBuffer buffer = event.getMessage();
- clientRecvedMessage = recvBuffer2String(buffer);
- System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
- Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
- dispatch(new Event(TestEventType.FINISHED, result));
- }
- }
- };
- eventHub.register(messageHandler);
-
- Connector connector = new TcpConnector(createStreamingDecoder());
- eventHub.register(connector);
-
- eventWaiter = eventHub.waitEvent(
- TestEventType.FINISHED,
- TransportEventType.NEW_TRANSPORT);
-
- eventHub.start();
- connector.connect(serverHost, serverPort);
- }
-
- @Test
- public void testTcpTransport() {
- Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
- Transport transport = ((TransportEvent) event).getTransport();
- transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
-
- event = eventWaiter.waitEvent(TestEventType.FINISHED);
- Assert.assertTrue((Boolean) event.getEventData());
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
[22/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BigInteger.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BigInteger.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BigInteger.java
new file mode 100644
index 0000000..f880840
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BigInteger.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+public class Asn1BigInteger extends Asn1Simple<BigInteger>
+{
+ public Asn1BigInteger() {
+ this(null);
+ }
+
+ public Asn1BigInteger(long value) {
+ this(BigInteger.valueOf(value));
+ }
+
+ public Asn1BigInteger(BigInteger value) {
+ super(UniversalTag.INTEGER, value);
+ }
+
+ protected void toBytes() {
+ setBytes(getValue().toByteArray());
+ }
+
+ protected void toValue() throws IOException {
+ setValue(new BigInteger(getBytes()));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BitString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BitString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BitString.java
new file mode 100644
index 0000000..1aa0232
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BitString.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+
+public class Asn1BitString extends Asn1Simple<byte[]>
+{
+ private int padding;
+
+ public Asn1BitString() {
+ this(null);
+ }
+
+ public Asn1BitString(byte[] value) {
+ this(value, 0);
+ }
+
+ public Asn1BitString(byte[] value, int padding) {
+ super(UniversalTag.BIT_STRING, value);
+ this.padding = padding;
+ }
+
+ public void setPadding(int padding) {
+ this.padding = padding;
+ }
+
+ public int getPadding() {
+ return padding;
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return getValue().length + 1;
+ }
+
+ @Override
+ protected void toBytes() {
+ byte[] bytes = new byte[encodingBodyLength()];
+ bytes[0] = (byte)padding;
+ System.arraycopy(getValue(), 0, bytes, 1, bytes.length - 1);
+ setBytes(bytes);
+ }
+
+ @Override
+ protected void toValue() throws IOException {
+ byte[] bytes = getBytes();
+ if (bytes.length < 1) {
+ throw new IOException("Bad stream, zero bytes found for bitstring");
+ }
+ int paddingBits = bytes[0];
+ validatePaddingBits(paddingBits);
+ setPadding(paddingBits);
+
+ byte[] newBytes = new byte[bytes.length - 1];
+ if (bytes.length > 1) {
+ System.arraycopy(bytes, 1, newBytes, 0, bytes.length - 1);
+ }
+ setValue(newBytes);
+ }
+
+ private void validatePaddingBits(int paddingBits) throws IOException {
+ if (paddingBits < 0 || paddingBits > 7) {
+ throw new IOException("Bad padding number: " + paddingBits + ", should be in [0, 7]");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BmpString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BmpString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BmpString.java
new file mode 100644
index 0000000..125b9a2
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1BmpString.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+
+public class Asn1BmpString extends Asn1Simple<String>
+{
+ public Asn1BmpString() {
+ super(null);
+ }
+
+ public Asn1BmpString(String value) {
+ super(UniversalTag.BMP_STRING, value);
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return getValue().length() * 2;
+ }
+
+ protected void toBytes(EncodingOption encodingOption) {
+ String strValue = getValue();
+ int len = strValue.length();
+ byte[] bytes = new byte[len * 2];
+ char c;
+ for (int i = 0; i != len; i++) {
+ c = strValue.charAt(i);
+ bytes[2 * i] = (byte)(c >> 8);
+ bytes[2 * i + 1] = (byte)c;
+ }
+ setBytes(bytes);
+ }
+
+ protected void toValue() throws IOException {
+ byte[] bytes = getBytes();
+ char[] chars = new char[bytes.length / 2];
+ for (int i = 0; i != chars.length; i++) {
+ chars[i] = (char)((bytes[2 * i] << 8) | (bytes[2 * i + 1] & 0xff));
+ }
+ setValue(new String(chars));
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ if (content.hasLeft() % 2 != 0) {
+ throw new IOException("Bad stream, BMP string expecting multiple of 2 bytes");
+ }
+ super.decodeBody(content);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Boolean.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Boolean.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Boolean.java
new file mode 100644
index 0000000..38e0d38
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Boolean.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+
+public class Asn1Boolean extends Asn1Simple<Boolean>
+{
+ private static final byte[] TRUE_BYTE = new byte[] { (byte)0xff };
+ private static final byte[] FALSE_BYTE = new byte[] { (byte)0x00 };
+
+ public static final Asn1Boolean TRUE = new Asn1Boolean(true);
+ public static final Asn1Boolean FALSE = new Asn1Boolean(false);
+
+ public Asn1Boolean() {
+ this(null);
+ }
+
+ public Asn1Boolean(Boolean value) {
+ super(UniversalTag.BOOLEAN, value);
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return 1;
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ if (content.hasLeft() != 1) {
+ throw new IOException("More than 1 byte found for Boolean");
+ }
+ super.decodeBody(content);
+ }
+
+ @Override
+ protected void toBytes() {
+ setBytes(getValue() ? TRUE_BYTE : FALSE_BYTE);
+ }
+
+ protected void toValue() throws IOException {
+ byte[] bytes = getBytes();
+ if (bytes[0] == 0) {
+ setValue(false);
+ } else if (bytes[0] == 0xff) {
+ setValue(true);
+ } else {
+ setValue(true);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Choice.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Choice.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Choice.java
new file mode 100644
index 0000000..59d4ba5
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Choice.java
@@ -0,0 +1,173 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.*;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class Asn1Choice extends AbstractAsn1Type<Asn1Type> {
+
+ private Asn1FieldInfo[] fieldInfos;
+ private Asn1Type[] fields;
+
+ public Asn1Choice(Asn1FieldInfo[] fieldInfos) {
+ super(TagClass.UNIVERSAL, UniversalTag.CHOICE.getValue());
+ setValue(this);
+ this.fieldInfos = fieldInfos;
+ this.fields = new Asn1Type[fieldInfos.length];
+ setEncodingOption(EncodingOption.CONSTRUCTED);
+ }
+
+ @Override
+ public boolean isConstructed() {
+ return true;
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ AbstractAsn1Type field;
+ TaggingOption taggingOption;
+ for (int i = 0; i < fields.length; ++i) {
+ field = (AbstractAsn1Type) fields[i];
+ if (field != null) {
+ if (fieldInfos[i].isTagged()) {
+ taggingOption = fieldInfos[i].getTaggingOption();
+ return field.taggedEncodingLength(taggingOption);
+ } else {
+ return field.encodingLength();
+ }
+ }
+ }
+ return 0;
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ Asn1Type field;
+ TaggingOption taggingOption;
+ for (int i = 0; i < fields.length; ++i) {
+ field = fields[i];
+ if (field != null) {
+ if (fieldInfos[i].isTagged()) {
+ taggingOption = fieldInfos[i].getTaggingOption();
+ field.taggedEncode(buffer, taggingOption);
+ } else {
+ field.encode(buffer);
+ }
+ break;
+ }
+ }
+ }
+
+ @Override
+ protected void decode(LimitedByteBuffer content) throws IOException {
+ int foundPos = -1;
+ Asn1Item item = decodeOne(content);
+ for (int i = 0; i < fieldInfos.length; ++i) {
+ if (item.isContextSpecific()) {
+ if (fieldInfos[i].getTagNo() == item.tagNo()) {
+ foundPos = i;
+ break;
+ }
+ } else {
+ initField(i);
+ if (fields[i].tagFlags() == item.tagFlags() &&
+ fields[i].tagNo() == item.tagNo()) {
+ foundPos = i;
+ break;
+ } else {
+ fields[i] = null;
+ }
+ }
+ }
+ if (foundPos == -1) {
+ throw new RuntimeException("Unexpected item with (tagFlags, tagNo): ("
+ + item.tagFlags() + ", " + item.tagNo() + ")");
+ }
+
+ if (! item.isFullyDecoded()) {
+ AbstractAsn1Type fieldValue = (AbstractAsn1Type) fields[foundPos];
+ if (item.isContextSpecific()) {
+ item.decodeValueWith(fieldValue, fieldInfos[foundPos].getTaggingOption());
+ } else {
+ item.decodeValueWith(fieldValue);
+ }
+ }
+ fields[foundPos] = item.getValue();
+ }
+
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ // Not used
+ }
+
+ private void initField(int idx) {
+ try {
+ fields[idx] = fieldInfos[idx].getType().newInstance();
+ } catch (Exception e) {
+ throw new IllegalArgumentException("Bad field info specified at index of " + idx, e);
+ }
+ }
+
+ protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
+ Asn1Type value = fields[index];
+ if (value == null) return null;
+ return (T) value;
+ }
+
+ protected void setFieldAs(int index, Asn1Type value) {
+ fields[index] = value;
+ }
+
+ protected String getFieldAsString(int index) {
+ Asn1Type value = fields[index];
+ if (value == null) return null;
+
+ if (value instanceof Asn1String) {
+ return ((Asn1String) value).getValue();
+ }
+
+ throw new RuntimeException("The targeted field type isn't of string");
+ }
+
+ protected byte[] getFieldAsOctets(int index) {
+ Asn1OctetString value = getFieldAs(index, Asn1OctetString.class);
+ if (value != null) return value.getValue();
+ return null;
+ }
+
+ protected void setFieldAsOctets(int index, byte[] bytes) {
+ Asn1OctetString value = new Asn1OctetString(bytes);
+ setFieldAs(index, value);
+ }
+
+ protected Integer getFieldAsInteger(int index) {
+ Asn1Integer value = getFieldAs(index, Asn1Integer.class);
+ if (value != null) {
+ return value.getValue();
+ }
+ return null;
+ }
+
+ protected void setFieldAsInt(int index, int value) {
+ setFieldAs(index, new Asn1Integer(value));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection.java
new file mode 100644
index 0000000..58dc6a3
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection.java
@@ -0,0 +1,137 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.List;
+
+public class Asn1Collection extends AbstractAsn1Type<List<Asn1Item>>
+{
+ public Asn1Collection(TagClass tagClass, int tagNo) {
+ super(tagClass, tagNo);
+ setValue(new ArrayList<Asn1Item>());
+ setEncodingOption(EncodingOption.CONSTRUCTED);
+ }
+
+ @Override
+ public boolean isConstructed() {
+ return true;
+ }
+
+ public void addItem(Asn1Type value) {
+ if (value instanceof Asn1Item) {
+ getValue().add((Asn1Item) value);
+ } else {
+ getValue().add(new Asn1Item(value));
+ }
+ }
+
+ public void clear() {
+ getValue().clear();
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ List<Asn1Item> valueItems = getValue();
+ int allLen = 0;
+ for (Asn1Item item : valueItems) {
+ if (item != null) {
+ allLen += item.encodingLength();
+ }
+ }
+ return allLen;
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ List<Asn1Item> valueItems = getValue();
+ for (Asn1Item item : valueItems) {
+ if (item != null) {
+ item.encode(buffer);
+ }
+ }
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ while (content.available()) {
+ Asn1Type aValue = decodeOne(content);
+ if (aValue != null) {
+ if (aValue instanceof Asn1Item) {
+ addItem((Asn1Item) aValue);
+ } else {
+ addItem(aValue);
+ }
+ } else {
+ throw new RuntimeException("Unexpected running into here");
+ }
+ }
+ }
+
+ public static boolean isCollection(int tagNo) {
+ return isCollection(UniversalTag.fromValue(tagNo));
+ }
+
+ public static boolean isCollection(UniversalTag tagNo) {
+ switch (tagNo) {
+ case SEQUENCE:
+ case SEQUENCE_OF:
+ case SET:
+ case SET_OF:
+ return true;
+ default:
+ return false;
+ }
+ }
+
+ public static Asn1Type createCollection(int tagNo) {
+ if (! isCollection(tagNo)) {
+ throw new IllegalArgumentException("Not collection type, tag: " + tagNo);
+ }
+ return createCollection(UniversalTag.fromValue(tagNo));
+ }
+
+ public static Asn1Type createCollection(UniversalTag tagNo) {
+ if (! isCollection(tagNo)) {
+ throw new IllegalArgumentException("Not collection type, tag: " + tagNo);
+ }
+
+ switch (tagNo) {
+ case SEQUENCE:
+ return new Asn1Sequence();
+ case SEQUENCE_OF:
+ return new Asn1Sequence();
+ case SET:
+ return new Asn1Set();
+ case SET_OF:
+ return new Asn1Set();
+ default:
+ throw new IllegalArgumentException("Unexpected tag " + tagNo.getValue());
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
new file mode 100644
index 0000000..5a8709f
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TagClass;
+
+import java.io.IOException;
+import java.lang.reflect.ParameterizedType;
+import java.util.ArrayList;
+import java.util.List;
+
+public abstract class Asn1CollectionOf<T extends Asn1Type> extends Asn1Collection
+{
+ public Asn1CollectionOf(TagClass tagClass, int tagNo) {
+ super(tagClass, tagNo);
+ }
+
+ public List<T> getElements() {
+ List<Asn1Item> items = getValue();
+ int nElements = items != null ? items.size() : 0;
+ List<T> results = new ArrayList<T>(nElements);
+ if (nElements > 0) {
+ for (Asn1Item item : items) {
+ if (!item.isFullyDecoded()) {
+ try {
+ item.decodeValueAs(getElementType());
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ results.add((T) item.getValue());
+ }
+ }
+ return results;
+ }
+
+ public void setElements(List<T> elements) {
+ super.clear();
+
+ for (T ele : elements) {
+ addElement(ele);
+ }
+ }
+
+ public void addElements(T ... elements) {
+ for (T ele : elements) {
+ addElement(ele);
+ }
+ }
+
+ public void addElement(T element) {
+ super.addItem(element);
+ }
+
+ @Override
+ public void addItem(Asn1Type value) {
+ Class<T> eleType = getElementType();
+ if (value instanceof Asn1Item) {
+ super.addItem(value);
+ } else if (! eleType.isInstance(value)) {
+ throw new RuntimeException("Unexpected element type " + value.getClass().getCanonicalName());
+ } else {
+ addElement((T) value);
+ }
+ }
+
+ protected Class<T> getElementType() {
+ Class<T> elementType = (Class<T>) ((ParameterizedType) getClass().getGenericSuperclass()).getActualTypeArguments()[0];
+ return elementType;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
new file mode 100644
index 0000000..b506c2f
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
@@ -0,0 +1,195 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.TaggingOption;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+/**
+ * For collection type that may consist of tagged fields
+ */
+public abstract class Asn1CollectionType extends AbstractAsn1Type<Asn1CollectionType> {
+ private Asn1FieldInfo[] fieldInfos;
+ private Asn1Type[] fields;
+
+ public Asn1CollectionType(int universalTagNo, Asn1FieldInfo[] fieldInfos) {
+ super(TagClass.UNIVERSAL, universalTagNo);
+ setValue(this);
+ this.fieldInfos = fieldInfos;
+ this.fields = new Asn1Type[fieldInfos.length];
+ setEncodingOption(EncodingOption.CONSTRUCTED);
+ }
+
+ @Override
+ public boolean isConstructed() {
+ return true;
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ int allLen = 0;
+ AbstractAsn1Type field;
+ TaggingOption taggingOption;
+ for (int i = 0; i < fields.length; ++i) {
+ field = (AbstractAsn1Type) fields[i];
+ if (field != null) {
+ if (fieldInfos[i].isTagged()) {
+ taggingOption = fieldInfos[i].getTaggingOption();
+ allLen += field.taggedEncodingLength(taggingOption);
+ } else {
+ allLen += field.encodingLength();
+ }
+ }
+ }
+ return allLen;
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ Asn1Type field;
+ TaggingOption taggingOption;
+ for (int i = 0; i < fields.length; ++i) {
+ field = fields[i];
+ if (field != null) {
+ if (fieldInfos[i].isTagged()) {
+ taggingOption = fieldInfos[i].getTaggingOption();
+ field.taggedEncode(buffer, taggingOption);
+ } else {
+ field.encode(buffer);
+ }
+ }
+ }
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ initFields();
+
+ Asn1Collection coll = createCollection();
+ coll.decode(tagFlags(), tagNo(), content);
+
+ int lastPos = -1, foundPos = -1;
+ for (Asn1Item item : coll.getValue()) {
+ foundPos = -1;
+ for (int i = lastPos + 1; i < fieldInfos.length; ++i) {
+ if (item.isContextSpecific()) {
+ if(fieldInfos[i].getTagNo() == item.tagNo()) {
+ foundPos = i;
+ break;
+ }
+ } else if (fields[i].tagFlags() == item.tagFlags() &&
+ fields[i].tagNo() == item.tagNo()) {
+ foundPos = i;
+ break;
+ }
+ }
+ if (foundPos == -1) {
+ throw new RuntimeException("Unexpected item with (tagFlags, tagNo): ("
+ + item.tagFlags() + ", " + item.tagNo() + ")");
+ }
+
+ if (! item.isFullyDecoded()) {
+ AbstractAsn1Type fieldValue = (AbstractAsn1Type) fields[foundPos];
+ if (item.isContextSpecific()) {
+ item.decodeValueWith(fieldValue, fieldInfos[foundPos].getTaggingOption());
+ } else {
+ item.decodeValueWith(fieldValue);
+ }
+ }
+ fields[foundPos] = item.getValue();
+ lastPos = foundPos;
+ }
+ }
+
+ private void initFields() {
+ for (int i = 0; i < fieldInfos.length; ++i) {
+ try {
+ fields[i] = fieldInfos[i].getType().newInstance();
+ } catch (Exception e) {
+ throw new IllegalArgumentException("Bad field info specified at index of " + i, e);
+ }
+ }
+ }
+
+ protected abstract Asn1Collection createCollection();
+
+ protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
+ Asn1Type value = fields[index];
+ if (value == null) return null;
+ return (T) value;
+ }
+
+ protected void setFieldAs(int index, Asn1Type value) {
+ fields[index] = value;
+ }
+
+ protected String getFieldAsString(int index) {
+ Asn1Type value = fields[index];
+ if (value == null) return null;
+
+ if (value instanceof Asn1String) {
+ return ((Asn1String) value).getValue();
+ }
+
+ throw new RuntimeException("The targeted field type isn't of string");
+ }
+
+ protected byte[] getFieldAsOctets(int index) {
+ Asn1OctetString value = getFieldAs(index, Asn1OctetString.class);
+ if (value != null) return value.getValue();
+ return null;
+ }
+
+ protected void setFieldAsOctets(int index, byte[] bytes) {
+ Asn1OctetString value = new Asn1OctetString(bytes);
+ setFieldAs(index, value);
+ }
+
+ protected Integer getFieldAsInteger(int index) {
+ Asn1Integer value = getFieldAs(index, Asn1Integer.class);
+ if (value != null) {
+ return value.getValue();
+ }
+ return null;
+ }
+
+ protected void setFieldAsInt(int index, int value) {
+ setFieldAs(index, new Asn1Integer(value));
+ }
+
+ protected Asn1Type getFieldAsAny(int index) {
+ Asn1Any any = getFieldAs(index, Asn1Any.class);
+ if (any != null) {
+ return any.getValue();
+ }
+ return null;
+ }
+
+ protected void setFieldAsAny(int index, Asn1Type value) {
+ if (value != null) {
+ setFieldAs(index, new Asn1Any(value));
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1FieldInfo.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1FieldInfo.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1FieldInfo.java
new file mode 100644
index 0000000..0647159
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1FieldInfo.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TaggingOption;
+
+public class Asn1FieldInfo {
+ private int index;
+ private int tagNo;
+ private boolean isImplicit;
+ private Class<? extends Asn1Type> type;
+
+ public Asn1FieldInfo(int index, int tagNo, Class<? extends Asn1Type> type) {
+ this(index, tagNo, type, false);
+ }
+
+ public Asn1FieldInfo(int index, Class<? extends Asn1Type> type) {
+ this(index, index, type, false);
+ }
+
+ public Asn1FieldInfo(int index, Class<? extends Asn1Type> type, boolean isImplicit) {
+ this(index, index, type, isImplicit);
+ }
+
+ public Asn1FieldInfo(int index, int tagNo, Class<? extends Asn1Type> type, boolean isImplicit) {
+ this.index = index;
+ this.tagNo = tagNo;
+ this.type = type;
+ this.isImplicit = isImplicit;
+ }
+
+ public boolean isTagged() {
+ return tagNo != -1;
+ }
+
+ public TaggingOption getTaggingOption() {
+ if (isImplicit) {
+ return TaggingOption.newImplicitContextSpecific(tagNo);
+ } else {
+ return TaggingOption.newExplicitContextSpecific(tagNo);
+ }
+ }
+
+ public int getTagNo() {
+ return tagNo;
+ }
+
+ public int getIndex() {
+ return index;
+ }
+
+ public boolean isImplicit() {
+ return isImplicit;
+ }
+
+ public Class<? extends Asn1Type> getType() {
+ return type;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralString.java
new file mode 100644
index 0000000..19c6d40
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralString.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1GeneralString extends Asn1String
+{
+ public Asn1GeneralString() {
+ super(UniversalTag.GENERAL_STRING);
+ }
+
+ public Asn1GeneralString(String value) {
+ super(UniversalTag.GENERAL_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralizedTime.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralizedTime.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralizedTime.java
new file mode 100644
index 0000000..9341f1a
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1GeneralizedTime.java
@@ -0,0 +1,134 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.SimpleTimeZone;
+import java.util.TimeZone;
+
+public class Asn1GeneralizedTime extends Asn1Simple<Date>
+{
+ public Asn1GeneralizedTime() {
+ this(null);
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public Asn1GeneralizedTime(long time) {
+ super(UniversalTag.GENERALIZED_TIME, new Date(time));
+ }
+
+ public Asn1GeneralizedTime(Date date) {
+ super(UniversalTag.UTC_TIME, date);
+ }
+
+ protected void toValue() throws IOException {
+ String dateStr = new String(getBytes(), StandardCharsets.US_ASCII);
+ SimpleDateFormat sdf;
+ String fixedDateStr = dateStr;
+
+ boolean withZ = dateStr.endsWith("Z");
+ String timeZonePart = getTimeZonePart(dateStr);
+ boolean withZone = timeZonePart != null;
+ String millSecs = getMillSeconds(dateStr);
+
+ fixedDateStr = dateStr.substring(0, 14) + millSecs;
+ if (withZ) {
+ sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ } else if (withZone) {
+ fixedDateStr += timeZonePart;
+ sdf = new SimpleDateFormat("yyyyMMddHHmmssSSSz");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ } else {
+ sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
+ sdf.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));
+ }
+
+ try {
+ setValue(sdf.parse(fixedDateStr));
+ } catch (ParseException e) {
+ throw new IOException("Failed to parse as generalized time string " + dateStr);
+ }
+ }
+
+ @Override
+ protected void toBytes() {
+ Date date = getValue();
+ SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+ dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
+
+ String str = dateF.format(date);
+ byte[] bytes = str.getBytes(StandardCharsets.US_ASCII);
+ setBytes(bytes);
+ }
+
+ /**
+ * Extract the fractional part in seconds and convert into integer by (frac * 1000) as milli seconds
+ */
+ private String getMillSeconds(String dateStr) {
+ char[] millDigits = new char[] {'0', '0', '0'};
+
+ int iPos = dateStr.indexOf('.');
+ if (iPos > 0) {
+ if (iPos != 14) {
+ throw new IllegalArgumentException("Bad generalized time string, " +
+ "with improper milli seconds " + dateStr);
+ }
+
+ char chr;
+ int j = 0;
+ for (int i = 15; i < dateStr.length() && j < millDigits.length; i++) {
+ chr = dateStr.charAt(i);
+ if ('0' <= chr && chr <= '9') {
+ millDigits[j++] = chr;
+ } else break;
+ }
+ }
+
+ return new String(millDigits);
+ }
+
+ /**
+ * Extract the timezone part if any
+ */
+ private String getTimeZonePart(String dateStr) {
+ int iPos = dateStr.indexOf('+');
+ if (iPos == -1) {
+ iPos = dateStr.indexOf('-');
+ }
+ if (iPos > 0 && iPos != dateStr.length() - 5) {
+ throw new IllegalArgumentException("Bad generalized time string, " +
+ "with improper timezone part " + dateStr);
+ }
+
+ if (iPos > 0) {
+ return dateStr.substring(iPos);
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1IA5String.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1IA5String.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1IA5String.java
new file mode 100644
index 0000000..6f73c9f
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1IA5String.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1IA5String extends Asn1String
+{
+ public Asn1IA5String() {
+ super(UniversalTag.IA5_STRING);
+ }
+
+ public Asn1IA5String(String value) {
+ super(UniversalTag.IA5_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Integer.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Integer.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Integer.java
new file mode 100644
index 0000000..b0893a0
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Integer.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+public class Asn1Integer extends Asn1Simple<Integer>
+{
+ public Asn1Integer() {
+ this(null);
+ }
+
+ public Asn1Integer(Integer value) {
+ super(UniversalTag.INTEGER, value);
+ }
+
+ @Override
+ protected void toBytes() {
+ setBytes(BigInteger.valueOf(getValue()).toByteArray());
+ }
+
+ @Override
+ protected void toValue() throws IOException {
+ setValue(new BigInteger(getBytes()).intValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Item.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Item.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Item.java
new file mode 100644
index 0000000..a18d135
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Item.java
@@ -0,0 +1,155 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.Asn1Factory;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TaggingOption;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+/**
+ * Asn1Item serves two purposes:
+ * 1. Wrapping an existing Asn1Type value for Asn1Collection;
+ * 2. Wrapping a half decoded value whose body content is left to be decoded later when appropriate.
+ * Why not fully decoded at once? Lazy and decode on demand for collection, or impossible due to lacking
+ * key parameters, like implicit encoded value for tagged value.
+ *
+ * For not fully decoded value, you tell your case using isSimple/isCollection/isTagged/isContextSpecific etc.,
+ * then call decodeValueAsSimple/decodeValueAsCollection/decodeValueAsImplicitTagged/decodeValueAsExplicitTagged etc.
+ * to decode it fully. Or if you have already derived the value holder or the holder type, you can use decodeValueWith
+ * or decodeValueAs with your holder or hodler type.
+ */
+public class Asn1Item extends AbstractAsn1Type<Asn1Type>
+{
+ private LimitedByteBuffer bodyContent;
+
+ public Asn1Item(Asn1Type value) {
+ super(value.tagFlags(), value.tagNo(), value);
+ }
+
+ public Asn1Item(int tag, int tagNo, LimitedByteBuffer bodyContent) {
+ super(tag, tagNo);
+ this.bodyContent = bodyContent;
+ }
+
+ public LimitedByteBuffer getBodyContent() {
+ return bodyContent;
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ if (getValue() != null) {
+ return ((AbstractAsn1Type) getValue()).encodingBodyLength();
+ }
+ return (int) bodyContent.hasLeft();
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ if (getValue() != null) {
+ ((AbstractAsn1Type) getValue()).encodeBody(buffer);
+ } else {
+ try {
+ buffer.put(bodyContent.readAllLeftBytes());
+ } catch (IOException e) {
+ throw new RuntimeException("Failed to read all left bytes from body content", e);
+ }
+ }
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer bodyContent) throws IOException {
+ this.bodyContent = bodyContent;
+ }
+
+ public boolean isFullyDecoded() {
+ return getValue() != null;
+ }
+
+ public void decodeValueAsSimple() throws IOException {
+ if (getValue() != null) return;
+ if (! isSimple()) {
+ throw new IllegalArgumentException("Attempting to decode non-simple value as simple");
+ }
+
+ Asn1Type value = Asn1Factory.create(tagNo());
+ decodeValueWith(value);
+ }
+
+ public void decodeValueAsCollection() throws IOException {
+ if (getValue() != null) return;
+ if (! isCollection()) {
+ throw new IllegalArgumentException("Attempting to decode non-collection value as collection");
+ }
+
+ Asn1Type value = Asn1Factory.create(tagNo());
+ decodeValueWith(value);
+ }
+
+ public void decodeValueAs(Class<? extends Asn1Type> type) throws IOException {
+ Asn1Type value;
+ try {
+ value = type.newInstance();
+ } catch (Exception e) {
+ throw new RuntimeException("Invalid type: " + type.getCanonicalName(), e);
+ }
+ decodeValueWith(value);
+ }
+
+ public void decodeValueWith(Asn1Type value) throws IOException {
+ setValue(value);
+ ((AbstractAsn1Type) value).decode(tagFlags(), tagNo(), bodyContent);
+ }
+
+ public void decodeValueAsImplicitTagged(int originalTag, int originalTagNo) throws IOException {
+ if (! isTagged()) {
+ throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
+ }
+ Asn1Item taggedValue = new Asn1Item(originalTag, originalTagNo, getBodyContent());
+ decodeValueWith(taggedValue);
+ }
+
+ public void decodeValueAsExplicitTagged() throws IOException {
+ if (! isTagged()) {
+ throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
+ }
+ Asn1Item taggedValue = decodeOne(getBodyContent());
+ decodeValueWith(taggedValue);
+ }
+
+ private void decodeValueWith(Asn1Item taggedValue) throws IOException {
+ taggedValue.decodeValueAsSimple();
+ if (taggedValue.isFullyDecoded()) {
+ setValue(taggedValue.getValue());
+ } else {
+ setValue(taggedValue);
+ }
+ }
+
+ public void decodeValueWith(Asn1Type value, TaggingOption taggingOption) throws IOException {
+ if (! isTagged()) {
+ throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
+ }
+ ((AbstractAsn1Type) value).taggedDecode(tagFlags(), tagNo(), getBodyContent(), taggingOption);
+ setValue(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Null.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Null.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Null.java
new file mode 100644
index 0000000..8cabc04
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Null.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+
+public class Asn1Null extends Asn1Simple<Object>
+{
+ public static final Asn1Null NULL = new Asn1Null();
+ private static final byte[] EMPTY_BYTES = new byte[0];
+
+ public Asn1Null() {
+ super(null, UniversalTag.NULL);
+ }
+
+ @Override
+ protected byte[] encodeBody() {
+ return EMPTY_BYTES;
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return 0;
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ if (content.hasLeft() != 0) {
+ throw new IOException("Unexpected bytes found for NULL");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1NumericsString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1NumericsString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1NumericsString.java
new file mode 100644
index 0000000..ea534ac
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1NumericsString.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1NumericsString extends Asn1String
+{
+ public Asn1NumericsString() {
+ this(null);
+ }
+
+ public Asn1NumericsString(String value) {
+ super(UniversalTag.NUMERIC_STRING, value);
+ if (value != null) {
+ if (!isNumeric(value)) {
+ throw new IllegalArgumentException("Invalid numeric string");
+ }
+ }
+ }
+
+ public static boolean isNumeric(String s) {
+ char c;
+ for (int i = s.length() - 1; i >= 0; i--) {
+ c = s.charAt(i);
+ if ((c >= '0' && c <= '9') || c == ' ') {
+ continue;
+ }
+ return false;
+ }
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1ObjectIdentifier.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1ObjectIdentifier.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1ObjectIdentifier.java
new file mode 100644
index 0000000..e6a49ec
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1ObjectIdentifier.java
@@ -0,0 +1,164 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.math.BigInteger;
+import java.nio.ByteBuffer;
+
+public class Asn1ObjectIdentifier extends Asn1Simple<String>
+{
+ public Asn1ObjectIdentifier() {
+ this(null);
+ }
+
+ public Asn1ObjectIdentifier(String value) {
+ super(UniversalTag.OBJECT_IDENTIFIER, value);
+ }
+
+ @Override
+ protected void toBytes() {
+ byte[][] bytesArr = convert(getValue());
+ int allLen = 0;
+ for (byte[] bytes : bytesArr) {
+ allLen += bytes.length;
+ }
+ ByteBuffer buffer = ByteBuffer.allocate(allLen);
+ for (byte[] bytes : bytesArr) {
+ buffer.put(bytes);
+ }
+ setBytes(buffer.array());
+ }
+
+ protected void toValue() {
+ StringBuilder sb = new StringBuilder();
+
+ byte[] bytes = getBytes();
+ byte[][] bytesGroups = group(bytes);
+ BigInteger[] coms = convert(bytesGroups);
+
+ long first = coms[0].longValue();
+ sb.append(first / 40).append('.');
+ sb.append(first % 40);
+ if (coms.length > 1) {
+ sb.append('.');
+ }
+
+ for (int i = 1; i < coms.length; ++i) {
+ sb.append(coms[i].toString());
+ if (i != coms.length - 1) {
+ sb.append('.');
+ }
+ }
+
+ String value = sb.toString();
+ setValue(value);
+ }
+
+ private BigInteger[] convert(byte[][] bytesGroups) {
+ BigInteger[] comps = new BigInteger[bytesGroups.length];
+
+ for (int i = 0; i < bytesGroups.length; ++i) {
+ comps[i] = convert(bytesGroups[i]);
+ }
+
+ return comps;
+ }
+
+ private BigInteger convert(byte[] bytes) {
+ BigInteger value = BigInteger.valueOf(bytes[0] & 0x7f);
+ for (int i = 1; i < bytes.length; ++i) {
+ value = value.shiftLeft(7);
+ value = value.or(BigInteger.valueOf(bytes[i] & 0x7f));
+ }
+
+ return value;
+ }
+
+ /**
+ * divide and group bytes together belonging to each component
+ */
+ private byte[][] group(byte[] bytes) {
+ int count = 0, i, j;
+ int[] countArr = new int[bytes.length]; // how many bytes for each group
+ for (i = 0; i < countArr.length; ++i) countArr[i] = 0;
+
+ for (j = 0, i = 0; i < bytes.length; ++i) {
+ if ((bytes[i] & 0x80) != 0) {
+ countArr[j]++;
+ } else {
+ countArr[j++]++;
+ }
+ }
+ count = j;
+
+ byte[][] bytesGroups = new byte[count][];
+ for (i = 0; i < count; ++i) {
+ bytesGroups[i] = new byte[countArr[i]];
+ }
+
+ int k = 0;
+ for (j = 0, i = 0; i < bytes.length; ++i) {
+ bytesGroups[j][k++] = bytes[i];
+ if ((bytes[i] & 0x80) == 0) {
+ j++;
+ k = 0;
+ }
+ }
+
+ return bytesGroups;
+ }
+
+ private byte[][] convert(String oid) {
+ String[] parts = oid.split("\\.");
+ BigInteger[] coms = new BigInteger[parts.length - 1];
+ for (int i = 1; i < parts.length; ++i) {
+ coms[i - 1] = new BigInteger(parts[i]);
+ }
+ coms[0] = coms[0].add(BigInteger.valueOf(Integer.parseInt(parts[0]) * 40));
+
+ byte[][] bytesGroups = new byte[coms.length][];
+ for (int i = 0; i < coms.length; ++i) {
+ bytesGroups[i] = convert(coms[i]);
+ }
+
+ return bytesGroups;
+ }
+
+ private byte[] convert(BigInteger value) {
+ int bitLen = value.bitLength();
+
+ if (bitLen < 8) {
+ return new byte[] { value.byteValue() };
+ }
+
+ int len = (bitLen + 6) / 7;
+ byte[] bytes = new byte[len];
+ BigInteger tmpValue = value;
+ for (int i = len - 1; i >= 0; i--) {
+ bytes[i] = (byte)((tmpValue.byteValue() & 0x7f) | 0x80);
+ tmpValue = tmpValue.shiftRight(7);
+ }
+ bytes[len - 1] &= 0x7f;
+
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1OctetString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1OctetString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1OctetString.java
new file mode 100644
index 0000000..72510a3
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1OctetString.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+
+public class Asn1OctetString extends Asn1Simple<byte[]>
+{
+ public Asn1OctetString() {
+ this(null);
+ }
+
+ public Asn1OctetString(byte[] value) {
+ super(UniversalTag.OCTET_STRING, value);
+ }
+
+ @Override
+ protected byte[] encodeBody() {
+ return getValue();
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return getValue().length;
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ setValue(content.readAllLeftBytes());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1PrintableString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1PrintableString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1PrintableString.java
new file mode 100644
index 0000000..78fdb10
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1PrintableString.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1PrintableString extends Asn1String
+{
+ public Asn1PrintableString() {
+ this(null);
+ }
+
+ public Asn1PrintableString(String value) {
+ super(UniversalTag.PRINTABLE_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Sequence.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Sequence.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Sequence.java
new file mode 100644
index 0000000..b9e374c
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Sequence.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1Sequence extends Asn1Collection
+{
+ public Asn1Sequence() {
+ super(TagClass.UNIVERSAL, UniversalTag.SEQUENCE.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceOf.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceOf.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceOf.java
new file mode 100644
index 0000000..dcf6356
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceOf.java
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1SequenceOf<T extends Asn1Type> extends Asn1CollectionOf<T>
+{
+ public Asn1SequenceOf() {
+ super(TagClass.UNIVERSAL, UniversalTag.SEQUENCE_OF.getValue());
+ }
+
+ public boolean isEmpty() {
+ return (getValue() == null || getElements().size() == 0);
+ }
+
+ public void add(T element) {
+ getElements().add(element);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceType.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceType.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceType.java
new file mode 100644
index 0000000..bcbf715
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SequenceType.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+/**
+ * For sequence type that consists of tagged fields
+ */
+public class Asn1SequenceType extends Asn1CollectionType {
+
+ public Asn1SequenceType(Asn1FieldInfo[] tags) {
+ super(UniversalTag.SEQUENCE.getValue(), tags);
+ }
+
+ @Override
+ protected Asn1Collection createCollection() {
+ return new Asn1Sequence();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Set.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Set.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Set.java
new file mode 100644
index 0000000..3407e8c
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Set.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1Set extends Asn1Collection
+{
+ public Asn1Set() {
+ super(TagClass.UNIVERSAL, UniversalTag.SET.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetOf.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetOf.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetOf.java
new file mode 100644
index 0000000..f91e241
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetOf.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1SetOf<T extends Asn1Type> extends Asn1CollectionOf<T>
+{
+ public Asn1SetOf() {
+ super(TagClass.UNIVERSAL, UniversalTag.SET_OF.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetType.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetType.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetType.java
new file mode 100644
index 0000000..4f13369
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1SetType.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+/**
+ * For set type that consists of tagged fields
+ */
+public class Asn1SetType extends Asn1CollectionType {
+
+ public Asn1SetType(Asn1FieldInfo[] tags) {
+ super(UniversalTag.SET.getValue(), tags);
+ }
+
+ @Override
+ protected Asn1Collection createCollection() {
+ return new Asn1Set();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Simple.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Simple.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Simple.java
new file mode 100644
index 0000000..c25309d
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Simple.java
@@ -0,0 +1,184 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public abstract class Asn1Simple<T> extends AbstractAsn1Type<T> {
+ private byte[] bytes;
+
+ public Asn1Simple(UniversalTag tagNo) {
+ this(tagNo, null);
+ }
+
+ public Asn1Simple(UniversalTag tagNo, T value) {
+ super(TagClass.UNIVERSAL, tagNo.getValue(), value);
+ setEncodingOption(EncodingOption.PRIMITIVE);
+ }
+
+ protected byte[] getBytes() {
+ return bytes;
+ }
+
+ protected void setBytes(byte[] bytes) {
+ this.bytes = bytes;
+ }
+
+ @Override
+ public void encode(ByteBuffer buffer) {
+ encodeTag(buffer, tagFlags(), tagNo());
+ int bodyLen = encodingBodyLength();
+ encodeLength(buffer, bodyLen);
+ if (bodyLen > 0) {
+ buffer.put(encodeBody());
+ }
+ }
+
+ protected byte[] encodeBody() {
+ if (bytes == null) {
+ toBytes();
+ }
+ return bytes;
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ buffer.put(encodeBody());
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ if (getValue() == null) {
+ return 0;
+ }
+ if (bytes == null) {
+ toBytes();
+ }
+ return bytes.length;
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ byte[] leftBytes = content.readAllLeftBytes();
+ if (leftBytes.length > 0) {
+ setBytes(leftBytes);
+ toValue();
+ }
+ }
+
+ @Override
+ public boolean isConstructed() {
+ return false;
+ }
+
+ protected void toValue() throws IOException {}
+
+ protected void toBytes() {}
+
+ public static boolean isSimple(int tagNo) {
+ return isSimple(UniversalTag.fromValue(tagNo));
+ }
+
+ public static boolean isSimple(UniversalTag tagNo) {
+ switch (tagNo) {
+ case BIT_STRING:
+ case BMP_STRING:
+ case BOOLEAN:
+ case ENUMERATED:
+ case GENERALIZED_TIME:
+ case GENERAL_STRING:
+ case IA5_STRING:
+ case INTEGER:
+ case NULL:
+ case NUMERIC_STRING:
+ case OBJECT_IDENTIFIER:
+ case OCTET_STRING:
+ case PRINTABLE_STRING:
+ case T61_STRING:
+ case UNIVERSAL_STRING:
+ case UTC_TIME:
+ case UTF8_STRING:
+ case VISIBLE_STRING:
+ return true;
+ default:
+ return false;
+ }
+ }
+
+ public static Asn1Type createSimple(int tagNo) {
+ if (! isSimple(tagNo)) {
+ throw new IllegalArgumentException("Not simple type, tag: " + tagNo);
+ }
+ return createSimple(UniversalTag.fromValue(tagNo));
+ }
+
+ public static Asn1Type createSimple(UniversalTag tagNo) {
+ if (! isSimple(tagNo)) {
+ throw new IllegalArgumentException("Not simple type, tag: " + tagNo);
+ }
+
+ switch (tagNo) {
+ case BIT_STRING:
+ return new Asn1BitString();
+ case BMP_STRING:
+ return new Asn1BmpString();
+ case BOOLEAN:
+ return new Asn1Boolean();
+ case ENUMERATED:
+ return null;
+ case GENERALIZED_TIME:
+ return new Asn1GeneralizedTime();
+ case GENERAL_STRING:
+ return new Asn1GeneralString();
+ case IA5_STRING:
+ return new Asn1IA5String();
+ case INTEGER:
+ return new Asn1Integer();
+ case NULL:
+ return new Asn1Null();
+ case NUMERIC_STRING:
+ return new Asn1NumericsString();
+ case OBJECT_IDENTIFIER:
+ return new Asn1ObjectIdentifier();
+ case OCTET_STRING:
+ return new Asn1OctetString();
+ case PRINTABLE_STRING:
+ return new Asn1PrintableString();
+ case T61_STRING:
+ return new Asn1T61String();
+ case UNIVERSAL_STRING:
+ return new Asn1UniversalString();
+ case UTC_TIME:
+ return new Asn1UtcTime();
+ case UTF8_STRING:
+ return new Asn1Utf8String();
+ case VISIBLE_STRING:
+ return new Asn1VisibleString();
+ default:
+ throw new IllegalArgumentException("Unexpected tag " + tagNo.getValue());
+ }
+ }
+}
[18/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
new file mode 100644
index 0000000..1dc83bf
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.config.ConfigKey;
+
+/**
+ * Config Keys with section name.
+ * Use by MIT Kerberos config keys.
+ */
+public interface SectionConfigKey extends ConfigKey {
+
+ public String getSectionName();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlag.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlag.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlag.java
new file mode 100644
index 0000000..1b68c2a
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlag.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum PaFlag implements KrbEnum {
+ NONE(-1),
+ PA_REAL(0x01),
+ PA_INFO(0x02);
+
+ private final int value;
+
+ private PaFlag(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static PaFlag fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (PaFlag) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlags.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlags.java
new file mode 100644
index 0000000..e3f89a3
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PaFlags.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth;
+
+import org.apache.kerby.kerberos.kerb.spec.common.KrbFlags;
+
+public class PaFlags extends KrbFlags {
+
+ public PaFlags() {
+ this(0);
+ }
+
+ public PaFlags(int value) {
+ setFlags(value);
+ }
+
+ public boolean isReal() {
+ return isFlagSet(PaFlag.PA_REAL);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PluginRequestContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PluginRequestContext.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PluginRequestContext.java
new file mode 100644
index 0000000..852deed
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PluginRequestContext.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth;
+
+/**
+ * Per request per module
+ */
+public interface PluginRequestContext {
+ // Nothing here, just as a type mark
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PreauthPluginMeta.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PreauthPluginMeta.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PreauthPluginMeta.java
new file mode 100644
index 0000000..22d38ac
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/PreauthPluginMeta.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth;
+
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public interface PreauthPluginMeta {
+
+ public String getName();
+
+ public int getVersion();
+
+ public PaDataType[] getPaTypes();
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
new file mode 100644
index 0000000..a669e18
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class EncTsPreauthMeta implements PreauthPluginMeta {
+
+ private static String NAME = "encrypted_timestamp";
+ private static int VERSION = 1;
+ private static PaDataType[] PA_TYPES = new PaDataType[] {
+ PaDataType.ENC_TIMESTAMP
+ };
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ public int getVersion() {
+ return VERSION;
+ }
+
+ public PaDataType[] getPaTypes() {
+ return PA_TYPES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
new file mode 100644
index 0000000..04bb47b
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+/**
+ * A faked preauth module for TGS request handling
+ */
+public class TgtPreauthMeta implements PreauthPluginMeta {
+
+ private static String NAME = "TGT_preauth";
+ private static int VERSION = 1;
+ private static PaDataType[] PA_TYPES = new PaDataType[] {
+ PaDataType.TGS_REQ
+ };
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ public int getVersion() {
+ return VERSION;
+ }
+
+ public PaDataType[] getPaTypes() {
+ return PA_TYPES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityOpts.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityOpts.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityOpts.java
new file mode 100644
index 0000000..a909170
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityOpts.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.pkinit;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class IdentityOpts {
+
+ // From MIT Krb5 _pkinit_identity_opts
+ public String identity;
+ public List<String> AltIdentities = new ArrayList<String>(1);
+ public List<String> anchors = new ArrayList<String>(4);
+ public List<String> intermediates = new ArrayList<String>(2);
+ public List<String> crls = new ArrayList<String>(2);
+ public String ocsp;
+ public IdentityType idType;
+ public String certFile;
+ public String keyFile;
+
+ // PKCS11
+ public String p11ModuleName;
+ public int slotid;
+ public String tokenLabel;
+ public String certId;
+ public String certLabel;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityType.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityType.java
new file mode 100644
index 0000000..23ec26b
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/IdentityType.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.pkinit;
+
+public enum IdentityType {
+ NONE,
+ FILE,
+ DIR,
+ PKCS11,
+ PKCS12,
+ ENVVAR,
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitIdenity.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
new file mode 100644
index 0000000..f080231
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
@@ -0,0 +1,128 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+public class PkinitIdenity {
+
+ public static void processIdentityOption(IdentityOpts identityOpts, String value) {
+ IdentityType idType = IdentityType.NONE;
+ String residual = null;
+ if (value.contains(":")) {
+ if (value.startsWith("FILE:")) {
+ idType = IdentityType.FILE;
+ } else if (value.startsWith("PKCS11:")) {
+ idType = IdentityType.PKCS11;
+ } else if (value.startsWith("PKCS12:")) {
+ idType = IdentityType.PKCS12;
+ } else if (value.startsWith("DIR:")) {
+ idType = IdentityType.DIR;
+ } else if (value.startsWith("ENV:")) {
+ idType = IdentityType.ENVVAR;
+ } else {
+ throw new RuntimeException("Invalid Identity option format: " + value);
+ }
+ } else {
+ residual = value;
+ idType = IdentityType.FILE;
+ }
+
+ identityOpts.idType = idType;
+ switch (idType) {
+ case ENVVAR:
+ processIdentityOption(identityOpts, System.getenv(residual));
+ break;
+ case FILE:
+ parseFileOption(identityOpts, residual);
+ break;
+ case PKCS11:
+ parsePkcs11Option(identityOpts, residual);
+ break;
+ case PKCS12:
+ parsePkcs12Option(identityOpts, residual);
+ break;
+ case DIR:
+ identityOpts.certFile = residual;
+ break;
+ }
+ }
+
+ public static void parseFileOption(IdentityOpts identityOpts, String residual) {
+ String[] parts = residual.split(",");
+ String certName = null;
+ String keyName = null;
+
+ certName = parts[0];
+ if (parts.length > 1) {
+ keyName = parts[1];
+ }
+
+ identityOpts.certFile = certName;
+ identityOpts.keyFile = keyName;
+ }
+
+ public static void parsePkcs12Option(IdentityOpts identityOpts, String residual) {
+ identityOpts.certFile = residual;
+ identityOpts.keyFile = residual;
+ }
+
+ public static void parsePkcs11Option(IdentityOpts identityOpts, String residual) {
+ // TODO
+ }
+
+ public static void loadCerts(IdentityOpts identityOpts, PrincipalName principal) {
+ switch (identityOpts.idType) {
+ case FILE:
+ loadCertsFromFile(identityOpts, principal);
+ break;
+ case DIR:
+ loadCertsFromDir(identityOpts, principal);
+ break;
+ case PKCS11:
+ loadCertsAsPkcs11(identityOpts, principal);
+ break;
+ case PKCS12:
+ loadCertsAsPkcs12(identityOpts, principal);
+ break;
+ }
+ }
+
+ private static void loadCertsAsPkcs12(IdentityOpts identityOpts, PrincipalName principal) {
+
+ }
+
+ private static void loadCertsAsPkcs11(IdentityOpts identityOpts, PrincipalName principal) {
+
+ }
+
+ private static void loadCertsFromDir(IdentityOpts identityOpts, PrincipalName principal) {
+
+ }
+
+ private static void loadCertsFromFile(IdentityOpts identityOpts, PrincipalName principal) {
+
+ }
+
+ public static void initialize(IdentityOpts identityOpts, PrincipalName principal) {
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
new file mode 100644
index 0000000..9d196d9
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class PkinitPreauthMeta implements PreauthPluginMeta {
+
+ private static String NAME = "PKINIT";
+ private static int VERSION = 1;
+ private static PaDataType[] PA_TYPES = new PaDataType[] {
+ PaDataType.PK_AS_REQ,
+ PaDataType.PK_AS_REP,
+ };
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ public int getVersion() {
+ return VERSION;
+ }
+
+ public PaDataType[] getPaTypes() {
+ return PA_TYPES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java
new file mode 100644
index 0000000..38295fa
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.TrustedCertifiers;
+import org.apache.kerby.kerberos.kerb.spec.x509.AlgorithmIdentifier;
+
+public class PluginOpts {
+
+ // From MIT Krb5 _pkinit_plg_opts
+
+ // require EKU checking (default is true)
+ public boolean requireEku = true;
+ // accept secondary EKU (default is false)
+ public boolean acceptSecondaryEku = false;
+ // allow UPN-SAN instead of pkinit-SAN
+ public boolean allowUpn = true;
+ // selects DH or RSA based pkinit
+ public boolean usingRsa = true;
+ // require CRL for a CA (default is false)
+ public boolean requireCrlChecking = false;
+ // the size of the Diffie-Hellman key the client will attempt to use.
+ // The acceptable values are 1024, 2048, and 4096. The default is 2048.
+ public int dhMinBits = 2048;
+
+ public AlgorithmIdentifiers createSupportedCMSTypes() {
+ AlgorithmIdentifiers cmsAlgorithms = new AlgorithmIdentifiers();
+ AlgorithmIdentifier des3Alg = new AlgorithmIdentifier();
+ cmsAlgorithms.add(des3Alg);
+
+ String oidStr = "DES3-OID";
+ Asn1ObjectIdentifier des3Oid = new Asn1ObjectIdentifier(oidStr);
+ des3Alg.setAlgorithm(des3Oid);
+ des3Alg.setParameters(null);
+
+ return cmsAlgorithms;
+ }
+
+ public TrustedCertifiers createTrustedCertifiers() {
+ TrustedCertifiers trustedCertifiers = new TrustedCertifiers();
+
+ return trustedCertifiers;
+ }
+
+ public byte[] createIssuerAndSerial() {
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/token/TokenPreauthMeta.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/token/TokenPreauthMeta.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/token/TokenPreauthMeta.java
new file mode 100644
index 0000000..f393d15
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/token/TokenPreauthMeta.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.preauth.token;
+
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class TokenPreauthMeta implements PreauthPluginMeta {
+
+ private static String NAME = "TokenPreauth";
+ private static int VERSION = 1;
+ private static PaDataType[] PA_TYPES = new PaDataType[] {
+ PaDataType.TOKEN_CHALLENGE,
+ PaDataType.TOKEN_REQUEST
+ };
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ public int getVersion() {
+ return VERSION;
+ }
+
+ public PaDataType[] getPaTypes() {
+ return PA_TYPES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/pom.xml b/kerby-kerb/kerb-core-test/pom.xml
new file mode 100644
index 0000000..bf980e6
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/pom.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-core-test</artifactId>
+
+ <name>kerby-kerb-coreTest</name>
+ <description>Kerb core tests</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-asn1</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-util</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data b/kerby-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data
new file mode 100644
index 0000000..7f3b582
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes128-key-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes128-key-data b/kerby-kerb/kerb-core-test/src/main/resources/aes128-key-data
new file mode 100644
index 0000000..4ba2540
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/main/resources/aes128-key-data
@@ -0,0 +1 @@
+����\���U�s�7"
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes128-spnego-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes128-spnego-data b/kerby-kerb/kerb-core-test/src/main/resources/aes128-spnego-data
new file mode 100644
index 0000000..13c89e6
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/aes128-spnego-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data b/kerby-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data
new file mode 100644
index 0000000..b7d539f
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes256-key-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes256-key-data b/kerby-kerb/kerb-core-test/src/main/resources/aes256-key-data
new file mode 100644
index 0000000..24792c1
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/aes256-key-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/aes256-spnego-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/aes256-spnego-data b/kerby-kerb/kerb-core-test/src/main/resources/aes256-spnego-data
new file mode 100644
index 0000000..6a7e55c
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/aes256-spnego-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/asrep.token
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/asrep.token b/kerby-kerb/kerb-core-test/src/main/resources/asrep.token
new file mode 100644
index 0000000..d77cff7
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/asrep.token differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/asreq.token
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/asreq.token b/kerby-kerb/kerb-core-test/src/main/resources/asreq.token
new file mode 100644
index 0000000..6d503b3
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/asreq.token differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/des-kerberos-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/des-kerberos-data b/kerby-kerb/kerb-core-test/src/main/resources/des-kerberos-data
new file mode 100644
index 0000000..3db6963
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/des-kerberos-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/des-key-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/des-key-data b/kerby-kerb/kerb-core-test/src/main/resources/des-key-data
new file mode 100644
index 0000000..84a0c50
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/main/resources/des-key-data
@@ -0,0 +1 @@
+��2^�L�
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/des-pac-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/des-pac-data b/kerby-kerb/kerb-core-test/src/main/resources/des-pac-data
new file mode 100644
index 0000000..7408111
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/des-pac-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/des-spnego-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/des-spnego-data b/kerby-kerb/kerb-core-test/src/main/resources/des-spnego-data
new file mode 100644
index 0000000..04a56e8
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/des-spnego-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/exceptions.properties
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/exceptions.properties b/kerby-kerb/kerb-core-test/src/main/resources/exceptions.properties
new file mode 100644
index 0000000..c9cc814
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/main/resources/exceptions.properties
@@ -0,0 +1,55 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+object.cast.fail=Unable to cast object from {0} to {1}.
+
+spnego.token.empty=Empty SPNego token.
+spnego.token.invalid=Not a valid SPNego token: {0}.
+spnego.token.malformed=Malformed SPNego token.
+spnego.field.invalid=Not a valid SPNego token field: {0}.
+
+
+kerberos.object.cast=Unable to cast Kerberos object from {0} to {1}.
+kerberos.token.empty=Empty Kerberos token.
+kerberos.token.invalid=Not a Kerberos token.
+kerberos.token.malformed=Malformed Kerberos token.
+kerberos.kdcReq.empty=Empty message.
+kerberos.kdcReq.invalid=Not a KRB_AP_REQ message.
+kerberos.ticket.empty=Empty Kerberos ticket.
+kerberos.ticket.invalid=Not a Kerberos v5 ticket.
+kerberos.ticket.malformed=Malformed Kerberos ticket.
+kerberos.field.invalid=Not a valid Kerberos ticket field: {0}.
+kerberos.field.malformed=Malformed Kerberos ticket field.
+kerberos.key.notfound=Unable to find appropriate key of type {0}.
+kerberos.version.invalid=Invalid version of Kerberos ticket: {0}.
+kerberos.login.fail=Unable to get server keys.
+kerberos.decrypt.fail=Unable to decrypt encrypted data using key of type {0}.
+
+pac.token.empty=Empty PAC token.
+pac.token.malformed=Malformed PAC token.
+pac.logoninfo.malformed=Malformed PAC logon info.
+pac.signature.malformed=Malformed PAC signature.
+pac.signature.invalid=Invalid PAC signature.
+pac.string.notempty=String not empty while expected null.
+pac.string.malformed.size=Inconsistent string lengths.
+pac.string.invalid.size=Inconsistent string size: {1}, expecting {0}.
+pac.groups.invalid.size=Group count ({0}) doesn't match the real number of groups ({1}) in the PAC.
+pac.extrasids.invalid.size=Extra SID count ({0}) doesn't match the real number of extra SID ({1}) in the PAC.
+pac.resourcegroups.invalid.size=Resource group count ({0}) doesn't match the real number of resource groups ({1}) in the PAC.
+pac.sid.malformed.size=Inconsistent SID length.
+pac.subauthority.malformed.size=Incorrect byte array length: {0}; must be multiple of 4.
+pac.version.invalid=Invalid version of PAC token: {0}.
+pac.check.fail=Unable to check PAC signature.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data b/kerby-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data
new file mode 100644
index 0000000..6be7086
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/rc4-key-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/rc4-key-data b/kerby-kerb/kerb-core-test/src/main/resources/rc4-key-data
new file mode 100644
index 0000000..64f9d9c
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/main/resources/rc4-key-data
@@ -0,0 +1 @@
+l�܇y#�l�mv��k�
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/rc4-pac-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/rc4-pac-data b/kerby-kerb/kerb-core-test/src/main/resources/rc4-pac-data
new file mode 100644
index 0000000..df45f91
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/rc4-pac-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/rc4-spnego-data
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/rc4-spnego-data b/kerby-kerb/kerb-core-test/src/main/resources/rc4-spnego-data
new file mode 100644
index 0000000..91cbe26
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/rc4-spnego-data differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/server.keytab
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/server.keytab b/kerby-kerb/kerb-core-test/src/main/resources/server.keytab
new file mode 100644
index 0000000..b44347c
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/server.keytab differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/tgsrep.token
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/tgsrep.token b/kerby-kerb/kerb-core-test/src/main/resources/tgsrep.token
new file mode 100644
index 0000000..25d6270
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/tgsrep.token differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/main/resources/tgsreq.token
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/main/resources/tgsreq.token b/kerby-kerb/kerb-core-test/src/main/resources/tgsreq.token
new file mode 100644
index 0000000..69f6b46
Binary files /dev/null and b/kerby-kerb/kerb-core-test/src/main/resources/tgsreq.token differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/README.txt
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/README.txt b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/README.txt
new file mode 100644
index 0000000..f1e0a3f
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/README.txt
@@ -0,0 +1,5 @@
+This project is simple for integration testing purpose. It's inspired by and originated from JaasLaunge.
+Eventually I will replace most of the codes by mine or get the granting permission of the author.
+
+http://jaaslounge.sourceforge.net/
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/AuthzDataUtil.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
new file mode 100644
index 0000000..fce9bb4
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.codec.pac.Pac;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationType;
+
+import java.io.IOException;
+import java.util.List;
+
+public class AuthzDataUtil {
+
+ public static Pac getPac(AuthorizationData authzData, byte[] serverKey) throws IOException, KrbException {
+ AuthorizationDataEntry ifRelevantAd = null;
+ for (AuthorizationDataEntry entry : authzData.getElements()) {
+ if (entry.getAuthzType() == AuthorizationType.AD_IF_RELEVANT) {
+ ifRelevantAd = entry;
+ break;
+ }
+ }
+
+ if (ifRelevantAd != null) {
+ List<AuthorizationDataEntry> entries = decode(ifRelevantAd);
+ for (AuthorizationDataEntry entry : entries) {
+ if (entry.getAuthzType() == AuthorizationType.AD_WIN2K_PAC) {
+ return decodeAsPac(entry, serverKey);
+ }
+ }
+ }
+
+ return null;
+ }
+
+ public static List<AuthorizationDataEntry> decode(AuthorizationDataEntry entry) throws IOException {
+ AuthorizationData authzData = new AuthorizationData();
+ authzData.decode(entry.getAuthzData());
+ return authzData.getElements();
+ }
+
+ public static Pac decodeAsPac(AuthorizationDataEntry entry, byte[] key) throws IOException, KrbException {
+ if (entry.getAuthzType() != AuthorizationType.AD_WIN2K_PAC) {
+ throw new IllegalArgumentException("Not AD_WIN2K_PAC type: " + entry.getAuthzType().name());
+ }
+
+ return new Pac(entry.getAuthzData(), key);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosApRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosApRequest.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosApRequest.java
new file mode 100644
index 0000000..4266ea6
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosApRequest.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApOptions;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApReq;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+
+import java.io.IOException;
+
+public class KerberosApRequest {
+ private ApReq apReq;
+ private KerberosTicket ticket;
+
+ public KerberosApRequest(byte[] token, EncryptionKey key) throws Exception {
+ if(token.length <= 0) {
+ throw new IOException("kerberos request empty");
+ }
+
+ apReq = KrbCodec.decode(token, ApReq.class);
+ ticket = new KerberosTicket(apReq.getTicket(), apReq.getApOptions(), key);
+ }
+
+ public ApOptions getApOptions() throws KrbException {
+ return apReq.getApOptions();
+ }
+
+ public KerberosTicket getTicket() {
+ return ticket;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosConstants.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosConstants.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosConstants.java
new file mode 100644
index 0000000..a02cda3
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosConstants.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+public interface KerberosConstants {
+
+ static final String KERBEROS_OID = "1.2.840.113554.1.2.2";
+ static final String KERBEROS_VERSION = "5";
+
+ static final String KERBEROS_AP_REQ = "14";
+
+ static final int AF_INTERNET = 2;
+ static final int AF_CHANET = 5;
+ static final int AF_XNS = 6;
+ static final int AF_ISO = 7;
+
+ static final int AUTH_DATA_RELEVANT = 1;
+ static final int AUTH_DATA_PAC = 128;
+
+ static final int DES_ENC_TYPE = 3;
+ static final int RC4_ENC_TYPE = 23;
+ static final String RC4_ALGORITHM = "ARCFOUR";
+ static final String HMAC_ALGORITHM = "HmacMD5";
+ static final int CONFOUNDER_SIZE = 8;
+ static final int CHECKSUM_SIZE = 16;
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosCredentials.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosCredentials.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosCredentials.java
new file mode 100644
index 0000000..087fe42
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosCredentials.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public class KerberosCredentials {
+
+ private static Keytab keytab;
+
+ private static void init() throws IOException {
+ InputStream kis = KerberosCredentials.class.getResourceAsStream("/server.keytab");
+ keytab = new Keytab();
+ keytab.load(kis);
+ }
+
+ public static EncryptionKey getServerKey(EncryptionType etype) throws IOException {
+ if (keytab == null) {
+ init();
+ }
+
+ for (PrincipalName principal : keytab.getPrincipals()) {
+ for (KeytabEntry entry : keytab.getKeytabEntries(principal)) {
+ if (entry.getKey().getKeyType() == etype) {
+ return entry.getKey();
+ }
+ }
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosTicket.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosTicket.java
new file mode 100644
index 0000000..a47f0ef
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosTicket.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApOptions;
+import org.apache.kerby.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
+import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+
+import java.util.Arrays;
+
+public class KerberosTicket {
+ private String serverPrincipalName;
+ private String serverRealm;
+ private Ticket ticket;
+
+ public KerberosTicket(Ticket ticket, ApOptions apOptions, EncryptionKey key)
+ throws Exception {
+ this.ticket = ticket;
+
+ byte[] decrypted = EncryptionHandler.decrypt(
+ ticket.getEncryptedEncPart(), key, KeyUsage.KDC_REP_TICKET);
+
+ EncTicketPart encPart = KrbCodec.decode(decrypted, EncTicketPart.class);
+ ticket.setEncPart(encPart);
+
+ /**
+ * Also test encryption by the way
+ */
+ EncryptedData encrypted = EncryptionHandler.encrypt(
+ decrypted, key, KeyUsage.KDC_REP_TICKET);
+
+ byte[] decrypted2 = EncryptionHandler.decrypt(
+ encrypted, key, KeyUsage.KDC_REP_TICKET);
+ if (!Arrays.equals(decrypted, decrypted2)) {
+ throw new KrbException("Encryption checking failed after decryption");
+ }
+ }
+
+ public String getUserPrincipalName() throws KrbException {
+ return ticket.getEncPart().getCname().getName();
+ }
+
+ public String getUserRealm() throws KrbException {
+ return ticket.getEncPart().getCrealm();
+ }
+
+ public String getServerPrincipalName() throws KrbException {
+ return ticket.getSname().getName();
+ }
+
+ public String getServerRealm() throws KrbException {
+ return ticket.getRealm();
+ }
+
+ public AuthorizationData getAuthorizationData() throws KrbException {
+ return ticket.getEncPart().getAuthorizationData();
+ }
+
+ public Ticket getTicket() {
+ return ticket;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosToken.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosToken.java
new file mode 100644
index 0000000..f3488c3
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/kerberos/KerberosToken.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.kerberos;
+
+import org.apache.kerby.asn1.Asn1InputBuffer;
+import org.apache.kerby.asn1.type.Asn1Item;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+
+import java.io.IOException;
+
+public class KerberosToken {
+
+ private KerberosApRequest apRequest;
+
+ public KerberosToken(byte[] token) throws Exception {
+ this(token, null);
+ }
+
+ public KerberosToken(byte[] token, EncryptionKey key) throws Exception {
+
+ if(token.length <= 0)
+ throw new IOException("kerberos.token.empty");
+
+ Asn1InputBuffer buffer = new Asn1InputBuffer(token);
+
+ Asn1Item value = (Asn1Item) buffer.read();
+ if(! value.isAppSpecific() && ! value.isConstructed())
+ throw new IOException("kerberos.token.malformed");
+
+ buffer = new Asn1InputBuffer(value.getBodyContent());
+ buffer.skipNext();
+
+ buffer.skipBytes(2);
+
+ apRequest = new KerberosApRequest(buffer.readAllLeftBytes(), key);
+ }
+
+ public KerberosApRequest getApRequest() {
+ return apRequest;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/Pac.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/Pac.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/Pac.java
new file mode 100644
index 0000000..9a3d0e0
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/Pac.java
@@ -0,0 +1,113 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.CheckSumHandler;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+
+public class Pac {
+
+ private PacLogonInfo logonInfo;
+ private PacCredentialType credentialType;
+ private PacSignature serverSignature;
+ private PacSignature kdcSignature;
+
+ public Pac(byte[] data, byte[] key) throws KrbException {
+ byte[] checksumData = data.clone();
+ try {
+ PacDataInputStream pacStream = new PacDataInputStream(new DataInputStream(
+ new ByteArrayInputStream(data)));
+
+ if(data.length <= 8)
+ throw new IOException("pac.token.empty");
+
+ int bufferCount = pacStream.readInt();
+ int version = pacStream.readInt();
+
+ if(version != PacConstants.PAC_VERSION) {
+ Object[] args = new Object[]{version};
+ throw new IOException("pac.version.invalid");
+ }
+
+ for(int bufferIndex = 0; bufferIndex < bufferCount; bufferIndex++) {
+ int bufferType = pacStream.readInt();
+ int bufferSize = pacStream.readInt();
+ long bufferOffset = pacStream.readLong();
+ byte[] bufferData = new byte[bufferSize];
+ System.arraycopy(data, (int)bufferOffset, bufferData, 0, bufferSize);
+
+ switch (bufferType) {
+ case PacConstants.LOGON_INFO:
+ // PAC Credential Information
+ logonInfo = new PacLogonInfo(bufferData);
+ break;
+ case PacConstants.CREDENTIAL_TYPE:
+ // PAC Credential Type
+ credentialType = new PacCredentialType(bufferData);
+ break;
+ case PacConstants.SERVER_CHECKSUM:
+ // PAC Server Signature
+ serverSignature = new PacSignature(bufferData);
+ // Clear signature from checksum copy
+ for(int i = 0; i < bufferSize; i++)
+ checksumData[(int)bufferOffset + 4 + i] = 0;
+ break;
+ case PacConstants.PRIVSVR_CHECKSUM:
+ // PAC KDC Signature
+ kdcSignature = new PacSignature(bufferData);
+ // Clear signature from checksum copy
+ for(int i = 0; i < bufferSize; i++)
+ checksumData[(int)bufferOffset + 4 + i] = 0;
+ break;
+ default:
+ }
+ }
+ } catch(IOException e) {
+ throw new KrbException("pac.token.malformed", e);
+ }
+
+ CheckSum checksum = new CheckSum(serverSignature.getType(), serverSignature.getChecksum());
+ if (! CheckSumHandler.verifyWithKey(checksum, checksumData, key, KeyUsage.APP_DATA_CKSUM)) {
+ throw new KrbException("Check sum verifying failed");
+ }
+ }
+
+ public PacLogonInfo getLogonInfo() {
+ return logonInfo;
+ }
+
+ public PacCredentialType getCredentialType() {
+ return credentialType;
+ }
+
+ public PacSignature getServerSignature() {
+ return serverSignature;
+ }
+
+ public PacSignature getKdcSignature() {
+ return kdcSignature;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacConstants.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacConstants.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacConstants.java
new file mode 100644
index 0000000..3aea971
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacConstants.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+public interface PacConstants {
+
+ static final int PAC_VERSION = 0;
+
+ static final int LOGON_INFO = 1;
+ static final int CREDENTIAL_TYPE = 2;
+ static final int SERVER_CHECKSUM = 6;
+ static final int PRIVSVR_CHECKSUM = 7;
+
+ static final int LOGON_EXTRA_SIDS = 0x20;
+ static final int LOGON_RESOURCE_GROUPS = 0x200;
+
+ static final long FILETIME_BASE = -11644473600000L;
+
+ static final int MD5_KRB_SALT = 17;
+ static final int MD5_BLOCK_LENGTH = 64;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacCredentialType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacCredentialType.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacCredentialType.java
new file mode 100644
index 0000000..9e395f2
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacCredentialType.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.IOException;
+
+public class PacCredentialType {
+
+ private static final int MINIMAL_BUFFER_SIZE = 32;
+
+ private byte[] credentialType;
+
+ public PacCredentialType(byte[] data) throws IOException {
+ credentialType = data;
+ if(!isCredentialTypeCorrect()) {
+ throw new IOException("pac.credentialtype.malformed");
+ }
+ }
+
+ public boolean isCredentialTypeCorrect() {
+ return credentialType != null && credentialType.length < MINIMAL_BUFFER_SIZE;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacDataInputStream.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacDataInputStream.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacDataInputStream.java
new file mode 100644
index 0000000..74e21db
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacDataInputStream.java
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.util.Date;
+
+public class PacDataInputStream {
+
+ private DataInputStream dis;
+ private int size;
+
+ public PacDataInputStream(InputStream in) throws IOException {
+ dis = new DataInputStream(in);
+ size = in.available();
+ }
+
+ public void align(int mask) throws IOException {
+ int position = size - dis.available();
+ int shift = position & mask - 1;
+ if(mask != 0 && shift != 0)
+ dis.skip(mask - shift);
+ }
+
+ public int available() throws IOException {
+ return dis.available();
+ }
+
+ public void readFully(byte[] b) throws IOException {
+ dis.readFully(b);
+ }
+
+ public void readFully(byte[] b, int off, int len) throws IOException {
+ dis.readFully(b, off, len);
+ }
+
+ public char readChar() throws IOException {
+ align(2);
+ return dis.readChar();
+ }
+
+ public byte readByte() throws IOException {
+ return dis.readByte();
+ }
+
+ public short readShort() throws IOException {
+ align(2);
+ return Short.reverseBytes((short)dis.readShort());
+ }
+
+ public int readInt() throws IOException {
+ align(4);
+ return Integer.reverseBytes(dis.readInt());
+ }
+
+ public long readLong() throws IOException {
+ align(8);
+ return Long.reverseBytes(dis.readLong());
+ }
+
+ public int readUnsignedByte() throws IOException {
+ return ((int)readByte()) & 0xff;
+ }
+
+ public long readUnsignedInt() throws IOException {
+ return ((long)readInt()) & 0xffffffffL;
+ }
+
+ public int readUnsignedShort() throws IOException {
+ return ((int)readShort()) & 0xffff;
+ }
+
+ public Date readFiletime() throws IOException {
+ Date date = null;
+
+ long last = readUnsignedInt();
+ long first = readUnsignedInt();
+ if(first != 0x7fffffffL && last != 0xffffffffL) {
+ BigInteger lastBigInt = BigInteger.valueOf(last);
+ BigInteger firstBigInt = BigInteger.valueOf(first);
+ BigInteger completeBigInt = lastBigInt.add(firstBigInt.shiftLeft(32));
+ completeBigInt = completeBigInt.divide(BigInteger.valueOf(10000L));
+ completeBigInt = completeBigInt.add(BigInteger.valueOf(PacConstants.FILETIME_BASE));
+ date = new Date(completeBigInt.longValue());
+ }
+
+ return date;
+ }
+
+ public PacUnicodeString readUnicodeString() throws IOException {
+ short length = readShort();
+ short maxLength = readShort();
+ int pointer = readInt();
+
+ if(maxLength < length) {
+ throw new IOException("pac.string.malformed.size");
+ }
+
+ return new PacUnicodeString(length, maxLength, pointer);
+ }
+
+ public String readString() throws IOException {
+ int totalChars = readInt();
+ int unusedChars = readInt();
+ int usedChars = readInt();
+
+ if(unusedChars > totalChars || usedChars > totalChars - unusedChars)
+ throw new IOException("pac.string.malformed.size");
+
+ dis.skip(unusedChars * 2);
+ char[] chars = new char[usedChars];
+ for(int l = 0; l < usedChars; l++)
+ chars[l] = (char)readShort();
+
+ return new String(chars);
+ }
+
+ public PacSid readId() throws IOException {
+ byte[] bytes = new byte[4];
+ readFully(bytes);
+
+ return PacSid.createFromSubs(bytes);
+ }
+
+ public PacSid readSid() throws IOException {
+ int sidSize = readInt();
+
+ byte[] bytes = new byte[8 + sidSize * 4];
+ readFully(bytes);
+
+ return new PacSid(bytes);
+ }
+
+ public int skipBytes(int n) throws IOException {
+ return dis.skipBytes(n);
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacGroup.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacGroup.java b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacGroup.java
new file mode 100644
index 0000000..a3d9bb5
--- /dev/null
+++ b/kerby-kerb/kerb-core-test/src/test/java/org/apache/kerby/kerberos/kerb/codec/pac/PacGroup.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.codec.pac;
+
+public class PacGroup {
+
+ private PacSid id;
+ private int attributes;
+
+ public PacGroup(PacSid id, int attributes) {
+ super();
+ this.id = id;
+ this.attributes = attributes;
+ }
+
+ public PacSid getId() {
+ return id;
+ }
+
+ public int getAttributes() {
+ return attributes;
+ }
+
+}
[02/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkBase.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkBase.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkBase.java
new file mode 100644
index 0000000..7526658
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkBase.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.network;
+
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.tcp.DecodingCallback;
+import org.apache.kerby.transport.tcp.StreamingDecoder;
+
+import java.nio.ByteBuffer;
+
+public class TestNetworkBase {
+ protected String serverHost = "127.0.0.1";
+ protected short tcpPort = 8183;
+ protected short udpPort = 8184;
+ protected String TEST_MESSAGE = "Hello world!";
+ protected String clientRecvedMessage;
+
+ protected enum TestEventType implements EventType {
+ FINISHED
+ }
+
+ protected String recvBuffer2String(ByteBuffer buffer) {
+ byte[] bytes = new byte[buffer.remaining()];
+ buffer.get(bytes);
+ return new String(bytes);
+ }
+
+ protected StreamingDecoder createStreamingDecoder() {
+ return new StreamingDecoder() {
+ @Override
+ public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
+ int expectedMessageLength = TEST_MESSAGE.getBytes().length;
+ if (streamingBuffer.remaining() >= expectedMessageLength) {
+ callback.onMessageComplete(expectedMessageLength);
+ } else {
+ callback.onMoreDataNeeded(expectedMessageLength);
+ }
+ }
+ };
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkClient.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkClient.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkClient.java
new file mode 100644
index 0000000..7074a81
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkClient.java
@@ -0,0 +1,212 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.network;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.event.EventWaiter;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Network;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.nio.ByteBuffer;
+import java.nio.channels.*;
+import java.util.Iterator;
+import java.util.Set;
+
+public class TestNetworkClient extends TestNetworkBase {
+
+ private EventHub eventHub;
+ private EventWaiter eventWaiter;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ setUpClient();
+ }
+
+ private void setUpServer() {
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ doRunTcpServer();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }).start();
+
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ doRunUdpServer();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }).start();
+ }
+
+ private void doRunTcpServer() throws IOException {
+ ServerSocketChannel serverSocketChannel;
+ Selector selector = Selector.open();
+ serverSocketChannel = ServerSocketChannel .open();
+ serverSocketChannel.configureBlocking(false);
+ ServerSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(new InetSocketAddress(tcpPort));
+ serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT);
+
+ SocketChannel socketChannel;
+ while (true) {
+ if (selector.selectNow() > 0) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ iterator.remove();
+
+ if (selectionKey.isAcceptable()) {
+ while ((socketChannel = serverSocketChannel.accept()) != null) {
+ socketChannel.configureBlocking(false);
+ socketChannel.socket().setTcpNoDelay(true);
+ socketChannel.socket().setKeepAlive(true);
+ socketChannel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, socketChannel);
+ //selectionKey.attach(socketChannel);
+ }
+ } else if (selectionKey.isReadable()) {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
+ socketChannel = (SocketChannel) selectionKey.attachment();
+ if (socketChannel.read(recvBuffer) > 0) {
+ recvBuffer.flip();
+ socketChannel.write(recvBuffer);
+ }
+ }
+ }
+
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+
+ private void doRunUdpServer() throws IOException {
+ DatagramChannel serverSocketChannel;
+ Selector selector = Selector.open();
+ serverSocketChannel = DatagramChannel.open();
+ serverSocketChannel.configureBlocking(false);
+ DatagramSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(new InetSocketAddress(udpPort));
+ serverSocketChannel.register(selector, SelectionKey.OP_READ);
+
+ while (true) {
+ if (selector.selectNow() > 0) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ iterator.remove();
+ if (selectionKey.isReadable()) {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
+ InetSocketAddress fromAddress = (InetSocketAddress) serverSocketChannel.receive(recvBuffer);
+ if (fromAddress != null) {
+ recvBuffer.flip();
+ serverSocketChannel.send(recvBuffer, fromAddress);
+ }
+ }
+ }
+
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+
+ private void setUpClient() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent event) {
+ if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ ByteBuffer buffer = event.getMessage();
+ if (buffer != null) {
+ clientRecvedMessage = recvBuffer2String(buffer);
+ System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
+ Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
+ dispatch(new Event(TestEventType.FINISHED, result));
+ }
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Network network = new Network();
+ network.setStreamingDecoder(createStreamingDecoder());
+ eventHub.register(network);
+
+ eventWaiter = eventHub.waitEvent(
+ TestEventType.FINISHED,
+ TransportEventType.NEW_TRANSPORT);
+
+ eventHub.start();
+ network.tcpConnect(serverHost, tcpPort);
+ network.udpConnect(serverHost, udpPort);
+ }
+
+ @Test
+ public void testNetworkClient() {
+ Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ Transport transport = ((TransportEvent) event).getTransport();
+ transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+ event = eventWaiter.waitEvent(TestEventType.FINISHED);
+ Assert.assertTrue((Boolean) event.getEventData());
+
+ event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ transport = ((TransportEvent) event).getTransport();
+ transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+ event = eventWaiter.waitEvent(TestEventType.FINISHED);
+ Assert.assertTrue((Boolean) event.getEventData());
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkServer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkServer.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkServer.java
new file mode 100644
index 0000000..eefc7a3
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/network/TestNetworkServer.java
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.network;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Network;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SocketChannel;
+
+public class TestNetworkServer extends TestNetworkBase {
+
+ private EventHub eventHub;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ }
+
+ private void setUpServer() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ msgEvent.getTransport().sendMessage(msgEvent.getMessage());
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Network network = new Network();
+ network.setStreamingDecoder(createStreamingDecoder());
+ eventHub.register(network);
+
+ eventHub.start();
+ network.tcpListen(serverHost, tcpPort);
+ network.udpListen(serverHost, udpPort);
+ }
+
+ @Test
+ public void testNetworkServer() throws IOException, InterruptedException {
+ testTcpTransport();
+ testUdpTransport();
+ }
+
+ private void testTcpTransport() throws IOException, InterruptedException {
+ Thread.sleep(10);
+
+ SocketChannel socketChannel = SocketChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, tcpPort);
+ socketChannel.connect(sa);
+ socketChannel.write(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+ ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
+ socketChannel.read(byteBuffer);
+ byteBuffer.flip();
+ clientRecvedMessage = recvBuffer2String(byteBuffer);
+ Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
+ }
+
+ private void testUdpTransport() throws IOException, InterruptedException {
+ Thread.sleep(10);
+
+ DatagramChannel socketChannel = DatagramChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, udpPort);
+ socketChannel.send(ByteBuffer.wrap(TEST_MESSAGE.getBytes()), sa);
+ ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
+ socketChannel.receive(byteBuffer);
+ byteBuffer.flip();
+ clientRecvedMessage = recvBuffer2String(byteBuffer);
+ Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpBase.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpBase.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpBase.java
new file mode 100644
index 0000000..263b7fc
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpBase.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.tcp;
+
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.tcp.DecodingCallback;
+import org.apache.kerby.transport.tcp.StreamingDecoder;
+
+import java.nio.ByteBuffer;
+
+public class TestTcpBase {
+ protected String serverHost = "127.0.0.1";
+ protected short serverPort = 8181;
+ protected String TEST_MESSAGE = "Hello world!";
+ protected String clientRecvedMessage;
+
+ protected enum TestEventType implements EventType {
+ FINISHED
+ }
+
+ protected String recvBuffer2String(ByteBuffer buffer) {
+ byte[] bytes = new byte[buffer.remaining()];
+ buffer.get(bytes);
+ return new String(bytes);
+ }
+
+ protected StreamingDecoder createStreamingDecoder() {
+ return new StreamingDecoder() {
+ @Override
+ public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
+ int expectedMessageLength = TEST_MESSAGE.getBytes().length;
+ if (streamingBuffer.remaining() >= expectedMessageLength) {
+ callback.onMessageComplete(expectedMessageLength);
+ } else {
+ callback.onMoreDataNeeded(expectedMessageLength);
+ }
+ }
+ };
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpClient.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpClient.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpClient.java
new file mode 100644
index 0000000..b0bd3ff
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpClient.java
@@ -0,0 +1,160 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.tcp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.event.EventWaiter;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.tcp.TcpConnector;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.nio.ByteBuffer;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.Selector;
+import java.nio.channels.ServerSocketChannel;
+import java.nio.channels.SocketChannel;
+import java.util.Iterator;
+import java.util.Set;
+
+public class TestTcpClient extends TestTcpBase {
+
+ private EventHub eventHub;
+ private EventWaiter eventWaiter;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ setUpClient();
+ }
+
+ private void setUpServer() {
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ doRunServer();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }).start();
+ }
+
+ private void doRunServer() throws IOException {
+ ServerSocketChannel serverSocketChannel;
+ Selector selector = Selector.open();
+ serverSocketChannel = ServerSocketChannel .open();
+ serverSocketChannel.configureBlocking(false);
+ ServerSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(new InetSocketAddress(serverPort));
+ serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT);
+
+ SocketChannel socketChannel;
+ while (true) {
+ if (selector.selectNow() > 0) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ iterator.remove();
+
+ if (selectionKey.isAcceptable()) {
+ while ((socketChannel = serverSocketChannel.accept()) != null) {
+ socketChannel.configureBlocking(false);
+ socketChannel.socket().setTcpNoDelay(true);
+ socketChannel.socket().setKeepAlive(true);
+ socketChannel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, socketChannel);
+ //selectionKey.attach(socketChannel);
+ }
+ } else if (selectionKey.isReadable()) {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
+ socketChannel = (SocketChannel) selectionKey.attachment();
+ if (socketChannel.read(recvBuffer) > 0) {
+ recvBuffer.flip();
+ socketChannel.write(recvBuffer);
+ }
+ }
+ }
+
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+
+ private void setUpClient() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent event) {
+ if (event.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ ByteBuffer buffer = event.getMessage();
+ clientRecvedMessage = recvBuffer2String(buffer);
+ System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
+ Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
+ dispatch(new Event(TestEventType.FINISHED, result));
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Connector connector = new TcpConnector(createStreamingDecoder());
+ eventHub.register(connector);
+
+ eventWaiter = eventHub.waitEvent(
+ TestEventType.FINISHED,
+ TransportEventType.NEW_TRANSPORT);
+
+ eventHub.start();
+ connector.connect(serverHost, serverPort);
+ }
+
+ @Test
+ public void testTcpTransport() {
+ Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ Transport transport = ((TransportEvent) event).getTransport();
+ transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+
+ event = eventWaiter.waitEvent(TestEventType.FINISHED);
+ Assert.assertTrue((Boolean) event.getEventData());
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpServer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpServer.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpServer.java
new file mode 100644
index 0000000..43ebe20
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/tcp/TestTcpServer.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.tcp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.transport.Acceptor;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.tcp.TcpAcceptor;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.SocketChannel;
+
+public class TestTcpServer extends TestTcpBase {
+
+ private EventHub eventHub;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ }
+
+ private void setUpServer() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ msgEvent.getTransport().sendMessage(msgEvent.getMessage());
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Acceptor acceptor = new TcpAcceptor(createStreamingDecoder());
+ eventHub.register(acceptor);
+
+ eventHub.start();
+ acceptor.listen(serverHost, serverPort);
+ }
+
+ @Test
+ public void testTcpTransport() throws IOException, InterruptedException {
+ Thread.sleep(15);
+
+ SocketChannel socketChannel = SocketChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.connect(sa);
+ socketChannel.write(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+ ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
+ socketChannel.read(byteBuffer);
+ byteBuffer.flip();
+ clientRecvedMessage = recvBuffer2String(byteBuffer);
+
+ Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpBase.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpBase.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpBase.java
new file mode 100644
index 0000000..63d71ac
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpBase.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.udp;
+
+import org.apache.kerby.event.EventType;
+
+import java.nio.ByteBuffer;
+
+public class TestUdpBase {
+ protected String serverHost = "127.0.0.1";
+ protected short serverPort = 8181;
+ protected String TEST_MESSAGE = "Hello world!";
+ protected String clientRecvedMessage;
+
+ protected enum TestEventType implements EventType {
+ FINISHED
+ }
+
+ protected String recvBuffer2String(ByteBuffer buffer) {
+ byte[] bytes = new byte[buffer.remaining()];
+ buffer.get(bytes);
+ return new String(bytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
new file mode 100644
index 0000000..f460b60
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.udp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.event.EventWaiter;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.udp.UdpConnector;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.Selector;
+import java.util.Iterator;
+import java.util.Set;
+
+public class TestUdpClient extends TestUdpBase {
+
+ private EventHub eventHub;
+ private EventWaiter eventWaiter;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ setUpClient();
+ }
+
+ private void setUpServer() {
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ doRunServer();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }).start();
+ }
+
+ private void doRunServer() throws IOException {
+ DatagramChannel serverSocketChannel;
+ Selector selector = Selector.open();
+ serverSocketChannel = DatagramChannel.open();
+ serverSocketChannel.configureBlocking(false);
+ DatagramSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(new InetSocketAddress(serverPort));
+ serverSocketChannel.register(selector, SelectionKey.OP_READ);
+
+ while (true) {
+ if (selector.selectNow() > 0) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ iterator.remove();
+ if (selectionKey.isReadable()) {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
+ InetSocketAddress fromAddress = (InetSocketAddress) serverSocketChannel.receive(recvBuffer);
+ if (fromAddress != null) {
+ recvBuffer.flip();
+ serverSocketChannel.send(recvBuffer, fromAddress);
+ }
+ }
+ }
+
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+
+ private void setUpClient() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ ByteBuffer buffer = msgEvent.getMessage();
+ clientRecvedMessage = recvBuffer2String(buffer);
+ System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
+ Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
+ dispatch(new Event(TestEventType.FINISHED, result));
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Connector connector = new UdpConnector();
+ eventHub.register(connector);
+
+ eventWaiter = eventHub.waitEvent(
+ TestEventType.FINISHED,
+ TransportEventType.NEW_TRANSPORT);
+
+ eventHub.start();
+ connector.connect(serverHost, serverPort);
+ }
+
+ @Test
+ public void testUdpTransport() {
+ Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ Transport transport = ((TransportEvent) event).getTransport();
+ transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+
+ event = eventWaiter.waitEvent(TestEventType.FINISHED);
+ Assert.assertTrue((Boolean) event.getEventData());
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
new file mode 100644
index 0000000..1402d9e
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.udp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.transport.Acceptor;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.udp.UdpAcceptor;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+
+public class TestUdpServer extends TestUdpBase {
+
+ private EventHub eventHub;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ }
+
+ private void setUpServer() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ msgEvent.getTransport().sendMessage(msgEvent.getMessage());
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Acceptor acceptor = new UdpAcceptor();
+ eventHub.register(acceptor);
+
+ eventHub.start();
+ acceptor.listen(serverHost, serverPort);
+ }
+
+ @Test
+ public void testUdpTransport() throws IOException, InterruptedException {
+ Thread.sleep(10);
+
+ DatagramChannel socketChannel = DatagramChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.send(ByteBuffer.wrap(TEST_MESSAGE.getBytes()), sa);
+ ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
+ socketChannel.receive(byteBuffer);
+ byteBuffer.flip();
+ clientRecvedMessage = recvBuffer2String(byteBuffer);
+
+ Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/pom.xml b/lib/kerby-pkix/pom.xml
new file mode 100644
index 0000000..01aa22d
--- /dev/null
+++ b/lib/kerby-pkix/pom.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-pkix</artifactId>
+
+ <name>Kerby PKIX</name>
+ <description>Kerby PKIX utilities</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>not-yet-commons-ssl</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java b/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
new file mode 100644
index 0000000..e74d74f
--- /dev/null
+++ b/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
@@ -0,0 +1,87 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.pki;
+
+import org.apache.commons.ssl.PKCS8Key;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+public class Pkix {
+
+ public static List<Certificate> getCerts(String certFile) throws IOException, CertificateException {
+ InputStream is = new FileInputStream(new File(certFile));
+ return getCerts(is);
+ }
+
+ public static List<Certificate> getCerts(InputStream inputStream) throws IOException, CertificateException {
+ CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+ Collection<? extends Certificate> certs =
+ (Collection<? extends Certificate>) certFactory.generateCertificates(inputStream);
+
+ return new ArrayList<Certificate>(certs);
+ }
+
+ public static PrivateKey getPrivateKey(String keyFile, String password) throws IOException, GeneralSecurityException {
+ InputStream in = new FileInputStream("/path/to/pkcs8_private_key.der");
+ return getPrivateKey(in, password);
+ }
+
+ public static PrivateKey getPrivateKey(InputStream inputStream, String password) throws GeneralSecurityException, IOException {
+ if (password == null) password = "";
+ // If the provided InputStream is encrypted, we need a password to decrypt
+ // it. If the InputStream is not encrypted, then the password is ignored
+ // (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64).
+ PKCS8Key pkcs8 = new PKCS8Key(inputStream, password.toCharArray());
+
+ // If an unencrypted PKCS8 key was provided, then this actually returns
+ // exactly what was originally passed inputStream (with no changes). If an OpenSSL
+ // key was provided, it gets reformatted as PKCS #8 first, and so these
+ // bytes will still be PKCS #8, not OpenSSL.
+ byte[] decrypted = pkcs8.getDecryptedBytes();
+ PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decrypted);
+
+ // A Java PrivateKey object is born.
+ PrivateKey pk = null;
+ if (pkcs8.isDSA()) {
+ pk = KeyFactory.getInstance("DSA").generatePrivate(spec);
+ }
+ else if (pkcs8.isRSA()) {
+ pk = KeyFactory.getInstance("RSA").generatePrivate(spec);
+ }
+
+ // For lazier types:
+ pk = pkcs8.getPrivateKey();
+
+ return pk;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/cacert.pem b/lib/kerby-pkix/src/main/resources/cacert.pem
new file mode 100644
index 0000000..6b91561
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/cacert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
+eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
+MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
+Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
+cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
+uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
+u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
+F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
+d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
+fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
+xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
+V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/cakey.pem b/lib/kerby-pkix/src/main/resources/cakey.pem
new file mode 100644
index 0000000..66dc806
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/cakey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
+NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
+s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
+AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
+usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
+Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
+Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
+IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
+Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
+zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
+0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
+tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
+GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
+L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
+pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
+YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
+/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
+XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
+VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
+ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
+XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
+IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
+OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
+oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
+5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/extensions.kdc b/lib/kerby-pkix/src/main/resources/extensions.kdc
new file mode 100644
index 0000000..8052f71
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/extensions.kdc
@@ -0,0 +1,36 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+[kdc_cert]
+basicConstraints=CA:FALSE
+keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
+extendedKeyUsage=1.3.6.1.5.2.3.5
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+issuerAltName=issuer:copy
+subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
+
+[kdc_princ_name]
+realm=EXP:0,GeneralString:${ENV::REALM}
+principal_name=EXP:1,SEQUENCE:kdc_principal_seq
+
+[kdc_principal_seq]
+name_type=EXP:0,INTEGER:1
+name_string=EXP:1,SEQUENCE:kdc_principals
+
+[kdc_principals]
+princ1=GeneralString:krbtgt
+princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/kdccert.pem b/lib/kerby-pkix/src/main/resources/kdccert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/kdccert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/kdckey.pem b/lib/kerby-pkix/src/main/resources/kdckey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/kdckey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/usercert.pem b/lib/kerby-pkix/src/main/resources/usercert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/usercert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/userkey.pem b/lib/kerby-pkix/src/main/resources/userkey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/userkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java b/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
new file mode 100644
index 0000000..f827247
--- /dev/null
+++ b/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.pki;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.util.List;
+
+/**
+ openssl genrsa -out cakey.pem 2048
+ openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
+ vi extensions.kdc
+ openssl genrsa -out kdckey.pem 2048
+ openssl req -new -out kdc.req -key kdckey.pem
+ env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
+ -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
+ */
+public class PkixTest {
+
+ @Test
+ public void loadCert() throws CertificateException, IOException {
+ InputStream res = getClass().getResourceAsStream("/usercert.pem");
+ List<Certificate> certs = Pkix.getCerts(res);
+ Certificate userCert = certs.iterator().next();
+
+ Assert.assertNotNull(userCert);
+ }
+
+ @Test
+ public void loadKey() throws GeneralSecurityException, IOException {
+ InputStream res = getClass().getResourceAsStream("/userkey.pem");
+ PrivateKey key = Pkix.getPrivateKey(res, null);
+
+ Assert.assertNotNull(key);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-token/pom.xml b/lib/kerby-token/pom.xml
new file mode 100644
index 0000000..60a8dfd
--- /dev/null
+++ b/lib/kerby-token/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-token</artifactId>
+ <name>Kerby-token Project</name>
+ <version>1.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>com.nimbusds</groupId>
+ <artifactId>nimbus-jose-jwt</artifactId>
+ <version>3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-asn1</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
new file mode 100644
index 0000000..d4bfedb
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.type.Asn1SequenceType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthzDataEntry extends Asn1SequenceType {
+ static int AD_TYPE = 0;
+ static int AD_DATA = 1;
+
+ public AuthzDataEntry() {
+ super(new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
+ });
+ }
+
+ public int getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return value;
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctets(AD_DATA);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
new file mode 100644
index 0000000..be4a127
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import java.util.Map;
+
+public class KerbToken {
+
+ private Map<String, Object> attributes;
+
+ public KerbToken(Map<String, Object> attributes) {
+ this.attributes = attributes;
+ }
+
+ public Map<String, Object> getAttributes() {
+ return attributes;
+ }
+
+ public String getPrincipal() {
+ return (String) attributes.get("sub");
+ }
+
+ public String[] getGroups() {
+ String grp = (String) attributes.get("group");
+ if (grp != null) {
+ return new String[] { grp };
+ }
+ return new String[0];
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
new file mode 100644
index 0000000..51e3593
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import java.io.*;
+
+public class TokenCache {
+ private static final String DEFAULT_TOKEN_CACHE_PATH = ".tokenauth";
+ private static final String TOKEN_CACHE_FILE = ".tokenauth.token";
+
+ public static String readToken(String tokenCacheFile) {
+ File cacheFile = null;
+
+ if (tokenCacheFile != null && ! tokenCacheFile.isEmpty()) {
+ cacheFile = new File(tokenCacheFile);
+ if (!cacheFile.exists()) {
+ throw new RuntimeException("Invalid token cache specified: " + tokenCacheFile);
+ };
+ } else {
+ cacheFile = getDefaultTokenCache();
+ if (!cacheFile.exists()) {
+ throw new RuntimeException("No token cache available by default");
+ };
+ }
+
+ String token = null;
+ try {
+ BufferedReader reader = new BufferedReader(new FileReader(cacheFile));
+ String line = reader.readLine();
+ reader.close();
+ if (line != null) {
+ token = line;
+ }
+ } catch (IOException ex) {
+ //NOP
+ }
+
+ return token;
+ }
+
+ public static void writeToken(String token) {
+ File cacheFile = getDefaultTokenCache();
+
+ try {
+ Writer writer = new FileWriter(cacheFile);
+ writer.write(token.toString());
+ writer.close();
+ // sets read-write permissions to owner only
+ cacheFile.setReadable(false, false);
+ cacheFile.setReadable(true, true);
+ cacheFile.setWritable(true, true);
+ }
+ catch (IOException ioe) {
+ // if case of any error we just delete the cache, if user-only
+ // write permissions are not properly set a security exception
+ // is thrown and the file will be deleted.
+ cacheFile.delete();
+ }
+ }
+
+ public static File getDefaultTokenCache() {
+ String homeDir = System.getProperty("user.home", DEFAULT_TOKEN_CACHE_PATH);
+ return new File(homeDir, TOKEN_CACHE_FILE);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
new file mode 100644
index 0000000..8e43384
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
@@ -0,0 +1,101 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import com.sun.security.jgss.AuthorizationDataEntry;
+import com.sun.security.jgss.ExtendedGSSContext;
+import com.sun.security.jgss.InquireType;
+import org.apache.kerby.asn1.type.Asn1SequenceOf;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSException;
+
+import java.io.IOException;
+import java.util.List;
+
+public class TokenExtractor {
+ static final int JWT_AUTHZ_DATA_TYPE = 81;
+ public static final int AD_IF_RELEVANT_TYPE = 1;
+
+ /**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+ public static class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
+
+ }
+
+ public static KerbToken checkAuthzData(GSSContext context) throws GSSException, IOException {
+ System.out.println("Looking for token from authorization data in GSSContext");
+
+ Object authzData = null;
+ if (context instanceof ExtendedGSSContext) {
+ ExtendedGSSContext ex = (ExtendedGSSContext)context;
+ authzData = ex.inquireSecContext(
+ InquireType.KRB5_GET_AUTHZ_DATA);
+ }
+
+ if (authzData != null) {
+ AuthorizationDataEntry[] authzEntries = (AuthorizationDataEntry[]) authzData;
+ KerbToken resultToken = null;
+ for (int i = 0; i < authzEntries.length; ++i) {
+ resultToken = getAuthzToken(authzEntries[i]);
+ if (resultToken != null) {
+ return resultToken;
+ }
+ }
+ }
+ return null;
+ }
+
+ public static KerbToken getAuthzToken(AuthorizationDataEntry authzDataEntry) throws IOException {
+ if (authzDataEntry.getType() == AD_IF_RELEVANT_TYPE) {
+ String token = getToken(authzDataEntry);
+ if (token == null) {
+ return null;
+ }
+
+ try {
+ return TokenTool.fromJwtToken(token);
+ } catch (Exception e) {
+ // noop when not jwt token
+ }
+ }
+
+ return null;
+ }
+
+ public static String getToken(AuthorizationDataEntry authzDataEntry) throws IOException {
+ List<AuthzDataEntry> entries = decode(authzDataEntry);
+ for (AuthzDataEntry entry : entries) {
+ if (entry.getAuthzType() == JWT_AUTHZ_DATA_TYPE) {
+ return new String(entry.getAuthzData());
+ }
+ }
+ return null;
+ }
+
+ public static List<AuthzDataEntry> decode(AuthorizationDataEntry authzDataEntry) throws IOException {
+ AuthorizationData authzData = new AuthorizationData();
+ authzData.decode(authzDataEntry.getData());
+ return authzData.getElements();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
new file mode 100644
index 0000000..2de1973
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
@@ -0,0 +1,124 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import com.nimbusds.jose.PlainHeader;
+import com.nimbusds.jwt.JWT;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.PlainJWT;
+
+import java.text.ParseException;
+import java.util.*;
+
+public class TokenTool {
+
+ public static JWT issueToken(String principal, String group, String role) {
+ // must have for kerb-token
+ String krbPrincipal = principal + "@SH.INTEL.COM";
+
+ PlainHeader header = new PlainHeader();
+ //header.setCustomParameter("krbPrincipal", krbPrincipal);
+
+ JWTClaimsSet jwtClaims = new JWTClaimsSet();
+
+ String iss = "token-service";
+ jwtClaims.setIssuer(iss);
+
+ String sub = principal;
+ jwtClaims.setSubject(sub);
+
+ // must have for kerb-token
+ jwtClaims.setSubject(krbPrincipal);
+
+ jwtClaims.setClaim("group", group);
+ if (role != null) {
+ jwtClaims.setClaim("role", role);
+ }
+
+ List<String> aud = new ArrayList<String>();
+ aud.add("krb5kdc-with-token-extension");
+ jwtClaims.setAudience(aud);
+
+ // Set expiration in 60 minutes
+ final Date NOW = new Date(new Date().getTime() / 1000 * 1000);
+ Date exp = new Date(NOW.getTime() + 1000 * 60 * 60);
+ jwtClaims.setExpirationTime(exp);
+
+ Date nbf = NOW;
+ jwtClaims.setNotBeforeTime(nbf);
+
+ Date iat = NOW;
+ jwtClaims.setIssueTime(iat);
+
+ String jti = UUID.randomUUID().toString();
+ jwtClaims.setJWTID(jti);
+
+ PlainJWT jwt = new PlainJWT(header, jwtClaims);
+ return jwt;
+ }
+
+ public static JWT decodeToken(String token) throws ParseException {
+ PlainJWT jwt = PlainJWT.parse(token);
+
+ return jwt;
+ }
+
+ public static KerbToken fromJwtToken(String token) throws ParseException {
+ Map<String, Object> attrs = decodeAndExtractTokenAttributes(token);
+ return new KerbToken(attrs);
+ }
+
+ public static Map<String, Object> decodeAndExtractTokenAttributes(String token) throws ParseException {
+ PlainJWT jwt = PlainJWT.parse(token);
+
+ Map<String, Object> attrs = new HashMap<String, Object>();
+ attrs.putAll(jwt.getJWTClaimsSet().getAllClaims());
+ //attrs.putAll(jwt.getHeader().getCustomParameters());
+
+ return attrs;
+ }
+
+ public static void main(String[] args) throws ParseException {
+ String principal, group, role = null;
+
+ if (args.length != 2 && args.length != 3) {
+ System.out.println("This is a simple token issuing tool just for kerb-token PoC usage\n");
+ System.out.println("tokeninit <username> <group> [role]\n");
+ System.exit(1);
+ }
+ principal = args[0];
+ group = args[1];
+ if (args.length > 2) {
+ role = args[2];
+ }
+
+ JWT jwt = issueToken(principal, group, role);
+ String token = jwt.serialize();
+
+ TokenCache.writeToken(token);
+ System.out.println("Issued token: " + token);
+
+ /*
+ JWT jwt2 = decodeToken(token);
+ String krbPrincipal = (String) jwt2.getHeader().getCustomParameter("krbPrincipal");
+ System.out.println("Decoded token with krbprincipal: " + krbPrincipal);
+ */
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-util/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-util/pom.xml b/lib/kerby-util/pom.xml
new file mode 100644
index 0000000..b3ccb27
--- /dev/null
+++ b/lib/kerby-util/pom.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-util</artifactId>
+
+ <name>Kerby Util</name>
+ <description>Kerby common util, without any 3rd party dependency</description>
+
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
new file mode 100644
index 0000000..1e6ec50
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.util;
+
+public class HexUtil {
+
+ final static String HEX_CHARS_STR = "0123456789ABCDEF";
+ final static char[] HEX_CHARS = HEX_CHARS_STR.toCharArray();
+
+ /**
+ * Convert bytes into format as:
+ * 02020080
+ */
+ public static String bytesToHex(byte[] bytes) {
+ int len = bytes.length * 2;
+ char[] hexChars = new char[len];
+ for ( int j = 0; j < bytes.length; j++ ) {
+ int v = bytes[j] & 0xFF;
+ hexChars[j * 2] = HEX_CHARS[v >>> 4];
+ hexChars[j * 2 + 1] = HEX_CHARS[v & 0x0F];
+ }
+
+ return new String(hexChars);
+ }
+
+ /**
+ * Convert hex string like follows into byte array
+ * 02020080
+ */
+ public static byte[] hex2bytes(String hexString) {
+ hexString = hexString.toUpperCase();
+ int len = hexString.length() / 2;
+ byte[] bytes = new byte[len];
+ char[] hexChars = hexString.toCharArray();
+ for (int i = 0, j = 0; i < len; ++i) {
+ bytes[i] = (byte) ((HEX_CHARS_STR.indexOf(hexChars[j++]) << 4) + HEX_CHARS_STR.indexOf(hexChars[j++]));
+ }
+
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/pom.xml
----------------------------------------------------------------------
diff --git a/lib/pom.xml b/lib/pom.xml
new file mode 100644
index 0000000..149d45e
--- /dev/null
+++ b/lib/pom.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>lib</artifactId>
+ <name>Lib Projects</name>
+ <description>Lib Projects</description>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>kerby-config</module>
+ <module>kerby-event</module>
+ <module>kerby-pkix</module>
+ <module>kerby-token</module>
+ <module>kerby-util</module>
+ </modules>
+
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+</project>
[19/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
new file mode 100644
index 0000000..b7902b4
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitContext.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.IdentityOpts;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PluginOpts;
+
+public class PkinitContext {
+
+ public PluginOpts pluginOpts = new PluginOpts();
+ public IdentityOpts identityOpts = new IdentityOpts();
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
new file mode 100644
index 0000000..d5a516c
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
@@ -0,0 +1,233 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOption;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlag;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PkinitIdenity;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PkinitPreauthMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.*;
+import org.apache.kerby.kerberos.kerb.spec.x509.SubjectPublicKeyInfo;
+
+public class PkinitPreauth extends AbstractPreauthPlugin {
+
+ private PkinitContext pkinitContext;
+
+ public PkinitPreauth() {
+ super(new PkinitPreauthMeta());
+ }
+
+ @Override
+ public void init(KrbContext context) {
+ super.init(context);
+ this.pkinitContext = new PkinitContext();
+ }
+
+ @Override
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
+ PkinitRequestContext reqCtx = new PkinitRequestContext();
+
+ reqCtx.updateRequestOpts(pkinitContext.pluginOpts);
+
+ return reqCtx;
+ }
+
+ @Override
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ KrbOptions options) {
+ if (options.contains(KrbOption.PKINIT_X509_IDENTITY)) {
+ pkinitContext.identityOpts.identity =
+ options.getStringOption(KrbOption.PKINIT_X509_IDENTITY);
+ }
+
+ if (options.contains(KrbOption.PKINIT_X509_ANCHORS)) {
+ pkinitContext.identityOpts.anchors.add(
+ options.getStringOption(KrbOption.PKINIT_X509_ANCHORS));
+ }
+
+ if (options.contains(KrbOption.PKINIT_USING_RSA)) {
+ pkinitContext.pluginOpts.usingRsa =
+ options.getBooleanOption(KrbOption.PKINIT_USING_RSA);
+ }
+
+ }
+
+ @Override
+ public void prepareQuestions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) {
+
+ PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
+
+ if (!reqCtx.identityInitialized) {
+ PkinitIdenity.initialize(reqCtx.identityOpts, kdcRequest.getClientPrincipal());
+ reqCtx.identityInitialized = true;
+ }
+
+ // Might have questions asking for password to access the private key
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException {
+
+ }
+
+ @Override
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
+
+ PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
+ if (inPadata == null) return false;
+
+ boolean processingRequest = false;
+ switch (inPadata.getPaDataType()) {
+ case PK_AS_REQ:
+ processingRequest = true;
+ break;
+ case PK_AS_REP:
+ break;
+ }
+
+ if (processingRequest) {
+ generateRequest(reqCtx, kdcRequest, outPadata);
+ } else {
+ EncryptionType encType = kdcRequest.getEncType();
+ processReply(kdcRequest, reqCtx, inPadata, encType);
+ }
+
+ return false;
+ }
+
+ private void generateRequest(PkinitRequestContext reqCtx, KdcRequest kdcRequest,
+ PaData outPadata) {
+
+ }
+
+ private PaPkAsReq makePaPkAsReq(PkinitContext pkinitContext, PkinitRequestContext reqCtx,
+ KerberosTime ctime, int cusec, int nonce, byte[] checksum,
+ PrincipalName client, PrincipalName server) {
+
+ PaPkAsReq paPkAsReq = new PaPkAsReq();
+ AuthPack authPack = new AuthPack();
+ SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo();
+ PkAuthenticator pkAuthen = new PkAuthenticator();
+
+ boolean usingRsa = reqCtx.requestOpts.usingRsa;
+ PaDataType paType = reqCtx.paType = PaDataType.PK_AS_REQ;
+
+ pkAuthen.setCtime(ctime);
+ pkAuthen.setCusec(cusec);
+ pkAuthen.setNonce(nonce);
+ pkAuthen.setPaChecksum(checksum);
+
+ authPack.setPkAuthenticator(pkAuthen);
+ DHNonce dhNonce = new DHNonce();
+ authPack.setClientDhNonce(dhNonce);
+ authPack.setClientPublicValue(pubInfo);
+
+ authPack.setsupportedCmsTypes(pkinitContext.pluginOpts.createSupportedCMSTypes());
+
+ if (usingRsa) {
+ // DH case
+ } else {
+ authPack.setClientPublicValue(null);
+ }
+
+ byte[] signedAuthPack = signAuthPack(pkinitContext, reqCtx, authPack);
+ paPkAsReq.setSignedAuthPack(signedAuthPack);
+
+ TrustedCertifiers trustedCertifiers = pkinitContext.pluginOpts.createTrustedCertifiers();
+ paPkAsReq.setTrustedCertifiers(trustedCertifiers);
+
+ byte[] kdcPkId = pkinitContext.pluginOpts.createIssuerAndSerial();
+ paPkAsReq.setKdcPkId(kdcPkId);
+
+ return paPkAsReq;
+ }
+
+ private byte[] signAuthPack(PkinitContext pkinitContext,
+ PkinitRequestContext reqCtx, AuthPack authPack) {
+ return null;
+ }
+
+ private void processReply(KdcRequest kdcRequest,
+ PkinitRequestContext reqCtx,
+ PaDataEntry inPadata,
+ EncryptionType encType) {
+
+ EncryptionKey asKey = null;
+
+ // TODO
+
+ kdcRequest.setAsKey(asKey);
+ }
+
+ @Override
+ public boolean tryAgain(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataType preauthType,
+ PaData errPadata,
+ PaData outPadata) {
+
+ PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
+ if (reqCtx.paType != preauthType && errPadata == null) {
+ return false;
+ }
+
+ boolean doAgain = false;
+ for (PaDataEntry pde : errPadata.getElements()) {
+ switch (pde.getPaDataType()) {
+ // TODO
+ }
+ }
+
+ if (doAgain) {
+ generateRequest(reqCtx, kdcRequest, outPadata);
+ }
+
+ return false;
+ }
+
+ @Override
+ public PaFlags getFlags(PaDataType paType) {
+ PaFlags paFlags = new PaFlags(0);
+ paFlags.setFlag(PaFlag.PA_REAL);
+
+ return paFlags;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
new file mode 100644
index 0000000..bfbf7f2
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestContext.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.IdentityOpts;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PluginOpts;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class PkinitRequestContext implements PluginRequestContext {
+
+ public PkinitRequestOpts requestOpts = new PkinitRequestOpts();
+ public IdentityOpts identityOpts = new IdentityOpts();
+ public boolean doIdentityMatching;
+ public PaDataType paType;
+ public boolean rfc6112Kdc;
+ public boolean identityInitialized;
+ public boolean identityPrompted;
+
+ public void updateRequestOpts(PluginOpts pluginOpts) {
+ requestOpts.requireEku = pluginOpts.requireEku;
+ requestOpts.acceptSecondaryEku = pluginOpts.acceptSecondaryEku;
+ requestOpts.allowUpn = pluginOpts.allowUpn;
+ requestOpts.usingRsa = pluginOpts.usingRsa;
+ requestOpts.requireCrlChecking = pluginOpts.requireCrlChecking;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
new file mode 100644
index 0000000..97e989f
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitRequestOpts.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.pkinit;
+
+public class PkinitRequestOpts {
+
+ // From MIT Krb5 _pkinit_plg_opts
+
+ // require EKU checking (default is true)
+ public boolean requireEku = true;
+ // accept secondary EKU (default is false)
+ public boolean acceptSecondaryEku = false;
+ // allow UPN-SAN instead of pkinit-SAN
+ public boolean allowUpn = true;
+ // selects DH or RSA based pkinit
+ public boolean usingRsa = true;
+ // require CRL for a CA (default is false)
+ public boolean requireCrlChecking = false;
+ // initial request DH modulus size (default=1024)
+ public int dhSize = 1024;
+
+ public boolean requireHostnameMatch = true;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenContext.java
new file mode 100644
index 0000000..e1696dc
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenContext.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.token;
+
+import org.apache.kerby.token.KerbToken;
+
+public class TokenContext {
+
+ public boolean usingIdToken = true;
+ public KerbToken token = null;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
new file mode 100644
index 0000000..f67ad71
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
@@ -0,0 +1,124 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.token;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOption;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.client.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlag;
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.token.TokenPreauthMeta;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.token.KerbToken;
+
+import java.util.Collections;
+import java.util.List;
+
+public class TokenPreauth extends AbstractPreauthPlugin {
+
+ private TokenContext tokenContext;
+
+ public TokenPreauth() {
+ super(new TokenPreauthMeta());
+ }
+
+ public void init(KrbContext context) {
+ super.init(context);
+ this.tokenContext = new TokenContext();
+ }
+
+ @Override
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
+ TokenRequestContext reqCtx = new TokenRequestContext();
+
+ return reqCtx;
+ }
+
+ @Override
+ public void prepareQuestions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) {
+
+ }
+
+ @Override
+ public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
+ PluginRequestContext requestContext) {
+ return Collections.emptyList();
+ }
+
+ @Override
+ public void setPreauthOptions(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ KrbOptions options) {
+
+ tokenContext.usingIdToken = options.getBooleanOption(KrbOption.TOKEN_USING_IDTOKEN);
+ if (tokenContext.usingIdToken) {
+ if (options.contains(KrbOption.TOKEN_USER_ID_TOKEN)) {
+ tokenContext.token =
+ (KerbToken) options.getOptionValue(KrbOption.TOKEN_USER_ID_TOKEN);
+ }
+ } else {
+ if (options.contains(KrbOption.TOKEN_USER_AC_TOKEN)) {
+ tokenContext.token =
+ (KerbToken) options.getOptionValue(KrbOption.TOKEN_USER_AC_TOKEN);
+ }
+ }
+
+ }
+
+ public void tryFirst(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaData outPadata) throws KrbException {
+
+ }
+
+ @Override
+ public boolean process(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
+
+ return false;
+ }
+
+ @Override
+ public boolean tryAgain(KdcRequest kdcRequest,
+ PluginRequestContext requestContext,
+ PaDataType preauthType,
+ PaData errPadata,
+ PaData outPadata) {
+ return false;
+ }
+
+ @Override
+ public PaFlags getFlags(PaDataType paType) {
+ PaFlags paFlags = new PaFlags(0);
+ paFlags.setFlag(PaFlag.PA_REAL);
+
+ return paFlags;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenRequestContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenRequestContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenRequestContext.java
new file mode 100644
index 0000000..ca7eb87
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenRequestContext.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.preauth.token;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class TokenRequestContext implements PluginRequestContext {
+
+ public boolean doIdentityMatching;
+ public PaDataType paType;
+ public boolean identityInitialized;
+ public boolean identityPrompted;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequest.java
new file mode 100644
index 0000000..ca20e00
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequest.java
@@ -0,0 +1,127 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.kdc.*;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+
+import java.io.IOException;
+import java.util.List;
+
+public class AsRequest extends KdcRequest {
+
+ private PrincipalName clientPrincipal;
+ private EncryptionKey clientKey;
+
+ public AsRequest(KrbContext context) {
+ super(context);
+
+ setServerPrincipal(makeTgsPrincipal());
+ }
+
+ public PrincipalName getClientPrincipal() {
+ return clientPrincipal;
+ }
+
+ public void setClientPrincipal(PrincipalName clientPrincipal) {
+ this.clientPrincipal = clientPrincipal;
+ }
+
+ public void setClientKey(EncryptionKey clientKey) {
+ this.clientKey = clientKey;
+ }
+
+ public EncryptionKey getClientKey() throws KrbException {
+ return clientKey;
+ }
+
+ @Override
+ public void process() throws KrbException {
+ super.process();
+
+ KdcReqBody body = makeReqBody();
+
+ AsReq asReq = new AsReq();
+ asReq.setReqBody(body);
+ asReq.setPaData(getPreauthContext().getOutputPaData());
+
+ setKdcReq(asReq);
+ }
+
+ @Override
+ public void processResponse(KdcRep kdcRep) throws KrbException {
+ setKdcRep(kdcRep);
+
+ PrincipalName clientPrincipal = getKdcRep().getCname();
+ String clientRealm = getKdcRep().getCrealm();
+ clientPrincipal.setRealm(clientRealm);
+ if (! clientPrincipal.equals(getClientPrincipal())) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_NAME_MISMATCH);
+ }
+
+ byte[] decryptedData = decryptWithClientKey(getKdcRep().getEncryptedEncPart(),
+ KeyUsage.AS_REP_ENCPART);
+ EncKdcRepPart encKdcRepPart = new EncAsRepPart();
+ try {
+ encKdcRepPart.decode(decryptedData);
+ } catch (IOException e) {
+ throw new KrbException("Failed to decode EncAsRepPart", e);
+ }
+ getKdcRep().setEncPart(encKdcRepPart);
+
+ if (getChosenNonce() != encKdcRepPart.getNonce()) {
+ throw new KrbException("Nonce didn't match");
+ }
+
+ PrincipalName serverPrincipal = encKdcRepPart.getSname();
+ serverPrincipal.setRealm(encKdcRepPart.getSrealm());
+ if (! serverPrincipal.equals(getServerPrincipal())) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_SERVER_NOMATCH);
+ }
+
+ HostAddresses hostAddresses = getHostAddresses();
+ if (hostAddresses != null) {
+ List<HostAddress> requestHosts = hostAddresses.getElements();
+ if (!requestHosts.isEmpty()) {
+ List<HostAddress> responseHosts = encKdcRepPart.getCaddr().getElements();
+ for (HostAddress h : requestHosts) {
+ if (!responseHosts.contains(h)) {
+ throw new KrbException("Unexpected client host");
+ }
+ }
+ }
+ }
+ }
+
+ public TgtTicket getTicket() {
+ TgtTicket TgtTicket = new TgtTicket(getKdcRep().getTicket(),
+ (EncAsRepPart) getKdcRep().getEncPart(), getKdcRep().getCname().getName());
+ return TgtTicket;
+ }
+
+ private PrincipalName makeTgsPrincipal() {
+ return new PrincipalName(KrbConstant.TGS_PRINCIPAL + "@" + getContext().getKdcRealm());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithCert.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithCert.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithCert.java
new file mode 100644
index 0000000..43b2368
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithCert.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOption;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class AsRequestWithCert extends AsRequest {
+
+ public static final String ANONYMOUS_PRINCIPAL = "ANONYMOUS@WELLKNOWN:ANONYMOUS";
+
+ public AsRequestWithCert(KrbContext context) {
+ super(context);
+
+ setAllowedPreauth(PaDataType.PK_AS_REQ);
+ }
+
+ @Override
+ public void process() throws KrbException {
+ throw new RuntimeException("To be implemented");
+ }
+
+ @Override
+ public KrbOptions getPreauthOptions() {
+ KrbOptions results = new KrbOptions();
+
+ KrbOptions krbOptions = getKrbOptions();
+ results.add(krbOptions.getOption(KrbOption.PKINIT_X509_CERTIFICATE));
+ results.add(krbOptions.getOption(KrbOption.PKINIT_X509_ANCHORS));
+ results.add(krbOptions.getOption(KrbOption.PKINIT_X509_PRIVATE_KEY));
+ results.add(krbOptions.getOption(KrbOption.PKINIT_X509_IDENTITY));
+ results.add(krbOptions.getOption(KrbOption.PKINIT_USING_RSA));
+
+ return results;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithPasswd.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithPasswd.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithPasswd.java
new file mode 100644
index 0000000..721ab85
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithPasswd.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOption;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class AsRequestWithPasswd extends AsRequest {
+
+ public AsRequestWithPasswd(KrbContext context) {
+ super(context);
+
+ setAllowedPreauth(PaDataType.ENC_TIMESTAMP);
+ }
+
+ public String getPassword() {
+ return getKrbOptions().getStringOption(KrbOption.USER_PASSWD);
+ }
+
+ @Override
+ public EncryptionKey getClientKey() throws KrbException {
+ if (super.getClientKey() == null) {
+ EncryptionKey tmpKey = EncryptionHandler.string2Key(getClientPrincipal().getName(),
+ getPassword(), getChosenEncryptionType());
+ setClientKey(tmpKey);
+ }
+ return super.getClientKey();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithToken.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithToken.java
new file mode 100644
index 0000000..586c9ed
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/AsRequestWithToken.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOption;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class AsRequestWithToken extends AsRequest {
+
+ public AsRequestWithToken(KrbContext context) {
+ super(context);
+
+ setAllowedPreauth(PaDataType.TOKEN_REQUEST);
+ }
+
+ @Override
+ public void process() throws KrbException {
+ throw new RuntimeException("To be implemented");
+ }
+
+ @Override
+ public KrbOptions getPreauthOptions() {
+ KrbOptions results = new KrbOptions();
+
+ KrbOptions krbOptions = getKrbOptions();
+ results.add(krbOptions.getOption(KrbOption.TOKEN_USING_IDTOKEN));
+ results.add(krbOptions.getOption(KrbOption.TOKEN_USER_ID_TOKEN));
+ results.add(krbOptions.getOption(KrbOption.TOKEN_USER_AC_TOKEN));
+
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/KdcRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/KdcRequest.java
new file mode 100644
index 0000000..bbbadab
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/KdcRequest.java
@@ -0,0 +1,358 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.client.preauth.FastContext;
+import org.apache.kerby.kerberos.kerb.client.preauth.PreauthContext;
+import org.apache.kerby.kerberos.kerb.client.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcOptions;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcRep;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReqBody;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.transport.Transport;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * A wrapper for KdcReq request
+ */
+public abstract class KdcRequest {
+ private KrbContext context;
+ private Transport transport;
+
+ private KrbOptions krbOptions;
+ private PrincipalName serverPrincipal;
+ private List<HostAddress> hostAddresses = new ArrayList<HostAddress>();
+ private KdcOptions kdcOptions = new KdcOptions();
+ private List<EncryptionType> encryptionTypes;
+ private EncryptionType chosenEncryptionType;
+ private int chosenNonce;
+ private KdcReq kdcReq;
+ private KdcRep kdcRep;
+ protected Map<String, Object> credCache;
+ private PreauthContext preauthContext;
+ private FastContext fastContext;
+ private EncryptionKey asKey;
+
+ private KrbError errorReply;
+ private boolean isRetrying;
+
+ public KdcRequest(KrbContext context) {
+ this.context = context;
+ this.isRetrying = false;
+ this.credCache = new HashMap<String, Object>();
+ this.preauthContext = context.getPreauthHandler()
+ .preparePreauthContext(this);
+ this.fastContext = new FastContext();
+ }
+
+ public void setTransport(Transport transport) {
+ this.transport = transport;
+ }
+
+ public Transport getTransport() {
+ return this.transport;
+ }
+
+ public void setKrbOptions(KrbOptions options) {
+ this.krbOptions = options;
+ }
+
+ public KrbOptions getKrbOptions() {
+ return krbOptions;
+ }
+
+ public boolean isRetrying() {
+ return isRetrying;
+ }
+
+ public void setAsKey(EncryptionKey asKey) {
+ this.asKey = asKey;
+ }
+
+ public EncryptionKey getAsKey() throws KrbException {
+ return asKey;
+ }
+
+ public void setAllowedPreauth(PaDataType paType) {
+ preauthContext.setAllowedPaType(paType);
+ }
+
+ public Map<String, Object> getCredCache() {
+ return credCache;
+ }
+
+ public void setPreauthRequired(boolean preauthRequired) {
+ preauthContext.setPreauthRequired(preauthRequired);
+ }
+
+ public PreauthContext getPreauthContext() {
+ return preauthContext;
+ }
+
+ protected void loadCredCache() {
+ // TODO
+ }
+
+ public KdcReq getKdcReq() {
+ return kdcReq;
+ }
+
+ public void setKdcReq(KdcReq kdcReq) {
+ this.kdcReq = kdcReq;
+ }
+
+ public KdcRep getKdcRep() {
+ return kdcRep;
+ }
+
+ public void setKdcRep(KdcRep kdcRep) {
+ this.kdcRep = kdcRep;
+ }
+
+ protected KdcReqBody makeReqBody() throws KrbException {
+ KdcReqBody body = new KdcReqBody();
+
+ long startTime = System.currentTimeMillis();
+ body.setFrom(new KerberosTime(startTime));
+
+ PrincipalName cName = null;
+ cName = getClientPrincipal();
+ body.setCname(cName);
+
+ body.setRealm(cName.getRealm());
+
+ PrincipalName sName = getServerPrincipal();
+ body.setSname(sName);
+
+ body.setTill(new KerberosTime(startTime + getTicketValidTime()));
+
+ int nonce = generateNonce();
+ body.setNonce(nonce);
+ setChosenNonce(nonce);
+
+ body.setKdcOptions(getKdcOptions());
+
+ HostAddresses addresses = getHostAddresses();
+ if (addresses != null) {
+ body.setAddresses(addresses);
+ }
+
+ body.setEtypes(getEncryptionTypes());
+
+ return body;
+ }
+
+ public KdcOptions getKdcOptions() {
+ return kdcOptions;
+ }
+
+ public HostAddresses getHostAddresses() {
+ HostAddresses addresses = null;
+ if (!hostAddresses.isEmpty()) {
+ addresses = new HostAddresses();
+ for(HostAddress ha : hostAddresses) {
+ addresses.addElement(ha);
+ }
+ }
+ return addresses;
+ }
+
+ public KrbContext getContext() {
+ return context;
+ }
+
+ protected byte[] decryptWithClientKey(EncryptedData data, KeyUsage usage) throws KrbException {
+ return EncryptionHandler.decrypt(data, getClientKey(), usage);
+ }
+
+ public void setContext(KrbContext context) {
+ this.context = context;
+ }
+
+ public void setHostAddresses(List<HostAddress> hostAddresses) {
+ this.hostAddresses = hostAddresses;
+ }
+
+ public void setKdcOptions(KdcOptions kdcOptions) {
+ this.kdcOptions = kdcOptions;
+ }
+
+ public abstract PrincipalName getClientPrincipal();
+
+ public PrincipalName getServerPrincipal() {
+ return serverPrincipal;
+ }
+
+ public void setServerPrincipal(PrincipalName serverPrincipal) {
+ this.serverPrincipal = serverPrincipal;
+ }
+
+ public List<EncryptionType> getEncryptionTypes() {
+ if (encryptionTypes == null) {
+ encryptionTypes = context.getConfig().getEncryptionTypes();
+ }
+ return encryptionTypes;
+ }
+
+ public void setEncryptionTypes(List<EncryptionType> encryptionTypes) {
+ this.encryptionTypes = encryptionTypes;
+ }
+
+ public EncryptionType getChosenEncryptionType() {
+ return chosenEncryptionType;
+ }
+
+ public void setChosenEncryptionType(EncryptionType chosenEncryptionType) {
+ this.chosenEncryptionType = chosenEncryptionType;
+ }
+
+ public int generateNonce() {
+ return context.generateNonce();
+ }
+
+ public int getChosenNonce() {
+ return chosenNonce;
+ }
+
+ public void setChosenNonce(int nonce) {
+ this.chosenNonce = nonce;
+ }
+
+ public abstract EncryptionKey getClientKey() throws KrbException;
+
+ public long getTicketValidTime() {
+ return context.getTicketValidTime();
+ }
+
+ public KerberosTime getTicketTillTime() {
+ long now = System.currentTimeMillis();
+ return new KerberosTime(now + KerberosTime.MINUTE * 60 * 1000);
+ }
+
+ public void addHost(String hostNameOrIpAddress) throws UnknownHostException {
+ InetAddress address = InetAddress.getByName(hostNameOrIpAddress);
+ hostAddresses.add(new HostAddress(address));
+ }
+
+ public void process() throws KrbException {
+ preauth();
+ }
+
+ public abstract void processResponse(KdcRep kdcRep) throws KrbException;
+
+ public KrbOptions getPreauthOptions() {
+ return new KrbOptions();
+ }
+
+ protected void preauth() throws KrbException {
+ loadCredCache();
+
+ List<EncryptionType> etypes = getEncryptionTypes();
+ if (etypes.isEmpty()) {
+ throw new KrbException("No encryption type is configured and available");
+ }
+ EncryptionType encryptionType = etypes.iterator().next();
+ setChosenEncryptionType(encryptionType);
+
+ getPreauthHandler().preauth(this);
+ }
+
+ protected PreauthHandler getPreauthHandler() {
+ return getContext().getPreauthHandler();
+ }
+
+ /**
+ * Indicate interest in the AS key.
+ */
+ public void needAsKey() throws KrbException {
+ EncryptionKey clientKey = getClientKey();
+ if (clientKey == null) {
+ throw new RuntimeException("Client key should be prepared or prompted at this time!");
+ }
+ setAsKey(clientKey);
+ }
+
+ /**
+ * Get the enctype expected to be used to encrypt the encrypted portion of
+ * the AS_REP packet. When handling a PREAUTH_REQUIRED error, this
+ * typically comes from etype-info2. When handling an AS reply, it is
+ * initialized from the AS reply itself.
+ */
+ public EncryptionType getEncType() {
+
+ return getChosenEncryptionType();
+ }
+
+ public void askQuestion(String question, String challenge) {
+ preauthContext.getUserResponser().askQuestion(question, challenge);
+ }
+
+ /**
+ * Get a pointer to the FAST armor key, or NULL if the client is not using FAST.
+ */
+ public EncryptionKey getArmorKey() {
+ return fastContext.armorKey;
+ }
+
+ /**
+ * Get the current time for use in a preauth response. If
+ * allow_unauth_time is true and the library has been configured to allow
+ * it, the current time will be offset using unauthenticated timestamp
+ * information received from the KDC in the preauth-required error, if one
+ * has been received. Otherwise, the timestamp in a preauth-required error
+ * will only be used if it is protected by a FAST channel. Only set
+ * allow_unauth_time if using an unauthenticated time offset would not
+ * create a security issue.
+ */
+ public KerberosTime getPreauthTime() {
+ return KerberosTime.now();
+ }
+
+ /**
+ * Get a state item from an input ccache, which may allow it
+ * to retrace the steps it took last time. The returned data string is an
+ * alias and should not be freed.
+ */
+ public Object getCacheValue(String key) {
+ return credCache.get(key);
+ }
+
+ /**
+ * Set a state item which will be recorded to an output
+ * ccache, if the calling application supplied one. Both key and data
+ * should be valid UTF-8 text.
+ */
+ public void cacheValue(String key, Object value) {
+ credCache.put(key, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
new file mode 100644
index 0000000..699cd67
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
@@ -0,0 +1,136 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client.request;
+
+import org.apache.kerby.kerberos.kerb.client.KrbContext;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApOptions;
+import org.apache.kerby.kerberos.kerb.spec.ap.ApReq;
+import org.apache.kerby.kerberos.kerb.spec.ap.Authenticator;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.kdc.*;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+
+public class TgsRequest extends KdcRequest {
+ private TgtTicket tgt;
+ private ApReq apReq;
+
+ public TgsRequest(KrbContext context, TgtTicket tgtTicket) {
+ super(context);
+ this.tgt = tgtTicket;
+
+ setAllowedPreauth(PaDataType.TGS_REQ);
+ }
+
+ public PrincipalName getClientPrincipal() {
+ return tgt.getClientPrincipal();
+ }
+
+ @Override
+ public EncryptionKey getClientKey() throws KrbException {
+ return getSessionKey();
+ }
+
+ public EncryptionKey getSessionKey() {
+ return tgt.getSessionKey();
+ }
+
+ @Override
+ protected void preauth() throws KrbException {
+ apReq = makeApReq();
+ super.preauth();
+ }
+
+ @Override
+ public void process() throws KrbException {
+ super.process();
+
+ TgsReq tgsReq = new TgsReq();
+
+ KdcReqBody tgsReqBody = makeReqBody();
+ tgsReq.setReqBody(tgsReqBody);
+ tgsReq.setPaData(getPreauthContext().getOutputPaData());
+
+ setKdcReq(tgsReq);
+ }
+
+ private ApReq makeApReq() throws KrbException {
+ ApReq apReq = new ApReq();
+
+ Authenticator authenticator = makeAuthenticator();
+ EncryptionKey sessionKey = tgt.getSessionKey();
+ EncryptedData authnData = EncryptionUtil.seal(authenticator,
+ sessionKey, KeyUsage.TGS_REQ_AUTH);
+ apReq.setEncryptedAuthenticator(authnData);
+
+ apReq.setTicket(tgt.getTicket());
+ ApOptions apOptions = new ApOptions();
+ apReq.setApOptions(apOptions);
+
+ return apReq;
+ }
+
+ private Authenticator makeAuthenticator() {
+ Authenticator authenticator = new Authenticator();
+ authenticator.setCname(getClientPrincipal());
+ authenticator.setCrealm(tgt.getRealm());
+
+ authenticator.setCtime(KerberosTime.now());
+ authenticator.setCusec(0);
+
+ EncryptionKey sessionKey = tgt.getSessionKey();
+ authenticator.setSubKey(sessionKey);
+
+ return authenticator;
+ }
+
+ @Override
+ public void processResponse(KdcRep kdcRep) throws KrbException {
+ setKdcRep(kdcRep);
+
+ TgsRep tgsRep = (TgsRep) getKdcRep();
+ EncTgsRepPart encTgsRepPart = EncryptionUtil.unseal(tgsRep.getEncryptedEncPart(),
+ getSessionKey(),
+ KeyUsage.TGS_REP_ENCPART_SESSKEY, EncTgsRepPart.class);
+
+ tgsRep.setEncPart(encTgsRepPart);
+
+ if (getChosenNonce() != encTgsRepPart.getNonce()) {
+ throw new KrbException("Nonce didn't match");
+ }
+ }
+
+ public ServiceTicket getServiceTicket() {
+ ServiceTicket serviceTkt = new ServiceTicket(getKdcRep().getTicket(),
+ (EncTgsRepPart) getKdcRep().getEncPart());
+ return serviceTkt;
+ }
+
+ public ApReq getApReq() {
+ return apReq;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/resources/kdc-krb5.conf b/kerby-kerb/kerb-client/src/main/resources/kdc-krb5.conf
new file mode 100644
index 0000000..d118dd1
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/resources/kdc-krb5.conf
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = {0}
+ udp_preference_limit = 1
+
+[realms]
+ {0} = '{'
+ kdc = {1}:{2}
+ '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/resources/kdc.ldiff b/kerby-kerb/kerb-client/src/main/resources/kdc.ldiff
new file mode 100644
index 0000000..bc989c3
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/resources/kdc.ldiff
@@ -0,0 +1,46 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+dn: ou=users,dc=${0},dc=${1}
+objectClass: organizationalUnit
+objectClass: top
+ou: users
+
+dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: KDC Service
+sn: Service
+uid: krbtgt
+userPassword: secret
+krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
+krb5KeyVersionNumber: 0
+
+dn: uid=ldap,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: LDAP
+sn: Service
+uid: ldap
+userPassword: secret
+krb5PrincipalName: ldap/${4}@${2}.${3}
+krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/main/resources/krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/resources/krb5.conf b/kerby-kerb/kerb-client/src/main/resources/krb5.conf
new file mode 100644
index 0000000..4222475
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/resources/krb5.conf
@@ -0,0 +1,57 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = KRB.COM
+ dns_lookup_kdc = false
+ dns_lookup_realm = false
+ allow_weak_crypto = true
+ ticket_lifetime = 86400
+ renew_lifetime = 604800
+ forwardable = true
+ permitted_enctypes = des-cbc-crc aes128-cts-hmac-sha1-96
+ clockskew = 300
+ proxiable = true
+ default_tgs_enctypes = des-cbc-crc
+ default_tkt_enctypes = des-cbc-crc
+[realms]
+# ATHENA.MIT.EDU = {
+# admin_server = KERBEROS.MIT.EDU
+# default_domain = MIT.EDU
+# v4_instance_convert = {
+# mit = mit.edu
+# lithium = lithium.lcs.mit.edu
+# }
+# }
+# ANDREW.CMU.EDU = {
+# admin_server = vice28.fs.andrew.cmu.edu
+# }
+# GNU.ORG = {
+# kdc = kerberos.gnu.org
+# kdc = kerberos-2.gnu.org
+# admin_server = kerberos.gnu.org
+# }
+[domain_realm]
+ .mit.edu = ATHENA.MIT.EDU
+ mit.edu = ATHENA.MIT.EDU
+ .media.mit.edu = MEDIA-LAB.MIT.EDU
+ media.mit.edu = MEDIA-LAB.MIT.EDU
+ .ucsc.edu = CATS.UCSC.EDU
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
new file mode 100644
index 0000000..b766c48
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.config.Conf;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.URL;
+
+import org.junit.Test;
+import org.junit.Assert;
+
+
+/**
+ * Test for loading configurations form krb5.conf.
+ * krb5.conf is the configuration file in MIT Kerberos.
+ */
+public class TestKrbConfigLoad {
+
+ @Test
+ public void test() throws IOException, URISyntaxException {
+ URL confFileUrl = TestKrbConfigLoad.class.getResource("/krb5.conf");
+ File confFile = new File(confFileUrl.toURI());
+
+ KrbConfig krbConfig = new KrbConfig();
+ Conf conf = krbConfig.getConf();
+ conf.addIniConfig(confFile);
+
+ Assert.assertEquals(krbConfig.getDefaultRealm(), "KRB.COM");
+ Assert.assertFalse(krbConfig.getDnsLookUpKdc());
+ Assert.assertFalse(krbConfig.getDnsLookUpRealm());
+ Assert.assertTrue(krbConfig.getAllowWeakCrypto());
+ Assert.assertEquals(krbConfig.getTicketLifetime(), 24 * 3600);
+ Assert.assertEquals(krbConfig.getRenewLifetime(), 7 * 24 * 3600);
+ Assert.assertTrue(krbConfig.isForwardableAllowed());
+ Assert.assertEquals(krbConfig.getEncryptionTypes().size(), 2);
+ Assert.assertEquals(krbConfig.getEncryptionTypes().get(0), EncryptionType.DES_CBC_CRC);
+ Assert.assertEquals(krbConfig.getEncryptionTypes().get(1), EncryptionType.AES128_CTS_HMAC_SHA1_96);
+ Assert.assertEquals(krbConfig.getAllowableClockSkew(), 300);
+ Assert.assertTrue(krbConfig.isProxiableAllowed());
+ Assert.assertEquals(krbConfig.getDefaultTgsEnctypes().size(), 1);
+ Assert.assertEquals(krbConfig.getDefaultTgsEnctypes().get(0), EncryptionType.DES_CBC_CRC);
+ Assert.assertEquals(krbConfig.getDefaultTktEnctypes().size(), 1);
+ Assert.assertEquals(krbConfig.getDefaultTktEnctypes().get(0), EncryptionType.DES_CBC_CRC);
+
+ Assert.assertEquals(krbConfig.getDefaultLoggingLocation(), "FILE:/var/log/krb5libs.log");
+ Assert.assertEquals(krbConfig.getKdcLoggingLocation(), "FILE:/var/log/krb5kdc.log");
+ Assert.assertEquals(krbConfig.getAdminLoggingLocation(), "FILE:/var/log/kadmind.log");
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/pom.xml b/kerby-kerb/kerb-common/pom.xml
new file mode 100644
index 0000000..d21d320
--- /dev/null
+++ b/kerby-kerb/kerb-common/pom.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-common</artifactId>
+ <name>Kerby-kerb Common</name>
+ <description>Kerby-kerb Common facilities for both client and server</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-event</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-crypto</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/KrbThrow.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/KrbThrow.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/KrbThrow.java
new file mode 100644
index 0000000..ee9c962
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/KrbThrow.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+public class KrbThrow {
+
+ public static KrbException out(MessageCode messageCode) throws KrbException {
+ throw new KrbException(Message.getMessage(messageCode));
+ }
+
+ public static void out(MessageCode messageCode, Exception e) throws KrbException {
+ throw new KrbException(Message.getMessage(messageCode), e);
+ }
+
+ public static void out(MessageCode messageCode, String message) throws KrbException {
+ throw new KrbException(Message.getMessage(messageCode) + ":" + message);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/Message.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/Message.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/Message.java
new file mode 100644
index 0000000..5712f51
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/Message.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class Message {
+ private static Map<MessageCode, String> entries = new HashMap<MessageCode, String>();
+
+ public static void init() {
+
+ }
+
+ public static void define(MessageCode code, String message) {
+ entries.put(code, message);
+ }
+
+ public static String getMessage(MessageCode code) {
+ String msg = entries.get(code);
+ if (msg == null) {
+ msg = code.getCodeName();
+ }
+ return msg;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/MessageCode.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/MessageCode.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/MessageCode.java
new file mode 100644
index 0000000..a8ada14
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/MessageCode.java
@@ -0,0 +1,24 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb;
+
+public interface MessageCode {
+ public String getCodeName();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/EncryptionUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/EncryptionUtil.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/EncryptionUtil.java
new file mode 100644
index 0000000..aa9618d
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/EncryptionUtil.java
@@ -0,0 +1,98 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.asn1.type.AbstractAsn1Type;
+import org.apache.kerby.asn1.type.Asn1Type;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.crypto.EncTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class EncryptionUtil {
+
+ public static List<EncryptionKey> generateKeys(List<EncryptionType> encryptionTypes) throws KrbException {
+ List<EncryptionKey> results = new ArrayList<EncryptionKey>(encryptionTypes.size());
+ EncryptionKey encKey;
+ for (EncryptionType eType : encryptionTypes) {
+ encKey = EncryptionHandler.random2Key(eType);
+ results.add(encKey);
+ }
+
+ return results;
+ }
+
+ public static List<EncryptionKey> generateKeys(String principal, String passwd,
+ List<EncryptionType> encryptionTypes) throws KrbException {
+ List<EncryptionKey> results = new ArrayList<EncryptionKey>(encryptionTypes.size());
+ EncryptionKey encKey;
+ for (EncryptionType eType : encryptionTypes) {
+ encKey = EncryptionHandler.string2Key(principal, passwd, eType);
+ results.add(encKey);
+ }
+
+ return results;
+ }
+
+ public static EncryptionType getBestEncryptionType(List<EncryptionType> requestedTypes,
+ List<EncryptionType> configuredTypes) {
+ for (EncryptionType encryptionType : configuredTypes) {
+ if (requestedTypes.contains(encryptionType)) {
+ return encryptionType;
+ }
+ }
+
+ return null;
+ }
+
+ public static EncryptedData seal(AbstractAsn1Type asn1Type,
+ EncryptionKey key, KeyUsage usage) throws KrbException {
+ byte[] encoded = asn1Type.encode();
+ EncryptedData encrypted = EncryptionHandler.encrypt(encoded, key, usage);
+ return encrypted;
+ }
+
+ public static <T extends Asn1Type> T unseal(EncryptedData encrypted, EncryptionKey key,
+ KeyUsage usage, Class<T> krbType) throws KrbException {
+ byte[] encoded = EncryptionHandler.decrypt(encrypted, key, usage);
+ return KrbCodec.decode(encoded, krbType);
+ }
+
+ public static byte[] encrypt(EncryptionKey key,
+ byte[] plaintext, int usage) throws KrbException {
+ EncTypeHandler encType = EncryptionHandler.getEncHandler(key.getKeyType());
+ byte[] cipherData = encType.encrypt(plaintext, key.getKeyData(), usage);
+ return cipherData;
+ }
+
+ public static byte[] decrypt(EncryptionKey key,
+ byte[] cipherData, int usage) throws KrbException {
+ EncTypeHandler encType = EncryptionHandler.getEncHandler(key.getKeyType());
+ byte[] plainData = encType.decrypt(cipherData, key.getKeyData(), usage);
+ return plainData;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
new file mode 100644
index 0000000..0100b0b
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.config.Conf;
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * Help KrbConfig and KdcConfig to load configs.
+ */
+public class KrbConfHelper {
+ /**
+ * The regex to split a config value(string) to a list of config value(string list).
+ */
+ private static final String LIST_SPLITTER = " ";
+
+ public static String getStringUnderSection(Conf conf, SectionConfigKey key) {
+ Config subConfig = conf.getConfig(key.getSectionName());
+ if (subConfig != null) {
+ return subConfig.getString(key);
+ } else {
+ return (String) key.getDefaultValue();
+ }
+ }
+
+ public static boolean getBooleanUnderSection(Conf conf, SectionConfigKey key) {
+ Config subConfig = conf.getConfig(key.getSectionName());
+ if (subConfig != null) {
+ return subConfig.getBoolean(key);
+ } else {
+ return (Boolean) key.getDefaultValue();
+ }
+ }
+
+ public static long getLongUnderSection(Conf conf, SectionConfigKey key) {
+ Config subConfig = conf.getConfig(key.getSectionName());
+ if (subConfig != null) {
+ return subConfig.getLong(key);
+ } else {
+ return (Long) key.getDefaultValue();
+ }
+ }
+
+ public static int getIntUnderSection(Conf conf, SectionConfigKey key) {
+ Config subConfig = conf.getConfig(key.getSectionName());
+ if (subConfig != null) {
+ return subConfig.getInt(key);
+ } else {
+ return (Integer) key.getDefaultValue();
+ }
+ }
+
+ public static String[] getStringArrayUnderSection(Conf conf, SectionConfigKey key) {
+ String value = getStringUnderSection(conf, key);
+ String[] values = value.split(LIST_SPLITTER);
+ return values;
+ }
+
+ public static List<EncryptionType> getEncTypesUnderSection(Conf conf, SectionConfigKey key) {
+ String[] encTypesNames = getStringArrayUnderSection(conf, key);
+ return getEncryptionTypes(encTypesNames);
+ }
+
+ public static List<EncryptionType> getEncryptionTypes(String[] encTypeNames) {
+ return getEncryptionTypes(Arrays.asList(encTypeNames));
+ }
+
+ public static List<EncryptionType> getEncryptionTypes(List<String> encTypeNames) {
+ List<EncryptionType> results = new ArrayList<EncryptionType>(encTypeNames.size());
+
+ EncryptionType eType;
+ for (String eTypeName : encTypeNames) {
+ eType = EncryptionType.fromName(eTypeName);
+ if (eType != EncryptionType.NONE) {
+ results.add(eType);
+ }
+ }
+ return results;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbErrorUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbErrorUtil.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbErrorUtil.java
new file mode 100644
index 0000000..e252d5b
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbErrorUtil.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+public class KrbErrorUtil {
+
+ public static List<EncryptionType> getEtypes(KrbError error) throws IOException {
+ MethodData methodData = new MethodData();
+ methodData.decode(error.getEdata());
+
+ for( PaDataEntry pd : methodData.getElements()) {
+ if( pd.getPaDataType() == PaDataType.ETYPE_INFO2 ) {
+ return getEtypes2(pd.getPaDataValue());
+ }
+ else if( pd.getPaDataType() == PaDataType.ETYPE_INFO ) {
+ return getEtypes(pd.getPaDataValue());
+ }
+ }
+ return Collections.EMPTY_LIST;
+ }
+
+ private static List<EncryptionType> getEtypes(byte[] data) throws IOException {
+ EtypeInfo info = new EtypeInfo();
+ info.decode(data);
+ List<EncryptionType> results = new ArrayList<EncryptionType>();
+ for( EtypeInfoEntry entry : info.getElements() ) {
+ results.add(entry.getEtype());
+ }
+ return results;
+ }
+
+ private static List<EncryptionType> getEtypes2(byte[] data) throws IOException {
+ EtypeInfo2 info2 = new EtypeInfo2();
+ info2.decode(data);
+ List<EncryptionType> results = new ArrayList<EncryptionType>();
+ for( EtypeInfo2Entry entry : info2.getElements() ) {
+ results.add(entry.getEtype());
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbStreamingDecoder.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbStreamingDecoder.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbStreamingDecoder.java
new file mode 100644
index 0000000..82015ee
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbStreamingDecoder.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.transport.tcp.DecodingCallback;
+import org.apache.kerby.transport.tcp.StreamingDecoder;
+
+import java.nio.ByteBuffer;
+
+public class KrbStreamingDecoder implements StreamingDecoder {
+
+ @Override
+ public void decode(ByteBuffer streamingBuffer, DecodingCallback callback) {
+ if (streamingBuffer.remaining() >= 4) {
+ int len = streamingBuffer.getInt();
+ if (streamingBuffer.remaining() >= len) {
+ callback.onMessageComplete(len + 4);
+ } else {
+ callback.onMoreDataNeeded(len + 4);
+ }
+ } else {
+ callback.onMoreDataNeeded();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbUtil.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbUtil.java
new file mode 100644
index 0000000..77e9d56
--- /dev/null
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbUtil.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.common;
+
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.transport.Transport;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class KrbUtil {
+
+ public static void sendMessage(KrbMessage message, Transport transport) {
+ int bodyLen = message.encodingLength();
+ ByteBuffer buffer = ByteBuffer.allocate(bodyLen + 4);
+ buffer.putInt(bodyLen);
+ message.encode(buffer);
+ buffer.flip();
+ transport.sendMessage(buffer);
+ }
+
+ public static KrbMessage decodeMessage(ByteBuffer message) throws IOException {
+ int bodyLen = message.getInt();
+ assert (message.remaining() >= bodyLen);
+
+ KrbMessage krbMessage = KrbCodec.decodeMessage(message);
+
+ return krbMessage;
+ }
+
+}
[04/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
new file mode 100644
index 0000000..629446e
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
@@ -0,0 +1,346 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.*;
+
+public class ConfigImpl implements Config {
+ private static final Logger logger = LoggerFactory.getLogger(Config.class);
+
+ private String resource;
+ private Map<String, ConfigObject> properties;
+ /**
+ * Config resources
+ */
+ private List<Config> configs;
+
+ private Set<String> propNames;
+
+ protected ConfigImpl(String resource) {
+ this.resource = resource;
+ this.properties = new HashMap<String, ConfigObject>();
+ this.configs = new ArrayList<Config>(0);
+ }
+
+ protected void reset() {
+ this.properties.clear();
+ this.configs.clear();
+ }
+
+ @Override
+ public String getResource() {
+ return resource;
+ }
+
+ @Override
+ public Set<String> getNames() {
+ reloadNames();
+ return propNames;
+ }
+
+ @Override
+ public String getString(String name) {
+ String result = null;
+
+ ConfigObject co = properties.get(name);
+ if (co != null) {
+ result = co.getPropertyValue();
+ }
+
+ if (result == null) {
+ for (Config config : configs) {
+ result = config.getString(name);
+ if (result != null) break;
+ }
+ }
+
+ return result;
+ }
+
+ @Override
+ public String getString(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getString(name.getPropertyKey(), (String) name.getDefaultValue());
+ }
+ return getString(name.getPropertyKey());
+ }
+
+ @Override
+ public String getString(String name, String defaultValue) {
+ String result = getString(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public String getTrimmed(String name) {
+ String result = getString(name);
+ if (null != result) {
+ result = result.trim();
+ }
+ return result;
+ }
+
+ @Override
+ public String getTrimmed(ConfigKey name) {
+ return getTrimmed(name.getPropertyKey());
+ }
+
+ @Override
+ public Integer getInt(String name) {
+ Integer result = null;
+ String value = getTrimmed(name);
+ if (value != null) {
+ result = Integer.valueOf(value);
+ }
+ return result;
+ }
+
+ @Override
+ public Integer getInt(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getInt(name.getPropertyKey(), (Integer) name.getDefaultValue());
+ }
+ return getInt(name.getPropertyKey());
+ }
+
+ @Override
+ public Integer getInt(String name, int defaultValue) {
+ Integer result = getInt(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public Long getLong(String name) {
+ Long result = null;
+ String value = getTrimmed(name);
+ if (value != null) {
+ result = Long.valueOf(value);
+ }
+ return result;
+ }
+
+ @Override
+ public Long getLong(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getLong(name.getPropertyKey(), (Long) name.getDefaultValue());
+ }
+ return getLong(name.getPropertyKey());
+ }
+
+ @Override
+ public Long getLong(String name, long defaultValue) {
+ Long result = getLong(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public Float getFloat(String name) {
+ Float result = null;
+ String value = getTrimmed(name);
+ if (value != null) {
+ result = Float.valueOf(value);
+ }
+ return result;
+ }
+
+ @Override
+ public Float getFloat(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getFloat(name.getPropertyKey(), (Float) name.getDefaultValue());
+ }
+ return getFloat(name.getPropertyKey());
+ }
+
+ @Override
+ public Float getFloat(String name, float defaultValue) {
+ Float result = getFloat(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public Boolean getBoolean(String name) {
+ Boolean result = null;
+ String value = getTrimmed(name);
+ if (value != null) {
+ result = Boolean.valueOf(value);
+ }
+ return result;
+ }
+
+ @Override
+ public Boolean getBoolean(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getBoolean(name.getPropertyKey(), (Boolean) name.getDefaultValue());
+ }
+ return getBoolean(name.getPropertyKey());
+ }
+
+ @Override
+ public Boolean getBoolean(String name, boolean defaultValue) {
+ Boolean result = getBoolean(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public List<String> getList(String name) {
+ List<String> results = null;
+ ConfigObject co = properties.get(name);
+ if (co != null) {
+ results = co.getListValues();
+ }
+ return results;
+ }
+
+ @Override
+ public List<String> getList(String name, String[] defaultValue) {
+ List<String> results = getList(name);
+ if (results == null) {
+ results = Arrays.asList(defaultValue);
+ }
+ return results;
+ }
+
+ @Override
+ public List<String> getList(ConfigKey name) {
+ if (name.getDefaultValue() != null) {
+ return getList(name.getPropertyKey(), (String[]) name.getDefaultValue());
+ }
+ return getList(name.getPropertyKey());
+ }
+
+ @Override
+ public Config getConfig(String name) {
+ Config result = null;
+ ConfigObject co = properties.get(name);
+ if (co != null) {
+ result = co.getConfigValue();
+ }
+ return result;
+ }
+
+ @Override
+ public Config getConfig(ConfigKey name) {
+ return getConfig(name.getPropertyKey());
+ }
+
+ @Override
+ public Class<?> getClass(String name) throws ClassNotFoundException {
+ Class<?> result = null;
+
+ String valueString = getString(name);
+ if (valueString != null) {
+ Class<?> cls = Class.forName(name);
+ result = cls;
+ }
+
+ return result;
+ }
+
+ @Override
+ public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException {
+ Class<?> result = getClass(name);
+ if (result == null) {
+ result = defaultValue;
+ }
+ return result;
+ }
+
+ @Override
+ public Class<?> getClass(ConfigKey name) throws ClassNotFoundException {
+ if (name.getDefaultValue() != null) {
+ return getClass(name.getPropertyKey(), (Class<?>) name.getDefaultValue());
+ }
+ return getClass(name.getPropertyKey());
+ }
+
+ @Override
+ public <T> T getInstance(String name) throws ClassNotFoundException {
+ return getInstance(name, null);
+ }
+
+ @Override
+ public <T> T getInstance(ConfigKey name) throws ClassNotFoundException {
+ return getInstance(name.getPropertyKey());
+ }
+
+ @Override
+ public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException {
+ T result = null;
+
+ Class<?> cls = getClass(name, null);
+ if (xface != null && !xface.isAssignableFrom(cls)) {
+ throw new RuntimeException(cls + " does not implement " + xface);
+ }
+ try {
+ result = (T) cls.newInstance();
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to create instance with class " + cls.getName());
+ }
+
+ return result;
+ }
+
+ protected void set(String name, String value) {
+ ConfigObject co = new ConfigObject(value);
+ set(name, co);
+ }
+
+ protected void set(String name, Config value) {
+ ConfigObject co = new ConfigObject(value);
+ set(name, co);
+ }
+
+ protected void set(String name, ConfigObject value) {
+ this.properties.put(name, value);
+ }
+
+ protected void add(Config config) {
+ this.configs.add(config);
+ }
+
+ private void reloadNames() {
+ if (propNames != null) {
+ propNames.clear();
+ }
+ propNames = new HashSet<String>(properties.keySet());
+ for (Config config : configs) {
+ propNames.addAll(config.getNames());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigKey.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigKey.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigKey.java
new file mode 100644
index 0000000..47f7727
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigKey.java
@@ -0,0 +1,25 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+public interface ConfigKey {
+ public String getPropertyKey();
+ public Object getDefaultValue();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigLoader.java
new file mode 100644
index 0000000..476ed4c
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigLoader.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+public abstract class ConfigLoader {
+ private Resource resource;
+ private ConfigImpl config;
+
+ protected void setResource(Resource resource) {
+ this.resource = resource;
+ }
+
+ protected void setConfig(ConfigImpl config) {
+ this.config = config;
+ }
+
+ public Config load() {
+ if (config == null) {
+ config = new ConfigImpl(resource.getName());
+ }
+ config.reset();
+
+ try {
+ loadConfig(config, resource);
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to load org.haox.config", e);
+ }
+
+ return this.config;
+ }
+
+ protected abstract void loadConfig(ConfigImpl config, Resource resource) throws Exception;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigObject.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigObject.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigObject.java
new file mode 100644
index 0000000..c915af6
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigObject.java
@@ -0,0 +1,80 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class ConfigObject {
+ protected static enum VALUE_TYPE { PROPERTY, LIST, CONFIG };
+
+ private VALUE_TYPE valueType;
+ private Object value;
+
+ public ConfigObject(String value) {
+ this.value = value;
+ this.valueType = VALUE_TYPE.PROPERTY;
+ }
+
+ public ConfigObject(String[] values) {
+ List<String> valuesList = new ArrayList<String>();
+ for (String v : values) {
+ valuesList.add(v);
+ }
+
+ this.value = valuesList;
+ this.valueType = VALUE_TYPE.LIST;
+ }
+
+ public ConfigObject(List<String> values) {
+ this.value = new ArrayList<String>(values);
+ this.valueType = VALUE_TYPE.LIST;
+ }
+
+ public ConfigObject(Config value) {
+ this.value = value;
+ this.valueType = VALUE_TYPE.CONFIG;
+ }
+
+ public String getPropertyValue() {
+ String result = null;
+ if (valueType == VALUE_TYPE.PROPERTY) {
+ result = (String) value;
+ }
+ return result;
+ }
+
+ public List<String> getListValues() {
+ List<String> results = null;
+ if (valueType == VALUE_TYPE.LIST) {
+ results = (List<String>) value;
+ }
+
+ return results;
+ }
+
+ public Config getConfigValue() {
+ Config result = null;
+ if (valueType == VALUE_TYPE.CONFIG) {
+ result = (Config) value;
+ }
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/IniConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/IniConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/IniConfigLoader.java
new file mode 100644
index 0000000..cf9f56b
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/IniConfigLoader.java
@@ -0,0 +1,69 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+
+public class IniConfigLoader extends ConfigLoader {
+ private static final String COMMENT_SYMBOL = "#";
+
+ private ConfigImpl rootConfig;
+ private ConfigImpl currentConfig;
+
+ /**
+ * Load configs form the INI configuration format file.
+ */
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) throws IOException {
+ rootConfig = config;
+ currentConfig = config;
+
+ InputStream is = (InputStream) resource.getResource();
+ BufferedReader reader = new BufferedReader(new InputStreamReader(is));
+
+ String line;
+ while ((line = reader.readLine()) != null) {
+ parseLine(line);
+ }
+ }
+
+ private void parseLine(String line) {
+ line = line.trim();
+
+ if (line.startsWith(COMMENT_SYMBOL)) {
+ return;
+ }
+
+ if (line.matches("\\[.*\\]")) {
+ String subConfigName = line.replaceFirst("\\[(.*)\\]", "$1");
+ ConfigImpl subConfig = new ConfigImpl(subConfigName);
+ rootConfig.set(subConfigName, subConfig);
+ currentConfig = subConfig;
+ } else if (line.matches(".*=.*")) {
+ int i = line.indexOf('=');
+ String name = line.substring(0, i).trim();
+ String value = line.substring(i + 1).trim();
+ currentConfig.set(name, value);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/JsonConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/JsonConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/JsonConfigLoader.java
new file mode 100644
index 0000000..5a51175
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/JsonConfigLoader.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+public class JsonConfigLoader extends ConfigLoader {
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/MapConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/MapConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/MapConfigLoader.java
new file mode 100644
index 0000000..f83517f
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/MapConfigLoader.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.util.Map;
+
+public class MapConfigLoader extends ConfigLoader {
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) {
+ Map<String, String> mapConfig = (Map<String, String>) resource.getResource();
+ String value;
+ for (String key : mapConfig.keySet()) {
+ value = mapConfig.get(key);
+ config.set(key, value);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesConfigLoader.java
new file mode 100644
index 0000000..e0b9782
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesConfigLoader.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.util.Properties;
+
+public class PropertiesConfigLoader extends ConfigLoader {
+
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
+ Properties propConfig = (Properties) resource.getResource();
+ loadConfig(config, propConfig);
+ }
+
+ protected void loadConfig(ConfigImpl config, Properties propConfig) {
+ Object value;
+ for (Object key : propConfig.keySet()) {
+ if (key instanceof String) {
+ value = propConfig.getProperty((String) key);
+ if (value != null && value instanceof String) {
+ config.set((String) key, (String) value);
+ }
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesFileConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesFileConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesFileConfigLoader.java
new file mode 100644
index 0000000..ba8660f
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/PropertiesFileConfigLoader.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.io.InputStream;
+import java.util.Properties;
+
+public class PropertiesFileConfigLoader extends PropertiesConfigLoader {
+
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
+ Properties propConfig = new Properties();
+ propConfig.load((InputStream) resource.getResource());
+ loadConfig(config, propConfig);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/Resource.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/Resource.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/Resource.java
new file mode 100644
index 0000000..9da0405
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/Resource.java
@@ -0,0 +1,119 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URL;
+import java.util.Map;
+import java.util.Properties;
+
+public class Resource {
+ public static enum Format {
+ XML_FILE(XmlConfigLoader.class),
+ INI_FILE(IniConfigLoader.class),
+ JSON_FILE(JsonConfigLoader.class),
+ PROPERTIES_FILE(PropertiesFileConfigLoader.class),
+ MAP(MapConfigLoader.class),
+ PROPERTIES(PropertiesConfigLoader.class);
+
+ private Class<? extends ConfigLoader> loaderClass;
+
+ private Format(Class<? extends ConfigLoader> loaderClass) {
+ this.loaderClass = loaderClass;
+ }
+
+ public Class<? extends ConfigLoader> getLoaderClass() {
+ return loaderClass;
+ }
+ }
+
+ private String name;
+ private Object resource;
+ private Format format;
+
+ public static Resource createXmlResource(File xmlFile) throws IOException {
+ return new Resource(xmlFile.getName(), xmlFile, Format.XML_FILE);
+ }
+
+ public static Resource createIniResource(File iniFile) throws IOException {
+ return new Resource(iniFile.getName(), iniFile, Format.INI_FILE);
+ }
+
+ public static Resource createJsonResource(File jsonFile) throws IOException {
+ return new Resource(jsonFile.getName(), jsonFile, Format.JSON_FILE);
+ }
+
+ public static Resource createXmlResource(URL xmlUrl) throws IOException {
+ return new Resource(xmlUrl, Format.XML_FILE);
+ }
+
+ public static Resource createIniResource(URL iniUrl) throws IOException {
+ return new Resource(iniUrl, Format.INI_FILE);
+ }
+
+ public static Resource createJsonResource(URL jsonUrl) throws IOException {
+ return new Resource(jsonUrl, Format.JSON_FILE);
+ }
+
+ public static Resource createMapResource(Map<String,String> mapConfig) {
+ return new Resource("mapConfig", mapConfig, Format.MAP);
+ }
+
+ public static Resource createPropertiesFileResource(File propFile) throws IOException {
+ return new Resource(propFile.getName(), propFile, Format.PROPERTIES_FILE);
+ }
+
+ public static Resource createPropertiesResource(Properties propertiesConfig) {
+ return new Resource("propConfig", propertiesConfig, Format.PROPERTIES);
+ }
+
+ private Resource(String name, File resourceFile, Format format) throws FileNotFoundException {
+ this(name, new FileInputStream(resourceFile), format);
+ }
+
+ private Resource(URL resourceUrl, Format format) throws IOException {
+ this(resourceUrl.toString(), resourceUrl.openStream(), format);
+ }
+
+ private Resource(String name, Object resourceStream, Format format) {
+ this.name = name;
+ this.resource = resourceStream;
+ this.format = format;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public Object getResource() {
+ return resource;
+ }
+
+ public Format getFormat() {
+ return format;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/main/java/org/apache/kerby/config/XmlConfigLoader.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/XmlConfigLoader.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/XmlConfigLoader.java
new file mode 100644
index 0000000..2208abc
--- /dev/null
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/XmlConfigLoader.java
@@ -0,0 +1,159 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.*;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+public class XmlConfigLoader extends ConfigLoader {
+ private static final Logger logger = LoggerFactory.getLogger(Config.class);
+
+ @Override
+ protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
+ Element doc = loadResourceDocument(resource);
+ loadConfig((ConfigImpl) config, doc);
+ }
+
+ private Element loadResourceDocument(Resource resource) throws Exception {
+ DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
+
+ docBuilderFactory.setIgnoringComments(true);
+ docBuilderFactory.setNamespaceAware(true);
+ try {
+ docBuilderFactory.setXIncludeAware(true);
+ } catch (UnsupportedOperationException e) {
+ logger.error("Failed to set setXIncludeAware(true) for parser", e);
+ }
+ DocumentBuilder builder = docBuilderFactory.newDocumentBuilder();
+ InputStream is = (InputStream) resource.getResource();
+ Document doc = null;
+ try {
+ doc = builder.parse(is);
+ } finally {
+ is.close();
+ }
+
+ Element root = doc.getDocumentElement();
+ validateConfig(root);
+
+ return root;
+ }
+
+ private boolean validateConfig(Element root) {
+ boolean valid = false;
+
+ if ("config".equals(root.getTagName())) {
+ valid = true;
+ } else {
+ logger.error("bad conf element: top-level element not <configuration>");
+ }
+
+ return valid;
+ }
+
+ private void loadConfig(ConfigImpl conifg, Element element) {
+ String name;
+ ConfigObject value;
+
+ NodeList props = element.getChildNodes();
+ for (int i = 0; i < props.getLength(); i++) {
+ Node subNode = props.item(i);
+ if (!(subNode instanceof Element)) {
+ continue;
+ }
+
+ Element prop = (Element)subNode;
+ name = getElementName(prop);
+ if (name == null) {
+ continue;
+ }
+
+ value = null;
+ String tagName = prop.getTagName();
+ if ("property".equals(tagName) && prop.hasChildNodes()) {
+ value = loadProperty(prop);
+ } else if ("config".equals(tagName) && prop.hasChildNodes()) {
+ ConfigImpl cfg = new ConfigImpl(name);
+ loadConfig(cfg, prop);
+ value = new ConfigObject(cfg);
+ }
+
+ if (name != null) {
+ conifg.set(name, value);
+ }
+ }
+ }
+
+ private static ConfigObject loadProperty(Element ele) {
+ String value = null;
+ if (ele.getFirstChild() instanceof Text) {
+ value = ((Text)ele.getFirstChild()).getData();
+ return new ConfigObject(value);
+ }
+
+ ConfigObject result = null;
+ NodeList nodes = ele.getChildNodes();
+ List<String> values = new ArrayList<String>(nodes.getLength());
+ for (int i = 0; i < nodes.getLength(); i++) {
+ value = null;
+ Node valueNode = nodes.item(i);
+ if (!(valueNode instanceof Element))
+ continue;
+
+ Element valueEle = (Element)valueNode;
+ if ("value".equals(valueEle.getTagName()) && valueEle.hasChildNodes()) {
+ value = ((Text)valueEle.getFirstChild()).getData();
+ }
+
+ if (value != null) {
+ values.add(value);
+ }
+ }
+ return new ConfigObject(values);
+ }
+
+ private static String getElementName(Element ele) {
+ String name, value;
+ Node node;
+ Attr attr;
+
+ NamedNodeMap nnm = ele.getAttributes();
+ for (int i = 0; i < nnm.getLength(); ++i) {
+ node = nnm.item(i);
+ if (!(node instanceof Attr))
+ continue;
+ attr = (Attr) node;
+ name = attr.getName();
+ value = attr.getValue();
+
+ if ("name".equals(name)) {
+ return value;
+ }
+ }
+ return null;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfTest.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfTest.java b/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfTest.java
new file mode 100644
index 0000000..9a7ffdb
--- /dev/null
+++ b/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfTest.java
@@ -0,0 +1,133 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+/**
+ * The test is base on the Conf level.
+ * We hope users use the Conf object only, and don't need to care about its internal implementation.
+ */
+public class ConfTest {
+
+ @Test
+ public void testMapConfig() {
+ String strProp = "hello";
+ Integer intProp = 123456;
+ Boolean boolProp = true;
+ Map<String, String> mapConfig = new HashMap<String, String>();
+ mapConfig.put("strProp", strProp);
+ mapConfig.put("intProp", String.valueOf(intProp));
+ mapConfig.put("boolProp", String.valueOf(boolProp));
+
+ Conf conf = new Conf();
+ conf.addMapConfig(mapConfig);
+ Assert.assertEquals(conf.getString("strProp"), strProp);
+ Assert.assertEquals(conf.getInt("intProp"), intProp);
+ Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
+ }
+
+ @Test
+ public void testPropertiesConfig() {
+ String strProp = "hello";
+ Integer intProp = 123456;
+ Boolean boolProp = true;
+ Properties properties = new Properties();
+ properties.setProperty("strProp", strProp);
+ properties.setProperty("intProp", String.valueOf(intProp));
+ properties.setProperty("boolProp", String.valueOf(boolProp));
+
+ Conf conf = new Conf();
+ conf.addPropertiesConfig(properties);
+ Assert.assertEquals(conf.getString("strProp"), strProp);
+ Assert.assertEquals(conf.getInt("intProp"), intProp);
+ Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
+ }
+
+ /**
+ * Test for whether can get right value form the conf which contains many config resources.
+ */
+ @Test
+ public void testMixedConfig() {
+ String mapStrProp = "hello map";
+ Integer intProp = 123456;
+ Map<String, String> mapConfig = new HashMap<String, String>();
+ mapConfig.put("mapStrProp", mapStrProp);
+ mapConfig.put("intProp", String.valueOf(intProp));
+
+ String propertiesStrProp = "hello properties";
+ Boolean boolProp = true;
+ Properties properties = new Properties();
+ properties.setProperty("propertiesStrProp", propertiesStrProp);
+ properties.setProperty("boolProp", String.valueOf(boolProp));
+
+ Conf conf = new Conf();
+ conf.addMapConfig(mapConfig);
+ conf.addPropertiesConfig(properties);
+ Assert.assertEquals(conf.getConfig("mapConfig"), null);
+ Assert.assertEquals(conf.getString("mapStrProp"), mapStrProp);
+ Assert.assertEquals(conf.getString("propertiesStrProp"), propertiesStrProp);
+ Assert.assertEquals(conf.getInt("intProp"), intProp);
+ Assert.assertEquals(conf.getBoolean("boolProp"), boolProp);
+ }
+
+ static enum TestConfKey implements ConfigKey {
+ ADDRESS("127.0.0.1"),
+ PORT(8015),
+ ENABLE(false);
+
+ private Object defaultValue;
+
+ private TestConfKey(Object defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ @Override
+ public String getPropertyKey() {
+ return name().toLowerCase();
+ }
+
+ @Override
+ public Object getDefaultValue() {
+ return this.defaultValue;
+ }
+ }
+
+ @Test
+ public void testConfKey() {
+ Conf conf = new Conf();
+ Assert.assertEquals(conf.getString(TestConfKey.ADDRESS),
+ TestConfKey.ADDRESS.getDefaultValue());
+ Map<String, String> mapConfig = new HashMap<String, String>();
+ String myAddress = "www.google.com";
+ mapConfig.put(TestConfKey.ADDRESS.getPropertyKey(), myAddress);
+ conf.addMapConfig(mapConfig);
+ Assert.assertEquals(conf.getString(TestConfKey.ADDRESS), myAddress);
+ Assert.assertEquals(conf.getInt(TestConfKey.PORT),
+ TestConfKey.PORT.getDefaultValue());
+ Assert.assertEquals(conf.getBoolean(TestConfKey.ENABLE),
+ TestConfKey.ENABLE.getDefaultValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfigImplTest.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfigImplTest.java b/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfigImplTest.java
new file mode 100644
index 0000000..1834a9f
--- /dev/null
+++ b/lib/kerby-config/src/test/java/org/apache/kerby/config/ConfigImplTest.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ * The test is on ConfigImpl level.
+ * ConfigImpl is the internal implementation of Conf, only visual by developers.
+ */
+public class ConfigImplTest {
+
+ /**
+ * Test for section config support.
+ */
+ @Test
+ public void testSectionConfig() {
+ ConfigImpl rootConfig = new ConfigImpl(null);
+ rootConfig.set("globalConfig", "true");
+
+ ConfigImpl sectionA = new ConfigImpl("libdefaults");
+ rootConfig.set("libdefaults", sectionA);
+ sectionA.set("default_realm", "EXAMPLE.COM");
+ sectionA.set("forwardable", "true");
+ sectionA.set("dns_lookup_realm", "false");
+
+ ConfigImpl sectionB = new ConfigImpl("logging");
+ rootConfig.set("logging", sectionB);
+ sectionB.set("kdc", "FILE:/var/log/krb5kdc.log");
+
+ Assert.assertEquals(rootConfig.getString("globalConfig"), "true");
+ Assert.assertEquals(rootConfig.getString("default_realm"), null);
+
+ Config subA = rootConfig.getConfig("libdefaults");
+ Assert.assertEquals(subA.getString("default_realm"), "EXAMPLE.COM");
+ Assert.assertEquals(subA.getString("globalConfig"), null);
+ Assert.assertEquals(subA.getString("kdc"), null);
+
+ Config subB = rootConfig.getConfig("logging");
+ Assert.assertEquals(subB.getString("kdc"), "FILE:/var/log/krb5kdc.log");
+ Assert.assertEquals(subB.getString("globalConfig"), null);
+ Assert.assertEquals(subB.getBoolean("forwardable"), null);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-config/src/test/java/org/apache/kerby/config/IniConfigTest.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/test/java/org/apache/kerby/config/IniConfigTest.java b/lib/kerby-config/src/test/java/org/apache/kerby/config/IniConfigTest.java
new file mode 100644
index 0000000..f71e5a1
--- /dev/null
+++ b/lib/kerby-config/src/test/java/org/apache/kerby/config/IniConfigTest.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.config;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class IniConfigTest {
+
+ private final static String TEST_DIR = new File(System.getProperty(
+ "test.build.data", "/tmp")).getAbsolutePath();
+ private final static File TEST_FILE = new File(TEST_DIR, "test-ini-config");
+
+ /**
+ * Build a INI format configuration file.
+ */
+ private void buildFile() throws IOException {
+ PrintWriter out = new PrintWriter(new FileWriter(TEST_FILE));
+ out.println("#note = notenote");
+ out.println("default = FILE:/var/log/krb5libs.log");
+ out.println("kdc = FILE:/var/log/krb5kdc.log");
+ out.println("admin_server = FILE:/var/log/kadmind.log");
+ out.println("[libdefaults]");
+ out.println("default_realm = EXAMPLE.COM");
+ out.println("dns_lookup_realm = false");
+ out.println("dns_lookup_kdc = false");
+ out.println("ticket_lifetime = 24h");
+ out.println("renew_lifetime = 7d");
+ out.println("forwardable = true");
+ out.println("[lib1]");
+ out.println("default_realm = EXAMPLE.COM1");
+ out.println("dns_lookup_realm = true");
+ out.close();
+ }
+
+ @Test
+ public void testIniConfig() throws IOException {
+ buildFile();
+
+ Conf conf = new Conf();
+ conf.addIniConfig(TEST_FILE);
+
+ Assert.assertEquals(conf.getString("default"), "FILE:/var/log/krb5libs.log");
+ Assert.assertEquals(conf.getString("#note"), null);//Comments should be ignored when loading.
+
+ Config config = conf.getConfig("libdefaults");
+ Assert.assertFalse(config.getBoolean("dns_lookup_realm"));
+ Assert.assertTrue(config.getBoolean("forwardable"));
+
+ Config config1 = conf.getConfig("lib1");
+ Assert.assertTrue(config1.getBoolean("dns_lookup_realm"));
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/README
----------------------------------------------------------------------
diff --git a/lib/kerby-event/README b/lib/kerby-event/README
new file mode 100644
index 0000000..cb3b88a
--- /dev/null
+++ b/lib/kerby-event/README
@@ -0,0 +1 @@
+An event driven application framework with mixed (TCP, UDP) x (connector, acceptor) supported.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-event/pom.xml b/lib/kerby-event/pom.xml
new file mode 100644
index 0000000..af1e11a
--- /dev/null
+++ b/lib/kerby-event/pom.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <artifactId>lib</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-event</artifactId>
+ <name>Kerby Event</name>
+ <description>Kerby Event and Transport facilities for both client and server</description>
+
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractEventHandler.java
new file mode 100644
index 0000000..59a0a82
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractEventHandler.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public abstract class AbstractEventHandler implements EventHandler {
+
+ private Dispatcher dispatcher;
+
+ public AbstractEventHandler() {
+
+ }
+
+ protected void dispatch(Event event) {
+ dispatcher.dispatch(event);
+ }
+
+ @Override
+ public Dispatcher getDispatcher() {
+ return dispatcher;
+ }
+
+ @Override
+ public void setDispatcher(Dispatcher dispatcher) {
+ this.dispatcher = dispatcher;
+ }
+
+ @Override
+ public void handle(Event event) {
+ try {
+ doHandle(event);
+ } catch (Exception e) {
+ throw new RuntimeException(event.toString(), e);
+ }
+ }
+
+ protected abstract void doHandle(Event event) throws Exception;
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractInternalEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractInternalEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractInternalEventHandler.java
new file mode 100644
index 0000000..bfed126
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/AbstractInternalEventHandler.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.atomic.AtomicInteger;
+
+public abstract class AbstractInternalEventHandler extends AbstractEventHandler
+ implements InternalEventHandler {
+
+ private int id = -1;
+ protected EventHandler handler;
+
+ private static AtomicInteger idGen = new AtomicInteger(1);
+
+ public AbstractInternalEventHandler() {
+ super();
+
+ this.id = idGen.getAndIncrement();
+
+ init();
+ }
+
+ public AbstractInternalEventHandler(EventHandler handler) {
+ this();
+
+ this.handler = handler;
+ }
+
+ protected void setEventHandler(EventHandler handler) {
+ this.handler = handler;
+ }
+
+ @Override
+ public int id() {
+ return id;
+ }
+
+ public abstract void init();
+
+ protected void process(Event event) {
+ handler.handle(event);
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return handler.getInterestedEvents();
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/BufferedEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/BufferedEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/BufferedEventHandler.java
new file mode 100644
index 0000000..39fca9f
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/BufferedEventHandler.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.ArrayBlockingQueue;
+import java.util.concurrent.BlockingQueue;
+
+/**
+ * An EventHandler wrapper buffering events and processing them later
+ */
+public abstract class BufferedEventHandler extends AbstractInternalEventHandler {
+
+ protected BlockingQueue<Event> eventQueue;
+
+ public BufferedEventHandler(EventHandler handler) {
+ super(handler);
+ }
+
+ public BufferedEventHandler() {
+ super();
+ }
+
+ @Override
+ public void init() {
+ this.eventQueue = new ArrayBlockingQueue<Event>(2);
+ }
+
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ try {
+ eventQueue.put(event);
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/Dispatcher.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/Dispatcher.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/Dispatcher.java
new file mode 100644
index 0000000..f5a9f53
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/Dispatcher.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public interface Dispatcher {
+
+ public void dispatch(Event event);
+
+ public void register(EventHandler handler);
+
+ public void register(InternalEventHandler internalHandler);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/Event.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/Event.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/Event.java
new file mode 100644
index 0000000..332ee0d
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/Event.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public class Event {
+
+ private EventType eventType;
+ private Object eventData;
+
+ public Event(EventType eventType) {
+ this.eventType = eventType;
+ }
+
+ public Event(EventType eventType, Object eventData) {
+ this.eventType = eventType;
+ this.eventData = eventData;
+ }
+
+ public EventType getEventType() {
+ return eventType;
+ }
+
+ public Object getEventData() {
+ return eventData;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHandler.java
new file mode 100644
index 0000000..b9ef871
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHandler.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public interface EventHandler {
+
+ public void handle(Event event);
+
+ public EventType[] getInterestedEvents();
+
+ public Dispatcher getDispatcher();
+
+ public void setDispatcher(Dispatcher dispatcher);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHub.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHub.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHub.java
new file mode 100644
index 0000000..931455a
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventHub.java
@@ -0,0 +1,192 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+public class EventHub implements Dispatcher {
+
+ private enum BuiltInEventType implements EventType {
+ STOP,
+ ALL
+ }
+
+ private boolean started = false;
+
+ private Map<Integer, InternalEventHandler> handlers =
+ new ConcurrentHashMap<Integer, InternalEventHandler>();
+
+ private Map<EventType, Set<Integer>> eventHandlersMap =
+ new ConcurrentHashMap<EventType, Set<Integer>>();
+
+ private InternalEventHandler builtInHandler;
+
+ class BuiltInEventHandler extends AbstractEventHandler {
+ public BuiltInEventHandler() {
+ super();
+ }
+
+ @Override
+ protected void doHandle(Event event) {
+
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return BuiltInEventType.values();
+ }
+ }
+
+ public EventHub() {
+ init();
+ }
+
+ private void init() {
+ EventHandler eh = new BuiltInEventHandler();
+ builtInHandler = new ExecutedEventHandler(eh);
+ register(builtInHandler);
+ }
+
+ @Override
+ public void dispatch(Event event) {
+ process(event);
+ }
+
+ @Override
+ public void register(EventHandler handler) {
+ handler.setDispatcher(this);
+ InternalEventHandler ieh = new ExecutedEventHandler(handler);
+ register(ieh);
+ }
+
+ @Override
+ public void register(InternalEventHandler handler) {
+ handler.setDispatcher(this);
+ handler.init();
+ handlers.put(handler.id(), handler);
+
+ if (started) {
+ handler.start();
+ }
+
+ EventType[] interestedEvents = handler.getInterestedEvents();
+ Set<Integer> tmpHandlers;
+ for (EventType eventType : interestedEvents) {
+ if (eventHandlersMap.containsKey(eventType)) {
+ tmpHandlers = eventHandlersMap.get(eventType);
+ } else {
+ tmpHandlers = new HashSet<Integer>();
+ eventHandlersMap.put(eventType, tmpHandlers);
+ }
+ tmpHandlers.add(handler.id());
+ }
+ }
+
+ public EventWaiter waitEvent(final EventType event) {
+ return waitEvent(new EventType[] { event } );
+ }
+
+ public EventWaiter waitEvent(final EventType... events) {
+ EventHandler handler = new AbstractEventHandler() {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ // no op;
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return events;
+ }
+ };
+
+ handler.setDispatcher(this);
+ final WaitEventHandler waitEventHandler = new WaitEventHandler(handler);
+ register(waitEventHandler);
+ EventWaiter waiter = new EventWaiter() {
+ @Override
+ public Event waitEvent(EventType event) {
+ return waitEventHandler.waitEvent(event);
+ }
+
+ @Override
+ public Event waitEvent() {
+ return waitEventHandler.waitEvent();
+ }
+
+ @Override
+ public Event waitEvent(EventType event, long timeout,
+ TimeUnit timeUnit) throws TimeoutException {
+ return waitEventHandler.waitEvent(event, timeout, timeUnit);
+ }
+
+ @Override
+ public Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException {
+ return waitEventHandler.waitEvent(timeout, timeUnit);
+ }
+ };
+
+ return waiter;
+ }
+
+ private void process(Event event) {
+ EventType eventType = event.getEventType();
+ InternalEventHandler handler;
+ Set<Integer> handlerIds;
+
+ if (eventHandlersMap.containsKey(eventType)) {
+ handlerIds = eventHandlersMap.get(eventType);
+ for (Integer hid : handlerIds) {
+ handler = handlers.get(hid);
+ handler.handle(event);
+ }
+ }
+
+ if (eventHandlersMap.containsKey(BuiltInEventType.ALL)) {
+ handlerIds = eventHandlersMap.get(BuiltInEventType.ALL);
+ for (Integer hid : handlerIds) {
+ handler = handlers.get(hid);
+ handler.handle(event);
+ }
+ }
+ }
+
+ public void start() {
+ if (!started) {
+ for (InternalEventHandler handler : handlers.values()) {
+ handler.start();
+ }
+ started = true;
+ }
+ }
+
+ public void stop() {
+ if (started) {
+ for (InternalEventHandler handler : handlers.values()) {
+ handler.stop();
+ }
+ started = false;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/EventType.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/EventType.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventType.java
new file mode 100644
index 0000000..6a4a453
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventType.java
@@ -0,0 +1,24 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public interface EventType {
+ // no op
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/EventWaiter.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/EventWaiter.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventWaiter.java
new file mode 100644
index 0000000..5e6d7b1
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/EventWaiter.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+public interface EventWaiter {
+
+ public abstract Event waitEvent(EventType event);
+
+ public abstract Event waitEvent();
+
+ public abstract Event waitEvent(EventType event, long timeout, TimeUnit timeUnit) throws TimeoutException;
+
+ public abstract Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/ExecutedEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/ExecutedEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/ExecutedEventHandler.java
new file mode 100644
index 0000000..d094711
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/ExecutedEventHandler.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+
+/**
+ * An EventHandler wrapper processing events using an ExecutorService
+ */
+public class ExecutedEventHandler extends AbstractInternalEventHandler {
+
+ private ExecutorService executorService;
+
+ public ExecutedEventHandler(EventHandler handler) {
+ super(handler);
+ }
+
+ @Override
+ protected void doHandle(final Event event) throws Exception {
+ if (executorService.isTerminated()) {
+ return;
+ }
+
+ executorService.execute(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ process(event);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+ });
+ }
+
+ @Override
+ public void start() {
+ executorService = Executors.newFixedThreadPool(2);
+ }
+
+ @Override
+ public void stop() {
+ if (executorService.isShutdown()) {
+ return;
+ }
+ executorService.shutdownNow();
+ }
+
+ @Override
+ public boolean isStopped() {
+ return executorService.isShutdown();
+ }
+
+ @Override
+ public void init() {
+
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/InternalEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/InternalEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/InternalEventHandler.java
new file mode 100644
index 0000000..6adff3c
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/InternalEventHandler.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+public interface InternalEventHandler extends EventHandler {
+
+ public int id();
+
+ public void init();
+
+ public void start();
+
+ public void stop();
+
+ public boolean isStopped();
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/LongRunningEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/LongRunningEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/LongRunningEventHandler.java
new file mode 100644
index 0000000..10c1f0b
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/LongRunningEventHandler.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+
+public abstract class LongRunningEventHandler extends BufferedEventHandler {
+
+ private ExecutorService executorService;
+
+ public LongRunningEventHandler(EventHandler handler) {
+ super(handler);
+ }
+
+ public LongRunningEventHandler() {
+ super();
+ }
+
+ protected abstract void loopOnce();
+
+ @Override
+ public void start() {
+ executorService = Executors.newFixedThreadPool(1);
+ executorService.execute(new Runnable() {
+ @Override
+ public void run() {
+ while (true) {
+
+ processEvents();
+
+ loopOnce();
+ }
+ }
+ });
+ }
+
+ @Override
+ public void stop() {
+ if (executorService.isShutdown()) {
+ return;
+ }
+ executorService.shutdownNow();
+ }
+
+ @Override
+ public boolean isStopped() {
+ return executorService.isShutdown();
+ }
+
+ protected void processEvents() {
+ while (! eventQueue.isEmpty()) {
+ try {
+ process(eventQueue.take());
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/event/WaitEventHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/event/WaitEventHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/event/WaitEventHandler.java
new file mode 100644
index 0000000..9edc230
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/event/WaitEventHandler.java
@@ -0,0 +1,128 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import java.util.concurrent.*;
+
+public class WaitEventHandler extends BufferedEventHandler {
+
+ private ExecutorService executorService;
+
+ public WaitEventHandler(EventHandler handler) {
+ super(handler);
+ }
+
+ public Event waitEvent() {
+ return waitEvent(null);
+ }
+
+ public Event waitEvent(final EventType eventType) {
+ Future<Event> future = doWaitEvent(eventType);
+
+ try {
+ return future.get();
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ } catch (ExecutionException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public Event waitEvent(final EventType eventType,
+ long timeout, TimeUnit timeUnit) throws TimeoutException {
+ Future<Event> future = doWaitEvent(eventType);
+
+ try {
+ return future.get(timeout, timeUnit);
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ } catch (ExecutionException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public Event waitEvent(long timeout, TimeUnit timeUnit) throws TimeoutException {
+ Future<Event> future = doWaitEvent(null);
+
+ try {
+ return future.get(timeout, timeUnit);
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ } catch (ExecutionException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private Future<Event> doWaitEvent(final EventType eventType) {
+ Future<Event> future = executorService.submit(new Callable<Event>() {
+ @Override
+ public Event call() throws Exception {
+ if (eventType != null) {
+ return checkEvent(eventType);
+ } else {
+ return checkEvent();
+ }
+ }
+ });
+
+ return future;
+ }
+
+ private Event checkEvent() throws Exception {
+ return eventQueue.take();
+ }
+
+ private Event checkEvent(EventType eventType) throws Exception {
+ Event event = null;
+
+ while (true) {
+ if (eventQueue.size() == 1) {
+ if (eventQueue.peek().getEventType() == eventType) {
+ return eventQueue.take();
+ }
+ } else {
+ event = eventQueue.take();
+ if (event.getEventType() == eventType) {
+ return event;
+ } else {
+ eventQueue.put(event); // put back since not wanted
+ }
+ }
+ }
+ }
+
+ @Override
+ public void start() {
+ executorService = Executors.newFixedThreadPool(2);
+ }
+
+ @Override
+ public void stop() {
+ if (executorService.isShutdown()) {
+ return;
+ }
+ executorService.shutdown();
+ }
+
+ @Override
+ public boolean isStopped() {
+ return executorService.isShutdown();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/Acceptor.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/Acceptor.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Acceptor.java
new file mode 100644
index 0000000..8fa25d7
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Acceptor.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import java.net.InetSocketAddress;
+
+public abstract class Acceptor extends TransportSelector {
+
+ public Acceptor(TransportHandler transportHandler) {
+ super(transportHandler);
+ }
+
+ public void listen(String address, short listenPort) {
+ InetSocketAddress socketAddress = new InetSocketAddress(address, listenPort);
+ doListen(socketAddress);
+ }
+
+ protected abstract void doListen(InetSocketAddress socketAddress);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/Connector.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/Connector.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Connector.java
new file mode 100644
index 0000000..ece171f
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Connector.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import java.net.InetSocketAddress;
+
+public abstract class Connector extends TransportSelector {
+
+ public Connector(TransportHandler transportHandler) {
+ super(transportHandler);
+ }
+
+ public void connect(String serverAddress, short serverPort) {
+ InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
+ doConnect(sa);
+ }
+
+ protected abstract void doConnect(InetSocketAddress sa);
+}
[39/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpServer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpServer.java b/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpServer.java
deleted file mode 100644
index d7223ea..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/tcp/TestTcpServer.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.tcp;
-
-import junit.framework.Assert;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.transport.Acceptor;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.apache.haox.transport.tcp.TcpAcceptor;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.SocketChannel;
-
-public class TestTcpServer extends TestTcpBase {
-
- private EventHub eventHub;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- }
-
- private void setUpServer() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent msgEvent) {
- if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- msgEvent.getTransport().sendMessage(msgEvent.getMessage());
- }
- }
- };
- eventHub.register(messageHandler);
-
- Acceptor acceptor = new TcpAcceptor(createStreamingDecoder());
- eventHub.register(acceptor);
-
- eventHub.start();
- acceptor.listen(serverHost, serverPort);
- }
-
- @Test
- public void testTcpTransport() throws IOException, InterruptedException {
- Thread.sleep(15);
-
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.connect(sa);
- socketChannel.write(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
- ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
- socketChannel.read(byteBuffer);
- byteBuffer.flip();
- clientRecvedMessage = recvBuffer2String(byteBuffer);
-
- Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpBase.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpBase.java b/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpBase.java
deleted file mode 100644
index 7546543..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpBase.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.udp;
-
-import org.apache.haox.event.EventType;
-
-import java.nio.ByteBuffer;
-
-public class TestUdpBase {
- protected String serverHost = "127.0.0.1";
- protected short serverPort = 8181;
- protected String TEST_MESSAGE = "Hello world!";
- protected String clientRecvedMessage;
-
- protected enum TestEventType implements EventType {
- FINISHED
- }
-
- protected String recvBuffer2String(ByteBuffer buffer) {
- byte[] bytes = new byte[buffer.remaining()];
- buffer.get(bytes);
- return new String(bytes);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpClient.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpClient.java b/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpClient.java
deleted file mode 100644
index 3dc0f08..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpClient.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.udp;
-
-import junit.framework.Assert;
-import org.apache.haox.event.Event;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.event.EventWaiter;
-import org.apache.haox.transport.Connector;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.udp.UdpConnector;
-import org.apache.haox.transport.event.TransportEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.DatagramSocket;
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.DatagramChannel;
-import java.nio.channels.SelectionKey;
-import java.nio.channels.Selector;
-import java.util.Iterator;
-import java.util.Set;
-
-public class TestUdpClient extends TestUdpBase {
-
- private EventHub eventHub;
- private EventWaiter eventWaiter;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- setUpClient();
- }
-
- private void setUpServer() {
- new Thread(new Runnable() {
- @Override
- public void run() {
- try {
- doRunServer();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }).start();
- }
-
- private void doRunServer() throws IOException {
- DatagramChannel serverSocketChannel;
- Selector selector = Selector.open();
- serverSocketChannel = DatagramChannel.open();
- serverSocketChannel.configureBlocking(false);
- DatagramSocket serverSocket = serverSocketChannel.socket();
- serverSocket.bind(new InetSocketAddress(serverPort));
- serverSocketChannel.register(selector, SelectionKey.OP_READ);
-
- while (true) {
- if (selector.selectNow() > 0) {
- Set<SelectionKey> selectionKeys = selector.selectedKeys();
- Iterator<SelectionKey> iterator = selectionKeys.iterator();
- while (iterator.hasNext()) {
- SelectionKey selectionKey = iterator.next();
- iterator.remove();
- if (selectionKey.isReadable()) {
- ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
- InetSocketAddress fromAddress = (InetSocketAddress) serverSocketChannel.receive(recvBuffer);
- if (fromAddress != null) {
- recvBuffer.flip();
- serverSocketChannel.send(recvBuffer, fromAddress);
- }
- }
- }
-
- try {
- Thread.sleep(1000);
- } catch (InterruptedException e) {
- e.printStackTrace();
- }
- }
- }
- }
-
- private void setUpClient() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent msgEvent) {
- if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- ByteBuffer buffer = msgEvent.getMessage();
- clientRecvedMessage = recvBuffer2String(buffer);
- System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
- Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
- dispatch(new Event(TestEventType.FINISHED, result));
- }
- }
- };
- eventHub.register(messageHandler);
-
- Connector connector = new UdpConnector();
- eventHub.register(connector);
-
- eventWaiter = eventHub.waitEvent(
- TestEventType.FINISHED,
- TransportEventType.NEW_TRANSPORT);
-
- eventHub.start();
- connector.connect(serverHost, serverPort);
- }
-
- @Test
- public void testUdpTransport() {
- Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
- Transport transport = ((TransportEvent) event).getTransport();
- transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
-
- event = eventWaiter.waitEvent(TestEventType.FINISHED);
- Assert.assertTrue((Boolean) event.getEventData());
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpServer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpServer.java b/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpServer.java
deleted file mode 100644
index 54881e4..0000000
--- a/contrib/haox-event/src/test/java/org/apache/haox/event/udp/TestUdpServer.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.event.udp;
-
-import junit.framework.Assert;
-import org.apache.haox.event.EventHandler;
-import org.apache.haox.event.EventHub;
-import org.apache.haox.transport.Acceptor;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.event.TransportEventType;
-import org.apache.haox.transport.udp.UdpAcceptor;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.DatagramChannel;
-
-public class TestUdpServer extends TestUdpBase {
-
- private EventHub eventHub;
-
- @Before
- public void setUp() throws IOException {
- setUpServer();
- }
-
- private void setUpServer() throws IOException {
- eventHub = new EventHub();
-
- EventHandler messageHandler = new MessageHandler() {
- @Override
- protected void handleMessage(MessageEvent msgEvent) {
- if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
- msgEvent.getTransport().sendMessage(msgEvent.getMessage());
- }
- }
- };
- eventHub.register(messageHandler);
-
- Acceptor acceptor = new UdpAcceptor();
- eventHub.register(acceptor);
-
- eventHub.start();
- acceptor.listen(serverHost, serverPort);
- }
-
- @Test
- public void testUdpTransport() throws IOException, InterruptedException {
- Thread.sleep(10);
-
- DatagramChannel socketChannel = DatagramChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.send(ByteBuffer.wrap(TEST_MESSAGE.getBytes()), sa);
- ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
- socketChannel.receive(byteBuffer);
- byteBuffer.flip();
- clientRecvedMessage = recvBuffer2String(byteBuffer);
-
- Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
- }
-
- @After
- public void cleanup() {
- eventHub.stop();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/pom.xml b/contrib/haox-pkix/pom.xml
deleted file mode 100644
index f92c536..0000000
--- a/contrib/haox-pkix/pom.xml
+++ /dev/null
@@ -1,38 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>contrib</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-pkix</artifactId>
-
- <name>Haox PKIX</name>
- <description>Haox PKIX utilities</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>not-yet-commons-ssl</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-
-</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/java/org/haox/pki/Pkix.java
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/java/org/haox/pki/Pkix.java b/contrib/haox-pkix/src/main/java/org/haox/pki/Pkix.java
deleted file mode 100644
index 234872e..0000000
--- a/contrib/haox-pkix/src/main/java/org/haox/pki/Pkix.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.pki;
-
-import org.apache.commons.ssl.PKCS8Key;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-public class Pkix {
-
- public static List<Certificate> getCerts(String certFile) throws IOException, CertificateException {
- InputStream is = new FileInputStream(new File(certFile));
- return getCerts(is);
- }
-
- public static List<Certificate> getCerts(InputStream inputStream) throws IOException, CertificateException {
- CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
- Collection<? extends Certificate> certs =
- (Collection<? extends Certificate>) certFactory.generateCertificates(inputStream);
-
- return new ArrayList<Certificate>(certs);
- }
-
- public static PrivateKey getPrivateKey(String keyFile, String password) throws IOException, GeneralSecurityException {
- InputStream in = new FileInputStream("/path/to/pkcs8_private_key.der");
- return getPrivateKey(in, password);
- }
-
- public static PrivateKey getPrivateKey(InputStream inputStream, String password) throws GeneralSecurityException, IOException {
- if (password == null) password = "";
- // If the provided InputStream is encrypted, we need a password to decrypt
- // it. If the InputStream is not encrypted, then the password is ignored
- // (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64).
- PKCS8Key pkcs8 = new PKCS8Key(inputStream, password.toCharArray());
-
- // If an unencrypted PKCS8 key was provided, then this actually returns
- // exactly what was originally passed inputStream (with no changes). If an OpenSSL
- // key was provided, it gets reformatted as PKCS #8 first, and so these
- // bytes will still be PKCS #8, not OpenSSL.
- byte[] decrypted = pkcs8.getDecryptedBytes();
- PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decrypted);
-
- // A Java PrivateKey object is born.
- PrivateKey pk = null;
- if (pkcs8.isDSA()) {
- pk = KeyFactory.getInstance("DSA").generatePrivate(spec);
- }
- else if (pkcs8.isRSA()) {
- pk = KeyFactory.getInstance("RSA").generatePrivate(spec);
- }
-
- // For lazier types:
- pk = pkcs8.getPrivateKey();
-
- return pk;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/cacert.pem b/contrib/haox-pkix/src/main/resources/cacert.pem
deleted file mode 100644
index 6b91561..0000000
--- a/contrib/haox-pkix/src/main/resources/cacert.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
-eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
-MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
-Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
-cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
-uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
-u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
-F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
-d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
-fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
-xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
-V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/cakey.pem b/contrib/haox-pkix/src/main/resources/cakey.pem
deleted file mode 100644
index 66dc806..0000000
--- a/contrib/haox-pkix/src/main/resources/cakey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
-NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
-s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
-AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
-usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
-Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
-Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
-IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
-Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
-zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
-0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
-tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
-GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
-L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
-pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
-YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
-/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
-XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
-VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
-ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
-XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
-IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
-OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
-oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
-5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/extensions.kdc b/contrib/haox-pkix/src/main/resources/extensions.kdc
deleted file mode 100644
index 8052f71..0000000
--- a/contrib/haox-pkix/src/main/resources/extensions.kdc
+++ /dev/null
@@ -1,36 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-[kdc_cert]
-basicConstraints=CA:FALSE
-keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
-extendedKeyUsage=1.3.6.1.5.2.3.5
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-issuerAltName=issuer:copy
-subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
-
-[kdc_princ_name]
-realm=EXP:0,GeneralString:${ENV::REALM}
-principal_name=EXP:1,SEQUENCE:kdc_principal_seq
-
-[kdc_principal_seq]
-name_type=EXP:0,INTEGER:1
-name_string=EXP:1,SEQUENCE:kdc_principals
-
-[kdc_principals]
-princ1=GeneralString:krbtgt
-princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/kdccert.pem b/contrib/haox-pkix/src/main/resources/kdccert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/contrib/haox-pkix/src/main/resources/kdccert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/kdckey.pem b/contrib/haox-pkix/src/main/resources/kdckey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/contrib/haox-pkix/src/main/resources/kdckey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/usercert.pem b/contrib/haox-pkix/src/main/resources/usercert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/contrib/haox-pkix/src/main/resources/usercert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/main/resources/userkey.pem b/contrib/haox-pkix/src/main/resources/userkey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/contrib/haox-pkix/src/main/resources/userkey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-pkix/src/test/java/org/haox/pki/PkixTest.java
----------------------------------------------------------------------
diff --git a/contrib/haox-pkix/src/test/java/org/haox/pki/PkixTest.java b/contrib/haox-pkix/src/test/java/org/haox/pki/PkixTest.java
deleted file mode 100644
index 5f9b7f6..0000000
--- a/contrib/haox-pkix/src/test/java/org/haox/pki/PkixTest.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.pki;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-import java.security.PrivateKey;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.util.List;
-
-/**
- openssl genrsa -out cakey.pem 2048
- openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
- vi extensions.kdc
- openssl genrsa -out kdckey.pem 2048
- openssl req -new -out kdc.req -key kdckey.pem
- env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
- -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
- */
-public class PkixTest {
-
- @Test
- public void loadCert() throws CertificateException, IOException {
- InputStream res = getClass().getResourceAsStream("/usercert.pem");
- List<Certificate> certs = Pkix.getCerts(res);
- Certificate userCert = certs.iterator().next();
-
- Assert.assertNotNull(userCert);
- }
-
- @Test
- public void loadKey() throws GeneralSecurityException, IOException {
- InputStream res = getClass().getResourceAsStream("/userkey.pem");
- PrivateKey key = Pkix.getPrivateKey(res, null);
-
- Assert.assertNotNull(key);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-token/pom.xml b/contrib/haox-token/pom.xml
deleted file mode 100644
index 44cd706..0000000
--- a/contrib/haox-token/pom.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>contrib</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-token</artifactId>
- <name>Haox-token Project</name>
- <version>1.0-SNAPSHOT</version>
- <packaging>jar</packaging>
-
- <dependencies>
- <dependency>
- <groupId>com.nimbusds</groupId>
- <artifactId>nimbus-jose-jwt</artifactId>
- <version>3.2</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-asn1</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- </dependencies>
-
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/src/main/java/org/haox/token/AuthzDataEntry.java
----------------------------------------------------------------------
diff --git a/contrib/haox-token/src/main/java/org/haox/token/AuthzDataEntry.java b/contrib/haox-token/src/main/java/org/haox/token/AuthzDataEntry.java
deleted file mode 100644
index 81f0987..0000000
--- a/contrib/haox-token/src/main/java/org/haox/token/AuthzDataEntry.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.token;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.haox.asn1.type.Asn1SequenceType;
-
-/**
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- ad-type [0] Int32,
- ad-data [1] OCTET STRING
- }
- */
-public class AuthzDataEntry extends Asn1SequenceType {
- static int AD_TYPE = 0;
- static int AD_DATA = 1;
-
- public AuthzDataEntry() {
- super(new Asn1FieldInfo[] {
- new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
- });
- }
-
- public int getAuthzType() {
- Integer value = getFieldAsInteger(AD_TYPE);
- return value;
- }
-
- public byte[] getAuthzData() {
- return getFieldAsOctets(AD_DATA);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/src/main/java/org/haox/token/KerbToken.java
----------------------------------------------------------------------
diff --git a/contrib/haox-token/src/main/java/org/haox/token/KerbToken.java b/contrib/haox-token/src/main/java/org/haox/token/KerbToken.java
deleted file mode 100644
index a012628..0000000
--- a/contrib/haox-token/src/main/java/org/haox/token/KerbToken.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.token;
-
-import java.util.Map;
-
-public class KerbToken {
-
- private Map<String, Object> attributes;
-
- public KerbToken(Map<String, Object> attributes) {
- this.attributes = attributes;
- }
-
- public Map<String, Object> getAttributes() {
- return attributes;
- }
-
- public String getPrincipal() {
- return (String) attributes.get("sub");
- }
-
- public String[] getGroups() {
- String grp = (String) attributes.get("group");
- if (grp != null) {
- return new String[] { grp };
- }
- return new String[0];
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/src/main/java/org/haox/token/TokenCache.java
----------------------------------------------------------------------
diff --git a/contrib/haox-token/src/main/java/org/haox/token/TokenCache.java b/contrib/haox-token/src/main/java/org/haox/token/TokenCache.java
deleted file mode 100644
index c802051..0000000
--- a/contrib/haox-token/src/main/java/org/haox/token/TokenCache.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.token;
-
-import java.io.*;
-
-public class TokenCache {
- private static final String DEFAULT_TOKEN_CACHE_PATH = ".tokenauth";
- private static final String TOKEN_CACHE_FILE = ".tokenauth.token";
-
- public static String readToken(String tokenCacheFile) {
- File cacheFile = null;
-
- if (tokenCacheFile != null && ! tokenCacheFile.isEmpty()) {
- cacheFile = new File(tokenCacheFile);
- if (!cacheFile.exists()) {
- throw new RuntimeException("Invalid token cache specified: " + tokenCacheFile);
- };
- } else {
- cacheFile = getDefaultTokenCache();
- if (!cacheFile.exists()) {
- throw new RuntimeException("No token cache available by default");
- };
- }
-
- String token = null;
- try {
- BufferedReader reader = new BufferedReader(new FileReader(cacheFile));
- String line = reader.readLine();
- reader.close();
- if (line != null) {
- token = line;
- }
- } catch (IOException ex) {
- //NOP
- }
-
- return token;
- }
-
- public static void writeToken(String token) {
- File cacheFile = getDefaultTokenCache();
-
- try {
- Writer writer = new FileWriter(cacheFile);
- writer.write(token.toString());
- writer.close();
- // sets read-write permissions to owner only
- cacheFile.setReadable(false, false);
- cacheFile.setReadable(true, true);
- cacheFile.setWritable(true, true);
- }
- catch (IOException ioe) {
- // if case of any error we just delete the cache, if user-only
- // write permissions are not properly set a security exception
- // is thrown and the file will be deleted.
- cacheFile.delete();
- }
- }
-
- public static File getDefaultTokenCache() {
- String homeDir = System.getProperty("user.home", DEFAULT_TOKEN_CACHE_PATH);
- return new File(homeDir, TOKEN_CACHE_FILE);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/src/main/java/org/haox/token/TokenExtractor.java
----------------------------------------------------------------------
diff --git a/contrib/haox-token/src/main/java/org/haox/token/TokenExtractor.java b/contrib/haox-token/src/main/java/org/haox/token/TokenExtractor.java
deleted file mode 100644
index f6891fa..0000000
--- a/contrib/haox-token/src/main/java/org/haox/token/TokenExtractor.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.token;
-
-import com.sun.security.jgss.AuthorizationDataEntry;
-import com.sun.security.jgss.ExtendedGSSContext;
-import com.sun.security.jgss.InquireType;
-import org.apache.haox.asn1.type.Asn1SequenceOf;
-import org.ietf.jgss.GSSContext;
-import org.ietf.jgss.GSSException;
-
-import java.io.IOException;
-import java.util.List;
-
-public class TokenExtractor {
- static final int JWT_AUTHZ_DATA_TYPE = 81;
- public static final int AD_IF_RELEVANT_TYPE = 1;
-
- /**
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
- ad-type [0] Int32,
- ad-data [1] OCTET STRING
- }
- */
- public static class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
-
- }
-
- public static KerbToken checkAuthzData(GSSContext context) throws GSSException, IOException {
- System.out.println("Looking for token from authorization data in GSSContext");
-
- Object authzData = null;
- if (context instanceof ExtendedGSSContext) {
- ExtendedGSSContext ex = (ExtendedGSSContext)context;
- authzData = ex.inquireSecContext(
- InquireType.KRB5_GET_AUTHZ_DATA);
- }
-
- if (authzData != null) {
- AuthorizationDataEntry[] authzEntries = (AuthorizationDataEntry[]) authzData;
- KerbToken resultToken = null;
- for (int i = 0; i < authzEntries.length; ++i) {
- resultToken = getAuthzToken(authzEntries[i]);
- if (resultToken != null) {
- return resultToken;
- }
- }
- }
- return null;
- }
-
- public static KerbToken getAuthzToken(AuthorizationDataEntry authzDataEntry) throws IOException {
- if (authzDataEntry.getType() == AD_IF_RELEVANT_TYPE) {
- String token = getToken(authzDataEntry);
- if (token == null) {
- return null;
- }
-
- try {
- return TokenTool.fromJwtToken(token);
- } catch (Exception e) {
- // noop when not jwt token
- }
- }
-
- return null;
- }
-
- public static String getToken(AuthorizationDataEntry authzDataEntry) throws IOException {
- List<AuthzDataEntry> entries = decode(authzDataEntry);
- for (AuthzDataEntry entry : entries) {
- if (entry.getAuthzType() == JWT_AUTHZ_DATA_TYPE) {
- return new String(entry.getAuthzData());
- }
- }
- return null;
- }
-
- public static List<AuthzDataEntry> decode(AuthorizationDataEntry authzDataEntry) throws IOException {
- AuthorizationData authzData = new AuthorizationData();
- authzData.decode(authzDataEntry.getData());
- return authzData.getElements();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-token/src/main/java/org/haox/token/TokenTool.java
----------------------------------------------------------------------
diff --git a/contrib/haox-token/src/main/java/org/haox/token/TokenTool.java b/contrib/haox-token/src/main/java/org/haox/token/TokenTool.java
deleted file mode 100644
index 7c590f4..0000000
--- a/contrib/haox-token/src/main/java/org/haox/token/TokenTool.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.token;
-
-import com.nimbusds.jose.PlainHeader;
-import com.nimbusds.jwt.JWT;
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.PlainJWT;
-
-import java.text.ParseException;
-import java.util.*;
-
-public class TokenTool {
-
- public static JWT issueToken(String principal, String group, String role) {
- // must have for kerb-token
- String krbPrincipal = principal + "@SH.INTEL.COM";
-
- PlainHeader header = new PlainHeader();
- //header.setCustomParameter("krbPrincipal", krbPrincipal);
-
- JWTClaimsSet jwtClaims = new JWTClaimsSet();
-
- String iss = "token-service";
- jwtClaims.setIssuer(iss);
-
- String sub = principal;
- jwtClaims.setSubject(sub);
-
- // must have for kerb-token
- jwtClaims.setSubject(krbPrincipal);
-
- jwtClaims.setClaim("group", group);
- if (role != null) {
- jwtClaims.setClaim("role", role);
- }
-
- List<String> aud = new ArrayList<String>();
- aud.add("krb5kdc-with-token-extension");
- jwtClaims.setAudience(aud);
-
- // Set expiration in 60 minutes
- final Date NOW = new Date(new Date().getTime() / 1000 * 1000);
- Date exp = new Date(NOW.getTime() + 1000 * 60 * 60);
- jwtClaims.setExpirationTime(exp);
-
- Date nbf = NOW;
- jwtClaims.setNotBeforeTime(nbf);
-
- Date iat = NOW;
- jwtClaims.setIssueTime(iat);
-
- String jti = UUID.randomUUID().toString();
- jwtClaims.setJWTID(jti);
-
- PlainJWT jwt = new PlainJWT(header, jwtClaims);
- return jwt;
- }
-
- public static JWT decodeToken(String token) throws ParseException {
- PlainJWT jwt = PlainJWT.parse(token);
-
- return jwt;
- }
-
- public static KerbToken fromJwtToken(String token) throws ParseException {
- Map<String, Object> attrs = decodeAndExtractTokenAttributes(token);
- return new KerbToken(attrs);
- }
-
- public static Map<String, Object> decodeAndExtractTokenAttributes(String token) throws ParseException {
- PlainJWT jwt = PlainJWT.parse(token);
-
- Map<String, Object> attrs = new HashMap<String, Object>();
- attrs.putAll(jwt.getJWTClaimsSet().getAllClaims());
- //attrs.putAll(jwt.getHeader().getCustomParameters());
-
- return attrs;
- }
-
- public static void main(String[] args) throws ParseException {
- String principal, group, role = null;
-
- if (args.length != 2 && args.length != 3) {
- System.out.println("This is a simple token issuing tool just for kerb-token PoC usage\n");
- System.out.println("tokeninit <username> <group> [role]\n");
- System.exit(1);
- }
- principal = args[0];
- group = args[1];
- if (args.length > 2) {
- role = args[2];
- }
-
- JWT jwt = issueToken(principal, group, role);
- String token = jwt.serialize();
-
- TokenCache.writeToken(token);
- System.out.println("Issued token: " + token);
-
- /*
- JWT jwt2 = decodeToken(token);
- String krbPrincipal = (String) jwt2.getHeader().getCustomParameter("krbPrincipal");
- System.out.println("Decoded token with krbprincipal: " + krbPrincipal);
- */
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-util/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-util/pom.xml b/contrib/haox-util/pom.xml
deleted file mode 100644
index 2e50f58..0000000
--- a/contrib/haox-util/pom.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <artifactId>contrib</artifactId>
- <groupId>org.haox</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-util</artifactId>
-
- <name>Haox Util</name>
- <description>Haox common util, without any 3rd party dependency</description>
-
- <dependencies>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-util/src/main/java/org/haox/util/HexUtil.java
----------------------------------------------------------------------
diff --git a/contrib/haox-util/src/main/java/org/haox/util/HexUtil.java b/contrib/haox-util/src/main/java/org/haox/util/HexUtil.java
deleted file mode 100644
index f596b9f..0000000
--- a/contrib/haox-util/src/main/java/org/haox/util/HexUtil.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.haox.util;
-
-public class HexUtil {
-
- final static String HEX_CHARS_STR = "0123456789ABCDEF";
- final static char[] HEX_CHARS = HEX_CHARS_STR.toCharArray();
-
- /**
- * Convert bytes into format as:
- * 02020080
- */
- public static String bytesToHex(byte[] bytes) {
- int len = bytes.length * 2;
- char[] hexChars = new char[len];
- for ( int j = 0; j < bytes.length; j++ ) {
- int v = bytes[j] & 0xFF;
- hexChars[j * 2] = HEX_CHARS[v >>> 4];
- hexChars[j * 2 + 1] = HEX_CHARS[v & 0x0F];
- }
-
- return new String(hexChars);
- }
-
- /**
- * Convert hex string like follows into byte array
- * 02020080
- */
- public static byte[] hex2bytes(String hexString) {
- hexString = hexString.toUpperCase();
- int len = hexString.length() / 2;
- byte[] bytes = new byte[len];
- char[] hexChars = hexString.toCharArray();
- for (int i = 0, j = 0; i < len; ++i) {
- bytes[i] = (byte) ((HEX_CHARS_STR.indexOf(hexChars[j++]) << 4) + HEX_CHARS_STR.indexOf(hexChars[j++]));
- }
-
- return bytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/pom.xml b/contrib/pom.xml
deleted file mode 100644
index ae5d685..0000000
--- a/contrib/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>contrib</artifactId>
- <name>Contrib Projects</name>
- <description>Contrib Projects</description>
- <packaging>pom</packaging>
-
- <modules>
- <module>haox-config</module>
- <module>haox-event</module>
- <module>haox-asn1</module>
- <module>haox-pkix</module>
- <module>haox-token</module>
- <module>haox-util</module>
- </modules>
-
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/README
----------------------------------------------------------------------
diff --git a/haox-kdc/README b/haox-kdc/README
deleted file mode 100644
index 583763c..0000000
--- a/haox-kdc/README
+++ /dev/null
@@ -1,5 +0,0 @@
-A KDC implementation that integrates PKI and OAuth Token with an LDAP backend.
-The KDC server can be standalone.
-The LDAP backend can be standalone or embedded.
-Various tools like kinit, kadmin will be provided or
-at least, existing tools can be supported.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/kdc-server/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kdc/kdc-server/pom.xml b/haox-kdc/kdc-server/pom.xml
deleted file mode 100644
index 8b4bf68..0000000
--- a/haox-kdc/kdc-server/pom.xml
+++ /dev/null
@@ -1,56 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kdc</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kdc-server</artifactId>
-
- <name>Haox KDC Server</name>
- <description>Haox-kdc Server</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-server</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>ldap-identity-backend</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-token</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/kdc-server/src/main/java/org/apache/kerberos/kdc/server/ApacheKdcServer.java
----------------------------------------------------------------------
diff --git a/haox-kdc/kdc-server/src/main/java/org/apache/kerberos/kdc/server/ApacheKdcServer.java b/haox-kdc/kdc-server/src/main/java/org/apache/kerberos/kdc/server/ApacheKdcServer.java
deleted file mode 100644
index 380586b..0000000
--- a/haox-kdc/kdc-server/src/main/java/org/apache/kerberos/kdc/server/ApacheKdcServer.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kdc.server;
-
-import org.apache.kerberos.kdc.identitybackend.LdapIdentityBackend;
-import org.apache.kerberos.kerb.identity.IdentityService;
-import org.apache.kerberos.kerb.server.KdcServer;
-
-public class ApacheKdcServer extends KdcServer {
-
- public ApacheKdcServer() {
- super();
- }
-
- public void init() {
- super.init();
- initIdentityService();
- }
-
- protected void initIdentityService() {
- IdentityService identityService = new LdapIdentityBackend();
- setIdentityService(identityService);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/kdc-server/src/test/java/org/apache/kerberos/kdc/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/haox-kdc/kdc-server/src/test/java/org/apache/kerberos/kdc/server/KdcTest.java b/haox-kdc/kdc-server/src/test/java/org/apache/kerberos/kdc/server/KdcTest.java
deleted file mode 100644
index b84a43a..0000000
--- a/haox-kdc/kdc-server/src/test/java/org/apache/kerberos/kdc/server/KdcTest.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kdc.server;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-import java.nio.ByteBuffer;
-import java.nio.channels.SocketChannel;
-
-public class KdcTest {
-
- private String serverHost = "localhost";
- private short serverPort = 8088;
-
- private ApacheKdcServer kdcServer;
-
- @Before
- public void setUp() throws Exception {
- kdcServer = new ApacheKdcServer();
- kdcServer.setKdcHost(serverHost);
- kdcServer.setKdcTcpPort(serverPort);
- kdcServer.init();
- kdcServer.start();
- }
-
- @Test
- public void testKdc() throws IOException, InterruptedException {
- Thread.sleep(10);
-
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.connect(sa);
-
- String BAD_KRB_MESSAGE = "Hello World!";
- ByteBuffer writeBuffer = ByteBuffer.allocate(4 + BAD_KRB_MESSAGE.getBytes().length);
- writeBuffer.putInt(BAD_KRB_MESSAGE.getBytes().length);
- writeBuffer.put(BAD_KRB_MESSAGE.getBytes());
- writeBuffer.flip();
-
- socketChannel.write(writeBuffer);
- }
-
- @After
- public void tearDown() throws Exception {
- kdcServer.stop();
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/ldap-identity-backend/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kdc/ldap-identity-backend/pom.xml b/haox-kdc/ldap-identity-backend/pom.xml
deleted file mode 100644
index 55cfef1..0000000
--- a/haox-kdc/ldap-identity-backend/pom.xml
+++ /dev/null
@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kdc</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>ldap-identity-backend</artifactId>
-
- <name>Ldap identity backend</name>
- <description>Ldap identity backend</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-identity</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/ldap-identity-backend/src/main/java/org/apache/kerberos/kdc/identitybackend/LdapIdentityBackend.java
----------------------------------------------------------------------
diff --git a/haox-kdc/ldap-identity-backend/src/main/java/org/apache/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/haox-kdc/ldap-identity-backend/src/main/java/org/apache/kerberos/kdc/identitybackend/LdapIdentityBackend.java
deleted file mode 100644
index 1248f6a..0000000
--- a/haox-kdc/ldap-identity-backend/src/main/java/org/apache/kerberos/kdc/identitybackend/LdapIdentityBackend.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kdc.identitybackend;
-
-import org.apache.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerberos.kerb.identity.backend.AbstractIdentityBackend;
-
-import java.util.List;
-
-public class LdapIdentityBackend extends AbstractIdentityBackend {
-
-
- public LdapIdentityBackend() {
- super();
- }
-
- /**
- * Load identities from file
- */
- public void load() {
- // todo
- }
-
- /**
- * Persist the updated identities back
- */
- public void save() {
- // todo
- }
-
- @Override
- public List<KrbIdentity> getIdentities() {
- return null;
- }
-
- @Override
- public boolean checkIdentity(String name) {
- return false;
- }
-
- @Override
- public KrbIdentity getIdentity(String name) {
- return null;
- }
-
- @Override
- public void addIdentity(KrbIdentity identity) {
-
- }
-
- @Override
- public void updateIdentity(KrbIdentity identity) {
-
- }
-
- @Override
- public void deleteIdentity(KrbIdentity identity) {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kdc/pom.xml b/haox-kdc/pom.xml
deleted file mode 100644
index a21a1c0..0000000
--- a/haox-kdc/pom.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-kdc</artifactId>
- <name>Haox-kdc Project</name>
- <version>1.0-SNAPSHOT</version>
- <packaging>pom</packaging>
-
- <modules>
- <module>ldap-identity-backend</module>
- <module>kdc-server</module>
- <module>tools</module>
- </modules>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/tools/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kdc/tools/pom.xml b/haox-kdc/tools/pom.xml
deleted file mode 100644
index b13c9fc..0000000
--- a/haox-kdc/tools/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kdc</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>tools</artifactId>
-
- <name>Tools</name>
- <description>Haox KDC Tools</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-client</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-token</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kdc/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
----------------------------------------------------------------------
diff --git a/haox-kdc/tools/src/main/java/org/apache/kerberos/tool/Kinit.java b/haox-kdc/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
deleted file mode 100644
index 891b84a..0000000
--- a/haox-kdc/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.tool;
-
-import org.apache.kerberos.kerb.client.KrbClient;
-
-/**
- * kinit like tool
- */
-public class Kinit {
-
- public static void main(String[] args) throws Exception {
- if (args.length < 2 || args.length > 3) {
- System.err.println(
- "Usage: " + Kinit.class.getSimpleName() +
- " <kdcHost> <kdcPort>");
- return;
- }
-
- final String host = args[0];
- final Integer port = Integer.parseInt(args[1]);
- KrbClient krbClnt = new KrbClient(host, port.shortValue());
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/README
----------------------------------------------------------------------
diff --git a/haox-kerb/README b/haox-kerb/README
deleted file mode 100644
index e0a1507..0000000
--- a/haox-kerb/README
+++ /dev/null
@@ -1,2 +0,0 @@
-A Kerberos protocol and standards implementation with least dependencies (only relying on JCE).
-The provided APIs and facilities can be used as embedded.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-client/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/pom.xml b/haox-kerb/kerb-client/pom.xml
deleted file mode 100644
index 0628d50..0000000
--- a/haox-kerb/kerb-client/pom.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-client</artifactId>
-
- <name>Haox-kerb Client</name>
- <description>Haox-kerb Client</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-common</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-event</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-pkix</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-token</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
[42/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/PersonnelRecord.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/PersonnelRecord.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/PersonnelRecord.java
deleted file mode 100644
index 21df562..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/PersonnelRecord.java
+++ /dev/null
@@ -1,209 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.type.*;
-
-/**
- * Ref. X.690-0207(http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf),
- * Annex A, A.1 ASN.1 description of the record structure
- */
-public class PersonnelRecord extends TaggingSet {
- private static int NAME = 0;
- private static int TITLE = 1;
- private static int NUMBER = 2;
- private static int DATEOFHIRE= 3;
- private static int NAMEOFSPOUSE = 4;
- private static int CHILDREN = 5;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NAME, -1, Name.class),
- new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
- new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
- new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
- new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
- new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
- };
-
- public PersonnelRecord() {
- super(0, fieldInfos, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
-
- public void setName(Name name) {
- setFieldAs(NAME, name);
- }
-
- public Name getName() {
- return getFieldAs(NAME, Name.class);
- }
-
- public void setTitle(String title) {
- setFieldAs(TITLE, new Asn1VisibleString(title));
- }
-
- public String getTitle() {
- return getFieldAsString(TITLE);
- }
-
- public void setEmployeeNumber(EmployeeNumber employeeNumber) {
- setFieldAs(NUMBER, employeeNumber);
- }
-
- public EmployeeNumber getEmployeeNumber() {
- return getFieldAs(NUMBER, EmployeeNumber.class);
- }
-
- public void setDateOfHire(Date dateOfHire) {
- setFieldAs(DATEOFHIRE, dateOfHire);
- }
-
- public Date getDateOfHire() {
- return getFieldAs(DATEOFHIRE, Date.class);
- }
-
- public void setNameOfSpouse(Name spouse) {
- setFieldAs(NAMEOFSPOUSE, spouse);
- }
-
- public Name getNameOfSpouse() {
- return getFieldAs(NAMEOFSPOUSE, Name.class);
- }
-
- public void setChildren(Children children) {
- setFieldAs(CHILDREN, children);
- }
-
- public Children getChildren() {
- return getFieldAs(CHILDREN, Children.class);
- }
-
- public static class Children extends Asn1SequenceOf<ChildInformation> {
- public Children(ChildInformation ... children) {
- super();
- for (ChildInformation child : children) {
- addElement(child);
- }
- }
-
- public Children() {
- super();
- }
- }
-
- public static class ChildInformation extends Asn1SetType {
- private static int NAME = 0;
- private static int DATEOFBIRTH = 1;
-
- static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NAME, -1, Name.class),
- new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
- };
-
- public ChildInformation() {
- super(tags);
- }
-
- public void setName(Name name) {
- setFieldAs(NAME, name);
- }
-
- public Name getName() {
- return getFieldAs(NAME, Name.class);
- }
-
- public void setDateOfBirth(Date date) {
- setFieldAs(DATEOFBIRTH, date);
- }
-
- public Date getDateOfBirth() {
- return getFieldAs(DATEOFBIRTH, Date.class);
- }
- }
-
- public static class Name extends TaggingSequence {
- private static int GIVENNAME = 0;
- private static int INITIAL = 1;
- private static int FAMILYNAME = 2;
-
- static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
- new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
- new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
- new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
- };
-
- public Name() {
- super(1, tags, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
-
- public Name(String givenName, String initial, String familyName) {
- this();
- setGivenName(givenName);
- setInitial(initial);
- setFamilyName(familyName);
- }
-
- public void setGivenName(String givenName) {
- setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
- }
-
- public String getGivenName() {
- return getFieldAsString(GIVENNAME);
- }
-
- public void setInitial(String initial) {
- setFieldAs(INITIAL, new Asn1VisibleString(initial));
- }
-
- public String getInitial() {
- return getFieldAsString(INITIAL);
- }
-
- public void setFamilyName(String familyName) {
- setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
- }
-
- public String getFamilyName() {
- return getFieldAsString(FAMILYNAME);
- }
- }
-
- public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
- public EmployeeNumber(Integer value) {
- super(2, new Asn1Integer(value), true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public EmployeeNumber() {
- this(null);
- }
- }
-
- public static class Date extends Asn1Tagging<Asn1VisibleString> {
- public Date(String value) {
- super(3, new Asn1VisibleString(value), true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public Date() {
- this(null);
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Boolean.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Boolean.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Boolean.java
deleted file mode 100644
index be931ac..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Boolean.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1Boolean;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-public class TestAsn1Boolean {
-
- @Test
- public void testEncoding() {
- testEncodingWith(true, "0x01 01 FF");
- testEncodingWith(false, "0x01 01 00");
- }
-
- private void testEncodingWith(Boolean value, String expectedEncoding) {
- byte[] expected = Util.hex2bytes(expectedEncoding);
- Asn1Boolean aValue = new Asn1Boolean(value);
- aValue.setEncodingOption(EncodingOption.DER);
- byte[] encodingBytes = aValue.encode();
- Assert.assertArrayEquals(expected, encodingBytes);
- }
-
- @Test
- public void testDecoding() throws IOException {
- testDecodingWith(true, "0x01 01 FF");
- testDecodingWith(false, "0x01 01 00");
- }
-
- private void testDecodingWith(Boolean expectedValue, String content) throws IOException {
- Asn1Boolean decoded = new Asn1Boolean();
- decoded.setEncodingOption(EncodingOption.DER);
- decoded.decode(Util.hex2bytes(content));
- Assert.assertEquals(expectedValue, decoded.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Collection.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Collection.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Collection.java
deleted file mode 100644
index feb6608..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Collection.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.*;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-public class TestAsn1Collection {
- static String TEST_STR = "Jones";
- static Boolean TEST_BOOL = true;
- static byte[] EXPECTED_BYTES = new byte[] {(byte) 0x30, (byte) 0x0A,
- (byte) 0x16, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73,
- (byte) 0x01, (byte) 0x01, (byte) 0xFF
- };
-
- @Test
- public void testSequenceEncoding() {
- Asn1Sequence seq = new Asn1Sequence();
- seq.addItem(new Asn1IA5String(TEST_STR));
- seq.addItem(new Asn1Boolean(TEST_BOOL));
-
- Assert.assertArrayEquals(EXPECTED_BYTES, seq.encode());
- }
-
- @Test
- public void testSequenceDecoding() throws IOException {
- Asn1Sequence seq = new Asn1Sequence();
- seq.decode(EXPECTED_BYTES);
- AbstractAsn1Type field = (AbstractAsn1Type) seq.getValue().get(0).getValue();
- Assert.assertEquals(TEST_STR, field.getValue());
-
- field = (AbstractAsn1Type) seq.getValue().get(1).getValue();
- Assert.assertEquals(TEST_BOOL, field.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Input.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Input.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Input.java
deleted file mode 100644
index b74fe7e..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Input.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.junit.Test;
-
-import java.io.IOException;
-
-public class TestAsn1Input {
-
- @Test
- public void testDecoding() throws IOException {
- //PersonnelRecord expected = TestData.createSamplePersonnel();
- byte[] data = TestData.createSammplePersonnelEncodingData();
- //Asn1InputBuffer ib = new Asn1InputBuffer(data);
- Asn1Dump.dump(data);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Integer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Integer.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Integer.java
deleted file mode 100644
index 30a0604..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1Integer.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-public class TestAsn1Integer {
-
- @Test
- public void testEncoding() {
- testEncodingWith(0, "0x02 01 00");
- testEncodingWith(1, "0x02 01 01");
- testEncodingWith(2, "0x02 01 02");
- testEncodingWith(127, "0x02 01 7F");
- testEncodingWith(128, "0x02 02 00 80");
- testEncodingWith(-1, "0x02 01 FF");
- testEncodingWith(-128, "0x02 01 80");
- testEncodingWith(-32768, "0x02 02 80 00");
- testEncodingWith(1234567890, "0x02 04 49 96 02 D2");
- }
-
- private void testEncodingWith(int value, String expectedEncoding) {
- byte[] expected = Util.hex2bytes(expectedEncoding);
- Asn1Integer aValue = new Asn1Integer(value);
- aValue.setEncodingOption(EncodingOption.DER);
- byte[] encodingBytes = aValue.encode();
- Assert.assertArrayEquals(expected, encodingBytes);
- }
-
- @Test
- public void testDecoding() throws IOException {
- testDecodingWith(0, "0x02 01 00");
- testDecodingWith(1, "0x02 01 01");
- testDecodingWith(2, "0x02 01 02");
- testDecodingWith(127, "0x02 01 7F");
- testDecodingWith(128, "0x02 02 00 80");
- testDecodingWith(-1, "0x02 01 FF");
- testDecodingWith(-128, "0x02 01 80");
- testDecodingWith(-32768, "0x02 02 80 00");
- testDecodingWith(1234567890, "0x02 04 49 96 02 D2");
- }
-
- private void testDecodingWith(Integer expectedValue, String content) throws IOException {
- Asn1Integer decoded = new Asn1Integer();
- decoded.setEncodingOption(EncodingOption.DER);
- decoded.decode(Util.hex2bytes(content));
- Assert.assertEquals(expectedValue, decoded.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1ObjectIdentifier.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1ObjectIdentifier.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1ObjectIdentifier.java
deleted file mode 100644
index a45482f..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1ObjectIdentifier.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1ObjectIdentifier;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-public class TestAsn1ObjectIdentifier {
-
- @Test
- public void testEncoding() throws Exception {
- /**
- * Cryptography for Developers -> ASN.1 UTCTIME Type
- * Applying this to the MD5 OID, we first transform the dotted decimal form into the
- * array of words.Thus, 1.2.840.113549.2.5 becomes {42, 840, 113549, 2, 5}, and then further
- * 404_CRYPTO_02.qxd 10/27/06 3:40 PM Page 36split into seven-bit digits with the proper most significant bits as
- * {{0x2A}, {0x86, 0x48},{0x86, 0xF7, 0x0D}, {0x02}, {0x05}}.Therefore, the full encoding for MD5 is 0x06 08 2A
- * 86 48 86 F7 0D 02 05.
- */
- testEncodingWith("1.2.840.113549.2.5",
- "0x06 08 2A 86 48 86 F7 0D 02 05");
- }
-
- private void testEncodingWith(String oid, String expectedEncoding) {
- byte[] expected = Util.hex2bytes(expectedEncoding);
- Asn1ObjectIdentifier aValue = new Asn1ObjectIdentifier(oid);
- aValue.setEncodingOption(EncodingOption.DER);
- byte[] encodingBytes = aValue.encode();
- Assert.assertArrayEquals(expected, encodingBytes);
- }
-
- @Test
- public void testDecoding() throws Exception {
- testDecodingWith("1.2.840.113549.2.5",
- "0x06 08 2A 86 48 86 F7 0D 02 05");
- }
-
- private void testDecodingWith(String expectedValue, String content) throws IOException {
- Asn1ObjectIdentifier decoded = new Asn1ObjectIdentifier();
- decoded.setEncodingOption(EncodingOption.DER);
- decoded.decode(Util.hex2bytes(content));
- Assert.assertEquals(expectedValue, decoded.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1UtcTime.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1UtcTime.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1UtcTime.java
deleted file mode 100644
index 1f86492..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestAsn1UtcTime.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.type.Asn1UtcTime;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.SimpleTimeZone;
-
-public class TestAsn1UtcTime {
-
- @Test
- public void testEncoding() throws Exception {
- /**
- * Cryptography for Developers -> ASN.1 UTCTIME Type
- * the encoding of July 4, 2003 at 11:33 and 28 seconds would be
- “030704113328Z” and be encoded as 0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A.
- */
- SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- String dateInString = "2003-07-04 11:33:28";
- Date date = sdf.parse(dateInString);
- testEncodingWith(date, "0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A");
- }
-
- private void testEncodingWith(Date value, String expectedEncoding) {
- byte[] expected = Util.hex2bytes(expectedEncoding);
- Asn1UtcTime aValue = new Asn1UtcTime(value);
- aValue.setEncodingOption(EncodingOption.DER);
- byte[] encodingBytes = aValue.encode();
- Assert.assertArrayEquals(expected, encodingBytes);
- }
-
- @Test
- public void testDecoding() throws Exception {
- SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
- String dateInString = "2003-07-04 11:33:28";
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- Date date = sdf.parse(dateInString);
- testDecodingWith(date, "0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A");
- }
-
- private void testDecodingWith(Date expectedValue, String content) throws IOException {
- Asn1UtcTime decoded = new Asn1UtcTime();
- decoded.setEncodingOption(EncodingOption.DER);
- decoded.decode(Util.hex2bytes(content));
- Assert.assertEquals(expectedValue, decoded.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestData.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestData.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestData.java
deleted file mode 100644
index d0d8cd3..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestData.java
+++ /dev/null
@@ -1,129 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.PersonnelRecord.*;
-
-import java.nio.ByteBuffer;
-import java.nio.charset.StandardCharsets;
-
-public class TestData {
-
- public static PersonnelRecord createSamplePersonnel() {
- PersonnelRecord pr = new PersonnelRecord();
-
- pr.setName(new Name("John", "P", "Smith"));
-
- pr.setTitle("Director");
-
- pr.setEmployeeNumber(new EmployeeNumber(51));
-
- pr.setDateOfHire(new Date("19710917"));
-
- pr.setNameOfSpouse(new Name("Mary", "T", "Smith"));
-
- ChildInformation child1 = new ChildInformation();
- child1.setName(new Name("Ralph", "T", "Smith"));
- child1.setDateOfBirth(new Date("19571111"));
-
- ChildInformation child2 = new ChildInformation();
- child2.setName(new Name("Susan", "B", "Jones"));
- child2.setDateOfBirth(new Date("19590717"));
-
- pr.setChildren(new Children(child1, child2));
-
- return pr;
- }
-
- public static byte[] createSammplePersonnelEncodingData() {
- class BufferOutput {
- ByteBuffer buffer;
-
- void put(byte ... bytes) {
- buffer.put(bytes);
- }
-
- void put(String s) {
- byte[] bytes = s.getBytes(StandardCharsets.US_ASCII);
- buffer.put(bytes);
- }
-
- public byte[] output() {
- int len = (int) 0x85 + 3;
- buffer = ByteBuffer.allocate(len);
-
- // personnel record
- put((byte) 0x60, (byte) 0x81, (byte) 0x85);
-
- // -name
- put((byte) 0x61, (byte) 0x10);
- put((byte) 0x1A, (byte) 0x04); put("John");
- put((byte) 0x1A, (byte) 0x01); put("P");
- put((byte) 0x1A, (byte) 0x05); put("Smith");
-
- //-title
- put((byte) 0xA0, (byte) 0x0A);
- put((byte) 0x1A, (byte) 0x08); put("Director");
-
- //-employee number
- put((byte) 0x42, (byte) 0x01, (byte) 0x33);
-
- //-date of hire
- put((byte) 0xA1, (byte) 0x0A);
- put((byte) 0x43, (byte) 0x08); put("19710917");
-
- //-spouse
- put((byte) 0xA2, (byte) 0x12);
- put((byte) 0x61, (byte) 0x10);
- put((byte) 0x1A, (byte) 0x04); put("Mary");
- put((byte) 0x1A, (byte) 0x01); put("T");
- put((byte) 0x1A, (byte) 0x05); put("Smith");
-
- //-children
- put((byte) 0xA3, (byte) 0x42);
- //--child 1
- put((byte) 0x31, (byte) 0x1F);
- //---name
- put((byte) 0x61, (byte) 0x11);
- put((byte) 0x1A, (byte) 0x05); put("Ralph");
- put((byte) 0x1A, (byte) 0x01); put("T");
- put((byte) 0x1A, (byte) 0x05); put("Smith");
- //-date of birth
- put((byte) 0xA0, (byte) 0x0A);
- put((byte) 0x43, (byte) 0x08); put("19571111");
- //--child 2
- put((byte) 0x31, (byte) 0x1F);
- //---name
- put((byte) 0x61, (byte) 0x11);
- put((byte) 0x1A, (byte) 0x05); put("Susan");
- put((byte) 0x1A, (byte) 0x01); put("B");
- put((byte) 0x1A, (byte) 0x05); put("Jones");
- //-date of birth
- put((byte) 0xA0, (byte) 0x0A);
- put((byte) 0x43, (byte) 0x08); put("19590717");
-
- return buffer.array();
- }
- }
-
- BufferOutput buffer = new BufferOutput();
- return buffer.output();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestPersonnelRecord.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestPersonnelRecord.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestPersonnelRecord.java
deleted file mode 100644
index 1df46d9..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestPersonnelRecord.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-/**
- * Ref. X.690-0207(http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf),
- * Annex A, A.1 ASN.1 description of the record structure
- */
-public class TestPersonnelRecord {
-
- static boolean verbose = false;
-
- @Test
- public void testEncoding() {
- PersonnelRecord pr = TestData.createSamplePersonnel();
-
- if (verbose) {
- System.out.println("Name:");
- System.out.println(Util.bytesToHex(pr.getName().encode()));
-
- /*
- System.out.println("Title:");
- System.out.println(Util.bytesToHex(pr.getFieldAs(1, Asn1VisibleString.class).encode()));
-
- System.out.println("EmployeeNumber:");
- System.out.println(Util.bytesToHex(pr.getFieldAs(2, EmployeeNumber.class).encode()));
- */
-
- System.out.println("DateOfHire:");
- System.out.println(Util.bytesToHex(pr.getDateOfHire().encode()));
-
- System.out.println("SpouseName:");
- System.out.println(Util.bytesToHex(pr.getNameOfSpouse().encode()));
-
- System.out.println("Child1:");
- System.out.println(Util.bytesToHex(pr.getChildren().getElements().get(0).encode()));
-
- System.out.println("Child2:");
- System.out.println(Util.bytesToHex(pr.getChildren().getElements().get(1).encode()));
-
- System.out.println("Children:");
- System.out.println(Util.bytesToHex(pr.getChildren().encode()));
- }
-
- byte[] data = TestData.createSammplePersonnelEncodingData();
- byte[] encoded = pr.encode();
-
- if (verbose) {
- System.out.println("ExpectedData:");
- System.out.println(Util.bytesToHex(data));
-
- System.out.println("Encoded:");
- System.out.println(Util.bytesToHex(encoded));
- }
-
- Assert.assertArrayEquals(data, encoded);
- }
-
- @Test
- public void testDecoding() throws IOException {
- PersonnelRecord expected = TestData.createSamplePersonnel();
- byte[] data = TestData.createSammplePersonnelEncodingData();
- PersonnelRecord decoded = new PersonnelRecord();
- decoded.decode(data);
-
- Assert.assertEquals(expected.getName().getGivenName(),
- decoded.getName().getGivenName());
- Assert.assertEquals(expected.getName().getInitial(),
- decoded.getName().getInitial());
- Assert.assertEquals(expected.getName().getFamilyName(),
- decoded.getName().getFamilyName());
-
- Assert.assertEquals(expected.getDateOfHire().getValue().getValue(),
- decoded.getDateOfHire().getValue().getValue());
- Assert.assertEquals(expected.getTitle(), decoded.getTitle());
- Assert.assertEquals(expected.getEmployeeNumber().getValue().getValue(),
- decoded.getEmployeeNumber().getValue().getValue());
-
- Assert.assertEquals(expected.getNameOfSpouse().getGivenName(),
- decoded.getNameOfSpouse().getGivenName());
- Assert.assertEquals(expected.getNameOfSpouse().getInitial(),
- decoded.getNameOfSpouse().getInitial());
- Assert.assertEquals(expected.getNameOfSpouse().getFamilyName(),
- decoded.getNameOfSpouse().getFamilyName());
-
- Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getGivenName(),
- decoded.getChildren().getElements().get(0).getName().getGivenName());
- Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getInitial(),
- decoded.getChildren().getElements().get(0).getName().getInitial());
- Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getFamilyName(),
- decoded.getChildren().getElements().get(0).getName().getFamilyName());
- Assert.assertEquals(expected.getChildren().getElements().get(0).getDateOfBirth().getValue().getValue(),
- decoded.getChildren().getElements().get(0).getDateOfBirth().getValue().getValue());
-
- Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getGivenName(),
- decoded.getChildren().getElements().get(1).getName().getGivenName());
- Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getInitial(),
- decoded.getChildren().getElements().get(1).getName().getInitial());
- Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getFamilyName(),
- decoded.getChildren().getElements().get(1).getName().getFamilyName());
- Assert.assertEquals(expected.getChildren().getElements().get(1).getDateOfBirth().getValue().getValue(),
- decoded.getChildren().getElements().get(1).getDateOfBirth().getValue().getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestTaggingEncoding.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestTaggingEncoding.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestTaggingEncoding.java
deleted file mode 100644
index ecab078..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/TestTaggingEncoding.java
+++ /dev/null
@@ -1,205 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.TaggingOption;
-import org.apache.haox.asn1.type.Asn1Tagging;
-import org.apache.haox.asn1.type.Asn1VisibleString;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-/**
- Ref. X.690-0207 8.14 Encoding of a tagged value
- EXAMPLE
- With ASN.1 type definitions (in an explicit tagging environment) of:
- Type1 ::= VisibleString
- Type2 ::= [APPLICATION 3] IMPLICIT Type1
- Type3 ::= [2] Type2
- Type4 ::= [APPLICATION 7] IMPLICIT Type3
- Type5 ::= [2] IMPLICIT Type2
- a value of:
- "Jones"
- is encoded as follows:
- For Type1:
- VisibleString Length Contents
- 1A16 0516 4A6F6E657316
- For Type2:
- [Application 3] Length Contents
- 4316 0516 4A6F6E657316
- For Type3:
- [2] Length Contents
- A216 0716
- [APPLICATION 3] Length Contents
- 4316 0516 4A6F6E657316
- For Type4:
- [Application 7] Length Contents
- 6716 0716
- [APPLICATION 3] Length Contents
- 4316 0516 4A6F6E657316
- For Type5:
- [2] Length Contents
- 8216 0516 4A6F6E657316
- */
-
-public class TestTaggingEncoding {
- static final String TEST_STRING = "Jones";
- static byte[] TYPE1_EXPECTED_BYTES = new byte[] {(byte) 0x1A, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
- static byte[] TYPE2_EXPECTED_BYTES = new byte[] {(byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
- static byte[] TYPE3_EXPECTED_BYTES = new byte[] {(byte) 0xA2, (byte) 0x07, (byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
- static byte[] TYPE4_EXPECTED_BYTES = new byte[] {(byte) 0x67, (byte) 0x07, (byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
- static byte[] TYPE5_EXPECTED_BYTES = new byte[] {(byte) 0x82, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
-
-
- public static class Type1 extends Asn1VisibleString {
- public Type1(String value) {
- super(value);
- }
- public Type1() {
- this(null);
- }
- }
-
- public static class Type2 extends Asn1Tagging<Type1> {
- public Type2(Type1 value) {
- super(3, value, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public Type2() {
- this(null);
- }
- }
-
- public static class Type3 extends Asn1Tagging<Type2> {
- public Type3(Type2 value) {
- super(2, value, false);
- setEncodingOption(EncodingOption.EXPLICIT);
- }
- public Type3() {
- this(null);
- }
- }
-
- public static class Type4 extends Asn1Tagging<Type3> {
- public Type4(Type3 value) {
- super(7, value, true);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public Type4() {
- this(null);
- }
- }
-
- public static class Type5 extends Asn1Tagging<Type2> {
- public Type5(Type2 value) {
- super(2, value, false);
- setEncodingOption(EncodingOption.IMPLICIT);
- }
- public Type5() {
- this(null);
- }
- }
-
- @Test
- public void testAsn1TaggingEncoding() {
- Type1 aType1 = new Type1(TEST_STRING);
- Type2 aType2 = new Type2(aType1);
- Type3 aType3 = new Type3(aType2);
- Type4 aType4 = new Type4(aType3);
- Type5 aType5 = new Type5(aType2);
-
- Assert.assertArrayEquals(TYPE1_EXPECTED_BYTES, aType1.encode());
- Assert.assertArrayEquals(TYPE2_EXPECTED_BYTES, aType2.encode());
- Assert.assertArrayEquals(TYPE3_EXPECTED_BYTES, aType3.encode());
- Assert.assertArrayEquals(TYPE4_EXPECTED_BYTES, aType4.encode());
- Assert.assertArrayEquals(TYPE5_EXPECTED_BYTES, aType5.encode());
- }
-
- @Test
- public void testAsn1TaggingDecoding() throws IOException {
- Type1 aType1 = new Type1();
- aType1.decode(TYPE1_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType1.getValue());
-
- Type2 aType2 = new Type2();
- aType2.decode(TYPE2_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
-
- Type3 aType3 = new Type3();
- aType3.decode(TYPE3_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType3.getValue().getValue().getValue());
-
- Type4 aType4 = new Type4();
- aType4.decode(TYPE4_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType4.getValue().getValue().getValue().getValue());
-
- Type5 aType5 = new Type5();
- aType5.decode(TYPE5_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType5.getValue().getValue().getValue());
- }
-
- @Test
- public void testTaggingEncodingOption() {
- Type1 aType1 = new Type1(TEST_STRING);
- Type2 aType2 = new Type2(aType1);
- Type3 aType3 = new Type3(aType2);
- Type4 aType4 = new Type4(aType3);
- Type5 aType5 = new Type5(aType2);
-
- Assert.assertArrayEquals(TYPE1_EXPECTED_BYTES, aType1.encode());
- Assert.assertArrayEquals(TYPE2_EXPECTED_BYTES,
- aType1.taggedEncode(TaggingOption.newImplicitAppSpecific(3))); // for Type2
- Assert.assertArrayEquals(TYPE3_EXPECTED_BYTES,
- aType2.taggedEncode(TaggingOption.newExplicitContextSpecific(2))); // for Type3
- Assert.assertArrayEquals(TYPE4_EXPECTED_BYTES,
- aType3.taggedEncode(TaggingOption.newImplicitAppSpecific(7))); // for Type4
- Assert.assertArrayEquals(TYPE5_EXPECTED_BYTES,
- aType2.taggedEncode(TaggingOption.newImplicitContextSpecific(2))); // for Type5
- }
-
- @Test
- public void testTaggingDecodingOption() throws IOException {
- Type1 aType1 = new Type1();
- aType1.decode(TYPE1_EXPECTED_BYTES);
- Assert.assertEquals(TEST_STRING, aType1.getValue());
-
- // for Type2
- aType1 = new Type1();
- aType1.taggedDecode(TYPE2_EXPECTED_BYTES, TaggingOption.newImplicitAppSpecific(3));
- Assert.assertEquals(TEST_STRING, aType1.getValue());
-
- // for Type3
- Type2 aType2 = new Type2();
- aType2.taggedDecode(TYPE3_EXPECTED_BYTES, TaggingOption.newExplicitContextSpecific(2));
- Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
-
- // for Type4
- Type3 aType3 = new Type3();
- aType3.taggedDecode(TYPE4_EXPECTED_BYTES, TaggingOption.newImplicitAppSpecific(7));
- Assert.assertEquals(TEST_STRING, aType3.getValue().getValue().getValue());
-
- // for Type5
- aType2 = new Type2();
- aType2.taggedDecode(TYPE5_EXPECTED_BYTES, TaggingOption.newImplicitContextSpecific(2));
- Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/Util.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/Util.java b/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/Util.java
deleted file mode 100644
index 695bdd0..0000000
--- a/contrib/haox-asn1/src/test/java/org/apache/haox/asn1/Util.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1;
-
-public class Util {
-
- final static String HEX_CHARS_STR = "0123456789ABCDEF";
- final static char[] HEX_CHARS = HEX_CHARS_STR.toCharArray();
-
- /**
- * Convert bytes into format as:
- * 0x02 02 00 80
- */
- public static String bytesToHex(byte[] bytes) {
- int len = bytes.length * 2;
- len += bytes.length; // for ' ' appended for each char
- len += 2; // for '0x' prefix
- char[] hexChars = new char[len];
- hexChars[0] = '0';
- hexChars[1] = 'x';
- for ( int j = 0; j < bytes.length; j++ ) {
- int v = bytes[j] & 0xFF;
- hexChars[j * 3 + 2] = HEX_CHARS[v >>> 4];
- hexChars[j * 3 + 3] = HEX_CHARS[v & 0x0F];
- hexChars[j * 3 + 4] = ' ';
- }
-
- return new String(hexChars);
- }
-
- /**
- * Convert hex string like follows into byte array
- * 0x02 02 00 80
- */
- public static byte[] hex2bytes(String hexString) {
- hexString = hexString.toUpperCase();
- String hexStr = hexString;
- if (hexString.startsWith("0X")) {
- hexStr = hexString.substring(2);
- }
- String[] hexParts = hexStr.split(" ");
-
- byte[] bytes = new byte[hexParts.length];
- char[] hexPart;
- for (int i = 0; i < hexParts.length; ++i) {
- hexPart = hexParts[i].toCharArray();
- if (hexPart.length != 2) {
- throw new IllegalArgumentException("Invalid hex string to convert");
- }
- bytes[i] = (byte) ((HEX_CHARS_STR.indexOf(hexPart[0]) << 4) + HEX_CHARS_STR.indexOf(hexPart[1]));
- }
-
- return bytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/README
----------------------------------------------------------------------
diff --git a/contrib/haox-config/README b/contrib/haox-config/README
deleted file mode 100644
index 37eb019..0000000
--- a/contrib/haox-config/README
+++ /dev/null
@@ -1 +0,0 @@
-An unified configuration API that crosses various popular configuration formats like XML, JSON, INI and etc.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/pom.xml
----------------------------------------------------------------------
diff --git a/contrib/haox-config/pom.xml b/contrib/haox-config/pom.xml
deleted file mode 100644
index cb90408..0000000
--- a/contrib/haox-config/pom.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>contrib</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>haox-config</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/Conf.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/Conf.java b/contrib/haox-config/src/main/java/org/apache/haox/config/Conf.java
deleted file mode 100644
index caa9651..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/Conf.java
+++ /dev/null
@@ -1,285 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.*;
-
-public class Conf implements Config {
- private static final Logger logger = LoggerFactory.getLogger(Conf.class);
-
- private List<ConfigLoader> resourceConfigs;
- private final ConfigImpl config;
- private boolean needReload;
-
- public Conf() {
- this.resourceConfigs = new ArrayList<ConfigLoader>(1);
- this.config = new ConfigImpl("Conf");
- this.needReload = true;
- }
-
- public void addXmlConfig(File xmlFile) throws IOException {
- addResource(Resource.createXmlResource(xmlFile));
- }
-
- public void addIniConfig(File iniFile) throws IOException {
- addResource(Resource.createIniResource(iniFile));
- }
-
- public void addJsonConfig(File jsonFile) throws IOException {
- addResource(Resource.createJsonResource(jsonFile));
- }
-
- public void addPropertiesConfig(File propertiesFile) throws IOException {
- addResource(Resource.createPropertiesFileResource(propertiesFile));
- }
-
- public void addPropertiesConfig(Properties propertiesConfig) {
- addResource(Resource.createPropertiesResource(propertiesConfig));
- }
-
- public void addMapConfig(Map<String, String> mapConfig) {
- addResource(Resource.createMapResource(mapConfig));
- }
-
- public void addResource(Resource resource) {
- ConfigLoader loader = getLoader(resource);
- resourceConfigs.add(loader);
- needReload = true;
- }
-
- private static ConfigLoader getLoader(Resource resource) {
- ConfigLoader loader = null;
-
- Class<? extends ConfigLoader> loaderClass = resource.getFormat().getLoaderClass();
- try {
- loader = loaderClass.newInstance();
- } catch (Exception e) {
- throw new RuntimeException("Failed to create org.haox.config loader for " + loaderClass.getName(), e);
- }
- loader.setResource(resource);
- return loader;
- }
-
- private void checkAndLoad() {
- if (needReload) {
- reload();
- needReload = false;
- }
- }
-
- public void reload() {
- config.reset();
- if (resourceConfigs.size() == 1) {
- ConfigLoader loader = resourceConfigs.get(0);
- loader.setConfig(config);
- loader.load();
- } else {
- for (ConfigLoader loader : resourceConfigs) {
- Config loaded = loader.load();
- config.add(loaded);
- }
- }
- }
-
- @Override
- public String getResource() {
- checkAndLoad();
- return config.getResource();
- }
-
- @Override
- public Set<String> getNames() {
- checkAndLoad();
- return config.getNames();
- }
-
- @Override
- public String getString(String name) {
- checkAndLoad();
- return config.getString(name);
- }
-
- @Override
- public String getString(ConfigKey name) {
- checkAndLoad();
- return config.getString(name);
- }
-
- @Override
- public String getString(String name, String defaultValue) {
- checkAndLoad();
- return config.getString(name, defaultValue);
- }
-
- @Override
- public String getTrimmed(String name) {
- checkAndLoad();
- return config.getTrimmed(name);
- }
-
- @Override
- public String getTrimmed(ConfigKey name) {
- checkAndLoad();
- return config.getTrimmed(name);
- }
-
- @Override
- public Boolean getBoolean(String name) {
- checkAndLoad();
- return config.getBoolean(name);
- }
-
- @Override
- public Boolean getBoolean(ConfigKey name) {
- checkAndLoad();
- return config.getBoolean(name);
- }
-
- @Override
- public Boolean getBoolean(String name, boolean defaultValue) {
- checkAndLoad();
- return config.getBoolean(name, defaultValue);
- }
-
- @Override
- public Integer getInt(String name) {
- checkAndLoad();
- return config.getInt(name);
- }
-
- @Override
- public Integer getInt(ConfigKey name) {
- checkAndLoad();
- return config.getInt(name);
- }
-
- @Override
- public Integer getInt(String name, int defaultValue) {
- checkAndLoad();
- return config.getInt(name, defaultValue);
- }
-
- @Override
- public Long getLong(String name) {
- checkAndLoad();
- return config.getLong(name);
- }
-
- @Override
- public Long getLong(ConfigKey name) {
- checkAndLoad();
- return config.getLong(name);
- }
-
- @Override
- public Long getLong(String name, long defaultValue) {
- checkAndLoad();
- return config.getLong(name, defaultValue);
- }
-
- @Override
- public Float getFloat(String name) {
- checkAndLoad();
- return config.getFloat(name);
- }
-
- @Override
- public Float getFloat(ConfigKey name) {
- checkAndLoad();
- return config.getFloat(name);
- }
-
- @Override
- public Float getFloat(String name, float defaultValue) {
- checkAndLoad();
- return config.getFloat(name, defaultValue);
- }
-
- @Override
- public List<String> getList(String name) {
- checkAndLoad();
- return config.getList(name);
- }
-
- @Override
- public List<String> getList(String name, String[] defaultValue) {
- checkAndLoad();
- return config.getList(name, defaultValue);
- }
-
- @Override
- public List<String> getList(ConfigKey name) {
- checkAndLoad();
- return config.getList(name);
- }
-
- @Override
- public Config getConfig(String name) {
- checkAndLoad();
- return config.getConfig(name);
- }
-
- @Override
- public Config getConfig(ConfigKey name) {
- checkAndLoad();
- return config.getConfig(name);
- }
-
- @Override
- public Class<?> getClass(String name) throws ClassNotFoundException {
- checkAndLoad();
- return config.getClass(name);
- }
-
- @Override
- public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException {
- checkAndLoad();
- return config.getClass(name, defaultValue);
- }
-
- @Override
- public Class<?> getClass(ConfigKey name) throws ClassNotFoundException {
- checkAndLoad();
- return config.getClass(name);
- }
-
- @Override
- public <T> T getInstance(String name) throws ClassNotFoundException {
- checkAndLoad();
- return config.getInstance(name);
- }
-
- @Override
- public <T> T getInstance(ConfigKey name) throws ClassNotFoundException {
- checkAndLoad();
- return config.getInstance(name);
- }
-
- @Override
- public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException {
- checkAndLoad();
- return config.getInstance(name, xface);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/Config.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/Config.java b/contrib/haox-config/src/main/java/org/apache/haox/config/Config.java
deleted file mode 100644
index f8c32f1..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/Config.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.util.List;
-import java.util.Set;
-
-public interface Config {
- public String getResource();
- public Set<String> getNames();
-
- public String getString(String name);
- public String getString(ConfigKey name);
- public String getString(String name, String defaultValue);
- public String getTrimmed(String name);
- public String getTrimmed(ConfigKey name);
- public Boolean getBoolean(String name);
- public Boolean getBoolean(ConfigKey name);
- public Boolean getBoolean(String name, boolean defaultValue);
- public Integer getInt(String name);
- public Integer getInt(ConfigKey name);
- public Integer getInt(String name, int defaultValue);
- public Long getLong(String name);
- public Long getLong(ConfigKey name);
- public Long getLong(String name, long defaultValue);
- public Float getFloat(String name);
- public Float getFloat(ConfigKey name);
- public Float getFloat(String name, float defaultValue);
- public List<String> getList(String name);
- public List<String> getList(String name, String[] defaultValue);
- public List<String> getList(ConfigKey name);
- public Config getConfig(String name);
- public Config getConfig(ConfigKey name);
-
- public Class<?> getClass(String name) throws ClassNotFoundException;
- public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException;
- public Class<?> getClass(ConfigKey name) throws ClassNotFoundException;
- public <T> T getInstance(String name) throws ClassNotFoundException;
- public <T> T getInstance(ConfigKey name) throws ClassNotFoundException;
- public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigImpl.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigImpl.java b/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigImpl.java
deleted file mode 100644
index ad031a0..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigImpl.java
+++ /dev/null
@@ -1,346 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
-
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.*;
-
-public class ConfigImpl implements Config {
- private static final Logger logger = LoggerFactory.getLogger(Config.class);
-
- private String resource;
- private Map<String, ConfigObject> properties;
- /**
- * Config resources
- */
- private List<Config> configs;
-
- private Set<String> propNames;
-
- protected ConfigImpl(String resource) {
- this.resource = resource;
- this.properties = new HashMap<String, ConfigObject>();
- this.configs = new ArrayList<Config>(0);
- }
-
- protected void reset() {
- this.properties.clear();
- this.configs.clear();
- }
-
- @Override
- public String getResource() {
- return resource;
- }
-
- @Override
- public Set<String> getNames() {
- reloadNames();
- return propNames;
- }
-
- @Override
- public String getString(String name) {
- String result = null;
-
- ConfigObject co = properties.get(name);
- if (co != null) {
- result = co.getPropertyValue();
- }
-
- if (result == null) {
- for (Config config : configs) {
- result = config.getString(name);
- if (result != null) break;
- }
- }
-
- return result;
- }
-
- @Override
- public String getString(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getString(name.getPropertyKey(), (String) name.getDefaultValue());
- }
- return getString(name.getPropertyKey());
- }
-
- @Override
- public String getString(String name, String defaultValue) {
- String result = getString(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public String getTrimmed(String name) {
- String result = getString(name);
- if (null != result) {
- result = result.trim();
- }
- return result;
- }
-
- @Override
- public String getTrimmed(ConfigKey name) {
- return getTrimmed(name.getPropertyKey());
- }
-
- @Override
- public Integer getInt(String name) {
- Integer result = null;
- String value = getTrimmed(name);
- if (value != null) {
- result = Integer.valueOf(value);
- }
- return result;
- }
-
- @Override
- public Integer getInt(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getInt(name.getPropertyKey(), (Integer) name.getDefaultValue());
- }
- return getInt(name.getPropertyKey());
- }
-
- @Override
- public Integer getInt(String name, int defaultValue) {
- Integer result = getInt(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public Long getLong(String name) {
- Long result = null;
- String value = getTrimmed(name);
- if (value != null) {
- result = Long.valueOf(value);
- }
- return result;
- }
-
- @Override
- public Long getLong(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getLong(name.getPropertyKey(), (Long) name.getDefaultValue());
- }
- return getLong(name.getPropertyKey());
- }
-
- @Override
- public Long getLong(String name, long defaultValue) {
- Long result = getLong(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public Float getFloat(String name) {
- Float result = null;
- String value = getTrimmed(name);
- if (value != null) {
- result = Float.valueOf(value);
- }
- return result;
- }
-
- @Override
- public Float getFloat(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getFloat(name.getPropertyKey(), (Float) name.getDefaultValue());
- }
- return getFloat(name.getPropertyKey());
- }
-
- @Override
- public Float getFloat(String name, float defaultValue) {
- Float result = getFloat(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public Boolean getBoolean(String name) {
- Boolean result = null;
- String value = getTrimmed(name);
- if (value != null) {
- result = Boolean.valueOf(value);
- }
- return result;
- }
-
- @Override
- public Boolean getBoolean(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getBoolean(name.getPropertyKey(), (Boolean) name.getDefaultValue());
- }
- return getBoolean(name.getPropertyKey());
- }
-
- @Override
- public Boolean getBoolean(String name, boolean defaultValue) {
- Boolean result = getBoolean(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public List<String> getList(String name) {
- List<String> results = null;
- ConfigObject co = properties.get(name);
- if (co != null) {
- results = co.getListValues();
- }
- return results;
- }
-
- @Override
- public List<String> getList(String name, String[] defaultValue) {
- List<String> results = getList(name);
- if (results == null) {
- results = Arrays.asList(defaultValue);
- }
- return results;
- }
-
- @Override
- public List<String> getList(ConfigKey name) {
- if (name.getDefaultValue() != null) {
- return getList(name.getPropertyKey(), (String[]) name.getDefaultValue());
- }
- return getList(name.getPropertyKey());
- }
-
- @Override
- public Config getConfig(String name) {
- Config result = null;
- ConfigObject co = properties.get(name);
- if (co != null) {
- result = co.getConfigValue();
- }
- return result;
- }
-
- @Override
- public Config getConfig(ConfigKey name) {
- return getConfig(name.getPropertyKey());
- }
-
- @Override
- public Class<?> getClass(String name) throws ClassNotFoundException {
- Class<?> result = null;
-
- String valueString = getString(name);
- if (valueString != null) {
- Class<?> cls = Class.forName(name);
- result = cls;
- }
-
- return result;
- }
-
- @Override
- public Class<?> getClass(String name, Class<?> defaultValue) throws ClassNotFoundException {
- Class<?> result = getClass(name);
- if (result == null) {
- result = defaultValue;
- }
- return result;
- }
-
- @Override
- public Class<?> getClass(ConfigKey name) throws ClassNotFoundException {
- if (name.getDefaultValue() != null) {
- return getClass(name.getPropertyKey(), (Class<?>) name.getDefaultValue());
- }
- return getClass(name.getPropertyKey());
- }
-
- @Override
- public <T> T getInstance(String name) throws ClassNotFoundException {
- return getInstance(name, null);
- }
-
- @Override
- public <T> T getInstance(ConfigKey name) throws ClassNotFoundException {
- return getInstance(name.getPropertyKey());
- }
-
- @Override
- public <T> T getInstance(String name, Class<T> xface) throws ClassNotFoundException {
- T result = null;
-
- Class<?> cls = getClass(name, null);
- if (xface != null && !xface.isAssignableFrom(cls)) {
- throw new RuntimeException(cls + " does not implement " + xface);
- }
- try {
- result = (T) cls.newInstance();
- } catch (Exception e) {
- throw new RuntimeException("Failed to create instance with class " + cls.getName());
- }
-
- return result;
- }
-
- protected void set(String name, String value) {
- ConfigObject co = new ConfigObject(value);
- set(name, co);
- }
-
- protected void set(String name, Config value) {
- ConfigObject co = new ConfigObject(value);
- set(name, co);
- }
-
- protected void set(String name, ConfigObject value) {
- this.properties.put(name, value);
- }
-
- protected void add(Config config) {
- this.configs.add(config);
- }
-
- private void reloadNames() {
- if (propNames != null) {
- propNames.clear();
- }
- propNames = new HashSet<String>(properties.keySet());
- for (Config config : configs) {
- propNames.addAll(config.getNames());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigKey.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigKey.java b/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigKey.java
deleted file mode 100644
index 838a34c..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigKey.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-public interface ConfigKey {
- public String getPropertyKey();
- public Object getDefaultValue();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigLoader.java
deleted file mode 100644
index 5f21cc9..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigLoader.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-public abstract class ConfigLoader {
- private Resource resource;
- private ConfigImpl config;
-
- protected void setResource(Resource resource) {
- this.resource = resource;
- }
-
- protected void setConfig(ConfigImpl config) {
- this.config = config;
- }
-
- public Config load() {
- if (config == null) {
- config = new ConfigImpl(resource.getName());
- }
- config.reset();
-
- try {
- loadConfig(config, resource);
- } catch (Exception e) {
- throw new RuntimeException("Failed to load org.haox.config", e);
- }
-
- return this.config;
- }
-
- protected abstract void loadConfig(ConfigImpl config, Resource resource) throws Exception;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigObject.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigObject.java b/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigObject.java
deleted file mode 100644
index 2f74e5b..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/ConfigObject.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class ConfigObject {
- protected static enum VALUE_TYPE { PROPERTY, LIST, CONFIG };
-
- private VALUE_TYPE valueType;
- private Object value;
-
- public ConfigObject(String value) {
- this.value = value;
- this.valueType = VALUE_TYPE.PROPERTY;
- }
-
- public ConfigObject(String[] values) {
- List<String> valuesList = new ArrayList<String>();
- for (String v : values) {
- valuesList.add(v);
- }
-
- this.value = valuesList;
- this.valueType = VALUE_TYPE.LIST;
- }
-
- public ConfigObject(List<String> values) {
- this.value = new ArrayList<String>(values);
- this.valueType = VALUE_TYPE.LIST;
- }
-
- public ConfigObject(Config value) {
- this.value = value;
- this.valueType = VALUE_TYPE.CONFIG;
- }
-
- public String getPropertyValue() {
- String result = null;
- if (valueType == VALUE_TYPE.PROPERTY) {
- result = (String) value;
- }
- return result;
- }
-
- public List<String> getListValues() {
- List<String> results = null;
- if (valueType == VALUE_TYPE.LIST) {
- results = (List<String>) value;
- }
-
- return results;
- }
-
- public Config getConfigValue() {
- Config result = null;
- if (valueType == VALUE_TYPE.CONFIG) {
- result = (Config) value;
- }
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/IniConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/IniConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/IniConfigLoader.java
deleted file mode 100644
index 05c163b..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/IniConfigLoader.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-
-public class IniConfigLoader extends ConfigLoader {
- private static final String COMMENT_SYMBOL = "#";
-
- private ConfigImpl rootConfig;
- private ConfigImpl currentConfig;
-
- /**
- * Load configs form the INI configuration format file.
- */
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) throws IOException {
- rootConfig = config;
- currentConfig = config;
-
- InputStream is = (InputStream) resource.getResource();
- BufferedReader reader = new BufferedReader(new InputStreamReader(is));
-
- String line;
- while ((line = reader.readLine()) != null) {
- parseLine(line);
- }
- }
-
- private void parseLine(String line) {
- line = line.trim();
-
- if (line.startsWith(COMMENT_SYMBOL)) {
- return;
- }
-
- if (line.matches("\\[.*\\]")) {
- String subConfigName = line.replaceFirst("\\[(.*)\\]", "$1");
- ConfigImpl subConfig = new ConfigImpl(subConfigName);
- rootConfig.set(subConfigName, subConfig);
- currentConfig = subConfig;
- } else if (line.matches(".*=.*")) {
- int i = line.indexOf('=');
- String name = line.substring(0, i).trim();
- String value = line.substring(i + 1).trim();
- currentConfig.set(name, value);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/JsonConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/JsonConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/JsonConfigLoader.java
deleted file mode 100644
index 302b626..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/JsonConfigLoader.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-public class JsonConfigLoader extends ConfigLoader {
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/MapConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/MapConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/MapConfigLoader.java
deleted file mode 100644
index b67c2a9..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/MapConfigLoader.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.util.Map;
-
-public class MapConfigLoader extends ConfigLoader {
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) {
- Map<String, String> mapConfig = (Map<String, String>) resource.getResource();
- String value;
- for (String key : mapConfig.keySet()) {
- value = mapConfig.get(key);
- config.set(key, value);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesConfigLoader.java
deleted file mode 100644
index 899efd6..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesConfigLoader.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.util.Properties;
-
-public class PropertiesConfigLoader extends ConfigLoader {
-
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
- Properties propConfig = (Properties) resource.getResource();
- loadConfig(config, propConfig);
- }
-
- protected void loadConfig(ConfigImpl config, Properties propConfig) {
- Object value;
- for (Object key : propConfig.keySet()) {
- if (key instanceof String) {
- value = propConfig.getProperty((String) key);
- if (value != null && value instanceof String) {
- config.set((String) key, (String) value);
- }
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesFileConfigLoader.java
----------------------------------------------------------------------
diff --git a/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesFileConfigLoader.java b/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesFileConfigLoader.java
deleted file mode 100644
index 88d259a..0000000
--- a/contrib/haox-config/src/main/java/org/apache/haox/config/PropertiesFileConfigLoader.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.config;
-
-import java.io.InputStream;
-import java.util.Properties;
-
-public class PropertiesFileConfigLoader extends PropertiesConfigLoader {
-
- @Override
- protected void loadConfig(ConfigImpl config, Resource resource) throws Exception {
- Properties propConfig = new Properties();
- propConfig.load((InputStream) resource.getResource());
- loadConfig(config, propConfig);
- }
-}
[08/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/String2keyTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/String2keyTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/String2keyTest.java
new file mode 100644
index 0000000..192a614
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/String2keyTest.java
@@ -0,0 +1,583 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Test;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+/**
+ * By ref. MIT krb5 t_str2key.c and RFC3961 test vectors
+ *
+ * String 2 key test with known values.
+ */
+public class String2keyTest {
+
+ static class TestCase {
+ EncryptionType encType;
+ String password;
+ String salt;
+ String param;
+ String answer;
+ boolean allowWeak;
+
+ TestCase(EncryptionType encType, String password, String salt, String param,
+ String answer, boolean allowWeak) {
+ this.encType = encType;
+ this.password = password;
+ this.salt = salt;
+ this.param = param;
+ this.answer = answer;
+ this.allowWeak = allowWeak;
+ }
+ }
+
+ /**
+ * Test vectors from RFC 3961 appendix A.2.
+ */
+
+ @Test
+ public void test_DES_CBC_CRC_0() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00",
+ "CBC22FAE235298E3",
+ false));
+ }
+
+ @Test
+ public void test_DES_CBC_CRC_1() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "potatoe",
+ "WHITEHOUSE.GOVdanny",
+ "00",
+ "DF3D32A74FD92A01",
+ false));
+ }
+
+ @Test
+ public void test_DES_CBC_CRC_2() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ toUtf8("F09D849E"),
+ "EXAMPLE.COMpianist",
+ "00",
+ "4FFB26BAB0CD9413",
+ false));
+ }
+
+ @Test
+ public void test_DES_CBC_CRC_3() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ toUtf8("C39F"),
+ "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
+ "00",
+ "62C81A5232B5E69D",
+ false));
+ }
+
+ @Test
+ public void test_DES_CBC_CRC_4() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "11119999",
+ "AAAAAAAA",
+ "00",
+ "984054d0f1a73e31",
+ false));
+ }
+
+ @Test
+ public void test_DES_CBC_CRC_5() {
+ performTest(new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "NNNN6666",
+ "FFFFAAAA",
+ "00",
+ "C4BF6B25ADF7A4F8",
+ false));
+ }
+
+ // Test vectors from RFC 3961 appendix A.4.
+
+ @Test
+ public void test_DES3_CBC_SHA1_0() {
+ performTest(new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ null,
+ "850BB51358548CD05E86768C" +
+ "313E3BFEF7511937DCF72C3E",
+ false));
+ }
+
+ @Test
+ public void test_DES3_CBC_SHA1_1() {
+ performTest(new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "potatoe",
+ "WHITEHOUSE.GOVdanny",
+ null,
+ "DFCD233DD0A43204EA6DC437" +
+ "FB15E061B02979C1F74F377A",
+ false));
+ }
+
+ @Test
+ public void test_DES3_CBC_SHA1_2() {
+ performTest(new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "penny",
+ "EXAMPLE.COMbuckaroo",
+ null,
+ "6D2FCDF2D6FBBC3DDCADB5DA" +
+ "5710A23489B0D3B69D5D9D4A",
+ false));
+ }
+
+ @Test
+ public void test_DES3_CBC_SHA1_3() {
+ performTest(new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ toUtf8("C39F"),
+ "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
+ null,
+ "16D5A40E1CE3BACB61B9DCE0" +
+ "0470324C831973A7B952FEB0",
+ false));
+ }
+
+ @Test
+ public void test_DES3_CBC_SHA1_4() {
+ performTest(new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ toUtf8("F09D849E"),
+ "EXAMPLE.COMpianist",
+ null,
+ "85763726585DBC1CCE6EC43E" +
+ "1F751F07F1C4CBB098F40B19",
+ false));
+ }
+
+ // Test vectors from RFC 3962 appendix B.
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_0() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000001",
+ "42263C6E89F4FC28B8DF68EE09799F15",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_1() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000002",
+ "C651BF29E2300AC27FA469D693BDDA13",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_2() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "000004B0", // 1200
+ "4C01CD46D632D01E6DBE230A01ED642A",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_3() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "password",
+ toUtf8("1234567878563412"),
+ "00000005",
+ "E9B23D52273747DD5C35CB55BE619D8E",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_4() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ "000004B0", // 1200
+ "CB8005DC5F90179A7F02104C0018751D",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_5() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ toUtf8("F09D849E"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "F149C1F2E154A73452D43E7FE62A56E5",
+ true));
+ }
+
+ @Test
+ public void test_AES128_CTS_HMAC_SHA1_96_6() {
+ performTest(new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ "000004B0", // 1200
+ "59D1BB789A828B1AA54EF9C2883F69ED",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_0() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000001",
+ "FE697B52BC0D3CE14432BA036A92E65B" +
+ "BB52280990A2FA27883998D72AF30161",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_1() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000002",
+ "A2E16D16B36069C135D5E9D2E25F8961" +
+ "02685618B95914B467C67622225824FF",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_2() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "000004B0", // 1200
+ "55A6AC740AD17B4846941051E1E8B0A7" +
+ "548D93B0AB30A8BC3FF16280382B8C2A",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_3() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "password",
+ toUtf8("1234567878563412"),
+ "00000005",
+ "97A4E786BE20D81A382D5EBC96D5909C" +
+ "ABCDADC87CA48F574504159F16C36E31",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_4() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ "000004B0", // 1200
+ "89ADEE3608DB8BC71F1BFBFE459486B0" +
+ "5618B70CBAE22092534E56C553BA4B34",
+ true));
+ }
+
+
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_5() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ "000004B0", // 1200
+ "D78C5C9CB872A8C9DAD4697F0BB5B2D2" +
+ "1496C82BEB2CAEDA2112FCEEA057401B",
+ true));
+ }
+
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_6() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ toUtf8("F09D849E"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "4B6D9839F84406DF1F09CC166DB4B83C" +
+ "571848B784A3D6BDC346589A3E393F9E",
+ true));
+ }
+
+ // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden
+ @Test
+ public void test_AES256_CTS_HMAC_SHA1_96_7() {
+ performTest(new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ toUtf8("F09D849E"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "4B6D9839F84406DF1F09CC166DB4B83C" +
+ "571848B784A3D6BDC346589A3E393F9E",
+ false));
+ }
+
+ // The same inputs applied to Camellia enctypes.
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_0() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000001",
+ "57D0297298FFD9D35DE5A47FB4BDE24B",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_1() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000002",
+ "73F1B53AA0F310F93B1DE8CCAA0CB152",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_2() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "000004B0", // 1200
+ "8E571145452855575FD916E7B04487AA",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_3() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "password",
+ toUtf8("1234567878563412"),
+ "00000005",
+ "00498FD916BFC1C2B1031C170801B381",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_4() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ "000004B0", // 1200
+ "8BF6C3EF709B981DBB585D086843BE05",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_5() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ "000004B0", // 1200
+ "5752AC8D6AD1CCFE8430B312871C2F74",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA128_CTS_CMAC_6() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ toUtf8("f09d849e"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "CC75C7FD260F1C1658011FCC0D560616",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_1() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000001",
+ "B9D6828B2056B7BE656D88A123B1FAC6" +
+ "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_2() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "00000002",
+ "83FC5866E5F8F4C6F38663C65C87549F" +
+ "342BC47ED394DC9D3CD4D163ADE375E3",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_3() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "password",
+ "ATHENA.MIT.EDUraeburn",
+ "000004B0", // 1200
+ "77F421A6F25E138395E837E5D85D385B" +
+ "4C1BFD772E112CD9208CE72A530B15E6",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_4() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "password",
+ toUtf8("1234567878563412"),
+ "00000005",
+ "11083A00BDFE6A41B2F19716D6202F0A" +
+ "FA94289AFE8B27A049BD28B1D76C389A",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_5() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase equals block size",
+ "000004B0", // 1200
+ "119FE2A1CB0B1BE010B9067A73DB63ED" +
+ "4665B4E53A98D178035DCFE843A6B9B0",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_6() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "pass phrase exceeds block size",
+ "000004B0", // 1200
+ "614D5DFC0BA6D390B412B89AE4D5B088" +
+ "B612B316510994679DDB4383C7126DDF",
+ true));
+ }
+
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_7() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ toUtf8("f09d849e"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "163B768C6DB148B4EEC7163DF5AED70E" +
+ "206B68CEC078BC069ED68A7ED36B1ECC",
+ true));
+ }
+
+ // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden.
+ @Test
+ public void test_CAMELLIA256_CTS_CMAC_8() {
+ performTest(new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ toUtf8("f09d849e"),
+ "EXAMPLE.COMpianist",
+ "00000032", // 50
+ "163B768C6DB148B4EEC7163DF5AED70E" +
+ "206B68CEC078BC069ED68A7ED36B1ECC",
+ false));
+ }
+
+ /**
+ * Convert hex string into password
+ */
+ private static String toUtf8(String string) {
+ return new String(HexUtil.hex2bytes(string), StandardCharsets.UTF_8); // Per spec
+ }
+
+ /**
+ * Perform all the checks for a testcase
+ */
+ private void performTest(TestCase testCase) {
+ //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
+ if (! EncryptionHandler.isImplemented(testCase.encType)) {
+ System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());
+ return;
+ }
+
+ try {
+ assertTrue(testWith(testCase));
+ } catch (Exception e) {
+ fail(e.getMessage());
+ }
+ }
+
+ /**
+ * Do the actual test work
+ */
+ private boolean testWith(TestCase tc) throws Exception {
+ byte[] answer = HexUtil.hex2bytes(tc.answer);
+ byte[] params = tc.param != null ? HexUtil.hex2bytes(tc.param) : null;
+ EncryptionKey outkey = EncryptionHandler.string2Key(tc.password, tc.salt, params, tc.encType);
+ if (! Arrays.equals(answer, outkey.getKeyData())) {
+ System.err.println("failed with:" + tc.salt);
+ System.err.println("outKey:" + HexUtil.bytesToHex(outkey.getKeyData()));
+ System.err.println("answer:" + tc.answer);
+ return false;
+ }
+ return true;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt b/kerby-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
new file mode 100644
index 0000000..e6ebe8a
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
@@ -0,0 +1,1036 @@
+
+KEYSIZE=128
+
+KEY=00000000000000000000000000000000
+
+I=1
+PT=80000000000000000000000000000000
+CT=07923A39EB0A817D1C4D87BDB82D1F1C
+
+I=2
+PT=40000000000000000000000000000000
+CT=48CD6419809672D2349260D89A08D3D3
+
+I=3
+PT=20000000000000000000000000000000
+CT=D07493CCB2E95CE0B4945A05ACC97D82
+
+I=4
+PT=10000000000000000000000000000000
+CT=5DBE1EAC9F7080A88DBED7F6DA101448
+
+I=5
+PT=08000000000000000000000000000000
+CT=F01EE477D199DF2701027034B229622F
+
+I=6
+PT=04000000000000000000000000000000
+CT=C841587ABD9A912E563774CB569D051E
+
+I=7
+PT=02000000000000000000000000000000
+CT=1D9BC0C04546F0915C8CCD11391A455C
+
+I=8
+PT=01000000000000000000000000000000
+CT=05E6EBB4BA167F5C479CEFF3152F943B
+
+I=9
+PT=00800000000000000000000000000000
+CT=93211E0F788845B9FC0E4551FFE92AC9
+
+I=10
+PT=00400000000000000000000000000000
+CT=B6D35701CD8FADDE383BBE8E6B70BAF7
+
+I=11
+PT=00200000000000000000000000000000
+CT=8358F9F4EBCFEE348CB30551ACB151A0
+
+I=12
+PT=00100000000000000000000000000000
+CT=D57516EB5AD93C523E40521BF447AFCE
+
+I=13
+PT=00080000000000000000000000000000
+CT=66B2534C279C439133F52E5AD8B439A9
+
+I=14
+PT=00040000000000000000000000000000
+CT=A71C69184A9F63C2992A5F18F77C1FE9
+
+I=15
+PT=00020000000000000000000000000000
+CT=1ADCBE49AEACB9ECEBBD492B10E82C7B
+
+I=16
+PT=00010000000000000000000000000000
+CT=27E3BCFB227C5561DB6CF7FC30387036
+
+I=17
+PT=00008000000000000000000000000000
+CT=F4AE20365CC9D06B0CAE6B695ED2CEC1
+
+I=18
+PT=00004000000000000000000000000000
+CT=3DD682F0B641ED32AD3D43EA2A0456E4
+
+I=19
+PT=00002000000000000000000000000000
+CT=6E5D14A95ECC290B509EA6B673652E3A
+
+I=20
+PT=00001000000000000000000000000000
+CT=F1CDF0F8D7B3FFD95422D7CC0CF40B7B
+
+I=21
+PT=00000800000000000000000000000000
+CT=A9253D459A34C385A1F1B2CFFA3935C5
+
+I=22
+PT=00000400000000000000000000000000
+CT=291024D99FF09A47A1DEE45BA700AE52
+
+I=23
+PT=00000200000000000000000000000000
+CT=49241D9459B277187BB10081C60361C0
+
+I=24
+PT=00000100000000000000000000000000
+CT=AD9BA365CC4DD5553D2D9FE303841D88
+
+I=25
+PT=00000080000000000000000000000000
+CT=C2ECA616664A249DC622CC11196B4AE1
+
+I=26
+PT=00000040000000000000000000000000
+CT=6E1A2D4794BB0DC08777A0BC7523E70E
+
+I=27
+PT=00000020000000000000000000000000
+CT=6DB1F0CF59656BDD235E82B8CEF0BE8E
+
+I=28
+PT=00000010000000000000000000000000
+CT=52F239C5EAF401EBDC54D2F011FF4B6A
+
+I=29
+PT=00000008000000000000000000000000
+CT=6B58A08F648414B67FD6847D2AA51CBF
+
+I=30
+PT=00000004000000000000000000000000
+CT=2959DD5367885A75EB48053CF3251A36
+
+I=31
+PT=00000002000000000000000000000000
+CT=630B292E3B88EF641CDFD531E206605E
+
+I=32
+PT=00000001000000000000000000000000
+CT=4BBB88EF82B70593FCC56AFD91540FDB
+
+I=33
+PT=00000000800000000000000000000000
+CT=0A13055B118A45C606999257BD191426
+
+I=34
+PT=00000000400000000000000000000000
+CT=5CF8E5C9F15D7E4F865020224853EB77
+
+I=35
+PT=00000000200000000000000000000000
+CT=3898805042C7A4315C5EE51AF2DE47E2
+
+I=36
+PT=00000000100000000000000000000000
+CT=8D3F96372E87CBB0B375425B3A10B9E7
+
+I=37
+PT=00000000080000000000000000000000
+CT=4D9510A378BD784A70A66BCC75B7D3C8
+
+I=38
+PT=00000000040000000000000000000000
+CT=70DB1902D37CFBDFB98F7C516F79D416
+
+I=39
+PT=00000000020000000000000000000000
+CT=383C6C2AABEF7FDE25CD470BF774A331
+
+I=40
+PT=00000000010000000000000000000000
+CT=47CBCB5288349B1A15DC9F81FBEE6B8F
+
+I=41
+PT=00000000008000000000000000000000
+CT=21DA34D4468EEB13AED95DAE0FF48310
+
+I=42
+PT=00000000004000000000000000000000
+CT=021C9A8E6BD36FBD036411E5D852A80F
+
+I=43
+PT=00000000002000000000000000000000
+CT=6A459E2F839AF60ACDE83774D0BB5574
+
+I=44
+PT=00000000001000000000000000000000
+CT=C19255121F1B933CAE09E58AEC0E9977
+
+I=45
+PT=00000000000800000000000000000000
+CT=7BA949E27B2BE148A6B801F9305F43D5
+
+I=46
+PT=00000000000400000000000000000000
+CT=E8CEB1026BCF7BCEA32E8A380EA76DB7
+
+I=47
+PT=00000000000200000000000000000000
+CT=63F97747ED56A8F521B20CC65F6F9465
+
+I=48
+PT=00000000000100000000000000000000
+CT=2091CFDC629819106188424AC694F75B
+
+I=49
+PT=00000000000080000000000000000000
+CT=A91BDF8E8B88407942423CCE000527C4
+
+I=50
+PT=00000000000040000000000000000000
+CT=73F9B44B9635A3FD683DBF8D49E9825B
+
+I=51
+PT=00000000000020000000000000000000
+CT=9DC64B2133FAD5069FD9A7CC2FFFD1CC
+
+I=52
+PT=00000000000010000000000000000000
+CT=28240F81FEC36B71E13F1FEA7A7641E3
+
+I=53
+PT=00000000000008000000000000000000
+CT=20DD39FEE96CD2EFF972872A692B28FD
+
+I=54
+PT=00000000000004000000000000000000
+CT=47A9E40483EC1925B635E47E964E8E93
+
+I=55
+PT=00000000000002000000000000000000
+CT=9C0EBD822C49FB3D853DF5B315A87BA0
+
+I=56
+PT=00000000000001000000000000000000
+CT=C18D813FDB45A594C6DC24E5A1F6CE32
+
+I=57
+PT=00000000000000800000000000000000
+CT=7E5467FF245ECF80CB55C2D8E91F0711
+
+I=58
+PT=00000000000000400000000000000000
+CT=394D4365B77954FDEA4145FCF7A7A041
+
+I=59
+PT=00000000000000200000000000000000
+CT=B1D8311A492ED11F11E57B29221610C4
+
+I=60
+PT=00000000000000100000000000000000
+CT=E5FBB947A63AEA90163AF04AD6951EF8
+
+I=61
+PT=00000000000000080000000000000000
+CT=CA0627DDF580F0E7D59562825C9D0492
+
+I=62
+PT=00000000000000040000000000000000
+CT=EF98FFD1AED295AAE1860F0274C8F555
+
+I=63
+PT=00000000000000020000000000000000
+CT=8C698E5CFFF08FACE10C2DC5FF1E2A81
+
+I=64
+PT=00000000000000010000000000000000
+CT=35A7767E02032C35B5CE1A6F49C57C28
+
+I=65
+PT=00000000000000008000000000000000
+CT=AB36F8734E76EBA306CF00D6763D90B0
+
+I=66
+PT=00000000000000004000000000000000
+CT=E854EB66D4EC66889B5E6CD4F44A5806
+
+I=67
+PT=00000000000000002000000000000000
+CT=15B66DF1455ACD640B8716BCF5DB2D69
+
+I=68
+PT=00000000000000001000000000000000
+CT=4C57AB5333E5C2D4B7E30A007E449F48
+
+I=69
+PT=00000000000000000800000000000000
+CT=BA3E7FF28EB38EA09D8DB1440A9A3552
+
+I=70
+PT=00000000000000000400000000000000
+CT=64E60227AFD80C40C70186CC94804C1A
+
+I=71
+PT=00000000000000000200000000000000
+CT=CEB4423C20B4C91C2551F6FC227C9514
+
+I=72
+PT=00000000000000000100000000000000
+CT=F736894B843EF32DA28576DE500D448C
+
+I=73
+PT=00000000000000000080000000000000
+CT=58FDA98B678D15053D4B6C060368108C
+
+I=74
+PT=00000000000000000040000000000000
+CT=E28CAE384E578F47657755EBCD97996C
+
+I=75
+PT=00000000000000000020000000000000
+CT=0A64617BD4B5B166668240D105B7B6A2
+
+I=76
+PT=00000000000000000010000000000000
+CT=4BD090C7E3D365B5EA80F19B4798881E
+
+I=77
+PT=00000000000000000008000000000000
+CT=BC7B6CB9BFF4F72973BB2CD20A512C06
+
+I=78
+PT=00000000000000000004000000000000
+CT=4C7ADDC5C867594E9EE75F0AA6AB9C23
+
+I=79
+PT=00000000000000000002000000000000
+CT=1FBD05C71A36691AC6566A5298101D53
+
+I=80
+PT=00000000000000000001000000000000
+CT=42D7D6B1F499D412F8793972BD968DA2
+
+I=81
+PT=00000000000000000000800000000000
+CT=260EC86E2786FC68824576B934F32814
+
+I=82
+PT=00000000000000000000400000000000
+CT=576C26DFD7046F9357F34BEA7DFB26A0
+
+I=83
+PT=00000000000000000000200000000000
+CT=6D55E54BFB6F927174A02294C95E0F8F
+
+I=84
+PT=00000000000000000000100000000000
+CT=1A6CE91DD458229C7675A34950D10E23
+
+I=85
+PT=00000000000000000000080000000000
+CT=DAD0D5E7E000652825AA34D228EA8D8F
+
+I=86
+PT=00000000000000000000040000000000
+CT=E68013F48D75EAD2BBC0B0BDA5E690BF
+
+I=87
+PT=00000000000000000000020000000000
+CT=A07D92312FBAE37BFE8A834210AE4F9C
+
+I=88
+PT=00000000000000000000010000000000
+CT=6EEE5F8544CD7D456366EB448813989A
+
+I=89
+PT=00000000000000000000008000000000
+CT=F8E5C7FF4B79D7ABE8BFA2DD148820A8
+
+I=90
+PT=00000000000000000000004000000000
+CT=C6349D75C7472BBD66F95B3A07C79C91
+
+I=91
+PT=00000000000000000000002000000000
+CT=B85713C12D8658951CD1AD21C74D2CD2
+
+I=92
+PT=00000000000000000000001000000000
+CT=907AA00B9F7D47A97623FB55BA911F29
+
+I=93
+PT=00000000000000000000000800000000
+CT=DC3CD0ED23D11776FAB43A2A6A8F3557
+
+I=94
+PT=00000000000000000000000400000000
+CT=4BFE58A8FD69179C14765B09AB70B705
+
+I=95
+PT=00000000000000000000000200000000
+CT=A23996E0EA67EC280356E5F77130A551
+
+I=96
+PT=00000000000000000000000100000000
+CT=CDEADE859B3AACD273CCA85A3E2E45F2
+
+I=97
+PT=00000000000000000000000080000000
+CT=E0FC78489857D84DA03F40CE97147174
+
+I=98
+PT=00000000000000000000000040000000
+CT=7615EA6351F6BB12855E8579C6995D8E
+
+I=99
+PT=00000000000000000000000020000000
+CT=13E184344FE28C2E70ED0E4D0A8037F9
+
+I=100
+PT=00000000000000000000000010000000
+CT=A5FE395F568482B87BC3EB208C81C942
+
+I=101
+PT=00000000000000000000000008000000
+CT=B3103E11AF06C85565823F8CAA3159F6
+
+I=102
+PT=00000000000000000000000004000000
+CT=7EBC2234D271B89C519C396985300030
+
+I=103
+PT=00000000000000000000000002000000
+CT=0661D338F2E0C939BA1687820A768467
+
+I=104
+PT=00000000000000000000000001000000
+CT=EC2B42667C0195A90715499617884DA5
+
+I=105
+PT=00000000000000000000000000800000
+CT=AE077BA19D24E7188DDD3682FF196892
+
+I=106
+PT=00000000000000000000000000400000
+CT=98823C24B9C65A66073C7952DC2B4B5E
+
+I=107
+PT=00000000000000000000000000200000
+CT=6AB58432CBB3C2F503DA2D16796CC297
+
+I=108
+PT=00000000000000000000000000100000
+CT=EEB5EBB3A53E4196C2F22BC1A4DDF5E8
+
+I=109
+PT=00000000000000000000000000080000
+CT=33DC40AC5FDC126D38878416AF6C0FA6
+
+I=110
+PT=00000000000000000000000000040000
+CT=38EDDC08E18B4AD982CEA921D2765A9A
+
+I=111
+PT=00000000000000000000000000020000
+CT=7D6BEA038E9347C642E18631660A9558
+
+I=112
+PT=00000000000000000000000000010000
+CT=FDA57921A473B5EE3700AD5ADF035019
+
+I=113
+PT=00000000000000000000000000008000
+CT=699B4812E200337E9C1D2C397F0DFE4E
+
+I=114
+PT=00000000000000000000000000004000
+CT=7A1EADF68B0807145D6C414852DECFC8
+
+I=115
+PT=00000000000000000000000000002000
+CT=1645FFAA8AD76689C01DA8C40882781F
+
+I=116
+PT=00000000000000000000000000001000
+CT=BA0C053BE702FA62FC66D8FEB12FC97E
+
+I=117
+PT=00000000000000000000000000000800
+CT=841FD8AF69CF2C31F7D4D7B6959662B5
+
+I=118
+PT=00000000000000000000000000000400
+CT=F675D59BDB33231861268F539829DA0B
+
+I=119
+PT=00000000000000000000000000000200
+CT=A4967F45ABB4E8C7DC5E3806680F35E0
+
+I=120
+PT=00000000000000000000000000000100
+CT=4D7E08081CC82F92ABA7C58C99F8343F
+
+I=121
+PT=00000000000000000000000000000080
+CT=9AEFDB287C119B82353612B60ECCBFD8
+
+I=122
+PT=00000000000000000000000000000040
+CT=979BB6A1553A17592A86E78DF144A699
+
+I=123
+PT=00000000000000000000000000000020
+CT=A6FA8CAB06FD2E5BF3A858983C01757A
+
+I=124
+PT=00000000000000000000000000000010
+CT=BE8511254C31E25420B91D6FEF1710ED
+
+I=125
+PT=00000000000000000000000000000008
+CT=F589A908D18A21894971C0433581E1A5
+
+I=126
+PT=00000000000000000000000000000004
+CT=4237585130E7C9F715235EB1D8C94DE7
+
+I=127
+PT=00000000000000000000000000000002
+CT=DEFE3E0B5C54C94B4F2A0F5A46F6210D
+
+I=128
+PT=00000000000000000000000000000001
+CT=F5574ACC3148DFCB9015200631024DF9
+
+==========
+
+KEYSIZE=256
+
+KEY=0000000000000000000000000000000000000000000000000000000000000000
+
+I=1
+PT=80000000000000000000000000000000
+CT=B0C6B88AEA518AB09E847248E91B1B9D
+
+I=2
+PT=40000000000000000000000000000000
+CT=B8D7684E35FA1DB15BDCEE7A48659858
+
+I=3
+PT=20000000000000000000000000000000
+CT=F0CAD59AF92FBB79F36951E697492750
+
+I=4
+PT=10000000000000000000000000000000
+CT=117100F6635389560DC4A2DA24EBA70F
+
+I=5
+PT=08000000000000000000000000000000
+CT=DBDD62355553019ED84C35886421E532
+
+I=6
+PT=04000000000000000000000000000000
+CT=9CB8D04FA506F19848F7B9110518BFC8
+
+I=7
+PT=02000000000000000000000000000000
+CT=E4308E253BC3444D293500701BA82C6A
+
+I=8
+PT=01000000000000000000000000000000
+CT=EA2FAE53F7F30C0170A20E95A068503E
+
+I=9
+PT=00800000000000000000000000000000
+CT=14B14839EA221880B2C64D1FE000B93D
+
+I=10
+PT=00400000000000000000000000000000
+CT=A5CFC075B342D5101AACC334E73058BB
+
+I=11
+PT=00200000000000000000000000000000
+CT=477EA56B2EBAD0F8AC5E1936866560FF
+
+I=12
+PT=00100000000000000000000000000000
+CT=107E8598418404196EC59F63E45B7F6D
+
+I=13
+PT=00080000000000000000000000000000
+CT=FF6A891E7C1C074A68FEC291928FDD8D
+
+I=14
+PT=00040000000000000000000000000000
+CT=F64C250A13F45D377ADB7545B2B157A9
+
+I=15
+PT=00020000000000000000000000000000
+CT=FAD0F252086F11C830C65B63197CBC38
+
+I=16
+PT=00010000000000000000000000000000
+CT=9DCB89B209441F02AD0D25C6AB826629
+
+I=17
+PT=00008000000000000000000000000000
+CT=E62E4ED4E4F34EDC563710D960E09D4C
+
+I=18
+PT=00004000000000000000000000000000
+CT=98A1B926BA06895C3F2E84CCBACBC356
+
+I=19
+PT=00002000000000000000000000000000
+CT=29BE0BE4DB7F4D196718AEA38F3B0BFD
+
+I=20
+PT=00001000000000000000000000000000
+CT=F670C4EBECBA0B43E71F6D752BFD4854
+
+I=21
+PT=00000800000000000000000000000000
+CT=7D7666B4484CDB7E3605468E093A787C
+
+I=22
+PT=00000400000000000000000000000000
+CT=562D06B181C091DA6C43642AE99460C6
+
+I=23
+PT=00000200000000000000000000000000
+CT=AB0EFB5975E6186B7D76BC9672453488
+
+I=24
+PT=00000100000000000000000000000000
+CT=10C0756538E7BFF88D19AE2B1F7B859A
+
+I=25
+PT=00000080000000000000000000000000
+CT=AF7FCD5248F8C72F1695AA05DD1CADE0
+
+I=26
+PT=00000040000000000000000000000000
+CT=9841E555655609A75D7BE20B8A90EF1E
+
+I=27
+PT=00000020000000000000000000000000
+CT=27F9546E6A1B7464780000561783569C
+
+I=28
+PT=00000010000000000000000000000000
+CT=8671D935D7A8354EECB7288803D42D7A
+
+I=29
+PT=00000008000000000000000000000000
+CT=0DA44F508DEBC6F044394624FCEB8EBE
+
+I=30
+PT=00000004000000000000000000000000
+CT=AB137369BE6D93FBB18006BDB236EC09
+
+I=31
+PT=00000002000000000000000000000000
+CT=EB90C4E597A7E1779FFA260886E26F75
+
+I=32
+PT=00000001000000000000000000000000
+CT=618CF3588D5C128EAF252616230E08F7
+
+I=33
+PT=00000000800000000000000000000000
+CT=98DC4DB49D197AB9152D12B9DE2D73CA
+
+I=34
+PT=00000000400000000000000000000000
+CT=5BDDE24B15702A35E1F140C57D206443
+
+I=35
+PT=00000000200000000000000000000000
+CT=CF755809882BED8BA2F9F1A4ED296A2B
+
+I=36
+PT=00000000100000000000000000000000
+CT=F1A8DBB999538AE89D16F92A7F4D1DF1
+
+I=37
+PT=00000000080000000000000000000000
+CT=775222FDDAAECB81CF675C4E0B98179E
+
+I=38
+PT=00000000040000000000000000000000
+CT=12A648CADCD153C760A965826683119A
+
+I=39
+PT=00000000020000000000000000000000
+CT=0503FB10AB241E7CF45D8CDEEE474335
+
+I=40
+PT=00000000010000000000000000000000
+CT=3D299C0070CBBD831B802690B8E7CA24
+
+I=41
+PT=00000000008000000000000000000000
+CT=33105BD4D11D66753DC34D128BEFE3F4
+
+I=42
+PT=00000000004000000000000000000000
+CT=5EFCE2B4B987C0F77D27B44836881682
+
+I=43
+PT=00000000002000000000000000000000
+CT=7835449454128035D7F0EA99E327577B
+
+I=44
+PT=00000000001000000000000000000000
+CT=27BEDDA0601BE35122FB1D272D73AB3E
+
+I=45
+PT=00000000000800000000000000000000
+CT=54C3F99FF48E318CC515EDE75800C4B3
+
+I=46
+PT=00000000000400000000000000000000
+CT=C627C329F8E48299F6FDB23B9DBEA0BB
+
+I=47
+PT=00000000000200000000000000000000
+CT=1B6578F9E23BD8C1845A02431C5F9AA3
+
+I=48
+PT=00000000000100000000000000000000
+CT=6DB2FB8C0B9344D0547C0FF1292020C6
+
+I=49
+PT=00000000000080000000000000000000
+CT=4FAD9B2C37C131493FBEF53581FA4F83
+
+I=50
+PT=00000000000040000000000000000000
+CT=47502A01E93D2C87BD5584F6AFD3D99D
+
+I=51
+PT=00000000000020000000000000000000
+CT=056E1C6F651BFE50271B3B7A18E76D84
+
+I=52
+PT=00000000000010000000000000000000
+CT=5632BAF6627B3D96AD4E06FA6A561F55
+
+I=53
+PT=00000000000008000000000000000000
+CT=E29807CAACDFA2D41A7D9E91FA7FD8EB
+
+I=54
+PT=00000000000004000000000000000000
+CT=81DD44BB5D1822DEE605F9E6FF01D7B3
+
+I=55
+PT=00000000000002000000000000000000
+CT=5C3649925E47D7FF96482A8FBD9666FD
+
+I=56
+PT=00000000000001000000000000000000
+CT=695415A836E66E737887845EC08A1ADB
+
+I=57
+PT=00000000000000800000000000000000
+CT=F5416BCE292D9E2CEA5D1CC70BBAEED1
+
+I=58
+PT=00000000000000400000000000000000
+CT=7AEC4F1388FC29C47F7FED74ADDE8485
+
+I=59
+PT=00000000000000200000000000000000
+CT=82A9F1A6CE08BC4876E649D8A8EA7EB6
+
+I=60
+PT=00000000000000100000000000000000
+CT=B6296C88ADF1A792908B065EEB04BFC2
+
+I=61
+PT=00000000000000080000000000000000
+CT=E766A39AECCA40BDBFBE6FF3FA292913
+
+I=62
+PT=00000000000000040000000000000000
+CT=C6D081454EA00D83C23B5A62C84359E1
+
+I=63
+PT=00000000000000020000000000000000
+CT=85D259A79CCA80484504D1603F7A8F53
+
+I=64
+PT=00000000000000010000000000000000
+CT=D8291FA1C6DC250078824B2D0A20883F
+
+I=65
+PT=00000000000000008000000000000000
+CT=95387CB74C48FFBD1F8D64A6CC45E074
+
+I=66
+PT=00000000000000004000000000000000
+CT=A17F975F538F56CDF629B516011DE837
+
+I=67
+PT=00000000000000002000000000000000
+CT=B50B615A1654C6E1CB6AB33716C097FE
+
+I=68
+PT=00000000000000001000000000000000
+CT=7BBB2CBB874DF6C8B821DA7FB0F9011B
+
+I=69
+PT=00000000000000000800000000000000
+CT=E9EFE074D096A275E47CD2E6206DF6A1
+
+I=70
+PT=00000000000000000400000000000000
+CT=88F2F8D5A836406AE8BBB98C65BBDA55
+
+I=71
+PT=00000000000000000200000000000000
+CT=F64620D8D87585A3EF038B9AD58F5EA0
+
+I=72
+PT=00000000000000000100000000000000
+CT=694438EC141C8ED5F2F898B4554A298F
+
+I=73
+PT=00000000000000000080000000000000
+CT=3E6226EC7726A1EE5F5FA9B18CCE8C44
+
+I=74
+PT=00000000000000000040000000000000
+CT=8AB6949E79911647800B9E87362AB97A
+
+I=75
+PT=00000000000000000020000000000000
+CT=093C5CF24EDAF7F9F1C8A80DE4FF50A9
+
+I=76
+PT=00000000000000000010000000000000
+CT=28A36E50061F19E240351ED0E378CBF4
+
+I=77
+PT=00000000000000000008000000000000
+CT=B93BB36CB88BF26EA79198652AA51D3C
+
+I=78
+PT=00000000000000000004000000000000
+CT=DE4948083D044FAC9BCA6DA8CD67B8A6
+
+I=79
+PT=00000000000000000002000000000000
+CT=6E778B5BDA6CA118117E47470D080D3C
+
+I=80
+PT=00000000000000000001000000000000
+CT=0A9107324DA32B4281D032A3487EF875
+
+I=81
+PT=00000000000000000000800000000000
+CT=18ED5635312D71ABD123CCE779D4D68A
+
+I=82
+PT=00000000000000000000400000000000
+CT=2E3C63F95C4BC1F944BAB06DEDC9AA8E
+
+I=83
+PT=00000000000000000000200000000000
+CT=ACCC869EF07004C8C3C709083BE7BA2F
+
+I=84
+PT=00000000000000000000100000000000
+CT=DF60B34FB1A59147CC1FB049C1578206
+
+I=85
+PT=00000000000000000000080000000000
+CT=4228DC636C08E41021054AA0E1E2227A
+
+I=86
+PT=00000000000000000000040000000000
+CT=7CE27F66EFD735FFD6B3E1738C50495B
+
+I=87
+PT=00000000000000000000020000000000
+CT=F8E74B33A9CDE351DA0BBC06D69093D7
+
+I=88
+PT=00000000000000000000010000000000
+CT=AE0D22A5B37B8DC5D81CC641EED334D0
+
+I=89
+PT=00000000000000000000008000000000
+CT=C181C6CA5E163743458B9167A0B6A16A
+
+I=90
+PT=00000000000000000000004000000000
+CT=5171F4F6095E4B276CFBA1F07223FBE6
+
+I=91
+PT=00000000000000000000002000000000
+CT=2732F4D3A8C9D1D8D493840D6E0B864F
+
+I=92
+PT=00000000000000000000001000000000
+CT=3EF04E0059A061D973532CA5C1DFBE7B
+
+I=93
+PT=00000000000000000000000800000000
+CT=6D9A8F23579E4978EBAA87B5ADEB77E5
+
+I=94
+PT=00000000000000000000000400000000
+CT=BBD08873CC44BA4253C0C41FEEB7F124
+
+I=95
+PT=00000000000000000000000200000000
+CT=72E4B2437CBD283F3809CE686F6A591E
+
+I=96
+PT=00000000000000000000000100000000
+CT=6E5580514B92512B1BF4B1B987B9AA1B
+
+I=97
+PT=00000000000000000000000080000000
+CT=5EF5D0C5BCBDCB604D3A083B68CE0FA3
+
+I=98
+PT=00000000000000000000000040000000
+CT=9D991FDD723AD2182777A15CA0E0F665
+
+I=99
+PT=00000000000000000000000020000000
+CT=24440626EFC8F86BEA7DE78085AB8A22
+
+I=100
+PT=00000000000000000000000010000000
+CT=17C3630D62D13C1E826C0FCCBD74A864
+
+I=101
+PT=00000000000000000000000008000000
+CT=4CF5AB86A56AB134A7FE46CCE3F9FCE9
+
+I=102
+PT=00000000000000000000000004000000
+CT=3E6B9C0388F6D9B8F458F30221907607
+
+I=103
+PT=00000000000000000000000002000000
+CT=AD9C926B8A5CD98EEE88200617E59958
+
+I=104
+PT=00000000000000000000000001000000
+CT=AFF8AED5E075E02AF720CA4BF0028B3B
+
+I=105
+PT=00000000000000000000000000800000
+CT=D90EAFF909202BB209BB3BB8C7F9A954
+
+I=106
+PT=00000000000000000000000000400000
+CT=2C709B00E6A22F00F64A7D8EE341853F
+
+I=107
+PT=00000000000000000000000000200000
+CT=CCEC598F0D9F0BF201B2F487136D54A4
+
+I=108
+PT=00000000000000000000000000100000
+CT=73B2883A0A166AAE1BF14E60A5195FA3
+
+I=109
+PT=00000000000000000000000000080000
+CT=E676867BD9AD5EF915143388496779D7
+
+I=110
+PT=00000000000000000000000000040000
+CT=CDCB73D1BFCFD4BE7F1DAA9B1C6A4055
+
+I=111
+PT=00000000000000000000000000020000
+CT=02A3A5C89DAA24CD2C517F7A73286A89
+
+I=112
+PT=00000000000000000000000000010000
+CT=C0FA2AC9E92EE58C2DD12D6D43AB7035
+
+I=113
+PT=00000000000000000000000000008000
+CT=EDC2CB1F7291353BDBF2385519E6AE16
+
+I=114
+PT=00000000000000000000000000004000
+CT=B4B62D16D197A98CD3B978812B9D9884
+
+I=115
+PT=00000000000000000000000000002000
+CT=5CDFC95A529A905101CEA26BC1B891ED
+
+I=116
+PT=00000000000000000000000000001000
+CT=CC7150CD3650B98363296C7C4ED368D1
+
+I=117
+PT=00000000000000000000000000000800
+CT=CC57706B0C6526B8E25A5DBD32EACBDB
+
+I=118
+PT=00000000000000000000000000000400
+CT=30D30456AD98B182D64C649648F6AEC9
+
+I=119
+PT=00000000000000000000000000000200
+CT=D7E9DA7F631938EB649A08AF82FBD75F
+
+I=120
+PT=00000000000000000000000000000100
+CT=B8DA2AF6600B07895B5D0FFAF4991469
+
+I=121
+PT=00000000000000000000000000000080
+CT=0F6F64F930BA6C178943322B98114599
+
+I=122
+PT=00000000000000000000000000000040
+CT=8B1F247802E47C91BEE2AA34ECFD7A01
+
+I=123
+PT=00000000000000000000000000000020
+CT=7A6985778D3A66E97F23E01F0D0E45E7
+
+I=124
+PT=00000000000000000000000000000010
+CT=BA664AC39855518DFDEE10D1B3111FAE
+
+I=125
+PT=00000000000000000000000000000008
+CT=7C92854D801A1648F65CA81813DDBF83
+
+I=126
+PT=00000000000000000000000000000004
+CT=6A3F25AAB7E92D9CF378E5D9C040F26B
+
+I=127
+PT=00000000000000000000000000000002
+CT=3D4B2CDE666761BA5DFB305178E667FB
+
+I=128
+PT=00000000000000000000000000000001
+CT=9CDB269B5D293BC5DB9C55B057D9B591
+
+==========
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/pom.xml b/kerby-kerb/kerb-identity/pom.xml
new file mode 100644
index 0000000..edf2f93
--- /dev/null
+++ b/kerby-kerb/kerb-identity/pom.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-identity</artifactId>
+
+ <name>Kerby-kerb Identity</name>
+ <description>Kerby-kerb Identity</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-crypto</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Attribute.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Attribute.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Attribute.java
new file mode 100644
index 0000000..2174c33
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Attribute.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+public abstract class Attribute {
+ private String name;
+
+ public Attribute(String name) {
+ this.name = name;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/ComplexAttribute.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/ComplexAttribute.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/ComplexAttribute.java
new file mode 100644
index 0000000..d56bb66
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/ComplexAttribute.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+public class ComplexAttribute extends Attribute {
+ private List<String> values;
+
+ public ComplexAttribute(String name) {
+ super(name);
+ this.values = new ArrayList<String>(1);
+ }
+
+ public List<String> getValues() {
+ return Collections.unmodifiableList(values);
+ }
+
+ public void setValues(List<String> values) {
+ this.values.clear();
+ this.values.addAll(values);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Identity.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Identity.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Identity.java
new file mode 100644
index 0000000..18da5f8
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/Identity.java
@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+import java.util.*;
+
+public class Identity {
+ private String name;
+ private Map<String, Attribute> attributes;
+
+ public Identity(String name) {
+ this.name = name;
+ this.attributes = new HashMap<String, Attribute>();
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public void addAttribute(String name, String value) {
+ attributes.put(name, new SimpleAttribute(name, value));
+ }
+
+ public void addAttribute(Attribute attribute) {
+ attributes.put(attribute.getName(), attribute);
+ }
+
+ public Set<String> getAttributes() {
+ return Collections.unmodifiableSet(attributes.keySet());
+ }
+
+ public String getSimpleAttribute(String name) {
+ Attribute attr = attributes.get(name);
+ if (! (attr instanceof SimpleAttribute)) {
+ throw new RuntimeException("Not simple attribute");
+ }
+ return ((SimpleAttribute) attr).getValue();
+ }
+
+ public void setAttributes(List<Attribute> attributes) {
+ this.attributes.clear();
+ for (Attribute attr : attributes) {
+ addAttribute(attr);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/IdentityService.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/IdentityService.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/IdentityService.java
new file mode 100644
index 0000000..96efea5
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/IdentityService.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+import java.util.List;
+
+public interface IdentityService {
+ public List<KrbIdentity> getIdentities();
+ public boolean checkIdentity(String name);
+ public KrbIdentity getIdentity(String name);
+ public void addIdentity(KrbIdentity identity);
+ public void updateIdentity(KrbIdentity identity);
+ public void deleteIdentity(KrbIdentity identity);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbAttributes.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbAttributes.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbAttributes.java
new file mode 100644
index 0000000..008eb1b
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbAttributes.java
@@ -0,0 +1,25 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+public class KrbAttributes {
+ public static final String PRINCIPAL = "principal";
+ public static final String PASSWORD = "password";
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
new file mode 100644
index 0000000..8acd430
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
@@ -0,0 +1,126 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class KrbIdentity {
+ private String principalName;
+ private PrincipalName principal;
+ private int keyVersion = 1;
+ private int kdcFlags = 0;
+ private boolean disabled = false;
+ private boolean locked = false;
+ private KerberosTime expireTime = KerberosTime.NEVER;
+ private KerberosTime createdTime = KerberosTime.now();
+
+ private Map<EncryptionType, EncryptionKey> keys =
+ new HashMap<EncryptionType, EncryptionKey>();
+
+ public KrbIdentity(String principalName) {
+ this.principalName = principalName;
+ this.principal = new PrincipalName(principalName);
+ }
+
+ public String getPrincipalName() {
+ return principalName;
+ }
+
+ public void setPrincipal(PrincipalName principal) {
+ this.principal = principal;
+ }
+
+ public PrincipalName getPrincipal() {
+ return principal;
+ }
+
+ public void setKeyVersion(int keyVersion) {
+ this.keyVersion = keyVersion;
+ }
+
+ public void setKdcFlags(int kdcFlags) {
+ this.kdcFlags = kdcFlags;
+ }
+
+ public void setDisabled(boolean disabled) {
+ this.disabled = disabled;
+ }
+
+ public void setLocked(boolean locked) {
+ this.locked = locked;
+ }
+
+ public void setExpireTime(KerberosTime expireTime) {
+ this.expireTime = expireTime;
+ }
+
+ public KerberosTime getExpireTime() {
+ return expireTime;
+ }
+
+ public KerberosTime getCreatedTime() {
+ return createdTime;
+ }
+
+ public void setCreatedTime(KerberosTime createdTime) {
+ this.createdTime = createdTime;
+ }
+
+ public boolean isDisabled() {
+ return disabled;
+ }
+
+ public boolean isLocked() {
+ return locked;
+ }
+
+ public void addKey(EncryptionKey encKey) {
+ keys.put(encKey.getKeyType(), encKey);
+ }
+
+ public void addKeys(List<EncryptionKey> encKeys) {
+ for (EncryptionKey key : encKeys) {
+ keys.put(key.getKeyType(), key);
+ }
+ }
+
+ public Map<EncryptionType, EncryptionKey> getKeys() {
+ return keys;
+ }
+
+ public EncryptionKey getKey(EncryptionType encType) {
+ return keys.get(encType);
+ }
+
+ public int getKdcFlags() {
+ return kdcFlags;
+ }
+
+ public int getKeyVersion() {
+ return keyVersion;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/SimpleAttribute.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/SimpleAttribute.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/SimpleAttribute.java
new file mode 100644
index 0000000..53add12
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/SimpleAttribute.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity;
+
+public class SimpleAttribute extends Attribute {
+ private String value;
+
+ public SimpleAttribute(String name, String value) {
+ super(name);
+ this.value = value;
+ }
+
+ public String getValue() {
+ return value;
+ }
+
+ public void setValue(String value) {
+ this.value = value;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/AbstractIdentityBackend.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
new file mode 100644
index 0000000..3342afd
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity.backend;
+
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+
+public abstract class AbstractIdentityBackend implements IdentityService {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
new file mode 100644
index 0000000..3ef6140
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity.backend;
+
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class InMemoryIdentityBackend extends AbstractIdentityBackend {
+
+ private Map<String, KrbIdentity> identities;
+
+ public InMemoryIdentityBackend() {
+ this.identities = new HashMap<String, KrbIdentity>();
+ }
+
+ public InMemoryIdentityBackend(Map<String, KrbIdentity> identities) {
+ this();
+ this.identities.putAll(identities);
+ }
+
+ @Override
+ public List<KrbIdentity> getIdentities() {
+ List<KrbIdentity> results = new ArrayList<KrbIdentity>(identities.size());
+ results.addAll(identities.values());
+ return results;
+ }
+
+ @Override
+ public boolean checkIdentity(String name) {
+ return identities.containsKey(name);
+ }
+
+ @Override
+ public KrbIdentity getIdentity(String name) {
+ if (identities.containsKey(name)) {
+ return identities.get(name);
+ }
+ return null;
+ }
+
+ @Override
+ public void addIdentity(KrbIdentity identity) {
+ identities.put(identity.getPrincipalName(), identity);
+ }
+
+ @Override
+ public void updateIdentity(KrbIdentity identity) {
+ identities.put(identity.getPrincipalName(), identity);
+ }
+
+ @Override
+ public void deleteIdentity(KrbIdentity identity) {
+ identities.remove(identity.getPrincipalName());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/SimpleIdentityBackend.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
new file mode 100644
index 0000000..df7a0dd
--- /dev/null
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.identity.backend;
+
+import java.io.File;
+
+public class SimpleIdentityBackend extends InMemoryIdentityBackend {
+
+ private File identityFile;
+
+ public SimpleIdentityBackend(File identityFile) {
+ super();
+ this.identityFile = identityFile;
+ }
+
+ /**
+ * Load identities from file
+ */
+ public void load() {
+ // todo
+ }
+
+ /**
+ * Persist the updated identities back
+ */
+ public void save() {
+ // todo
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/pom.xml b/kerby-kerb/kerb-kdc-test/pom.xml
new file mode 100644
index 0000000..905337b
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/pom.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-kdc-test</artifactId>
+
+ <name>Kerby-kerb-KdcTest</name>
+ <description>Kerby-kerb Kdc Test</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-util</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-pkix</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
new file mode 100644
index 0000000..3720317
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
@@ -0,0 +1,122 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.List;
+import java.util.Properties;
+import java.util.UUID;
+
+public class TestKdcServer extends SimpleKdcServer {
+
+ public static final String ORG_DOMAIN = KdcConfigKey.KDC_DOMAIN.getPropertyKey();
+ public static final String KDC_REALM = KdcConfigKey.KDC_REALM.getPropertyKey();
+ public static final String KDC_HOST = KdcConfigKey.KDC_HOST.getPropertyKey();
+ public static final String KDC_TCP_PORT = KdcConfigKey.KDC_TCP_PORT.getPropertyKey();
+ public static final String WORK_DIR = KdcConfigKey.WORK_DIR.getPropertyKey();
+
+ private static final Properties DEFAULT_CONFIG = new Properties();
+ static {
+ DEFAULT_CONFIG.setProperty(KDC_HOST, "localhost");
+ DEFAULT_CONFIG.setProperty(KDC_TCP_PORT, "8018");
+ DEFAULT_CONFIG.setProperty(ORG_DOMAIN, "test.com");
+ DEFAULT_CONFIG.setProperty(KDC_REALM, "TEST.COM");
+ }
+
+ public static Properties createConf() {
+ return (Properties) DEFAULT_CONFIG.clone();
+ }
+
+ public TestKdcServer() {
+ this(createConf());
+ }
+
+ public TestKdcServer(Properties conf) {
+ super();
+ getConfig().getConf().addPropertiesConfig(conf);
+ }
+
+ @Override
+ public void init() {
+ super.init();
+
+ createPrincipals("krbtgt");
+ }
+
+ public String getKdcRealm() {
+ return getConfig().getKdcRealm();
+ }
+
+ public synchronized void createPrincipal(String principal, String password) {
+ KrbIdentity identity = new KrbIdentity(principal);
+ List<EncryptionType> encTypes = getConfig().getEncryptionTypes();
+ List<EncryptionKey> encKeys = null;
+ try {
+ encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
+ } catch (KrbException e) {
+ throw new RuntimeException("Failed to generate encryption keys", e);
+ }
+ identity.addKeys(encKeys);
+ getIdentityService().addIdentity(identity);
+ }
+
+ public void createPrincipals(String ... principals) {
+ String passwd;
+ for (String principal : principals) {
+ passwd = UUID.randomUUID().toString();
+ createPrincipal(fixPrincipal(principal), passwd);
+ }
+ }
+
+ private String fixPrincipal(String principal) {
+ if (! principal.contains("@")) {
+ principal += "@" + getKdcRealm();
+ }
+ return principal;
+ }
+
+ public void exportPrincipals(File keytabFile) throws IOException {
+ Keytab keytab = new Keytab();
+
+ List<KrbIdentity> identities = getIdentityService().getIdentities();
+ for (KrbIdentity identity : identities) {
+ PrincipalName principal = identity.getPrincipal();
+ KerberosTime timestamp = new KerberosTime();
+ for (EncryptionType encType : identity.getKeys().keySet()) {
+ EncryptionKey ekey = identity.getKeys().get(encType);
+ int keyVersion = ekey.getKvno();
+ keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey));
+ }
+ }
+
+ keytab.store(keytabFile);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
new file mode 100644
index 0000000..6b91561
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
+eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
+MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
+Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
+cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
+uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
+u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
+F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
+d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
+fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
+xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
+V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
new file mode 100644
index 0000000..66dc806
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
+NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
+s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
+AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
+usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
+Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
+Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
+IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
+Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
+zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
+0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
+tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
+GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
+L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
+pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
+YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
+/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
+XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
+VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
+ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
+XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
+IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
+OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
+oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
+5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc b/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
new file mode 100644
index 0000000..8052f71
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
@@ -0,0 +1,36 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+[kdc_cert]
+basicConstraints=CA:FALSE
+keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
+extendedKeyUsage=1.3.6.1.5.2.3.5
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+issuerAltName=issuer:copy
+subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
+
+[kdc_princ_name]
+realm=EXP:0,GeneralString:${ENV::REALM}
+principal_name=EXP:1,SEQUENCE:kdc_principal_seq
+
+[kdc_principal_seq]
+name_type=EXP:0,INTEGER:1
+name_string=EXP:1,SEQUENCE:kdc_principals
+
+[kdc_principals]
+princ1=GeneralString:krbtgt
+princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
new file mode 100644
index 0000000..d118dd1
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = {0}
+ udp_preference_limit = 1
+
+[realms]
+ {0} = '{'
+ kdc = {1}:{2}
+ '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
new file mode 100644
index 0000000..bc989c3
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
@@ -0,0 +1,46 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+dn: ou=users,dc=${0},dc=${1}
+objectClass: organizationalUnit
+objectClass: top
+ou: users
+
+dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: KDC Service
+sn: Service
+uid: krbtgt
+userPassword: secret
+krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
+krb5KeyVersionNumber: 0
+
+dn: uid=ldap,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: LDAP
+sn: Service
+uid: ldap
+userPassword: secret
+krb5PrincipalName: ldap/${4}@${2}.${3}
+krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
[29/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
deleted file mode 100644
index f03aae1..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.Rc4;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class HmacMd5Rc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
-
- public HmacMd5Rc4CheckSum() {
- super(null, new Md5Provider(), 16, 16);
- }
-
- public int confounderSize() {
- return 8;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.HMAC_MD5_ARCFOUR;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-
- @Override
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
-
- byte[] Ksign = null;
- byte[] signKey = "signaturekey".getBytes();
- byte[] newSignKey = new byte[signKey.length + 1];
- System.arraycopy(signKey, 0, newSignKey, 0, signKey.length);
- Ksign = Hmac.hmac(hashProvider(), key, newSignKey);
-
- byte[] salt = Rc4.getSalt(usage, false);
-
- hashProvider().hash(salt);
- hashProvider().hash(data, start, len);
- byte[] hashTmp = hashProvider().output();
-
- byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
- return hmac;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
deleted file mode 100644
index e3595c6..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Aes128Provider;
-import org.apache.kerberos.kerb.crypto.key.AesKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class HmacSha1Aes128CheckSum extends HmacKcCheckSum {
-
- public HmacSha1Aes128CheckSum() {
- super(new Aes128Provider(), 20, 12);
-
- keyMaker(new AesKeyMaker((Aes128Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.HMAC_SHA1_96_AES128;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 12; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
deleted file mode 100644
index 83fbb28..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Aes256Provider;
-import org.apache.kerberos.kerb.crypto.key.AesKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class HmacSha1Aes256CheckSum extends HmacKcCheckSum {
-
- public HmacSha1Aes256CheckSum() {
- super(new Aes256Provider(), 20, 12);
-
- keyMaker(new AesKeyMaker((Aes256Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.HMAC_SHA1_96_AES256;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 12; // bytes
- }
-
- public int keySize() {
- return 32; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
deleted file mode 100644
index f51ca45..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Des3Provider;
-import org.apache.kerberos.kerb.crypto.key.Des3KeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class HmacSha1Des3CheckSum extends HmacKcCheckSum {
-
- public HmacSha1Des3CheckSum() {
- super(new Des3Provider(), 20, 20);
-
- keyMaker(new Des3KeyMaker(encProvider()));
- }
-
- public int confounderSize() {
- return 8;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.HMAC_SHA1_DES3;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 20; // bytes
- }
-
- public int keySize() {
- return 24; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/KcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/KcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/KcCheckSum.java
deleted file mode 100644
index 695f432..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/KcCheckSum.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.crypto.key.DkKeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class KcCheckSum extends AbstractKeyedCheckSumTypeHandler {
-
- public KcCheckSum(EncryptProvider encProvider, HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(encProvider, hashProvider, computeSize, outputSize);
- }
-
- @Override
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- byte[] Kc;
- byte[] constant = new byte[5];
- BytesUtil.int2bytes(usage, constant, 0, true);
- constant[4] = (byte) 0x99;
- Kc = ((DkKeyMaker) keyMaker()).dk(key, constant);
-
- byte[] mac = mac(Kc, data, start, len);
- return mac;
- }
-
- protected abstract byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
deleted file mode 100644
index 453791b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.Rc4;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Rc4Provider;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class Md5HmacRc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
-
- public Md5HmacRc4CheckSum() {
- super(new Rc4Provider(), new Md5Provider(), 16, 16);
- }
-
- public int confounderSize() {
- return 8;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.MD5_HMAC_ARCFOUR;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-
- @Override
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
-
- byte[] Ksign = key;
-
- byte[] salt = Rc4.getSalt(usage, false);
-
- hashProvider().hash(salt);
- hashProvider().hash(data, start, len);
- byte[] hashTmp = hashProvider().output();
-
- byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
- return hmac;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
deleted file mode 100644
index c7890e7..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md4Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class RsaMd4CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
-
- public RsaMd4CheckSum() {
- super(new Md4Provider(), 16, 16);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.RSA_MD4;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
deleted file mode 100644
index 0fee59b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md4Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class RsaMd4DesCheckSum extends ConfounderedDesCheckSum {
-
- public RsaMd4DesCheckSum() {
- super(new Md4Provider(), 24, 24);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.RSA_MD4_DES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
deleted file mode 100644
index b92b174..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class RsaMd5CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
-
- public RsaMd5CheckSum() {
- super(new Md5Provider(), 16, 16);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.RSA_MD5;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
deleted file mode 100644
index 8673d4b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public final class RsaMd5DesCheckSum extends ConfounderedDesCheckSum {
-
- public RsaMd5DesCheckSum() {
- super(new Md5Provider(), 24, 24);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.RSA_MD5_DES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Sha1CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
deleted file mode 100644
index c95a5ff..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class Sha1CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
-
- public Sha1CheckSum() {
- super(new Sha1Provider(), 20, 20);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.NIST_SHA;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
deleted file mode 100644
index c3797cf..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractHashProvider implements HashProvider {
- private int blockSize;
- private int hashSize;
-
- public AbstractHashProvider(int hashSize, int blockSize) {
- this.hashSize = hashSize;
- this.blockSize = blockSize;
- }
-
- protected void init() {
-
- }
-
- @Override
- public int hashSize() {
- return hashSize;
- }
-
- @Override
- public int blockSize() {
- return blockSize;
- }
-
- @Override
- public void hash(byte[] data) throws KrbException {
- hash(data, 0, data.length);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
deleted file mode 100644
index 2984e0e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-import org.apache.kerberos.kerb.crypto.cksum.AbstractCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractUnkeyedCheckSumTypeHandler extends AbstractCheckSumTypeHandler {
-
- public AbstractUnkeyedCheckSumTypeHandler(HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(null, hashProvider, computeSize, outputSize);
- }
-
- @Override
- public byte[] checksum(byte[] data, int start, int len) throws KrbException {
- int outputSize = outputSize();
-
- HashProvider hp = hashProvider();
- hp.hash(data, start, len);
- byte[] workBuffer = hp.output();
-
- if (outputSize < workBuffer.length) {
- byte[] output = new byte[outputSize];
- System.arraycopy(workBuffer, 0, output, 0, outputSize);
- return output;
- }
- return workBuffer;
- }
-
- @Override
- public boolean verify(byte[] data, int start, int len, byte[] checksum) throws KrbException {
- byte[] newCksum = checksum(data, start, len);
- return checksumEqual(newCksum, checksum);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
deleted file mode 100644
index ab419da..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-import org.apache.kerberos.kerb.crypto.Crc32;
-
-public class Crc32Provider extends AbstractHashProvider {
- private byte[] output;
-
- public Crc32Provider() {
- super(4, 1);
- }
-
- @Override
- public void hash(byte[] data, int start, int size) {
- output = Crc32.crc(data, start, size);
- }
-
- @Override
- public byte[] output() {
- return output;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md4Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
deleted file mode 100644
index 02e84f3..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-import org.apache.kerberos.kerb.crypto.Md4;
-
-public class Md4Provider extends MessageDigestHashProvider {
-
- public Md4Provider() {
- super(16, 64, "MD4");
- }
-
- @Override
- protected void init() {
- messageDigest = new Md4();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
deleted file mode 100644
index 6484015..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-public class Md5Provider extends MessageDigestHashProvider {
-
- public Md5Provider() {
- super(16, 64, "MD5");
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
deleted file mode 100644
index bbd8ddf..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-import org.apache.kerberos.kerb.KrbException;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-public class MessageDigestHashProvider extends AbstractHashProvider {
- private String algorithm;
- protected MessageDigest messageDigest;
-
- public MessageDigestHashProvider(int hashSize, int blockSize, String algorithm) {
- super(hashSize, blockSize);
- this.algorithm = algorithm;
-
- init();
- }
-
- @Override
- protected void init() {
- try {
- messageDigest = MessageDigest.getInstance(algorithm);
- } catch (NoSuchAlgorithmException e) {
- throw new RuntimeException("Failed to init JCE provider", e);
- }
- }
-
- @Override
- public void hash(byte[] data, int start, int len) throws KrbException {
- messageDigest.update(data, start, len);
- }
-
- @Override
- public byte[] output() {
- return messageDigest.digest();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
deleted file mode 100644
index b547501..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum.provider;
-
-public class Sha1Provider extends MessageDigestHashProvider {
-
- public Sha1Provider() {
- super(20, 64, "SHA1");
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
deleted file mode 100644
index 3aab860..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
+++ /dev/null
@@ -1,160 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.AbstractCryptoTypeHandler;
-import org.apache.kerberos.kerb.crypto.EncTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.key.KeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractEncTypeHandler
- extends AbstractCryptoTypeHandler implements EncTypeHandler {
-
- private KeyMaker keyMaker;
-
- public AbstractEncTypeHandler(EncryptProvider encProvider,
- HashProvider hashProvider) {
- super(encProvider, hashProvider);
- }
-
- protected void keyMaker(KeyMaker keyMaker) {
- this.keyMaker = keyMaker;
- }
-
- protected KeyMaker keyMaker() {
- return keyMaker;
- }
-
- @Override
- public String name() {
- return eType().getName();
- }
-
- @Override
- public String displayName() {
- return eType().getDisplayName();
- }
-
- protected int paddingLength(int inputLen) {
- int payloadLen = confounderSize() + checksumSize() + inputLen;
- int padding = paddingSize();
-
- if (padding == 0 || (payloadLen % padding) == 0) {
- return 0;
- }
-
- return padding - (payloadLen % padding);
- }
-
- @Override
- public int keyInputSize() {
- return encProvider().keyInputSize();
- }
-
- @Override
- public int keySize() {
- return encProvider().keySize();
- }
-
- @Override
- public int confounderSize() {
- return encProvider().blockSize();
- }
-
- @Override
- public int checksumSize() {
- return hashProvider().hashSize();
- }
-
- @Override
- public int paddingSize() {
- return encProvider().blockSize();
- }
-
- @Override
- public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
- return keyMaker.str2key(string, salt, param);
- }
-
- @Override
- public byte[] random2Key(byte[] randomBits) throws KrbException {
- return keyMaker.random2Key(randomBits);
- }
-
- @Override
- public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException {
- byte[] iv = new byte[encProvider().blockSize()];
- return encrypt(data, key, iv, usage);
- }
-
- @Override
- public byte[] encrypt(byte[] data, byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = confounderSize();
- int checksumLen = checksumSize();
- int headerLen = confounderLen + checksumLen;
- int inputLen = data.length;
- int paddingLen = paddingLength(inputLen);
-
- /**
- * E(Confounder | Checksum | Plaintext | Padding), or
- * header | data | padding | trailer, where trailer may be absent
- */
-
- int workLength = headerLen + inputLen + paddingLen;
-
- byte[] workBuffer = new byte[workLength];
- System.arraycopy(data, 0, workBuffer, headerLen, data.length);
-
- int [] workLens = new int[] {confounderLen, checksumLen,
- inputLen, paddingLen};
-
- encryptWith(workBuffer, workLens, key, iv, usage);
- return workBuffer;
- }
-
- protected void encryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
-
- }
-
- public byte[] decrypt(byte[] cipher, byte[] key, int usage)
- throws KrbException {
- byte[] iv = new byte[encProvider().blockSize()];
- return decrypt(cipher, key, iv, usage);
- }
-
- public byte[] decrypt(byte[] cipher, byte[] key, byte[] iv, int usage)
- throws KrbException {
-
- int totalLen = cipher.length;
- int confounderLen = confounderSize();
- int checksumLen = checksumSize();
- int dataLen = totalLen - (confounderLen + checksumLen);
-
- int[] workLens = new int[] {confounderLen, checksumLen, dataLen};
- return decryptWith(cipher, workLens, key, iv, usage);
- }
-
- protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
deleted file mode 100644
index f435d0f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Aes128Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider;
-import org.apache.kerberos.kerb.crypto.key.AesKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Aes128CtsHmacSha1Enc extends KeKiHmacSha1Enc {
-
- public Aes128CtsHmacSha1Enc() {
- super(new Aes128Provider(), new Sha1Provider());
- keyMaker(new AesKeyMaker((AesProvider) encProvider()));
- }
-
- @Override
- public int checksumSize() {
- return 96 / 8;
- }
-
- public EncryptionType eType() {
- return EncryptionType.AES128_CTS_HMAC_SHA1_96;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.HMAC_SHA1_96_AES128;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
deleted file mode 100644
index 31b5efd..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Aes256Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider;
-import org.apache.kerberos.kerb.crypto.key.AesKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Aes256CtsHmacSha1Enc extends KeKiHmacSha1Enc {
-
- public Aes256CtsHmacSha1Enc() {
- super(new Aes256Provider(), new Sha1Provider());
- keyMaker(new AesKeyMaker((AesProvider) encProvider()));
- }
-
- public EncryptionType eType() {
- return EncryptionType.AES256_CTS_HMAC_SHA1_96;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.HMAC_SHA1_96_AES256;
- }
-
- @Override
- public int checksumSize() {
- return 96 / 8;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
deleted file mode 100644
index d726391..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Camellia128CtsCmacEnc extends KeKiCmacEnc {
-
- public Camellia128CtsCmacEnc() {
- super(new Camellia128Provider());
- keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider()));
- }
-
- public EncryptionType eType() {
- return EncryptionType.CAMELLIA128_CTS_CMAC;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.CMAC_CAMELLIA128;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
deleted file mode 100644
index 41afe1b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Camellia256CtsCmacEnc extends KeKiCmacEnc {
-
- public Camellia256CtsCmacEnc() {
- super(new Camellia256Provider());
- keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider()));
- }
-
- public EncryptionType eType() {
- return EncryptionType.CAMELLIA256_CTS_CMAC;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.CMAC_CAMELLIA256;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
deleted file mode 100644
index d461047..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Des3Provider;
-import org.apache.kerberos.kerb.crypto.key.Des3KeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Des3CbcSha1Enc extends KeKiHmacSha1Enc {
-
- public Des3CbcSha1Enc() {
- super(new Des3Provider(), new Sha1Provider());
- keyMaker(new Des3KeyMaker(this.encProvider()));
- }
-
- public EncryptionType eType() {
- return EncryptionType.DES3_CBC_SHA1;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.HMAC_SHA1_DES3;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
deleted file mode 100644
index 5fdfd9b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Crc32Provider;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class DesCbcCrcEnc extends DesCbcEnc {
-
- public DesCbcCrcEnc() {
- super(new Crc32Provider());
- }
-
- public EncryptionType eType() {
- return EncryptionType.DES_CBC_CRC;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.CRC32;
- }
-
- @Override
- public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException {
- byte[] iv = new byte[encProvider().blockSize()];
- System.arraycopy(key, 0, iv, 0, key.length);
- return encrypt(data, key, iv, usage);
- }
-
- @Override
- public byte[] decrypt(byte[] cipher, byte[] key, int usage)
- throws KrbException {
- byte[] iv = new byte[encProvider().blockSize()];
- System.arraycopy(key, 0, iv, 0, key.length);
- return decrypt(cipher, key, iv, usage);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java
deleted file mode 100644
index cbca17f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.crypto.Confounder;
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.enc.provider.DesProvider;
-import org.apache.kerberos.kerb.crypto.key.DesKeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-abstract class DesCbcEnc extends AbstractEncTypeHandler {
-
- public DesCbcEnc(HashProvider hashProvider) {
- super(new DesProvider(), hashProvider);
- keyMaker(new DesKeyMaker(this.encProvider()));
- }
-
- @Override
- protected void encryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int dataLen = workLens[2];
- int paddingLen = workLens[3];
-
- // confounder
- byte[] confounder = Confounder.makeBytes(confounderLen);
- System.arraycopy(confounder, 0, workBuffer, 0, confounderLen);
-
- // padding
- for (int i = confounderLen + checksumLen + dataLen; i < paddingLen; ++i) {
- workBuffer[i] = 0;
- }
-
- // checksum
- hashProvider().hash(workBuffer);
- byte[] cksum = hashProvider().output();
- System.arraycopy(cksum, 0, workBuffer, confounderLen, checksumLen);
-
- encProvider().encrypt(key, iv, workBuffer);
- }
-
- @Override
- protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int dataLen = workLens[2];
-
- encProvider().decrypt(key, iv, workBuffer);
-
- byte[] checksum = new byte[checksumLen];
- for (int i = 0; i < checksumLen; i++) {
- checksum[i] = workBuffer[confounderLen + i];
- workBuffer[confounderLen + i] = 0;
- }
-
- hashProvider().hash(workBuffer);
- byte[] newChecksum = hashProvider().output();
- if (! checksumEqual(checksum, newChecksum)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
- }
-
- byte[] data = new byte[dataLen];
- System.arraycopy(workBuffer, confounderLen + checksumLen,
- data, 0, dataLen);
-
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
deleted file mode 100644
index 494091e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md4Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class DesCbcMd4Enc extends DesCbcEnc {
-
- public DesCbcMd4Enc() {
- super(new Md4Provider());
- }
-
- public EncryptionType eType() {
- return EncryptionType.DES_CBC_MD4;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.RSA_MD4_DES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
deleted file mode 100644
index fb5ec2b..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class DesCbcMd5Enc extends DesCbcEnc {
-
- public DesCbcMd5Enc() {
- super(new Md5Provider());
- }
-
- public EncryptionType eType() {
- return EncryptionType.DES_CBC_MD5;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.RSA_MD5_DES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java
deleted file mode 100644
index 5dc1f18..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.KrbException;
-
-/**
- * krb5_enc_provider
- */
-public interface EncryptProvider {
-
- public int keyInputSize(); //input size to make key
- public int keySize(); //output key size
- public int blockSize(); //crypto block size
-
- public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException;
- public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException;
- public void encrypt(byte[] key, byte[] data) throws KrbException;
- public void decrypt(byte[] key, byte[] data) throws KrbException;
- public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException;
- public boolean supportCbcMac();
-
- public byte[] initState(byte[] key, int keyUsage);
- public void cleanState();
- public void cleanKey();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
deleted file mode 100644
index f4ad9be..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.Cmac;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class KeKiCmacEnc extends KeKiEnc {
-
- public KeKiCmacEnc(EncryptProvider encProvider) {
- super(encProvider, null);
- }
-
- @Override
- public int paddingSize() {
- return 0;
- }
-
- @Override
- public int checksumSize() {
- return encProvider().blockSize();
- }
-
- @Override
- protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
- throws KrbException {
-
- // generate hash
- byte[] hash = Cmac.cmac(encProvider(), key, data);
-
- // truncate hash
- byte[] output = new byte[hashSize];
- System.arraycopy(hash, 0, output, 0, hashSize);
- return output;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java
deleted file mode 100644
index faaeb38..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java
+++ /dev/null
@@ -1,129 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.Confounder;
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.key.DkKeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class KeKiEnc extends AbstractEncTypeHandler {
-
- public KeKiEnc(EncryptProvider encProvider,
- HashProvider hashProvider) {
- super(encProvider, hashProvider);
- }
-
- @Override
- public int paddingSize() {
- return 0;
- }
-
-
- @Override
- protected void encryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int inputLen = workLens[2];
- int paddingLen = workLens[3];
-
- byte[] Ke, Ki;
- byte[] constant = new byte[5];
- constant[0] = (byte) ((usage>>24)&0xff);
- constant[1] = (byte) ((usage>>16)&0xff);
- constant[2] = (byte) ((usage>>8)&0xff);
- constant[3] = (byte) (usage&0xff);
- constant[4] = (byte) 0xaa;
- Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
- constant[4] = (byte) 0x55;
- Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
-
- /**
- * Instead of E(Confounder | Checksum | Plaintext | Padding),
- * E(Confounder | Plaintext | Padding) | Checksum,
- * so need to adjust the workBuffer arrangement
- */
-
- byte[] tmpEnc = new byte[confounderLen + inputLen + paddingLen];
- // confounder
- byte[] confounder = Confounder.makeBytes(confounderLen);
- System.arraycopy(confounder, 0, tmpEnc, 0, confounderLen);
-
- // data
- System.arraycopy(workBuffer, confounderLen + checksumLen,
- tmpEnc, confounderLen, inputLen);
-
- // padding
- for (int i = confounderLen + inputLen; i < paddingLen; ++i) {
- tmpEnc[i] = 0;
- }
-
- // checksum & encrypt
- byte[] checksum;
- checksum = makeChecksum(Ki, tmpEnc, checksumLen);
- encProvider().encrypt(Ke, iv, tmpEnc);
-
- System.arraycopy(tmpEnc, 0, workBuffer, 0, tmpEnc.length);
- System.arraycopy(checksum, 0, workBuffer, tmpEnc.length, checksum.length);
- }
-
- @Override
- protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int dataLen = workLens[2];
-
- byte[] Ke, Ki;
- byte[] constant = new byte[5];
- BytesUtil.int2bytes(usage, constant, 0, true);
- constant[4] = (byte) 0xaa;
- Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
- constant[4] = (byte) 0x55;
- Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
-
- // decrypt and verify checksum
-
- byte[] tmpEnc = new byte[confounderLen + dataLen];
- System.arraycopy(workBuffer, 0,
- tmpEnc, 0, confounderLen + dataLen);
- byte[] checksum = new byte[checksumLen];
- System.arraycopy(workBuffer, confounderLen + dataLen,
- checksum, 0, checksumLen);
-
- byte[] newChecksum;
- encProvider().decrypt(Ke, iv, tmpEnc);
- newChecksum = makeChecksum(Ki, tmpEnc, checksumLen);
-
- if (! checksumEqual(checksum, newChecksum)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
- }
-
- byte[] data = new byte[dataLen];
- System.arraycopy(tmpEnc, confounderLen, data, 0, dataLen);
- return data;
- }
-
- protected abstract byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
- throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
deleted file mode 100644
index c731248..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class KeKiHmacSha1Enc extends KeKiEnc {
-
- public KeKiHmacSha1Enc(EncryptProvider encProvider,
- HashProvider hashProvider) {
- super(encProvider, hashProvider);
- }
-
- @Override
- public int paddingSize() {
- return 0;
- }
-
- @Override
- protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
- throws KrbException {
-
- // generate hash
- byte[] hash = Hmac.hmac(hashProvider(), key, data);
-
- // truncate hash
- byte[] output = new byte[hashSize];
- System.arraycopy(hash, 0, output, 0, hashSize);
- return output;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
deleted file mode 100644
index 27d660c..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.crypto.BytesUtil;
-import org.apache.kerberos.kerb.crypto.Confounder;
-import org.apache.kerberos.kerb.crypto.Rc4;
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider;
-import org.apache.kerberos.kerb.crypto.enc.provider.Rc4Provider;
-import org.apache.kerberos.kerb.crypto.key.Rc4KeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Rc4HmacEnc extends AbstractEncTypeHandler {
- private boolean exportable;
-
- public Rc4HmacEnc() {
- this(false);
- }
-
- public Rc4HmacEnc(boolean exportable) {
- super(new Rc4Provider(), new Md5Provider());
- keyMaker(new Rc4KeyMaker(this.encProvider()));
- this.exportable = exportable;
- }
-
- public EncryptionType eType() {
- return EncryptionType.ARCFOUR_HMAC;
- }
-
- @Override
- public int confounderSize() {
- return 8;
- }
-
- @Override
- public int paddingSize() {
- return 0;
- }
-
- public CheckSumType checksumType() {
- return CheckSumType.HMAC_MD5_ARCFOUR;
- }
-
- protected void encryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int dataLen = workLens[2];
-
- /**
- * Instead of E(Confounder | Checksum | Plaintext | Padding),
- * Checksum | E(Confounder | Plaintext)
- */
-
- // confounder
- byte[] confounder = Confounder.makeBytes(confounderLen);
- System.arraycopy(confounder, 0, workBuffer, checksumLen, confounderLen);
-
- // no padding
-
- /* checksum and encryption */
- byte[] usageKey = makeUsageKey(key, usage);
-
- byte[] checksum = Hmac.hmac(hashProvider(), usageKey, workBuffer,
- checksumLen, confounderLen + dataLen);
-
- byte[] encKey = makeEncKey(usageKey, checksum);
-
- byte[] tmpEnc = new byte[confounderLen + dataLen];
- System.arraycopy(workBuffer, checksumLen,
- tmpEnc, 0, confounderLen + dataLen);
- encProvider().encrypt(encKey, iv, tmpEnc);
- System.arraycopy(checksum, 0, workBuffer, 0, checksumLen);
- System.arraycopy(tmpEnc, 0, workBuffer, checksumLen, tmpEnc.length);
- }
-
- protected byte[] makeUsageKey(byte[] key, int usage) throws KrbException {
- byte[] salt = Rc4.getSalt(usage, exportable);
- byte[] usageKey = Hmac.hmac(hashProvider(), key, salt);
- return usageKey;
- }
-
- protected byte[] makeEncKey(byte[] usageKey, byte[] checksum) throws KrbException {
- byte[] tmpKey = usageKey;
-
- if (exportable) {
- tmpKey = BytesUtil.duplicate(usageKey);
- for (int i = 0; i < 9; ++i) {
- tmpKey[i + 7] = (byte) 0xab;
- }
- }
-
- byte[] encKey = Hmac.hmac(hashProvider(), tmpKey, checksum);
- return encKey;
- }
-
- @Override
- protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
- byte[] key, byte[] iv, int usage) throws KrbException {
- int confounderLen = workLens[0];
- int checksumLen = workLens[1];
- int dataLen = workLens[2];
-
- /* checksum and decryption */
- byte[] usageKey = makeUsageKey(key, usage);
-
- byte[] checksum = new byte[checksumLen];
- System.arraycopy(workBuffer, 0, checksum, 0, checksumLen);
-
- byte[] encKey = makeEncKey(usageKey, checksum);
-
- byte[] tmpEnc = new byte[confounderLen + dataLen];
- System.arraycopy(workBuffer, checksumLen,
- tmpEnc, 0, confounderLen + dataLen);
- encProvider().decrypt(encKey, iv, tmpEnc);
-
- byte[] newChecksum = Hmac.hmac(hashProvider(), usageKey, tmpEnc);
- if (! checksumEqual(checksum, newChecksum)) {
- throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
- }
-
- byte[] data = new byte[dataLen];
- System.arraycopy(tmpEnc, confounderLen,
- data, 0, dataLen);
-
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
deleted file mode 100644
index 63ea752..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.enc;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public class Rc4HmacExpEnc extends Rc4HmacEnc {
-
- public Rc4HmacExpEnc() {
- super(true);
- }
-
- public EncryptionType eType() {
- return EncryptionType.ARCFOUR_HMAC_EXP;
- }
-}
[26/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/ComplexAttribute.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/ComplexAttribute.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/ComplexAttribute.java
deleted file mode 100644
index 54deeb1..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/ComplexAttribute.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-public class ComplexAttribute extends Attribute {
- private List<String> values;
-
- public ComplexAttribute(String name) {
- super(name);
- this.values = new ArrayList<String>(1);
- }
-
- public List<String> getValues() {
- return Collections.unmodifiableList(values);
- }
-
- public void setValues(List<String> values) {
- this.values.clear();
- this.values.addAll(values);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Identity.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Identity.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Identity.java
deleted file mode 100644
index c85bc1c..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Identity.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-import java.util.*;
-
-public class Identity {
- private String name;
- private Map<String, Attribute> attributes;
-
- public Identity(String name) {
- this.name = name;
- this.attributes = new HashMap<String, Attribute>();
- }
-
- public String getName() {
- return name;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-
- public void addAttribute(String name, String value) {
- attributes.put(name, new SimpleAttribute(name, value));
- }
-
- public void addAttribute(Attribute attribute) {
- attributes.put(attribute.getName(), attribute);
- }
-
- public Set<String> getAttributes() {
- return Collections.unmodifiableSet(attributes.keySet());
- }
-
- public String getSimpleAttribute(String name) {
- Attribute attr = attributes.get(name);
- if (! (attr instanceof SimpleAttribute)) {
- throw new RuntimeException("Not simple attribute");
- }
- return ((SimpleAttribute) attr).getValue();
- }
-
- public void setAttributes(List<Attribute> attributes) {
- this.attributes.clear();
- for (Attribute attr : attributes) {
- addAttribute(attr);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/IdentityService.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/IdentityService.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/IdentityService.java
deleted file mode 100644
index 538c687..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/IdentityService.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-import java.util.List;
-
-public interface IdentityService {
- public List<KrbIdentity> getIdentities();
- public boolean checkIdentity(String name);
- public KrbIdentity getIdentity(String name);
- public void addIdentity(KrbIdentity identity);
- public void updateIdentity(KrbIdentity identity);
- public void deleteIdentity(KrbIdentity identity);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbAttributes.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbAttributes.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbAttributes.java
deleted file mode 100644
index 2c5f58f..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbAttributes.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-public class KrbAttributes {
- public static final String PRINCIPAL = "principal";
- public static final String PASSWORD = "password";
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbIdentity.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbIdentity.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbIdentity.java
deleted file mode 100644
index 342e075..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/KrbIdentity.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-public class KrbIdentity {
- private String principalName;
- private PrincipalName principal;
- private int keyVersion = 1;
- private int kdcFlags = 0;
- private boolean disabled = false;
- private boolean locked = false;
- private KerberosTime expireTime = KerberosTime.NEVER;
- private KerberosTime createdTime = KerberosTime.now();
-
- private Map<EncryptionType, EncryptionKey> keys =
- new HashMap<EncryptionType, EncryptionKey>();
-
- public KrbIdentity(String principalName) {
- this.principalName = principalName;
- this.principal = new PrincipalName(principalName);
- }
-
- public String getPrincipalName() {
- return principalName;
- }
-
- public void setPrincipal(PrincipalName principal) {
- this.principal = principal;
- }
-
- public PrincipalName getPrincipal() {
- return principal;
- }
-
- public void setKeyVersion(int keyVersion) {
- this.keyVersion = keyVersion;
- }
-
- public void setKdcFlags(int kdcFlags) {
- this.kdcFlags = kdcFlags;
- }
-
- public void setDisabled(boolean disabled) {
- this.disabled = disabled;
- }
-
- public void setLocked(boolean locked) {
- this.locked = locked;
- }
-
- public void setExpireTime(KerberosTime expireTime) {
- this.expireTime = expireTime;
- }
-
- public KerberosTime getExpireTime() {
- return expireTime;
- }
-
- public KerberosTime getCreatedTime() {
- return createdTime;
- }
-
- public void setCreatedTime(KerberosTime createdTime) {
- this.createdTime = createdTime;
- }
-
- public boolean isDisabled() {
- return disabled;
- }
-
- public boolean isLocked() {
- return locked;
- }
-
- public void addKey(EncryptionKey encKey) {
- keys.put(encKey.getKeyType(), encKey);
- }
-
- public void addKeys(List<EncryptionKey> encKeys) {
- for (EncryptionKey key : encKeys) {
- keys.put(key.getKeyType(), key);
- }
- }
-
- public Map<EncryptionType, EncryptionKey> getKeys() {
- return keys;
- }
-
- public EncryptionKey getKey(EncryptionType encType) {
- return keys.get(encType);
- }
-
- public int getKdcFlags() {
- return kdcFlags;
- }
-
- public int getKeyVersion() {
- return keyVersion;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/SimpleAttribute.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/SimpleAttribute.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/SimpleAttribute.java
deleted file mode 100644
index 5a36ea6..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/SimpleAttribute.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-public class SimpleAttribute extends Attribute {
- private String value;
-
- public SimpleAttribute(String name, String value) {
- super(name);
- this.value = value;
- }
-
- public String getValue() {
- return value;
- }
-
- public void setValue(String value) {
- this.value = value;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/AbstractIdentityBackend.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
deleted file mode 100644
index de4cad0..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/AbstractIdentityBackend.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity.backend;
-
-import org.apache.kerberos.kerb.identity.IdentityService;
-
-public abstract class AbstractIdentityBackend implements IdentityService {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
deleted file mode 100644
index 2c4a5c2..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity.backend;
-
-import org.apache.kerberos.kerb.identity.KrbIdentity;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-public class InMemoryIdentityBackend extends AbstractIdentityBackend {
-
- private Map<String, KrbIdentity> identities;
-
- public InMemoryIdentityBackend() {
- this.identities = new HashMap<String, KrbIdentity>();
- }
-
- public InMemoryIdentityBackend(Map<String, KrbIdentity> identities) {
- this();
- this.identities.putAll(identities);
- }
-
- @Override
- public List<KrbIdentity> getIdentities() {
- List<KrbIdentity> results = new ArrayList<KrbIdentity>(identities.size());
- results.addAll(identities.values());
- return results;
- }
-
- @Override
- public boolean checkIdentity(String name) {
- return identities.containsKey(name);
- }
-
- @Override
- public KrbIdentity getIdentity(String name) {
- if (identities.containsKey(name)) {
- return identities.get(name);
- }
- return null;
- }
-
- @Override
- public void addIdentity(KrbIdentity identity) {
- identities.put(identity.getPrincipalName(), identity);
- }
-
- @Override
- public void updateIdentity(KrbIdentity identity) {
- identities.put(identity.getPrincipalName(), identity);
- }
-
- @Override
- public void deleteIdentity(KrbIdentity identity) {
- identities.remove(identity.getPrincipalName());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/SimpleIdentityBackend.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
deleted file mode 100644
index 22281cb..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/backend/SimpleIdentityBackend.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity.backend;
-
-import java.io.File;
-
-public class SimpleIdentityBackend extends InMemoryIdentityBackend {
-
- private File identityFile;
-
- public SimpleIdentityBackend(File identityFile) {
- super();
- this.identityFile = identityFile;
- }
-
- /**
- * Load identities from file
- */
- public void load() {
- // todo
- }
-
- /**
- * Persist the updated identities back
- */
- public void save() {
- // todo
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/pom.xml b/haox-kerb/kerb-kdc-test/pom.xml
deleted file mode 100644
index da14cf1..0000000
--- a/haox-kerb/kerb-kdc-test/pom.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-kdc-test</artifactId>
-
- <name>Haox-kerb-KdcTest</name>
- <description>Haox-kerb Kdc Test</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-util</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-server</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-client</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-pkix</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/java/org/apache/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/java/org/apache/kerberos/kerb/server/TestKdcServer.java b/haox-kerb/kerb-kdc-test/src/main/java/org/apache/kerberos/kerb/server/TestKdcServer.java
deleted file mode 100644
index 78c3a22..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/java/org/apache/kerberos/kerb/server/TestKdcServer.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerberos.kerb.keytab.Keytab;
-import org.apache.kerberos.kerb.keytab.KeytabEntry;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.List;
-import java.util.Properties;
-import java.util.UUID;
-
-public class TestKdcServer extends SimpleKdcServer {
-
- public static final String ORG_DOMAIN = KdcConfigKey.KDC_DOMAIN.getPropertyKey();
- public static final String KDC_REALM = KdcConfigKey.KDC_REALM.getPropertyKey();
- public static final String KDC_HOST = KdcConfigKey.KDC_HOST.getPropertyKey();
- public static final String KDC_TCP_PORT = KdcConfigKey.KDC_TCP_PORT.getPropertyKey();
- public static final String WORK_DIR = KdcConfigKey.WORK_DIR.getPropertyKey();
-
- private static final Properties DEFAULT_CONFIG = new Properties();
- static {
- DEFAULT_CONFIG.setProperty(KDC_HOST, "localhost");
- DEFAULT_CONFIG.setProperty(KDC_TCP_PORT, "8018");
- DEFAULT_CONFIG.setProperty(ORG_DOMAIN, "test.com");
- DEFAULT_CONFIG.setProperty(KDC_REALM, "TEST.COM");
- }
-
- public static Properties createConf() {
- return (Properties) DEFAULT_CONFIG.clone();
- }
-
- public TestKdcServer() {
- this(createConf());
- }
-
- public TestKdcServer(Properties conf) {
- super();
- getConfig().getConf().addPropertiesConfig(conf);
- }
-
- @Override
- public void init() {
- super.init();
-
- createPrincipals("krbtgt");
- }
-
- public String getKdcRealm() {
- return getConfig().getKdcRealm();
- }
-
- public synchronized void createPrincipal(String principal, String password) {
- KrbIdentity identity = new KrbIdentity(principal);
- List<EncryptionType> encTypes = getConfig().getEncryptionTypes();
- List<EncryptionKey> encKeys = null;
- try {
- encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
- } catch (KrbException e) {
- throw new RuntimeException("Failed to generate encryption keys", e);
- }
- identity.addKeys(encKeys);
- getIdentityService().addIdentity(identity);
- }
-
- public void createPrincipals(String ... principals) {
- String passwd;
- for (String principal : principals) {
- passwd = UUID.randomUUID().toString();
- createPrincipal(fixPrincipal(principal), passwd);
- }
- }
-
- private String fixPrincipal(String principal) {
- if (! principal.contains("@")) {
- principal += "@" + getKdcRealm();
- }
- return principal;
- }
-
- public void exportPrincipals(File keytabFile) throws IOException {
- Keytab keytab = new Keytab();
-
- List<KrbIdentity> identities = getIdentityService().getIdentities();
- for (KrbIdentity identity : identities) {
- PrincipalName principal = identity.getPrincipal();
- KerberosTime timestamp = new KerberosTime();
- for (EncryptionType encType : identity.getKeys().keySet()) {
- EncryptionKey ekey = identity.getKeys().get(encType);
- int keyVersion = ekey.getKvno();
- keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey));
- }
- }
-
- keytab.store(keytabFile);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/cacert.pem b/haox-kerb/kerb-kdc-test/src/main/resources/cacert.pem
deleted file mode 100644
index 6b91561..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/cacert.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
-eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
-MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
-Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
-cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
-uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
-u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
-F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
-d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
-fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
-xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
-V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/cakey.pem b/haox-kerb/kerb-kdc-test/src/main/resources/cakey.pem
deleted file mode 100644
index 66dc806..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/cakey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
-NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
-s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
-AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
-usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
-Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
-Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
-IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
-Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
-zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
-0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
-tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
-GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
-L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
-pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
-YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
-/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
-XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
-VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
-ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
-XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
-IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
-OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
-oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
-5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/extensions.kdc b/haox-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
deleted file mode 100644
index 8052f71..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
+++ /dev/null
@@ -1,36 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-[kdc_cert]
-basicConstraints=CA:FALSE
-keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
-extendedKeyUsage=1.3.6.1.5.2.3.5
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-issuerAltName=issuer:copy
-subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
-
-[kdc_princ_name]
-realm=EXP:0,GeneralString:${ENV::REALM}
-principal_name=EXP:1,SEQUENCE:kdc_principal_seq
-
-[kdc_principal_seq]
-name_type=EXP:0,INTEGER:1
-name_string=EXP:1,SEQUENCE:kdc_principals
-
-[kdc_principals]
-princ1=GeneralString:krbtgt
-princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf b/haox-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
deleted file mode 100644
index d118dd1..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = {0}
- udp_preference_limit = 1
-
-[realms]
- {0} = '{'
- kdc = {1}:{2}
- '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff b/haox-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
deleted file mode 100644
index bc989c3..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
+++ /dev/null
@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-dn: ou=users,dc=${0},dc=${1}
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: KDC Service
-sn: Service
-uid: krbtgt
-userPassword: secret
-krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
-krb5KeyVersionNumber: 0
-
-dn: uid=ldap,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: LDAP
-sn: Service
-uid: ldap
-userPassword: secret
-krb5PrincipalName: ldap/${4}@${2}.${3}
-krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/kdccert.pem b/haox-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/kdckey.pem b/haox-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/usercert.pem b/haox-kerb/kerb-kdc-test/src/main/resources/usercert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/usercert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/main/resources/userkey.pem b/haox-kerb/kerb-kdc-test/src/main/resources/userkey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/haox-kerb/kerb-kdc-test/src/main/resources/userkey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java b/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
deleted file mode 100644
index 325baeb..0000000
--- a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTest.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.spec.ticket.ServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-import org.junit.Assert;
-import org.junit.Test;
-
-public class KdcTest extends KdcTestBase {
-
- private String password = "123456";
-
- @Override
- protected void setUpKdcServer() throws Exception {
- super.setUpKdcServer();
- kdcServer.createPrincipal(clientPrincipal, password);
- }
-
- @Test
- public void testKdc() throws Exception {
- kdcServer.start();
- Assert.assertTrue(kdcServer.isStarted());
-
- krbClnt.init();
- TgtTicket tgt = krbClnt.requestTgtTicket(clientPrincipal, password, null);
- Assert.assertNotNull(tgt);
-
- ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
- Assert.assertNotNull(tkt);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTestBase.java b/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTestBase.java
deleted file mode 100644
index a692582..0000000
--- a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/KdcTestBase.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.client.KrbClient;
-import org.apache.kerberos.kerb.server.TestKdcServer;
-import org.junit.After;
-import org.junit.Before;
-
-public abstract class KdcTestBase {
-
- protected String kdcRealm;
- protected String clientPrincipal;
- protected String serverPrincipal;
-
- protected String hostname = "localhost";
- protected short tcpPort = 8088;
- protected short udpPort = 8089;
-
- protected TestKdcServer kdcServer;
- protected KrbClient krbClnt;
-
- @Before
- public void setUp() throws Exception {
- setUpKdcServer();
- setUpClient();
- }
-
- protected void setUpKdcServer() throws Exception {
- kdcServer = new TestKdcServer();
- kdcServer.setKdcHost(hostname);
- kdcServer.setKdcTcpPort(tcpPort);
- kdcServer.setKdcUdpPort(udpPort);
- kdcServer.init();
-
- kdcRealm = kdcServer.getKdcRealm();
- clientPrincipal = "drankye@" + kdcRealm;
-
- serverPrincipal = "test-service/localhost@" + kdcRealm;
- kdcServer.createPrincipals(serverPrincipal);
- }
-
- protected void setUpClient() throws Exception {
- krbClnt = new KrbClient(hostname, tcpPort);
- krbClnt.setTimeout(5);
- krbClnt.setKdcRealm(kdcServer.getKdcRealm());
- }
-
-
-
- @After
- public void tearDown() throws Exception {
- kdcServer.stop();
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithCertKdcTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithCertKdcTest.java b/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithCertKdcTest.java
deleted file mode 100644
index eeb9e62..0000000
--- a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithCertKdcTest.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.ticket.ServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-import org.haox.pki.Pkix;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-import java.security.PrivateKey;
-import java.security.cert.Certificate;
-
-/**
- openssl genrsa -out cakey.pem 2048
- openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
- vi extensions.kdc
- openssl genrsa -out kdckey.pem 2048
- openssl req -new -out kdc.req -key kdckey.pem
- env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
- -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
- */
-public class WithCertKdcTest extends KdcTestBase {
-
- private Certificate userCert;
- private PrivateKey userKey;
-
- @Override
- protected void setUpClient() throws Exception {
- super.setUpClient();
-
- loadCredentials();
- }
-
- @Override
- protected void setUpKdcServer() throws Exception {
- super.setUpKdcServer();
- kdcServer.createPrincipals(clientPrincipal);
- }
-
- //@Test
- public void testKdc() throws Exception {
- Assert.assertNotNull(userCert);
-
- kdcServer.start();
- Assert.assertTrue(kdcServer.isStarted());
- krbClnt.init();
-
- TgtTicket tgt = null;
- try {
- tgt = krbClnt.requestTgtTicket(clientPrincipal, userCert, userKey, null);
- } catch (KrbException te) {
- Assert.assertTrue(te.getMessage().contains("timeout"));
- return;
- }
- Assert.assertNull(tgt);
-
- ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
- Assert.assertNull(tkt);
- }
-
- private void loadCredentials() throws IOException, GeneralSecurityException {
- InputStream res = getClass().getResourceAsStream("/usercert.pem");
- userCert = Pkix.getCerts(res).iterator().next();
-
- res = getClass().getResourceAsStream("/userkey.pem");
- userKey = Pkix.getPrivateKey(res, null);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithTokenKdcTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithTokenKdcTest.java b/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithTokenKdcTest.java
deleted file mode 100644
index e47cff4..0000000
--- a/haox-kerb/kerb-kdc-test/src/test/java/org/apache/kerberos/kerb/server/WithTokenKdcTest.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.ticket.ServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-import org.haox.token.KerbToken;
-import org.junit.Assert;
-import org.junit.Test;
-
-public class WithTokenKdcTest extends KdcTestBase {
-
- private KerbToken token;
-
- @Override
- protected void setUpKdcServer() throws Exception {
- super.setUpKdcServer();
- kdcServer.createPrincipals(clientPrincipal);
- }
-
- //@Test
- public void testKdc() throws Exception {
- kdcServer.start();
- Assert.assertTrue(kdcServer.isStarted());
- krbClnt.init();
-
- TgtTicket tgt = null;
- try {
- tgt = krbClnt.requestTgtTicket(clientPrincipal, token, null);
- } catch (KrbException te) {
- Assert.assertTrue(te.getMessage().contains("timeout"));
- return;
- }
- Assert.assertNull(tgt);
-
- ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
- Assert.assertNull(tkt);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/pom.xml b/haox-kerb/kerb-server/pom.xml
deleted file mode 100644
index 0fd7984..0000000
--- a/haox-kerb/kerb-server/pom.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-server</artifactId>
-
- <name>Haox-kerb Server</name>
- <description>Haox-kerb Server</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-common</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-identity</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-event</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-pkix</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfig.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfig.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfig.java
deleted file mode 100644
index 75db95d..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfig.java
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.haox.config.Conf;
-import org.apache.kerberos.kerb.common.KrbConfHelper;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-import java.util.List;
-
-public class KdcConfig {
- protected Conf conf;
-
- public KdcConfig() {
- this.conf = new Conf();
- }
-
- public Conf getConf() {
- return this.conf;
- }
-
- public boolean enableDebug() {
- return conf.getBoolean(KdcConfigKey.KRB_DEBUG);
- }
-
- public String getKdcServiceName() {
- return conf.getString(KdcConfigKey.KDC_SERVICE_NAME);
- }
-
- public String getWorkDir() {
- return conf.getString(KdcConfigKey.WORK_DIR);
- }
-
- public String getKdcHost() {
- return conf.getString(KdcConfigKey.KDC_HOST);
- }
-
- public short getKdcTcpPort() {
- Integer kdcTcpPort = KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_TCP_PORT);
- return kdcTcpPort.shortValue();
- }
-
- public short getKdcUdpPort() {
- Integer kdcUdpPort = KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_UDP_PORT);
- return kdcUdpPort.shortValue();
- }
-
- public String getKdcRealm() {
- return conf.getString(KdcConfigKey.KDC_REALM);
- }
-
- public String getKdcDomain() {
- return conf.getString(KdcConfigKey.KDC_DOMAIN);
- }
-
- public boolean isPreauthRequired() {
- return conf.getBoolean(KdcConfigKey.PREAUTH_REQUIRED);
- }
-
- public String getTgsPrincipal() {
- return conf.getString(KdcConfigKey.TGS_PRINCIPAL);
- }
-
- public long getAllowableClockSkew() {
- return conf.getLong(KdcConfigKey.ALLOWABLE_CLOCKSKEW);
- }
-
- public boolean isEmptyAddressesAllowed() {
- return conf.getBoolean(KdcConfigKey.EMPTY_ADDRESSES_ALLOWED);
- }
-
- public boolean isForwardableAllowed() {
- return conf.getBoolean(KdcConfigKey.FORWARDABLE_ALLOWED);
- }
-
- public boolean isPostdatedAllowed() {
- return conf.getBoolean(KdcConfigKey.POSTDATED_ALLOWED);
- }
-
- public boolean isProxiableAllowed() {
- return conf.getBoolean(KdcConfigKey.PROXIABLE_ALLOWED);
- }
-
- public boolean isRenewableAllowed() {
- return conf.getBoolean(KdcConfigKey.RENEWABLE_ALLOWED);
- }
-
- public long getMaximumRenewableLifetime() {
- return conf.getLong(KdcConfigKey.MAXIMUM_RENEWABLE_LIFETIME);
- }
-
- public long getMaximumTicketLifetime() {
- return conf.getLong(KdcConfigKey.MAXIMUM_TICKET_LIFETIME);
- }
-
- public long getMinimumTicketLifetime() {
- return conf.getLong(KdcConfigKey.MINIMUM_TICKET_LIFETIME);
- }
-
- public List<EncryptionType> getEncryptionTypes() {
- List<String> eTypes = conf.getList(KdcConfigKey.ENCRYPTION_TYPES);
- return KrbConfHelper.getEncryptionTypes(eTypes);
- }
-
- public boolean isPaEncTimestampRequired() {
- return conf.getBoolean(KdcConfigKey.PA_ENC_TIMESTAMP_REQUIRED);
- }
-
- public boolean isBodyChecksumVerified() {
- return conf.getBoolean(KdcConfigKey.VERIFY_BODY_CHECKSUM);
- }
-
- public String getDefaultLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.DEFAULT);
- }
-
- public String getKdcLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.KDC);
- }
-
- public String getAdminLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.ADMIN_SERVER);
- }
-
- public boolean isRestrictAnonymousToTgt() {
- return KrbConfHelper.getBooleanUnderSection(conf, KdcConfigKey.RESTRICT_ANONYMOUS_TO_TGT);
- }
-
- public int getKdcMaxDgramReplySize() {
- return KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_MAX_DGRAM_REPLY_SIZE);
- }
-
- public String[] getLdapKerberosContainerDn() {
- return KrbConfHelper.getStringArrayUnderSection(conf, KdcConfigKey.LDAP_KERBEROS_CONTAINER_DN);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
deleted file mode 100644
index 54c5703..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.haox.config.ConfigKey;
-import org.apache.kerberos.kerb.common.SectionConfigKey;
-
-public enum KdcConfigKey implements SectionConfigKey {
- KRB_DEBUG(true),
- WORK_DIR,
- KDC_SERVICE_NAME("Haox_KDC_Server"),
- KDC_HOST("127.0.0.1"),
- KDC_UDP_PORT(8016, "kdcdefaults"),
- KDC_TCP_PORT(8015, "kdcdefaults"),
- KDC_DOMAIN("example.com"),
- KDC_REALM("EXAMPLE.COM"),
- TGS_PRINCIPAL("krbtgt@EXAMPLE.COM"),
- PREAUTH_REQUIRED(true),
- ALLOWABLE_CLOCKSKEW(5 * 60L),
- EMPTY_ADDRESSES_ALLOWED(true),
- PA_ENC_TIMESTAMP_REQUIRED(true),
- MAXIMUM_TICKET_LIFETIME(24 * 3600L),
- MINIMUM_TICKET_LIFETIME(1 * 3600L),
- MAXIMUM_RENEWABLE_LIFETIME(48 * 3600L),
- FORWARDABLE_ALLOWED(true),
- POSTDATED_ALLOWED(true),
- PROXIABLE_ALLOWED(true),
- RENEWABLE_ALLOWED(true),
- VERIFY_BODY_CHECKSUM(true),
- ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd" }),
- RESTRICT_ANONYMOUS_TO_TGT(false, "kdcdefaults"),
- KDC_MAX_DGRAM_REPLY_SIZE(4096, "kdcdefaults"),
-
- //logging location TODO the default log location need to be determinded.
- DEFAULT(null, "logging"),
- KDC(null, "logging"),
- ADMIN_SERVER(null, "logging"),
-
- //dbdefaults
- LDAP_KERBEROS_CONTAINER_DN(null, "dbdefaults");
-
- private Object defaultValue;
- /**
- * The name of a section where a config key is contained in MIT Kerberos config file.
- */
- private String sectionName;
-
- private KdcConfigKey() {
- this.defaultValue = null;
- }
-
- private KdcConfigKey(Object defaultValue) {
- this.defaultValue = defaultValue;
- }
-
- private KdcConfigKey(Object defaultValue, String sectionName) {
- this(defaultValue);
- this.sectionName = sectionName;
- }
-
- /**
- * Use the propertyKey, we can get the configuration value from Object Conf.
- */
- @Override
- public String getPropertyKey() {
- return name().toLowerCase();
- }
-
- @Override
- public Object getDefaultValue() {
- return this.defaultValue;
- }
-
- @Override
- public String getSectionName() {
- return sectionName;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcContext.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcContext.java
deleted file mode 100644
index 431df70..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcContext.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.identity.IdentityService;
-import org.apache.kerberos.kerb.server.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.server.replay.ReplayCheckService;
-
-import java.util.List;
-
-public class KdcContext {
- private KdcConfig config;
- private List<String> supportedKdcRealms;
- private String kdcRealm;
- private IdentityService identityService;
- private ReplayCheckService replayCache;
- private PreauthHandler preauthHandler;
-
- public void init(KdcConfig config) {
- this.config = config;
- }
-
- public KdcConfig getConfig() {
- return config;
- }
-
- public void setPreauthHandler(PreauthHandler preauthHandler) {
- this.preauthHandler = preauthHandler;
- }
-
- public PreauthHandler getPreauthHandler() {
- return this.preauthHandler;
- }
-
- public List<String> getSupportedKdcRealms() {
- return supportedKdcRealms;
- }
-
- public void setSupportedKdcRealms(List<String> supportedKdcRealms) {
- this.supportedKdcRealms = supportedKdcRealms;
- }
-
- public void setKdcRealm(String realm) {
- this.kdcRealm = realm;
- }
-
- public String getServerRealm() {
- return config.getKdcRealm();
- }
-
- public String getKdcRealm() {
- if (kdcRealm != null) {
- return kdcRealm;
- }
- return config.getKdcRealm();
- }
-
- public void setReplayCache(ReplayCheckService replayCache) {
- this.replayCache = replayCache;
- }
-
- public ReplayCheckService getReplayCache() {
- return replayCache;
- }
-
- public void setIdentityService(IdentityService identityService) {
- this.identityService = identityService;
- }
-
-
- public IdentityService getIdentityService() {
- return identityService;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcHandler.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcHandler.java
deleted file mode 100644
index 086487f..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcHandler.java
+++ /dev/null
@@ -1,148 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.common.KrbUtil;
-import org.apache.kerberos.kerb.identity.IdentityService;
-import org.apache.kerberos.kerb.server.preauth.PreauthHandler;
-import org.apache.kerberos.kerb.server.replay.ReplayCheckService;
-import org.apache.kerberos.kerb.server.request.AsRequest;
-import org.apache.kerberos.kerb.server.request.KdcRequest;
-import org.apache.kerberos.kerb.server.request.TgsRequest;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.kdc.AsReq;
-import org.apache.kerberos.kerb.spec.kdc.KdcReq;
-import org.apache.kerberos.kerb.spec.kdc.TgsReq;
-import org.apache.haox.transport.MessageHandler;
-import org.apache.haox.transport.Transport;
-import org.apache.haox.transport.event.MessageEvent;
-import org.apache.haox.transport.tcp.TcpTransport;
-
-import java.net.InetSocketAddress;
-import java.nio.ByteBuffer;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-public class KdcHandler extends MessageHandler {
-
- private List<String> kdcRealms = new ArrayList<String>(1);
- private Map<String, KdcContext> kdcContexts;
-
- private KdcConfig kdcConfig;
- private PreauthHandler preauthHandler;
-
- // TODO: per realm for below
- private IdentityService identityService;
- private ReplayCheckService replayCheckService;
-
- /**
- * Should be called when all the necessary properties are set
- */
- public void init() {
- loadKdcRealms();
-
- preauthHandler = new PreauthHandler();
- preauthHandler.init(kdcConfig);
-
- kdcContexts = new HashMap<String, KdcContext>(1);
- for (String realm : kdcRealms) {
- initRealmContext(realm);
- }
- }
-
- private void initRealmContext(String kdcRealm) {
- KdcContext kdcContext = new KdcContext();
- kdcContext.init(kdcConfig);
- kdcContext.setKdcRealm(kdcRealm);
- kdcContext.setPreauthHandler(preauthHandler);
- kdcContext.setIdentityService(identityService);
- kdcContext.setReplayCache(replayCheckService);
-
- kdcContexts.put(kdcRealm, kdcContext);
- }
-
- public void setKdcRealm(String realm) {
- this.kdcRealms.add(realm);
- }
-
- public void setConfig(KdcConfig config) {
- this.kdcConfig = config;
- }
-
- public void setIdentityService(IdentityService identityService) {
- this.identityService = identityService;
- }
-
- @Override
- protected void handleMessage(MessageEvent event) throws Exception {
- ByteBuffer message = event.getMessage();
- Transport transport = event.getTransport();
-
- KrbMessage krbRequest = KrbUtil.decodeMessage(message);
- KdcRequest kdcRequest = null;
-
- KrbMessageType messageType = krbRequest.getMsgType();
- if (messageType == KrbMessageType.TGS_REQ || messageType == KrbMessageType.AS_REQ) {
- KdcReq kdcReq = (KdcReq) krbRequest;
- String realm = getRequestRealm(kdcReq);
- if (realm == null || !kdcContexts.containsKey(realm)) {
- throw new KrbException("Invalid realm from kdc request: " + realm);
- }
-
- KdcContext kdcContext = kdcContexts.get(realm);
- if (messageType == KrbMessageType.TGS_REQ) {
- kdcRequest = new TgsRequest((TgsReq) kdcReq, kdcContext);
- } else if (messageType == KrbMessageType.AS_REQ) {
- kdcRequest = new AsRequest((AsReq) kdcReq, kdcContext);
- }
- }
-
- InetSocketAddress clientAddress = transport.getRemoteAddress();
- kdcRequest.setClientAddress(clientAddress.getAddress());
- boolean isTcp = (transport instanceof TcpTransport);
- kdcRequest.isTcp(isTcp);
-
- kdcRequest.process();
-
- KrbMessage krbResponse = kdcRequest.getReply();
- KrbUtil.sendMessage(krbResponse, transport);
- }
-
- private void loadKdcRealms() {
- if (kdcRealms.isEmpty()) {
- kdcRealms.add(kdcConfig.getKdcRealm());
- }
- }
-
- private String getRequestRealm(KdcReq kdcReq) {
- String realm = kdcReq.getReqBody().getRealm();
- if (realm == null && kdcReq.getReqBody().getCname() != null) {
- realm = kdcReq.getReqBody().getCname().getRealm();
- }
- if (realm == null || realm.isEmpty()) {
- realm = "NULL-KDC-REALM";
- }
- return realm;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcServer.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcServer.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcServer.java
deleted file mode 100644
index db101c1..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcServer.java
+++ /dev/null
@@ -1,196 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.haox.event.EventHub;
-import org.apache.kerberos.kerb.common.KrbStreamingDecoder;
-import org.apache.kerberos.kerb.identity.IdentityService;
-import org.apache.haox.transport.Network;
-
-import java.io.File;
-
-public class KdcServer {
- private String kdcHost;
- private short kdcTcpPort;
- private short kdcUdpPort;
- private String kdcRealm;
-
- private boolean started;
- private String serviceName = "HaoxKdc";
-
- private KdcHandler kdcHandler;
- private EventHub eventHub;
-
- protected KdcConfig kdcConfig;
- protected IdentityService identityService;
- protected File workDir;
-
- public KdcServer() {
- kdcConfig = new KdcConfig();
- }
-
- public void init() {
- initConfig();
-
- initWorkDir();
- }
-
- protected void initWorkDir() {
- String path = kdcConfig.getWorkDir();
- File file;
- if (path != null) {
- file = new File(path);
- file.mkdirs();
- } else {
- file = new File(".");
- }
-
- this.workDir = file;
- }
-
- protected void initConfig() {}
-
- public void start() {
- try {
- doStart();
- } catch (Exception e) {
- throw new RuntimeException("Failed to start " + getServiceName(), e);
- }
-
- started = true;
- }
-
- public String getKdcRealm() {
- if (kdcRealm != null) {
- return kdcRealm;
- }
- return kdcConfig.getKdcRealm();
- }
-
- private String getKdcHost() {
- if (kdcHost != null) {
- return kdcHost;
- }
- return kdcConfig.getKdcHost();
- }
-
- private short getKdcTcpPort() {
- if (kdcTcpPort > 0) {
- return kdcTcpPort;
- }
- return kdcConfig.getKdcTcpPort();
- }
-
- private short getKdcUdpPort() {
- if (kdcUdpPort > 0) {
- return kdcUdpPort;
- }
- return kdcConfig.getKdcUdpPort();
- }
-
- public void setKdcHost(String kdcHost) {
- this.kdcHost = kdcHost;
- }
-
- public void setKdcTcpPort(short kdcTcpPort) {
- this.kdcTcpPort = kdcTcpPort;
- }
-
- public void setKdcUdpPort(short kdcUdpPort) {
- this.kdcUdpPort = kdcUdpPort;
- }
-
- public void setKdcRealm(String realm) {
- this.kdcRealm = realm;
- }
-
- public boolean enableDebug() {
- return kdcConfig.enableDebug();
- }
-
- protected void doStart() throws Exception {
- prepareHandler();
-
- this.eventHub = new EventHub();
-
- eventHub.register(kdcHandler);
-
- Network network = new Network();
- network.setStreamingDecoder(new KrbStreamingDecoder());
- eventHub.register(network);
-
- eventHub.start();
- network.tcpListen(getKdcHost(), getKdcTcpPort());
- network.udpListen(getKdcHost(), getKdcUdpPort());
- }
-
- private void prepareHandler() {
- this.kdcHandler = new KdcHandler();
- kdcHandler.setConfig(kdcConfig);
- kdcHandler.setIdentityService(identityService);
- if (kdcRealm != null) {
- kdcHandler.setKdcRealm(kdcRealm);
- }
- kdcHandler.init();
- }
-
- public void stop() {
- try {
- doStop();
- } catch (Exception e) {
- throw new RuntimeException("Failed to stop " + getServiceName());
- }
- }
-
- protected void doStop() throws Exception {
- eventHub.stop();
- }
-
- public KdcConfig getConfig() {
- return kdcConfig;
- }
-
- public boolean isStarted() {
- return started;
- }
-
- protected void setStarted( boolean started ) {
- this.started = started;
- }
-
- protected void setServiceName( String name ) {
- this.serviceName = name;
- }
-
- protected String getServiceName() {
- if (serviceName != null) {
- return serviceName;
- }
- return kdcConfig.getKdcServiceName();
- }
-
- public IdentityService getIdentityService() {
- return identityService;
- }
-
- protected void setIdentityService(IdentityService identityService) {
- this.identityService = identityService;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/SimpleKdcServer.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/SimpleKdcServer.java b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/SimpleKdcServer.java
deleted file mode 100644
index 6134afd..0000000
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/SimpleKdcServer.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.server;
-
-import org.apache.kerberos.kerb.identity.IdentityService;
-import org.apache.kerberos.kerb.identity.backend.SimpleIdentityBackend;
-
-import java.io.File;
-
-public class SimpleKdcServer extends KdcServer {
-
- public SimpleKdcServer() {
- super();
- }
-
- public void init() {
- super.init();
- initIdentityService();
- }
-
- protected void initIdentityService() {
- File identityFile = new File(workDir, "simplekdb.dat");
- IdentityService identityService = new SimpleIdentityBackend(identityFile);
- setIdentityService(identityService);
- }
-}
\ No newline at end of file
[21/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1String.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1String.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1String.java
new file mode 100644
index 0000000..3f75d07
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1String.java
@@ -0,0 +1,292 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.List;
+
+public abstract class Asn1String extends Asn1Simple<String>
+{
+ public Asn1String(UniversalTag tagNo) {
+ super(tagNo, null);
+ }
+
+ public Asn1String(UniversalTag tagNo, String value) {
+ super(tagNo, value);
+ }
+
+ @Override
+ protected void toBytes() {
+ byte[] bytes = getValue().getBytes(StandardCharsets.US_ASCII);
+ setBytes(bytes);
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ if (getValue() != null) {
+ return getValue().length();
+ }
+ return 0;
+ }
+
+ protected void toValue() throws IOException {
+ byte[] bytes = getBytes();
+ setValue(new String(bytes, StandardCharsets.US_ASCII));
+ }
+
+ public static String fromUTF8ByteArray(byte[] bytes) {
+ int i = 0;
+ int length = 0;
+
+ while (i < bytes.length) {
+ length++;
+ if ((bytes[i] & 0xf0) == 0xf0) {
+ // surrogate pair
+ length++;
+ i += 4;
+ } else if ((bytes[i] & 0xe0) == 0xe0) {
+ i += 3;
+ } else if ((bytes[i] & 0xc0) == 0xc0) {
+ i += 2;
+ } else {
+ i += 1;
+ }
+ }
+
+ char[] cs = new char[length];
+ i = 0;
+ length = 0;
+
+ while (i < bytes.length) {
+ char ch;
+
+ if ((bytes[i] & 0xf0) == 0xf0) {
+ int codePoint = ((bytes[i] & 0x03) << 18) | ((bytes[i+1] & 0x3F) << 12) | ((bytes[i+2] & 0x3F) << 6) | (bytes[i+3] & 0x3F);
+ int U = codePoint - 0x10000;
+ char W1 = (char)(0xD800 | (U >> 10));
+ char W2 = (char)(0xDC00 | (U & 0x3FF));
+ cs[length++] = W1;
+ ch = W2;
+ i += 4;
+ } else if ((bytes[i] & 0xe0) == 0xe0) {
+ ch = (char)(((bytes[i] & 0x0f) << 12)
+ | ((bytes[i + 1] & 0x3f) << 6) | (bytes[i + 2] & 0x3f));
+ i += 3;
+ } else if ((bytes[i] & 0xd0) == 0xd0) {
+ ch = (char)(((bytes[i] & 0x1f) << 6) | (bytes[i + 1] & 0x3f));
+ i += 2;
+ } else if ((bytes[i] & 0xc0) == 0xc0) {
+ ch = (char)(((bytes[i] & 0x1f) << 6) | (bytes[i + 1] & 0x3f));
+ i += 2;
+ } else {
+ ch = (char)(bytes[i] & 0xff);
+ i += 1;
+ }
+
+ cs[length++] = ch;
+ }
+
+ return new String(cs);
+ }
+
+ public static byte[] toUTF8ByteArray(String string) {
+ return toUTF8ByteArray(string.toCharArray());
+ }
+
+ public static byte[] toUTF8ByteArray(char[] string) {
+ ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+ try {
+ toUTF8ByteArray(string, bOut);
+ } catch (IOException e) {
+ throw new IllegalStateException("cannot encode string to byte array!");
+ }
+
+ return bOut.toByteArray();
+ }
+
+ public static void toUTF8ByteArray(char[] string, OutputStream sOut) throws IOException {
+ char[] c = string;
+ int i = 0;
+
+ while (i < c.length) {
+ char ch = c[i];
+
+ if (ch < 0x0080) {
+ sOut.write(ch);
+ } else if (ch < 0x0800) {
+ sOut.write(0xc0 | (ch >> 6));
+ sOut.write(0x80 | (ch & 0x3f));
+ }
+ // surrogate pair
+ else if (ch >= 0xD800 && ch <= 0xDFFF) {
+ // in error - can only happen, if the Java String class has a
+ // bug.
+ if (i + 1 >= c.length) {
+ throw new IllegalStateException("invalid UTF-16 codepoint");
+ }
+ char W1 = ch;
+ ch = c[++i];
+ char W2 = ch;
+ // in error - can only happen, if the Java String class has a
+ // bug.
+ if (W1 > 0xDBFF) {
+ throw new IllegalStateException("invalid UTF-16 codepoint");
+ }
+ int codePoint = (((W1 & 0x03FF) << 10) | (W2 & 0x03FF)) + 0x10000;
+ sOut.write(0xf0 | (codePoint >> 18));
+ sOut.write(0x80 | ((codePoint >> 12) & 0x3F));
+ sOut.write(0x80 | ((codePoint >> 6) & 0x3F));
+ sOut.write(0x80 | (codePoint & 0x3F));
+ } else {
+ sOut.write(0xe0 | (ch >> 12));
+ sOut.write(0x80 | ((ch >> 6) & 0x3F));
+ sOut.write(0x80 | (ch & 0x3F));
+ }
+
+ i++;
+ }
+ }
+
+ /**
+ * A locale independent version of toUpperCase.
+ *
+ * @param string input to be converted
+ * @return a US Ascii uppercase version
+ */
+ public static String toUpperCase(String string) {
+ boolean changed = false;
+ char[] chars = string.toCharArray();
+
+ for (int i = 0; i != chars.length; i++) {
+ char ch = chars[i];
+ if ('a' <= ch && 'z' >= ch) {
+ changed = true;
+ chars[i] = (char)(ch - 'a' + 'A');
+ }
+ }
+
+ if (changed) {
+ return new String(chars);
+ }
+
+ return string;
+ }
+
+ /**
+ * A locale independent version of toLowerCase.
+ *
+ * @param string input to be converted
+ * @return a US ASCII lowercase version
+ */
+ public static String toLowerCase(String string) {
+ boolean changed = false;
+ char[] chars = string.toCharArray();
+
+ for (int i = 0; i != chars.length; i++) {
+ char ch = chars[i];
+ if ('A' <= ch && 'Z' >= ch) {
+ changed = true;
+ chars[i] = (char)(ch - 'A' + 'a');
+ }
+ }
+
+ if (changed) {
+ return new String(chars);
+ }
+
+ return string;
+ }
+
+ public static byte[] toByteArray(char[] chars) {
+ byte[] bytes = new byte[chars.length];
+
+ for (int i = 0; i != bytes.length; i++) {
+ bytes[i] = (byte)chars[i];
+ }
+
+ return bytes;
+ }
+
+ public static byte[] toByteArray(String string) {
+ byte[] bytes = new byte[string.length()];
+
+ for (int i = 0; i != bytes.length; i++) {
+ char ch = string.charAt(i);
+
+ bytes[i] = (byte)ch;
+ }
+
+ return bytes;
+ }
+
+ /**
+ * Convert an array of 8 bit characters into a string.
+ *
+ * @param bytes 8 bit characters.
+ * @return resulting String.
+ */
+ public static String fromByteArray(byte[] bytes) {
+ return new String(asCharArray(bytes));
+ }
+
+ /**
+ * Do a simple conversion of an array of 8 bit characters into a string.
+ *
+ * @param bytes 8 bit characters.
+ * @return resulting String.
+ */
+ public static char[] asCharArray(byte[] bytes) {
+ char[] chars = new char[bytes.length];
+
+ for (int i = 0; i != chars.length; i++) {
+ chars[i] = (char)(bytes[i] & 0xff);
+ }
+
+ return chars;
+ }
+
+ public static String[] split(String input, char delimiter) {
+ List<String> v = new ArrayList<String>();
+ boolean moreTokens = true;
+ String subString;
+
+ while (moreTokens) {
+ int tokenLocation = input.indexOf(delimiter);
+ if (tokenLocation > 0) {
+ subString = input.substring(0, tokenLocation);
+ v.add(subString);
+ input = input.substring(tokenLocation + 1);
+ } else {
+ moreTokens = false;
+ v.add(input);
+ }
+ }
+
+ return v.toArray(new String[v.size()]);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61String.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61String.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61String.java
new file mode 100644
index 0000000..2b8e92b
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61String.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1T61String extends Asn1String
+{
+ public Asn1T61String() {
+ this(null);
+ }
+
+ public Asn1T61String(String value) {
+ super(UniversalTag.T61_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61Utf8String.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61Utf8String.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61Utf8String.java
new file mode 100644
index 0000000..5e0d9da
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1T61Utf8String.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.nio.charset.StandardCharsets;
+
+public class Asn1T61Utf8String extends Asn1String
+{
+ public Asn1T61Utf8String() {
+ this(null);
+ }
+
+ public Asn1T61Utf8String(String value) {
+ super(UniversalTag.T61_STRING, value);
+ }
+
+ protected void toBytes() {
+ setBytes(getValue().getBytes(StandardCharsets.UTF_8));
+ }
+
+ protected void toValue() {
+ setValue(new String(getBytes(), StandardCharsets.UTF_8));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Tagging.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Tagging.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Tagging.java
new file mode 100644
index 0000000..2b2b97f
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Tagging.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+
+import java.io.IOException;
+import java.lang.reflect.ParameterizedType;
+import java.nio.ByteBuffer;
+
+/**
+ * For tagging any Asn1Type with a tagNo
+ */
+public class Asn1Tagging<T extends Asn1Type> extends AbstractAsn1Type<T> {
+
+ public Asn1Tagging(boolean isAppSpecific) {
+ this(-1, null, isAppSpecific);
+ }
+
+ public Asn1Tagging(int tagNo, T value, boolean isAppSpecific) {
+ super(isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC, tagNo, value);
+ setEncodingOption(EncodingOption.EXPLICIT);
+ if (value == null) {
+ initValue();
+ }
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ AbstractAsn1Type value = (AbstractAsn1Type) getValue();
+ if (encodingOption.isExplicit()) {
+ return value.encodingLength();
+ } else if (encodingOption.isImplicit()) {
+ return value.encodingBodyLength();
+ } else {
+ throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
+ }
+ }
+
+ @Override
+ public boolean isConstructed() {
+ if (encodingOption.isExplicit()) {
+ return true;
+ } else if (encodingOption.isImplicit()) {
+ AbstractAsn1Type value = (AbstractAsn1Type) getValue();
+ return value.isConstructed();
+ }
+ return false;
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ AbstractAsn1Type value = (AbstractAsn1Type) getValue();
+ if (encodingOption.isExplicit()) {
+ value.encode(buffer);
+ } else if (encodingOption.isImplicit()) {
+ value.encodeBody(buffer);
+ } else {
+ throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
+ }
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ AbstractAsn1Type value = (AbstractAsn1Type) getValue();
+ if (encodingOption.isExplicit()) {
+ value.decode(content);
+ } else if (encodingOption.isImplicit()) {
+ value.decodeBody(content);
+ } else {
+ throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
+ }
+ }
+
+ private void initValue() {
+ Class<? extends Asn1Type> valueType = (Class<T>) ((ParameterizedType) getClass().getGenericSuperclass()).getActualTypeArguments()[0];
+ AbstractAsn1Type value = null;
+ try {
+ value = (AbstractAsn1Type) valueType.newInstance();
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to create tagged value", e);
+ }
+ setValue((T) value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Type.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Type.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Type.java
new file mode 100644
index 0000000..48f0d26
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Type.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.TaggingOption;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public interface Asn1Type {
+ public int tagFlags();
+ public int tagNo();
+ public void setEncodingOption(EncodingOption encodingOption);
+ public int encodingLength();
+ public byte[] encode();
+ public void encode(ByteBuffer buffer);
+ public void decode(byte[] content) throws IOException;
+ public void decode(ByteBuffer content) throws IOException;
+ public byte[] taggedEncode(TaggingOption taggingOption);
+ public void taggedEncode(ByteBuffer buffer, TaggingOption taggingOption);
+ public void taggedDecode(ByteBuffer content, TaggingOption taggingOption) throws IOException;
+ public void taggedDecode(byte[] content, TaggingOption taggingOption) throws IOException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UniversalString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UniversalString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UniversalString.java
new file mode 100644
index 0000000..104c707
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UniversalString.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1UniversalString extends Asn1String
+{
+ public Asn1UniversalString() {
+ this(null);
+ }
+
+ public Asn1UniversalString(String value) {
+ super(UniversalTag.UNIVERSAL_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UtcTime.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UtcTime.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UtcTime.java
new file mode 100644
index 0000000..c39dcdc
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1UtcTime.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.SimpleTimeZone;
+
+public class Asn1UtcTime extends Asn1Simple<Date>
+{
+ public Asn1UtcTime() {
+ this(null);
+ }
+
+ public Asn1UtcTime(long time) {
+ super(UniversalTag.UTC_TIME, new Date(time * 1000L));
+ }
+
+ public Asn1UtcTime(Date date) {
+ super(UniversalTag.UTC_TIME, date);
+ }
+
+ protected void toValue() throws IOException {
+ String dateStr = new String(getBytes(), StandardCharsets.US_ASCII);
+ String fixedDateStr = dateStr;
+
+ /*
+ * Make sure fixed date str be of the complete pattern 'YYMMDDhhmmss+/-hhmm'
+ */
+ int strLen = fixedDateStr.length();
+ if (strLen == 6) { // YYMMDD
+ fixedDateStr += "000000+0000";
+ } else if (strLen == 7) { // YYMMDDZ
+ fixedDateStr = fixedDateStr.replace("Z", "000000+0000");
+ } else if (strLen == 10) { // YYMMDDhhmm
+ fixedDateStr += "00+0000";
+ } else if (strLen == 11) { // YYMMDDhhmmZ
+ fixedDateStr = fixedDateStr.replace("Z", "00+0000");
+ } else if (strLen == 12) { // YYMMDDhhmmss
+ fixedDateStr += "+0000";
+ } else if (strLen == 13) { // YYMMDDhhmmZ
+ fixedDateStr = fixedDateStr.replace("Z", "+0000");
+ } else if (strLen != 17) {
+ throw new IllegalArgumentException("Bad utc time string " + dateStr);
+ }
+
+ SimpleDateFormat sdf;
+ sdf = new SimpleDateFormat("yyMMddHHmmssZ");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ try {
+ setValue(sdf.parse(fixedDateStr));
+ } catch (ParseException e) {
+ throw new IOException("Failed to parse " + dateStr + " as utc time", e);
+ }
+ }
+
+ @Override
+ protected void toBytes() {
+ Date date = getValue();
+ SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+
+ String str = sdf.format(date);
+ byte[] bytes = str.getBytes(StandardCharsets.US_ASCII);
+ setBytes(bytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Utf8String.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Utf8String.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Utf8String.java
new file mode 100644
index 0000000..bfa2c57
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Utf8String.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+public class Asn1Utf8String extends Asn1String
+{
+ public Asn1Utf8String() {
+ this(null);
+ }
+
+ public Asn1Utf8String(String value) {
+ super(UniversalTag.UTF8_STRING, value);
+ }
+
+ @Override
+ protected void toBytes() {
+ byte[] bytes = getValue().getBytes(StandardCharsets.UTF_8);
+ setBytes(bytes);
+ }
+
+ protected void toValue() throws IOException {
+ byte[] bytes = getBytes();
+ setValue(new String(bytes, StandardCharsets.UTF_8));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1VisibleString.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1VisibleString.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1VisibleString.java
new file mode 100644
index 0000000..c4e0f16
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1VisibleString.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.UniversalTag;
+
+public class Asn1VisibleString extends Asn1String
+{
+ public Asn1VisibleString() {
+ this(null);
+ }
+
+ public Asn1VisibleString(String value) {
+ super(UniversalTag.VISIBLE_STRING, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingCollection.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingCollection.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingCollection.java
new file mode 100644
index 0000000..48a815c
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingCollection.java
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+/**
+ * For tagging a collection type with tagNo, either application specific or context specific class
+ */
+public abstract class TaggingCollection extends AbstractAsn1Type<Asn1CollectionType> {
+ private Asn1Tagging<Asn1CollectionType> tagging;
+ private Asn1CollectionType tagged;
+
+ public TaggingCollection(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
+ super(isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC, taggingTagNo);
+ this.tagged = createTaggedCollection(tags);
+ setValue(tagged);
+ this.tagging = new Asn1Tagging<Asn1CollectionType>(taggingTagNo, tagged, isAppSpecific);
+ setEncodingOption(EncodingOption.EXPLICIT);
+ }
+
+ protected abstract Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags);
+
+ public void setEncodingOption(EncodingOption encodingOption) {
+ tagging.setEncodingOption(encodingOption);
+ }
+
+ @Override
+ public boolean isConstructed() {
+ return tagging.isConstructed();
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return tagging.encodingBodyLength();
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ tagging.encodeBody(buffer);
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ tagging.decodeBody(content);
+ }
+
+ protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
+ return tagged.getFieldAs(index, t);
+ }
+
+ protected void setFieldAs(int index, Asn1Type value) {
+ tagged.setFieldAs(index, value);
+ }
+
+ protected String getFieldAsString(int index) {
+ return tagged.getFieldAsString(index);
+ }
+
+ protected byte[] getFieldAsOctets(int index) {
+ return tagged.getFieldAsOctets(index);
+ }
+
+ protected void setFieldAsOctets(int index, byte[] bytes) {
+ tagged.setFieldAsOctets(index, bytes);
+ }
+
+ protected Integer getFieldAsInteger(int index) {
+ return tagged.getFieldAsInteger(index);
+ }
+
+ protected void setFieldAsInt(int index, int value) {
+ tagged.setFieldAsInt(index, value);
+ }
+
+ protected byte[] getFieldAsOctetBytes(int index) {
+ return tagged.getFieldAsOctets(index);
+ }
+
+ protected void setFieldAsOctetBytes(int index, byte[] value) {
+ tagged.setFieldAsOctets(index, value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSequence.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSequence.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSequence.java
new file mode 100644
index 0000000..90ecaed
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSequence.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+/**
+ * For tagging a sequence type with tagNo, either application specific or context specific class
+ */
+public class TaggingSequence extends TaggingCollection {
+
+ public TaggingSequence(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
+ super(taggingTagNo, tags, isAppSpecific);
+ }
+
+ @Override
+ protected Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags) {
+ return new Asn1SequenceType(tags);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSet.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSet.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSet.java
new file mode 100644
index 0000000..c4807d0
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/TaggingSet.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+/**
+ * For tagging a sequence type with tagNo, either application specific or context specific class
+ */
+public class TaggingSet extends TaggingCollection {
+
+ public TaggingSet(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
+ super(taggingTagNo, tags, isAppSpecific);
+ }
+
+ @Override
+ protected Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags) {
+ return new Asn1SetType(tags);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/PersonnelRecord.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/PersonnelRecord.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/PersonnelRecord.java
new file mode 100644
index 0000000..39e08e6
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/PersonnelRecord.java
@@ -0,0 +1,208 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.*;
+
+/**
+ * Ref. X.690-0207(http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf),
+ * Annex A, A.1 ASN.1 description of the record structure
+ */
+public class PersonnelRecord extends TaggingSet {
+ private static int NAME = 0;
+ private static int TITLE = 1;
+ private static int NUMBER = 2;
+ private static int DATEOFHIRE= 3;
+ private static int NAMEOFSPOUSE = 4;
+ private static int CHILDREN = 5;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME, -1, Name.class),
+ new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
+ new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
+ new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
+ new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
+ new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
+ };
+
+ public PersonnelRecord() {
+ super(0, fieldInfos, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+
+ public void setName(Name name) {
+ setFieldAs(NAME, name);
+ }
+
+ public Name getName() {
+ return getFieldAs(NAME, Name.class);
+ }
+
+ public void setTitle(String title) {
+ setFieldAs(TITLE, new Asn1VisibleString(title));
+ }
+
+ public String getTitle() {
+ return getFieldAsString(TITLE);
+ }
+
+ public void setEmployeeNumber(EmployeeNumber employeeNumber) {
+ setFieldAs(NUMBER, employeeNumber);
+ }
+
+ public EmployeeNumber getEmployeeNumber() {
+ return getFieldAs(NUMBER, EmployeeNumber.class);
+ }
+
+ public void setDateOfHire(Date dateOfHire) {
+ setFieldAs(DATEOFHIRE, dateOfHire);
+ }
+
+ public Date getDateOfHire() {
+ return getFieldAs(DATEOFHIRE, Date.class);
+ }
+
+ public void setNameOfSpouse(Name spouse) {
+ setFieldAs(NAMEOFSPOUSE, spouse);
+ }
+
+ public Name getNameOfSpouse() {
+ return getFieldAs(NAMEOFSPOUSE, Name.class);
+ }
+
+ public void setChildren(Children children) {
+ setFieldAs(CHILDREN, children);
+ }
+
+ public Children getChildren() {
+ return getFieldAs(CHILDREN, Children.class);
+ }
+
+ public static class Children extends Asn1SequenceOf<ChildInformation> {
+ public Children(ChildInformation ... children) {
+ super();
+ for (ChildInformation child : children) {
+ addElement(child);
+ }
+ }
+
+ public Children() {
+ super();
+ }
+ }
+
+ public static class ChildInformation extends Asn1SetType {
+ private static int NAME = 0;
+ private static int DATEOFBIRTH = 1;
+
+ static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME, -1, Name.class),
+ new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
+ };
+
+ public ChildInformation() {
+ super(tags);
+ }
+
+ public void setName(Name name) {
+ setFieldAs(NAME, name);
+ }
+
+ public Name getName() {
+ return getFieldAs(NAME, Name.class);
+ }
+
+ public void setDateOfBirth(Date date) {
+ setFieldAs(DATEOFBIRTH, date);
+ }
+
+ public Date getDateOfBirth() {
+ return getFieldAs(DATEOFBIRTH, Date.class);
+ }
+ }
+
+ public static class Name extends TaggingSequence {
+ private static int GIVENNAME = 0;
+ private static int INITIAL = 1;
+ private static int FAMILYNAME = 2;
+
+ static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
+ new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
+ new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
+ };
+
+ public Name() {
+ super(1, tags, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+
+ public Name(String givenName, String initial, String familyName) {
+ this();
+ setGivenName(givenName);
+ setInitial(initial);
+ setFamilyName(familyName);
+ }
+
+ public void setGivenName(String givenName) {
+ setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
+ }
+
+ public String getGivenName() {
+ return getFieldAsString(GIVENNAME);
+ }
+
+ public void setInitial(String initial) {
+ setFieldAs(INITIAL, new Asn1VisibleString(initial));
+ }
+
+ public String getInitial() {
+ return getFieldAsString(INITIAL);
+ }
+
+ public void setFamilyName(String familyName) {
+ setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
+ }
+
+ public String getFamilyName() {
+ return getFieldAsString(FAMILYNAME);
+ }
+ }
+
+ public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
+ public EmployeeNumber(Integer value) {
+ super(2, new Asn1Integer(value), true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public EmployeeNumber() {
+ this(null);
+ }
+ }
+
+ public static class Date extends Asn1Tagging<Asn1VisibleString> {
+ public Date(String value) {
+ super(3, new Asn1VisibleString(value), true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public Date() {
+ this(null);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Boolean.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Boolean.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Boolean.java
new file mode 100644
index 0000000..79e2547
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Boolean.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1Boolean;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+public class TestAsn1Boolean {
+
+ @Test
+ public void testEncoding() {
+ testEncodingWith(true, "0x01 01 FF");
+ testEncodingWith(false, "0x01 01 00");
+ }
+
+ private void testEncodingWith(Boolean value, String expectedEncoding) {
+ byte[] expected = Util.hex2bytes(expectedEncoding);
+ Asn1Boolean aValue = new Asn1Boolean(value);
+ aValue.setEncodingOption(EncodingOption.DER);
+ byte[] encodingBytes = aValue.encode();
+ Assert.assertArrayEquals(expected, encodingBytes);
+ }
+
+ @Test
+ public void testDecoding() throws IOException {
+ testDecodingWith(true, "0x01 01 FF");
+ testDecodingWith(false, "0x01 01 00");
+ }
+
+ private void testDecodingWith(Boolean expectedValue, String content) throws IOException {
+ Asn1Boolean decoded = new Asn1Boolean();
+ decoded.setEncodingOption(EncodingOption.DER);
+ decoded.decode(Util.hex2bytes(content));
+ Assert.assertEquals(expectedValue, decoded.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Collection.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Collection.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Collection.java
new file mode 100644
index 0000000..1119d7c
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Collection.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.AbstractAsn1Type;
+import org.apache.kerby.asn1.type.Asn1Boolean;
+import org.apache.kerby.asn1.type.Asn1IA5String;
+import org.apache.kerby.asn1.type.Asn1Sequence;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+public class TestAsn1Collection {
+ static String TEST_STR = "Jones";
+ static Boolean TEST_BOOL = true;
+ static byte[] EXPECTED_BYTES = new byte[] {(byte) 0x30, (byte) 0x0A,
+ (byte) 0x16, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73,
+ (byte) 0x01, (byte) 0x01, (byte) 0xFF
+ };
+
+ @Test
+ public void testSequenceEncoding() {
+ Asn1Sequence seq = new Asn1Sequence();
+ seq.addItem(new Asn1IA5String(TEST_STR));
+ seq.addItem(new Asn1Boolean(TEST_BOOL));
+
+ Assert.assertArrayEquals(EXPECTED_BYTES, seq.encode());
+ }
+
+ @Test
+ public void testSequenceDecoding() throws IOException {
+ Asn1Sequence seq = new Asn1Sequence();
+ seq.decode(EXPECTED_BYTES);
+ AbstractAsn1Type field = (AbstractAsn1Type) seq.getValue().get(0).getValue();
+ Assert.assertEquals(TEST_STR, field.getValue());
+
+ field = (AbstractAsn1Type) seq.getValue().get(1).getValue();
+ Assert.assertEquals(TEST_BOOL, field.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Input.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Input.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Input.java
new file mode 100644
index 0000000..9a5b2c5
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Input.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.junit.Test;
+
+import java.io.IOException;
+
+public class TestAsn1Input {
+
+ @Test
+ public void testDecoding() throws IOException {
+ //PersonnelRecord expected = TestData.createSamplePersonnel();
+ byte[] data = TestData.createSammplePersonnelEncodingData();
+ //Asn1InputBuffer ib = new Asn1InputBuffer(data);
+ Asn1Dump.dump(data);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Integer.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Integer.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Integer.java
new file mode 100644
index 0000000..e330da4
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1Integer.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+public class TestAsn1Integer {
+
+ @Test
+ public void testEncoding() {
+ testEncodingWith(0, "0x02 01 00");
+ testEncodingWith(1, "0x02 01 01");
+ testEncodingWith(2, "0x02 01 02");
+ testEncodingWith(127, "0x02 01 7F");
+ testEncodingWith(128, "0x02 02 00 80");
+ testEncodingWith(-1, "0x02 01 FF");
+ testEncodingWith(-128, "0x02 01 80");
+ testEncodingWith(-32768, "0x02 02 80 00");
+ testEncodingWith(1234567890, "0x02 04 49 96 02 D2");
+ }
+
+ private void testEncodingWith(int value, String expectedEncoding) {
+ byte[] expected = Util.hex2bytes(expectedEncoding);
+ Asn1Integer aValue = new Asn1Integer(value);
+ aValue.setEncodingOption(EncodingOption.DER);
+ byte[] encodingBytes = aValue.encode();
+ Assert.assertArrayEquals(expected, encodingBytes);
+ }
+
+ @Test
+ public void testDecoding() throws IOException {
+ testDecodingWith(0, "0x02 01 00");
+ testDecodingWith(1, "0x02 01 01");
+ testDecodingWith(2, "0x02 01 02");
+ testDecodingWith(127, "0x02 01 7F");
+ testDecodingWith(128, "0x02 02 00 80");
+ testDecodingWith(-1, "0x02 01 FF");
+ testDecodingWith(-128, "0x02 01 80");
+ testDecodingWith(-32768, "0x02 02 80 00");
+ testDecodingWith(1234567890, "0x02 04 49 96 02 D2");
+ }
+
+ private void testDecodingWith(Integer expectedValue, String content) throws IOException {
+ Asn1Integer decoded = new Asn1Integer();
+ decoded.setEncodingOption(EncodingOption.DER);
+ decoded.decode(Util.hex2bytes(content));
+ Assert.assertEquals(expectedValue, decoded.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1ObjectIdentifier.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1ObjectIdentifier.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1ObjectIdentifier.java
new file mode 100644
index 0000000..04f8089
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1ObjectIdentifier.java
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+public class TestAsn1ObjectIdentifier {
+
+ @Test
+ public void testEncoding() throws Exception {
+ /**
+ * Cryptography for Developers -> ASN.1 UTCTIME Type
+ * Applying this to the MD5 OID, we first transform the dotted decimal form into the
+ * array of words.Thus, 1.2.840.113549.2.5 becomes {42, 840, 113549, 2, 5}, and then further
+ * 404_CRYPTO_02.qxd 10/27/06 3:40 PM Page 36split into seven-bit digits with the proper most significant bits as
+ * {{0x2A}, {0x86, 0x48},{0x86, 0xF7, 0x0D}, {0x02}, {0x05}}.Therefore, the full encoding for MD5 is 0x06 08 2A
+ * 86 48 86 F7 0D 02 05.
+ */
+ testEncodingWith("1.2.840.113549.2.5",
+ "0x06 08 2A 86 48 86 F7 0D 02 05");
+ }
+
+ private void testEncodingWith(String oid, String expectedEncoding) {
+ byte[] expected = Util.hex2bytes(expectedEncoding);
+ Asn1ObjectIdentifier aValue = new Asn1ObjectIdentifier(oid);
+ aValue.setEncodingOption(EncodingOption.DER);
+ byte[] encodingBytes = aValue.encode();
+ Assert.assertArrayEquals(expected, encodingBytes);
+ }
+
+ @Test
+ public void testDecoding() throws Exception {
+ testDecodingWith("1.2.840.113549.2.5",
+ "0x06 08 2A 86 48 86 F7 0D 02 05");
+ }
+
+ private void testDecodingWith(String expectedValue, String content) throws IOException {
+ Asn1ObjectIdentifier decoded = new Asn1ObjectIdentifier();
+ decoded.setEncodingOption(EncodingOption.DER);
+ decoded.decode(Util.hex2bytes(content));
+ Assert.assertEquals(expectedValue, decoded.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1UtcTime.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1UtcTime.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1UtcTime.java
new file mode 100644
index 0000000..abd991b
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestAsn1UtcTime.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1UtcTime;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.SimpleTimeZone;
+
+public class TestAsn1UtcTime {
+
+ @Test
+ public void testEncoding() throws Exception {
+ /**
+ * Cryptography for Developers -> ASN.1 UTCTIME Type
+ * the encoding of July 4, 2003 at 11:33 and 28 seconds would be
+ “030704113328Z” and be encoded as 0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A.
+ */
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ String dateInString = "2003-07-04 11:33:28";
+ Date date = sdf.parse(dateInString);
+ testEncodingWith(date, "0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A");
+ }
+
+ private void testEncodingWith(Date value, String expectedEncoding) {
+ byte[] expected = Util.hex2bytes(expectedEncoding);
+ Asn1UtcTime aValue = new Asn1UtcTime(value);
+ aValue.setEncodingOption(EncodingOption.DER);
+ byte[] encodingBytes = aValue.encode();
+ Assert.assertArrayEquals(expected, encodingBytes);
+ }
+
+ @Test
+ public void testDecoding() throws Exception {
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+ String dateInString = "2003-07-04 11:33:28";
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ Date date = sdf.parse(dateInString);
+ testDecodingWith(date, "0x17 0D 30 33 30 37 30 34 31 31 33 33 32 38 5A");
+ }
+
+ private void testDecodingWith(Date expectedValue, String content) throws IOException {
+ Asn1UtcTime decoded = new Asn1UtcTime();
+ decoded.setEncodingOption(EncodingOption.DER);
+ decoded.decode(Util.hex2bytes(content));
+ Assert.assertEquals(expectedValue, decoded.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestData.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestData.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestData.java
new file mode 100644
index 0000000..875288a
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestData.java
@@ -0,0 +1,127 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+
+public class TestData {
+
+ public static PersonnelRecord createSamplePersonnel() {
+ PersonnelRecord pr = new PersonnelRecord();
+
+ pr.setName(new PersonnelRecord.Name("John", "P", "Smith"));
+
+ pr.setTitle("Director");
+
+ pr.setEmployeeNumber(new PersonnelRecord.EmployeeNumber(51));
+
+ pr.setDateOfHire(new PersonnelRecord.Date("19710917"));
+
+ pr.setNameOfSpouse(new PersonnelRecord.Name("Mary", "T", "Smith"));
+
+ PersonnelRecord.ChildInformation child1 = new PersonnelRecord.ChildInformation();
+ child1.setName(new PersonnelRecord.Name("Ralph", "T", "Smith"));
+ child1.setDateOfBirth(new PersonnelRecord.Date("19571111"));
+
+ PersonnelRecord.ChildInformation child2 = new PersonnelRecord.ChildInformation();
+ child2.setName(new PersonnelRecord.Name("Susan", "B", "Jones"));
+ child2.setDateOfBirth(new PersonnelRecord.Date("19590717"));
+
+ pr.setChildren(new PersonnelRecord.Children(child1, child2));
+
+ return pr;
+ }
+
+ public static byte[] createSammplePersonnelEncodingData() {
+ class BufferOutput {
+ ByteBuffer buffer;
+
+ void put(byte ... bytes) {
+ buffer.put(bytes);
+ }
+
+ void put(String s) {
+ byte[] bytes = s.getBytes(StandardCharsets.US_ASCII);
+ buffer.put(bytes);
+ }
+
+ public byte[] output() {
+ int len = (int) 0x85 + 3;
+ buffer = ByteBuffer.allocate(len);
+
+ // personnel record
+ put((byte) 0x60, (byte) 0x81, (byte) 0x85);
+
+ // -name
+ put((byte) 0x61, (byte) 0x10);
+ put((byte) 0x1A, (byte) 0x04); put("John");
+ put((byte) 0x1A, (byte) 0x01); put("P");
+ put((byte) 0x1A, (byte) 0x05); put("Smith");
+
+ //-title
+ put((byte) 0xA0, (byte) 0x0A);
+ put((byte) 0x1A, (byte) 0x08); put("Director");
+
+ //-employee number
+ put((byte) 0x42, (byte) 0x01, (byte) 0x33);
+
+ //-date of hire
+ put((byte) 0xA1, (byte) 0x0A);
+ put((byte) 0x43, (byte) 0x08); put("19710917");
+
+ //-spouse
+ put((byte) 0xA2, (byte) 0x12);
+ put((byte) 0x61, (byte) 0x10);
+ put((byte) 0x1A, (byte) 0x04); put("Mary");
+ put((byte) 0x1A, (byte) 0x01); put("T");
+ put((byte) 0x1A, (byte) 0x05); put("Smith");
+
+ //-children
+ put((byte) 0xA3, (byte) 0x42);
+ //--child 1
+ put((byte) 0x31, (byte) 0x1F);
+ //---name
+ put((byte) 0x61, (byte) 0x11);
+ put((byte) 0x1A, (byte) 0x05); put("Ralph");
+ put((byte) 0x1A, (byte) 0x01); put("T");
+ put((byte) 0x1A, (byte) 0x05); put("Smith");
+ //-date of birth
+ put((byte) 0xA0, (byte) 0x0A);
+ put((byte) 0x43, (byte) 0x08); put("19571111");
+ //--child 2
+ put((byte) 0x31, (byte) 0x1F);
+ //---name
+ put((byte) 0x61, (byte) 0x11);
+ put((byte) 0x1A, (byte) 0x05); put("Susan");
+ put((byte) 0x1A, (byte) 0x01); put("B");
+ put((byte) 0x1A, (byte) 0x05); put("Jones");
+ //-date of birth
+ put((byte) 0xA0, (byte) 0x0A);
+ put((byte) 0x43, (byte) 0x08); put("19590717");
+
+ return buffer.array();
+ }
+ }
+
+ BufferOutput buffer = new BufferOutput();
+ return buffer.output();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestPersonnelRecord.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestPersonnelRecord.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestPersonnelRecord.java
new file mode 100644
index 0000000..d6c8e6e
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestPersonnelRecord.java
@@ -0,0 +1,126 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+/**
+ * Ref. X.690-0207(http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf),
+ * Annex A, A.1 ASN.1 description of the record structure
+ */
+public class TestPersonnelRecord {
+
+ static boolean verbose = false;
+
+ @Test
+ public void testEncoding() {
+ PersonnelRecord pr = TestData.createSamplePersonnel();
+
+ if (verbose) {
+ System.out.println("Name:");
+ System.out.println(Util.bytesToHex(pr.getName().encode()));
+
+ /*
+ System.out.println("Title:");
+ System.out.println(Util.bytesToHex(pr.getFieldAs(1, Asn1VisibleString.class).encode()));
+
+ System.out.println("EmployeeNumber:");
+ System.out.println(Util.bytesToHex(pr.getFieldAs(2, EmployeeNumber.class).encode()));
+ */
+
+ System.out.println("DateOfHire:");
+ System.out.println(Util.bytesToHex(pr.getDateOfHire().encode()));
+
+ System.out.println("SpouseName:");
+ System.out.println(Util.bytesToHex(pr.getNameOfSpouse().encode()));
+
+ System.out.println("Child1:");
+ System.out.println(Util.bytesToHex(pr.getChildren().getElements().get(0).encode()));
+
+ System.out.println("Child2:");
+ System.out.println(Util.bytesToHex(pr.getChildren().getElements().get(1).encode()));
+
+ System.out.println("Children:");
+ System.out.println(Util.bytesToHex(pr.getChildren().encode()));
+ }
+
+ byte[] data = TestData.createSammplePersonnelEncodingData();
+ byte[] encoded = pr.encode();
+
+ if (verbose) {
+ System.out.println("ExpectedData:");
+ System.out.println(Util.bytesToHex(data));
+
+ System.out.println("Encoded:");
+ System.out.println(Util.bytesToHex(encoded));
+ }
+
+ Assert.assertArrayEquals(data, encoded);
+ }
+
+ @Test
+ public void testDecoding() throws IOException {
+ PersonnelRecord expected = TestData.createSamplePersonnel();
+ byte[] data = TestData.createSammplePersonnelEncodingData();
+ PersonnelRecord decoded = new PersonnelRecord();
+ decoded.decode(data);
+
+ Assert.assertEquals(expected.getName().getGivenName(),
+ decoded.getName().getGivenName());
+ Assert.assertEquals(expected.getName().getInitial(),
+ decoded.getName().getInitial());
+ Assert.assertEquals(expected.getName().getFamilyName(),
+ decoded.getName().getFamilyName());
+
+ Assert.assertEquals(expected.getDateOfHire().getValue().getValue(),
+ decoded.getDateOfHire().getValue().getValue());
+ Assert.assertEquals(expected.getTitle(), decoded.getTitle());
+ Assert.assertEquals(expected.getEmployeeNumber().getValue().getValue(),
+ decoded.getEmployeeNumber().getValue().getValue());
+
+ Assert.assertEquals(expected.getNameOfSpouse().getGivenName(),
+ decoded.getNameOfSpouse().getGivenName());
+ Assert.assertEquals(expected.getNameOfSpouse().getInitial(),
+ decoded.getNameOfSpouse().getInitial());
+ Assert.assertEquals(expected.getNameOfSpouse().getFamilyName(),
+ decoded.getNameOfSpouse().getFamilyName());
+
+ Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getGivenName(),
+ decoded.getChildren().getElements().get(0).getName().getGivenName());
+ Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getInitial(),
+ decoded.getChildren().getElements().get(0).getName().getInitial());
+ Assert.assertEquals(expected.getChildren().getElements().get(0).getName().getFamilyName(),
+ decoded.getChildren().getElements().get(0).getName().getFamilyName());
+ Assert.assertEquals(expected.getChildren().getElements().get(0).getDateOfBirth().getValue().getValue(),
+ decoded.getChildren().getElements().get(0).getDateOfBirth().getValue().getValue());
+
+ Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getGivenName(),
+ decoded.getChildren().getElements().get(1).getName().getGivenName());
+ Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getInitial(),
+ decoded.getChildren().getElements().get(1).getName().getInitial());
+ Assert.assertEquals(expected.getChildren().getElements().get(1).getName().getFamilyName(),
+ decoded.getChildren().getElements().get(1).getName().getFamilyName());
+ Assert.assertEquals(expected.getChildren().getElements().get(1).getDateOfBirth().getValue().getValue(),
+ decoded.getChildren().getElements().get(1).getDateOfBirth().getValue().getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestTaggingEncoding.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestTaggingEncoding.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestTaggingEncoding.java
new file mode 100644
index 0000000..59510f1
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestTaggingEncoding.java
@@ -0,0 +1,203 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1Tagging;
+import org.apache.kerby.asn1.type.Asn1VisibleString;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+
+/**
+ Ref. X.690-0207 8.14 Encoding of a tagged value
+ EXAMPLE
+ With ASN.1 type definitions (in an explicit tagging environment) of:
+ Type1 ::= VisibleString
+ Type2 ::= [APPLICATION 3] IMPLICIT Type1
+ Type3 ::= [2] Type2
+ Type4 ::= [APPLICATION 7] IMPLICIT Type3
+ Type5 ::= [2] IMPLICIT Type2
+ a value of:
+ "Jones"
+ is encoded as follows:
+ For Type1:
+ VisibleString Length Contents
+ 1A16 0516 4A6F6E657316
+ For Type2:
+ [Application 3] Length Contents
+ 4316 0516 4A6F6E657316
+ For Type3:
+ [2] Length Contents
+ A216 0716
+ [APPLICATION 3] Length Contents
+ 4316 0516 4A6F6E657316
+ For Type4:
+ [Application 7] Length Contents
+ 6716 0716
+ [APPLICATION 3] Length Contents
+ 4316 0516 4A6F6E657316
+ For Type5:
+ [2] Length Contents
+ 8216 0516 4A6F6E657316
+ */
+
+public class TestTaggingEncoding {
+ static final String TEST_STRING = "Jones";
+ static byte[] TYPE1_EXPECTED_BYTES = new byte[] {(byte) 0x1A, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
+ static byte[] TYPE2_EXPECTED_BYTES = new byte[] {(byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
+ static byte[] TYPE3_EXPECTED_BYTES = new byte[] {(byte) 0xA2, (byte) 0x07, (byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
+ static byte[] TYPE4_EXPECTED_BYTES = new byte[] {(byte) 0x67, (byte) 0x07, (byte) 0x43, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
+ static byte[] TYPE5_EXPECTED_BYTES = new byte[] {(byte) 0x82, (byte) 0x05, (byte) 0x4A, (byte) 0x6F, (byte) 0x6E, (byte) 0x65, (byte) 0x73};
+
+
+ public static class Type1 extends Asn1VisibleString {
+ public Type1(String value) {
+ super(value);
+ }
+ public Type1() {
+ this(null);
+ }
+ }
+
+ public static class Type2 extends Asn1Tagging<Type1> {
+ public Type2(Type1 value) {
+ super(3, value, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public Type2() {
+ this(null);
+ }
+ }
+
+ public static class Type3 extends Asn1Tagging<Type2> {
+ public Type3(Type2 value) {
+ super(2, value, false);
+ setEncodingOption(EncodingOption.EXPLICIT);
+ }
+ public Type3() {
+ this(null);
+ }
+ }
+
+ public static class Type4 extends Asn1Tagging<Type3> {
+ public Type4(Type3 value) {
+ super(7, value, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public Type4() {
+ this(null);
+ }
+ }
+
+ public static class Type5 extends Asn1Tagging<Type2> {
+ public Type5(Type2 value) {
+ super(2, value, false);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public Type5() {
+ this(null);
+ }
+ }
+
+ @Test
+ public void testAsn1TaggingEncoding() {
+ Type1 aType1 = new Type1(TEST_STRING);
+ Type2 aType2 = new Type2(aType1);
+ Type3 aType3 = new Type3(aType2);
+ Type4 aType4 = new Type4(aType3);
+ Type5 aType5 = new Type5(aType2);
+
+ Assert.assertArrayEquals(TYPE1_EXPECTED_BYTES, aType1.encode());
+ Assert.assertArrayEquals(TYPE2_EXPECTED_BYTES, aType2.encode());
+ Assert.assertArrayEquals(TYPE3_EXPECTED_BYTES, aType3.encode());
+ Assert.assertArrayEquals(TYPE4_EXPECTED_BYTES, aType4.encode());
+ Assert.assertArrayEquals(TYPE5_EXPECTED_BYTES, aType5.encode());
+ }
+
+ @Test
+ public void testAsn1TaggingDecoding() throws IOException {
+ Type1 aType1 = new Type1();
+ aType1.decode(TYPE1_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType1.getValue());
+
+ Type2 aType2 = new Type2();
+ aType2.decode(TYPE2_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
+
+ Type3 aType3 = new Type3();
+ aType3.decode(TYPE3_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType3.getValue().getValue().getValue());
+
+ Type4 aType4 = new Type4();
+ aType4.decode(TYPE4_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType4.getValue().getValue().getValue().getValue());
+
+ Type5 aType5 = new Type5();
+ aType5.decode(TYPE5_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType5.getValue().getValue().getValue());
+ }
+
+ @Test
+ public void testTaggingEncodingOption() {
+ Type1 aType1 = new Type1(TEST_STRING);
+ Type2 aType2 = new Type2(aType1);
+ Type3 aType3 = new Type3(aType2);
+ Type4 aType4 = new Type4(aType3);
+ Type5 aType5 = new Type5(aType2);
+
+ Assert.assertArrayEquals(TYPE1_EXPECTED_BYTES, aType1.encode());
+ Assert.assertArrayEquals(TYPE2_EXPECTED_BYTES,
+ aType1.taggedEncode(TaggingOption.newImplicitAppSpecific(3))); // for Type2
+ Assert.assertArrayEquals(TYPE3_EXPECTED_BYTES,
+ aType2.taggedEncode(TaggingOption.newExplicitContextSpecific(2))); // for Type3
+ Assert.assertArrayEquals(TYPE4_EXPECTED_BYTES,
+ aType3.taggedEncode(TaggingOption.newImplicitAppSpecific(7))); // for Type4
+ Assert.assertArrayEquals(TYPE5_EXPECTED_BYTES,
+ aType2.taggedEncode(TaggingOption.newImplicitContextSpecific(2))); // for Type5
+ }
+
+ @Test
+ public void testTaggingDecodingOption() throws IOException {
+ Type1 aType1 = new Type1();
+ aType1.decode(TYPE1_EXPECTED_BYTES);
+ Assert.assertEquals(TEST_STRING, aType1.getValue());
+
+ // for Type2
+ aType1 = new Type1();
+ aType1.taggedDecode(TYPE2_EXPECTED_BYTES, TaggingOption.newImplicitAppSpecific(3));
+ Assert.assertEquals(TEST_STRING, aType1.getValue());
+
+ // for Type3
+ Type2 aType2 = new Type2();
+ aType2.taggedDecode(TYPE3_EXPECTED_BYTES, TaggingOption.newExplicitContextSpecific(2));
+ Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
+
+ // for Type4
+ Type3 aType3 = new Type3();
+ aType3.taggedDecode(TYPE4_EXPECTED_BYTES, TaggingOption.newImplicitAppSpecific(7));
+ Assert.assertEquals(TEST_STRING, aType3.getValue().getValue().getValue());
+
+ // for Type5
+ aType2 = new Type2();
+ aType2.taggedDecode(TYPE5_EXPECTED_BYTES, TaggingOption.newImplicitContextSpecific(2));
+ Assert.assertEquals(TEST_STRING, aType2.getValue().getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/test/java/org/apache/kerby/asn1/Util.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/test/java/org/apache/kerby/asn1/Util.java b/kerby-asn1/src/test/java/org/apache/kerby/asn1/Util.java
new file mode 100644
index 0000000..5f58e1a
--- /dev/null
+++ b/kerby-asn1/src/test/java/org/apache/kerby/asn1/Util.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+public class Util {
+
+ final static String HEX_CHARS_STR = "0123456789ABCDEF";
+ final static char[] HEX_CHARS = HEX_CHARS_STR.toCharArray();
+
+ /**
+ * Convert bytes into format as:
+ * 0x02 02 00 80
+ */
+ public static String bytesToHex(byte[] bytes) {
+ int len = bytes.length * 2;
+ len += bytes.length; // for ' ' appended for each char
+ len += 2; // for '0x' prefix
+ char[] hexChars = new char[len];
+ hexChars[0] = '0';
+ hexChars[1] = 'x';
+ for ( int j = 0; j < bytes.length; j++ ) {
+ int v = bytes[j] & 0xFF;
+ hexChars[j * 3 + 2] = HEX_CHARS[v >>> 4];
+ hexChars[j * 3 + 3] = HEX_CHARS[v & 0x0F];
+ hexChars[j * 3 + 4] = ' ';
+ }
+
+ return new String(hexChars);
+ }
+
+ /**
+ * Convert hex string like follows into byte array
+ * 0x02 02 00 80
+ */
+ public static byte[] hex2bytes(String hexString) {
+ hexString = hexString.toUpperCase();
+ String hexStr = hexString;
+ if (hexString.startsWith("0X")) {
+ hexStr = hexString.substring(2);
+ }
+ String[] hexParts = hexStr.split(" ");
+
+ byte[] bytes = new byte[hexParts.length];
+ char[] hexPart;
+ for (int i = 0; i < hexParts.length; ++i) {
+ hexPart = hexParts[i].toCharArray();
+ if (hexPart.length != 2) {
+ throw new IllegalArgumentException("Invalid hex string to convert");
+ }
+ bytes[i] = (byte) ((HEX_CHARS_STR.indexOf(hexPart[0]) << 4) + HEX_CHARS_STR.indexOf(hexPart[1]));
+ }
+
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kdc/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kdc/pom.xml b/kerby-kdc/pom.xml
new file mode 100644
index 0000000..7052a13
--- /dev/null
+++ b/kerby-kdc/pom.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-kdc</artifactId>
+ <name>Kerby KDC Server</name>
+ <description>Kerby KDC Server</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>ldap-identity-backend</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-token</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/ApacheKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/ApacheKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/ApacheKdcServer.java
new file mode 100644
index 0000000..7734d18
--- /dev/null
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/ApacheKdcServer.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.server;
+
+import org.apache.kerby.kerberos.kdc.identitybackend.LdapIdentityBackend;
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.kerberos.kerb.server.KdcServer;
+
+public class ApacheKdcServer extends KdcServer {
+
+ public ApacheKdcServer() {
+ super();
+ }
+
+ public void init() {
+ super.init();
+ initIdentityService();
+ }
+
+ protected void initIdentityService() {
+ IdentityService identityService = new LdapIdentityBackend();
+ setIdentityService(identityService);
+ }
+}
\ No newline at end of file
[11/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
new file mode 100644
index 0000000..3f17454
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.KeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractKeyedCheckSumTypeHandler extends AbstractCheckSumTypeHandler {
+
+ private KeyMaker keyMaker;
+
+ public AbstractKeyedCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
+ int computeSize, int outputSize) {
+ super(encProvider, hashProvider, computeSize, outputSize);
+ }
+
+ protected void keyMaker(KeyMaker keyMaker) {
+ this.keyMaker = keyMaker;
+ }
+
+ protected KeyMaker keyMaker() {
+ return keyMaker;
+ }
+
+ @Override
+ public byte[] checksumWithKey(byte[] data,
+ byte[] key, int usage) throws KrbException {
+ return checksumWithKey(data, 0, data.length, key, usage);
+ }
+
+ @Override
+ public byte[] checksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+ int outputSize = outputSize();
+
+ byte[] tmp = doChecksumWithKey(data, start, len, key, usage);
+ if (outputSize < tmp.length) {
+ byte[] output = new byte[outputSize];
+ System.arraycopy(tmp, 0, output, 0, outputSize);
+ return output;
+ } else {
+ return tmp;
+ }
+ }
+
+ protected byte[] doChecksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+ return new byte[0];
+ }
+
+ @Override
+ public boolean verifyWithKey(byte[] data, byte[] key,
+ int usage, byte[] checksum) throws KrbException {
+ byte[] newCksum = checksumWithKey(data, key, usage);
+ return checksumEqual(checksum, newCksum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
new file mode 100644
index 0000000..eaf7dc1
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.CamelliaKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class CmacCamellia128CheckSum extends CmacKcCheckSum {
+
+ public CmacCamellia128CheckSum() {
+ super(new Camellia128Provider(), 16, 16);
+
+ keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider()));
+ }
+
+ public int confounderSize() {
+ return 16;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.CMAC_CAMELLIA128;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 16; // bytes
+ }
+
+ public int keySize() {
+ return 16; // bytes
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
new file mode 100644
index 0000000..a30c15c
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.CamelliaKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class CmacCamellia256CheckSum extends CmacKcCheckSum {
+
+ public CmacCamellia256CheckSum() {
+ super(new Camellia256Provider(), 16, 16);
+
+ keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider()));
+ }
+
+ public int confounderSize() {
+ return 16;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.CMAC_CAMELLIA256;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 16; // bytes
+ }
+
+ public int keySize() {
+ return 16; // bytes
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
new file mode 100644
index 0000000..16122d2
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.Cmac;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class CmacKcCheckSum extends KcCheckSum {
+
+ public CmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
+ super(encProvider, null, computeSize, outputSize);
+ }
+
+ protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
+ byte[] mac = Cmac.cmac(encProvider(), Kc, data, start, len);
+ return mac;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
new file mode 100644
index 0000000..8259849
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
@@ -0,0 +1,120 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.Confounder;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.DesProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import javax.crypto.spec.DESKeySpec;
+import java.security.InvalidKeyException;
+
+public abstract class ConfounderedDesCheckSum extends AbstractKeyedCheckSumTypeHandler {
+
+ public ConfounderedDesCheckSum(HashProvider hashProvider,
+ int computeSize, int outputSize) {
+ super(new DesProvider(), hashProvider, computeSize, outputSize);
+ }
+
+ @Override
+ protected byte[] doChecksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+ int computeSize = computeSize();
+ int blockSize = encProvider().blockSize();
+ int hashSize = hashProvider().hashSize();
+
+ byte[] workBuffer = new byte[computeSize];
+
+ // confounder
+ byte[] conf = Confounder.makeBytes(blockSize);
+
+ // confounder | data
+ byte[] toHash = new byte[blockSize + len];
+ System.arraycopy(conf, 0, toHash, 0, blockSize);
+ System.arraycopy(data, start, toHash, blockSize, len);
+
+ HashProvider hashProvider = hashProvider();
+ hashProvider.hash(toHash);
+ byte[] hash = hashProvider.output();
+
+ // confounder | hash
+ System.arraycopy(conf, 0, workBuffer, 0, blockSize);
+ System.arraycopy(hash, 0, workBuffer, blockSize, hashSize);
+
+ // key
+ byte[] newKey = deriveKey(key);
+
+ encProvider().encrypt(newKey, workBuffer);
+ return workBuffer;
+ }
+
+ protected byte[] deriveKey(byte[] key) {
+ return fixKey(xorKey(key));
+ }
+
+ protected byte[] xorKey(byte[] key) {
+ byte[] xorKey = new byte[encProvider().keySize()];
+ System.arraycopy(key, 0, xorKey, 0, key.length);
+ for (int i = 0; i < xorKey.length; i++) {
+ xorKey[i] = (byte) (xorKey[i] ^ 0xf0);
+ }
+
+ return xorKey;
+ }
+
+ private byte[] fixKey(byte[] key) {
+ boolean isWeak = true;
+ try {
+ isWeak = DESKeySpec.isWeak(key, 0);
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ }
+ if (isWeak) {
+ key[7] = (byte)(key[7] ^ 0xF0);
+ }
+
+ return key;
+ }
+
+ @Override
+ public boolean verifyWithKey(byte[] data,byte[] key,
+ int usage, byte[] checksum) throws KrbException {
+ int computeSize = computeSize();
+ int blockSize = encProvider().blockSize();
+ int hashSize = hashProvider().hashSize();
+
+ // key
+ byte[] newKey = deriveKey(key);
+
+ encProvider().decrypt(newKey, checksum);
+ byte[] decrypted = checksum; // confounder | hash
+
+ // confounder | data
+ byte[] toHash = new byte[blockSize + data.length];
+ System.arraycopy(decrypted, 0, toHash, 0, blockSize);
+ System.arraycopy(data, 0, toHash, blockSize, data.length);
+
+ HashProvider hashProvider = hashProvider();
+ hashProvider.hash(toHash);
+ byte[] newHash = hashProvider.output();
+
+ return checksumEqual(newHash, decrypted, blockSize, hashSize);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Crc32CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
new file mode 100644
index 0000000..e884144
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Crc32Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class Crc32CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
+
+ public Crc32CheckSum() {
+ super(new Crc32Provider(), 4, 4);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.CRC32;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
new file mode 100644
index 0000000..a7baf69
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class DesCbcCheckSum extends ConfounderedDesCheckSum {
+
+ public DesCbcCheckSum() {
+ super(null, 8, 8);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.DES_CBC;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HashProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HashProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HashProvider.java
new file mode 100644
index 0000000..1586fb1
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HashProvider.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+/**
+ * krb5_hash_provider
+ */
+public interface HashProvider {
+
+ public int hashSize();
+ public int blockSize();
+
+ public void hash(byte[] data, int start, int size) throws KrbException;
+ public void hash(byte[] data) throws KrbException;
+ public byte[] output();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
new file mode 100644
index 0000000..84d9031
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.Hmac;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class HmacKcCheckSum extends KcCheckSum {
+
+ public HmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
+ super(encProvider, new Sha1Provider(), computeSize, outputSize);
+ }
+
+ protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
+ byte[] hmac = Hmac.hmac(hashProvider(), Kc, data, start, len);
+ return hmac;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
new file mode 100644
index 0000000..1ef5489
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.Hmac;
+import org.apache.kerby.kerberos.kerb.crypto.Rc4;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class HmacMd5Rc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
+
+ public HmacMd5Rc4CheckSum() {
+ super(null, new Md5Provider(), 16, 16);
+ }
+
+ public int confounderSize() {
+ return 8;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.HMAC_MD5_ARCFOUR;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 16; // bytes
+ }
+
+ public int keySize() {
+ return 16; // bytes
+ }
+
+ @Override
+ protected byte[] doChecksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+
+ byte[] Ksign = null;
+ byte[] signKey = "signaturekey".getBytes();
+ byte[] newSignKey = new byte[signKey.length + 1];
+ System.arraycopy(signKey, 0, newSignKey, 0, signKey.length);
+ Ksign = Hmac.hmac(hashProvider(), key, newSignKey);
+
+ byte[] salt = Rc4.getSalt(usage, false);
+
+ hashProvider().hash(salt);
+ hashProvider().hash(data, start, len);
+ byte[] hashTmp = hashProvider().output();
+
+ byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
+ return hmac;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
new file mode 100644
index 0000000..c1a9c49
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes128CheckSum.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Aes128Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.AesKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class HmacSha1Aes128CheckSum extends HmacKcCheckSum {
+
+ public HmacSha1Aes128CheckSum() {
+ super(new Aes128Provider(), 20, 12);
+
+ keyMaker(new AesKeyMaker((Aes128Provider) encProvider()));
+ }
+
+ public int confounderSize() {
+ return 16;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.HMAC_SHA1_96_AES128;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 12; // bytes
+ }
+
+ public int keySize() {
+ return 16; // bytes
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
new file mode 100644
index 0000000..6a5195b
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Aes256CheckSum.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Aes256Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.AesKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class HmacSha1Aes256CheckSum extends HmacKcCheckSum {
+
+ public HmacSha1Aes256CheckSum() {
+ super(new Aes256Provider(), 20, 12);
+
+ keyMaker(new AesKeyMaker((Aes256Provider) encProvider()));
+ }
+
+ public int confounderSize() {
+ return 16;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.HMAC_SHA1_96_AES256;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 12; // bytes
+ }
+
+ public int keySize() {
+ return 32; // bytes
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
new file mode 100644
index 0000000..4f2080e
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacSha1Des3CheckSum.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Des3Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.Des3KeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class HmacSha1Des3CheckSum extends HmacKcCheckSum {
+
+ public HmacSha1Des3CheckSum() {
+ super(new Des3Provider(), 20, 20);
+
+ keyMaker(new Des3KeyMaker(encProvider()));
+ }
+
+ public int confounderSize() {
+ return 8;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.HMAC_SHA1_DES3;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 20; // bytes
+ }
+
+ public int keySize() {
+ return 24; // bytes
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
new file mode 100644
index 0000000..ee8faea
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.DkKeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class KcCheckSum extends AbstractKeyedCheckSumTypeHandler {
+
+ public KcCheckSum(EncryptProvider encProvider, HashProvider hashProvider,
+ int computeSize, int outputSize) {
+ super(encProvider, hashProvider, computeSize, outputSize);
+ }
+
+ @Override
+ protected byte[] doChecksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+ byte[] Kc;
+ byte[] constant = new byte[5];
+ BytesUtil.int2bytes(usage, constant, 0, true);
+ constant[4] = (byte) 0x99;
+ Kc = ((DkKeyMaker) keyMaker()).dk(key, constant);
+
+ byte[] mac = mac(Kc, data, start, len);
+ return mac;
+ }
+
+ protected abstract byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
new file mode 100644
index 0000000..4939027
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.Hmac;
+import org.apache.kerby.kerberos.kerb.crypto.Rc4;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Rc4Provider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class Md5HmacRc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
+
+ public Md5HmacRc4CheckSum() {
+ super(new Rc4Provider(), new Md5Provider(), 16, 16);
+ }
+
+ public int confounderSize() {
+ return 8;
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.MD5_HMAC_ARCFOUR;
+ }
+
+ public boolean isSafe() {
+ return true;
+ }
+
+ public int cksumSize() {
+ return 16; // bytes
+ }
+
+ public int keySize() {
+ return 16; // bytes
+ }
+
+ @Override
+ protected byte[] doChecksumWithKey(byte[] data, int start, int len,
+ byte[] key, int usage) throws KrbException {
+
+ byte[] Ksign = key;
+
+ byte[] salt = Rc4.getSalt(usage, false);
+
+ hashProvider().hash(salt);
+ hashProvider().hash(data, start, len);
+ byte[] hashTmp = hashProvider().output();
+
+ byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
+ return hmac;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
new file mode 100644
index 0000000..73d6ebc
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4CheckSum.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md4Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class RsaMd4CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
+
+ public RsaMd4CheckSum() {
+ super(new Md4Provider(), 16, 16);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.RSA_MD4;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
new file mode 100644
index 0000000..4851cee
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd4DesCheckSum.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md4Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class RsaMd4DesCheckSum extends ConfounderedDesCheckSum {
+
+ public RsaMd4DesCheckSum() {
+ super(new Md4Provider(), 24, 24);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.RSA_MD4_DES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
new file mode 100644
index 0000000..190dcf7
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5CheckSum.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class RsaMd5CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
+
+ public RsaMd5CheckSum() {
+ super(new Md5Provider(), 16, 16);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.RSA_MD5;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
new file mode 100644
index 0000000..ae50041
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/RsaMd5DesCheckSum.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public final class RsaMd5DesCheckSum extends ConfounderedDesCheckSum {
+
+ public RsaMd5DesCheckSum() {
+ super(new Md5Provider(), 24, 24);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.RSA_MD5_DES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Sha1CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
new file mode 100644
index 0000000..e627ec5
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Sha1CheckSum.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+
+public class Sha1CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
+
+ public Sha1CheckSum() {
+ super(new Sha1Provider(), 20, 20);
+ }
+
+ public CheckSumType cksumType() {
+ return CheckSumType.NIST_SHA;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
new file mode 100644
index 0000000..9c6629d
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractHashProvider.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractHashProvider implements HashProvider {
+ private int blockSize;
+ private int hashSize;
+
+ public AbstractHashProvider(int hashSize, int blockSize) {
+ this.hashSize = hashSize;
+ this.blockSize = blockSize;
+ }
+
+ protected void init() {
+
+ }
+
+ @Override
+ public int hashSize() {
+ return hashSize;
+ }
+
+ @Override
+ public int blockSize() {
+ return blockSize;
+ }
+
+ @Override
+ public void hash(byte[] data) throws KrbException {
+ hash(data, 0, data.length);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
new file mode 100644
index 0000000..3ffaeca
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/AbstractUnkeyedCheckSumTypeHandler.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.AbstractCheckSumTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractUnkeyedCheckSumTypeHandler extends AbstractCheckSumTypeHandler {
+
+ public AbstractUnkeyedCheckSumTypeHandler(HashProvider hashProvider,
+ int computeSize, int outputSize) {
+ super(null, hashProvider, computeSize, outputSize);
+ }
+
+ @Override
+ public byte[] checksum(byte[] data, int start, int len) throws KrbException {
+ int outputSize = outputSize();
+
+ HashProvider hp = hashProvider();
+ hp.hash(data, start, len);
+ byte[] workBuffer = hp.output();
+
+ if (outputSize < workBuffer.length) {
+ byte[] output = new byte[outputSize];
+ System.arraycopy(workBuffer, 0, output, 0, outputSize);
+ return output;
+ }
+ return workBuffer;
+ }
+
+ @Override
+ public boolean verify(byte[] data, int start, int len, byte[] checksum) throws KrbException {
+ byte[] newCksum = checksum(data, start, len);
+ return checksumEqual(newCksum, checksum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
new file mode 100644
index 0000000..de30eca
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Crc32Provider.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.Crc32;
+
+public class Crc32Provider extends AbstractHashProvider {
+ private byte[] output;
+
+ public Crc32Provider() {
+ super(4, 1);
+ }
+
+ @Override
+ public void hash(byte[] data, int start, int size) {
+ output = Crc32.crc(data, start, size);
+ }
+
+ @Override
+ public byte[] output() {
+ return output;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md4Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
new file mode 100644
index 0000000..e00977c
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md4Provider.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.Md4;
+
+public class Md4Provider extends MessageDigestHashProvider {
+
+ public Md4Provider() {
+ super(16, 64, "MD4");
+ }
+
+ @Override
+ protected void init() {
+ messageDigest = new Md4();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md5Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
new file mode 100644
index 0000000..b586d38
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Md5Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+public class Md5Provider extends MessageDigestHashProvider {
+
+ public Md5Provider() {
+ super(16, 64, "MD5");
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
new file mode 100644
index 0000000..4efab32
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+public class MessageDigestHashProvider extends AbstractHashProvider {
+ private String algorithm;
+ protected MessageDigest messageDigest;
+
+ public MessageDigestHashProvider(int hashSize, int blockSize, String algorithm) {
+ super(hashSize, blockSize);
+ this.algorithm = algorithm;
+
+ init();
+ }
+
+ @Override
+ protected void init() {
+ try {
+ messageDigest = MessageDigest.getInstance(algorithm);
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException("Failed to init JCE provider", e);
+ }
+ }
+
+ @Override
+ public void hash(byte[] data, int start, int len) throws KrbException {
+ messageDigest.update(data, start, len);
+ }
+
+ @Override
+ public byte[] output() {
+ return messageDigest.digest();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
new file mode 100644
index 0000000..0f5bcf0
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.cksum.provider;
+
+public class Sha1Provider extends MessageDigestHashProvider {
+
+ public Sha1Provider() {
+ super(20, 64, "SHA1");
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
new file mode 100644
index 0000000..99828c8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
@@ -0,0 +1,160 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.AbstractCryptoTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.EncTypeHandler;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.KeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractEncTypeHandler
+ extends AbstractCryptoTypeHandler implements EncTypeHandler {
+
+ private KeyMaker keyMaker;
+
+ public AbstractEncTypeHandler(EncryptProvider encProvider,
+ HashProvider hashProvider) {
+ super(encProvider, hashProvider);
+ }
+
+ protected void keyMaker(KeyMaker keyMaker) {
+ this.keyMaker = keyMaker;
+ }
+
+ protected KeyMaker keyMaker() {
+ return keyMaker;
+ }
+
+ @Override
+ public String name() {
+ return eType().getName();
+ }
+
+ @Override
+ public String displayName() {
+ return eType().getDisplayName();
+ }
+
+ protected int paddingLength(int inputLen) {
+ int payloadLen = confounderSize() + checksumSize() + inputLen;
+ int padding = paddingSize();
+
+ if (padding == 0 || (payloadLen % padding) == 0) {
+ return 0;
+ }
+
+ return padding - (payloadLen % padding);
+ }
+
+ @Override
+ public int keyInputSize() {
+ return encProvider().keyInputSize();
+ }
+
+ @Override
+ public int keySize() {
+ return encProvider().keySize();
+ }
+
+ @Override
+ public int confounderSize() {
+ return encProvider().blockSize();
+ }
+
+ @Override
+ public int checksumSize() {
+ return hashProvider().hashSize();
+ }
+
+ @Override
+ public int paddingSize() {
+ return encProvider().blockSize();
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+ return keyMaker.str2key(string, salt, param);
+ }
+
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ return keyMaker.random2Key(randomBits);
+ }
+
+ @Override
+ public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException {
+ byte[] iv = new byte[encProvider().blockSize()];
+ return encrypt(data, key, iv, usage);
+ }
+
+ @Override
+ public byte[] encrypt(byte[] data, byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = confounderSize();
+ int checksumLen = checksumSize();
+ int headerLen = confounderLen + checksumLen;
+ int inputLen = data.length;
+ int paddingLen = paddingLength(inputLen);
+
+ /**
+ * E(Confounder | Checksum | Plaintext | Padding), or
+ * header | data | padding | trailer, where trailer may be absent
+ */
+
+ int workLength = headerLen + inputLen + paddingLen;
+
+ byte[] workBuffer = new byte[workLength];
+ System.arraycopy(data, 0, workBuffer, headerLen, data.length);
+
+ int [] workLens = new int[] {confounderLen, checksumLen,
+ inputLen, paddingLen};
+
+ encryptWith(workBuffer, workLens, key, iv, usage);
+ return workBuffer;
+ }
+
+ protected void encryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+
+ }
+
+ public byte[] decrypt(byte[] cipher, byte[] key, int usage)
+ throws KrbException {
+ byte[] iv = new byte[encProvider().blockSize()];
+ return decrypt(cipher, key, iv, usage);
+ }
+
+ public byte[] decrypt(byte[] cipher, byte[] key, byte[] iv, int usage)
+ throws KrbException {
+
+ int totalLen = cipher.length;
+ int confounderLen = confounderSize();
+ int checksumLen = checksumSize();
+ int dataLen = totalLen - (confounderLen + checksumLen);
+
+ int[] workLens = new int[] {confounderLen, checksumLen, dataLen};
+ return decryptWith(cipher, workLens, key, iv, usage);
+ }
+
+ protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
new file mode 100644
index 0000000..9a992e6
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Aes128Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.AesProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.AesKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Aes128CtsHmacSha1Enc extends KeKiHmacSha1Enc {
+
+ public Aes128CtsHmacSha1Enc() {
+ super(new Aes128Provider(), new Sha1Provider());
+ keyMaker(new AesKeyMaker((AesProvider) encProvider()));
+ }
+
+ @Override
+ public int checksumSize() {
+ return 96 / 8;
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.AES128_CTS_HMAC_SHA1_96;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.HMAC_SHA1_96_AES128;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
new file mode 100644
index 0000000..c4c4ff8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Aes256Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.AesProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.AesKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Aes256CtsHmacSha1Enc extends KeKiHmacSha1Enc {
+
+ public Aes256CtsHmacSha1Enc() {
+ super(new Aes256Provider(), new Sha1Provider());
+ keyMaker(new AesKeyMaker((AesProvider) encProvider()));
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.AES256_CTS_HMAC_SHA1_96;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.HMAC_SHA1_96_AES256;
+ }
+
+ @Override
+ public int checksumSize() {
+ return 96 / 8;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
new file mode 100644
index 0000000..0b164e3
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.CamelliaKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Camellia128CtsCmacEnc extends KeKiCmacEnc {
+
+ public Camellia128CtsCmacEnc() {
+ super(new Camellia128Provider());
+ keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider()));
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.CAMELLIA128_CTS_CMAC;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.CMAC_CAMELLIA128;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
new file mode 100644
index 0000000..402b774
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.CamelliaKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Camellia256CtsCmacEnc extends KeKiCmacEnc {
+
+ public Camellia256CtsCmacEnc() {
+ super(new Camellia256Provider());
+ keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider()));
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.CAMELLIA256_CTS_CMAC;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.CMAC_CAMELLIA256;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
new file mode 100644
index 0000000..2e29625
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Des3Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.Des3KeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Des3CbcSha1Enc extends KeKiHmacSha1Enc {
+
+ public Des3CbcSha1Enc() {
+ super(new Des3Provider(), new Sha1Provider());
+ keyMaker(new Des3KeyMaker(this.encProvider()));
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.DES3_CBC_SHA1;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.HMAC_SHA1_DES3;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
new file mode 100644
index 0000000..7070c6b
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Crc32Provider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class DesCbcCrcEnc extends DesCbcEnc {
+
+ public DesCbcCrcEnc() {
+ super(new Crc32Provider());
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.DES_CBC_CRC;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.CRC32;
+ }
+
+ @Override
+ public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException {
+ byte[] iv = new byte[encProvider().blockSize()];
+ System.arraycopy(key, 0, iv, 0, key.length);
+ return encrypt(data, key, iv, usage);
+ }
+
+ @Override
+ public byte[] decrypt(byte[] cipher, byte[] key, int usage)
+ throws KrbException {
+ byte[] iv = new byte[encProvider().blockSize()];
+ System.arraycopy(key, 0, iv, 0, key.length);
+ return decrypt(cipher, key, iv, usage);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcEnc.java
new file mode 100644
index 0000000..e3aa7d8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcEnc.java
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.crypto.Confounder;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.DesProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.DesKeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+abstract class DesCbcEnc extends AbstractEncTypeHandler {
+
+ public DesCbcEnc(HashProvider hashProvider) {
+ super(new DesProvider(), hashProvider);
+ keyMaker(new DesKeyMaker(this.encProvider()));
+ }
+
+ @Override
+ protected void encryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int dataLen = workLens[2];
+ int paddingLen = workLens[3];
+
+ // confounder
+ byte[] confounder = Confounder.makeBytes(confounderLen);
+ System.arraycopy(confounder, 0, workBuffer, 0, confounderLen);
+
+ // padding
+ for (int i = confounderLen + checksumLen + dataLen; i < paddingLen; ++i) {
+ workBuffer[i] = 0;
+ }
+
+ // checksum
+ hashProvider().hash(workBuffer);
+ byte[] cksum = hashProvider().output();
+ System.arraycopy(cksum, 0, workBuffer, confounderLen, checksumLen);
+
+ encProvider().encrypt(key, iv, workBuffer);
+ }
+
+ @Override
+ protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int dataLen = workLens[2];
+
+ encProvider().decrypt(key, iv, workBuffer);
+
+ byte[] checksum = new byte[checksumLen];
+ for (int i = 0; i < checksumLen; i++) {
+ checksum[i] = workBuffer[confounderLen + i];
+ workBuffer[confounderLen + i] = 0;
+ }
+
+ hashProvider().hash(workBuffer);
+ byte[] newChecksum = hashProvider().output();
+ if (! checksumEqual(checksum, newChecksum)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
+ }
+
+ byte[] data = new byte[dataLen];
+ System.arraycopy(workBuffer, confounderLen + checksumLen,
+ data, 0, dataLen);
+
+ return data;
+ }
+}
[24/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbOutputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbOutputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbOutputStream.java
deleted file mode 100644
index cc54694..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/KrbOutputStream.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-public abstract class KrbOutputStream extends DataOutputStream
-{
- public KrbOutputStream(OutputStream out) {
- super(out);
- }
-
- public abstract void writePrincipal(PrincipalName principal, int version) throws IOException;
-
- public void writeRealm(String realm) throws IOException {
- writeCountedString(realm);
- }
-
- public abstract void writeKey(EncryptionKey key, int version) throws IOException;
-
- public void writeTime(KerberosTime ktime) throws IOException {
- int time = 0;
- if (ktime != null) {
- time = (int) (ktime.getValue().getTime() / 1000);
- }
- writeInt(time);
- }
-
- public void writeCountedString(String string) throws IOException {
- byte[] data = string != null ? string.getBytes() : null; // ASCII
-
- writeCountedOctets(data);
- }
-
- public void writeCountedOctets(byte[] data) throws IOException {
- if (data != null) {
- writeInt(data.length);
- write(data);
- } else {
- writeInt(0);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheInputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheInputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheInputStream.java
deleted file mode 100644
index 97b5780..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheInputStream.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-import org.apache.kerberos.kerb.KrbInputStream;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-public class CredCacheInputStream extends KrbInputStream
-{
- public CredCacheInputStream(InputStream in) {
- super(in);
- }
-
- @Override
- public PrincipalName readPrincipal(int version) throws IOException {
- NameType nameType = NameType.NT_UNKNOWN;
- if (version != CredentialCache.FCC_FVNO_1) {
- int typeValue = readInt();
- nameType = NameType.fromValue(typeValue);
- }
-
- int numComponents = readInt();
- if (version == CredentialCache.FCC_FVNO_1) {
- numComponents -= 1;
- }
-
- String realm = readCountedString();
-
- List<String> nameStrings = new ArrayList<String>();
- String component;
- for (int i = 0; i < numComponents; i++) { // sub 1 if version 0x501
- component = readCountedString();
- nameStrings.add(component);
- }
-
- PrincipalName principal = new PrincipalName(nameStrings, nameType);
- principal.setRealm(realm);
-
- return principal;
- }
-
- public EncryptionKey readKey(int version) throws IOException {
- if (version == CredentialCache.FCC_FVNO_3) {
- readShort(); // ignore keytype
- }
-
- return super.readKey(version);
- }
-
- public KerberosTime[] readTimes() throws IOException {
- KerberosTime[] times = new KerberosTime[4];
-
- for (int i = 0; i < times.length; ++i) {
- times[i] = readTime();
- }
-
- return times;
- }
-
- public boolean readIsSkey() throws IOException {
- int value = readByte();
- return value == 1 ? true : false;
- }
-
- public HostAddresses readAddr() throws IOException {
- int numAddresses = readInt();
- if (numAddresses <= 0) {
- return null;
- }
-
- HostAddress[] addresses = new HostAddress[numAddresses];
- for (int i = 0; i < numAddresses; i++) {
- addresses[i] = readAddress();
- }
-
- HostAddresses result = new HostAddresses();
- result.addElements(addresses);
- return result;
- }
-
- public HostAddress readAddress() throws IOException {
- int typeValue = readShort();
- HostAddrType addrType = HostAddrType.fromValue(typeValue);
- byte[] addrData = readCountedOctets();
-
- HostAddress addr = new HostAddress();
- addr.setAddrType(addrType);
- addr.setAddress(addrData);
-
- return addr;
- }
-
- public AuthorizationData readAuthzData() throws IOException {
- int numEntries = readInt();
- if (numEntries <= 0) {
- return null;
- }
-
- AuthorizationDataEntry[] authzData = new AuthorizationDataEntry[numEntries];
- for (int i = 0; i < numEntries; i++) {
- authzData[i] = readAuthzDataEntry();
- }
-
- AuthorizationData result = new AuthorizationData();
- result.addElements(authzData);
- return result;
- }
-
- public AuthorizationDataEntry readAuthzDataEntry() throws IOException {
- int typeValue = readShort();
- AuthorizationType authzType = AuthorizationType.fromValue(typeValue);
- byte[] authzData = readCountedOctets();
-
- AuthorizationDataEntry authzEntry = new AuthorizationDataEntry();
- authzEntry.setAuthzType(authzType);
- authzEntry.setAuthzData(authzData);
-
- return authzEntry;
- }
-
- @Override
- public int readOctetsCount() throws IOException {
- return readInt();
- }
-
- public TicketFlags readTicketFlags() throws IOException {
- int flags = readInt();
- TicketFlags tktFlags = new TicketFlags(flags);
- return tktFlags;
- }
-
- public Ticket readTicket() throws IOException {
- byte[] ticketData = readCountedOctets();
- if (ticketData == null) {
- return null;
- }
-
- Ticket ticket = new Ticket();
- ticket.decode(ticketData);
- return ticket;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheOutputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheOutputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheOutputStream.java
deleted file mode 100644
index 2f5ecb8..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredCacheOutputStream.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-import org.apache.kerberos.kerb.KrbOutputStream;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.List;
-
-public class CredCacheOutputStream extends KrbOutputStream
-{
- public CredCacheOutputStream(OutputStream out) {
- super(out);
- }
-
- @Override
- public void writePrincipal(PrincipalName principal, int version) throws IOException {
- List<String> nameComponents = principal.getNameStrings();
-
- if (version != CredentialCache.FCC_FVNO_1) {
- writeInt(principal.getNameType().getValue());
- }
-
- int numComponents = nameComponents.size();
- if (version == CredentialCache.FCC_FVNO_1) {
- numComponents ++;
- }
- writeInt(numComponents);
-
- writeRealm(principal.getRealm());
-
- for (String nameCom : nameComponents) {
- writeCountedString(nameCom);
- }
- }
-
- @Override
- public void writeKey(EncryptionKey key, int version) throws IOException {
- writeShort(key.getKeyType().getValue());
- if (version == CredentialCache.FCC_FVNO_3) {
- writeShort(key.getKeyType().getValue());
- }
-
- writeCountedOctets(key.getKeyData());
- }
-
- public void writeTimes(KerberosTime[] times) throws IOException {
- for (int i = 0; i < times.length; ++i) {
- writeTime(times[i]);
- }
- }
-
- public void writeAddresses(HostAddresses addrs) throws IOException {
- if (addrs == null) {
- writeInt(0);
- } else {
- List<HostAddress> addresses = addrs.getElements();
- write(addresses.size());
- for (HostAddress addr : addresses) {
- writeAddress(addr);
- }
- }
- }
-
- public void writeAddress(HostAddress address) throws IOException {
- write(address.getAddrType().getValue());
- write(address.getAddress().length);
- write(address.getAddress(), 0,
- address.getAddress().length);
- }
-
- public void writeAuthzData(AuthorizationData authData) throws IOException {
- if (authData == null) {
- writeInt(0);
- } else {
- for (AuthorizationDataEntry entry : authData.getElements()) {
- write(entry.getAuthzType().getValue());
- write(entry.getAuthzData().length);
- write(entry.getAuthzData());
- }
- }
- }
-
- public void writeTicket(Ticket t) throws IOException {
- if (t == null) {
- writeInt(0);
- } else {
- byte[] bytes = t.encode();
- writeInt(bytes.length);
- write(bytes);
- }
- }
-
- public void writeIsSkey(boolean isEncInSKey) throws IOException {
- writeByte(isEncInSKey ? 1 : 0);
- }
-
- public void writeTicketFlags(TicketFlags ticketFlags) throws IOException {
- writeInt(ticketFlags.getFlags());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Credential.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Credential.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Credential.java
deleted file mode 100644
index 5a403c8..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Credential.java
+++ /dev/null
@@ -1,225 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.AuthorizationData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.HostAddresses;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.EncKdcRepPart;
-import org.apache.kerberos.kerb.spec.ticket.AbstractServiceTicket;
-import org.apache.kerberos.kerb.spec.ticket.TgtTicket;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
-
-import java.io.IOException;
-
-public class Credential
-{
- private static String CONF_REALM = "X-CACHECONF:";
-
- private PrincipalName clientName;
- private String clientRealm;
- private PrincipalName serverName;
- private String serverRealm;
- private EncryptionKey key;
- private KerberosTime authTime;
- private KerberosTime startTime;
- private KerberosTime endTime;
- private KerberosTime renewTill;
- private HostAddresses clientAddresses;
- private AuthorizationData authzData;
- private boolean isEncInSKey;
- private TicketFlags ticketFlags;
- private Ticket ticket;
- private Ticket secondTicket;
-
- public Credential() {
-
- }
-
- public Credential(TgtTicket tgt) {
- PrincipalName clientPrincipal = tgt.getClientPrincipal();
-
- clientPrincipal.setRealm(tgt.getRealm());
-
- init(tgt, clientPrincipal);
- }
-
- public Credential(AbstractServiceTicket tkt, PrincipalName clientPrincipal) {
- init(tkt, clientPrincipal);
- }
-
- private void init(AbstractServiceTicket tkt, PrincipalName clientPrincipal) {
- EncKdcRepPart kdcRepPart = tkt.getEncKdcRepPart();
-
- this.serverName = kdcRepPart.getSname();
- this.serverRealm = kdcRepPart.getSrealm();
- this.serverName.setRealm(serverRealm);
-
- this.clientName = clientPrincipal;
-
- this.key = kdcRepPart.getKey();
- this.authTime = kdcRepPart.getAuthTime();
- this.startTime = kdcRepPart.getStartTime();
- this.endTime = kdcRepPart.getEndTime();
-
- this.renewTill = kdcRepPart.getRenewTill();
-
- this.ticketFlags = kdcRepPart.getFlags();
- this.clientAddresses = kdcRepPart.getCaddr();
-
- this.ticket = tkt.getTicket();
-
- this.isEncInSKey = false;
-
- this.secondTicket = null;
- }
-
- public PrincipalName getServicePrincipal() {
- return serverName;
- }
-
- public KerberosTime getAuthTime() {
- return authTime;
- }
-
- public KerberosTime getEndTime() {
- return endTime;
- }
-
- public int getEType() {
- return key.getKeyType().getValue();
- }
-
- public PrincipalName getClientName() {
- return clientName;
- }
-
- public PrincipalName getServerName() {
- return serverName;
- }
-
- public String getClientRealm() {
- return clientRealm;
- }
-
- public EncryptionKey getKey() {
- return key;
- }
-
- public KerberosTime getStartTime() {
- return startTime;
- }
-
- public KerberosTime getRenewTill() {
- return renewTill;
- }
-
- public HostAddresses getClientAddresses() {
- return clientAddresses;
- }
-
- public AuthorizationData getAuthzData() {
- return authzData;
- }
-
- public boolean isEncInSKey() {
- return isEncInSKey;
- }
-
- public TicketFlags getTicketFlags() {
- return ticketFlags;
- }
-
- public Ticket getTicket() {
- return ticket;
- }
-
- public Ticket getSecondTicket() {
- return secondTicket;
- }
-
- public void load(CredCacheInputStream ccis, int version) throws IOException {
- this.clientName = ccis.readPrincipal(version);
- if (clientName == null) {
- throw new IOException("Invalid client principal name");
- }
-
- this.serverName = ccis.readPrincipal(version);
- if (serverName == null) {
- throw new IOException("Invalid server principal name");
- }
-
- boolean isConfEntry = false;
-
- if (serverName.getRealm().equals(CONF_REALM)) {
- isConfEntry = true;
- }
-
- this.key = ccis.readKey(version);
-
- KerberosTime[] times = ccis.readTimes();
- this.authTime = times[0];
- this.startTime = times[1];
- this.endTime = times[2];
- this.renewTill = times[3];
-
- this.isEncInSKey = ccis.readIsSkey();
-
- this.ticketFlags = ccis.readTicketFlags();
-
- this.clientAddresses = ccis.readAddr();
-
- this.authzData = ccis.readAuthzData();
-
- if (isConfEntry) {
- byte[] confData = ccis.readCountedOctets();
- // ignoring confData for now
- } else {
- this.ticket = ccis.readTicket();
- }
-
- this.secondTicket = ccis.readTicket();
-
- // might skip krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM in MIT KRB5
- }
-
- public void store(CredCacheOutputStream ccos, int version) throws IOException {
- ccos.writePrincipal(clientName, version);
- ccos.writePrincipal(serverName, version);
- ccos.writeKey(key, version);
-
- ccos.writeTimes(new KerberosTime[]{authTime, startTime, endTime, renewTill});
-
- ccos.writeIsSkey(isEncInSKey);
-
- ccos.writeTicketFlags(ticketFlags);
-
- ccos.writeAddresses(clientAddresses);
-
- ccos.writeAuthzData(authzData);
-
- ccos.writeTicket(ticket);
-
- ccos.writeTicket(secondTicket);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredentialCache.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredentialCache.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredentialCache.java
deleted file mode 100644
index c71fa0d..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/CredentialCache.java
+++ /dev/null
@@ -1,278 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-
-import java.io.*;
-import java.util.ArrayList;
-import java.util.List;
-
-public class CredentialCache implements KrbCredentialCache
-{
- public static final int FCC_FVNO_1 = 0x501;
- public static final int FCC_FVNO_2 = 0x502;
- public static final int FCC_FVNO_3 = 0x503;
- public static final int FCC_FVNO_4 = 0x504;
-
- public static final int FCC_TAG_DELTATIME = 1;
- public static final int NT_UNKNOWN = 0;
- public static final int MAXNAMELENGTH = 1024;
-
- private int version = FCC_FVNO_4;
- private List<Tag> tags;
- private PrincipalName primaryPrincipal;
- private List<Credential> credentials = new ArrayList<Credential> ();
-
- @Override
- public void store(File ccacheFile) throws IOException {
- OutputStream outputStream = new FileOutputStream(ccacheFile);
-
- store(outputStream);
- }
-
- @Override
- public void store(OutputStream outputStream) throws IOException {
- if (outputStream == null) {
- throw new IllegalArgumentException("Invalid and null output stream");
- }
-
- CredCacheOutputStream ccos = new CredCacheOutputStream(outputStream);
-
- doStore(ccos);
-
- ccos.close();
- }
-
- private void doStore(CredCacheOutputStream ccos) throws IOException {
- this.version = FCC_FVNO_3;
-
- writeVersion(ccos);
-
- if (version == FCC_FVNO_4) {
- writeTags(ccos);
- }
-
- ccos.writePrincipal(primaryPrincipal, version);
-
- for (Credential cred : credentials) {
- cred.store(ccos, version);
- }
- }
-
- @Override
- public void setVersion(int version) {
- this.version = version;
- }
-
- @Override
- public PrincipalName getPrimaryPrincipal() {
- return primaryPrincipal;
- }
-
- @Override
- public void setPrimaryPrincipal(PrincipalName principal) {
- primaryPrincipal = principal;
- }
-
- @Override
- public int getVersion() {
- return version;
- }
-
- public void setTags(List<Tag> tags) {
- this.tags = tags;
- }
-
- public List<Tag> getTags() {
- return this.tags;
- }
-
- @Override
- public List<Credential> getCredentials() {
- return credentials;
- }
-
- @Override
- public void addCredential(Credential credential) {
- if (credential != null) {
- this.credentials.add(credential);
- }
- }
-
- @Override
- public void addCredentials(List<Credential> credentials) {
- if (credentials != null) {
- this.credentials.addAll(credentials);
- }
- }
-
- @Override
- public void removeCredentials(List<Credential> credentials) {
- if (credentials != null) {
- for (Credential cred : credentials) {
- removeCredential(cred);
- }
- }
- }
-
- @Override
- public void removeCredential(Credential credential) {
- if (credential != null) {
- for (Credential cred : credentials) {
- if (cred.equals(credential)) {
- credentials.remove(cred);
- break;
- }
- }
- }
- }
-
- @Override
- public void load(File ccacheFile) throws IOException {
- if (! ccacheFile.exists() || ! ccacheFile.canRead()) {
- throw new IllegalArgumentException("Invalid ccache file: " + ccacheFile.getAbsolutePath());
- }
-
- InputStream inputStream = new FileInputStream(ccacheFile);
-
- load(inputStream);
- }
-
- @Override
- public void load(InputStream inputStream) throws IOException {
- if (inputStream == null) {
- throw new IllegalArgumentException("Invalid and null input stream");
- }
-
- CredCacheInputStream ccis = new CredCacheInputStream(inputStream);
-
- doLoad(ccis);
-
- ccis.close();
- }
-
- private void doLoad(CredCacheInputStream ccis) throws IOException {
- this.version = readVersion(ccis);
-
- this.tags = readTags(ccis);
-
- this.primaryPrincipal = ccis.readPrincipal(version);
-
- this.credentials = readCredentials(ccis);
- }
-
- private List<Credential> readCredentials(CredCacheInputStream ccis) throws IOException {
- List<Credential> results = new ArrayList<Credential>(2);
-
- Credential cred;
- while (ccis.available() > 0) {
- cred = new Credential();
- cred.load(ccis, version);
-
- results.add(cred);
- }
-
- return results;
- }
-
- private int readVersion(CredCacheInputStream ccis) throws IOException {
- int result = ccis.readShort();
- return result;
- }
-
- private List<Tag> readTags(CredCacheInputStream ccis) throws IOException {
- int len = ccis.readShort();
- List<Tag> tags = new ArrayList<Tag>();
-
- int tag, tagLen, time, usec;
- while (len > 0) {
- tag = ccis.readShort();
- tagLen = ccis.readShort();
- switch (tag) {
- case FCC_TAG_DELTATIME:
- time = ccis.readInt();
- usec = ccis.readInt();
- tags.add(new Tag(tag, time, usec));
- break;
- default:
- ccis.read(new byte[tagLen], 0, tagLen); // ignore unknown tag
- }
- len = len - (4 + tagLen);
- }
-
- return tags;
- }
-
- private void writeVersion(CredCacheOutputStream ccos) throws IOException {
- ccos.writeShort(version);
- }
-
- private void writeTags(CredCacheOutputStream ccos) throws IOException {
- if (tags == null) {
- ccos.writeShort(0);
- return;
- }
-
- int length = 0;
- for (Tag tag : tags) {
- if (tag.tag != FCC_TAG_DELTATIME) {
- continue;
- }
- length += tag.length;
- }
- ccos.writeShort(length);
-
- for (Tag tag : tags) {
- if (tag.tag != CredentialCache.FCC_TAG_DELTATIME) {
- continue;
- }
- writeTag(ccos, tag);
- }
- }
-
- private void writeTag(CredCacheOutputStream ccos, Tag tag) throws IOException {
- ccos.writeShort(tag.tag);
- ccos.writeShort(tag.length);
- ccos.writeInt(tag.time);
- ccos.writeInt(tag.usec);
- }
-
- public static void main(String[] args) throws IOException {
- if (args.length != 2) {
- System.err.println("Dump credential cache file");
- System.err.println("Usage: CredentialCache <ccache-file>");
- System.exit(1);
- }
-
- String cacheFile = args[1];
- CredentialCache cc = new CredentialCache();
- cc.load(new File(cacheFile));
-
- Ticket tkt;
- for (Credential cred : cc.getCredentials()) {
- tkt = cred.getTicket();
- System.out.println("Tkt server name: " + tkt.getSname().getName());
- System.out.println("Tkt client name: " + cred.getClientName().getName());
- System.out.println("Tkt encrypt type: " + tkt.getEncryptedEncPart().getEType().getName());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/KrbCredentialCache.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/KrbCredentialCache.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/KrbCredentialCache.java
deleted file mode 100644
index 864501d..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/KrbCredentialCache.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.List;
-
-public interface KrbCredentialCache {
-
- public PrincipalName getPrimaryPrincipal();
-
- public void setPrimaryPrincipal(PrincipalName principal);
-
- public int getVersion();
-
- public void setVersion(int version);
-
- public List<Credential> getCredentials();
-
- public void addCredential(Credential credential);
-
- public void addCredentials(List<Credential> credentials);
-
- public void removeCredentials(List<Credential> credentials);
-
- public void removeCredential(Credential credential);
-
- public void load(File ccacheFile) throws IOException;
-
- public void load(InputStream inputStream) throws IOException;
-
- public void store(File ccacheFile) throws IOException;
-
- public void store(OutputStream outputStream) throws IOException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Tag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Tag.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Tag.java
deleted file mode 100644
index 668f9d3..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/Tag.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.ccache;
-
-public class Tag {
- int tag = 0;
- int tagLen = 8;
- int time = 0;
- int usec = 0;
- int length = 2 + 2 + 8; // len(tag) + len(tagLen) + len(tagData);
-
- public Tag(int tag, int time, int usec) {
- this.tag = tag;
- this.time = time;
- this.usec = usec;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/ccache.txt
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/ccache.txt b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/ccache.txt
deleted file mode 100644
index 91453ea..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/ccache/ccache.txt
+++ /dev/null
@@ -1,98 +0,0 @@
-The Kerberos Credential Cache Binary File Format
-Copyright (C) 2006-2013 Simon Josefsson <simon josefsson.org>
-http://josefsson.org/shishi/ccache.txt
-Last updated: Sat Sep 23 12:04:11 CEST 2006
-
-Like the MIT keytab binary format (see Michael B Allen's reverse
-engineered description in keytab.txt), the credential cache format is
-not standard nor documented anywhere.
-
-In C style notation, the MIT credential cache file format is as
-follows. All values are in network byte order. All text is ASCII.
-
-ccache {
- uint16_t file_format_version; /* 0x0504 */
- uint16_t headerlen; /* only if version is 0x0504 */
- header headers[]; /* only if version is 0x0504 */
- principal primary_principal;
- credential credentials[*];
-};
-
-header {
- uint16_t tag; /* 1 = DeltaTime */
- uint16_t taglen;
- uint8_t tagdata[taglen]
-};
-
-The ccache.taglen and ccache.tags fields are only present in 0x0504
-versions, not in earlier. Both MIT and Heimdal appear to correctly
-ignore unknown tags, so it appears safe to add them (although there is
-no central place to "register" tags).
-
-Currently only one tag is widely implemented, DeltaTime (0x0001). Its
-taglen is always 8, and tagdata will contain:
-
-DeltaTime {
- uint32_t time_offset;
- uint32_t usec_offset;
-};
-
-After reading the file_format_version, header tags, and default
-principal, a list of credentials follow. You deduce from the file
-length when there are no more credentials.
-
-credential {
- principal client;
- principal server;
- keyblock key;
- times time;
- uint8_t is_skey; /* 1 if skey, 0 otherwise */
- uint32_t tktflags; /* stored in reversed byte order */
- uint32_t num_address;
- address addrs[num_address];
- uint32_t num_authdata;
- authdata authdata[num_authdata];
- counted_octet_string ticket;
- counted_octet_string second_ticket;
-};
-
-keyblock {
- uint16_t keytype;
- uint16_t etype; /* only present if version 0x0503 */
- uint32_t keylen; /* [drankye]: corrected, before it was uint16_t */
- uint8_t keyvalue[keylen];
-};
-
-times {
- uint32_t authtime;
- uint32_t starttime;
- uint32_t endtime;
- uint32_t renew_till;
-};
-
-address {
- uint16_t addrtype;
- counted_octet_string addrdata;
-};
-
-authdata {
- uint16_t authtype;
- counted_octet_string authdata;
-};
-
-principal {
- uint32_t name_type; /* not present if version 0x0501 */
- uint32_t num_components; /* sub 1 if version 0x501 */
- counted_octet_string realm;
- counted_octet_string components[num_components];
-};
-
-counted_octet_string {
- uint32_t length;
- uint8_t data[length];
-};
-
-Permission to copy, modify, and distribute this document, with or
-without modification, for any purpose and without fee or royalty is
-hereby granted, provided that you include this copyright notice in ALL
-copies of the document or portions thereof, including modifications.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/Keytab.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/Keytab.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/Keytab.java
deleted file mode 100644
index a5ee05e..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/Keytab.java
+++ /dev/null
@@ -1,197 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.keytab;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.*;
-import java.nio.ByteBuffer;
-import java.util.*;
-
-public class Keytab implements KrbKeytab {
-
- public static final int V501 = 0x0501;
- public static final int V502 = 0x0502;
-
- private int version = V502;
-
- private Map<PrincipalName, List<KeytabEntry>> principalEntries;
-
- public Keytab() {
- this.principalEntries = new HashMap<PrincipalName, List<KeytabEntry>>();
- }
-
- @Override
- public List<PrincipalName> getPrincipals() {
- return new ArrayList<PrincipalName>(principalEntries.keySet());
- }
-
- @Override
- public void addKeytabEntries(List<KeytabEntry> entries) {
- for (KeytabEntry entry : entries) {
- addEntry(entry);
- }
- }
-
- @Override
- public void removeKeytabEntries(PrincipalName principal) {
- principalEntries.remove(principal);
- }
-
- @Override
- public void removeKeytabEntry(KeytabEntry entry) {
- PrincipalName principal = entry.getPrincipal();
- List<KeytabEntry> entries = principalEntries.get(principal);
- if (entries != null) {
- Iterator<KeytabEntry> iter = entries.iterator();
- KeytabEntry tmp;
- while (iter.hasNext()) {
- tmp = iter.next();
- if (entry.equals(tmp)) {
- iter.remove();
- break;
- }
- }
- }
- }
-
- @Override
- public List<KeytabEntry> getKeytabEntries(PrincipalName principal) {
- return principalEntries.get(principal);
- }
-
- @Override
- public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType) {
- List<KeytabEntry> entries = getKeytabEntries(principal);
- for (KeytabEntry ke : entries) {
- if (ke.getKey().getKeyType() == keyType) {
- return ke.getKey();
- }
- }
-
- return null;
- }
-
- @Override
- public void load(File keytabFile) throws IOException {
- if (! keytabFile.exists() || ! keytabFile.canRead()) {
- throw new IllegalArgumentException("Invalid keytab file: " + keytabFile.getAbsolutePath());
- }
-
- InputStream is = new FileInputStream(keytabFile);
-
- load(is);
- }
-
- @Override
- public void load(InputStream inputStream) throws IOException {
- if (inputStream == null) {
- throw new IllegalArgumentException("Invalid and null input stream");
- }
-
- KeytabInputStream kis = new KeytabInputStream(inputStream);
-
- doLoad(kis);
- }
-
- private void doLoad(KeytabInputStream kis) throws IOException {
- this.version = readVersion(kis);
-
- List<KeytabEntry> entries = readEntries(kis);
- addKeytabEntries(entries);
- }
-
- @Override
- public void addEntry(KeytabEntry entry) {
- PrincipalName principal = entry.getPrincipal();
- List<KeytabEntry> entries = principalEntries.get(principal);
- if (entries == null) {
- entries = new ArrayList<KeytabEntry>();
- principalEntries.put(principal, entries);
- }
- entries.add(entry);
- }
-
- private int readVersion(KeytabInputStream kis) throws IOException {
- return kis.readShort();
- }
-
- private List<KeytabEntry> readEntries(KeytabInputStream kis) throws IOException {
- List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
-
- int entrySize;
- ByteBuffer entryData;
- KeytabEntry entry;
- while (kis.available() > 0) {
- entrySize = kis.readInt();
- if (kis.available() < entrySize) {
- throw new IOException("Bad input stream with less data than expected: " + entrySize);
- }
- entry = readEntry(kis);
- entries.add(entry);
- }
-
- return entries;
- }
-
- private KeytabEntry readEntry(KeytabInputStream kis) throws IOException {
- KeytabEntry entry = new KeytabEntry();
- entry.load(kis, version);
- return entry;
- }
-
- @Override
- public void store(File keytabFile) throws IOException {
- OutputStream outputStream = new FileOutputStream(keytabFile);
-
- store(outputStream);
- }
-
- @Override
- public void store(OutputStream outputStream) throws IOException {
- if (outputStream == null) {
- throw new IllegalArgumentException("Invalid and null output stream");
- }
-
- KeytabOutputStream kos = new KeytabOutputStream(outputStream);
-
- writeVersion(kos);
- writeEntries(kos);
- }
-
- private void writeVersion(KeytabOutputStream kos) throws IOException {
- byte[] bytes = new byte[2];
- bytes[0] = (byte) 0x05;
- bytes[1] = version == V502 ? (byte) 0x02 : (byte) 0x01;
-
- kos.write(bytes);
- }
-
- private void writeEntries(KeytabOutputStream kos) throws IOException {
- for (PrincipalName principal : principalEntries.keySet()) {
- for (KeytabEntry entry : principalEntries.get(principal)) {
- entry.store(kos);
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabEntry.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabEntry.java
deleted file mode 100644
index 47dd775..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabEntry.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.keytab;
-
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-public class KeytabEntry
-{
- private PrincipalName principal;
- private KerberosTime timestamp;
- private int kvno;
- private EncryptionKey key;
-
- public KeytabEntry(PrincipalName principal, KerberosTime timestamp,
- int kvno, EncryptionKey key) {
- this.principal = principal;
- this.timestamp = timestamp;
- this.kvno = kvno;
- this.key = key;
- }
-
- public KeytabEntry() {
-
- }
-
- public void load(KeytabInputStream kis, int version) throws IOException {
- this.principal = kis.readPrincipal(version);
-
- this.timestamp = kis.readTime();
-
- this.kvno = kis.readByte();
-
- this.key = kis.readKey();
- }
-
- public void store(KeytabOutputStream kos) throws IOException {
- byte[] body = null;
-
- // compute entry body content first so that to get and write the size
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- KeytabOutputStream subKos = new KeytabOutputStream(baos);
- writeBody(subKos, 0); // todo: consider the version
- subKos.flush();
- body = baos.toByteArray();
-
- kos.writeInt(body.length);
- kos.write(body);
- }
-
- public EncryptionKey getKey() {
- return key;
- }
-
- public int getKvno() {
- return kvno;
- }
-
- public PrincipalName getPrincipal() {
- return principal;
- }
-
- public KerberosTime getTimestamp() {
- return timestamp;
- }
-
- public void writeBody(KeytabOutputStream kos, int version) throws IOException {
- kos.writePrincipal(principal, version);
-
- kos.writeTime(timestamp);
-
- kos.writeByte(kvno);
-
- kos.writeKey(key, version);
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
-
- KeytabEntry that = (KeytabEntry) o;
-
- if (kvno != that.kvno) return false;
- if (!key.equals(that.key)) return false;
- if (!principal.equals(that.principal)) return false;
- if (!timestamp.equals(that.timestamp)) return false;
-
- return true;
- }
-
- @Override
- public int hashCode() {
- int result = principal.hashCode();
- result = 31 * result + timestamp.hashCode();
- result = 31 * result + kvno;
- result = 31 * result + key.hashCode();
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabInputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabInputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabInputStream.java
deleted file mode 100644
index 5e80ae7..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabInputStream.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.keytab;
-
-import org.apache.kerberos.kerb.KrbInputStream;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.NameType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-public class KeytabInputStream extends KrbInputStream
-{
- public KeytabInputStream(InputStream in) {
- super(in);
- }
-
- public KerberosTime readTime() throws IOException {
- long value = readInt();
- KerberosTime time = new KerberosTime(value * 1000);
- return time;
- }
-
- @Override
- public PrincipalName readPrincipal(int version) throws IOException {
- int numComponents = readShort();
- if (version == Keytab.V501) {
- numComponents -= 1;
- }
-
- String realm = readCountedString();
-
- List<String> nameStrings = new ArrayList<String>();
- String component;
- for (int i = 0; i < numComponents; i++) { // sub 1 if version 0x501
- component = readCountedString();
- nameStrings.add(component);
- }
- int type = readInt(); // not present if version 0x501
- NameType nameType = NameType.fromValue(type);
- PrincipalName principal = new PrincipalName(nameStrings, nameType);
- principal.setRealm(realm);
-
- return principal;
- }
-
- public EncryptionKey readKey() throws IOException {
- int eType = readShort();
- EncryptionType encryptionType = EncryptionType.fromValue(eType);
-
- byte[] keyData = readCountedOctets();
- EncryptionKey key = new EncryptionKey(encryptionType, keyData);
-
- return key;
- }
-
- public String readCountedString() throws IOException {
- byte[] countedOctets = readCountedOctets();
- // ASCII
- return new String(countedOctets);
- }
-
- @Override
- public int readOctetsCount() throws IOException {
- return readShort();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabOutputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabOutputStream.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabOutputStream.java
deleted file mode 100644
index 507873b..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KeytabOutputStream.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.keytab;
-
-import org.apache.kerberos.kerb.KrbOutputStream;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.List;
-
-public class KeytabOutputStream extends KrbOutputStream
-{
- public KeytabOutputStream(OutputStream out) {
- super(out);
- }
-
- public void writePrincipal(PrincipalName principal, int version) throws IOException {
- List<String> nameStrings = principal.getNameStrings();
- int numComponents = principal.getNameStrings().size();
- String realm = principal.getRealm();
-
- writeShort(numComponents);
-
- writeCountedString(realm);
-
- for (String nameCom : nameStrings) {
- writeCountedString(nameCom);
- }
-
- writeInt(principal.getNameType().getValue()); // todo: consider the version
- }
-
- @Override
- public void writeKey(EncryptionKey key, int version) throws IOException {
- writeShort(key.getKeyType().getValue());
- writeCountedOctets(key.getKeyData());
- }
-
- @Override
- public void writeCountedOctets(byte[] data) throws IOException {
- writeShort(data.length);
- write(data);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KrbKeytab.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KrbKeytab.java b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KrbKeytab.java
deleted file mode 100644
index 0fdaf6e..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/KrbKeytab.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.keytab;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.List;
-
-public interface KrbKeytab {
-
- public List<PrincipalName> getPrincipals();
-
- public void addKeytabEntries(List<KeytabEntry> entries);
-
- public void removeKeytabEntries(PrincipalName principal);
-
- public void removeKeytabEntry(KeytabEntry entry);
-
- public List<KeytabEntry> getKeytabEntries(PrincipalName principal);
-
- public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType);
-
- public void load(File keytabFile) throws IOException;
-
- public void load(InputStream inputStream) throws IOException;
-
- void addEntry(KeytabEntry entry);
-
- public void store(File keytabFile) throws IOException;
-
- public void store(OutputStream outputStream) throws IOException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/keytab.txt
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/keytab.txt b/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/keytab.txt
deleted file mode 100644
index 88a7b46..0000000
--- a/haox-kerb/kerb-util/src/main/java/org/apache/kerberos/kerb/keytab/keytab.txt
+++ /dev/null
@@ -1,106 +0,0 @@
-The Kerberos Keytab Binary File Format
-Copyright (C) 2006 Michael B Allen <mba2000 ioplex.com>
-http://www.ioplex.com/utilities/keytab.txt
-Last updated: Fri May 5 13:39:40 EDT 2006
-
-The MIT keytab binary format is not a standard format, nor is it
-documented anywhere in detail. The format has evolved and may continue
-to. It is however understood by several Kerberos implementations including
-Heimdal and of course MIT and keytab files are created by the ktpass.exe
-utility from Windows. So it has established itself as the defacto format
-for storing Kerberos keys.
-
-The following C-like structure definitions illustrate the MIT keytab
-file format. All values are in network byte order. All text is ASCII.
-
- keytab {
- uint16_t file_format_version; /* 0x502 */
- keytab_entry entries[*];
- };
-
- keytab_entry {
- int32_t size;
- uint16_t num_components; /* sub 1 if version 0x501 */
- counted_octet_string realm;
- counted_octet_string components[num_components];
- uint32_t name_type; /* not present if version 0x501 */
- uint32_t timestamp;
- uint8_t vno8;
- keyblock key;
- uint32_t vno; /* only present if >= 4 bytes left in entry */
- };
-
- counted_octet_string {
- uint16_t length;
- uint8_t data[length];
- };
-
- keyblock {
- uint16_t type;
- counted_octet_string;
- };
-
-The keytab file format begins with the 16 bit file_format_version which
-at the time this document was authored is 0x502. The format of older
-keytabs is described at the end of this document.
-
-The file_format_version is immediately followed by an array of
-keytab_entry structures which are prefixed with a 32 bit size indicating
-the number of bytes that follow in the entry. Note that the size should be
-evaluated as signed. This is because a negative value indicates that the
-entry is in fact empty (e.g. it has been deleted) and that the negative
-value of that negative value (which is of course a positive value) is
-the offset to the next keytab_entry. Based on these size values alone
-the entire keytab file can be traversed.
-
-The size is followed by a 16 bit num_components field indicating the
-number of counted_octet_string components in the components array.
-
-The num_components field is followed by a counted_octet_string
-representing the realm of the principal.
-
-A counted_octet_string is simply an array of bytes prefixed with a 16
-bit length. For the realm and name components, the counted_octet_string
-bytes are ASCII encoded text with no zero terminator.
-
-Following the realm is the components array that represents the name of
-the principal. The text of these components may be joined with slashs
-to construct the typical SPN representation. For example, the service
-principal HTTP/www.foo.net@FOO.NET would consist of name components
-"HTTP" followed by "www.foo.net".
-
-Following the components array is the 32 bit name_type (e.g. 1 is
-KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In
-practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL.
-
-The 32 bit timestamp indicates the time the key was established for that
-principal. The value represents the number of seconds since Jan 1, 1970.
-
-The 8 bit vno8 field is the version number of the key. This value is
-overridden by the 32 bit vno field if it is present.
-
-The keyblock structure consists of a 16 bit value indicating the keytype
-(e.g. 3 is des-cbc-md5, 23 is arcfour-hmac-md5, 16 is des3-cbc-sha1,
-etc). This is followed by a counted_octet_string containing the key.
-
-The last field of the keytab_entry structure is optional. If the size of
-the keytab_entry indicates that there are at least 4 bytes remaining,
-a 32 bit value representing the key version number is present. This
-value supersedes the 8 bit vno8 value preceeding the keyblock.
-
-Older keytabs with a file_format_version of 0x501 are different in
-three ways:
-
- 1) All integers are in host byte order [1].
- 2) The num_components field is 1 too large (i.e. after decoding,
- decrement by 1).
- 3) The 32 bit name_type field is not present.
-
-[1] The file_format_version field should really be treated as two
- separate 8 bit quantities representing the major and minor version
- number respectively.
-
-Permission to copy, modify, and distribute this document, with or
-without modification, for any purpose and without fee or royalty is
-hereby granted, provided that you include this copyright notice in ALL
-copies of the document or portions thereof, including modifications.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/CcacheTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/CcacheTest.java b/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/CcacheTest.java
deleted file mode 100644
index fce2b32..0000000
--- a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/CcacheTest.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.util;
-
-import org.apache.kerberos.kerb.ccache.CredentialCache;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-/*
-Default principal: drankye@SH.INTEL.COM
-
-Valid starting Expires Service principal
-08/05/2014 00:13:17 08/05/2014 10:13:17 krbtgt/SH.INTEL.COM@SH.INTEL.COM
- Flags: FIA, Etype (skey, tkt): des3-cbc-sha1, des3-cbc-sha1
- */
-public class CcacheTest {
-
- private CredentialCache cc;
-
- @Before
- public void setUp() throws IOException {
- InputStream cis = CcacheTest.class.getResourceAsStream("/test.cc");
- cc = new CredentialCache();
- cc.load(cis);
- }
-
- @Test
- public void testCc() {
- Assert.assertNotNull(cc);
-
- PrincipalName princ = cc.getPrimaryPrincipal();
- Assert.assertNotNull(princ);
- Assert.assertTrue(princ.getName().equals("drankye@SH.INTEL.COM"));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/EncryptionTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/EncryptionTest.java b/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/EncryptionTest.java
deleted file mode 100644
index 74444ae..0000000
--- a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/EncryptionTest.java
+++ /dev/null
@@ -1,148 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.util;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.ccache.CredentialCache;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.keytab.Keytab;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.ticket.EncTicketPart;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Arrays;
-import java.util.List;
-
-/*
-The principal keys for krbtgt/SH.INTEL.COM@SH.INTEL.COM
-
-KVNO Principal
----- --------------------------------------------------------------------------
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des-cbc-crc)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des3-cbc-raw)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (des-hmac-sha1)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (arcfour-hmac)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (camellia256-cts-cmac)
- 2 krbtgt/SH.INTEL.COM@SH.INTEL.COM (camellia128-cts-cmac)
- */
-public class EncryptionTest {
-
- private Keytab keytab;
- private CredentialCache cc;
-
- @Before
- public void setUp() throws IOException {
- InputStream kis = EncryptionTest.class.getResourceAsStream("/krbtgt.keytab");
- keytab = new Keytab();
- keytab.load(kis);
- }
-
- @Test
- public void testAes128() throws IOException, KrbException {
- testEncWith("aes128-cts-hmac-sha1-96.cc");
- }
-
- @Test
- public void testAes256() throws IOException, KrbException {
- testEncWith("aes256-cts-hmac-sha1-96.cc");
- }
-
- @Test
- public void testRc4() throws IOException, KrbException {
- testEncWith("arcfour-hmac.cc");
- }
-
- @Test
- public void testCamellia128() throws IOException, KrbException {
- testEncWith("camellia128-cts-cmac.cc");
- }
-
- @Test
- public void testCamellia256() throws IOException, KrbException {
- testEncWith("camellia256-cts-cmac.cc");
- }
-
- @Test
- public void testDesCbcCrc() throws IOException, KrbException {
- testEncWith("des-cbc-crc.cc");
- }
-
- @Test
- public void testDes3CbcSha1() throws IOException, KrbException {
- testEncWith("des3-cbc-sha1.cc");
- }
-
- private void testEncWith(String ccFile) throws IOException, KrbException, KrbException {
- InputStream cis = CcacheTest.class.getResourceAsStream("/" + ccFile);
- cc = new CredentialCache();
- cc.load(cis);
-
- Ticket ticket = getTicket();
- EncryptionType keyType = ticket.getEncryptedEncPart().getEType();
- EncryptionKey key = getServerKey(keyType);
- if (! EncryptionHandler.isImplemented(keyType)) {
- System.err.println("Key type not supported yet: " + keyType.getName());
- return;
- }
-
- byte[] decrypted = EncryptionHandler.decrypt(
- ticket.getEncryptedEncPart(), key, KeyUsage.KDC_REP_TICKET);
- Assert.assertNotNull(decrypted);
-
- EncTicketPart encPart = KrbCodec.decode(decrypted, EncTicketPart.class);
- Assert.assertNotNull(encPart);
- ticket.setEncPart(encPart);
-
- EncryptedData encrypted = EncryptionHandler.encrypt(
- decrypted, key, KeyUsage.KDC_REP_TICKET);
-
- byte[] decrypted2 = EncryptionHandler.decrypt(
- encrypted, key, KeyUsage.KDC_REP_TICKET);
- if (! Arrays.equals(decrypted, decrypted2)) {
- System.err.println("Encryption checking failed after decryption for key type: "
- + keyType.getName());
- }
- }
-
- private EncryptionKey getServerKey(EncryptionType keyType) {
- return keytab.getKey(getServer(), keyType);
- }
-
- private PrincipalName getServer() {
- // only one, krbtgt/SH.INTEL.COM@SH.INTEL.COM
- List<PrincipalName> principals = keytab.getPrincipals();
-
- PrincipalName server = principals.get(0);
-
- return server;
- }
-
- private Ticket getTicket() {
- return cc.getCredentials().get(0).getTicket();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeysTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeysTest.java b/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeysTest.java
deleted file mode 100644
index c314f2d..0000000
--- a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeysTest.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.util;
-
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.keytab.Keytab;
-import org.apache.kerberos.kerb.keytab.KeytabEntry;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.List;
-
-/*
-The principal was created with password '123456'
-KVNO Principal
----- --------------------------------------------------------------------------
- 1 test@SH.INTEL.COM (des-cbc-crc)
- 1 test@SH.INTEL.COM (des3-cbc-sha1)
- 1 test@SH.INTEL.COM (des-hmac-sha1)
- 1 test@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
- 1 test@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
- 1 test@SH.INTEL.COM (arcfour-hmac)
- 1 test@SH.INTEL.COM (camellia256-cts-cmac)
- 1 test@SH.INTEL.COM (camellia128-cts-cmac)
- */
-public class KeysTest {
- private static String TEST_PASSWORD = "123456";
-
- private Keytab keytab;
-
- @Before
- public void setUp() throws IOException {
- InputStream kis = KeysTest.class.getResourceAsStream("/test.keytab");
- keytab = new Keytab();
- keytab.load(kis);
- }
-
- @Test
- public void testString2Key() throws KrbException {
- List<PrincipalName> principals = keytab.getPrincipals();
- PrincipalName principal = principals.get(0);
- List<KeytabEntry> entries = keytab.getKeytabEntries(principal);
- EncryptionKey genKey;
- EncryptionType keyType;
- for (KeytabEntry ke : entries) {
- keyType = ke.getKey().getKeyType();
- if (EncryptionHandler.isImplemented(keyType)) {
- genKey = EncryptionHandler.string2Key(principal.getName(),
- TEST_PASSWORD, keyType);
- if(! ke.getKey().equals(genKey)) {
- Assert.fail("str2key failed for key type: " + keyType.getName());
- //System.err.println("str2key failed for key type: " + keyType.getName());
- }
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeytabTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeytabTest.java b/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeytabTest.java
deleted file mode 100644
index c219a13..0000000
--- a/haox-kerb/kerb-util/src/test/java/org/apache/kerberos/kerb/util/KeytabTest.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.util;
-
-import org.apache.kerberos.kerb.keytab.Keytab;
-import org.apache.kerberos.kerb.keytab.KeytabEntry;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.List;
-
-/*
-The principal was created with password '123456'
-
-KVNO Principal
----- --------------------------------------------------------------------------
- 1 test@SH.INTEL.COM (des-cbc-crc)
- 1 test@SH.INTEL.COM (des3-cbc-sha1)
- 1 test@SH.INTEL.COM (des-hmac-sha1)
- 1 test@SH.INTEL.COM (aes256-cts-hmac-sha1-96)
- 1 test@SH.INTEL.COM (aes128-cts-hmac-sha1-96)
- 1 test@SH.INTEL.COM (arcfour-hmac)
- 1 test@SH.INTEL.COM (camellia256-cts-cmac)
- 1 test@SH.INTEL.COM (camellia128-cts-cmac)
- */
-public class KeytabTest {
-
- private Keytab keytab;
-
- @Before
- public void setUp() throws IOException {
- InputStream kis = KeytabTest.class.getResourceAsStream("/test.keytab");
- keytab = new Keytab();
- keytab.load(kis);
- }
-
- @Test
- public void testKeytab() {
- Assert.assertNotNull(keytab);
-
- List<PrincipalName> principals = keytab.getPrincipals();
- PrincipalName principal = principals.get(0);
- List<KeytabEntry> entries = keytab.getKeytabEntries(principal);
- for (KeytabEntry ke : entries) {
- Assert.assertTrue(ke.getKvno() == 1);
- }
- }
-
- public static void main(String[] args) throws IOException {
- InputStream kis = KeytabTest.class.getResourceAsStream("test.keytab");
- Keytab keytab = new Keytab();
- keytab.load(kis);
- System.out.println("Principals:" + keytab.getPrincipals().size());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc b/haox-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc
deleted file mode 100644
index 2ae9f6e..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/aes128-cts-hmac-sha1-96.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc b/haox-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc
deleted file mode 100644
index 929c40e..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/aes256-cts-hmac-sha1-96.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/arcfour-hmac.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/arcfour-hmac.cc b/haox-kerb/kerb-util/src/test/resources/arcfour-hmac.cc
deleted file mode 100644
index f7bb88d..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/arcfour-hmac.cc and /dev/null differ
[23/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt b/haox-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
deleted file mode 100644
index e6ebe8a..0000000
--- a/haox-kerb/kerb-util/src/test/resources/camellia-expect-vt.txt
+++ /dev/null
@@ -1,1036 +0,0 @@
-
-KEYSIZE=128
-
-KEY=00000000000000000000000000000000
-
-I=1
-PT=80000000000000000000000000000000
-CT=07923A39EB0A817D1C4D87BDB82D1F1C
-
-I=2
-PT=40000000000000000000000000000000
-CT=48CD6419809672D2349260D89A08D3D3
-
-I=3
-PT=20000000000000000000000000000000
-CT=D07493CCB2E95CE0B4945A05ACC97D82
-
-I=4
-PT=10000000000000000000000000000000
-CT=5DBE1EAC9F7080A88DBED7F6DA101448
-
-I=5
-PT=08000000000000000000000000000000
-CT=F01EE477D199DF2701027034B229622F
-
-I=6
-PT=04000000000000000000000000000000
-CT=C841587ABD9A912E563774CB569D051E
-
-I=7
-PT=02000000000000000000000000000000
-CT=1D9BC0C04546F0915C8CCD11391A455C
-
-I=8
-PT=01000000000000000000000000000000
-CT=05E6EBB4BA167F5C479CEFF3152F943B
-
-I=9
-PT=00800000000000000000000000000000
-CT=93211E0F788845B9FC0E4551FFE92AC9
-
-I=10
-PT=00400000000000000000000000000000
-CT=B6D35701CD8FADDE383BBE8E6B70BAF7
-
-I=11
-PT=00200000000000000000000000000000
-CT=8358F9F4EBCFEE348CB30551ACB151A0
-
-I=12
-PT=00100000000000000000000000000000
-CT=D57516EB5AD93C523E40521BF447AFCE
-
-I=13
-PT=00080000000000000000000000000000
-CT=66B2534C279C439133F52E5AD8B439A9
-
-I=14
-PT=00040000000000000000000000000000
-CT=A71C69184A9F63C2992A5F18F77C1FE9
-
-I=15
-PT=00020000000000000000000000000000
-CT=1ADCBE49AEACB9ECEBBD492B10E82C7B
-
-I=16
-PT=00010000000000000000000000000000
-CT=27E3BCFB227C5561DB6CF7FC30387036
-
-I=17
-PT=00008000000000000000000000000000
-CT=F4AE20365CC9D06B0CAE6B695ED2CEC1
-
-I=18
-PT=00004000000000000000000000000000
-CT=3DD682F0B641ED32AD3D43EA2A0456E4
-
-I=19
-PT=00002000000000000000000000000000
-CT=6E5D14A95ECC290B509EA6B673652E3A
-
-I=20
-PT=00001000000000000000000000000000
-CT=F1CDF0F8D7B3FFD95422D7CC0CF40B7B
-
-I=21
-PT=00000800000000000000000000000000
-CT=A9253D459A34C385A1F1B2CFFA3935C5
-
-I=22
-PT=00000400000000000000000000000000
-CT=291024D99FF09A47A1DEE45BA700AE52
-
-I=23
-PT=00000200000000000000000000000000
-CT=49241D9459B277187BB10081C60361C0
-
-I=24
-PT=00000100000000000000000000000000
-CT=AD9BA365CC4DD5553D2D9FE303841D88
-
-I=25
-PT=00000080000000000000000000000000
-CT=C2ECA616664A249DC622CC11196B4AE1
-
-I=26
-PT=00000040000000000000000000000000
-CT=6E1A2D4794BB0DC08777A0BC7523E70E
-
-I=27
-PT=00000020000000000000000000000000
-CT=6DB1F0CF59656BDD235E82B8CEF0BE8E
-
-I=28
-PT=00000010000000000000000000000000
-CT=52F239C5EAF401EBDC54D2F011FF4B6A
-
-I=29
-PT=00000008000000000000000000000000
-CT=6B58A08F648414B67FD6847D2AA51CBF
-
-I=30
-PT=00000004000000000000000000000000
-CT=2959DD5367885A75EB48053CF3251A36
-
-I=31
-PT=00000002000000000000000000000000
-CT=630B292E3B88EF641CDFD531E206605E
-
-I=32
-PT=00000001000000000000000000000000
-CT=4BBB88EF82B70593FCC56AFD91540FDB
-
-I=33
-PT=00000000800000000000000000000000
-CT=0A13055B118A45C606999257BD191426
-
-I=34
-PT=00000000400000000000000000000000
-CT=5CF8E5C9F15D7E4F865020224853EB77
-
-I=35
-PT=00000000200000000000000000000000
-CT=3898805042C7A4315C5EE51AF2DE47E2
-
-I=36
-PT=00000000100000000000000000000000
-CT=8D3F96372E87CBB0B375425B3A10B9E7
-
-I=37
-PT=00000000080000000000000000000000
-CT=4D9510A378BD784A70A66BCC75B7D3C8
-
-I=38
-PT=00000000040000000000000000000000
-CT=70DB1902D37CFBDFB98F7C516F79D416
-
-I=39
-PT=00000000020000000000000000000000
-CT=383C6C2AABEF7FDE25CD470BF774A331
-
-I=40
-PT=00000000010000000000000000000000
-CT=47CBCB5288349B1A15DC9F81FBEE6B8F
-
-I=41
-PT=00000000008000000000000000000000
-CT=21DA34D4468EEB13AED95DAE0FF48310
-
-I=42
-PT=00000000004000000000000000000000
-CT=021C9A8E6BD36FBD036411E5D852A80F
-
-I=43
-PT=00000000002000000000000000000000
-CT=6A459E2F839AF60ACDE83774D0BB5574
-
-I=44
-PT=00000000001000000000000000000000
-CT=C19255121F1B933CAE09E58AEC0E9977
-
-I=45
-PT=00000000000800000000000000000000
-CT=7BA949E27B2BE148A6B801F9305F43D5
-
-I=46
-PT=00000000000400000000000000000000
-CT=E8CEB1026BCF7BCEA32E8A380EA76DB7
-
-I=47
-PT=00000000000200000000000000000000
-CT=63F97747ED56A8F521B20CC65F6F9465
-
-I=48
-PT=00000000000100000000000000000000
-CT=2091CFDC629819106188424AC694F75B
-
-I=49
-PT=00000000000080000000000000000000
-CT=A91BDF8E8B88407942423CCE000527C4
-
-I=50
-PT=00000000000040000000000000000000
-CT=73F9B44B9635A3FD683DBF8D49E9825B
-
-I=51
-PT=00000000000020000000000000000000
-CT=9DC64B2133FAD5069FD9A7CC2FFFD1CC
-
-I=52
-PT=00000000000010000000000000000000
-CT=28240F81FEC36B71E13F1FEA7A7641E3
-
-I=53
-PT=00000000000008000000000000000000
-CT=20DD39FEE96CD2EFF972872A692B28FD
-
-I=54
-PT=00000000000004000000000000000000
-CT=47A9E40483EC1925B635E47E964E8E93
-
-I=55
-PT=00000000000002000000000000000000
-CT=9C0EBD822C49FB3D853DF5B315A87BA0
-
-I=56
-PT=00000000000001000000000000000000
-CT=C18D813FDB45A594C6DC24E5A1F6CE32
-
-I=57
-PT=00000000000000800000000000000000
-CT=7E5467FF245ECF80CB55C2D8E91F0711
-
-I=58
-PT=00000000000000400000000000000000
-CT=394D4365B77954FDEA4145FCF7A7A041
-
-I=59
-PT=00000000000000200000000000000000
-CT=B1D8311A492ED11F11E57B29221610C4
-
-I=60
-PT=00000000000000100000000000000000
-CT=E5FBB947A63AEA90163AF04AD6951EF8
-
-I=61
-PT=00000000000000080000000000000000
-CT=CA0627DDF580F0E7D59562825C9D0492
-
-I=62
-PT=00000000000000040000000000000000
-CT=EF98FFD1AED295AAE1860F0274C8F555
-
-I=63
-PT=00000000000000020000000000000000
-CT=8C698E5CFFF08FACE10C2DC5FF1E2A81
-
-I=64
-PT=00000000000000010000000000000000
-CT=35A7767E02032C35B5CE1A6F49C57C28
-
-I=65
-PT=00000000000000008000000000000000
-CT=AB36F8734E76EBA306CF00D6763D90B0
-
-I=66
-PT=00000000000000004000000000000000
-CT=E854EB66D4EC66889B5E6CD4F44A5806
-
-I=67
-PT=00000000000000002000000000000000
-CT=15B66DF1455ACD640B8716BCF5DB2D69
-
-I=68
-PT=00000000000000001000000000000000
-CT=4C57AB5333E5C2D4B7E30A007E449F48
-
-I=69
-PT=00000000000000000800000000000000
-CT=BA3E7FF28EB38EA09D8DB1440A9A3552
-
-I=70
-PT=00000000000000000400000000000000
-CT=64E60227AFD80C40C70186CC94804C1A
-
-I=71
-PT=00000000000000000200000000000000
-CT=CEB4423C20B4C91C2551F6FC227C9514
-
-I=72
-PT=00000000000000000100000000000000
-CT=F736894B843EF32DA28576DE500D448C
-
-I=73
-PT=00000000000000000080000000000000
-CT=58FDA98B678D15053D4B6C060368108C
-
-I=74
-PT=00000000000000000040000000000000
-CT=E28CAE384E578F47657755EBCD97996C
-
-I=75
-PT=00000000000000000020000000000000
-CT=0A64617BD4B5B166668240D105B7B6A2
-
-I=76
-PT=00000000000000000010000000000000
-CT=4BD090C7E3D365B5EA80F19B4798881E
-
-I=77
-PT=00000000000000000008000000000000
-CT=BC7B6CB9BFF4F72973BB2CD20A512C06
-
-I=78
-PT=00000000000000000004000000000000
-CT=4C7ADDC5C867594E9EE75F0AA6AB9C23
-
-I=79
-PT=00000000000000000002000000000000
-CT=1FBD05C71A36691AC6566A5298101D53
-
-I=80
-PT=00000000000000000001000000000000
-CT=42D7D6B1F499D412F8793972BD968DA2
-
-I=81
-PT=00000000000000000000800000000000
-CT=260EC86E2786FC68824576B934F32814
-
-I=82
-PT=00000000000000000000400000000000
-CT=576C26DFD7046F9357F34BEA7DFB26A0
-
-I=83
-PT=00000000000000000000200000000000
-CT=6D55E54BFB6F927174A02294C95E0F8F
-
-I=84
-PT=00000000000000000000100000000000
-CT=1A6CE91DD458229C7675A34950D10E23
-
-I=85
-PT=00000000000000000000080000000000
-CT=DAD0D5E7E000652825AA34D228EA8D8F
-
-I=86
-PT=00000000000000000000040000000000
-CT=E68013F48D75EAD2BBC0B0BDA5E690BF
-
-I=87
-PT=00000000000000000000020000000000
-CT=A07D92312FBAE37BFE8A834210AE4F9C
-
-I=88
-PT=00000000000000000000010000000000
-CT=6EEE5F8544CD7D456366EB448813989A
-
-I=89
-PT=00000000000000000000008000000000
-CT=F8E5C7FF4B79D7ABE8BFA2DD148820A8
-
-I=90
-PT=00000000000000000000004000000000
-CT=C6349D75C7472BBD66F95B3A07C79C91
-
-I=91
-PT=00000000000000000000002000000000
-CT=B85713C12D8658951CD1AD21C74D2CD2
-
-I=92
-PT=00000000000000000000001000000000
-CT=907AA00B9F7D47A97623FB55BA911F29
-
-I=93
-PT=00000000000000000000000800000000
-CT=DC3CD0ED23D11776FAB43A2A6A8F3557
-
-I=94
-PT=00000000000000000000000400000000
-CT=4BFE58A8FD69179C14765B09AB70B705
-
-I=95
-PT=00000000000000000000000200000000
-CT=A23996E0EA67EC280356E5F77130A551
-
-I=96
-PT=00000000000000000000000100000000
-CT=CDEADE859B3AACD273CCA85A3E2E45F2
-
-I=97
-PT=00000000000000000000000080000000
-CT=E0FC78489857D84DA03F40CE97147174
-
-I=98
-PT=00000000000000000000000040000000
-CT=7615EA6351F6BB12855E8579C6995D8E
-
-I=99
-PT=00000000000000000000000020000000
-CT=13E184344FE28C2E70ED0E4D0A8037F9
-
-I=100
-PT=00000000000000000000000010000000
-CT=A5FE395F568482B87BC3EB208C81C942
-
-I=101
-PT=00000000000000000000000008000000
-CT=B3103E11AF06C85565823F8CAA3159F6
-
-I=102
-PT=00000000000000000000000004000000
-CT=7EBC2234D271B89C519C396985300030
-
-I=103
-PT=00000000000000000000000002000000
-CT=0661D338F2E0C939BA1687820A768467
-
-I=104
-PT=00000000000000000000000001000000
-CT=EC2B42667C0195A90715499617884DA5
-
-I=105
-PT=00000000000000000000000000800000
-CT=AE077BA19D24E7188DDD3682FF196892
-
-I=106
-PT=00000000000000000000000000400000
-CT=98823C24B9C65A66073C7952DC2B4B5E
-
-I=107
-PT=00000000000000000000000000200000
-CT=6AB58432CBB3C2F503DA2D16796CC297
-
-I=108
-PT=00000000000000000000000000100000
-CT=EEB5EBB3A53E4196C2F22BC1A4DDF5E8
-
-I=109
-PT=00000000000000000000000000080000
-CT=33DC40AC5FDC126D38878416AF6C0FA6
-
-I=110
-PT=00000000000000000000000000040000
-CT=38EDDC08E18B4AD982CEA921D2765A9A
-
-I=111
-PT=00000000000000000000000000020000
-CT=7D6BEA038E9347C642E18631660A9558
-
-I=112
-PT=00000000000000000000000000010000
-CT=FDA57921A473B5EE3700AD5ADF035019
-
-I=113
-PT=00000000000000000000000000008000
-CT=699B4812E200337E9C1D2C397F0DFE4E
-
-I=114
-PT=00000000000000000000000000004000
-CT=7A1EADF68B0807145D6C414852DECFC8
-
-I=115
-PT=00000000000000000000000000002000
-CT=1645FFAA8AD76689C01DA8C40882781F
-
-I=116
-PT=00000000000000000000000000001000
-CT=BA0C053BE702FA62FC66D8FEB12FC97E
-
-I=117
-PT=00000000000000000000000000000800
-CT=841FD8AF69CF2C31F7D4D7B6959662B5
-
-I=118
-PT=00000000000000000000000000000400
-CT=F675D59BDB33231861268F539829DA0B
-
-I=119
-PT=00000000000000000000000000000200
-CT=A4967F45ABB4E8C7DC5E3806680F35E0
-
-I=120
-PT=00000000000000000000000000000100
-CT=4D7E08081CC82F92ABA7C58C99F8343F
-
-I=121
-PT=00000000000000000000000000000080
-CT=9AEFDB287C119B82353612B60ECCBFD8
-
-I=122
-PT=00000000000000000000000000000040
-CT=979BB6A1553A17592A86E78DF144A699
-
-I=123
-PT=00000000000000000000000000000020
-CT=A6FA8CAB06FD2E5BF3A858983C01757A
-
-I=124
-PT=00000000000000000000000000000010
-CT=BE8511254C31E25420B91D6FEF1710ED
-
-I=125
-PT=00000000000000000000000000000008
-CT=F589A908D18A21894971C0433581E1A5
-
-I=126
-PT=00000000000000000000000000000004
-CT=4237585130E7C9F715235EB1D8C94DE7
-
-I=127
-PT=00000000000000000000000000000002
-CT=DEFE3E0B5C54C94B4F2A0F5A46F6210D
-
-I=128
-PT=00000000000000000000000000000001
-CT=F5574ACC3148DFCB9015200631024DF9
-
-==========
-
-KEYSIZE=256
-
-KEY=0000000000000000000000000000000000000000000000000000000000000000
-
-I=1
-PT=80000000000000000000000000000000
-CT=B0C6B88AEA518AB09E847248E91B1B9D
-
-I=2
-PT=40000000000000000000000000000000
-CT=B8D7684E35FA1DB15BDCEE7A48659858
-
-I=3
-PT=20000000000000000000000000000000
-CT=F0CAD59AF92FBB79F36951E697492750
-
-I=4
-PT=10000000000000000000000000000000
-CT=117100F6635389560DC4A2DA24EBA70F
-
-I=5
-PT=08000000000000000000000000000000
-CT=DBDD62355553019ED84C35886421E532
-
-I=6
-PT=04000000000000000000000000000000
-CT=9CB8D04FA506F19848F7B9110518BFC8
-
-I=7
-PT=02000000000000000000000000000000
-CT=E4308E253BC3444D293500701BA82C6A
-
-I=8
-PT=01000000000000000000000000000000
-CT=EA2FAE53F7F30C0170A20E95A068503E
-
-I=9
-PT=00800000000000000000000000000000
-CT=14B14839EA221880B2C64D1FE000B93D
-
-I=10
-PT=00400000000000000000000000000000
-CT=A5CFC075B342D5101AACC334E73058BB
-
-I=11
-PT=00200000000000000000000000000000
-CT=477EA56B2EBAD0F8AC5E1936866560FF
-
-I=12
-PT=00100000000000000000000000000000
-CT=107E8598418404196EC59F63E45B7F6D
-
-I=13
-PT=00080000000000000000000000000000
-CT=FF6A891E7C1C074A68FEC291928FDD8D
-
-I=14
-PT=00040000000000000000000000000000
-CT=F64C250A13F45D377ADB7545B2B157A9
-
-I=15
-PT=00020000000000000000000000000000
-CT=FAD0F252086F11C830C65B63197CBC38
-
-I=16
-PT=00010000000000000000000000000000
-CT=9DCB89B209441F02AD0D25C6AB826629
-
-I=17
-PT=00008000000000000000000000000000
-CT=E62E4ED4E4F34EDC563710D960E09D4C
-
-I=18
-PT=00004000000000000000000000000000
-CT=98A1B926BA06895C3F2E84CCBACBC356
-
-I=19
-PT=00002000000000000000000000000000
-CT=29BE0BE4DB7F4D196718AEA38F3B0BFD
-
-I=20
-PT=00001000000000000000000000000000
-CT=F670C4EBECBA0B43E71F6D752BFD4854
-
-I=21
-PT=00000800000000000000000000000000
-CT=7D7666B4484CDB7E3605468E093A787C
-
-I=22
-PT=00000400000000000000000000000000
-CT=562D06B181C091DA6C43642AE99460C6
-
-I=23
-PT=00000200000000000000000000000000
-CT=AB0EFB5975E6186B7D76BC9672453488
-
-I=24
-PT=00000100000000000000000000000000
-CT=10C0756538E7BFF88D19AE2B1F7B859A
-
-I=25
-PT=00000080000000000000000000000000
-CT=AF7FCD5248F8C72F1695AA05DD1CADE0
-
-I=26
-PT=00000040000000000000000000000000
-CT=9841E555655609A75D7BE20B8A90EF1E
-
-I=27
-PT=00000020000000000000000000000000
-CT=27F9546E6A1B7464780000561783569C
-
-I=28
-PT=00000010000000000000000000000000
-CT=8671D935D7A8354EECB7288803D42D7A
-
-I=29
-PT=00000008000000000000000000000000
-CT=0DA44F508DEBC6F044394624FCEB8EBE
-
-I=30
-PT=00000004000000000000000000000000
-CT=AB137369BE6D93FBB18006BDB236EC09
-
-I=31
-PT=00000002000000000000000000000000
-CT=EB90C4E597A7E1779FFA260886E26F75
-
-I=32
-PT=00000001000000000000000000000000
-CT=618CF3588D5C128EAF252616230E08F7
-
-I=33
-PT=00000000800000000000000000000000
-CT=98DC4DB49D197AB9152D12B9DE2D73CA
-
-I=34
-PT=00000000400000000000000000000000
-CT=5BDDE24B15702A35E1F140C57D206443
-
-I=35
-PT=00000000200000000000000000000000
-CT=CF755809882BED8BA2F9F1A4ED296A2B
-
-I=36
-PT=00000000100000000000000000000000
-CT=F1A8DBB999538AE89D16F92A7F4D1DF1
-
-I=37
-PT=00000000080000000000000000000000
-CT=775222FDDAAECB81CF675C4E0B98179E
-
-I=38
-PT=00000000040000000000000000000000
-CT=12A648CADCD153C760A965826683119A
-
-I=39
-PT=00000000020000000000000000000000
-CT=0503FB10AB241E7CF45D8CDEEE474335
-
-I=40
-PT=00000000010000000000000000000000
-CT=3D299C0070CBBD831B802690B8E7CA24
-
-I=41
-PT=00000000008000000000000000000000
-CT=33105BD4D11D66753DC34D128BEFE3F4
-
-I=42
-PT=00000000004000000000000000000000
-CT=5EFCE2B4B987C0F77D27B44836881682
-
-I=43
-PT=00000000002000000000000000000000
-CT=7835449454128035D7F0EA99E327577B
-
-I=44
-PT=00000000001000000000000000000000
-CT=27BEDDA0601BE35122FB1D272D73AB3E
-
-I=45
-PT=00000000000800000000000000000000
-CT=54C3F99FF48E318CC515EDE75800C4B3
-
-I=46
-PT=00000000000400000000000000000000
-CT=C627C329F8E48299F6FDB23B9DBEA0BB
-
-I=47
-PT=00000000000200000000000000000000
-CT=1B6578F9E23BD8C1845A02431C5F9AA3
-
-I=48
-PT=00000000000100000000000000000000
-CT=6DB2FB8C0B9344D0547C0FF1292020C6
-
-I=49
-PT=00000000000080000000000000000000
-CT=4FAD9B2C37C131493FBEF53581FA4F83
-
-I=50
-PT=00000000000040000000000000000000
-CT=47502A01E93D2C87BD5584F6AFD3D99D
-
-I=51
-PT=00000000000020000000000000000000
-CT=056E1C6F651BFE50271B3B7A18E76D84
-
-I=52
-PT=00000000000010000000000000000000
-CT=5632BAF6627B3D96AD4E06FA6A561F55
-
-I=53
-PT=00000000000008000000000000000000
-CT=E29807CAACDFA2D41A7D9E91FA7FD8EB
-
-I=54
-PT=00000000000004000000000000000000
-CT=81DD44BB5D1822DEE605F9E6FF01D7B3
-
-I=55
-PT=00000000000002000000000000000000
-CT=5C3649925E47D7FF96482A8FBD9666FD
-
-I=56
-PT=00000000000001000000000000000000
-CT=695415A836E66E737887845EC08A1ADB
-
-I=57
-PT=00000000000000800000000000000000
-CT=F5416BCE292D9E2CEA5D1CC70BBAEED1
-
-I=58
-PT=00000000000000400000000000000000
-CT=7AEC4F1388FC29C47F7FED74ADDE8485
-
-I=59
-PT=00000000000000200000000000000000
-CT=82A9F1A6CE08BC4876E649D8A8EA7EB6
-
-I=60
-PT=00000000000000100000000000000000
-CT=B6296C88ADF1A792908B065EEB04BFC2
-
-I=61
-PT=00000000000000080000000000000000
-CT=E766A39AECCA40BDBFBE6FF3FA292913
-
-I=62
-PT=00000000000000040000000000000000
-CT=C6D081454EA00D83C23B5A62C84359E1
-
-I=63
-PT=00000000000000020000000000000000
-CT=85D259A79CCA80484504D1603F7A8F53
-
-I=64
-PT=00000000000000010000000000000000
-CT=D8291FA1C6DC250078824B2D0A20883F
-
-I=65
-PT=00000000000000008000000000000000
-CT=95387CB74C48FFBD1F8D64A6CC45E074
-
-I=66
-PT=00000000000000004000000000000000
-CT=A17F975F538F56CDF629B516011DE837
-
-I=67
-PT=00000000000000002000000000000000
-CT=B50B615A1654C6E1CB6AB33716C097FE
-
-I=68
-PT=00000000000000001000000000000000
-CT=7BBB2CBB874DF6C8B821DA7FB0F9011B
-
-I=69
-PT=00000000000000000800000000000000
-CT=E9EFE074D096A275E47CD2E6206DF6A1
-
-I=70
-PT=00000000000000000400000000000000
-CT=88F2F8D5A836406AE8BBB98C65BBDA55
-
-I=71
-PT=00000000000000000200000000000000
-CT=F64620D8D87585A3EF038B9AD58F5EA0
-
-I=72
-PT=00000000000000000100000000000000
-CT=694438EC141C8ED5F2F898B4554A298F
-
-I=73
-PT=00000000000000000080000000000000
-CT=3E6226EC7726A1EE5F5FA9B18CCE8C44
-
-I=74
-PT=00000000000000000040000000000000
-CT=8AB6949E79911647800B9E87362AB97A
-
-I=75
-PT=00000000000000000020000000000000
-CT=093C5CF24EDAF7F9F1C8A80DE4FF50A9
-
-I=76
-PT=00000000000000000010000000000000
-CT=28A36E50061F19E240351ED0E378CBF4
-
-I=77
-PT=00000000000000000008000000000000
-CT=B93BB36CB88BF26EA79198652AA51D3C
-
-I=78
-PT=00000000000000000004000000000000
-CT=DE4948083D044FAC9BCA6DA8CD67B8A6
-
-I=79
-PT=00000000000000000002000000000000
-CT=6E778B5BDA6CA118117E47470D080D3C
-
-I=80
-PT=00000000000000000001000000000000
-CT=0A9107324DA32B4281D032A3487EF875
-
-I=81
-PT=00000000000000000000800000000000
-CT=18ED5635312D71ABD123CCE779D4D68A
-
-I=82
-PT=00000000000000000000400000000000
-CT=2E3C63F95C4BC1F944BAB06DEDC9AA8E
-
-I=83
-PT=00000000000000000000200000000000
-CT=ACCC869EF07004C8C3C709083BE7BA2F
-
-I=84
-PT=00000000000000000000100000000000
-CT=DF60B34FB1A59147CC1FB049C1578206
-
-I=85
-PT=00000000000000000000080000000000
-CT=4228DC636C08E41021054AA0E1E2227A
-
-I=86
-PT=00000000000000000000040000000000
-CT=7CE27F66EFD735FFD6B3E1738C50495B
-
-I=87
-PT=00000000000000000000020000000000
-CT=F8E74B33A9CDE351DA0BBC06D69093D7
-
-I=88
-PT=00000000000000000000010000000000
-CT=AE0D22A5B37B8DC5D81CC641EED334D0
-
-I=89
-PT=00000000000000000000008000000000
-CT=C181C6CA5E163743458B9167A0B6A16A
-
-I=90
-PT=00000000000000000000004000000000
-CT=5171F4F6095E4B276CFBA1F07223FBE6
-
-I=91
-PT=00000000000000000000002000000000
-CT=2732F4D3A8C9D1D8D493840D6E0B864F
-
-I=92
-PT=00000000000000000000001000000000
-CT=3EF04E0059A061D973532CA5C1DFBE7B
-
-I=93
-PT=00000000000000000000000800000000
-CT=6D9A8F23579E4978EBAA87B5ADEB77E5
-
-I=94
-PT=00000000000000000000000400000000
-CT=BBD08873CC44BA4253C0C41FEEB7F124
-
-I=95
-PT=00000000000000000000000200000000
-CT=72E4B2437CBD283F3809CE686F6A591E
-
-I=96
-PT=00000000000000000000000100000000
-CT=6E5580514B92512B1BF4B1B987B9AA1B
-
-I=97
-PT=00000000000000000000000080000000
-CT=5EF5D0C5BCBDCB604D3A083B68CE0FA3
-
-I=98
-PT=00000000000000000000000040000000
-CT=9D991FDD723AD2182777A15CA0E0F665
-
-I=99
-PT=00000000000000000000000020000000
-CT=24440626EFC8F86BEA7DE78085AB8A22
-
-I=100
-PT=00000000000000000000000010000000
-CT=17C3630D62D13C1E826C0FCCBD74A864
-
-I=101
-PT=00000000000000000000000008000000
-CT=4CF5AB86A56AB134A7FE46CCE3F9FCE9
-
-I=102
-PT=00000000000000000000000004000000
-CT=3E6B9C0388F6D9B8F458F30221907607
-
-I=103
-PT=00000000000000000000000002000000
-CT=AD9C926B8A5CD98EEE88200617E59958
-
-I=104
-PT=00000000000000000000000001000000
-CT=AFF8AED5E075E02AF720CA4BF0028B3B
-
-I=105
-PT=00000000000000000000000000800000
-CT=D90EAFF909202BB209BB3BB8C7F9A954
-
-I=106
-PT=00000000000000000000000000400000
-CT=2C709B00E6A22F00F64A7D8EE341853F
-
-I=107
-PT=00000000000000000000000000200000
-CT=CCEC598F0D9F0BF201B2F487136D54A4
-
-I=108
-PT=00000000000000000000000000100000
-CT=73B2883A0A166AAE1BF14E60A5195FA3
-
-I=109
-PT=00000000000000000000000000080000
-CT=E676867BD9AD5EF915143388496779D7
-
-I=110
-PT=00000000000000000000000000040000
-CT=CDCB73D1BFCFD4BE7F1DAA9B1C6A4055
-
-I=111
-PT=00000000000000000000000000020000
-CT=02A3A5C89DAA24CD2C517F7A73286A89
-
-I=112
-PT=00000000000000000000000000010000
-CT=C0FA2AC9E92EE58C2DD12D6D43AB7035
-
-I=113
-PT=00000000000000000000000000008000
-CT=EDC2CB1F7291353BDBF2385519E6AE16
-
-I=114
-PT=00000000000000000000000000004000
-CT=B4B62D16D197A98CD3B978812B9D9884
-
-I=115
-PT=00000000000000000000000000002000
-CT=5CDFC95A529A905101CEA26BC1B891ED
-
-I=116
-PT=00000000000000000000000000001000
-CT=CC7150CD3650B98363296C7C4ED368D1
-
-I=117
-PT=00000000000000000000000000000800
-CT=CC57706B0C6526B8E25A5DBD32EACBDB
-
-I=118
-PT=00000000000000000000000000000400
-CT=30D30456AD98B182D64C649648F6AEC9
-
-I=119
-PT=00000000000000000000000000000200
-CT=D7E9DA7F631938EB649A08AF82FBD75F
-
-I=120
-PT=00000000000000000000000000000100
-CT=B8DA2AF6600B07895B5D0FFAF4991469
-
-I=121
-PT=00000000000000000000000000000080
-CT=0F6F64F930BA6C178943322B98114599
-
-I=122
-PT=00000000000000000000000000000040
-CT=8B1F247802E47C91BEE2AA34ECFD7A01
-
-I=123
-PT=00000000000000000000000000000020
-CT=7A6985778D3A66E97F23E01F0D0E45E7
-
-I=124
-PT=00000000000000000000000000000010
-CT=BA664AC39855518DFDEE10D1B3111FAE
-
-I=125
-PT=00000000000000000000000000000008
-CT=7C92854D801A1648F65CA81813DDBF83
-
-I=126
-PT=00000000000000000000000000000004
-CT=6A3F25AAB7E92D9CF378E5D9C040F26B
-
-I=127
-PT=00000000000000000000000000000002
-CT=3D4B2CDE666761BA5DFB305178E667FB
-
-I=128
-PT=00000000000000000000000000000001
-CT=9CDB269B5D293BC5DB9C55B057D9B591
-
-==========
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc b/haox-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc
deleted file mode 100644
index 5d6f8a5..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/camellia128-cts-cmac.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc b/haox-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc
deleted file mode 100644
index c9a6ecd..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/camellia256-cts-cmac.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/des-cbc-crc.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/des-cbc-crc.cc b/haox-kerb/kerb-util/src/test/resources/des-cbc-crc.cc
deleted file mode 100644
index b43fe30..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/des-cbc-crc.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc b/haox-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc
deleted file mode 100644
index ba2f6ea..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/des3-cbc-sha1.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/krbtgt.keytab
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/krbtgt.keytab b/haox-kerb/kerb-util/src/test/resources/krbtgt.keytab
deleted file mode 100644
index 08bd0c1..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/krbtgt.keytab and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/test.cc
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/test.cc b/haox-kerb/kerb-util/src/test/resources/test.cc
deleted file mode 100644
index 22a27e8..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/test.cc and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-util/src/test/resources/test.keytab
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-util/src/test/resources/test.keytab b/haox-kerb/kerb-util/src/test/resources/test.keytab
deleted file mode 100644
index 5a9c733..0000000
Binary files a/haox-kerb/kerb-util/src/test/resources/test.keytab and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/pom.xml b/haox-kerb/pom.xml
deleted file mode 100644
index 245b13d..0000000
--- a/haox-kerb/pom.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>haox-kerb</artifactId>
- <name>Haox-kerb Project</name>
- <version>1.0-SNAPSHOT</version>
- <packaging>pom</packaging>
-
- <modules>
- <module>kerb-core</module>
- <module>kerb-core-test</module>
- <module>kerb-common</module>
- <module>kerb-util</module>
- <module>kerb-crypto</module>
- <module>kerb-identity</module>
- <module>kerb-client</module>
- <module>kerb-server</module>
- <module>kerb-kdc-test</module>
- </modules>
-
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kdc-backend/README
----------------------------------------------------------------------
diff --git a/kdc-backend/README b/kdc-backend/README
new file mode 100644
index 0000000..583763c
--- /dev/null
+++ b/kdc-backend/README
@@ -0,0 +1,5 @@
+A KDC implementation that integrates PKI and OAuth Token with an LDAP backend.
+The KDC server can be standalone.
+The LDAP backend can be standalone or embedded.
+Various tools like kinit, kadmin will be provided or
+at least, existing tools can be supported.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kdc-backend/ldap-identity-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-identity-backend/pom.xml b/kdc-backend/ldap-identity-backend/pom.xml
new file mode 100644
index 0000000..7d6acc2
--- /dev/null
+++ b/kdc-backend/ldap-identity-backend/pom.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kdc-backend</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>ldap-identity-backend</artifactId>
+
+ <name>Ldap identity backend</name>
+ <description>Ldap identity backend</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-identity</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
new file mode 100644
index 0000000..37e6862
--- /dev/null
+++ b/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.identitybackend;
+
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
+
+import java.util.List;
+
+public class LdapIdentityBackend extends AbstractIdentityBackend {
+
+
+ public LdapIdentityBackend() {
+ super();
+ }
+
+ /**
+ * Load identities from file
+ */
+ public void load() {
+ // todo
+ }
+
+ /**
+ * Persist the updated identities back
+ */
+ public void save() {
+ // todo
+ }
+
+ @Override
+ public List<KrbIdentity> getIdentities() {
+ return null;
+ }
+
+ @Override
+ public boolean checkIdentity(String name) {
+ return false;
+ }
+
+ @Override
+ public KrbIdentity getIdentity(String name) {
+ return null;
+ }
+
+ @Override
+ public void addIdentity(KrbIdentity identity) {
+
+ }
+
+ @Override
+ public void updateIdentity(KrbIdentity identity) {
+
+ }
+
+ @Override
+ public void deleteIdentity(KrbIdentity identity) {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kdc-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/pom.xml b/kdc-backend/pom.xml
new file mode 100644
index 0000000..8f81d7b
--- /dev/null
+++ b/kdc-backend/pom.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kdc-backend</artifactId>
+ <name>Kdc Backend Project</name>
+ <version>1.0-SNAPSHOT</version>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>ldap-identity-backend</module>
+ </modules>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/README.md
----------------------------------------------------------------------
diff --git a/kerby-asn1/README.md b/kerby-asn1/README.md
new file mode 100644
index 0000000..eb35929
--- /dev/null
+++ b/kerby-asn1/README.md
@@ -0,0 +1,301 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+haox-asn1
+=========
+
+### A ASN1 parser with easy and simple API
+
+```
+// encoding
+Asn1Integer aValue = new Asn1Integer(8899);
+byte[] encoded = aValue.encode();
+
+// decoding
+byte[] contentToDecode = ...
+Asn1Integer decodedValue = new Asn1Integer();
+decodedValue.decode(contentToDecode);
+Integer value = decodedValue.getValue();
+```
+
+### Data-driven ASN1 encoding/decoding framework and parser
+
+With the following definition from Kerberos protocol
+```
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ ```
+
+You can model AuthzDataEntry as follows
+```java
+public class AuthzDataEntry extends Asn1SequenceType {
+ static int AD_TYPE = 0;
+ static int AD_DATA = 1;
+
+ public AuthzDataEntry() {
+ super(new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
+ });
+ }
+
+ public int getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return value;
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctetBytes(AD_DATA);
+ }
+}
+```
+
+And then define AuthorizationData simply
+```java
+public class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
+
+}
+```
+
+Then you can process with above definitions, encode and decode, without caring about the details.
+
+Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
+```
+A.1 ASN.1 description of the record structure
+The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
+ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
+
+PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
+ Name Name,
+ title [0] VisibleString,
+ number EmployeeNumber,
+ dateOfHire [1] Date,
+ nameOfSpouse [2] Name,
+ children [3] IMPLICIT
+ SEQUENCE OF ChildInformation DEFAULT {}
+}
+
+ChildInformation ::= SET {
+ name Name,
+ dateOfBirth [0] Date
+}
+
+Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
+ givenName VisibleString,
+ initial VisibleString,
+ familyName VisibleString
+}
+
+EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
+Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
+```
+Similarly as above, we can have (from the unit test codes):
+```java
+public class PersonnelRecord extends TaggingSet {
+ private static int NAME = 0;
+ private static int TITLE = 1;
+ private static int NUMBER = 2;
+ private static int DATEOFHIRE= 3;
+ private static int NAMEOFSPOUSE = 4;
+ private static int CHILDREN = 5;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME, -1, Name.class),
+ new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
+ new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
+ new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
+ new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
+ new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
+ };
+
+ public PersonnelRecord() {
+ super(0, fieldInfos, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+
+ public void setName(Name name) {
+ setFieldAs(NAME, name);
+ }
+
+ public Name getName() {
+ return getFieldAs(NAME, Name.class);
+ }
+
+ public void setTitle(String title) {
+ setFieldAs(TITLE, new Asn1VisibleString(title));
+ }
+
+ public String getTitle() {
+ return getFieldAsString(TITLE);
+ }
+
+ public void setEmployeeNumber(EmployeeNumber employeeNumber) {
+ setFieldAs(NUMBER, employeeNumber);
+ }
+
+ public EmployeeNumber getEmployeeNumber() {
+ return getFieldAs(NUMBER, EmployeeNumber.class);
+ }
+
+ public void setDateOfHire(Date dateOfHire) {
+ setFieldAs(DATEOFHIRE, dateOfHire);
+ }
+
+ public Date getDateOfHire() {
+ return getFieldAs(DATEOFHIRE, Date.class);
+ }
+
+ public void setNameOfSpouse(Name spouse) {
+ setFieldAs(NAMEOFSPOUSE, spouse);
+ }
+
+ public Name getNameOfSpouse() {
+ return getFieldAs(NAMEOFSPOUSE, Name.class);
+ }
+
+ public void setChildren(Children children) {
+ setFieldAs(CHILDREN, children);
+ }
+
+ public Children getChildren() {
+ return getFieldAs(CHILDREN, Children.class);
+ }
+
+ public static class Children extends Asn1SequenceOf<ChildInformation> {
+ public Children(ChildInformation ... children) {
+ super();
+ for (ChildInformation child : children) {
+ addElement(child);
+ }
+ }
+
+ public Children() {
+ super();
+ }
+ }
+
+ public static class ChildInformation extends Asn1SetType {
+ private static int NAME = 0;
+ private static int DATEOFBIRTH = 1;
+
+ static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME, -1, Name.class),
+ new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
+ };
+
+ public ChildInformation() {
+ super(tags);
+ }
+
+ public void setName(Name name) {
+ setFieldAs(NAME, name);
+ }
+
+ public Name getName() {
+ return getFieldAs(NAME, Name.class);
+ }
+
+ public void setDateOfBirth(Date date) {
+ setFieldAs(DATEOFBIRTH, date);
+ }
+
+ public Date getDateOfBirth() {
+ return getFieldAs(DATEOFBIRTH, Date.class);
+ }
+ }
+
+ public static class Name extends TaggingSequence {
+ private static int GIVENNAME = 0;
+ private static int INITIAL = 1;
+ private static int FAMILYNAME = 2;
+
+ static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
+ new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
+ new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
+ };
+
+ public Name() {
+ super(1, tags, true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+
+ public Name(String givenName, String initial, String familyName) {
+ this();
+ setGivenName(givenName);
+ setInitial(initial);
+ setFamilyName(familyName);
+ }
+
+ public void setGivenName(String givenName) {
+ setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
+ }
+
+ public String getGivenName() {
+ return getFieldAsString(GIVENNAME);
+ }
+
+ public void setInitial(String initial) {
+ setFieldAs(INITIAL, new Asn1VisibleString(initial));
+ }
+
+ public String getInitial() {
+ return getFieldAsString(INITIAL);
+ }
+
+ public void setFamilyName(String familyName) {
+ setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
+ }
+
+ public String getFamilyName() {
+ return getFieldAsString(FAMILYNAME);
+ }
+ }
+
+ public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
+ public EmployeeNumber(Integer value) {
+ super(2, new Asn1Integer(value), true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public EmployeeNumber() {
+ this(null);
+ }
+ }
+
+ public static class Date extends Asn1Tagging<Asn1VisibleString> {
+ public Date(String value) {
+ super(3, new Asn1VisibleString(value), true);
+ setEncodingOption(EncodingOption.IMPLICIT);
+ }
+ public Date() {
+ this(null);
+ }
+ }
+}
+```
+### Notes
+* 90% tests coverage for DER encoding
+* For BER & CER encoding, to be fully supported
+* No extra dependency
+
+### License
+Apache V2 License
+
+
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-asn1/pom.xml b/kerby-asn1/pom.xml
new file mode 100644
index 0000000..b667443
--- /dev/null
+++ b/kerby-asn1/pom.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>kerby-asn1</artifactId>
+ <name>Kerby ASN1 Project</name>
+ <description>Kerby ASN1 Project</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>${junit.version}</version>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Dump.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Dump.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Dump.java
new file mode 100644
index 0000000..cfd9c5d
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Dump.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1Item;
+import org.apache.kerby.asn1.type.Asn1Simple;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+import java.io.IOException;
+
+public class Asn1Dump {
+
+ public static void dump(byte[] content) throws IOException {
+ String dumped = dumpAsString(content);
+ System.out.println(dumped);
+ }
+
+ public static String dumpAsString(byte[] content) throws IOException {
+ StringBuilder sb = new StringBuilder();
+
+ Asn1InputBuffer buffer = new Asn1InputBuffer(content);
+ Asn1Type value;
+ while (true) {
+ value = buffer.read();
+ if (value == null) break;
+ dump(value, sb);
+ }
+
+ return sb.toString();
+ }
+
+ public static String dumpAsString(Asn1Type value) {
+ StringBuilder sb = new StringBuilder();
+ dump(value, sb);
+ return sb.toString();
+ }
+
+ private static void dump(Asn1Type value, StringBuilder buffer) {
+ if (value instanceof Asn1Simple) {
+ buffer.append(((Asn1Simple) value).getValue().toString());
+ } else if (value instanceof Asn1Item) {
+ dump((Asn1Item) value, buffer);
+ }
+ }
+
+ private static void dump(Asn1Item value, StringBuilder buffer) {
+ if (value.isFullyDecoded()) {
+ dump(value.getValue(), buffer);
+ } else {
+ buffer.append("Asn1Item");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Factory.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Factory.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Factory.java
new file mode 100644
index 0000000..2762476
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Factory.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.Asn1Collection;
+import org.apache.kerby.asn1.type.Asn1Simple;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+public class Asn1Factory {
+
+ public static Asn1Type create(int tagNo) {
+ UniversalTag tagNoEnum = UniversalTag.fromValue(tagNo);
+ if (tagNoEnum != UniversalTag.UNKNOWN) {
+ return create(tagNoEnum);
+ }
+ throw new IllegalArgumentException("Unexpected tag " + tagNo);
+ }
+
+ public static Asn1Type create(UniversalTag tagNo) {
+ if (Asn1Simple.isSimple(tagNo)) {
+ return Asn1Simple.createSimple(tagNo);
+ } else if (Asn1Collection.isCollection(tagNo)) {
+ return Asn1Collection.createCollection(tagNo);
+ }
+ throw new IllegalArgumentException("Unexpected tag " + tagNo);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1InputBuffer.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1InputBuffer.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1InputBuffer.java
new file mode 100644
index 0000000..934b0c1
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1InputBuffer.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.AbstractAsn1Type;
+import org.apache.kerby.asn1.type.Asn1Item;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+/**
+ * Asn1 decoder
+ */
+public class Asn1InputBuffer {
+ private final LimitedByteBuffer limitedBuffer;
+
+ public Asn1InputBuffer(byte[] bytes) {
+ this(new LimitedByteBuffer(bytes));
+ }
+
+ public Asn1InputBuffer(ByteBuffer byteBuffer) {
+ this(new LimitedByteBuffer(byteBuffer));
+ }
+
+ public Asn1InputBuffer(LimitedByteBuffer limitedByteBuffer) {
+ this.limitedBuffer = limitedByteBuffer;
+ }
+
+ public Asn1Type read() throws IOException {
+ if (! limitedBuffer.available()) {
+ return null;
+ }
+ Asn1Item one = AbstractAsn1Type.decodeOne(limitedBuffer);
+ if (one.isSimple()) {
+ one.decodeValueAsSimple();
+ } else if (one.isCollection()) {
+ one.decodeValueAsCollection();
+ }
+ if (one.isFullyDecoded()) {
+ return one.getValue();
+ }
+ return one;
+ }
+
+ public void readBytes(byte[] bytes) throws IOException {
+ limitedBuffer.readBytes(bytes);
+ }
+
+ public byte[] readAllLeftBytes() throws IOException {
+ return limitedBuffer.readAllLeftBytes();
+ }
+
+ public void skipNext() throws IOException {
+ if (limitedBuffer.available()) {
+ AbstractAsn1Type.skipOne(limitedBuffer);
+ }
+ }
+
+ public void skipBytes(int len) throws IOException {
+ if (limitedBuffer.available()) {
+ limitedBuffer.skip(len);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1OutputBuffer.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1OutputBuffer.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1OutputBuffer.java
new file mode 100644
index 0000000..42f8ead
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1OutputBuffer.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import org.apache.kerby.asn1.type.AbstractAsn1Type;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Asn1 encoder
+ */
+public class Asn1OutputBuffer {
+ private List<Asn1Type> objects;
+
+ public Asn1OutputBuffer() {
+ this.objects = new ArrayList<Asn1Type>(3);
+ }
+
+ public void write(Asn1Type value) {
+ objects.add(value);
+ }
+
+ public void write(Asn1Type value, EncodingOption option) {
+ value.setEncodingOption(option);
+ objects.add(value);
+ }
+
+ public ByteBuffer getOutput() {
+ int len = encodingLength();
+ ByteBuffer byteBuffer = ByteBuffer.allocate(len);
+ encode(byteBuffer);
+ return byteBuffer;
+ }
+
+ private int encodingLength() {
+ int allLen = 0;
+ for (Asn1Type item : objects) {
+ if (item != null) {
+ allLen += ((AbstractAsn1Type) item).encodingLength();
+ }
+ }
+ return allLen;
+ }
+
+ private void encode(ByteBuffer buffer) {
+ for (Asn1Type item : objects) {
+ if (item != null) {
+ item.encode(buffer);
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/EncodingOption.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/EncodingOption.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/EncodingOption.java
new file mode 100644
index 0000000..c15f5ce
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/EncodingOption.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+public enum EncodingOption
+{
+ UNKNOWN(-1),
+ PRIMITIVE(1),
+ CONSTRUCTED(2),
+ CONSTRUCTED_DEFLEN(3),
+ CONSTRUCTED_INDEFLEN(4),
+ IMPLICIT(5),
+ EXPLICIT(6),
+ BER(7),
+ DER(8),
+ CER(9);
+
+ private int value;
+
+ private EncodingOption(int value) {
+ this.value = value;
+ }
+
+ public static int CONSTRUCTED_FLAG = 0x20;
+
+ public static boolean isConstructed(int tag) {
+ return (tag & CONSTRUCTED_FLAG) != 0;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public boolean isPrimitive() {
+ return this == PRIMITIVE;
+ }
+
+ public boolean isConstructed() {
+ return this == CONSTRUCTED || this == CONSTRUCTED_DEFLEN || this == CONSTRUCTED_INDEFLEN;
+ }
+
+ public boolean isImplicit() {
+ return this == IMPLICIT;
+ }
+
+ public boolean isExplicit() {
+ return this == EXPLICIT;
+ }
+
+ public boolean isDer() {
+ return this == DER;
+ }
+
+ public boolean isCer() {
+ return this == CER;
+ }
+
+ public static EncodingOption fromValue(int value) {
+ for (EncodingOption e : values()) {
+ if (e.getValue() == value) {
+ return (EncodingOption) e;
+ }
+ }
+
+ return UNKNOWN;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/LimitedByteBuffer.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/LimitedByteBuffer.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/LimitedByteBuffer.java
new file mode 100644
index 0000000..ed5332b
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/LimitedByteBuffer.java
@@ -0,0 +1,121 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class LimitedByteBuffer {
+ private final ByteBuffer byteBuffer;
+ private final int limit;
+ private int startOffset;
+
+ public LimitedByteBuffer(byte[] bytes) {
+ this.byteBuffer = ByteBuffer.wrap(bytes);
+ this.limit = bytes.length;
+ this.startOffset = 0;
+ }
+
+ public LimitedByteBuffer(ByteBuffer byteBuffer) {
+ this(byteBuffer, byteBuffer.limit());
+ }
+
+ public LimitedByteBuffer(ByteBuffer byteBuffer, int limit) {
+ this.byteBuffer = byteBuffer;
+ this.limit = limit;
+ this.startOffset = byteBuffer.position();
+ }
+
+ public LimitedByteBuffer(LimitedByteBuffer other, int limit) {
+ if (limit > other.hasLeft()) {
+ throw new IllegalArgumentException("limit is too large, out of bound");
+ }
+ this.byteBuffer = other.byteBuffer.duplicate();
+ this.limit = limit;
+ this.startOffset = byteBuffer.position();
+ }
+
+ public boolean available() {
+ return byteBuffer.hasRemaining() &&
+ byteBuffer.position() - startOffset < limit;
+ }
+
+ public long hasRead() {
+ return byteBuffer.position() - startOffset;
+ }
+ public long hasLeft() {
+ return limit - hasRead();
+ }
+
+ public byte readByte() throws IOException {
+ if (!available()) {
+ throw new IOException("Buffer EOF");
+ }
+ return byteBuffer.get();
+ }
+
+ public byte[] readAllLeftBytes() throws IOException {
+ return readBytes((int) hasLeft());
+ }
+
+ public void skip(int len) throws IOException {
+ checkLen(len);
+ int newPos = byteBuffer.position() + len;
+ byteBuffer.position(newPos);
+ }
+
+ public byte[] readBytes(int len) throws IOException {
+ checkLen(len);
+
+ byte[] bytes = new byte[len];
+ if (len > 0) {
+ byteBuffer.get(bytes);
+ }
+ return bytes;
+ }
+
+ private void checkLen(int len) throws IOException {
+ if (len < 0) {
+ throw new IllegalArgumentException("Bad argument len: " + len);
+ }
+ if (len > 0) {
+ if (!available()) {
+ throw new IOException("Buffer EOF");
+ }
+ if (hasLeft() < len) {
+ throw new IOException("Out of Buffer");
+ }
+ }
+ }
+
+ public void readBytes(byte[] bytes) throws IOException {
+ if (bytes == null) {
+ throw new IllegalArgumentException("Bad argument bytes: null");
+ }
+ if (!available()) {
+ throw new IOException("Buffer EOF");
+ }
+ if (hasLeft() < bytes.length) {
+ throw new IOException("Out of Buffer");
+ }
+
+ byteBuffer.get(bytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/TagClass.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/TagClass.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/TagClass.java
new file mode 100644
index 0000000..430630f
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/TagClass.java
@@ -0,0 +1,74 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+public enum TagClass {
+ UNKNOWN(-1),
+ UNIVERSAL(0x00),
+ APPLICATION(0x40),
+ CONTEXT_SPECIFIC(0x80),
+ PRIVATE(0xC0);
+
+ private int value;
+
+ private TagClass(int value) {
+ this.value = value;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public boolean isUniversal() {
+ return this == UNIVERSAL;
+ }
+
+ public boolean isAppSpecific() {
+ return this == APPLICATION;
+ }
+
+ public boolean isContextSpecific() {
+ return this == CONTEXT_SPECIFIC;
+ }
+
+ public boolean isTagged() {
+ return this == APPLICATION || this == CONTEXT_SPECIFIC;
+ }
+
+ public static TagClass fromValue(int value) {
+ // Optimized by Emmanuel
+ switch (value) {
+ case 0x00:
+ return TagClass.UNIVERSAL;
+ case 0x40:
+ return TagClass.APPLICATION;
+ case 0x80:
+ return TagClass.CONTEXT_SPECIFIC;
+ case 0xC0:
+ return TagClass.PRIVATE;
+ default:
+ return TagClass.UNKNOWN;
+ }
+ }
+
+ public static TagClass fromTagFlags(int tag) {
+ return fromValue(tag & 0xC0);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/TaggingOption.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/TaggingOption.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/TaggingOption.java
new file mode 100644
index 0000000..534977b
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/TaggingOption.java
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+public class TaggingOption
+{
+ private int tagNo;
+ private boolean isImplicit;
+ private boolean isAppSpecific;
+
+ public static TaggingOption newImplicitAppSpecific(int tagNo) {
+ return new TaggingOption(tagNo, true, true);
+ }
+
+ public static TaggingOption newExplicitAppSpecific(int tagNo) {
+ return new TaggingOption(tagNo, false, true);
+ }
+
+ public static TaggingOption newImplicitContextSpecific(int tagNo) {
+ return new TaggingOption(tagNo, true, false);
+ }
+
+ public static TaggingOption newExplicitContextSpecific(int tagNo) {
+ return new TaggingOption(tagNo, false, false);
+ }
+
+ private TaggingOption(int tagNo, boolean isImplicit, boolean isAppSpecific) {
+ this.tagNo = tagNo;
+ this.isImplicit = isImplicit;
+ this.isAppSpecific = isAppSpecific;
+ }
+
+ public int tagFlags(boolean isTaggedConstructed) {
+ boolean isConstructed = isImplicit ? isTaggedConstructed : true;
+ TagClass tagClass = isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC;
+ int flags = tagClass.getValue() | (isConstructed ? EncodingOption.CONSTRUCTED_FLAG : 0x00);
+ return flags;
+ }
+
+ public int getTagNo() {
+ return tagNo;
+ }
+
+ public boolean isAppSpecific() {
+ return isAppSpecific;
+ }
+
+ public boolean isImplicit() {
+ return isImplicit;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/UniversalTag.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/UniversalTag.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/UniversalTag.java
new file mode 100644
index 0000000..0eb5c78
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/UniversalTag.java
@@ -0,0 +1,106 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1;
+
+// Optimized by Emmanuel
+public enum UniversalTag {
+ UNKNOWN (-1),
+ CHOICE (-2), // Only for internal using
+ BOOLEAN (0x01),
+ INTEGER (0x02),
+ BIT_STRING (0x03),
+ OCTET_STRING (0x04),
+ NULL (0x05),
+ OBJECT_IDENTIFIER (0x06),
+ OBJECT_DESCRIPTOR (0x07), // Added for completness
+ EXTERNAL (0x08),
+ REAL (0x09),
+ ENUMERATED (0x0a),
+ EMBEDDED_PDV (0x0b), // Added for completness
+ UTF8_STRING (0x0c),
+ RELATIVE_OID (0x0d), // Added for completness
+ RESERVED_14 (0x0e), // Added for completness
+ RESERVED_15 (0x0f), // Added for completness
+ SEQUENCE (0x10),
+ SEQUENCE_OF (0x10),
+ SET (0x11),
+ SET_OF (0x11),
+ NUMERIC_STRING (0x12),
+ PRINTABLE_STRING (0x13),
+ T61_STRING (0x14),
+ VIDEOTEX_STRING (0x15),
+ IA5_STRING (0x16),
+ UTC_TIME (0x17),
+ GENERALIZED_TIME (0x18),
+ GRAPHIC_STRING (0x19),
+ VISIBLE_STRING (0x1a),
+ GENERAL_STRING (0x1b),
+ UNIVERSAL_STRING (0x1c),
+ CHARACTER_STRING (0x1d), // Added for completness
+ BMP_STRING (0x1e),
+ RESERVED_31 (0x1f); // Added for completness
+
+ private int value;
+
+ private UniversalTag(int value) {
+ this.value = value;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public static UniversalTag fromValue(int value) {
+ switch (value) {
+ case 0x01 : return BOOLEAN;
+ case 0x02 : return INTEGER;
+ case 0x03 : return BIT_STRING;
+ case 0x04 : return OCTET_STRING;
+ case 0x05 : return NULL;
+ case 0x06 : return OBJECT_IDENTIFIER;
+ case 0x07 : return OBJECT_DESCRIPTOR;
+ case 0x08 : return EXTERNAL;
+ case 0x09 : return REAL;
+ case 0x0A : return ENUMERATED;
+ case 0x0B : return EMBEDDED_PDV;
+ case 0x0C : return UTF8_STRING;
+ case 0x0D : return RELATIVE_OID;
+ case 0x0E : return RESERVED_14;
+ case 0x0F : return RESERVED_15;
+ case 0x10 : return SEQUENCE;
+ case 0x11 : return SET;
+ case 0x12 : return NUMERIC_STRING;
+ case 0x13 : return PRINTABLE_STRING;
+ case 0x14 : return T61_STRING;
+ case 0x15 : return VIDEOTEX_STRING;
+ case 0x16 : return IA5_STRING;
+ case 0x17 : return UTC_TIME;
+ case 0x18 : return GENERALIZED_TIME;
+ case 0x19 : return GRAPHIC_STRING;
+ case 0x1A : return VISIBLE_STRING;
+ case 0x1B : return GENERAL_STRING;
+ case 0x1C : return UNIVERSAL_STRING;
+ case 0x1D : return CHARACTER_STRING;
+ case 0x1E : return BMP_STRING;
+ case 0x1F : return RESERVED_31;
+ default : return UNKNOWN;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/AbstractAsn1Type.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/AbstractAsn1Type.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/AbstractAsn1Type.java
new file mode 100644
index 0000000..3aefed7
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/AbstractAsn1Type.java
@@ -0,0 +1,420 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.EncodingOption;
+import org.apache.kerby.asn1.LimitedByteBuffer;
+import org.apache.kerby.asn1.TagClass;
+import org.apache.kerby.asn1.TaggingOption;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public abstract class AbstractAsn1Type<T> implements Asn1Type {
+ private TagClass tagClass = TagClass.UNKNOWN;
+ private int tagNo = -1;
+ private int tagFlags = -1;
+ protected EncodingOption encodingOption = EncodingOption.UNKNOWN;
+ private int encodingLen = -1;
+ private T value;
+
+ public AbstractAsn1Type(TagClass tagClass, int tagNo) {
+ this(tagClass, tagNo, null);
+ }
+
+ public AbstractAsn1Type(int tagFlags, int tagNo) {
+ this(tagFlags, tagNo, null);
+ }
+
+ public AbstractAsn1Type(int tagFlags, int tagNo, T value) {
+ this(TagClass.fromTagFlags(tagFlags), tagNo, value);
+ setTagFlags(tagFlags);
+ }
+
+ public AbstractAsn1Type(TagClass tagClass, int tagNo, T value) {
+ this.tagClass = tagClass;
+ this.tagNo = tagNo;
+ this.value = value;
+ }
+
+ public void setEncodingOption(EncodingOption encodingOption) {
+ this.encodingOption = encodingOption;
+ }
+
+ public T getValue() {
+ return value;
+ }
+
+ public void setValue(T value) {
+ this.value = value;
+ }
+
+ protected TagClass tagClass() {
+ return tagClass;
+ }
+
+ @Override
+ public int tagNo() {
+ return tagNo;
+ }
+
+ protected void setTagFlags(int tagFlags) {
+ this.tagFlags = tagFlags & 0xe0;
+ }
+
+ protected void setTagNo(int tagNo) {
+ this.tagNo = tagNo;
+ }
+
+ @Override
+ public byte[] encode() {
+ ByteBuffer byteBuffer = ByteBuffer.allocate(encodingLength());
+ encode(byteBuffer);
+ byteBuffer.flip();
+ return byteBuffer.array();
+ }
+
+ @Override
+ public void encode(ByteBuffer buffer) {
+ encodeTag(buffer, tagFlags(), tagNo());
+ encodeLength(buffer, encodingBodyLength());
+ encodeBody(buffer);
+ }
+
+ protected void encodeBody(ByteBuffer buffer) { }
+
+ @Override
+ public void decode(byte[] content) throws IOException {
+ decode(new LimitedByteBuffer(content));
+ }
+
+ @Override
+ public void decode(ByteBuffer content) throws IOException {
+ decode(new LimitedByteBuffer(content));
+ }
+
+ @Override
+ public int tagFlags() {
+ if (tagFlags == -1) {
+ int flags = tagClass.getValue();
+ if (isConstructed()) flags |= EncodingOption.CONSTRUCTED_FLAG;
+ return flags;
+ }
+ return tagFlags;
+ }
+
+ @Override
+ public int encodingLength() {
+ if (encodingLen == -1) {
+ int bodyLen = encodingBodyLength();
+ encodingLen = lengthOfTagLength(tagNo()) + lengthOfBodyLength(bodyLen) + bodyLen;
+ }
+ return encodingLen;
+ }
+
+ public boolean isConstructed() {
+ if (tagFlags != -1) {
+ return (tagFlags & EncodingOption.CONSTRUCTED_FLAG) != 0;
+ } else {
+ return false;
+ }
+ }
+
+ public boolean isUniversal() {
+ return tagClass.isUniversal();
+ }
+
+ public boolean isAppSpecific() {
+ return tagClass.isAppSpecific();
+ }
+
+ public boolean isContextSpecific() {
+ return tagClass.isContextSpecific();
+ }
+
+ public boolean isTagged() {
+ return tagClass.isTagged();
+ }
+
+ public boolean isSimple() {
+ return isUniversal() && Asn1Simple.isSimple(tagNo);
+ }
+
+ public boolean isCollection() {
+ return isUniversal() && Asn1Collection.isCollection(tagNo);
+ }
+
+ protected abstract int encodingBodyLength();
+
+ protected void decode(LimitedByteBuffer content) throws IOException {
+ int tag = readTag(content);
+ int tagNo = readTagNo(content, tag);
+ int length = readLength(content);
+
+ decode(tag, tagNo, new LimitedByteBuffer(content, length));
+ }
+
+ public void decode(int tagFlags, int tagNo, LimitedByteBuffer content) throws IOException {
+ if (this.tagClass != TagClass.UNKNOWN && this.tagClass != TagClass.fromTagFlags(tagFlags)) {
+ throw new IOException("Unexpected tagFlags " + tagFlags + ", expecting " + this.tagClass);
+ }
+ if (this.tagNo != -1 && this.tagNo != tagNo) {
+ throw new IOException("Unexpected tagNo " + tagNo + ", expecting " + this.tagNo);
+ }
+
+ this.tagClass = TagClass.fromTagFlags(tagFlags);
+ this.tagFlags = tagFlags;
+ this.tagNo = tagNo;
+
+ decodeBody(content);
+ }
+
+ protected abstract void decodeBody(LimitedByteBuffer content) throws IOException;
+
+ protected int taggedEncodingLength(TaggingOption taggingOption) {
+ int taggingTagNo = taggingOption.getTagNo();
+ int taggingBodyLen = taggingOption.isImplicit() ? encodingBodyLength() : encodingLength();
+ int taggingEncodingLen = lengthOfTagLength(taggingTagNo) + lengthOfBodyLength(taggingBodyLen) + taggingBodyLen;
+ return taggingEncodingLen;
+ }
+
+ public byte[] taggedEncode(TaggingOption taggingOption) {
+ ByteBuffer byteBuffer = ByteBuffer.allocate(taggedEncodingLength(taggingOption));
+ taggedEncode(byteBuffer, taggingOption);
+ byteBuffer.flip();
+ return byteBuffer.array();
+ }
+
+ @Override
+ public void taggedEncode(ByteBuffer buffer, TaggingOption taggingOption) {
+ int taggingTagFlags = taggingOption.tagFlags(isConstructed());
+ encodeTag(buffer, taggingTagFlags, taggingOption.getTagNo());
+ int taggingBodyLen = taggingOption.isImplicit() ? encodingBodyLength() : encodingLength();
+ encodeLength(buffer, taggingBodyLen);
+ if (taggingOption.isImplicit()) {
+ encodeBody(buffer);
+ } else {
+ encode(buffer);
+ }
+ }
+
+ public void taggedDecode(byte[] content, TaggingOption taggingOption) throws IOException {
+ taggedDecode(ByteBuffer.wrap(content), taggingOption);
+ }
+
+ @Override
+ public void taggedDecode(ByteBuffer content, TaggingOption taggingOption) throws IOException {
+ LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(content);
+ taggedDecode(limitedBuffer, taggingOption);
+ }
+
+ protected void taggedDecode(LimitedByteBuffer content, TaggingOption taggingOption) throws IOException {
+ int taggingTag = readTag(content);
+ int taggingTagNo = readTagNo(content, taggingTag);
+ int taggingLength = readLength(content);
+ LimitedByteBuffer newContent = new LimitedByteBuffer(content, taggingLength);
+
+ int tagFlags = taggingTag & 0xe0;
+ taggedDecode(tagFlags, taggingTagNo, newContent, taggingOption);
+ }
+
+ protected void taggedDecode(int taggingTagFlags, int taggingTagNo, LimitedByteBuffer content, TaggingOption taggingOption) throws IOException {
+ int expectedTaggingTagFlags = taggingOption.tagFlags(isConstructed());
+ if (expectedTaggingTagFlags != taggingTagFlags) {
+ throw new IOException("Unexpected tag flags" + taggingTagFlags + ", expecting " + expectedTaggingTagFlags);
+ }
+ if (taggingOption.getTagNo() != taggingTagNo) {
+ throw new IOException("Unexpected tagNo " + taggingTagNo + ", expecting " + taggingOption.getTagNo());
+ }
+
+ if (taggingOption.isImplicit()) {
+ decodeBody(content);
+ } else {
+ decode(content);
+ }
+ }
+
+ public static Asn1Item decodeOne(LimitedByteBuffer content) throws IOException {
+ int tag = readTag(content);
+ int tagNo = readTagNo(content, tag);
+ boolean isConstructed = EncodingOption.isConstructed(tag);
+ int length = readLength(content);
+ if (length < 0) {
+ throw new IOException("Unexpected length");
+ }
+ LimitedByteBuffer valueContent = new LimitedByteBuffer(content, length);
+ content.skip(length);
+
+ Asn1Item result = new Asn1Item(tag, tagNo, valueContent);
+ if (result.isSimple()) {
+ result.decodeValueAsSimple();
+ }
+ return result;
+ }
+
+ public static void skipOne(LimitedByteBuffer content) throws IOException {
+ int tag = readTag(content);
+ int tagNo = readTagNo(content, tag);
+ int length = readLength(content);
+ if (length < 0) {
+ throw new IOException("Unexpected length");
+ }
+ content.skip(length);
+ }
+
+ public static int lengthOfBodyLength(int bodyLength) {
+ int length = 1;
+
+ if (bodyLength > 127) {
+ int payload = bodyLength;
+ while (payload != 0) {
+ payload >>= 8;
+ length++;
+ }
+ }
+
+ return length;
+ }
+
+ public static int lengthOfTagLength(int tagNo) {
+ int length = 1;
+
+ if (tagNo >= 31) {
+ if (tagNo < 128) {
+ length++;
+ } else {
+ length++;
+
+ do {
+ tagNo >>= 7;
+ length++;
+ } while (tagNo > 127);
+ }
+ }
+
+ return length;
+ }
+
+ public static void encodeTag(ByteBuffer buffer, int flags, int tagNo) {
+ if (tagNo < 31) {
+ buffer.put((byte) (flags | tagNo));
+ } else {
+ buffer.put((byte) (flags | 0x1f));
+ if (tagNo < 128) {
+ buffer.put((byte) tagNo);
+ } else {
+ byte[] tmpBytes = new byte[5]; // 5 * 7 > 32
+ int iPut = tmpBytes.length;
+
+ tmpBytes[--iPut] = (byte)(tagNo & 0x7f);
+ do {
+ tagNo >>= 7;
+ tmpBytes[--iPut] = (byte)(tagNo & 0x7f | 0x80);
+ } while (tagNo > 127);
+
+ buffer.put(tmpBytes, iPut, tmpBytes.length - iPut);
+ }
+ }
+ }
+
+ public static void encodeLength(ByteBuffer buffer, int bodyLength) {
+ if (bodyLength < 128) {
+ buffer.put((byte) bodyLength);
+ } else {
+ int length = 0;
+ int payload = bodyLength;
+
+ while (payload != 0) {
+ payload >>= 8;
+ length++;
+ }
+
+ buffer.put((byte) (length | 0x80));
+
+ payload = bodyLength;
+ for (int i = length - 1; i >= 0; i--) {
+ buffer.put((byte) (payload >> (i * 8)));
+ }
+ }
+ }
+
+ public static int readTag(LimitedByteBuffer buffer) throws IOException {
+ int tag = buffer.readByte() & 0xff;
+ if (tag == 0) {
+ throw new IOException("Bad tag 0 found");
+ }
+ return tag;
+ }
+
+ public static int readTagNo(LimitedByteBuffer buffer, int tag) throws IOException {
+ int tagNo = tag & 0x1f;
+
+ if (tagNo == 0x1f) {
+ tagNo = 0;
+
+ int b = buffer.readByte() & 0xff;
+ if ((b & 0x7f) == 0) {
+ throw new IOException("Invalid high tag number found");
+ }
+
+ while ((b >= 0) && ((b & 0x80) != 0)) {
+ tagNo |= (b & 0x7f);
+ tagNo <<= 7;
+ b = buffer.readByte();
+ }
+
+ tagNo |= (b & 0x7f);
+ }
+
+ return tagNo;
+ }
+
+ public static int readLength(LimitedByteBuffer buffer) throws IOException {
+ int bodyLength = buffer.readByte() & 0xff;
+ if (bodyLength < 0) {
+ throw new EOFException("Unexpected EOF");
+ }
+
+ if (bodyLength > 127) {
+ int length = bodyLength & 0x7f;
+ if (length > 4) {
+ throw new IOException("Bad bodyLength of more than 4 bytes: " + length);
+ }
+
+ bodyLength = 0;
+ int tmp;
+ for (int i = 0; i < length; i++) {
+ tmp = buffer.readByte() & 0xff;
+ bodyLength = (bodyLength << 8) + tmp;
+ }
+
+ if (bodyLength < 0) {
+ throw new IOException("Invalid bodyLength " + bodyLength);
+ }
+ if (bodyLength > buffer.hasLeft()) {
+ throw new IOException("Corrupt stream - less data "
+ + buffer.hasLeft() + " than expected " + bodyLength);
+ }
+ }
+
+ return bodyLength;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Any.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Any.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Any.java
new file mode 100644
index 0000000..1474851
--- /dev/null
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Any.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.asn1.type;
+
+import org.apache.kerby.asn1.LimitedByteBuffer;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class Asn1Any extends AbstractAsn1Type<Asn1Type> {
+
+ public Asn1Any(Asn1Type anyValue) {
+ super(anyValue.tagFlags(), anyValue.tagNo(), anyValue);
+ }
+
+ @Override
+ protected int encodingBodyLength() {
+ return ((AbstractAsn1Type) getValue()).encodingBodyLength();
+ }
+
+ @Override
+ protected void encodeBody(ByteBuffer buffer) {
+ ((AbstractAsn1Type) getValue()).encodeBody(buffer);
+ }
+
+ @Override
+ protected void decodeBody(LimitedByteBuffer content) throws IOException {
+ ((AbstractAsn1Type) getValue()).decodeBody(content);
+ }
+}
[03/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/MessageHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/MessageHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/MessageHandler.java
new file mode 100644
index 0000000..d6ad01e
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/MessageHandler.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+
+public abstract class MessageHandler extends AbstractEventHandler {
+
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ handleMessage((MessageEvent) event);
+ }
+
+ protected abstract void handleMessage(MessageEvent event) throws Exception;
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] { TransportEventType.INBOUND_MESSAGE };
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/Network.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/Network.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Network.java
new file mode 100644
index 0000000..4cf346e
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Network.java
@@ -0,0 +1,297 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.event.LongRunningEventHandler;
+import org.apache.kerby.transport.event.AddressEvent;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.tcp.*;
+import org.apache.kerby.transport.udp.UdpAddressEvent;
+import org.apache.kerby.transport.udp.UdpEventType;
+import org.apache.kerby.transport.udp.UdpTransport;
+import org.apache.kerby.transport.udp.UdpTransportHandler;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.nio.channels.*;
+import java.util.Iterator;
+import java.util.Set;
+
+/**
+ * A combined and mixed network facility handling UDP and TCP in both connect and accept sides
+ */
+public class Network extends LongRunningEventHandler {
+
+ private Selector selector;
+ private StreamingDecoder streamingDecoder;
+ private UdpTransportHandler udpTransportHandler;
+ private TcpTransportHandler tcpTransportHandler;
+
+ class MyEventHandler extends AbstractEventHandler {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ if (event.getEventType() == UdpEventType.ADDRESS_CONNECT) {
+ doUdpConnect((AddressEvent) event);
+ } else if (event.getEventType() == UdpEventType.ADDRESS_BIND) {
+ doUdpBind((AddressEvent) event);
+ } else if (event.getEventType() == TcpEventType.ADDRESS_CONNECT) {
+ doTcpConnect((AddressEvent) event);
+ } else if (event.getEventType() == TcpEventType.ADDRESS_BIND) {
+ doTcpBind((AddressEvent) event);
+ }
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[]{
+ UdpEventType.ADDRESS_CONNECT,
+ UdpEventType.ADDRESS_BIND,
+ TcpEventType.ADDRESS_CONNECT,
+ TcpEventType.ADDRESS_BIND
+ };
+ }
+ }
+
+ public Network() {
+ setEventHandler(new MyEventHandler());
+ }
+
+ @Override
+ public void init() {
+ super.init();
+
+ try {
+ selector = Selector.open();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * TCP transport only, for decoding tcp streaming into messages
+ * @param streamingDecoder
+ */
+ public void setStreamingDecoder(StreamingDecoder streamingDecoder) {
+ this.streamingDecoder = streamingDecoder;
+ }
+
+ /**
+ * TCP only. Connect on the given server address. Can be called multiple times
+ * for multiple servers
+ * @param serverAddress
+ * @param serverPort
+ */
+ public void tcpConnect(String serverAddress, short serverPort) {
+ InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
+ checkTcpTransportHandler();
+ doTcpConnect(sa);
+ }
+
+ /**
+ * UDP only. Connect on the given server address. Can be called multiple times
+ * for multiple servers
+ * @param serverAddress
+ * @param serverPort
+ */
+ public void udpConnect(String serverAddress, short serverPort) {
+ InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
+ checkUdpTransportHandler();
+ doUdpConnect(sa);
+ }
+
+ /**
+ * TCP only. Listen and accept connections on the address. Can be called multiple
+ * times for multiple server addresses.
+ * @param serverAddress
+ * @param serverPort
+ */
+ public void tcpListen(String serverAddress, short serverPort) {
+ InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
+ checkTcpTransportHandler();
+ doTcpListen(sa);
+ }
+
+ /**
+ * UDP only. Listen and accept connections on the address. Can be called multiple
+ * times for multiple server addresses.
+ * @param serverAddress
+ * @param serverPort
+ */
+ public void udpListen(String serverAddress, short serverPort) {
+ InetSocketAddress sa = new InetSocketAddress(serverAddress, serverPort);
+ checkUdpTransportHandler();
+ doUdpListen(sa);
+ }
+
+ @Override
+ protected void loopOnce() {
+ try {
+ selectOnce();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ protected void selectOnce() throws IOException {
+ if (selector.isOpen() && selector.select(2) > 0 && selector.isOpen()) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ dealKey(selectionKey);
+ iterator.remove();
+ }
+ selectionKeys.clear();
+ }
+ }
+
+ private void checkTcpTransportHandler() {
+ if (tcpTransportHandler == null) {
+ if (streamingDecoder == null) {
+ throw new IllegalArgumentException("No streaming decoder set yet");
+ }
+ tcpTransportHandler = new TcpTransportHandler(streamingDecoder);
+ getDispatcher().register(tcpTransportHandler);
+ }
+ }
+
+ private void checkUdpTransportHandler() {
+ if (udpTransportHandler == null) {
+ udpTransportHandler = new UdpTransportHandler();
+ getDispatcher().register(udpTransportHandler);
+ }
+ }
+
+ private void dealKey(SelectionKey selectionKey) throws IOException {
+ if (selectionKey.isConnectable()) {
+ doTcpConnect(selectionKey);
+ } else if (selectionKey.isAcceptable()) {
+ doTcpAccept(selectionKey);
+ } else {
+ helpHandleSelectionKey(selectionKey);
+ }
+ }
+
+ private void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
+ SelectableChannel channel = selectionKey.channel();
+ if (channel instanceof DatagramChannel) {
+ udpTransportHandler.helpHandleSelectionKey(selectionKey);
+ } else {
+ tcpTransportHandler.helpHandleSelectionKey(selectionKey);
+ }
+ }
+
+ private void doUdpConnect(InetSocketAddress sa) {
+ AddressEvent event = UdpAddressEvent.createAddressConnectEvent(sa);
+ dispatch(event);
+ }
+
+ private void doUdpConnect(AddressEvent event) throws IOException {
+ InetSocketAddress address = event.getAddress();
+ DatagramChannel channel = DatagramChannel.open();
+ channel.configureBlocking(false);
+ channel.connect(address);
+
+ channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE);
+
+ UdpTransport transport = new UdpTransport(channel, address);
+ onNewTransport(transport);
+ }
+
+ protected void doUdpListen(InetSocketAddress socketAddress) {
+ AddressEvent event = UdpAddressEvent.createAddressBindEvent(socketAddress);
+ dispatch(event);
+ }
+
+ private void doUdpBind(AddressEvent event) throws IOException {
+ DatagramChannel serverChannel = DatagramChannel.open();
+ serverChannel.configureBlocking(false);
+ serverChannel.bind(event.getAddress());
+ serverChannel.register(selector, SelectionKey.OP_READ);
+ }
+
+ protected void doTcpConnect(InetSocketAddress sa) {
+ AddressEvent event = TcpAddressEvent.createAddressConnectEvent(sa);
+ dispatch(event);
+ }
+
+ private void doTcpConnect(AddressEvent event) throws IOException {
+ SocketChannel channel = SocketChannel.open();
+ channel.configureBlocking(false);
+ channel.connect(event.getAddress());
+ channel.register(selector,
+ SelectionKey.OP_CONNECT | SelectionKey.OP_READ | SelectionKey.OP_WRITE);
+ }
+
+ private void doTcpConnect(SelectionKey key) throws IOException {
+ SocketChannel channel = (SocketChannel) key.channel();
+ if (channel.isConnectionPending()) {
+ channel.finishConnect();
+ }
+
+ Transport transport = new TcpTransport(channel, tcpTransportHandler.getStreamingDecoder());
+ channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
+ onNewTransport(transport);
+ }
+
+ protected void doTcpListen(InetSocketAddress socketAddress) {
+ AddressEvent event = TcpAddressEvent.createAddressBindEvent(socketAddress);
+ dispatch(event);
+ }
+
+ protected void doTcpAccept(SelectionKey key) throws IOException {
+ ServerSocketChannel server = (ServerSocketChannel) key.channel();
+ SocketChannel channel;
+
+ try {
+ while ((channel = server.accept()) != null) {
+ channel.configureBlocking(false);
+ channel.socket().setTcpNoDelay(true);
+ channel.socket().setKeepAlive(true);
+
+ Transport transport = new TcpTransport(channel,
+ tcpTransportHandler.getStreamingDecoder());
+
+ channel.register(selector,
+ SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
+ onNewTransport(transport);
+ }
+ } catch (ClosedByInterruptException e) {
+ // No op as normal
+ }
+ }
+
+ protected void doTcpBind(AddressEvent event) throws IOException {
+ ServerSocketChannel serverSocketChannel = ServerSocketChannel.open();
+ serverSocketChannel.configureBlocking(false);
+ ServerSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(event.getAddress());
+ serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT, serverSocketChannel);
+ }
+
+ private void onNewTransport(Transport transport) {
+ transport.setDispatcher(getDispatcher());
+ dispatch(TransportEvent.createNewTransportEvent(transport));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/Transport.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/Transport.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Transport.java
new file mode 100644
index 0000000..152e30a
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/Transport.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import org.apache.kerby.event.Dispatcher;
+import org.apache.kerby.transport.buffer.TransBuffer;
+import org.apache.kerby.transport.event.TransportEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+
+public abstract class Transport {
+ private InetSocketAddress remoteAddress;
+ protected Dispatcher dispatcher;
+ private Object attachment;
+
+ protected TransBuffer sendBuffer;
+
+ private int readableCount = 0;
+ private int writableCount = 0;
+
+ public Transport(InetSocketAddress remoteAddress) {
+ this.remoteAddress = remoteAddress;
+ this.sendBuffer = new TransBuffer();
+ }
+
+ public void setDispatcher(Dispatcher dispatcher) {
+ this.dispatcher = dispatcher;
+ }
+
+ public InetSocketAddress getRemoteAddress() {
+ return remoteAddress;
+ }
+
+ public void sendMessage(ByteBuffer message) {
+ if (message != null) {
+ sendBuffer.write(message);
+ dispatcher.dispatch(TransportEvent.createWritableTransportEvent(this));
+ }
+ }
+
+ public void onWriteable() throws IOException {
+ this.writableCount ++;
+
+ if (! sendBuffer.isEmpty()) {
+ ByteBuffer message = sendBuffer.read();
+ if (message != null) {
+ sendOutMessage(message);
+ }
+ }
+ }
+
+ public void onReadable() throws IOException {
+ this.readableCount++;
+ }
+
+ protected abstract void sendOutMessage(ByteBuffer message) throws IOException;
+
+ public void setAttachment(Object attachment) {
+ this.attachment = attachment;
+ }
+
+ public Object getAttachment() {
+ return attachment;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportHandler.java
new file mode 100644
index 0000000..e745e38
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportHandler.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import org.apache.kerby.event.AbstractEventHandler;
+
+import java.io.IOException;
+import java.nio.channels.SelectionKey;
+
+/**
+ * Handling readable and writable events
+ */
+public abstract class TransportHandler extends AbstractEventHandler {
+
+ public abstract void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportSelector.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportSelector.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportSelector.java
new file mode 100644
index 0000000..a4016a0
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/TransportSelector.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport;
+
+import org.apache.kerby.event.Dispatcher;
+import org.apache.kerby.event.LongRunningEventHandler;
+import org.apache.kerby.transport.event.TransportEvent;
+
+import java.io.IOException;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.Selector;
+import java.util.Iterator;
+import java.util.Set;
+
+public abstract class TransportSelector extends LongRunningEventHandler {
+
+ protected Selector selector;
+ protected TransportHandler transportHandler;
+
+ public TransportSelector(TransportHandler transportHandler) {
+ super();
+ this.transportHandler = transportHandler;
+ }
+
+ @Override
+ public void setDispatcher(Dispatcher dispatcher) {
+ super.setDispatcher(dispatcher);
+ dispatcher.register(transportHandler);
+ }
+
+ @Override
+ public void init() {
+ super.init();
+
+ try {
+ selector = Selector.open();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ protected void loopOnce() {
+ try {
+ selectOnce();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ protected void selectOnce() throws IOException {
+ if (selector.isOpen() && selector.select(10) > 0 && selector.isOpen()) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ dealKey(selectionKey);
+ iterator.remove();
+ }
+ selectionKeys.clear();
+ }
+ }
+
+ protected void dealKey(SelectionKey selectionKey) throws IOException {
+ transportHandler.helpHandleSelectionKey(selectionKey);
+ }
+
+ protected void onNewTransport(Transport transport) {
+ transport.setDispatcher(getDispatcher());
+ dispatch(TransportEvent.createNewTransportEvent(transport));
+ }
+
+ @Override
+ public void stop() {
+ super.stop();
+
+ try {
+ selector.close();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferPool.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferPool.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferPool.java
new file mode 100644
index 0000000..7737c13
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferPool.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.buffer;
+
+import java.nio.ByteBuffer;
+
+public class BufferPool {
+
+ public static ByteBuffer allocate(int len) {
+ return ByteBuffer.allocate(len);
+ }
+
+ public static void release(ByteBuffer buffer) {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferUtil.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferUtil.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferUtil.java
new file mode 100644
index 0000000..f67ab09
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/BufferUtil.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.buffer;
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+public class BufferUtil {
+
+ /**
+ * Read len bytes from src buffer
+ */
+ public static ByteBuffer read(ByteBuffer src, int len) {
+ if (len > src.remaining())
+ throw new BufferOverflowException();
+
+ ByteBuffer result = ByteBuffer.allocate(len);
+ int n = src.remaining();
+ for (int i = 0; i < n; i++) {
+ result.put(src.get());
+ }
+
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/RecvBuffer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/RecvBuffer.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/RecvBuffer.java
new file mode 100644
index 0000000..2c190a3
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/RecvBuffer.java
@@ -0,0 +1,155 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.buffer;
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.util.Iterator;
+import java.util.LinkedList;
+
+public class RecvBuffer {
+
+ private LinkedList<ByteBuffer> bufferQueue;
+
+ public RecvBuffer() {
+ bufferQueue = new LinkedList<ByteBuffer>();
+ }
+
+ public synchronized void write(ByteBuffer buffer) {
+ bufferQueue.addLast(buffer);
+ }
+
+ /**
+ * Put buffer as the first into the buffer queue
+ */
+ public synchronized void writeFirst(ByteBuffer buffer) {
+ bufferQueue.addFirst(buffer);
+ }
+
+ /**
+ * Read and return the first buffer if available
+ */
+ public synchronized ByteBuffer readFirst() {
+ if (! bufferQueue.isEmpty()) {
+ return bufferQueue.removeFirst();
+ }
+ return null;
+ }
+
+ /**
+ * Read most available bytes into the dst buffer
+ */
+ public synchronized ByteBuffer readMostBytes() {
+ int len = remaining();
+ return readBytes(len);
+ }
+
+ /**
+ * Read len bytes into the dst buffer if available
+ */
+ public synchronized ByteBuffer readBytes(int len) {
+ if (remaining() < len) { // no enough data that's available
+ throw new BufferOverflowException();
+ }
+
+ ByteBuffer result = null;
+
+ ByteBuffer takenBuffer;
+ if (bufferQueue.size() == 1) {
+ takenBuffer = bufferQueue.removeFirst();
+
+ if (takenBuffer.remaining() == len) {
+ return takenBuffer;
+ }
+
+ result = BufferPool.allocate(len);
+ for (int i = 0; i < len; i++) {
+ result.put(takenBuffer.get());
+ }
+ // Has left bytes so put it back for future reading
+ if (takenBuffer.remaining() > 0) {
+ bufferQueue.addFirst(takenBuffer);
+ }
+ } else {
+ result = BufferPool.allocate(len);
+
+ Iterator<ByteBuffer> iter = bufferQueue.iterator();
+ int alreadyGot = 0, toGet;
+ while (iter.hasNext()) {
+ takenBuffer = iter.next();
+ iter.remove();
+
+ toGet = takenBuffer.remaining() < len - alreadyGot ?
+ takenBuffer.remaining() : len -alreadyGot;
+ byte[] toGetBytes = new byte[toGet];
+ takenBuffer.get(toGetBytes);
+ result.put(toGetBytes);
+
+ if (takenBuffer.remaining() > 0) {
+ bufferQueue.addFirst(takenBuffer);
+ }
+
+ alreadyGot += toGet;
+ if (alreadyGot == len) {
+ break;
+ }
+ }
+ }
+ result.flip();
+
+ return result;
+ }
+
+ public boolean isEmpty() {
+ return bufferQueue.isEmpty();
+ }
+
+ /**
+ * Return count of remaining and left bytes that's available
+ */
+ public int remaining() {
+ if (bufferQueue.isEmpty()) {
+ return 0;
+ } else if (bufferQueue.size() == 1) {
+ return bufferQueue.getFirst().remaining();
+ }
+
+ int result = 0;
+ Iterator<ByteBuffer> iter = bufferQueue.iterator();
+ while (iter.hasNext()) {
+ result += iter.next().remaining();
+ }
+ return result;
+ }
+
+ public synchronized void clear() {
+ if (bufferQueue.isEmpty()) {
+ return;
+ } else if (bufferQueue.size() == 1) {
+ BufferPool.release(bufferQueue.getFirst());
+ }
+
+ Iterator<ByteBuffer> iter = bufferQueue.iterator();
+ while (iter.hasNext()) {
+ BufferPool.release(iter.next());
+ }
+ bufferQueue.clear();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/TransBuffer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/TransBuffer.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/TransBuffer.java
new file mode 100644
index 0000000..079a6cd
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/buffer/TransBuffer.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.buffer;
+
+import java.nio.ByteBuffer;
+import java.util.concurrent.ArrayBlockingQueue;
+import java.util.concurrent.BlockingQueue;
+
+public class TransBuffer {
+
+ private BlockingQueue<ByteBuffer> bufferQueue;
+
+ public TransBuffer() {
+ bufferQueue = new ArrayBlockingQueue<ByteBuffer>(2);
+ }
+
+ public void write(ByteBuffer buffer) {
+ bufferQueue.add(buffer);
+ }
+
+ public void write(byte[] buffer) {
+ write(ByteBuffer.wrap(buffer));
+ }
+
+ public ByteBuffer read() {
+ return bufferQueue.poll();
+ }
+
+ public boolean isEmpty() {
+ return bufferQueue.isEmpty();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/AddressEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/AddressEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/AddressEvent.java
new file mode 100644
index 0000000..80340c8
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/AddressEvent.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.event;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+
+import java.net.InetSocketAddress;
+
+public class AddressEvent extends Event {
+
+ private InetSocketAddress address;
+
+ public AddressEvent(InetSocketAddress address, EventType eventType) {
+ super(eventType);
+ this.address = address;
+ }
+
+ public InetSocketAddress getAddress() {
+ return address;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/MessageEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/MessageEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/MessageEvent.java
new file mode 100644
index 0000000..b9d48eb
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/MessageEvent.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.event;
+
+import org.apache.kerby.transport.Transport;
+
+import java.nio.ByteBuffer;
+
+public class MessageEvent extends TransportEvent {
+
+ private MessageEvent(Transport transport, ByteBuffer message) {
+ super(transport, TransportEventType.INBOUND_MESSAGE, message);
+ }
+
+ public ByteBuffer getMessage() {
+ return (ByteBuffer) getEventData();
+ }
+
+ public static MessageEvent createInboundMessageEvent(
+ Transport transport, ByteBuffer message) {
+ return new MessageEvent(transport, message);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEvent.java
new file mode 100644
index 0000000..3c2ae34
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEvent.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.event;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Transport;
+
+public class TransportEvent extends Event {
+
+ private Transport transport;
+
+ public TransportEvent(Transport transport, EventType eventType) {
+ super(eventType);
+ this.transport = transport;
+ }
+
+ public TransportEvent(Transport transport, EventType eventType, Object eventData) {
+ super(eventType, eventData);
+ this.transport = transport;
+ }
+
+ public Transport getTransport() {
+ return transport;
+ }
+
+ public static TransportEvent createWritableTransportEvent(Transport transport) {
+ return new TransportEvent(transport, TransportEventType.TRANSPORT_WRITABLE);
+ }
+
+ public static TransportEvent createReadableTransportEvent(Transport transport) {
+ return new TransportEvent(transport, TransportEventType.TRANSPORT_READABLE);
+ }
+
+ public static TransportEvent createNewTransportEvent(Transport transport) {
+ return new TransportEvent(transport, TransportEventType.NEW_TRANSPORT);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEventType.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEventType.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEventType.java
new file mode 100644
index 0000000..6036c02
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/event/TransportEventType.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.event;
+
+import org.apache.kerby.event.EventType;
+
+public enum TransportEventType implements EventType {
+ NEW_TRANSPORT,
+ TRANSPORT_WRITABLE,
+ TRANSPORT_READABLE,
+ INBOUND_MESSAGE
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/DecodingCallback.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/DecodingCallback.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/DecodingCallback.java
new file mode 100644
index 0000000..8b8c352
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/DecodingCallback.java
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+public interface DecodingCallback {
+
+ /**
+ * OK, enough data is ready, a message can be out
+ */
+ public void onMessageComplete(int messageLength);
+
+ /**
+ * Need more data to be available
+ */
+ public void onMoreDataNeeded();
+
+ /**
+ * Need more data to be available, with determined more data length given
+ */
+ public void onMoreDataNeeded(int needDataLength);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/StreamingDecoder.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/StreamingDecoder.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/StreamingDecoder.java
new file mode 100644
index 0000000..ed9eb72
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/StreamingDecoder.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import java.nio.ByteBuffer;
+
+public interface StreamingDecoder {
+ public void decode(ByteBuffer streamingBuffer, DecodingCallback callback);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAcceptor.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAcceptor.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAcceptor.java
new file mode 100644
index 0000000..0d5ae05
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAcceptor.java
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Acceptor;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.nio.channels.ClosedByInterruptException;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.ServerSocketChannel;
+import java.nio.channels.SocketChannel;
+
+public class TcpAcceptor extends Acceptor {
+
+ public TcpAcceptor(StreamingDecoder streamingDecoder) {
+ this(new TcpTransportHandler(streamingDecoder));
+ }
+
+ public TcpAcceptor(TcpTransportHandler transportHandler) {
+ super(transportHandler);
+
+ setEventHandler(new AbstractEventHandler() {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ if (event.getEventType() == TcpEventType.ADDRESS_BIND) {
+ try {
+ doBind((AddressEvent) event);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ TcpEventType.ADDRESS_BIND
+ };
+ }
+ });
+ }
+
+ @Override
+ protected void doListen(InetSocketAddress socketAddress) {
+ AddressEvent event = TcpAddressEvent.createAddressBindEvent(socketAddress);
+ dispatch(event);
+ }
+
+ @Override
+ protected void dealKey(SelectionKey selectionKey) throws IOException {
+ if (selectionKey.isAcceptable()) {
+ doAccept(selectionKey);
+ } else {
+ super.dealKey(selectionKey);
+ }
+ }
+
+ void doAccept(SelectionKey key) throws IOException {
+ ServerSocketChannel server = (ServerSocketChannel) key.channel();
+ SocketChannel channel;
+
+ try {
+ while ((channel = server.accept()) != null) {
+ channel.configureBlocking(false);
+ channel.socket().setTcpNoDelay(true);
+ channel.socket().setKeepAlive(true);
+
+ Transport transport = new TcpTransport(channel,
+ ((TcpTransportHandler) transportHandler).getStreamingDecoder());
+
+ channel.register(selector,
+ SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
+ onNewTransport(transport);
+ }
+ } catch (ClosedByInterruptException e) {
+ // No op as normal
+ }
+ }
+
+ protected void doBind(AddressEvent event) throws IOException {
+ ServerSocketChannel serverSocketChannel = ServerSocketChannel.open();
+ serverSocketChannel.configureBlocking(false);
+ ServerSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(event.getAddress());
+ serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT, serverSocketChannel);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAddressEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAddressEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAddressEvent.java
new file mode 100644
index 0000000..500d224
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpAddressEvent.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.net.InetSocketAddress;
+
+public class TcpAddressEvent {
+
+ public static AddressEvent createAddressBindEvent(InetSocketAddress address) {
+ return new AddressEvent(address, TcpEventType.ADDRESS_BIND);
+ }
+
+ public static AddressEvent createAddressConnectEvent(InetSocketAddress address) {
+ return new AddressEvent(address, TcpEventType.ADDRESS_CONNECT);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpConnector.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpConnector.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpConnector.java
new file mode 100644
index 0000000..e460961
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpConnector.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
+
+public class TcpConnector extends Connector {
+
+ public TcpConnector(StreamingDecoder streamingDecoder) {
+ this(new TcpTransportHandler(streamingDecoder));
+ }
+
+ public TcpConnector(TcpTransportHandler transportHandler) {
+ super(transportHandler);
+
+ setEventHandler(new AbstractEventHandler() {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ if (event.getEventType() == TcpEventType.ADDRESS_CONNECT) {
+ doConnect((AddressEvent) event);
+ }
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ TcpEventType.ADDRESS_CONNECT
+ };
+ }
+ });
+ }
+
+ @Override
+ protected void doConnect(InetSocketAddress sa) {
+ AddressEvent event = TcpAddressEvent.createAddressConnectEvent(sa);
+ dispatch(event);
+ }
+
+ private void doConnect(AddressEvent event) throws IOException {
+ SocketChannel channel = SocketChannel.open();
+ channel.configureBlocking(false);
+ channel.connect(event.getAddress());
+ channel.register(selector,
+ SelectionKey.OP_CONNECT | SelectionKey.OP_READ | SelectionKey.OP_WRITE);
+ }
+
+ @Override
+ protected void dealKey(SelectionKey selectionKey) throws IOException {
+ if (selectionKey.isConnectable()) {
+ doConnect(selectionKey);
+ } else {
+ super.dealKey(selectionKey);
+ }
+ }
+
+ private void doConnect(SelectionKey key) throws IOException {
+ SocketChannel channel = (SocketChannel) key.channel();
+ if (channel.isConnectionPending()) {
+ channel.finishConnect();
+ }
+
+ Transport transport = new TcpTransport(channel,
+ ((TcpTransportHandler) transportHandler).getStreamingDecoder());
+ channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE, transport);
+ onNewTransport(transport);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpEventType.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpEventType.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpEventType.java
new file mode 100644
index 0000000..e754fa5
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpEventType.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.event.EventType;
+
+public enum TcpEventType implements EventType {
+ ADDRESS_BIND,
+ ADDRESS_CONNECT
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransport.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransport.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransport.java
new file mode 100644
index 0000000..a662e38
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransport.java
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.buffer.BufferPool;
+import org.apache.kerby.transport.buffer.RecvBuffer;
+import org.apache.kerby.transport.event.MessageEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.SocketChannel;
+
+public class TcpTransport extends Transport {
+
+ private SocketChannel channel;
+
+ private StreamingDecoder streamingDecoder;
+
+ private RecvBuffer recvBuffer;
+
+ public TcpTransport(SocketChannel channel,
+ StreamingDecoder streamingDecoder) throws IOException {
+ super((InetSocketAddress) channel.getRemoteAddress());
+ this.channel = channel;
+ this.streamingDecoder = streamingDecoder;
+
+ this.recvBuffer = new RecvBuffer();
+ }
+
+ @Override
+ protected void sendOutMessage(ByteBuffer message) throws IOException {
+ channel.write(message);
+ }
+
+ public void onReadable() throws IOException {
+ ByteBuffer writeBuffer = BufferPool.allocate(65536);
+ if (channel.read(writeBuffer) <= 0) {
+ BufferPool.release(writeBuffer);
+ return;
+ }
+
+ writeBuffer.flip();
+ recvBuffer.write(writeBuffer);
+
+ WithReadDataHander rdHandler = new WithReadDataHander();
+ rdHandler.handle();
+ }
+
+ class WithReadDataHander implements DecodingCallback {
+ private ByteBuffer streamingBuffer;
+
+ @Override
+ public void onMessageComplete(int messageLength) {
+ ByteBuffer message = null;
+
+ int remaining = streamingBuffer.remaining();
+ if (remaining == messageLength) {
+ message = streamingBuffer;
+ } else if (remaining > messageLength) {
+ message = streamingBuffer.duplicate();
+ int newLimit = streamingBuffer.position() + messageLength;
+ message.limit(newLimit);
+
+ streamingBuffer.position(newLimit);
+ recvBuffer.writeFirst(streamingBuffer);
+ }
+
+ if (message != null) {
+ dispatcher.dispatch(MessageEvent.createInboundMessageEvent(TcpTransport.this, message));
+ }
+ }
+
+ @Override
+ public void onMoreDataNeeded() {
+ recvBuffer.writeFirst(streamingBuffer);
+ }
+
+ @Override
+ public void onMoreDataNeeded(int needDataLength) {
+ recvBuffer.writeFirst(streamingBuffer);
+ }
+
+ public void handle() {
+ if (recvBuffer.isEmpty()) return;
+
+ streamingBuffer = recvBuffer.readMostBytes();
+
+ streamingDecoder.decode(streamingBuffer.duplicate(), this);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransportHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransportHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransportHandler.java
new file mode 100644
index 0000000..ad010ed
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/tcp/TcpTransportHandler.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.tcp;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.TransportHandler;
+import org.apache.kerby.transport.event.TransportEvent;
+
+import java.io.IOException;
+import java.nio.channels.SelectionKey;
+
+public class TcpTransportHandler extends TransportHandler {
+
+ private StreamingDecoder streamingDecoder;
+
+ public TcpTransportHandler(StreamingDecoder streamingDecoder) {
+ this.streamingDecoder = streamingDecoder;
+ }
+
+ public StreamingDecoder getStreamingDecoder() {
+ return streamingDecoder;
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new TransportEventType[] {
+ TransportEventType.TRANSPORT_READABLE,
+ TransportEventType.TRANSPORT_WRITABLE
+ };
+ }
+
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ EventType eventType = event.getEventType();
+ TransportEvent te = (TransportEvent) event;
+ Transport transport = te.getTransport();
+ if (eventType == TransportEventType.TRANSPORT_READABLE) {
+ transport.onReadable();
+ } else if (eventType == TransportEventType.TRANSPORT_WRITABLE) {
+ transport.onWriteable();
+ }
+ }
+
+ @Override
+ public void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
+ if (selectionKey.isReadable()) {
+ selectionKey.interestOps(SelectionKey.OP_READ | SelectionKey.OP_WRITE);
+ TcpTransport transport = (TcpTransport) selectionKey.attachment();
+ dispatch(TransportEvent.createReadableTransportEvent(transport));
+ } else if (selectionKey.isWritable()) {
+ selectionKey.interestOps(SelectionKey.OP_READ);
+ TcpTransport transport = (TcpTransport) selectionKey.attachment();
+ dispatch(TransportEvent.createWritableTransportEvent(transport));
+ }
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAcceptor.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAcceptor.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAcceptor.java
new file mode 100644
index 0000000..974f871
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAcceptor.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Acceptor;
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SelectionKey;
+
+public class UdpAcceptor extends Acceptor {
+
+ private DatagramChannel serverChannel;
+
+ public UdpAcceptor() {
+ this(new UdpTransportHandler());
+ }
+
+ public UdpAcceptor(UdpTransportHandler udpTransportHandler) {
+ super(udpTransportHandler);
+
+ setEventHandler(new AbstractEventHandler() {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ if (event.getEventType() == UdpEventType.ADDRESS_BIND) {
+ doBind((AddressEvent) event);
+ }
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ UdpEventType.ADDRESS_BIND
+ };
+ }
+ });
+ }
+
+ @Override
+ protected void doListen(InetSocketAddress socketAddress) {
+ AddressEvent event = UdpAddressEvent.createAddressBindEvent(socketAddress);
+ dispatch(event);
+ }
+
+ private void doBind(AddressEvent event) throws IOException {
+ serverChannel = DatagramChannel.open();
+ serverChannel.configureBlocking(false);
+ serverChannel.bind(event.getAddress());
+ serverChannel.register(selector, SelectionKey.OP_READ);
+ }
+
+ @Override
+ public void stop() {
+ super.stop();
+
+ try {
+ serverChannel.close();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAddressEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAddressEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAddressEvent.java
new file mode 100644
index 0000000..b29100e
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpAddressEvent.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.net.InetSocketAddress;
+
+public class UdpAddressEvent {
+
+ public static AddressEvent createAddressBindEvent(InetSocketAddress address) {
+ return new AddressEvent(address, UdpEventType.ADDRESS_BIND);
+ }
+
+ public static AddressEvent createAddressConnectEvent(InetSocketAddress address) {
+ return new AddressEvent(address, UdpEventType.ADDRESS_CONNECT);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpChannelEvent.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpChannelEvent.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpChannelEvent.java
new file mode 100644
index 0000000..e5dd7b2
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpChannelEvent.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+
+import java.nio.channels.DatagramChannel;
+
+public class UdpChannelEvent extends Event {
+
+ private DatagramChannel channel;
+
+ private UdpChannelEvent(DatagramChannel channel, EventType eventType) {
+ super(eventType);
+ this.channel = channel;
+ }
+
+ public DatagramChannel getChannel() {
+ return channel;
+ }
+
+ public static UdpChannelEvent makeWritableChannelEvent(DatagramChannel channel) {
+ return new UdpChannelEvent(channel, UdpEventType.CHANNEL_WRITABLE);
+ }
+
+ public static UdpChannelEvent makeReadableChannelEvent(DatagramChannel channel) {
+ return new UdpChannelEvent(channel, UdpEventType.CHANNEL_READABLE);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpConnector.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpConnector.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpConnector.java
new file mode 100644
index 0000000..9234a8c
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpConnector.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.event.AbstractEventHandler;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.event.AddressEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SelectionKey;
+
+public class UdpConnector extends Connector {
+
+ public UdpConnector() {
+ this(new UdpTransportHandler());
+ }
+
+ public UdpConnector(UdpTransportHandler transportHandler) {
+ super(transportHandler);
+
+ setEventHandler(new AbstractEventHandler() {
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ if (event.getEventType() == UdpEventType.ADDRESS_CONNECT) {
+ doConnect((AddressEvent) event);
+ }
+ }
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ UdpEventType.ADDRESS_CONNECT
+ };
+ }
+ });
+ }
+
+ @Override
+ protected void doConnect(InetSocketAddress sa) {
+ AddressEvent event = UdpAddressEvent.createAddressConnectEvent(sa);
+ dispatch(event);
+ }
+
+ private void doConnect(AddressEvent event) throws IOException {
+ InetSocketAddress address = event.getAddress();
+ DatagramChannel channel = DatagramChannel.open();
+ channel.configureBlocking(false);
+ channel.connect(address);
+
+ channel.register(selector, SelectionKey.OP_READ | SelectionKey.OP_WRITE);
+
+ UdpTransport transport = new UdpTransport(channel, address);
+ onNewTransport(transport);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpEventType.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpEventType.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpEventType.java
new file mode 100644
index 0000000..d291f75
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpEventType.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.event.EventType;
+
+public enum UdpEventType implements EventType {
+ ADDRESS_BIND,
+ ADDRESS_CONNECT,
+ CHANNEL_WRITABLE,
+ CHANNEL_READABLE
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransport.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransport.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransport.java
new file mode 100644
index 0000000..fe11a64
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransport.java
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.buffer.TransBuffer;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEvent;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+
+public class UdpTransport extends Transport {
+ private DatagramChannel channel;
+
+ protected TransBuffer recvBuffer;
+
+ public UdpTransport(DatagramChannel channel,
+ InetSocketAddress remoteAddress) {
+ super(remoteAddress);
+ this.channel = channel;
+ this.recvBuffer = new TransBuffer();
+ }
+
+ protected void onRecvData(ByteBuffer data) {
+ if (data != null) {
+ recvBuffer.write(data);
+ dispatcher.dispatch(TransportEvent.createReadableTransportEvent(this));
+ }
+ }
+
+ @Override
+ public void onReadable() throws IOException {
+ super.onReadable();
+
+ if (! recvBuffer.isEmpty()) {
+ ByteBuffer message = recvBuffer.read();
+ dispatcher.dispatch(MessageEvent.createInboundMessageEvent(this, message));
+ }
+ }
+
+ @Override
+ protected void sendOutMessage(ByteBuffer message) throws IOException {
+ channel.send(message, getRemoteAddress());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransportHandler.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransportHandler.java b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransportHandler.java
new file mode 100644
index 0000000..fc02bf5
--- /dev/null
+++ b/lib/kerby-event/src/main/java/org/apache/kerby/transport/udp/UdpTransportHandler.java
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.transport.udp;
+
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventType;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.TransportHandler;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SelectionKey;
+import java.util.HashMap;
+import java.util.Map;
+
+public class UdpTransportHandler extends TransportHandler {
+
+ protected Map<InetSocketAddress, UdpTransport> transports =
+ new HashMap<InetSocketAddress, UdpTransport>();
+
+ @Override
+ public EventType[] getInterestedEvents() {
+ return new EventType[] {
+ UdpEventType.CHANNEL_READABLE,
+ TransportEventType.TRANSPORT_WRITABLE,
+ TransportEventType.TRANSPORT_READABLE,
+ TransportEventType.NEW_TRANSPORT
+ };
+ }
+
+ @Override
+ protected void doHandle(Event event) throws Exception {
+ EventType eventType = event.getEventType();
+ if (eventType == UdpEventType.CHANNEL_READABLE) {
+ UdpChannelEvent ce = (UdpChannelEvent) event;
+ DatagramChannel channel = ce.getChannel();
+ doRead(channel);
+ } else if (eventType == TransportEventType.TRANSPORT_READABLE) {
+ TransportEvent te = (TransportEvent) event;
+ Transport transport = te.getTransport();
+ transport.onReadable();
+ } else if (eventType == TransportEventType.TRANSPORT_WRITABLE) {
+ TransportEvent te = (TransportEvent) event;
+ Transport transport = te.getTransport();
+ transport.onWriteable();
+ } else if (eventType == TransportEventType.NEW_TRANSPORT) {
+ TransportEvent te = (TransportEvent) event;
+ Transport transport = te.getTransport();
+ if (transport instanceof UdpTransport) {
+ InetSocketAddress remoteAddress = transport.getRemoteAddress();
+ if (! transports.containsKey(remoteAddress)) {
+ transports.put(remoteAddress, (UdpTransport) transport);
+ }
+ }
+ }
+ }
+
+ private void doRead(DatagramChannel channel) throws IOException {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536); // to optimize
+ InetSocketAddress fromAddress = (InetSocketAddress) channel.receive(recvBuffer);
+ if (fromAddress != null) {
+ recvBuffer.flip();
+ UdpTransport transport = transports.get(fromAddress);
+ if (transport == null) {
+ // should be from acceptor
+ transport = new UdpTransport(channel, fromAddress);
+ transport.setDispatcher(getDispatcher());
+ dispatch(TransportEvent.createNewTransportEvent(transport));
+ }
+ transport.onRecvData(recvBuffer);
+ }
+ }
+
+ @Override
+ public void helpHandleSelectionKey(SelectionKey selectionKey) throws IOException {
+ DatagramChannel channel =
+ (DatagramChannel) selectionKey.channel();
+
+ if (selectionKey.isReadable()) {
+ dispatch(UdpChannelEvent.makeReadableChannelEvent(channel));
+ } else if (selectionKey.isWritable()) {
+ dispatch(UdpChannelEvent.makeWritableChannelEvent(channel));
+ }
+ // Udp channel is always writable, so not usable
+ selectionKey.interestOps(SelectionKey.OP_READ);
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/lib/kerby-event/src/test/java/org/apache/kerby/event/TestBuffer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/TestBuffer.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/TestBuffer.java
new file mode 100644
index 0000000..704afa9
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/TestBuffer.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event;
+
+import org.apache.kerby.transport.buffer.RecvBuffer;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.nio.ByteBuffer;
+
+public class TestBuffer {
+
+ @Test
+ public void testRecvBuffer() {
+ String testString = "HELLO WORLD";
+ ByteBuffer testMessage = ByteBuffer.wrap(testString.getBytes());
+ ByteBuffer tmp;
+
+ RecvBuffer testBuffer = new RecvBuffer();
+ testBuffer.write(testMessage);
+ tmp = testBuffer.readMostBytes();
+ Assert.assertArrayEquals(testString.getBytes(), tmp.array());
+
+ int nTimes = 10;
+ testBuffer.clear();
+ for (int i = 0; i < nTimes; ++i) {
+ testBuffer.write(ByteBuffer.wrap(testString.getBytes()));
+ }
+ int expectedBytes = nTimes * testMessage.limit();
+ tmp = testBuffer.readMostBytes();
+ Assert.assertEquals(expectedBytes, tmp.limit());
+ }
+}
[35/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSid.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSid.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSid.java
deleted file mode 100644
index ad73d0e..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSid.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.IOException;
-
-public class PacSid {
-
- private static final String FORMAT = "%1$02x";
-
- private byte revision;
- private byte subCount;
- private byte[] authority;
- private byte[] subs;
-
- public PacSid(byte[] bytes) throws IOException {
- if(bytes.length < 8 || ((bytes.length - 8) % 4) != 0
- || ((bytes.length - 8) / 4) != bytes[1])
- throw new IOException("pac.sid.malformed.size");
-
- this.revision = bytes[0];
- this.subCount = bytes[1];
- this.authority = new byte[6];
- System.arraycopy(bytes, 2, this.authority, 0, 6);
- this.subs = new byte[bytes.length - 8];
- System.arraycopy(bytes, 8, this.subs, 0, bytes.length - 8);
- }
-
- public PacSid(PacSid sid) {
- this.revision = sid.revision;
- this.subCount = sid.subCount;
- this.authority = new byte[6];
- System.arraycopy(sid.authority, 0, this.authority, 0, 6);
- this.subs = new byte[sid.subs.length];
- System.arraycopy(sid.subs, 0, this.subs, 0, sid.subs.length);
- }
-
- public String toString() {
- StringBuilder builder = new StringBuilder();
-
- builder.append("\\").append(String.format(FORMAT, ((int)revision) & 0xff));
- builder.append("\\").append(String.format(FORMAT, ((int)subCount) & 0xff));
- for(int i = 0; i < authority.length; i++) {
- int unsignedByte = ((int)authority[i]) & 0xff;
- builder.append("\\").append(String.format(FORMAT, unsignedByte));
- }
- for(int i = 0; i < subs.length; i++) {
- int unsignedByte = ((int)subs[i]) & 0xff;
- builder.append("\\").append(String.format(FORMAT, unsignedByte));
- }
-
- return builder.toString();
- }
-
- public boolean isEmpty() {
- return subCount == 0;
- }
-
- public boolean isBlank() {
- boolean blank = true;
- for(byte sub : subs)
- blank = blank && (sub == 0);
- return blank;
- }
-
- public byte[] getBytes() {
- byte[] bytes = new byte[8 + subCount * 4];
- bytes[0] = revision;
- bytes[1] = subCount;
- System.arraycopy(authority, 0, bytes, 2, 6);
- System.arraycopy(subs, 0, bytes, 8, subs.length);
-
- return bytes;
- }
-
- public static String toString(byte[] bytes) {
- StringBuilder builder = new StringBuilder();
-
- for(int i = 0; i < bytes.length; i++) {
- int unsignedByte = ((int)bytes[i]) & 0xff;
- builder.append("\\").append(String.format(FORMAT, unsignedByte));
- }
-
- return builder.toString();
- }
-
- public static PacSid createFromSubs(byte[] bytes) throws IOException {
- if((bytes.length % 4) != 0) {
- Object[] args = new Object[]{bytes.length};
- throw new IOException("pac.subauthority.malformed.size");
- }
-
- byte[] sidBytes = new byte[8 + bytes.length];
- sidBytes[0] = 1;
- sidBytes[1] = (byte)(bytes.length / 4);
- System.arraycopy(new byte[]{0, 0, 0, 0, 0, 5}, 0, sidBytes, 2, 6);
- System.arraycopy(bytes, 0, sidBytes, 8, bytes.length);
-
- return new PacSid(sidBytes);
- }
-
- public static PacSid append(PacSid sid1, PacSid sid2) {
- PacSid sid = new PacSid(sid1);
-
- sid.subCount += sid2.subCount;
- sid.subs = new byte[sid.subCount * 4];
- System.arraycopy(sid1.subs, 0, sid.subs, 0, sid1.subs.length);
- System.arraycopy(sid2.subs, 0, sid.subs, sid1.subs.length, sid2.subs.length);
-
- return sid;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSidAttributes.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSidAttributes.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSidAttributes.java
deleted file mode 100644
index 7bb035c..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSidAttributes.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-public class PacSidAttributes {
-
- private PacSid id;
- private int attributes;
-
- public PacSidAttributes(PacSid id, int attributes) {
- super();
- this.id = id;
- this.attributes = attributes;
- }
-
- public PacSid getId() {
- return id;
- }
-
- public int getAttributes() {
- return attributes;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSignature.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSignature.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSignature.java
deleted file mode 100644
index a0a4607..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacSignature.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-
-public class PacSignature {
-
- private int type;
- private byte[] checksum;
-
- public PacSignature(byte[] data) throws IOException {
- try {
- PacDataInputStream bufferStream = new PacDataInputStream(new DataInputStream(
- new ByteArrayInputStream(data)));
-
- type = bufferStream.readInt();
- checksum = new byte[bufferStream.available()];
- bufferStream.readFully(checksum);
- } catch(IOException e) {
- throw new IOException("pac.signature.malformed", e);
- }
- }
-
- public int getType() {
- return type;
- }
-
- public byte[] getChecksum() {
- return checksum;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacUnicodeString.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacUnicodeString.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacUnicodeString.java
deleted file mode 100644
index 44f8fb0..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacUnicodeString.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.IOException;
-
-public class PacUnicodeString {
-
- private short length;
- private short maxLength;
- private int pointer;
-
- public PacUnicodeString(short length, short maxLength, int pointer) {
- super();
- this.length = length;
- this.maxLength = maxLength;
- this.pointer = pointer;
- }
-
- public short getLength() {
- return length;
- }
-
- public short getMaxLength() {
- return maxLength;
- }
-
- public int getPointer() {
- return pointer;
- }
-
- public String check(String string) throws IOException {
- if(pointer == 0 && string != null)
- throw new IOException("pac.string.notempty");
-
- int expected = length / 2;
- if(string.length() != expected) {
- Object[] args = new Object[]{expected, string.length()};
- throw new IOException("pac.string.invalid.size");
- }
-
- return string;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoConstants.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoConstants.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoConstants.java
deleted file mode 100644
index 4a5024f..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoConstants.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.spnego;
-
-public interface SpnegoConstants {
-
- static final String SPNEGO_MECHANISM = "1.3.6.1.5.5.2";
- static final String KERBEROS_MECHANISM = "1.2.840.113554.1.2.2";
- static final String LEGACY_KERBEROS_MECHANISM = "1.2.840.48018.1.2.2";
- static final String NTLMSSP_MECHANISM = "1.3.6.1.4.1.311.2.2.10";
-
- static final String SPNEGO_OID = SPNEGO_MECHANISM;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoInitToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoInitToken.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoInitToken.java
deleted file mode 100644
index bf8b0ca..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoInitToken.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.spnego;
-
-import java.io.IOException;
-
-public class SpnegoInitToken extends SpnegoToken {
-
- public static final int DELEGATION = 0x40;
- public static final int MUTUAL_AUTHENTICATION = 0x20;
- public static final int REPLAY_DETECTION = 0x10;
- public static final int SEQUENCE_CHECKING = 0x08;
- public static final int ANONYMITY = 0x04;
- public static final int CONFIDENTIALITY = 0x02;
- public static final int INTEGRITY = 0x01;
-
- private String[] mechanisms;
- private int contextFlags;
-
- public SpnegoInitToken(byte[] token) throws IOException {
-
- }
-
- public int getContextFlags() {
- return contextFlags;
- }
-
- public boolean getContextFlag(int flag) {
- return (getContextFlags() & flag) == flag;
- }
-
- public String[] getMechanisms() {
- return mechanisms;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoTargToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoTargToken.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoTargToken.java
deleted file mode 100644
index f31ba60..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoTargToken.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.spnego;
-
-import java.io.IOException;
-
-public class SpnegoTargToken extends SpnegoToken {
-
- public static final int UNSPECIFIED_RESULT = -1;
- public static final int ACCEPT_COMPLETED = 0;
- public static final int ACCEPT_INCOMPLETE = 1;
- public static final int REJECTED = 2;
-
- private int result = UNSPECIFIED_RESULT;
-
- public SpnegoTargToken(byte[] token) throws IOException {
-
- }
-
- public int getResult() {
- return result;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoToken.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoToken.java
deleted file mode 100644
index 170a4b0..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/spnego/SpnegoToken.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.spnego;
-
-import java.io.IOException;
-
-public abstract class SpnegoToken {
-
- // Default max size as 65K
- public static int TOKEN_MAX_SIZE = 66560;
-
- protected byte[] mechanismToken;
- protected byte[] mechanismList;
- protected String mechanism;
-
- public static SpnegoToken parse(byte[] token) throws IOException {
- SpnegoToken spnegoToken = null;
-
- if(token.length <= 0)
- throw new IOException("spnego.token.empty");
-
- switch (token[0]) {
- case (byte)0x60:
- spnegoToken = new SpnegoInitToken(token);
- break;
- case (byte)0xa1:
- spnegoToken = new SpnegoTargToken(token);
- break;
- default:
- spnegoToken = null;
- Object[] args = new Object[]{token[0]};
- throw new IOException("spnego.token.invalid");
- }
-
- return spnegoToken;
- }
-
- public byte[] getMechanismToken() {
- return mechanismToken;
- }
-
- public byte[] getMechanismList() {
- return mechanismList;
- }
-
- public String getMechanism() {
- return mechanism;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTest.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTest.java
deleted file mode 100644
index 3fd89c2..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTest.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.util.Arrays;
-
-public class CodecTest {
-
- @Test
- public void testCodec() throws KrbException {
- CheckSum mcs = new CheckSum();
- mcs.setCksumtype(CheckSumType.CRC32);
- mcs.setChecksum(new byte[] {0x10});
- byte[] bytes = KrbCodec.encode(mcs);
- Assert.assertNotNull(bytes);
-
- CheckSum restored = KrbCodec.decode(bytes, CheckSum.class);
- Assert.assertNotNull(restored);
- Assert.assertEquals(mcs.getCksumtype(), restored.getCksumtype());
- Assert.assertTrue(Arrays.equals(mcs.getChecksum(), restored.getChecksum()));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
deleted file mode 100644
index 87c5a0f..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public class CodecTestUtil {
- /*package*/ static byte[] readBinaryFile(String path) throws IOException {
- InputStream is = CodecTestUtil.class.getResourceAsStream(path);
- byte[] bytes = new byte[is.available()];
- is.read(bytes);
- return bytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsRepCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsRepCodec.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsRepCodec.java
deleted file mode 100644
index 7b9c9f4..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsRepCodec.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.common.NameType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.AsRep;
-import org.apache.kerberos.kerb.spec.kdc.EncKdcRepPart;
-import org.apache.kerberos.kerb.spec.ticket.EncTicketPart;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-/**
- * Test AsRep message using a real 'correct' network packet captured from MS-AD to detective programming errors
- * and compatibility issues particularly regarding Kerberos crypto.
- */
-public class TestAsRepCodec {
-
- @Test
- public void test() throws IOException {
- byte[] bytes = CodecTestUtil.readBinaryFile("/asrep.token");
- ByteBuffer asRepToken = ByteBuffer.wrap(bytes);
-
- AsRep asRep = new AsRep();
- asRep.decode(asRepToken);
-
- Assert.assertEquals(asRep.getPvno(), 5);
- Assert.assertEquals(asRep.getMsgType(), KrbMessageType.AS_REP);
- Assert.assertEquals(asRep.getCrealm(), "DENYDC.COM");
-
- PrincipalName cname = asRep.getCname();
- Assert.assertEquals(cname.getNameType(), NameType.NT_PRINCIPAL);
- Assert.assertEquals(cname.getNameStrings().size(), 1);
- Assert.assertEquals(cname.getNameStrings().get(0), "u5");
-
- Ticket ticket = asRep.getTicket();
- Assert.assertEquals(ticket.getTktvno(), 5);
- Assert.assertEquals(ticket.getRealm(), "DENYDC.COM");
- PrincipalName sname = ticket.getSname();
- Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_INST);
- Assert.assertEquals(sname.getNameStrings().size(), 2);
- Assert.assertEquals(sname.getNameStrings().get(0), "krbtgt");
- Assert.assertEquals(sname.getNameStrings().get(1), "DENYDC.COM");
- //EncTicketPart encTicketPart = ticket.getEncPart();//FIXME
- //Assert.assertEquals(encTicketPart.getKey().getKvno(), 2);
- //Assert.assertEquals(encTicketPart.getKey().getKeyType().getValue(), 0x0017);
- //TODO decode cinpher
-
- //EncKdcRepPart encKdcRepPart = asRep.getEncPart();//FIXME
- //Assert.assertEquals(encKdcRepPart.getKey().getKeyType().getValue(), 0x0017);
- //Assert.assertEquals(encKdcRepPart.getKey().getKvno(), 7);
- //TODO decode cinpher
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
deleted file mode 100644
index d714291..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.HostAddrType;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.common.NameType;
-import org.apache.kerberos.kerb.spec.kdc.AsReq;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.List;
-import java.util.SimpleTimeZone;
-
-/**
- * Test AsReq message using a real 'correct' network packet captured from MS-AD to detective programming errors
- * and compatibility issues particularly regarding Kerberos crypto.
- */
-public class TestAsReqCodec {
-
- @Test
- public void test() throws IOException, ParseException {
- byte[] bytes = CodecTestUtil.readBinaryFile("/asreq.token");
- ByteBuffer asreqToken = ByteBuffer.wrap(bytes);
-
- AsReq asReq = new AsReq();
- asReq.decode(asreqToken);
-
- Assert.assertEquals(asReq.getPvno(), 5);
- Assert.assertEquals(asReq.getMsgType(), KrbMessageType.AS_REQ);
-
- Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataType(), PaDataType.ENC_TIMESTAMP);
- byte[] paDataEncTimestampValue = Arrays.copyOfRange(bytes, 33, 96);
- byte[] paDataEncTimestampRealValue = asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataValue();
- Assert.assertTrue(Arrays.equals(paDataEncTimestampValue, paDataEncTimestampRealValue));
- Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataType(), PaDataType.PAC_REQUEST);
- byte[] paPacRequestValue = Arrays.copyOfRange(bytes, 108, 115);
- byte[] paPacRequestRealValue = asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataValue();
- Assert.assertTrue(Arrays.equals(paPacRequestValue, paPacRequestRealValue));
-
- Assert.assertEquals(asReq.getReqBody().getKdcOptions().getPadding(), 0);
- Assert.assertTrue(Arrays.equals(asReq.getReqBody().getKdcOptions().getValue(), Arrays.copyOfRange(bytes, 126, 130)));
-
- Assert.assertEquals(asReq.getReqBody().getCname().getNameType(), NameType.NT_PRINCIPAL);
- Assert.assertEquals(asReq.getReqBody().getCname().getName(), "des");
- Assert.assertEquals(asReq.getReqBody().getRealm(), "DENYDC");
- Assert.assertEquals(asReq.getReqBody().getSname().getNameType(), NameType.NT_SRV_INST);
- Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(0), "krbtgt");
- Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(1), "DENYDC");
-
- SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- Date date = sdf.parse("20370913024805");
- Assert.assertEquals(asReq.getReqBody().getTill().getTime(), date.getTime());
- Assert.assertEquals(asReq.getReqBody().getRtime().getTime(), date.getTime());
-
- Assert.assertEquals(asReq.getReqBody().getNonce(), 197451134);
-
- List<EncryptionType> types = asReq.getReqBody().getEtypes();
- Assert.assertEquals(types.get(0).getValue(), 0x0017);
- //Assert.assertEquals(types.get(1).getValue(), 0xff7b);//FIXME
- //Assert.assertEquals(types.get(2).getValue(), 0x0080);//FIXME
- Assert.assertEquals(types.get(3).getValue(), 0x0003);
- Assert.assertEquals(types.get(4).getValue(), 0x0001);
- Assert.assertEquals(types.get(5).getValue(), 0x0018);
- //Assert.assertEquals(types.get(6).getValue(), 0xff79);//FIXME
-
- Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().size(), 1);
- Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().get(0).getAddrType(), HostAddrType.ADDRTYPE_NETBIOS);
- //FIXME net bios name
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
deleted file mode 100644
index 2ffbd72..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
+++ /dev/null
@@ -1,267 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.codec.kerberos.AuthzDataUtil;
-import org.apache.kerberos.kerb.codec.kerberos.KerberosCredentials;
-import org.apache.kerberos.kerb.codec.kerberos.KerberosTicket;
-import org.apache.kerberos.kerb.codec.kerberos.KerberosToken;
-import org.apache.kerberos.kerb.codec.pac.Pac;
-import org.apache.kerberos.kerb.codec.pac.PacLogonInfo;
-import org.apache.kerberos.kerb.codec.pac.PacSid;
-import org.apache.kerberos.kerb.spec.common.AuthorizationData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-public class TestKerberos {
-
- private byte[] rc4Token;
- private byte[] desToken;
- private byte[] aes128Token;
- private byte[] aes256Token;
- private byte[] corruptToken;
- private EncryptionKey rc4Key;
- private EncryptionKey desKey;
- private EncryptionKey aes128Key;
- private EncryptionKey aes256Key;
- private EncryptionKey corruptKey;
-
- @Before
- public void setUp() throws IOException {
- InputStream file;
- byte[] keyData;
-
- file = this.getClass().getClassLoader().getResourceAsStream("rc4-kerberos-data");
- rc4Token = new byte[file.available()];
- file.read(rc4Token);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("des-kerberos-data");
- desToken = new byte[file.available()];
- file.read(desToken);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes128-kerberos-data");
- aes128Token = new byte[file.available()];
- file.read(aes128Token);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes256-kerberos-data");
- aes256Token = new byte[file.available()];
- file.read(aes256Token);
- file.close();
-
- corruptToken = new byte[]{1, 2, 3, 4, 5, 6};
-
- file = this.getClass().getClassLoader().getResourceAsStream("rc4-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- rc4Key = new EncryptionKey(23, keyData, 2);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("des-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- desKey = new EncryptionKey(3, keyData, 2);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes128-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- aes128Key = new EncryptionKey(17, keyData, 2);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes256-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- aes256Key = new EncryptionKey(18, keyData, 2);
- file.close();
-
- corruptKey = new EncryptionKey(23, new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3}, 2);
- }
-
- @Test
- public void testRc4Ticket() throws Exception {
- KerberosToken token = new KerberosToken(rc4Token, rc4Key);
-
- Assert.assertNotNull(token);
- Assert.assertNotNull(token.getApRequest());
-
- KerberosTicket ticket = token.getApRequest().getTicket();
- Assert.assertNotNull(ticket);
- Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
- Assert.assertEquals("user.test", ticket.getUserPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
- }
-
- //@Test
- public void testDesTicket() throws Exception {
- KerberosToken token = new KerberosToken(desToken, desKey);
-
- Assert.assertNotNull(token);
- Assert.assertNotNull(token.getApRequest());
-
- KerberosTicket ticket = token.getApRequest().getTicket();
- Assert.assertNotNull(ticket);
- Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
- Assert.assertEquals("user.test@domain.com", ticket.getUserPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
- }
-
- @Test
- public void testAes128Ticket() throws Exception {
- KerberosToken token = null;
- token = new KerberosToken(aes128Token, aes128Key);
-
- Assert.assertNotNull(token);
- Assert.assertNotNull(token.getApRequest());
-
- KerberosTicket ticket = token.getApRequest().getTicket();
- Assert.assertNotNull(ticket);
- Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
- Assert.assertEquals("user.test", ticket.getUserPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
- }
-
- @Test
- public void testAes256Ticket() throws Exception {
- KerberosToken token = null;
- token = new KerberosToken(aes256Token, aes256Key);
-
- Assert.assertNotNull(token);
- Assert.assertNotNull(token.getApRequest());
-
- KerberosTicket ticket = token.getApRequest().getTicket();
- Assert.assertNotNull(ticket);
- Assert.assertEquals("HTTP/server.test.domain.com", ticket.getServerPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getServerRealm());
- Assert.assertEquals("user.test", ticket.getUserPrincipalName());
- Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
- }
-
- @Test
- public void testCorruptTicket() {
- KerberosToken token = null;
- try {
- token = new KerberosToken(corruptToken, rc4Key);
- Assert.fail("Should have thrown Exception.");
- } catch(Exception e) {
- Assert.assertNotNull(e);
- Assert.assertNull(token);
- }
- }
-
- @Test
- public void testEmptyTicket() {
- KerberosToken token = null;
- try {
- token = new KerberosToken(new byte[0], rc4Key);
- Assert.fail("Should have thrown Exception.");
- } catch(Exception e) {
- Assert.assertNotNull(e);
- Assert.assertNull(token);
- }
- }
-
- @Test
- public void testNullTicket() throws Exception {
- KerberosToken token = null;
- try {
- token = new KerberosToken(null, rc4Key);
- Assert.fail("Should have thrown NullPointerException.");
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- } catch(NullPointerException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(token);
- }
- }
-
- @Test
- public void testCorruptKey() {
- KerberosToken token = null;
- try {
- token = new KerberosToken(rc4Token, corruptKey);
- Assert.fail("Should have thrown Exception.");
- } catch(Exception e) {
- Assert.assertNotNull(e);
- Assert.assertNull(token);
- }
- }
-
- @Test
- public void testNoMatchingKey() {
- KerberosToken token = null;
- try {
- token = new KerberosToken(rc4Token, desKey);
- Assert.fail("Should have thrown Exception.");
- } catch(Exception e) {
- Assert.assertNotNull(e);
- Assert.assertNull(token);
- }
- }
-
- @Test
- public void testKerberosPac() throws Exception {
- KerberosToken token = new KerberosToken(rc4Token, rc4Key);
-
- Assert.assertNotNull(token);
- Assert.assertNotNull(token.getApRequest());
-
- KerberosTicket ticket = token.getApRequest().getTicket();
- Assert.assertNotNull(ticket);
-
- AuthorizationData authzData = ticket.getAuthorizationData();
- Assert.assertNotNull(authzData);
- Assert.assertTrue(authzData.getElements().size() > 0);
-
- EncryptionType eType = ticket.getTicket().getEncPart().getKey().getKeyType();
- Pac pac = AuthzDataUtil.getPac(authzData,
- KerberosCredentials.getServerKey(eType).getKeyData());
- Assert.assertNotNull(pac);
-
- PacLogonInfo logonInfo = pac.getLogonInfo();
- Assert.assertNotNull(logonInfo);
-
- List<String> sids = new ArrayList<String>();
- if(logonInfo.getGroupSid() != null)
- sids.add(logonInfo.getGroupSid().toString());
- for(PacSid pacSid : logonInfo.getGroupSids())
- sids.add(pacSid.toString());
- for(PacSid pacSid : logonInfo.getExtraSids())
- sids.add(pacSid.toString());
- for(PacSid pacSid : logonInfo.getResourceGroupSids())
- sids.add(pacSid.toString());
-
- Assert.assertEquals(ticket.getUserPrincipalName(), logonInfo.getUserName());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestPac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestPac.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestPac.java
deleted file mode 100644
index 5ee282f..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestPac.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.codec.pac.Pac;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public class TestPac {
-
- private byte[] rc4Data;
- private byte[] desData;
- private byte[] corruptData;
- private byte[] rc4Key;
- private byte[] desKey;
- private byte[] corruptKey;
-
- @Before
- public void setUp() throws IOException {
- InputStream file;
- byte[] keyData;
-
- file = this.getClass().getClassLoader().getResourceAsStream("rc4-pac-data");
- rc4Data = new byte[file.available()];
- file.read(rc4Data);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("des-pac-data");
- desData = new byte[file.available()];
- file.read(desData);
- file.close();
-
- corruptData = new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3};
-
- file = this.getClass().getClassLoader().getResourceAsStream("rc4-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- rc4Key = keyData;
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("des-key-data");
- keyData = new byte[file.available()];
- file.read(keyData);
- desKey = keyData;
- file.close();
-
- corruptKey = new byte[]{5, 4, 2, 1, 5, 4, 2, 1, 3};
- }
-
- @Test
- public void testRc4Pac() throws KrbException {
- Pac pac = new Pac(rc4Data, rc4Key);
-
- Assert.assertNotNull(pac);
- Assert.assertNotNull(pac.getLogonInfo());
-
- Assert.assertEquals("user.test", pac.getLogonInfo().getUserName());
- Assert.assertEquals("User Test", pac.getLogonInfo().getUserDisplayName());
- Assert.assertEquals(0, pac.getLogonInfo().getBadPasswordCount());
- Assert.assertEquals(32, pac.getLogonInfo().getUserFlags());
- Assert.assertEquals(46, pac.getLogonInfo().getLogonCount());
- Assert.assertEquals("DOMAIN", pac.getLogonInfo().getDomainName());
- Assert.assertEquals("WS2008", pac.getLogonInfo().getServerName());
- }
-
- @Test
- public void testDesPac() throws KrbException {
- Pac pac = new Pac(desData, desKey);
-
- Assert.assertNotNull(pac);
- Assert.assertNotNull(pac.getLogonInfo());
-
- Assert.assertEquals("user.test", pac.getLogonInfo().getUserName());
- Assert.assertEquals("User Test", pac.getLogonInfo().getUserDisplayName());
- Assert.assertEquals(0, pac.getLogonInfo().getBadPasswordCount());
- Assert.assertEquals(32, pac.getLogonInfo().getUserFlags());
- Assert.assertEquals(48, pac.getLogonInfo().getLogonCount());
- Assert.assertEquals("DOMAIN", pac.getLogonInfo().getDomainName());
- Assert.assertEquals("WS2008", pac.getLogonInfo().getServerName());
- }
-
- @Test
- public void testCorruptPac() {
- Pac pac = null;
- try {
- pac = new Pac(corruptData, rc4Key);
- Assert.fail("Should have thrown KrbException.");
- } catch(KrbException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(pac);
- }
- }
-
- @Test
- public void testEmptyPac() {
- Pac pac = null;
- try {
- pac = new Pac(new byte[0], rc4Key);
- Assert.fail("Should have thrown KrbException.");
- } catch(KrbException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(pac);
- }
- }
-
- @Test
- public void testNullPac() {
- Pac pac = null;
- try {
- pac = new Pac(null, rc4Key);
- Assert.fail("Should have thrown NullPointerException.");
- } catch(KrbException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- } catch(NullPointerException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(pac);
- }
- }
-
- @Test
- public void testCorruptKey() {
- Pac pac = null;
- try {
- pac = new Pac(rc4Data, corruptKey);
- Assert.fail("Should have thrown KrbException.");
- } catch(KrbException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(pac);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestSpnego.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestSpnego.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestSpnego.java
deleted file mode 100644
index e6b7998..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestSpnego.java
+++ /dev/null
@@ -1,172 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.codec.spnego.SpnegoConstants;
-import org.apache.kerberos.kerb.codec.spnego.SpnegoInitToken;
-import org.apache.kerberos.kerb.codec.spnego.SpnegoToken;
-import org.junit.Assert;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public class TestSpnego {
-
- private byte[] rc4Token;
- private byte[] desToken;
- private byte[] aes128Token;
- private byte[] aes256Token;
- private byte[] corruptToken;
-
- //@Before
- public void setUp() throws IOException {
- InputStream file;
-
- file = this.getClass().getClassLoader().getResourceAsStream("rc4-spnego-data");
- rc4Token = new byte[file.available()];
- file.read(rc4Token);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("des-spnego-data");
- desToken = new byte[file.available()];
- file.read(desToken);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes128-spnego-data");
- aes128Token = new byte[file.available()];
- file.read(aes128Token);
- file.close();
-
- file = this.getClass().getClassLoader().getResourceAsStream("aes256-spnego-data");
- aes256Token = new byte[file.available()];
- file.read(aes256Token);
- file.close();
-
- corruptToken = new byte[]{5, 4, 2, 1};
- }
-
- //@Test
- public void testRc4Token() {
- try {
- SpnegoToken spnegoToken = SpnegoToken.parse(rc4Token);
-
- Assert.assertNotNull(spnegoToken);
- Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
- Assert.assertNotNull(spnegoToken.getMechanismToken());
- Assert.assertTrue(spnegoToken.getMechanismToken().length < rc4Token.length);
- Assert.assertNotNull(spnegoToken.getMechanism());
- Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- }
- }
-
- //@Test
- public void testDesToken() {
- try {
- SpnegoToken spnegoToken = SpnegoToken.parse(desToken);
-
- Assert.assertNotNull(spnegoToken);
- Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
- Assert.assertNotNull(spnegoToken.getMechanismToken());
- Assert.assertTrue(spnegoToken.getMechanismToken().length < desToken.length);
- Assert.assertNotNull(spnegoToken.getMechanism());
- Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- }
- }
-
- //@Test
- public void testAes128Token() {
- try {
- SpnegoToken spnegoToken = SpnegoToken.parse(aes128Token);
-
- Assert.assertNotNull(spnegoToken);
- Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
- Assert.assertNotNull(spnegoToken.getMechanismToken());
- Assert.assertTrue(spnegoToken.getMechanismToken().length < aes128Token.length);
- Assert.assertNotNull(spnegoToken.getMechanism());
- Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- }
- }
-
- //@Test
- public void testAes256Token() {
- try {
- SpnegoToken spnegoToken = SpnegoToken.parse(aes256Token);
-
- Assert.assertNotNull(spnegoToken);
- Assert.assertTrue(spnegoToken instanceof SpnegoInitToken);
- Assert.assertNotNull(spnegoToken.getMechanismToken());
- Assert.assertTrue(spnegoToken.getMechanismToken().length < aes256Token.length);
- Assert.assertNotNull(spnegoToken.getMechanism());
- Assert.assertEquals(SpnegoConstants.LEGACY_KERBEROS_MECHANISM, spnegoToken.getMechanism());
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- }
- }
-
- //@Test
- public void testEmptyToken() {
- SpnegoToken spnegoToken = null;
- try {
- spnegoToken = SpnegoToken.parse(new byte[0]);
- Assert.fail("Should have thrown DecodingException.");
- } catch(IOException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(spnegoToken);
- }
- }
-
- //@Test
- public void testCorruptToken() {
- SpnegoToken spnegoToken = null;
- try {
- spnegoToken = SpnegoToken.parse(corruptToken);
- Assert.fail("Should have thrown DecodingException.");
- } catch(IOException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(spnegoToken);
- }
- }
-
- //@Test
- public void testNullToken() {
- SpnegoToken spnegoToken = null;
- try {
- spnegoToken = SpnegoToken.parse(null);
- Assert.fail("Should have thrown NullPointerException.");
- } catch(IOException e) {
- e.printStackTrace();
- Assert.fail(e.getMessage());
- } catch(NullPointerException e) {
- Assert.assertNotNull(e);
- Assert.assertNull(spnegoToken);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsRepCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsRepCodec.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsRepCodec.java
deleted file mode 100644
index 21cc684..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsRepCodec.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.common.NameType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.TgsRep;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-
-/**
- * Test TgsRep message using a real 'correct' network packet captured from MS-AD to detective programming errors
- * and compatibility issues particularly regarding Kerberos crypto.
- */
-public class TestTgsRepCodec {
-
- @Test
- public void test() throws IOException {
- byte[] bytes = CodecTestUtil.readBinaryFile("/tgsrep.token");
- TgsRep tgsRep = new TgsRep();
- tgsRep.decode(bytes);
-
- Assert.assertEquals(tgsRep.getPvno(), 5);
- Assert.assertEquals(tgsRep.getMsgType(), KrbMessageType.TGS_REP);
- Assert.assertEquals(tgsRep.getCrealm(), "DENYDC.COM");
-
- PrincipalName cname = tgsRep.getCname();
- Assert.assertEquals(cname.getNameType(), NameType.NT_PRINCIPAL);
- Assert.assertEquals(cname.getNameStrings().size(), 1);
- Assert.assertEquals(cname.getNameStrings().iterator().next(), "des");
-
- Ticket ticket = tgsRep.getTicket();
- Assert.assertEquals(ticket.getTktvno(), 5);
- Assert.assertEquals(ticket.getRealm(), "DENYDC.COM");
- PrincipalName sname = ticket.getSname();
- Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_HST);
- Assert.assertEquals(sname.getNameStrings().size(), 2);
- Assert.assertEquals(sname.getNameStrings().get(0), "host");
- Assert.assertEquals(sname.getNameStrings().get(1), "xp1.denydc.com");
- //EncTicketPart encTicketPart = ticket.getEncPart();//FIXME null pointer!!
- //Assert.assertEquals(encTicketPart.getKey().getKeyType().getValue(), 23);
- //Assert.assertEquals(encTicketPart.getKey().getKvno(), 2);
- //TODO decode cipher
-
- //EncKdcRepPart encKdcRepPart = tgsRep.getEncPart();//FIXME null pointer!!
- //Assert.assertEquals(encKdcRepPart.getKey().getKeyType().getValue(), 3);
- //TODO decode cinpher
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsReqCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsReqCodec.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsReqCodec.java
deleted file mode 100644
index 4b2d20b..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestTgsReqCodec.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.test;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.common.NameType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.kdc.KdcReqBody;
-import org.apache.kerberos.kerb.spec.kdc.TgsReq;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.List;
-import java.util.SimpleTimeZone;
-
-/**
- * Test TgsReq message using a real 'correct' network packet captured from MS-AD to detective programming errors
- * and compatibility issues particularly regarding Kerberos crypto.
- */
-public class TestTgsReqCodec {
-
- @Test
- public void test() throws IOException, ParseException {
- byte[] bytes = CodecTestUtil.readBinaryFile("/tgsreq.token");
- TgsReq tgsReq = new TgsReq();
- tgsReq.decode(bytes);
-
- Assert.assertEquals(tgsReq.getPvno(), 5);
- Assert.assertEquals(tgsReq.getMsgType(), KrbMessageType.TGS_REQ);
-
- PaData paData = tgsReq.getPaData();
- Assert.assertEquals(paData.getElements().size(), 1);
- PaDataEntry entry = paData.getElements().iterator().next();
- Assert.assertEquals(entry.getPaDataType(), PaDataType.TGS_REQ);
- //TODO Decode:padata-value
-
- //request body
- KdcReqBody body = tgsReq.getReqBody();
- Assert.assertEquals(body.getKdcOptions().getPadding(), 0);
- byte[] kdcOptionsValue = {64, (byte) 128, 0, 0};
- Assert.assertTrue(Arrays.equals(body.getKdcOptions().getValue(), kdcOptionsValue));
-
- Assert.assertEquals(body.getRealm(), "DENYDC.COM");
-
- PrincipalName sname = body.getSname();
- Assert.assertEquals(sname.getNameType(), NameType.NT_SRV_HST);
- Assert.assertEquals(sname.getNameStrings().size(), 2);
- Assert.assertEquals(sname.getNameStrings().get(0), "host");
- Assert.assertEquals(sname.getNameStrings().get(1), "xp1.denydc.com");
-
- SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- Date date = sdf.parse("20370913024805");
- Assert.assertEquals(tgsReq.getReqBody().getTill().getTime(), date.getTime());
-
- Assert.assertEquals(body.getNonce(), 197296424);
-
- List<EncryptionType> eTypes = body.getEtypes();
- Assert.assertEquals(eTypes.size(), 7);
- Assert.assertEquals(eTypes.get(0).getValue(), 23);
- //Assert.assertEquals(eTypes.get(1).getValue(), -133);//FIXME
- //Assert.assertEquals(eTypes.get(2).getValue(), -128);//FIXME
- Assert.assertEquals(eTypes.get(3).getValue(), 3);
- Assert.assertEquals(eTypes.get(4).getValue(), 1);
- Assert.assertEquals(eTypes.get(5).getValue(), 24);
- //Assert.assertEquals(eTypes.get(6).getValue(), -135);//FIXME
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/pom.xml b/haox-kerb/kerb-core/pom.xml
deleted file mode 100644
index b448fa4..0000000
--- a/haox-kerb/kerb-core/pom.xml
+++ /dev/null
@@ -1,37 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-core</artifactId>
-
- <name>Haox-kerb core</name>
- <description>Haox-kerb core facilities</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-asn1</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
-
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
deleted file mode 100644
index 386911e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-public interface KrbConstant {
- public final static int KRB_V5 = 5;
-
- public final static String TGS_PRINCIPAL = "krbtgt";
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
deleted file mode 100644
index 0d1269c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum KrbErrorCode implements KrbEnum {
- KDC_ERR_NONE(0, "No error"),
- KDC_ERR_NAME_EXP(1, "Client's entry in database has expired"),
- KDC_ERR_SERVICE_EXP(2, "Server's entry in database has expired"),
- KDC_ERR_BAD_PVNO(3, "Requested protocol version number not supported"),
- KDC_ERR_C_OLD_MAST_KVNO(4, "Client's key encrypted in old master key"),
- KDC_ERR_S_OLD_MAST_KVNO(5, "Server's key encrypted in old master key"),
- KDC_ERR_C_PRINCIPAL_UNKNOWN(6, "Client not found in Kerberos database"),
- KDC_ERR_S_PRINCIPAL_UNKNOWN(7, "Server not found in Kerberos database"),
- KDC_ERR_PRINCIPAL_NOT_UNIQUE(8, "Multiple principal entries in database"),
- KDC_ERR_NULL_KEY(9, "The client or server has a null key"),
- KDC_ERR_CANNOT_POSTDATE(10, "Ticket not eligible for postdating"),
- KDC_ERR_NEVER_VALID(11, "Requested start time is later than end time"),
- KDC_ERR_POLICY(12, "KDC policy rejects request"),
- KDC_ERR_BADOPTION(13, "KDC cannot accommodate requested option"),
- KDC_ERR_ETYPE_NOSUPP(14, "KDC has no support for encryption type"),
- KDC_ERR_SUMTYPE_NOSUPP(15, "KDC has no support for checksum type"),
- KDC_ERR_PADATA_TYPE_NOSUPP(16, "KDC has no support for padata type"),
- KDC_ERR_TRTYPE_NOSUPP(17, "KDC has no support for transited type"),
- KDC_ERR_CLIENT_REVOKED(18, "Clients credentials have been revoked"),
- KDC_ERR_SERVICE_REVOKED(19, "Credentials for server have been revoked"),
- KDC_ERR_TGT_REVOKED(20, "TGT has been revoked"),
- KDC_ERR_CLIENT_NOTYET(21, "Client not yet valid; try again later"),
- KDC_ERR_SERVICE_NOTYET(22, "Server not yet valid; try again later"),
- KDC_ERR_KEY_EXPIRED(23, "Password has expired; change password to reset"),
- KDC_ERR_PREAUTH_FAILED(24, "Pre-authentication information was invalid"),
- KDC_ERR_PREAUTH_REQUIRED(25, "Additional pre-authentication required"),
- KDC_ERR_SERVER_NOMATCH(26, "Requested server and ticket don't match"),
- KDC_ERR_MUST_USE_USER2USER(27, "Server valid for user2user only"),
- KDC_ERR_PATH_NOT_ACCEPTED(28, "KDC Policy rejects transited path"),
- KDC_ERR_SVC_UNAVAILABLE(29, "A service is not available"),
- KRB_AP_ERR_BAD_INTEGRITY(31, "Integrity check on decrypted field failed"),
- KRB_AP_ERR_TKT_EXPIRED(32, "Ticket expired"),
- KRB_AP_ERR_TKT_NYV(33, "Ticket not yet valid"),
- KRB_AP_ERR_REPEAT(34, "Request is a replay"),
- KRB_AP_ERR_NOT_US(35, "The ticket isn't for us"),
- KRB_AP_ERR_BADMATCH(36, "Ticket and authenticator don't match"),
- KRB_AP_ERR_SKEW(37, "Clock skew too great"),
- KRB_AP_ERR_BADADDR(38, "Incorrect net address"),
- KRB_AP_ERR_BADVERSION(39, "Protocol version mismatch"),
- KRB_AP_ERR_MSG_TYPE(40, "Invalid msg type"),
- KRB_AP_ERR_MODIFIED(41, "Message stream modified"),
- KRB_AP_ERR_BADORDER(42, "Message out of order"),
- KRB_AP_ERR_BADKEYVER(44, "Specified version of key is not available"),
- KRB_AP_ERR_NOKEY(45, "Service key not available"),
- KRB_AP_ERR_MUT_FAIL(46, "Mutual authentication failed"),
- KRB_AP_ERR_BADDIRECTION(47, "Incorrect message direction"),
- KRB_AP_ERR_METHOD(48, "Alternative authentication method required"),
- KRB_AP_ERR_BADSEQ(49, "Incorrect sequence number in message"),
- KRB_AP_ERR_INAPP_CKSUM(50, "Inappropriate type of checksum in message"),
- KRB_AP_PATH_NOT_ACCEPTED(51, "Policy rejects transited path"),
- RESPONSE_TOO_BIG(52, "Response too big for UDP; retry with TCP"),
- KRB_ERR_GENERIC(60, "Generic error (description in e-text)"),
- FIELD_TOOLONG(61, "Field is too long for this implementation"),
- KDC_ERR_CLIENT_NOT_TRUSTED(62, "Client is not trusted"),
- KDC_NOT_TRUSTED(63, "KDC is not trusted"),
- KDC_ERR_INVALID_SIG(64, "Signature is invalid"),
- KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED(65, "Diffie-Hellman (DH) key parameters not accepted."),
- CERTIFICATE_MISMATCH(66, "Certificates do not match"),
- KRB_AP_ERR_NO_TGT(67, "No TGT available to validate USER-TO-USER"),
- WRONG_REALM(68, "Wrong realm"),
- KRB_AP_ERR_USER_TO_USER_REQUIRED(69, "Ticket must be for USER-TO-USER"),
- KDC_ERR_CANT_VERIFY_CERTIFICATE(70, "Can't verify certificate"),
- KDC_ERR_INVALID_CERTIFICATE(71, "Invalid certificate"),
- KDC_ERR_REVOKED_CERTIFICATE(72, "Revoked certificate"),
- KDC_ERR_REVOCATION_STATUS_UNKNOWN(73, "Revocation status unknown"),
- REVOCATION_STATUS_UNAVAILABLE(74, "Revocation status unavailable"),
- KDC_ERR_CLIENT_NAME_MISMATCH(75, "Client names do not match"),
- KDC_NAME_MISMATCH(76, "KDC names do not match"),
- KDC_ERR_INCONSISTENT_KEY_PURPOSE(77, "Inconsistent key purpose"),
- KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED(78, "Digest in certificate not accepted"),
- KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED(79, "PA checksum must be included"),
- KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED(80, "Digest in signed data not accepted"),
- KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED(81, "Public key encryption not supported"),
-
- KRB_TIMEOUT(5000, "Network timeout");
-
- private final int value;
- private final String message;
-
- private KrbErrorCode(int value, String message) {
- this.value = value;
- this.message = message;
- }
-
- public static KrbErrorCode fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (KrbErrorCode) e;
- }
- }
- }
-
- return KRB_ERR_GENERIC;
- }
-
- public int getValue() {
- return value;
- }
-
- public String getMessage() {
- return message;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
deleted file mode 100644
index 62b2ba0..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-import org.apache.kerberos.kerb.spec.common.KrbError;
-
-public class KrbErrorException extends KrbException {
- private KrbError krbError;
-
- public KrbErrorException(KrbError krbError) {
- super(krbError.getErrorCode().getMessage());
- this.krbError = krbError;
- }
-
- public KrbError getKrbError() {
- return krbError;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
deleted file mode 100644
index 4d12b6e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb;
-
-public class KrbException extends Exception {
-
- public KrbException(String message) {
- super(message);
- }
-
- public KrbException(String message, Throwable cause) {
- super(message, cause);
- }
-
- public KrbException(KrbErrorCode errorCode) {
- super(errorCode.getMessage());
- }
-
- public KrbException(KrbErrorCode errorCode, Throwable cause) {
- super(errorCode.getMessage(), cause);
- }
-
- public KrbException(KrbErrorCode errorCode, String message) {
- super(message + " with error code: " + errorCode.name());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
deleted file mode 100644
index a17f9c2..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.type.AbstractAsn1Type;
-import org.apache.haox.asn1.type.Asn1Type;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.ap.ApReq;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.kdc.AsRep;
-import org.apache.kerberos.kerb.spec.kdc.AsReq;
-import org.apache.kerberos.kerb.spec.kdc.TgsRep;
-import org.apache.kerberos.kerb.spec.kdc.TgsReq;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class KrbCodec {
-
- public static byte[] encode(Asn1Type krbObj) throws KrbException {
- return krbObj.encode();
- }
-
- public static <T extends Asn1Type> T decode(byte[] content, Class<T> krbType) throws KrbException {
- return decode(ByteBuffer.wrap(content), krbType);
- }
-
- public static <T extends Asn1Type> T decode(ByteBuffer content, Class<T> krbType) throws KrbException {
- Asn1Type implObj = null;
- try {
- implObj = krbType.newInstance();
- } catch (Exception e) {
- throw new KrbException("Decoding failed", e);
- }
-
- try {
- implObj.decode(content);
- } catch (IOException e) {
- throw new KrbException("Decoding failed", e);
- }
-
- return (T) implObj;
- }
-
- public static KrbMessage decodeMessage(ByteBuffer byteBuffer) throws IOException {
- LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(byteBuffer);
- int tag = AbstractAsn1Type.readTag(limitedBuffer);
- int tagNo = AbstractAsn1Type.readTagNo(limitedBuffer, tag);
- int length = AbstractAsn1Type.readLength(limitedBuffer);
- LimitedByteBuffer valueBuffer = new LimitedByteBuffer(limitedBuffer, length);
-
- KrbMessage msg = null;
- KrbMessageType msgType = KrbMessageType.fromValue(tagNo);
- if (msgType == KrbMessageType.TGS_REQ) {
- msg = new TgsReq();
- } else if (msgType == KrbMessageType.AS_REP) {
- msg = new AsRep();
- } else if (msgType == KrbMessageType.AS_REQ) {
- msg = new AsReq();
- } else if (msgType == KrbMessageType.TGS_REP) {
- msg = new TgsRep();
- } else if (msgType == KrbMessageType.AP_REQ) {
- msg = new ApReq();
- } else if (msgType == KrbMessageType.AP_REP) {
- msg = new ApReq();
- } else {
- throw new IOException("To be supported krb message type with tag: " + tag);
- }
- msg.decode(tag, tagNo, valueBuffer);
-
- return msg;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
deleted file mode 100644
index d675e94..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1GeneralString;
-
-/**
- KerberosString ::= GeneralString -- (IA5String)
- */
-public class KerberosString extends Asn1GeneralString {
- public KerberosString() {
- }
-
- public KerberosString(String value) {
- super(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
deleted file mode 100644
index 31b5e32..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec;
-
-import java.util.List;
-
-public class KerberosStrings extends KrbSequenceOfType<KerberosString> {
-
- public KerberosStrings() {
- super();
- }
-
- public KerberosStrings(List<String> strings) {
- super();
- setValues(strings);
- }
-
- public void setValues(List<String> values) {
- clear();
- if (values != null) {
- for (String value : values) {
- addElement(new KerberosString(value));
- }
- }
- }
-}
[33/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
deleted file mode 100644
index 1c66e9c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
+++ /dev/null
@@ -1,166 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-
-/**
- KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
- pvno [0] INTEGER (5),
- msg-type [1] INTEGER (30),
- ctime [2] KerberosTime OPTIONAL,
- cusec [3] Microseconds OPTIONAL,
- stime [4] KerberosTime,
- susec [5] Microseconds,
- error-code [6] Int32,
- crealm [7] Realm OPTIONAL,
- cname [8] PrincipalName OPTIONAL,
- realm [9] Realm -- service realm --,
- sname [10] PrincipalName -- service name --,
- e-text [11] KerberosString OPTIONAL,
- e-data [12] OCTET STRING OPTIONAL
- }
- */
-public class KrbError extends KrbMessage {
- private static int CTIME = 2;
- private static int CUSEC = 3;
- private static int STIME = 4;
- private static int SUSEC = 5;
- private static int ERROR_CODE = 6;
- private static int CREALM = 7;
- private static int CNAME = 8;
- private static int REALM = 9;
- private static int SNAME = 10;
- private static int ETEXT = 11;
- private static int EDATA = 12;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PVNO, Asn1Integer.class),
- new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(CTIME, KerberosTime.class),
- new Asn1FieldInfo(CUSEC, Asn1Integer.class),
- new Asn1FieldInfo(STIME, KerberosTime.class),
- new Asn1FieldInfo(SUSEC, Asn1Integer.class),
- new Asn1FieldInfo(ERROR_CODE, Asn1Integer.class),
- new Asn1FieldInfo(CREALM, KerberosString.class),
- new Asn1FieldInfo(CNAME, PrincipalName.class),
- new Asn1FieldInfo(REALM, KerberosString.class),
- new Asn1FieldInfo(SNAME, PrincipalName.class),
- new Asn1FieldInfo(ETEXT, KerberosString.class),
- new Asn1FieldInfo(EDATA, Asn1OctetString.class)
- };
-
- public KrbError() {
- super(KrbMessageType.KRB_ERROR, fieldInfos);
- }
-
- public KerberosTime getCtime() {
- return getFieldAs(CTIME, KerberosTime.class);
- }
-
- public void setCtime(KerberosTime ctime) {
- setFieldAs(CTIME, ctime);
- }
-
- public int getCusec() {
- return getFieldAsInt(CUSEC);
- }
-
- public void setCusec(int cusec) {
- setFieldAsInt(0, cusec);
- }
-
- public KerberosTime getStime() {
- return getFieldAs(STIME, KerberosTime.class);
- }
-
- public void setStime(KerberosTime stime) {
- setFieldAs(STIME, stime);
- }
-
- public int getSusec() {
- return getFieldAsInt(SUSEC);
- }
-
- public void setSusec(int susec) {
- setFieldAsInt(0, susec);
- }
-
- public KrbErrorCode getErrorCode() {
- return KrbErrorCode.fromValue(getFieldAsInt(ERROR_CODE));
- }
-
- public void setErrorCode(KrbErrorCode errorCode) {
- setField(0, errorCode);
- }
-
- public String getCrealm() {
- return getFieldAsString(CREALM);
- }
-
- public void setCrealm(String realm) {
- setFieldAs(CREALM, new KerberosString(realm));
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName sname) {
- setFieldAs(CNAME, sname);
- }
-
- public PrincipalName getSname() {
- return getFieldAs(SNAME, PrincipalName.class);
- }
-
- public void setSname(PrincipalName sname) {
- setFieldAs(SNAME, sname);
- }
-
- public String getRealm() {
- return getFieldAsString(REALM);
- }
-
- public void setRealm(String realm) {
- setFieldAs(REALM, new KerberosString(realm));
- }
-
- public String getEtext() {
- return getFieldAsString(ETEXT);
- }
-
- public void setEtext(String realm) {
- setFieldAs(ETEXT, new KerberosString(realm));
- }
-
- public byte[] getEdata() {
- return getFieldAsOctetBytes(EDATA);
- }
-
- public void setEdata(byte[] edata) {
- setFieldAsOctetBytes(EDATA, edata);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
deleted file mode 100644
index 51b36ce..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1BitString;
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-import java.io.IOException;
-
-/**
- KrbFlags ::= BIT STRING (SIZE (32..MAX))
- -- minimum number of bits shall be sent,
- -- but no fewer than 32
- */
-public class KrbFlags extends Asn1BitString {
- private static final int MAX_SIZE = 32;
- private int flags;
-
- public KrbFlags() {
- this(0);
- }
-
- public KrbFlags(int value) {
- super();
- setFlags(value);
- }
-
- public void setFlags(int flags) {
- this.flags = flags;
- flags2Value();
- }
-
- public int getFlags() {
- return flags;
- }
-
- public boolean isFlagSet(int flag) {
- return (flags & (1 << flagPos(flag))) != 0;
- }
-
- public void setFlag(int flag) {
- int newFlags = flags | 1 << flagPos(flag);
- setFlags(newFlags);
- }
-
- public void clearFlag(int flag) {
- int newFlags = flags & ~(1 << flagPos(flag));
- setFlags(newFlags);
- }
-
- public void clear() {
- setFlags(0);
- }
-
- public boolean isFlagSet(KrbEnum flag) {
- return isFlagSet(flag.getValue());
- }
-
- public void setFlag(KrbEnum flag) {
- setFlag(flag.getValue());
- }
-
- public void setFlag(KrbEnum flag, boolean isSet) {
- if (isSet) {
- setFlag(flag.getValue());
- } else {
- clearFlag(flag);
- }
- }
-
- public void clearFlag(KrbEnum flag) {
- clearFlag(flag.getValue());
- }
-
- private int flagPos(int flag) {
- return MAX_SIZE - 1 - flag;
- }
-
- private void flags2Value() {
- byte[] bytes = new byte[4];
- bytes[0] = (byte) (flags >> 24);
- bytes[1] = (byte) ((flags >> 16) & 0xFF);
- bytes[2] = (byte) ((flags >> 8) & 0xFF);
- bytes[3] = (byte) (flags & 0xFF);
-
- setValue(bytes);
- }
-
- @Override
- protected void toValue() throws IOException {
- super.toValue();
-
- if (getPadding() != 0 || getValue().length != 4) {
- throw new IOException("Bad bitstring decoded as invalid krb flags");
- }
-
- byte[] valueBytes = getValue();
- flags = ((valueBytes[0] & 0xFF) << 24) | ((valueBytes[1] & 0xFF) << 16) |
- ((valueBytes[2] & 0xFF) << 8) | (0xFF & valueBytes[3]);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
deleted file mode 100644
index 16344a8..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.KrbConstant;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-
-public abstract class KrbMessage extends KrbAppSequenceType {
- protected static int PVNO = 0;
- protected static int MSG_TYPE = 1;
-
- private final int pvno = KrbConstant.KRB_V5;
-
- public KrbMessage(KrbMessageType msgType, Asn1FieldInfo[] fieldInfos) {
- super(msgType.getValue(), fieldInfos);
- setPvno(pvno);
- setMsgType(msgType);
- }
-
- public int getPvno() {
- return pvno;
- }
-
- protected void setPvno(int pvno) {
- setFieldAsInt(0, pvno);
- }
-
- public KrbMessageType getMsgType() {
- Integer value = getFieldAsInteger(MSG_TYPE);
- return KrbMessageType.fromValue(value);
- }
-
- public void setMsgType(KrbMessageType msgType) {
- setFieldAsInt(MSG_TYPE, msgType.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
deleted file mode 100644
index 97ff22c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum KrbMessageType implements KrbEnum {
- NONE(-1),
- AS_REQ(10),
- AS_REP(11),
- TGS_REQ(12),
- TGS_REP(13),
- AP_REQ(14),
- AP_REP(15),
- KRB_SAFE(20),
- KRB_PRIV(21),
- KRB_CRED(22),
- KRB_ERROR(30);
-
- private int value;
-
- private KrbMessageType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static KrbMessageType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (KrbMessageType) e;
- }
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
deleted file mode 100644
index fe84e42..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.nio.ByteBuffer;
-import java.util.Map;
-
-/**
- KRB-TOKEN_VALUE ::= SEQUENCE {
- token-format [0] INTEGER,
- token-value [1] OCTET STRING,
- }
- */
-public class KrbToken extends KrbSequenceType {
- private static KrbTokenEncoder tokenEncoder;
-
- private static int TOKEN_FORMAT = 0;
- private static int TOKEN_VALUE = 1;
-
- private Map<String, Object> attributes;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TOKEN_FORMAT, 0, Asn1Integer.class),
- new Asn1FieldInfo(TOKEN_VALUE, 1, Asn1OctetString.class)
- };
-
- public KrbToken() {
- super(fieldInfos);
- }
-
- @Override
- public void encode(ByteBuffer buffer) {
- setTokenValue(tokenEncoder.encode(this));
- super.encode(buffer);
- }
-
- /*
- @Override
- public void decode(ByteBuffer content) throws IOException {
- super.decode(content);
- this.attributes = tokenEncoder.decode(this);
- }
- */
-
- public static void setTokenEncoder(KrbTokenEncoder encoder) {
- tokenEncoder = encoder;
- }
-
- public TokenFormat getTokenFormat() {
- Integer value = getFieldAsInteger(TOKEN_FORMAT);
- return TokenFormat.fromValue(value);
- }
-
- public void setTokenFormat(TokenFormat tokenFormat) {
- setFieldAsInt(TOKEN_FORMAT, tokenFormat.getValue());
- }
-
- public byte[] getTokenValue() {
- return getFieldAsOctets(TOKEN_VALUE);
- }
-
- public void setTokenValue(byte[] tokenValue) {
- setFieldAsOctets(TOKEN_VALUE, tokenValue);
- }
-
- public Map<String, Object> getAttributes() {
- if (attributes == null) {
- this.attributes = tokenEncoder.decode(this);
- }
- return attributes;
- }
-
- public String getPrincipal() {
- return (String) attributes.get("sub");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
deleted file mode 100644
index e9053af..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import java.util.Map;
-
-public interface KrbTokenEncoder {
-
- public byte[] encode(KrbToken token);
- public Map<String, Object> decode(KrbToken token);
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
deleted file mode 100644
index cf00b74..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- LastReq ::= SEQUENCE OF SEQUENCE {
- lr-type [0] Int32,
- lr-value [1] KerberosTime
- }
- */
-public class LastReq extends KrbSequenceOfType<LastReqEntry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
deleted file mode 100644
index e4a8534..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- LastReq ::= SEQUENCE OF SEQUENCE {
- lr-type [0] Int32,
- lr-value [1] KerberosTime
- }
- */
-public class LastReqEntry extends KrbSequenceType {
- private static int LR_TYPE = 0;
- private static int LR_VALUE = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(LR_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(LR_VALUE, 1, KerberosTime.class)
- };
-
- public LastReqEntry() {
- super(fieldInfos);
- }
-
- public LastReqType getLrType() {
- Integer value = getFieldAsInteger(LR_TYPE);
- return LastReqType.fromValue(value);
- }
-
- public void setLrType(LastReqType lrType) {
- setFieldAsInt(LR_TYPE, lrType.getValue());
- }
-
- public KerberosTime getLrValue() {
- return getFieldAs(LR_VALUE, KerberosTime.class);
- }
-
- public void setLrValue(KerberosTime lrValue) {
- setFieldAs(LR_VALUE, lrValue);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
deleted file mode 100644
index e3140f9..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum LastReqType implements KrbEnum {
- NONE(0),
- ALL_LAST_TGT(1),
- THE_LAST_TGT(-1),
- ALL_LAST_INITIAL(2),
- THE_LAST_INITIAL(-2),
- ALL_LAST_TGT_ISSUED(3),
- THE_LAST_TGT_ISSUED(-3),
- ALL_LAST_RENEWAL(4),
- THE_LAST_RENEWAL(-4),
- ALL_LAST_REQ(5),
- THE_LAST_REQ(-5),
- ALL_PW_EXPTIME(6),
- THE_PW_EXPTIME(-6),
- ALL_ACCT_EXPTIME(7),
- THE_ACCT_EXPTIME(-7);
-
- private int value;
-
- private LastReqType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static LastReqType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (LastReqType) e;
- }
- }
- }
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
deleted file mode 100644
index 976e625..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-
-/**
- METHOD-DATA ::= SEQUENCE OF PA-DATA
- */
-public class MethodData extends KrbSequenceOfType<PaDataEntry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
deleted file mode 100644
index 41f4b2d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum NameType implements KrbEnum {
- NT_UNKNOWN(0),
- NT_PRINCIPAL(1),
- NT_SRV_INST(2),
- NT_SRV_HST(3),
- NT_SRV_XHST(4),
- NT_UID(5);
-
- private int value;
-
- private NameType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static NameType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (NameType) e;
- }
- }
- }
-
- return NT_UNKNOWN;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
deleted file mode 100644
index 42ac3b3..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
+++ /dev/null
@@ -1,199 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosStrings;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-
-/**
- PrincipalName ::= SEQUENCE {
- name-type [0] Int32,
- name-string [1] SEQUENCE OF KerberosString
- }
- */
-public class PrincipalName extends KrbSequenceType {
- private String realm;
-
- private static int NAME_TYPE = 0;
- private static int NAME_STRING = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NAME_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(NAME_STRING, KerberosStrings.class)
- };
-
- public PrincipalName() {
- super(fieldInfos);
- }
-
- public PrincipalName(String nameString) {
- this();
- setNameType(NameType.NT_PRINCIPAL);
- fromNameString(nameString);
- }
-
- public PrincipalName(List<String> nameStrings, NameType type) {
- this();
- setNameStrings(nameStrings);
- setNameType(type);
- }
-
- public NameType getNameType() {
- Integer value = getFieldAsInteger(NAME_TYPE);
- return NameType.fromValue(value);
- }
-
- public void setNameType(NameType nameType) {
- setFieldAsInt(NAME_TYPE, nameType.getValue());
- }
-
- public List<String> getNameStrings() {
- KerberosStrings krbStrings = getFieldAs(NAME_STRING, KerberosStrings.class);
- if (krbStrings != null) {
- return krbStrings.getAsStrings();
- }
- return Collections.EMPTY_LIST;
- }
-
- public void setNameStrings(List<String> nameStrings) {
- setFieldAs(NAME_STRING, new KerberosStrings(nameStrings));
- }
-
- public void setRealm(String realm) {
- this.realm = realm;
- }
-
- public String getRealm() {
- return this.realm;
- }
-
- public String getName() {
- return makeSingleName();
- }
-
- private String makeSingleName() {
- List<String> names = getNameStrings();
- StringBuilder sb = new StringBuilder();
- boolean isFirst = true;
- for (String name : names) {
- sb.append(name);
- if (isFirst && names.size() > 1) {
- sb.append('/');
- }
- isFirst = false;
- }
-
- String realm = getRealm();
- if (realm != null && !realm.isEmpty()) {
- sb.append('@');
- sb.append(realm);
- }
-
- return sb.toString();
- }
-
- @Override
- public String toString() {
- return getName();
- }
-
- @Override
- public int hashCode() {
- return getName().hashCode();
- }
-
- @Override
- public boolean equals(Object other) {
- if (other == null) {
- return false;
- } else if (this == other) {
- return true;
- } else if (other instanceof String) {
- String otherPrincipal = (String) other;
- String thisPrincipal = getName();
- return thisPrincipal.equals(otherPrincipal);
- } else if (! (other instanceof PrincipalName)) {
- return false;
- }
-
- PrincipalName otherPrincipal = (PrincipalName) other;
- if (getNameType() != ((PrincipalName) other).getNameType()) {
- return false;
- }
-
- return getName().equals(otherPrincipal.getName());
- }
-
- private void fromNameString(String nameString) {
- String tmpRealm = null;
- List<String> nameStrings;
- int pos = nameString.indexOf('@');
- String nameParts = nameString;
- if (pos != -1) {
- nameParts = nameString.substring(0, pos);
- tmpRealm = nameString.substring(pos + 1);
- }
- String parts[] = nameParts.split("\\/");
- nameStrings = Arrays.asList(parts);
-
- setNameStrings(nameStrings);
- setRealm(tmpRealm);
- }
-
- public static String extractRealm(String principal) {
- int pos = principal.indexOf('@');
-
- if (pos > 0) {
- return principal.substring(pos + 1);
- }
-
- throw new IllegalArgumentException("Not a valid principal, missing realm name");
- }
-
-
- public static String extractName(String principal) {
- int pos = principal.indexOf('@');
-
- if (pos < 0) {
- return principal;
- }
-
- return principal.substring(0, pos);
- }
-
- public static String makeSalt(PrincipalName principalName) {
- StringBuilder salt = new StringBuilder();
- if (principalName.getRealm() != null) {
- salt.append(principalName.getRealm().toString());
- }
- List<String> nameStrings = principalName.getNameStrings();
- for (String ns : nameStrings) {
- salt.append(ns);
- }
- return salt.toString();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
deleted file mode 100644
index 169b96d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KerberosString;
-
-/**
- * Realm ::= KerberosString
- */
-public class Realm extends KerberosString {
- public Realm() {
- }
-
- public Realm(String value) {
- super(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
deleted file mode 100644
index b8a2eeb..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum SamType implements KrbEnum
-{
- SAM_NONE(0),
- /** safe SAM type enum for Enigma Logic */
- SAM_TYPE_ENIGMA(1), // Enigma Logic"
-
- /** safe SAM type enum for Digital Pathways */
- SAM_TYPE_DIGI_PATH(2), // Digital Pathways
-
- /** safe SAM type enum for S/key where KDC has key 0 */
- SAM_TYPE_SKEY_K0(3), // S/key where KDC has key 0
-
- /** safe SAM type enum for Traditional S/Key */
- SAM_TYPE_SKEY(4), // Traditional S/Key
-
- /** safe SAM type enum for Security Dynamics */
- SAM_TYPE_SECURID(5), // Security Dynamics
-
- /** safe SAM type enum for CRYPTOCard */
- SAM_TYPE_CRYPTOCARD(6); // CRYPTOCard
-
- private int value;
-
- private SamType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static SamType fromValue(Integer value) {
- if (value != null) {
- for (SamType st : SamType.values() ) {
- if (value == st.getValue()) {
- return st;
- }
- }
- }
- return SAM_NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
deleted file mode 100644
index 130027f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum TokenFormat implements KrbEnum {
- NONE (0),
- JWT (1);
-
- private final int value;
-
- private TokenFormat(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static TokenFormat fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (TokenFormat) e;
- }
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
deleted file mode 100644
index a43042f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- TransitedEncoding ::= SEQUENCE {
- tr-type [0] Int32 -- must be registered --,
- contents [1] OCTET STRING
- }
- */
-public class TransitedEncoding extends KrbSequenceType {
- private static int TR_TYPE = 0;
- private static int CONTENTS = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(TR_TYPE, 0, Asn1Integer.class),
- new Asn1FieldInfo(CONTENTS, 1, Asn1OctetString.class)
- };
-
- public TransitedEncoding() {
- super(fieldInfos);
- }
-
- public TransitedEncodingType getTrType() {
- Integer value = getFieldAsInteger(TR_TYPE);
- return TransitedEncodingType.fromValue(value);
- }
-
- public void setTrType(TransitedEncodingType trType) {
- setField(TR_TYPE, trType);
- }
-
- public byte[] getContents() {
- return getFieldAsOctets(CONTENTS);
- }
-
- public void setContents(byte[] contents) {
- setFieldAsOctets(CONTENTS, contents);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
deleted file mode 100644
index f08fa0e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.common;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum TransitedEncodingType implements KrbEnum {
- UNKNOWN(-1),
- NULL(0),
- DOMAIN_X500_COMPRESS(1);
-
- private final int value;
-
- private TransitedEncodingType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static TransitedEncodingType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (TransitedEncodingType) e;
- }
- }
- }
-
- return NULL;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
deleted file mode 100644
index feabede..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum ArmorType implements KrbEnum {
- NONE (0),
- ARMOR_AP_REQUEST (1);
-
- private final int value;
-
- private ArmorType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static ArmorType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (ArmorType) e;
- }
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
deleted file mode 100644
index 125c270..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum FastOption implements KrbEnum {
- NONE(-1),
- RESERVED(0),
- HIDE_CLIENT_NAMES(1),
-
- KDC_FOLLOW_REFERRALS(16);
-
- private final int value;
-
- private FastOption(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static FastOption fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (FastOption) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
deleted file mode 100644
index bdc0e9c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-public class FastOptions extends KrbFlags {
-
- public FastOptions() {
- this(0);
- }
-
- public FastOptions(int value) {
- setFlags(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
deleted file mode 100644
index eebb619..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- KrbFastArmor ::= SEQUENCE {
- armor-type [0] Int32,
- -- Type of the armor.
- armor-value [1] OCTET STRING,
- -- Value of the armor.
- }
- */
-public class KrbFastArmor extends KrbSequenceType {
- private static int ARMOR_TYPE = 0;
- private static int ARMOR_VALUE = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ARMOR_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(ARMOR_VALUE, Asn1OctetString.class)
- };
-
- public KrbFastArmor() {
- super(fieldInfos);
- }
-
- public ArmorType getArmorType() {
- Integer value = getFieldAsInteger(ARMOR_TYPE);
- return ArmorType.fromValue(value);
- }
-
- public void setArmorType(ArmorType armorType) {
- setFieldAsInt(ARMOR_TYPE, armorType.getValue());
- }
-
- public byte[] getArmorValue() {
- return getFieldAsOctets(ARMOR_VALUE);
- }
-
- public void setArmorValue(byte[] armorValue) {
- setFieldAsOctets(ARMOR_VALUE, armorValue);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
deleted file mode 100644
index 479b7f5..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-
-/**
- KrbFastArmoredRep ::= SEQUENCE {
- enc-fast-rep [0] EncryptedData, -- KrbFastResponse --
- -- The encryption key is the armor key in the request, and
- -- the key usage number is KEY_USAGE_FAST_REP.
- }
- */
-public class KrbFastArmoredRep extends KrbSequenceType {
- private static int ENC_FAST_REP = 0;
-
- //private
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ENC_FAST_REP, EncryptedData.class)
- };
-
- public KrbFastArmoredRep() {
- super(fieldInfos);
- }
-
- public EncryptedData getEncFastRep() {
- return getFieldAs(ENC_FAST_REP, EncryptedData.class);
- }
-
- public void setEncFastRep(EncryptedData encFastRep) {
- setFieldAs(ENC_FAST_REP, encFastRep);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
deleted file mode 100644
index a39aad4..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-
-/**
- KrbFastArmoredReq ::= SEQUENCE {
- armor [0] KrbFastArmor OPTIONAL,
- -- Contains the armor that identifies the armor key.
- -- MUST be present in AS-REQ.
- req-checksum [1] Checksum,
- -- For AS, contains the checksum performed over the type
- -- KDC-REQ-BODY for the req-body field of the KDC-REQ
- -- structure;
- -- For TGS, contains the checksum performed over the type
- -- AP-REQ in the PA-TGS-REQ padata.
- -- The checksum key is the armor key, the checksum
- -- type is the required checksum type for the enctype of
- -- the armor key, and the key usage number is
- -- KEY_USAGE_FAST_REQ_CHKSUM.
- enc-fast-req [2] EncryptedData, -- KrbFastReq --
- -- The encryption key is the armor key, and the key usage
- -- number is KEY_USAGE_FAST_ENC.
- }
- */
-public class KrbFastArmoredReq extends KrbSequenceType {
- private static int ARMOR = 0;
- private static int REQ_CHECKSUM = 1;
- private static int ENC_FAST_REQ = 2;
-
- private KrbFastReq fastReq;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ARMOR, KrbFastArmor.class),
- new Asn1FieldInfo(REQ_CHECKSUM, CheckSum.class),
- new Asn1FieldInfo(ENC_FAST_REQ, EncryptedData.class),
- };
-
- public KrbFastArmoredReq() {
- super(fieldInfos);
- }
-
- public KrbFastArmor getArmor() {
- return getFieldAs(ARMOR, KrbFastArmor.class);
- }
-
- public void setArmor(KrbFastArmor armor) {
- setFieldAs(ARMOR, armor);
- }
-
- public CheckSum getReqChecksum() {
- return getFieldAs(REQ_CHECKSUM, CheckSum.class);
- }
-
- public void setReqChecksum(CheckSum checkSum) {
- setFieldAs(REQ_CHECKSUM, checkSum);
- }
-
- public KrbFastReq getFastReq() {
- return fastReq;
- }
-
- public void setFastReq(KrbFastReq fastReq) {
- this.fastReq = fastReq;
- }
-
- public EncryptedData getEncryptedFastReq() {
- return getFieldAs(ENC_FAST_REQ, EncryptedData.class);
- }
-
- public void setEncryptedFastReq(EncryptedData encFastReq) {
- setFieldAs(ENC_FAST_REQ, encFastReq);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
deleted file mode 100644
index a7f0966..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-
-/**
- KrbFastFinished ::= SEQUENCE {
- timestamp [0] KerberosTime,
- usec [1] Microseconds,
- -- timestamp and usec represent the time on the KDC when
- -- the reply was generated.
- crealm [2] Realm,
- cname [3] PrincipalName,
- -- Contains the client realm and the client name.
- ticket-checksum [4] Checksum,
- -- checksum of the ticket in the KDC-REP using the armor
- -- and the key usage is KEY_USAGE_FAST_FINISH.
- -- The checksum type is the required checksum type
- -- of the armor key.
- }
- */
-public class KrbFastFinished extends KrbSequenceType {
- private static int FAST_OPTIONS = 0;
- private static int PADATA = 1;
- private static int REQ_BODY = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
- new Asn1FieldInfo(PADATA, PaData.class),
- new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
- };
-
- public KrbFastFinished() {
- super(fieldInfos);
- }
-
- public KrbFastArmor getArmor() {
- return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
- }
-
- public void setArmor(KrbFastArmor armor) {
- setFieldAs(FAST_OPTIONS, armor);
- }
-
- public CheckSum getReqChecksum() {
- return getFieldAs(PADATA, CheckSum.class);
- }
-
- public void setReqChecksum(CheckSum checkSum) {
- setFieldAs(PADATA, checkSum);
- }
-
- public EncryptedData getEncFastReq() {
- return getFieldAs(REQ_BODY, EncryptedData.class);
- }
-
- public void setEncFastReq(EncryptedData encFastReq) {
- setFieldAs(REQ_BODY, encFastReq);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
deleted file mode 100644
index d42d647..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-
-/**
- KrbFastReq ::= SEQUENCE {
- fast-options [0] FastOptions,
- -- Additional options.
- padata [1] SEQUENCE OF PA-DATA,
- -- padata typed holes.
- req-body [2] KDC-REQ-BODY,
- -- Contains the KDC request body as defined in Section
- -- 5.4.1 of [RFC4120].
- -- This req-body field is preferred over the outer field
- -- in the KDC request.
- }
- */
-public class KrbFastReq extends KrbSequenceType {
- private static int FAST_OPTIONS = 0;
- private static int PADATA = 1;
- private static int REQ_BODY = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
- new Asn1FieldInfo(PADATA, PaData.class),
- new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
- };
-
- public KrbFastReq() {
- super(fieldInfos);
- }
-
- public KrbFastArmor getArmor() {
- return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
- }
-
- public void setArmor(KrbFastArmor armor) {
- setFieldAs(FAST_OPTIONS, armor);
- }
-
- public PaData getPaData() {
- return getFieldAs(PADATA, PaData.class);
- }
-
- public void setPaData(PaData paData) {
- setFieldAs(PADATA, paData);
- }
-
- public EncryptedData getEncFastReq() {
- return getFieldAs(REQ_BODY, EncryptedData.class);
- }
-
- public void setEncFastReq(EncryptedData encFastReq) {
- setFieldAs(REQ_BODY, encFastReq);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
deleted file mode 100644
index 9852103..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-
-/**
- KrbFastResponse ::= SEQUENCE {
- padata [0] SEQUENCE OF PA-DATA,
- -- padata typed holes.
- strengthen-key [1] EncryptionKey OPTIONAL,
- -- This, if present, strengthens the reply key for AS and
- -- TGS. MUST be present for TGS.
- -- MUST be absent in KRB-ERROR.
- finished [2] KrbFastFinished OPTIONAL,
- -- Present in AS or TGS reply; absent otherwise.
- nonce [3] UInt32,
- -- Nonce from the client request.
- }
- */
-public class KrbFastResponse extends KrbSequenceType {
- private static int PADATA = 0;
- private static int STRENGTHEN_KEY = 1;
- private static int FINISHED = 2;
- private static int NONCE = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PADATA, PaData.class),
- new Asn1FieldInfo(STRENGTHEN_KEY, EncryptionKey.class),
- new Asn1FieldInfo(FINISHED, KrbFastFinished.class),
- new Asn1FieldInfo(NONCE, Asn1Integer.class)
- };
-
- public KrbFastResponse() {
- super(fieldInfos);
- }
-
- public PaData getPaData() {
- return getFieldAs(PADATA, PaData.class);
- }
-
- public void setPaData(PaData paData) {
- setFieldAs(PADATA, paData);
- }
-
- public EncryptionKey getStrengthenKey() {
- return getFieldAs(STRENGTHEN_KEY, EncryptionKey.class);
- }
-
- public void setStrengthenKey(EncryptionKey strengthenKey) {
- setFieldAs(STRENGTHEN_KEY, strengthenKey);
- }
-
- public KrbFastFinished getFastFinished() {
- return getFieldAs(FINISHED, KrbFastFinished.class);
- }
-
- public void setFastFinished(KrbFastFinished fastFinished) {
- setFieldAs(FINISHED, fastFinished);
- }
-
- public int getNonce() {
- return getFieldAsInt(NONCE);
- }
-
- public void setNonce(int nonce) {
- setFieldAsInt(NONCE, nonce);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
deleted file mode 100644
index 80c2b56..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-/**
- PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
- pa-type [0] Int32,
- pa-hint [1] OCTET STRING OPTIONAL,
- pa-value [2] OCTET STRING OPTIONAL,
- }
- */
-public class PaAuthnEntry extends KrbSequenceType {
- private static int PA_TYPE = 0;
- private static int PA_HINT = 1;
- private static int PA_VALUE = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
- new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
- };
-
- public PaAuthnEntry() {
- super(fieldInfos);
- }
-
- public PaAuthnEntry(PaDataType type, byte[] paData) {
- this();
- setPaType(type);
- setPaValue(paData);
- }
-
- public PaDataType getPaType() {
- Integer value = getFieldAsInteger(PA_TYPE);
- return PaDataType.fromValue(value);
- }
-
- public void setPaType(PaDataType paDataType) {
- setFieldAsInt(PA_TYPE, paDataType.getValue());
- }
-
- public byte[] getPaHint() {
- return getFieldAsOctets(PA_HINT);
- }
-
- public void setPaHint(byte[] paHint) {
- setFieldAsOctets(PA_HINT, paHint);
- }
-
- public byte[] getPaValue() {
- return getFieldAsOctets(PA_VALUE);
- }
-
- public void setPaValue(byte[] paValue) {
- setFieldAsOctets(PA_VALUE, paValue);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
deleted file mode 100644
index bbc36e6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
- */
-public class PaAuthnSet extends KrbSequenceOfType<PaAuthnEntry> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
deleted file mode 100644
index 67056cb..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1Choice;
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-
-/**
- PA-FX-FAST-REPLY ::= CHOICE {
- armored-data [0] KrbFastArmoredRep,
- }
- */
-public class PaFxFastReply extends Asn1Choice {
- private static int ARMORED_DATA = 0;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredRep.class)
- };
-
- public PaFxFastReply() {
- super(fieldInfos);
- }
-
- public KrbFastArmoredRep getFastArmoredRep() {
- return getFieldAs(ARMORED_DATA, KrbFastArmoredRep.class);
- }
-
- public void setFastArmoredRep(KrbFastArmoredRep fastArmoredRep) {
- setFieldAs(ARMORED_DATA, fastArmoredRep);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
deleted file mode 100644
index 9642212..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.fast;
-
-import org.apache.haox.asn1.type.Asn1Choice;
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-
-/**
- PA-FX-FAST-REQUEST ::= CHOICE {
- armored-data [0] KrbFastArmoredReq,
- }
- */
-public class PaFxFastRequest extends Asn1Choice {
- private static int ARMORED_DATA = 0;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredReq.class)
- };
-
- public PaFxFastRequest() {
- super(fieldInfos);
- }
-
- public KrbFastArmoredReq getFastArmoredReq() {
- return getFieldAs(ARMORED_DATA, KrbFastArmoredReq.class);
- }
-
- public void setFastArmoredReq(KrbFastArmoredReq fastArmoredReq) {
- setFieldAs(ARMORED_DATA, fastArmoredReq);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
deleted file mode 100644
index 1aa0088..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-
-/**
- AS-REP ::= [APPLICATION 11] KDC-REP
- */
-public class AsRep extends KdcRep {
-
- public AsRep() {
- super(KrbMessageType.AS_REP);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
deleted file mode 100644
index 12bdcfb..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-
-/**
- AS-REQ ::= [APPLICATION 10] KDC-REQ
- */
-public class AsReq extends KdcReq {
- public AsReq() {
- super(KrbMessageType.AS_REQ);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
deleted file mode 100644
index 342c89a..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-/**
-EncASRepPart ::= [APPLICATION 25] EncKDCRepPart
-*/
-public class EncAsRepPart extends EncKdcRepPart {
- public static final int TAG = 25;
-
- public EncAsRepPart() {
- super(TAG);
- }
-}
[43/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1FieldInfo.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1FieldInfo.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1FieldInfo.java
deleted file mode 100644
index 5c5d2de..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1FieldInfo.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TaggingOption;
-
-public class Asn1FieldInfo {
- private int index;
- private int tagNo;
- private boolean isImplicit;
- private Class<? extends Asn1Type> type;
-
- public Asn1FieldInfo(int index, int tagNo, Class<? extends Asn1Type> type) {
- this(index, tagNo, type, false);
- }
-
- public Asn1FieldInfo(int index, Class<? extends Asn1Type> type) {
- this(index, index, type, false);
- }
-
- public Asn1FieldInfo(int index, Class<? extends Asn1Type> type, boolean isImplicit) {
- this(index, index, type, isImplicit);
- }
-
- public Asn1FieldInfo(int index, int tagNo, Class<? extends Asn1Type> type, boolean isImplicit) {
- this.index = index;
- this.tagNo = tagNo;
- this.type = type;
- this.isImplicit = isImplicit;
- }
-
- public boolean isTagged() {
- return tagNo != -1;
- }
-
- public TaggingOption getTaggingOption() {
- if (isImplicit) {
- return TaggingOption.newImplicitContextSpecific(tagNo);
- } else {
- return TaggingOption.newExplicitContextSpecific(tagNo);
- }
- }
-
- public int getTagNo() {
- return tagNo;
- }
-
- public int getIndex() {
- return index;
- }
-
- public boolean isImplicit() {
- return isImplicit;
- }
-
- public Class<? extends Asn1Type> getType() {
- return type;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralString.java
deleted file mode 100644
index 106d62d..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralString.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1GeneralString extends Asn1String
-{
- public Asn1GeneralString() {
- super(UniversalTag.GENERAL_STRING);
- }
-
- public Asn1GeneralString(String value) {
- super(UniversalTag.GENERAL_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralizedTime.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralizedTime.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralizedTime.java
deleted file mode 100644
index e404867..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1GeneralizedTime.java
+++ /dev/null
@@ -1,134 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.SimpleTimeZone;
-import java.util.TimeZone;
-
-public class Asn1GeneralizedTime extends Asn1Simple<Date>
-{
- public Asn1GeneralizedTime() {
- this(null);
- }
-
- /**
- * time in milliseconds
- */
- public Asn1GeneralizedTime(long time) {
- super(UniversalTag.GENERALIZED_TIME, new Date(time));
- }
-
- public Asn1GeneralizedTime(Date date) {
- super(UniversalTag.UTC_TIME, date);
- }
-
- protected void toValue() throws IOException {
- String dateStr = new String(getBytes(), StandardCharsets.US_ASCII);
- SimpleDateFormat sdf;
- String fixedDateStr = dateStr;
-
- boolean withZ = dateStr.endsWith("Z");
- String timeZonePart = getTimeZonePart(dateStr);
- boolean withZone = timeZonePart != null;
- String millSecs = getMillSeconds(dateStr);
-
- fixedDateStr = dateStr.substring(0, 14) + millSecs;
- if (withZ) {
- sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- } else if (withZone) {
- fixedDateStr += timeZonePart;
- sdf = new SimpleDateFormat("yyyyMMddHHmmssSSSz");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- } else {
- sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
- sdf.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));
- }
-
- try {
- setValue(sdf.parse(fixedDateStr));
- } catch (ParseException e) {
- throw new IOException("Failed to parse as generalized time string " + dateStr);
- }
- }
-
- @Override
- protected void toBytes() {
- Date date = getValue();
- SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
- dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
-
- String str = dateF.format(date);
- byte[] bytes = str.getBytes(StandardCharsets.US_ASCII);
- setBytes(bytes);
- }
-
- /**
- * Extract the fractional part in seconds and convert into integer by (frac * 1000) as milli seconds
- */
- private String getMillSeconds(String dateStr) {
- char[] millDigits = new char[] {'0', '0', '0'};
-
- int iPos = dateStr.indexOf('.');
- if (iPos > 0) {
- if (iPos != 14) {
- throw new IllegalArgumentException("Bad generalized time string, " +
- "with improper milli seconds " + dateStr);
- }
-
- char chr;
- int j = 0;
- for (int i = 15; i < dateStr.length() && j < millDigits.length; i++) {
- chr = dateStr.charAt(i);
- if ('0' <= chr && chr <= '9') {
- millDigits[j++] = chr;
- } else break;
- }
- }
-
- return new String(millDigits);
- }
-
- /**
- * Extract the timezone part if any
- */
- private String getTimeZonePart(String dateStr) {
- int iPos = dateStr.indexOf('+');
- if (iPos == -1) {
- iPos = dateStr.indexOf('-');
- }
- if (iPos > 0 && iPos != dateStr.length() - 5) {
- throw new IllegalArgumentException("Bad generalized time string, " +
- "with improper timezone part " + dateStr);
- }
-
- if (iPos > 0) {
- return dateStr.substring(iPos);
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1IA5String.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1IA5String.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1IA5String.java
deleted file mode 100644
index 1341fcb..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1IA5String.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1IA5String extends Asn1String
-{
- public Asn1IA5String() {
- super(UniversalTag.IA5_STRING);
- }
-
- public Asn1IA5String(String value) {
- super(UniversalTag.IA5_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Integer.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Integer.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Integer.java
deleted file mode 100644
index 37869bc..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Integer.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-public class Asn1Integer extends Asn1Simple<Integer>
-{
- public Asn1Integer() {
- this(null);
- }
-
- public Asn1Integer(Integer value) {
- super(UniversalTag.INTEGER, value);
- }
-
- @Override
- protected void toBytes() {
- setBytes(BigInteger.valueOf(getValue()).toByteArray());
- }
-
- @Override
- protected void toValue() throws IOException {
- setValue(new BigInteger(getBytes()).intValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Item.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Item.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Item.java
deleted file mode 100644
index 7b08539..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Item.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.Asn1Factory;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TaggingOption;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-/**
- * Asn1Item serves two purposes:
- * 1. Wrapping an existing Asn1Type value for Asn1Collection;
- * 2. Wrapping a half decoded value whose body content is left to be decoded later when appropriate.
- * Why not fully decoded at once? Lazy and decode on demand for collection, or impossible due to lacking
- * key parameters, like implicit encoded value for tagged value.
- *
- * For not fully decoded value, you tell your case using isSimple/isCollection/isTagged/isContextSpecific etc.,
- * then call decodeValueAsSimple/decodeValueAsCollection/decodeValueAsImplicitTagged/decodeValueAsExplicitTagged etc.
- * to decode it fully. Or if you have already derived the value holder or the holder type, you can use decodeValueWith
- * or decodeValueAs with your holder or hodler type.
- */
-public class Asn1Item extends AbstractAsn1Type<Asn1Type>
-{
- private LimitedByteBuffer bodyContent;
-
- public Asn1Item(Asn1Type value) {
- super(value.tagFlags(), value.tagNo(), value);
- }
-
- public Asn1Item(int tag, int tagNo, LimitedByteBuffer bodyContent) {
- super(tag, tagNo);
- this.bodyContent = bodyContent;
- }
-
- public LimitedByteBuffer getBodyContent() {
- return bodyContent;
- }
-
- @Override
- protected int encodingBodyLength() {
- if (getValue() != null) {
- return ((AbstractAsn1Type) getValue()).encodingBodyLength();
- }
- return (int) bodyContent.hasLeft();
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- if (getValue() != null) {
- ((AbstractAsn1Type) getValue()).encodeBody(buffer);
- } else {
- try {
- buffer.put(bodyContent.readAllLeftBytes());
- } catch (IOException e) {
- throw new RuntimeException("Failed to read all left bytes from body content", e);
- }
- }
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer bodyContent) throws IOException {
- this.bodyContent = bodyContent;
- }
-
- public boolean isFullyDecoded() {
- return getValue() != null;
- }
-
- public void decodeValueAsSimple() throws IOException {
- if (getValue() != null) return;
- if (! isSimple()) {
- throw new IllegalArgumentException("Attempting to decode non-simple value as simple");
- }
-
- Asn1Type value = Asn1Factory.create(tagNo());
- decodeValueWith(value);
- }
-
- public void decodeValueAsCollection() throws IOException {
- if (getValue() != null) return;
- if (! isCollection()) {
- throw new IllegalArgumentException("Attempting to decode non-collection value as collection");
- }
-
- Asn1Type value = Asn1Factory.create(tagNo());
- decodeValueWith(value);
- }
-
- public void decodeValueAs(Class<? extends Asn1Type> type) throws IOException {
- Asn1Type value;
- try {
- value = type.newInstance();
- } catch (Exception e) {
- throw new RuntimeException("Invalid type: " + type.getCanonicalName(), e);
- }
- decodeValueWith(value);
- }
-
- public void decodeValueWith(Asn1Type value) throws IOException {
- setValue(value);
- ((AbstractAsn1Type) value).decode(tagFlags(), tagNo(), bodyContent);
- }
-
- public void decodeValueAsImplicitTagged(int originalTag, int originalTagNo) throws IOException {
- if (! isTagged()) {
- throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
- }
- Asn1Item taggedValue = new Asn1Item(originalTag, originalTagNo, getBodyContent());
- decodeValueWith(taggedValue);
- }
-
- public void decodeValueAsExplicitTagged() throws IOException {
- if (! isTagged()) {
- throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
- }
- Asn1Item taggedValue = decodeOne(getBodyContent());
- decodeValueWith(taggedValue);
- }
-
- private void decodeValueWith(Asn1Item taggedValue) throws IOException {
- taggedValue.decodeValueAsSimple();
- if (taggedValue.isFullyDecoded()) {
- setValue(taggedValue.getValue());
- } else {
- setValue(taggedValue);
- }
- }
-
- public void decodeValueWith(Asn1Type value, TaggingOption taggingOption) throws IOException {
- if (! isTagged()) {
- throw new IllegalArgumentException("Attempting to decode non-tagged value using tagging way");
- }
- ((AbstractAsn1Type) value).taggedDecode(tagFlags(), tagNo(), getBodyContent(), taggingOption);
- setValue(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Null.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Null.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Null.java
deleted file mode 100644
index 874537f..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Null.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-
-public class Asn1Null extends Asn1Simple<Object>
-{
- public static final Asn1Null NULL = new Asn1Null();
- private static final byte[] EMPTY_BYTES = new byte[0];
-
- public Asn1Null() {
- super(null, UniversalTag.NULL);
- }
-
- @Override
- protected byte[] encodeBody() {
- return EMPTY_BYTES;
- }
-
- @Override
- protected int encodingBodyLength() {
- return 0;
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- if (content.hasLeft() != 0) {
- throw new IOException("Unexpected bytes found for NULL");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1NumericsString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1NumericsString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1NumericsString.java
deleted file mode 100644
index 6162ef6..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1NumericsString.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1NumericsString extends Asn1String
-{
- public Asn1NumericsString() {
- this(null);
- }
-
- public Asn1NumericsString(String value) {
- super(UniversalTag.NUMERIC_STRING, value);
- if (value != null) {
- if (!isNumeric(value)) {
- throw new IllegalArgumentException("Invalid numeric string");
- }
- }
- }
-
- public static boolean isNumeric(String s) {
- char c;
- for (int i = s.length() - 1; i >= 0; i--) {
- c = s.charAt(i);
- if ((c >= '0' && c <= '9') || c == ' ') {
- continue;
- }
- return false;
- }
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1ObjectIdentifier.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1ObjectIdentifier.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1ObjectIdentifier.java
deleted file mode 100644
index 09073ec..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1ObjectIdentifier.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.math.BigInteger;
-import java.nio.ByteBuffer;
-
-public class Asn1ObjectIdentifier extends Asn1Simple<String>
-{
- public Asn1ObjectIdentifier() {
- this(null);
- }
-
- public Asn1ObjectIdentifier(String value) {
- super(UniversalTag.OBJECT_IDENTIFIER, value);
- }
-
- @Override
- protected void toBytes() {
- byte[][] bytesArr = convert(getValue());
- int allLen = 0;
- for (byte[] bytes : bytesArr) {
- allLen += bytes.length;
- }
- ByteBuffer buffer = ByteBuffer.allocate(allLen);
- for (byte[] bytes : bytesArr) {
- buffer.put(bytes);
- }
- setBytes(buffer.array());
- }
-
- protected void toValue() {
- StringBuilder sb = new StringBuilder();
-
- byte[] bytes = getBytes();
- byte[][] bytesGroups = group(bytes);
- BigInteger[] coms = convert(bytesGroups);
-
- long first = coms[0].longValue();
- sb.append(first / 40).append('.');
- sb.append(first % 40);
- if (coms.length > 1) {
- sb.append('.');
- }
-
- for (int i = 1; i < coms.length; ++i) {
- sb.append(coms[i].toString());
- if (i != coms.length - 1) {
- sb.append('.');
- }
- }
-
- String value = sb.toString();
- setValue(value);
- }
-
- private BigInteger[] convert(byte[][] bytesGroups) {
- BigInteger[] comps = new BigInteger[bytesGroups.length];
-
- for (int i = 0; i < bytesGroups.length; ++i) {
- comps[i] = convert(bytesGroups[i]);
- }
-
- return comps;
- }
-
- private BigInteger convert(byte[] bytes) {
- BigInteger value = BigInteger.valueOf(bytes[0] & 0x7f);
- for (int i = 1; i < bytes.length; ++i) {
- value = value.shiftLeft(7);
- value = value.or(BigInteger.valueOf(bytes[i] & 0x7f));
- }
-
- return value;
- }
-
- /**
- * divide and group bytes together belonging to each component
- */
- private byte[][] group(byte[] bytes) {
- int count = 0, i, j;
- int[] countArr = new int[bytes.length]; // how many bytes for each group
- for (i = 0; i < countArr.length; ++i) countArr[i] = 0;
-
- for (j = 0, i = 0; i < bytes.length; ++i) {
- if ((bytes[i] & 0x80) != 0) {
- countArr[j]++;
- } else {
- countArr[j++]++;
- }
- }
- count = j;
-
- byte[][] bytesGroups = new byte[count][];
- for (i = 0; i < count; ++i) {
- bytesGroups[i] = new byte[countArr[i]];
- }
-
- int k = 0;
- for (j = 0, i = 0; i < bytes.length; ++i) {
- bytesGroups[j][k++] = bytes[i];
- if ((bytes[i] & 0x80) == 0) {
- j++;
- k = 0;
- }
- }
-
- return bytesGroups;
- }
-
- private byte[][] convert(String oid) {
- String[] parts = oid.split("\\.");
- BigInteger[] coms = new BigInteger[parts.length - 1];
- for (int i = 1; i < parts.length; ++i) {
- coms[i - 1] = new BigInteger(parts[i]);
- }
- coms[0] = coms[0].add(BigInteger.valueOf(Integer.parseInt(parts[0]) * 40));
-
- byte[][] bytesGroups = new byte[coms.length][];
- for (int i = 0; i < coms.length; ++i) {
- bytesGroups[i] = convert(coms[i]);
- }
-
- return bytesGroups;
- }
-
- private byte[] convert(BigInteger value) {
- int bitLen = value.bitLength();
-
- if (bitLen < 8) {
- return new byte[] { value.byteValue() };
- }
-
- int len = (bitLen + 6) / 7;
- byte[] bytes = new byte[len];
- BigInteger tmpValue = value;
- for (int i = len - 1; i >= 0; i--) {
- bytes[i] = (byte)((tmpValue.byteValue() & 0x7f) | 0x80);
- tmpValue = tmpValue.shiftRight(7);
- }
- bytes[len - 1] &= 0x7f;
-
- return bytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1OctetString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1OctetString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1OctetString.java
deleted file mode 100644
index 999c382..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1OctetString.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-
-public class Asn1OctetString extends Asn1Simple<byte[]>
-{
- public Asn1OctetString() {
- this(null);
- }
-
- public Asn1OctetString(byte[] value) {
- super(UniversalTag.OCTET_STRING, value);
- }
-
- @Override
- protected byte[] encodeBody() {
- return getValue();
- }
-
- @Override
- protected int encodingBodyLength() {
- return getValue().length;
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- setValue(content.readAllLeftBytes());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1PrintableString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1PrintableString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1PrintableString.java
deleted file mode 100644
index 6c73408..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1PrintableString.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1PrintableString extends Asn1String
-{
- public Asn1PrintableString() {
- this(null);
- }
-
- public Asn1PrintableString(String value) {
- super(UniversalTag.PRINTABLE_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Sequence.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Sequence.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Sequence.java
deleted file mode 100644
index 4d0da68..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Sequence.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1Sequence extends Asn1Collection
-{
- public Asn1Sequence() {
- super(TagClass.UNIVERSAL, UniversalTag.SEQUENCE.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceOf.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceOf.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceOf.java
deleted file mode 100644
index 4d35244..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceOf.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1SequenceOf<T extends Asn1Type> extends Asn1CollectionOf<T>
-{
- public Asn1SequenceOf() {
- super(TagClass.UNIVERSAL, UniversalTag.SEQUENCE_OF.getValue());
- }
-
- public boolean isEmpty() {
- return (getValue() == null || getElements().size() == 0);
- }
-
- public void add(T element) {
- getElements().add(element);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceType.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceType.java
deleted file mode 100644
index c5189e8..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SequenceType.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-/**
- * For sequence type that consists of tagged fields
- */
-public class Asn1SequenceType extends Asn1CollectionType {
-
- public Asn1SequenceType(Asn1FieldInfo[] tags) {
- super(UniversalTag.SEQUENCE.getValue(), tags);
- }
-
- @Override
- protected Asn1Collection createCollection() {
- return new Asn1Sequence();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Set.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Set.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Set.java
deleted file mode 100644
index 1849607..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Set.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1Set extends Asn1Collection
-{
- public Asn1Set() {
- super(TagClass.UNIVERSAL, UniversalTag.SET.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetOf.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetOf.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetOf.java
deleted file mode 100644
index 9a2d3fd..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetOf.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1SetOf<T extends Asn1Type> extends Asn1CollectionOf<T>
-{
- public Asn1SetOf() {
- super(TagClass.UNIVERSAL, UniversalTag.SET_OF.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetType.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetType.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetType.java
deleted file mode 100644
index 08c94f5..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1SetType.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-/**
- * For set type that consists of tagged fields
- */
-public class Asn1SetType extends Asn1CollectionType {
-
- public Asn1SetType(Asn1FieldInfo[] tags) {
- super(UniversalTag.SET.getValue(), tags);
- }
-
- @Override
- protected Asn1Collection createCollection() {
- return new Asn1Set();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Simple.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Simple.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Simple.java
deleted file mode 100644
index 3a2b8df..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Simple.java
+++ /dev/null
@@ -1,184 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public abstract class Asn1Simple<T> extends AbstractAsn1Type<T> {
- private byte[] bytes;
-
- public Asn1Simple(UniversalTag tagNo) {
- this(tagNo, null);
- }
-
- public Asn1Simple(UniversalTag tagNo, T value) {
- super(TagClass.UNIVERSAL, tagNo.getValue(), value);
- setEncodingOption(EncodingOption.PRIMITIVE);
- }
-
- protected byte[] getBytes() {
- return bytes;
- }
-
- protected void setBytes(byte[] bytes) {
- this.bytes = bytes;
- }
-
- @Override
- public void encode(ByteBuffer buffer) {
- encodeTag(buffer, tagFlags(), tagNo());
- int bodyLen = encodingBodyLength();
- encodeLength(buffer, bodyLen);
- if (bodyLen > 0) {
- buffer.put(encodeBody());
- }
- }
-
- protected byte[] encodeBody() {
- if (bytes == null) {
- toBytes();
- }
- return bytes;
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- buffer.put(encodeBody());
- }
-
- @Override
- protected int encodingBodyLength() {
- if (getValue() == null) {
- return 0;
- }
- if (bytes == null) {
- toBytes();
- }
- return bytes.length;
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- byte[] leftBytes = content.readAllLeftBytes();
- if (leftBytes.length > 0) {
- setBytes(leftBytes);
- toValue();
- }
- }
-
- @Override
- public boolean isConstructed() {
- return false;
- }
-
- protected void toValue() throws IOException {}
-
- protected void toBytes() {}
-
- public static boolean isSimple(int tagNo) {
- return isSimple(UniversalTag.fromValue(tagNo));
- }
-
- public static boolean isSimple(UniversalTag tagNo) {
- switch (tagNo) {
- case BIT_STRING:
- case BMP_STRING:
- case BOOLEAN:
- case ENUMERATED:
- case GENERALIZED_TIME:
- case GENERAL_STRING:
- case IA5_STRING:
- case INTEGER:
- case NULL:
- case NUMERIC_STRING:
- case OBJECT_IDENTIFIER:
- case OCTET_STRING:
- case PRINTABLE_STRING:
- case T61_STRING:
- case UNIVERSAL_STRING:
- case UTC_TIME:
- case UTF8_STRING:
- case VISIBLE_STRING:
- return true;
- default:
- return false;
- }
- }
-
- public static Asn1Type createSimple(int tagNo) {
- if (! isSimple(tagNo)) {
- throw new IllegalArgumentException("Not simple type, tag: " + tagNo);
- }
- return createSimple(UniversalTag.fromValue(tagNo));
- }
-
- public static Asn1Type createSimple(UniversalTag tagNo) {
- if (! isSimple(tagNo)) {
- throw new IllegalArgumentException("Not simple type, tag: " + tagNo);
- }
-
- switch (tagNo) {
- case BIT_STRING:
- return new Asn1BitString();
- case BMP_STRING:
- return new Asn1BmpString();
- case BOOLEAN:
- return new Asn1Boolean();
- case ENUMERATED:
- return null;
- case GENERALIZED_TIME:
- return new Asn1GeneralizedTime();
- case GENERAL_STRING:
- return new Asn1GeneralString();
- case IA5_STRING:
- return new Asn1IA5String();
- case INTEGER:
- return new Asn1Integer();
- case NULL:
- return new Asn1Null();
- case NUMERIC_STRING:
- return new Asn1NumericsString();
- case OBJECT_IDENTIFIER:
- return new Asn1ObjectIdentifier();
- case OCTET_STRING:
- return new Asn1OctetString();
- case PRINTABLE_STRING:
- return new Asn1PrintableString();
- case T61_STRING:
- return new Asn1T61String();
- case UNIVERSAL_STRING:
- return new Asn1UniversalString();
- case UTC_TIME:
- return new Asn1UtcTime();
- case UTF8_STRING:
- return new Asn1Utf8String();
- case VISIBLE_STRING:
- return new Asn1VisibleString();
- default:
- throw new IllegalArgumentException("Unexpected tag " + tagNo.getValue());
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1String.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1String.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1String.java
deleted file mode 100644
index 52d31aa..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1String.java
+++ /dev/null
@@ -1,292 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.nio.charset.StandardCharsets;
-import java.util.ArrayList;
-import java.util.List;
-
-public abstract class Asn1String extends Asn1Simple<String>
-{
- public Asn1String(UniversalTag tagNo) {
- super(tagNo, null);
- }
-
- public Asn1String(UniversalTag tagNo, String value) {
- super(tagNo, value);
- }
-
- @Override
- protected void toBytes() {
- byte[] bytes = getValue().getBytes(StandardCharsets.US_ASCII);
- setBytes(bytes);
- }
-
- @Override
- protected int encodingBodyLength() {
- if (getValue() != null) {
- return getValue().length();
- }
- return 0;
- }
-
- protected void toValue() throws IOException {
- byte[] bytes = getBytes();
- setValue(new String(bytes, StandardCharsets.US_ASCII));
- }
-
- public static String fromUTF8ByteArray(byte[] bytes) {
- int i = 0;
- int length = 0;
-
- while (i < bytes.length) {
- length++;
- if ((bytes[i] & 0xf0) == 0xf0) {
- // surrogate pair
- length++;
- i += 4;
- } else if ((bytes[i] & 0xe0) == 0xe0) {
- i += 3;
- } else if ((bytes[i] & 0xc0) == 0xc0) {
- i += 2;
- } else {
- i += 1;
- }
- }
-
- char[] cs = new char[length];
- i = 0;
- length = 0;
-
- while (i < bytes.length) {
- char ch;
-
- if ((bytes[i] & 0xf0) == 0xf0) {
- int codePoint = ((bytes[i] & 0x03) << 18) | ((bytes[i+1] & 0x3F) << 12) | ((bytes[i+2] & 0x3F) << 6) | (bytes[i+3] & 0x3F);
- int U = codePoint - 0x10000;
- char W1 = (char)(0xD800 | (U >> 10));
- char W2 = (char)(0xDC00 | (U & 0x3FF));
- cs[length++] = W1;
- ch = W2;
- i += 4;
- } else if ((bytes[i] & 0xe0) == 0xe0) {
- ch = (char)(((bytes[i] & 0x0f) << 12)
- | ((bytes[i + 1] & 0x3f) << 6) | (bytes[i + 2] & 0x3f));
- i += 3;
- } else if ((bytes[i] & 0xd0) == 0xd0) {
- ch = (char)(((bytes[i] & 0x1f) << 6) | (bytes[i + 1] & 0x3f));
- i += 2;
- } else if ((bytes[i] & 0xc0) == 0xc0) {
- ch = (char)(((bytes[i] & 0x1f) << 6) | (bytes[i + 1] & 0x3f));
- i += 2;
- } else {
- ch = (char)(bytes[i] & 0xff);
- i += 1;
- }
-
- cs[length++] = ch;
- }
-
- return new String(cs);
- }
-
- public static byte[] toUTF8ByteArray(String string) {
- return toUTF8ByteArray(string.toCharArray());
- }
-
- public static byte[] toUTF8ByteArray(char[] string) {
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
- try {
- toUTF8ByteArray(string, bOut);
- } catch (IOException e) {
- throw new IllegalStateException("cannot encode string to byte array!");
- }
-
- return bOut.toByteArray();
- }
-
- public static void toUTF8ByteArray(char[] string, OutputStream sOut) throws IOException {
- char[] c = string;
- int i = 0;
-
- while (i < c.length) {
- char ch = c[i];
-
- if (ch < 0x0080) {
- sOut.write(ch);
- } else if (ch < 0x0800) {
- sOut.write(0xc0 | (ch >> 6));
- sOut.write(0x80 | (ch & 0x3f));
- }
- // surrogate pair
- else if (ch >= 0xD800 && ch <= 0xDFFF) {
- // in error - can only happen, if the Java String class has a
- // bug.
- if (i + 1 >= c.length) {
- throw new IllegalStateException("invalid UTF-16 codepoint");
- }
- char W1 = ch;
- ch = c[++i];
- char W2 = ch;
- // in error - can only happen, if the Java String class has a
- // bug.
- if (W1 > 0xDBFF) {
- throw new IllegalStateException("invalid UTF-16 codepoint");
- }
- int codePoint = (((W1 & 0x03FF) << 10) | (W2 & 0x03FF)) + 0x10000;
- sOut.write(0xf0 | (codePoint >> 18));
- sOut.write(0x80 | ((codePoint >> 12) & 0x3F));
- sOut.write(0x80 | ((codePoint >> 6) & 0x3F));
- sOut.write(0x80 | (codePoint & 0x3F));
- } else {
- sOut.write(0xe0 | (ch >> 12));
- sOut.write(0x80 | ((ch >> 6) & 0x3F));
- sOut.write(0x80 | (ch & 0x3F));
- }
-
- i++;
- }
- }
-
- /**
- * A locale independent version of toUpperCase.
- *
- * @param string input to be converted
- * @return a US Ascii uppercase version
- */
- public static String toUpperCase(String string) {
- boolean changed = false;
- char[] chars = string.toCharArray();
-
- for (int i = 0; i != chars.length; i++) {
- char ch = chars[i];
- if ('a' <= ch && 'z' >= ch) {
- changed = true;
- chars[i] = (char)(ch - 'a' + 'A');
- }
- }
-
- if (changed) {
- return new String(chars);
- }
-
- return string;
- }
-
- /**
- * A locale independent version of toLowerCase.
- *
- * @param string input to be converted
- * @return a US ASCII lowercase version
- */
- public static String toLowerCase(String string) {
- boolean changed = false;
- char[] chars = string.toCharArray();
-
- for (int i = 0; i != chars.length; i++) {
- char ch = chars[i];
- if ('A' <= ch && 'Z' >= ch) {
- changed = true;
- chars[i] = (char)(ch - 'A' + 'a');
- }
- }
-
- if (changed) {
- return new String(chars);
- }
-
- return string;
- }
-
- public static byte[] toByteArray(char[] chars) {
- byte[] bytes = new byte[chars.length];
-
- for (int i = 0; i != bytes.length; i++) {
- bytes[i] = (byte)chars[i];
- }
-
- return bytes;
- }
-
- public static byte[] toByteArray(String string) {
- byte[] bytes = new byte[string.length()];
-
- for (int i = 0; i != bytes.length; i++) {
- char ch = string.charAt(i);
-
- bytes[i] = (byte)ch;
- }
-
- return bytes;
- }
-
- /**
- * Convert an array of 8 bit characters into a string.
- *
- * @param bytes 8 bit characters.
- * @return resulting String.
- */
- public static String fromByteArray(byte[] bytes) {
- return new String(asCharArray(bytes));
- }
-
- /**
- * Do a simple conversion of an array of 8 bit characters into a string.
- *
- * @param bytes 8 bit characters.
- * @return resulting String.
- */
- public static char[] asCharArray(byte[] bytes) {
- char[] chars = new char[bytes.length];
-
- for (int i = 0; i != chars.length; i++) {
- chars[i] = (char)(bytes[i] & 0xff);
- }
-
- return chars;
- }
-
- public static String[] split(String input, char delimiter) {
- List<String> v = new ArrayList<String>();
- boolean moreTokens = true;
- String subString;
-
- while (moreTokens) {
- int tokenLocation = input.indexOf(delimiter);
- if (tokenLocation > 0) {
- subString = input.substring(0, tokenLocation);
- v.add(subString);
- input = input.substring(tokenLocation + 1);
- } else {
- moreTokens = false;
- v.add(input);
- }
- }
-
- return v.toArray(new String[v.size()]);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61String.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61String.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61String.java
deleted file mode 100644
index 8ad8b89..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61String.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1T61String extends Asn1String
-{
- public Asn1T61String() {
- this(null);
- }
-
- public Asn1T61String(String value) {
- super(UniversalTag.T61_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61Utf8String.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61Utf8String.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61Utf8String.java
deleted file mode 100644
index 2118fd8..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1T61Utf8String.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.nio.charset.StandardCharsets;
-
-public class Asn1T61Utf8String extends Asn1String
-{
- public Asn1T61Utf8String() {
- this(null);
- }
-
- public Asn1T61Utf8String(String value) {
- super(UniversalTag.T61_STRING, value);
- }
-
- protected void toBytes() {
- setBytes(getValue().getBytes(StandardCharsets.UTF_8));
- }
-
- protected void toValue() {
- setValue(new String(getBytes(), StandardCharsets.UTF_8));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Tagging.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Tagging.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Tagging.java
deleted file mode 100644
index 14faf32..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Tagging.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-
-import java.io.IOException;
-import java.lang.reflect.ParameterizedType;
-import java.nio.ByteBuffer;
-
-/**
- * For tagging any Asn1Type with a tagNo
- */
-public class Asn1Tagging<T extends Asn1Type> extends AbstractAsn1Type<T> {
-
- public Asn1Tagging(boolean isAppSpecific) {
- this(-1, null, isAppSpecific);
- }
-
- public Asn1Tagging(int tagNo, T value, boolean isAppSpecific) {
- super(isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC, tagNo, value);
- setEncodingOption(EncodingOption.EXPLICIT);
- if (value == null) {
- initValue();
- }
- }
-
- @Override
- protected int encodingBodyLength() {
- AbstractAsn1Type value = (AbstractAsn1Type) getValue();
- if (encodingOption.isExplicit()) {
- return value.encodingLength();
- } else if (encodingOption.isImplicit()) {
- return value.encodingBodyLength();
- } else {
- throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
- }
- }
-
- @Override
- public boolean isConstructed() {
- if (encodingOption.isExplicit()) {
- return true;
- } else if (encodingOption.isImplicit()) {
- AbstractAsn1Type value = (AbstractAsn1Type) getValue();
- return value.isConstructed();
- }
- return false;
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- AbstractAsn1Type value = (AbstractAsn1Type) getValue();
- if (encodingOption.isExplicit()) {
- value.encode(buffer);
- } else if (encodingOption.isImplicit()) {
- value.encodeBody(buffer);
- } else {
- throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
- }
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- AbstractAsn1Type value = (AbstractAsn1Type) getValue();
- if (encodingOption.isExplicit()) {
- value.decode(content);
- } else if (encodingOption.isImplicit()) {
- value.decodeBody(content);
- } else {
- throw new RuntimeException("Invalid util option, only allowing explicit/implicit");
- }
- }
-
- private void initValue() {
- Class<? extends Asn1Type> valueType = (Class<T>) ((ParameterizedType) getClass().getGenericSuperclass()).getActualTypeArguments()[0];
- AbstractAsn1Type value = null;
- try {
- value = (AbstractAsn1Type) valueType.newInstance();
- } catch (Exception e) {
- throw new RuntimeException("Failed to create tagged value", e);
- }
- setValue((T) value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Type.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Type.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Type.java
deleted file mode 100644
index 724d847..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Type.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.TaggingOption;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public interface Asn1Type {
- public int tagFlags();
- public int tagNo();
- public void setEncodingOption(EncodingOption encodingOption);
- public int encodingLength();
- public byte[] encode();
- public void encode(ByteBuffer buffer);
- public void decode(byte[] content) throws IOException;
- public void decode(ByteBuffer content) throws IOException;
- public byte[] taggedEncode(TaggingOption taggingOption);
- public void taggedEncode(ByteBuffer buffer, TaggingOption taggingOption);
- public void taggedDecode(ByteBuffer content, TaggingOption taggingOption) throws IOException;
- public void taggedDecode(byte[] content, TaggingOption taggingOption) throws IOException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UniversalString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UniversalString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UniversalString.java
deleted file mode 100644
index 6ebbe62..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UniversalString.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1UniversalString extends Asn1String
-{
- public Asn1UniversalString() {
- this(null);
- }
-
- public Asn1UniversalString(String value) {
- super(UniversalTag.UNIVERSAL_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UtcTime.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UtcTime.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UtcTime.java
deleted file mode 100644
index 73eed80..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1UtcTime.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.SimpleTimeZone;
-
-public class Asn1UtcTime extends Asn1Simple<Date>
-{
- public Asn1UtcTime() {
- this(null);
- }
-
- public Asn1UtcTime(long time) {
- super(UniversalTag.UTC_TIME, new Date(time * 1000L));
- }
-
- public Asn1UtcTime(Date date) {
- super(UniversalTag.UTC_TIME, date);
- }
-
- protected void toValue() throws IOException {
- String dateStr = new String(getBytes(), StandardCharsets.US_ASCII);
- String fixedDateStr = dateStr;
-
- /*
- * Make sure fixed date str be of the complete pattern 'YYMMDDhhmmss+/-hhmm'
- */
- int strLen = fixedDateStr.length();
- if (strLen == 6) { // YYMMDD
- fixedDateStr += "000000+0000";
- } else if (strLen == 7) { // YYMMDDZ
- fixedDateStr = fixedDateStr.replace("Z", "000000+0000");
- } else if (strLen == 10) { // YYMMDDhhmm
- fixedDateStr += "00+0000";
- } else if (strLen == 11) { // YYMMDDhhmmZ
- fixedDateStr = fixedDateStr.replace("Z", "00+0000");
- } else if (strLen == 12) { // YYMMDDhhmmss
- fixedDateStr += "+0000";
- } else if (strLen == 13) { // YYMMDDhhmmZ
- fixedDateStr = fixedDateStr.replace("Z", "+0000");
- } else if (strLen != 17) {
- throw new IllegalArgumentException("Bad utc time string " + dateStr);
- }
-
- SimpleDateFormat sdf;
- sdf = new SimpleDateFormat("yyMMddHHmmssZ");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
- try {
- setValue(sdf.parse(fixedDateStr));
- } catch (ParseException e) {
- throw new IOException("Failed to parse " + dateStr + " as utc time", e);
- }
- }
-
- @Override
- protected void toBytes() {
- Date date = getValue();
- SimpleDateFormat sdf = new SimpleDateFormat("yyMMddHHmmss'Z'");
- sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
-
- String str = sdf.format(date);
- byte[] bytes = str.getBytes(StandardCharsets.US_ASCII);
- setBytes(bytes);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Utf8String.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Utf8String.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Utf8String.java
deleted file mode 100644
index 86e0c39..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1Utf8String.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-
-public class Asn1Utf8String extends Asn1String
-{
- public Asn1Utf8String() {
- this(null);
- }
-
- public Asn1Utf8String(String value) {
- super(UniversalTag.UTF8_STRING, value);
- }
-
- @Override
- protected void toBytes() {
- byte[] bytes = getValue().getBytes(StandardCharsets.UTF_8);
- setBytes(bytes);
- }
-
- protected void toValue() throws IOException {
- byte[] bytes = getBytes();
- setValue(new String(bytes, StandardCharsets.UTF_8));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1VisibleString.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1VisibleString.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1VisibleString.java
deleted file mode 100644
index b720e48..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/Asn1VisibleString.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.UniversalTag;
-
-public class Asn1VisibleString extends Asn1String
-{
- public Asn1VisibleString() {
- this(null);
- }
-
- public Asn1VisibleString(String value) {
- super(UniversalTag.VISIBLE_STRING, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingCollection.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingCollection.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingCollection.java
deleted file mode 100644
index 06c4acc..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingCollection.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-import org.apache.haox.asn1.EncodingOption;
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.TagClass;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-/**
- * For tagging a collection type with tagNo, either application specific or context specific class
- */
-public abstract class TaggingCollection extends AbstractAsn1Type<Asn1CollectionType> {
- private Asn1Tagging<Asn1CollectionType> tagging;
- private Asn1CollectionType tagged;
-
- public TaggingCollection(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
- super(isAppSpecific ? TagClass.APPLICATION : TagClass.CONTEXT_SPECIFIC, taggingTagNo);
- this.tagged = createTaggedCollection(tags);
- setValue(tagged);
- this.tagging = new Asn1Tagging<Asn1CollectionType>(taggingTagNo, tagged, isAppSpecific);
- setEncodingOption(EncodingOption.EXPLICIT);
- }
-
- protected abstract Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags);
-
- public void setEncodingOption(EncodingOption encodingOption) {
- tagging.setEncodingOption(encodingOption);
- }
-
- @Override
- public boolean isConstructed() {
- return tagging.isConstructed();
- }
-
- @Override
- protected int encodingBodyLength() {
- return tagging.encodingBodyLength();
- }
-
- @Override
- protected void encodeBody(ByteBuffer buffer) {
- tagging.encodeBody(buffer);
- }
-
- @Override
- protected void decodeBody(LimitedByteBuffer content) throws IOException {
- tagging.decodeBody(content);
- }
-
- protected <T extends Asn1Type> T getFieldAs(int index, Class<T> t) {
- return tagged.getFieldAs(index, t);
- }
-
- protected void setFieldAs(int index, Asn1Type value) {
- tagged.setFieldAs(index, value);
- }
-
- protected String getFieldAsString(int index) {
- return tagged.getFieldAsString(index);
- }
-
- protected byte[] getFieldAsOctets(int index) {
- return tagged.getFieldAsOctets(index);
- }
-
- protected void setFieldAsOctets(int index, byte[] bytes) {
- tagged.setFieldAsOctets(index, bytes);
- }
-
- protected Integer getFieldAsInteger(int index) {
- return tagged.getFieldAsInteger(index);
- }
-
- protected void setFieldAsInt(int index, int value) {
- tagged.setFieldAsInt(index, value);
- }
-
- protected byte[] getFieldAsOctetBytes(int index) {
- return tagged.getFieldAsOctets(index);
- }
-
- protected void setFieldAsOctetBytes(int index, byte[] value) {
- tagged.setFieldAsOctets(index, value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSequence.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSequence.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSequence.java
deleted file mode 100644
index 0901f54..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSequence.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-/**
- * For tagging a sequence type with tagNo, either application specific or context specific class
- */
-public class TaggingSequence extends TaggingCollection {
-
- public TaggingSequence(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
- super(taggingTagNo, tags, isAppSpecific);
- }
-
- @Override
- protected Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags) {
- return new Asn1SequenceType(tags);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSet.java
----------------------------------------------------------------------
diff --git a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSet.java b/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSet.java
deleted file mode 100644
index 0dc5fe4..0000000
--- a/contrib/haox-asn1/src/main/java/org/apache/haox/asn1/type/TaggingSet.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.haox.asn1.type;
-
-/**
- * For tagging a sequence type with tagNo, either application specific or context specific class
- */
-public class TaggingSet extends TaggingCollection {
-
- public TaggingSet(int taggingTagNo, Asn1FieldInfo[] tags, boolean isAppSpecific) {
- super(taggingTagNo, tags, isAppSpecific);
- }
-
- @Override
- protected Asn1CollectionType createTaggedCollection(Asn1FieldInfo[] tags) {
- return new Asn1SetType(tags);
- }
-}
[30/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
deleted file mode 100644
index e1cd21f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public interface CheckSumTypeHandler extends CryptoTypeHandler {
-
- public int confounderSize();
-
- public CheckSumType cksumType();
-
- public int computeSize(); // allocation size for checksum computation
-
- public int outputSize(); // possibly truncated output size
-
- public boolean isSafe();
-
- public int cksumSize();
-
- public int keySize();
-
- public byte[] checksum(byte[] data) throws KrbException;
-
- public byte[] checksum(byte[] data, int start, int len) throws KrbException;
-
- public boolean verify(byte[] data, byte[] checksum) throws KrbException;
-
- public boolean verify(byte[] data, int start, int len, byte[] checksum) throws KrbException;
-
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException;
-
- public byte[] checksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException;
-
- public boolean verifyWithKey(byte[] data,
- byte[] key, int usage, byte[] checksum) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
deleted file mode 100644
index cb81b82..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
+++ /dev/null
@@ -1,178 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 cmac.c
- */
-public class Cmac {
-
- private static byte[] constRb = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, (byte) 0x87
- };
-
- public static byte[] cmac(EncryptProvider encProvider, byte[] key,
- byte[] data, int outputSize) throws KrbException {
- return cmac(encProvider, key, data, 0, data.length, outputSize);
- }
-
- public static byte[] cmac(EncryptProvider encProvider, byte[] key, byte[] data,
- int start, int len, int outputSize) throws KrbException {
- byte[] hash = Cmac.cmac(encProvider, key, data, start, len);
- if (hash.length > outputSize) {
- byte[] output = new byte[outputSize];
- System.arraycopy(hash, 0, output, 0, outputSize);
- return output;
- } else {
- return hash;
- }
- }
-
- public static byte[] cmac(EncryptProvider encProvider,
- byte[] key, byte[] data) throws KrbException {
- return cmac(encProvider, key, data, 0, data.length);
- }
-
- public static byte[] cmac(EncryptProvider encProvider,
- byte[] key, byte[] data, int start, int len) throws KrbException {
-
- int blockSize = encProvider.blockSize();
-
- byte[] Y = new byte[blockSize];
- byte[] mLast = new byte[blockSize];
- byte[] padded = new byte[blockSize];
- byte[] K1 = new byte[blockSize];
- byte[] K2 = new byte[blockSize];
-
- // step 1
- makeSubkey(encProvider, key, K1, K2);
-
- // step 2
- int n = (len + blockSize - 1) / blockSize;
-
- // step 3
- boolean lastIsComplete;
- if (n == 0) {
- n = 1;
- lastIsComplete = false;
- } else {
- lastIsComplete = ((len % blockSize) == 0);
- }
-
- // Step 6 (all but last block)
- byte[] cipherState = new byte[blockSize];
- byte[] cipher = new byte[blockSize];
- for (int i = 0; i < n - 1; i++) {
- System.arraycopy(data, i * blockSize, cipher, 0, blockSize);
- encryptBlock(encProvider, key, cipherState, cipher);
- System.arraycopy(cipher, 0, cipherState, 0, blockSize);
- }
-
- // step 5
- System.arraycopy(cipher, 0, Y, 0, blockSize);
-
- // step 4
- int lastPos = (n - 1) * blockSize;
- int lastLen = lastIsComplete ? blockSize : len % blockSize;
- byte[] lastBlock = new byte[lastLen];
- System.arraycopy(data, lastPos, lastBlock, 0, lastLen);
- if (lastIsComplete) {
- BytesUtil.xor(lastBlock, K1, mLast);
- } else {
- padding(lastBlock, padded);
- BytesUtil.xor(padded, K2, mLast);
- }
-
- // Step 6 (last block)
- encryptBlock(encProvider, key, cipherState, mLast);
-
- return mLast;
- }
-
- // Generate subkeys K1 and K2 as described in RFC 4493 figure 2.2.
- private static void makeSubkey(EncryptProvider encProvider,
- byte[] key, byte[] K1, byte[] K2) throws KrbException {
-
- // L := encrypt(K, const_Zero)
- byte[] L = new byte[K1.length];
- Arrays.fill(L, (byte) 0);
- encryptBlock(encProvider, key, null, L);
-
- // K1 := (MSB(L) == 0) ? L << 1 : (L << 1) XOR const_Rb
- if ((L[0] & 0x80) == 0) {
- leftShiftByOne(L, K1);
- } else {
- byte[] tmp = new byte[K1.length];
- leftShiftByOne(L, tmp);
- BytesUtil.xor(tmp, constRb, K1);
- }
-
- // K2 := (MSB(K1) == 0) ? K1 << 1 : (K1 << 1) XOR const_Rb
- if ((K1[0] & 0x80) == 0) {
- leftShiftByOne(K1, K2);
- } else {
- byte[] tmp = new byte[K1.length];
- leftShiftByOne(K1, tmp);
- BytesUtil.xor(tmp, constRb, K2);
- }
- }
-
- private static void encryptBlock(EncryptProvider encProvider,
- byte[] key, byte[] cipherState, byte[] block) throws KrbException {
- if (cipherState == null) {
- cipherState = new byte[encProvider.blockSize()];
- }
- if (encProvider.supportCbcMac()) {
- encProvider.cbcMac(key, cipherState, block);
- } else {
- encProvider.encrypt(key, cipherState, block);
- }
- }
-
- private static void leftShiftByOne(byte[] input, byte[] output) {
- byte overflow = 0;
-
- for (int i = input.length - 1; i >= 0; i--) {
- output[i] = (byte) (input[i] << 1);
- output[i] |= overflow;
- overflow = (byte) ((input[i] & 0x80) != 0 ? 1 : 0);
- }
- }
-
- // Padding out data with a 1 bit followed by 0 bits, placing the result in pad
- private static void padding(byte[] data, byte[] padded) {
- int len = data.length;
-
- // original last block
- System.arraycopy(data, 0, padded, 0, len);
-
- padded[len] = (byte) 0x80;
-
- for (int i = len + 1; i < padded.length; i++) {
- padded[i] = 0x00;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
deleted file mode 100644
index 5060c2c..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public final class Confounder {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static byte[] makeBytes(int size) {
- byte[] data = new byte[size];
- srand.nextBytes(data);
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
deleted file mode 100644
index 5b934f0..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Reference: http://introcs.cs.princeton.edu/java/51data/CRC32.java
- */
-public class Crc32 {
-
- private static long[] table = {
- 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3,
- 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91,
- 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
- 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5,
- 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
- 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
- 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f,
- 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,
- 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
- 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
- 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457,
- 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
- 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb,
- 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9,
- 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
- 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad,
- 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683,
- 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
- 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7,
- 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
- 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
- 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79,
- 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f,
- 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
- 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
- 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21,
- 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
- 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45,
- 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db,
- 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
- 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
- 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d,
- };
-
- public static byte[] crc(byte[] data, int start, int size) {
- long c = crc(0, data, start, size);
- return BytesUtil.int2bytes((int) c, false);
- }
-
- public static long crc(long initial, byte[] data, int start, int len) {
- long c = initial;
-
- int idx;
- for (int i = 0; i < len; i++) {
- idx = (int) ((data[start + i] ^ c) & 0xff);
- c = ((c & 0xffffffffL) >>> 8) ^ table[idx]; // why?
- }
-
- return c;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
deleted file mode 100644
index d449d2d..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-public interface CryptoTypeHandler {
-
- public String name();
-
- public String displayName();
-
- public EncryptProvider encProvider();
-
- public HashProvider hashProvider();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
deleted file mode 100644
index c94814f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 weak_key.c
- */
-public class Des {
-
- /*
- * The following are the weak DES keys:
- */
- static byte[][] WEAK_KEYS = {
- /* weak keys */
- {(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01},
- {(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe},
- {(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e},
- {(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1},
-
- /* semi-weak */
- {(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01},
-
- {(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1},
- {(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e},
-
- {(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1},
- {(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1,(byte) 0x01},
-
- {(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e},
-
- {(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e},
- {(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e,(byte) 0x01},
-
- {(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1}
- };
-
- public static boolean isWeakKey(byte[] key, int offset, int len) {
- boolean match;
- for (byte[] weakKey : WEAK_KEYS) {
- match = true;
- if (weakKey.length == len) {
- for (int i = 0; i < len; i++) {
- if (weakKey[i] != key[i]) {
- match = false;
- break;
- }
- }
- }
- if (match) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * MIT krb5 FIXUP(k) in s2k_des.c
- */
- public static void fixKey(byte[] key, int offset, int len) {
- if (isWeakKey(key, offset, len)) {
- key[offset + 7] ^= (byte) 0xf0;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
deleted file mode 100644
index c52d17e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public interface EncTypeHandler extends CryptoTypeHandler {
-
- public EncryptionType eType();
-
- public int keyInputSize();
-
- public int keySize();
-
- public int confounderSize();
-
- public int checksumSize();
-
- public int paddingSize();
-
- public byte[] str2key(String string,
- String salt, byte[] param) throws KrbException;
-
- public byte[] random2Key(byte[] randomBits) throws KrbException;
-
- public CheckSumType checksumType();
-
- public byte[] encrypt(byte[] data, byte[] key, int usage)
- throws KrbException;
-
- public byte[] encrypt(byte[] data, byte[] key, byte[] ivec,
- int usage) throws KrbException;
-
- public byte[] decrypt(byte[] cipher, byte[] key, int usage)
- throws KrbException;
-
- public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec,
- int usage) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
deleted file mode 100644
index 2d1d64e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.crypto.enc.*;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.*;
-
-public class EncryptionHandler {
-
- public static EncryptionType getEncryptionType(String eType) throws KrbException {
- EncryptionType result = EncryptionType.fromName(eType);
- return result;
- }
-
- public static EncTypeHandler getEncHandler(String eType) throws KrbException {
- EncryptionType result = EncryptionType.fromName(eType);
- return getEncHandler(result);
- }
-
- public static EncTypeHandler getEncHandler(int eType) throws KrbException {
- EncryptionType eTypeEnum = EncryptionType.fromValue(eType);
- return getEncHandler(eTypeEnum);
- }
-
- public static EncTypeHandler getEncHandler(EncryptionType eType) throws KrbException {
- return getEncHandler(eType, false);
- }
-
- private static EncTypeHandler getEncHandler(EncryptionType eType, boolean check) throws KrbException {
- EncTypeHandler encHandler = null;
-
- switch (eType) {
- case DES_CBC_CRC:
- encHandler = new DesCbcCrcEnc();
- break;
-
- case DES_CBC_MD5:
- case DES:
- encHandler = new DesCbcMd5Enc();
- break;
-
- case DES_CBC_MD4:
- encHandler = new DesCbcMd4Enc();
- break;
-
- case DES3_CBC_SHA1:
- case DES3_CBC_SHA1_KD:
- case DES3_HMAC_SHA1:
- encHandler = new Des3CbcSha1Enc();
- break;
-
- case AES128_CTS_HMAC_SHA1_96:
- case AES128_CTS:
- encHandler = new Aes128CtsHmacSha1Enc();
- break;
-
- case AES256_CTS_HMAC_SHA1_96:
- case AES256_CTS:
- encHandler = new Aes256CtsHmacSha1Enc();
- break;
-
- case CAMELLIA128_CTS_CMAC:
- case CAMELLIA128_CTS:
- encHandler = new Camellia128CtsCmacEnc();
- break;
-
- case CAMELLIA256_CTS_CMAC:
- case CAMELLIA256_CTS:
- encHandler = new Camellia256CtsCmacEnc();
- break;
-
- case RC4_HMAC:
- case ARCFOUR_HMAC:
- case ARCFOUR_HMAC_MD5:
- encHandler = new Rc4HmacEnc();
- break;
-
- case RC4_HMAC_EXP:
- case ARCFOUR_HMAC_EXP:
- case ARCFOUR_HMAC_MD5_EXP:
- encHandler = new Rc4HmacExpEnc();
- break;
-
- case NONE:
- default:
- break;
- }
-
- if (encHandler == null && ! check) {
- String message = "Unsupported encryption type: " + eType.name();
- throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP, message);
- }
-
- return encHandler;
- }
-
- public static EncryptedData encrypt(byte[] plainText, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
- byte[] cipher = handler.encrypt(plainText, key.getKeyData(), usage.getValue());
-
- EncryptedData ed = new EncryptedData();
- ed.setCipher(cipher);
- ed.setEType(key.getKeyType());
- ed.setKvno(key.getKvno());
-
- return ed;
- }
-
- public static byte[] decrypt(byte[] data, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
-
- byte[] plainData = handler.decrypt(data, key.getKeyData(), usage.getValue());
- return plainData;
- }
-
- public static byte[] decrypt(EncryptedData data, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
-
- byte[] plainData = handler.decrypt(data.getCipher(), key.getKeyData(), usage.getValue());
- return plainData;
- }
-
- public static boolean isImplemented(EncryptionType eType) {
- EncTypeHandler handler = null;
- try {
- handler = getEncHandler(eType, true);
- } catch (KrbException e) {
- return false;
- }
- return handler != null;
- }
-
- public static EncryptionKey string2Key(String principalName,
- String passPhrase, EncryptionType eType) throws KrbException {
- PrincipalName principal = new PrincipalName(principalName);
- return string2Key(passPhrase,
- PrincipalName.makeSalt(principal), null, eType);
- }
-
- public static EncryptionKey string2Key(String string, String salt,
- byte[] s2kparams, EncryptionType eType) throws KrbException {
- EncTypeHandler handler = getEncHandler(eType);
- byte[] keyBytes = handler.str2key(string, salt, s2kparams);
- return new EncryptionKey(eType, keyBytes);
- }
-
- public static EncryptionKey random2Key(EncryptionType eType) throws KrbException {
- EncTypeHandler handler = getEncHandler(eType);
-
- byte[] randomBytes = Random.makeBytes(handler.keyInputSize());
- byte[] keyBytes = handler.random2Key(randomBytes);
- EncryptionKey encKey = new EncryptionKey(eType, keyBytes);
- return encKey;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
deleted file mode 100644
index 0117e9f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 hmac.c
- */
-public class Hmac {
-
- public static byte[] hmac(HashProvider hashProvider, byte[] key,
- byte[] data, int outputSize) throws KrbException {
- return hmac(hashProvider, key, data, 0, data.length, outputSize);
- }
-
- public static byte[] hmac(HashProvider hashProvider, byte[] key, byte[] data,
- int start, int len, int outputSize) throws KrbException {
- byte[] hash = Hmac.hmac(hashProvider, key, data, start, len);
-
- byte[] output = new byte[outputSize];
- System.arraycopy(hash, 0, output, 0, outputSize);
- return output;
- }
-
- public static byte[] hmac(HashProvider hashProvider,
- byte[] key, byte[] data) throws KrbException {
- return hmac(hashProvider, key, data, 0, data.length);
- }
-
- public static byte[] hmac(HashProvider hashProvider,
- byte[] key, byte[] data, int start, int len) throws KrbException {
-
- int blockLen = hashProvider.blockSize();
- byte[] innerPaddedKey = new byte[blockLen];
- byte[] outerPaddedKey = new byte[blockLen];
-
- // Create the inner padded key
- Arrays.fill(innerPaddedKey, (byte)0x36);
- for (int i = 0; i < key.length; i++) {
- innerPaddedKey[i] ^= key[i];
- }
-
- // Create the outer padded key
- Arrays.fill(outerPaddedKey, (byte)0x5c);
- for (int i = 0; i < key.length; i++) {
- outerPaddedKey[i] ^= key[i];
- }
-
- hashProvider.hash(innerPaddedKey);
-
- hashProvider.hash(data, start, len);
-
- byte[] tmp = hashProvider.output();
-
- hashProvider.hash(outerPaddedKey);
- hashProvider.hash(tmp);
-
- tmp = hashProvider.output();
- return tmp;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
deleted file mode 100644
index 8534c39..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
+++ /dev/null
@@ -1,339 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.DigestException;
-import java.security.MessageDigest;
-import java.security.MessageDigestSpi;
-
-/**
- * MD4.java - An implementation of Ron Rivest's MD4 message digest algorithm.
- * The MD4 algorithm is designed to be quite fast on 32-bit machines. In
- * addition, the MD4 algorithm does not require any large substitution
- * tables.
- *
- * @see The <a href="http://www.ietf.org/rfc/rfc1320.txt">MD4</a> Message-
- * Digest Algorithm by R. Rivest.
- *
- * @author <a href="http://mina.apache.org">Apache MINA Project</a>
- * @since MINA 2.0.0-M3
- */
-
-/**
- * Copied from Mina project and modified a bit
- */
-public class Md4 extends MessageDigest {
-
- /**
- * The MD4 algorithm message digest length is 16 bytes wide.
- */
- public static final int BYTE_DIGEST_LENGTH = 16;
-
- /**
- * The MD4 algorithm block length is 64 bytes wide.
- */
- public static final int BYTE_BLOCK_LENGTH = 64;
-
- /**
- * The initial values of the four registers. RFC gives the values
- * in LE so we converted it as JAVA uses BE endianness.
- */
- private final static int A = 0x67452301;
-
- private final static int B = 0xefcdab89;
-
- private final static int C = 0x98badcfe;
-
- private final static int D = 0x10325476;
-
- /**
- * The four registers initialized with the above IVs.
- */
- private int a = A;
-
- private int b = B;
-
- private int c = C;
-
- private int d = D;
-
- /**
- * Counts the total length of the data being digested.
- */
- private long msgLength;
-
- /**
- * The internal buffer is {@link BLOCK_LENGTH} wide.
- */
- private final byte[] buffer = new byte[BYTE_BLOCK_LENGTH];
-
- /**
- * Default constructor.
- */
- public Md4() {
- super("MD4");
- engineReset();
- }
-
- /**
- * Returns the digest length in bytes.
- *
- * @return the digest length in bytes.
- */
- protected int engineGetDigestLength() {
- return BYTE_DIGEST_LENGTH;
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineUpdate(byte b) {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- buffer[pos] = b;
- msgLength++;
-
- // If buffer contains enough data then process it.
- if (pos == (BYTE_BLOCK_LENGTH - 1)) {
- process(buffer, 0);
- }
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineUpdate(byte[] b, int offset, int len) {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- int nbOfCharsToFillBuf = BYTE_BLOCK_LENGTH - pos;
- int blkStart = 0;
-
- msgLength += len;
-
- // Process each full block
- if (len >= nbOfCharsToFillBuf) {
- System.arraycopy(b, offset, buffer, pos, nbOfCharsToFillBuf);
- process(buffer, 0);
- for (blkStart = nbOfCharsToFillBuf; blkStart + BYTE_BLOCK_LENGTH - 1 < len; blkStart += BYTE_BLOCK_LENGTH) {
- process(b, offset + blkStart);
- }
- pos = 0;
- }
-
- // Fill buffer with the remaining data
- if (blkStart < len) {
- System.arraycopy(b, offset + blkStart, buffer, pos, len - blkStart);
- }
- }
-
- /**
- * {@inheritDoc}
- */
- protected byte[] engineDigest() {
- byte[] p = pad();
- engineUpdate(p, 0, p.length);
- byte[] digest = { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16), (byte) (a >>> 24), (byte) b, (byte) (b >>> 8),
- (byte) (b >>> 16), (byte) (b >>> 24), (byte) c, (byte) (c >>> 8), (byte) (c >>> 16), (byte) (c >>> 24),
- (byte) d, (byte) (d >>> 8), (byte) (d >>> 16), (byte) (d >>> 24) };
-
- engineReset();
-
- return digest;
- }
-
- /**
- * {@inheritDoc}
- */
- protected int engineDigest(byte[] buf, int offset, int len) throws DigestException {
- if (offset < 0 || offset + len >= buf.length) {
- throw new DigestException("Wrong offset or not enough space to store the digest");
- }
- int destLength = Math.min(len, BYTE_DIGEST_LENGTH);
- System.arraycopy(engineDigest(), 0, buf, offset, destLength);
- return destLength;
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineReset() {
- a = A;
- b = B;
- c = C;
- d = D;
- msgLength = 0;
- }
-
- /**
- * Pads the buffer by appending the byte 0x80, then append as many zero
- * bytes as necessary to make the buffer length a multiple of 64 bytes.
- * The last 8 bytes will be filled with the length of the buffer in bits.
- * If there's no room to store the length in bits in the block i.e the block
- * is larger than 56 bytes then an additionnal 64-bytes block is appended.
- *
- * @see sections 3.1 & 3.2 of the RFC 1320.
- *
- * @return the pad byte array
- */
- private byte[] pad() {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- int padLength = (pos < 56) ? (64 - pos) : (128 - pos);
- byte[] pad = new byte[padLength];
-
- // First bit of the padding set to 1
- pad[0] = (byte) 0x80;
-
- long bits = msgLength << 3;
- int index = padLength - 8;
- for (int i = 0; i < 8; i++) {
- pad[index++] = (byte) (bits >>> (i << 3));
- }
-
- return pad;
- }
-
- /**
- * Process one 64-byte block. Algorithm is constituted by three rounds.
- * Note that F, G and H functions were inlined for improved performance.
- *
- * @param in the byte array to process
- * @param offset the offset at which the 64-byte block is stored
- */
- private void process(byte[] in, int offset) {
- // Save previous state.
- int aa = a;
- int bb = b;
- int cc = c;
- int dd = d;
-
- // Copy the block to process into X array
- int[] X = new int[16];
- for (int i = 0; i < 16; i++) {
- X[i] = (in[offset++] & 0xff) | (in[offset++] & 0xff) << 8 | (in[offset++] & 0xff) << 16
- | (in[offset++] & 0xff) << 24;
- }
-
- // Round 1
- a += ((b & c) | (~b & d)) + X[0];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[1];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[2];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[3];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[4];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[5];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[6];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[7];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[8];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[9];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[10];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[11];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[12];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[13];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[14];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[15];
- b = b << 19 | b >>> (32 - 19);
-
- // Round 2
- a += ((b & (c | d)) | (c & d)) + X[0] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[4] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[8] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[12] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[1] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[5] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[9] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[13] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[2] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[6] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[10] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[14] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[3] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[7] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[11] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[15] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
-
- // Round 3
- a += (b ^ c ^ d) + X[0] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[8] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[4] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[12] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[2] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[10] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[6] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[14] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[1] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[9] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[5] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[13] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[3] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[11] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[7] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[15] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
-
- //Update state.
- a += aa;
- b += bb;
- c += cc;
- d += dd;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
deleted file mode 100644
index c53f32e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 nfold.c
- */
-
-/*
- * n-fold(k-bits):
- * l = lcm(n,k)
- * r = l/k
- * s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1)
- * compute the 1's complement sum:
- * n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1]
- */
-public class Nfold {
-
- /**
- * representation: msb first, assume n and k are multiples of 8, and
- * that k>=16. this is the case of all the cryptosystems which are
- * likely to be used. this function can be replaced if that
- * assumption ever fails.
- */
- public static byte[] nfold(byte[] inBytes, int size) {
- int inBytesNum = inBytes.length; // count inBytes byte
- int outBytesNum = size; // count inBytes byte
-
- int a, b, c, lcm;
- a = outBytesNum;
- b = inBytesNum;
-
- while (b != 0) {
- c = b;
- b = a % b;
- a = c;
- }
- lcm = (outBytesNum * inBytesNum) / a;
-
- byte[] outBytes = new byte[outBytesNum];
- Arrays.fill(outBytes, (byte)0);
-
- int tmpByte = 0;
- int msbit, i, tmp;
-
- for (i = lcm-1; i >= 0; i--) {
- // first, start with the msbit inBytes the first, unrotated byte
- tmp = ((inBytesNum<<3)-1);
- // then, for each byte, shift to the right for each repetition
- tmp += (((inBytesNum<<3)+13)*(i/inBytesNum));
- // last, pick outBytes the correct byte within that shifted repetition
- tmp += ((inBytesNum-(i%inBytesNum)) << 3);
-
- msbit = tmp % (inBytesNum << 3);
-
- // pull outBytes the byte value itself
- tmp = ((((inBytes[((inBytesNum - 1)-(msbit >>> 3)) % inBytesNum] & 0xff) << 8) |
- (inBytes[((inBytesNum) - (msbit >>> 3)) % inBytesNum] & 0xff))
- >>>((msbit & 7)+1)) & 0xff;
-
- tmpByte += tmp;
- tmp = (outBytes[i % outBytesNum] & 0xff);
- tmpByte += tmp;
-
- outBytes[i % outBytesNum] = (byte) (tmpByte & 0xff);
-
- tmpByte >>>= 8;
- }
-
- // if there's a carry bit left over, add it back inBytes
- if (tmpByte != 0) {
- for (i = outBytesNum-1; i >= 0; i--) {
- // do the addition
- tmpByte += (outBytes[i] & 0xff);
- outBytes[i] = (byte) (tmpByte & 0xff);
-
- tmpByte >>>= 8;
- }
- }
-
- return outBytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
deleted file mode 100644
index 638a852..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public class Nonce {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static synchronized int value() {
- int value = srand.nextInt();
- return value & 0x7fffffff;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
deleted file mode 100644
index b447123..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import java.security.GeneralSecurityException;
-
-public class Pbkdf {
-
- public static byte[] PBKDF2(char[] secret, byte[] salt,
- int count, int keySize) throws GeneralSecurityException {
-
- PBEKeySpec ks = new PBEKeySpec(secret, salt, count, keySize * 8);
- SecretKeyFactory skf =
- SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
- SecretKey key = skf.generateSecret(ks);
- byte[] result = key.getEncoded();
-
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
deleted file mode 100644
index 6839fc8..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public final class Random {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static byte[] makeBytes(int size) {
- byte[] data = new byte[size];
- srand.nextBytes(data);
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
deleted file mode 100644
index 6b2a502..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Based on MIT krb5 enc_rc4.c
- */
-public class Rc4 {
-
- private static byte[] L40 = "fortybits".getBytes();
-
- public static byte[] getSalt(int usage, boolean exportable) {
- int newUsage = convertUsage(usage);
- byte[] salt;
-
- if (exportable) {
- salt = new byte[14];
- System.arraycopy(L40, 0, salt, 0, 9);
- BytesUtil.int2bytes(newUsage, salt, 10, false);
- } else {
- salt = new byte[4];
- BytesUtil.int2bytes(newUsage, salt, 0, false);
- }
-
- return salt;
- }
-
- private static int convertUsage(int usage) {
- switch (usage) {
- case 1: return 1; /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */
- case 2: return 2; /* ticket from kdc */
- case 3: return 8; /* as-rep encrypted part */
- case 4: return 4; /* tgs-req authz data */
- case 5: return 5; /* tgs-req authz data in subkey */
- case 6: return 6; /* tgs-req authenticator cksum */
- case 7: return 7; /* tgs-req authenticator */
- case 8: return 8;
- case 9: return 9; /* tgs-rep encrypted with subkey */
- case 10: return 10; /* ap-rep authentication cksum (never used by MS) */
- case 11: return 11; /* app-req authenticator */
- case 12: return 12; /* app-rep encrypted part */
- case 23: return 13; /* sign wrap token*/
- default: return usage;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
deleted file mode 100644
index 8515f95..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.AbstractCryptoTypeHandler;
-import org.apache.kerberos.kerb.crypto.CheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractCheckSumTypeHandler
- extends AbstractCryptoTypeHandler implements CheckSumTypeHandler {
-
- private int computeSize;
- private int outputSize;
-
- public AbstractCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(encProvider, hashProvider);
- this.computeSize = computeSize;
- this.outputSize = outputSize;
- }
-
- @Override
- public String name() {
- return cksumType().getName();
- }
-
- @Override
- public String displayName() {
- return cksumType().getDisplayName();
- }
-
- @Override
- public int computeSize() {
- return computeSize;
- }
-
- @Override
- public int outputSize() {
- return outputSize;
- }
-
- public boolean isSafe() {
- return false;
- }
-
- public int cksumSize() {
- return 4;
- }
-
- public int keySize() {
- return 0;
- }
-
- public int confounderSize() {
- return 0;
- }
-
- @Override
- public byte[] checksum(byte[] data) throws KrbException {
- return checksum(data, 0, data.length);
- }
-
- @Override
- public byte[] checksum(byte[] data, int start, int size) throws KrbException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public boolean verify(byte[] data, byte[] checksum) throws KrbException {
- return verify(data, 0, data.length, checksum);
- }
-
- @Override
- public boolean verify(byte[] data, int start, int size, byte[] checksum) throws KrbException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException {
- return checksumWithKey(data, 0, data.length, key, usage);
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data, int start, int size,
- byte[] key, int usage) throws KrbException {
- throw new UnsupportedOperationException();
- }
- @Override
- public boolean verifyWithKey(byte[] data,
- byte[] key, int usage, byte[] checksum) throws KrbException {
- throw new UnsupportedOperationException();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
deleted file mode 100644
index 24f3157..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.crypto.key.KeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractKeyedCheckSumTypeHandler extends AbstractCheckSumTypeHandler {
-
- private KeyMaker keyMaker;
-
- public AbstractKeyedCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(encProvider, hashProvider, computeSize, outputSize);
- }
-
- protected void keyMaker(KeyMaker keyMaker) {
- this.keyMaker = keyMaker;
- }
-
- protected KeyMaker keyMaker() {
- return keyMaker;
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException {
- return checksumWithKey(data, 0, data.length, key, usage);
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- int outputSize = outputSize();
-
- byte[] tmp = doChecksumWithKey(data, start, len, key, usage);
- if (outputSize < tmp.length) {
- byte[] output = new byte[outputSize];
- System.arraycopy(tmp, 0, output, 0, outputSize);
- return output;
- } else {
- return tmp;
- }
- }
-
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- return new byte[0];
- }
-
- @Override
- public boolean verifyWithKey(byte[] data, byte[] key,
- int usage, byte[] checksum) throws KrbException {
- byte[] newCksum = checksumWithKey(data, key, usage);
- return checksumEqual(checksum, newCksum);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
deleted file mode 100644
index 1a985f5..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class CmacCamellia128CheckSum extends CmacKcCheckSum {
-
- public CmacCamellia128CheckSum() {
- super(new Camellia128Provider(), 16, 16);
-
- keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CMAC_CAMELLIA128;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
deleted file mode 100644
index 1eb5bed..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class CmacCamellia256CheckSum extends CmacKcCheckSum {
-
- public CmacCamellia256CheckSum() {
- super(new Camellia256Provider(), 16, 16);
-
- keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CMAC_CAMELLIA256;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
deleted file mode 100644
index 469d677..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Cmac;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class CmacKcCheckSum extends KcCheckSum {
-
- public CmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
- super(encProvider, null, computeSize, outputSize);
- }
-
- protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] mac = Cmac.cmac(encProvider(), Kc, data, start, len);
- return mac;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
deleted file mode 100644
index f048d00..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Confounder;
-import org.apache.kerberos.kerb.crypto.enc.provider.DesProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.spec.DESKeySpec;
-import java.security.InvalidKeyException;
-
-public abstract class ConfounderedDesCheckSum extends AbstractKeyedCheckSumTypeHandler {
-
- public ConfounderedDesCheckSum(HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(new DesProvider(), hashProvider, computeSize, outputSize);
- }
-
- @Override
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- int computeSize = computeSize();
- int blockSize = encProvider().blockSize();
- int hashSize = hashProvider().hashSize();
-
- byte[] workBuffer = new byte[computeSize];
-
- // confounder
- byte[] conf = Confounder.makeBytes(blockSize);
-
- // confounder | data
- byte[] toHash = new byte[blockSize + len];
- System.arraycopy(conf, 0, toHash, 0, blockSize);
- System.arraycopy(data, start, toHash, blockSize, len);
-
- HashProvider hashProvider = hashProvider();
- hashProvider.hash(toHash);
- byte[] hash = hashProvider.output();
-
- // confounder | hash
- System.arraycopy(conf, 0, workBuffer, 0, blockSize);
- System.arraycopy(hash, 0, workBuffer, blockSize, hashSize);
-
- // key
- byte[] newKey = deriveKey(key);
-
- encProvider().encrypt(newKey, workBuffer);
- return workBuffer;
- }
-
- protected byte[] deriveKey(byte[] key) {
- return fixKey(xorKey(key));
- }
-
- protected byte[] xorKey(byte[] key) {
- byte[] xorKey = new byte[encProvider().keySize()];
- System.arraycopy(key, 0, xorKey, 0, key.length);
- for (int i = 0; i < xorKey.length; i++) {
- xorKey[i] = (byte) (xorKey[i] ^ 0xf0);
- }
-
- return xorKey;
- }
-
- private byte[] fixKey(byte[] key) {
- boolean isWeak = true;
- try {
- isWeak = DESKeySpec.isWeak(key, 0);
- } catch (InvalidKeyException e) {
- e.printStackTrace();
- }
- if (isWeak) {
- key[7] = (byte)(key[7] ^ 0xF0);
- }
-
- return key;
- }
-
- @Override
- public boolean verifyWithKey(byte[] data,byte[] key,
- int usage, byte[] checksum) throws KrbException {
- int computeSize = computeSize();
- int blockSize = encProvider().blockSize();
- int hashSize = hashProvider().hashSize();
-
- // key
- byte[] newKey = deriveKey(key);
-
- encProvider().decrypt(newKey, checksum);
- byte[] decrypted = checksum; // confounder | hash
-
- // confounder | data
- byte[] toHash = new byte[blockSize + data.length];
- System.arraycopy(decrypted, 0, toHash, 0, blockSize);
- System.arraycopy(data, 0, toHash, blockSize, data.length);
-
- HashProvider hashProvider = hashProvider();
- hashProvider.hash(toHash);
- byte[] newHash = hashProvider.output();
-
- return checksumEqual(newHash, decrypted, blockSize, hashSize);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
deleted file mode 100644
index 5e4152e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Crc32Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class Crc32CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
-
- public Crc32CheckSum() {
- super(new Crc32Provider(), 4, 4);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CRC32;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
deleted file mode 100644
index 34e40a7..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class DesCbcCheckSum extends ConfounderedDesCheckSum {
-
- public DesCbcCheckSum() {
- super(null, 8, 8);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.DES_CBC;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
deleted file mode 100644
index a1cddf2..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.KrbException;
-
-/**
- * krb5_hash_provider
- */
-public interface HashProvider {
-
- public int hashSize();
- public int blockSize();
-
- public void hash(byte[] data, int start, int size) throws KrbException;
- public void hash(byte[] data) throws KrbException;
- public byte[] output();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
deleted file mode 100644
index ae4e102..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class HmacKcCheckSum extends KcCheckSum {
-
- public HmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
- super(encProvider, new Sha1Provider(), computeSize, outputSize);
- }
-
- protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] hmac = Hmac.hmac(hashProvider(), Kc, data, start, len);
- return hmac;
- }
-}
[07/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
new file mode 100644
index 0000000..81c0b3a
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class KdcTest extends KdcTestBase {
+
+ private String password = "123456";
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+ kdcServer.createPrincipal(clientPrincipal, password);
+ }
+
+ @Test
+ public void testKdc() throws Exception {
+ kdcServer.start();
+ Assert.assertTrue(kdcServer.isStarted());
+
+ krbClnt.init();
+ TgtTicket tgt = krbClnt.requestTgtTicket(clientPrincipal, password, null);
+ Assert.assertNotNull(tgt);
+
+ ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ Assert.assertNotNull(tkt);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
new file mode 100644
index 0000000..1751474
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
+import org.junit.After;
+import org.junit.Before;
+
+public abstract class KdcTestBase {
+
+ protected String kdcRealm;
+ protected String clientPrincipal;
+ protected String serverPrincipal;
+
+ protected String hostname = "localhost";
+ protected short tcpPort = 8088;
+ protected short udpPort = 8089;
+
+ protected TestKdcServer kdcServer;
+ protected KrbClient krbClnt;
+
+ @Before
+ public void setUp() throws Exception {
+ setUpKdcServer();
+ setUpClient();
+ }
+
+ protected void setUpKdcServer() throws Exception {
+ kdcServer = new TestKdcServer();
+ kdcServer.setKdcHost(hostname);
+ kdcServer.setKdcTcpPort(tcpPort);
+ kdcServer.setKdcUdpPort(udpPort);
+ kdcServer.init();
+
+ kdcRealm = kdcServer.getKdcRealm();
+ clientPrincipal = "drankye@" + kdcRealm;
+
+ serverPrincipal = "test-service/localhost@" + kdcRealm;
+ kdcServer.createPrincipals(serverPrincipal);
+ }
+
+ protected void setUpClient() throws Exception {
+ krbClnt = new KrbClient(hostname, tcpPort);
+ krbClnt.setTimeout(5);
+ krbClnt.setKdcRealm(kdcServer.getKdcRealm());
+ }
+
+
+
+ @After
+ public void tearDown() throws Exception {
+ kdcServer.stop();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithCertKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithCertKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithCertKdcTest.java
new file mode 100644
index 0000000..cad84e1
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithCertKdcTest.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.pki.Pkix;
+import org.junit.Assert;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+
+/**
+ openssl genrsa -out cakey.pem 2048
+ openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
+ vi extensions.kdc
+ openssl genrsa -out kdckey.pem 2048
+ openssl req -new -out kdc.req -key kdckey.pem
+ env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
+ -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
+ */
+public class WithCertKdcTest extends KdcTestBase {
+
+ private Certificate userCert;
+ private PrivateKey userKey;
+
+ @Override
+ protected void setUpClient() throws Exception {
+ super.setUpClient();
+
+ loadCredentials();
+ }
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+ kdcServer.createPrincipals(clientPrincipal);
+ }
+
+ //@Test
+ public void testKdc() throws Exception {
+ Assert.assertNotNull(userCert);
+
+ kdcServer.start();
+ Assert.assertTrue(kdcServer.isStarted());
+ krbClnt.init();
+
+ TgtTicket tgt = null;
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, userCert, userKey, null);
+ } catch (KrbException te) {
+ Assert.assertTrue(te.getMessage().contains("timeout"));
+ return;
+ }
+ Assert.assertNull(tgt);
+
+ ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ Assert.assertNull(tkt);
+ }
+
+ private void loadCredentials() throws IOException, GeneralSecurityException {
+ InputStream res = getClass().getResourceAsStream("/usercert.pem");
+ userCert = Pkix.getCerts(res).iterator().next();
+
+ res = getClass().getResourceAsStream("/userkey.pem");
+ userKey = Pkix.getPrivateKey(res, null);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithTokenKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithTokenKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithTokenKdcTest.java
new file mode 100644
index 0000000..805d0c7
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/WithTokenKdcTest.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.token.KerbToken;
+import org.junit.Assert;
+
+public class WithTokenKdcTest extends KdcTestBase {
+
+ private KerbToken token;
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+ kdcServer.createPrincipals(clientPrincipal);
+ }
+
+ //@Test
+ public void testKdc() throws Exception {
+ kdcServer.start();
+ Assert.assertTrue(kdcServer.isStarted());
+ krbClnt.init();
+
+ TgtTicket tgt = null;
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, token, null);
+ } catch (KrbException te) {
+ Assert.assertTrue(te.getMessage().contains("timeout"));
+ return;
+ }
+ Assert.assertNull(tgt);
+
+ ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ Assert.assertNull(tkt);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/pom.xml b/kerby-kerb/kerb-server/pom.xml
new file mode 100644
index 0000000..f19efc1
--- /dev/null
+++ b/kerby-kerb/kerb-server/pom.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-kerb</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerb-server</artifactId>
+
+ <name>Kerby-kerb Server</name>
+ <description>Kerby-kerb Server</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-identity</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-event</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-pkix</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
new file mode 100644
index 0000000..78ece6c
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
@@ -0,0 +1,153 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.config.Conf;
+import org.apache.kerby.kerberos.kerb.common.KrbConfHelper;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+import java.util.List;
+
+public class KdcConfig {
+ protected Conf conf;
+
+ public KdcConfig() {
+ this.conf = new Conf();
+ }
+
+ public Conf getConf() {
+ return this.conf;
+ }
+
+ public boolean enableDebug() {
+ return conf.getBoolean(KdcConfigKey.KRB_DEBUG);
+ }
+
+ public String getKdcServiceName() {
+ return conf.getString(KdcConfigKey.KDC_SERVICE_NAME);
+ }
+
+ public String getWorkDir() {
+ return conf.getString(KdcConfigKey.WORK_DIR);
+ }
+
+ public String getKdcHost() {
+ return conf.getString(KdcConfigKey.KDC_HOST);
+ }
+
+ public short getKdcTcpPort() {
+ Integer kdcTcpPort = KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_TCP_PORT);
+ return kdcTcpPort.shortValue();
+ }
+
+ public short getKdcUdpPort() {
+ Integer kdcUdpPort = KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_UDP_PORT);
+ return kdcUdpPort.shortValue();
+ }
+
+ public String getKdcRealm() {
+ return conf.getString(KdcConfigKey.KDC_REALM);
+ }
+
+ public String getKdcDomain() {
+ return conf.getString(KdcConfigKey.KDC_DOMAIN);
+ }
+
+ public boolean isPreauthRequired() {
+ return conf.getBoolean(KdcConfigKey.PREAUTH_REQUIRED);
+ }
+
+ public String getTgsPrincipal() {
+ return conf.getString(KdcConfigKey.TGS_PRINCIPAL);
+ }
+
+ public long getAllowableClockSkew() {
+ return conf.getLong(KdcConfigKey.ALLOWABLE_CLOCKSKEW);
+ }
+
+ public boolean isEmptyAddressesAllowed() {
+ return conf.getBoolean(KdcConfigKey.EMPTY_ADDRESSES_ALLOWED);
+ }
+
+ public boolean isForwardableAllowed() {
+ return conf.getBoolean(KdcConfigKey.FORWARDABLE_ALLOWED);
+ }
+
+ public boolean isPostdatedAllowed() {
+ return conf.getBoolean(KdcConfigKey.POSTDATED_ALLOWED);
+ }
+
+ public boolean isProxiableAllowed() {
+ return conf.getBoolean(KdcConfigKey.PROXIABLE_ALLOWED);
+ }
+
+ public boolean isRenewableAllowed() {
+ return conf.getBoolean(KdcConfigKey.RENEWABLE_ALLOWED);
+ }
+
+ public long getMaximumRenewableLifetime() {
+ return conf.getLong(KdcConfigKey.MAXIMUM_RENEWABLE_LIFETIME);
+ }
+
+ public long getMaximumTicketLifetime() {
+ return conf.getLong(KdcConfigKey.MAXIMUM_TICKET_LIFETIME);
+ }
+
+ public long getMinimumTicketLifetime() {
+ return conf.getLong(KdcConfigKey.MINIMUM_TICKET_LIFETIME);
+ }
+
+ public List<EncryptionType> getEncryptionTypes() {
+ List<String> eTypes = conf.getList(KdcConfigKey.ENCRYPTION_TYPES);
+ return KrbConfHelper.getEncryptionTypes(eTypes);
+ }
+
+ public boolean isPaEncTimestampRequired() {
+ return conf.getBoolean(KdcConfigKey.PA_ENC_TIMESTAMP_REQUIRED);
+ }
+
+ public boolean isBodyChecksumVerified() {
+ return conf.getBoolean(KdcConfigKey.VERIFY_BODY_CHECKSUM);
+ }
+
+ public String getDefaultLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.DEFAULT);
+ }
+
+ public String getKdcLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.KDC);
+ }
+
+ public String getAdminLoggingLocation() {
+ return KrbConfHelper.getStringUnderSection(conf, KdcConfigKey.ADMIN_SERVER);
+ }
+
+ public boolean isRestrictAnonymousToTgt() {
+ return KrbConfHelper.getBooleanUnderSection(conf, KdcConfigKey.RESTRICT_ANONYMOUS_TO_TGT);
+ }
+
+ public int getKdcMaxDgramReplySize() {
+ return KrbConfHelper.getIntUnderSection(conf, KdcConfigKey.KDC_MAX_DGRAM_REPLY_SIZE);
+ }
+
+ public String[] getLdapKerberosContainerDn() {
+ return KrbConfHelper.getStringArrayUnderSection(conf, KdcConfigKey.LDAP_KERBEROS_CONTAINER_DN);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
new file mode 100644
index 0000000..1f77c94
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.common.SectionConfigKey;
+
+public enum KdcConfigKey implements SectionConfigKey {
+ KRB_DEBUG(true),
+ WORK_DIR,
+ KDC_SERVICE_NAME("Haox_KDC_Server"),
+ KDC_HOST("127.0.0.1"),
+ KDC_UDP_PORT(8016, "kdcdefaults"),
+ KDC_TCP_PORT(8015, "kdcdefaults"),
+ KDC_DOMAIN("example.com"),
+ KDC_REALM("EXAMPLE.COM"),
+ TGS_PRINCIPAL("krbtgt@EXAMPLE.COM"),
+ PREAUTH_REQUIRED(true),
+ ALLOWABLE_CLOCKSKEW(5 * 60L),
+ EMPTY_ADDRESSES_ALLOWED(true),
+ PA_ENC_TIMESTAMP_REQUIRED(true),
+ MAXIMUM_TICKET_LIFETIME(24 * 3600L),
+ MINIMUM_TICKET_LIFETIME(1 * 3600L),
+ MAXIMUM_RENEWABLE_LIFETIME(48 * 3600L),
+ FORWARDABLE_ALLOWED(true),
+ POSTDATED_ALLOWED(true),
+ PROXIABLE_ALLOWED(true),
+ RENEWABLE_ALLOWED(true),
+ VERIFY_BODY_CHECKSUM(true),
+ ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd" }),
+ RESTRICT_ANONYMOUS_TO_TGT(false, "kdcdefaults"),
+ KDC_MAX_DGRAM_REPLY_SIZE(4096, "kdcdefaults"),
+
+ //logging location TODO the default log location need to be determinded.
+ DEFAULT(null, "logging"),
+ KDC(null, "logging"),
+ ADMIN_SERVER(null, "logging"),
+
+ //dbdefaults
+ LDAP_KERBEROS_CONTAINER_DN(null, "dbdefaults");
+
+ private Object defaultValue;
+ /**
+ * The name of a section where a config key is contained in MIT Kerberos config file.
+ */
+ private String sectionName;
+
+ private KdcConfigKey() {
+ this.defaultValue = null;
+ }
+
+ private KdcConfigKey(Object defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ private KdcConfigKey(Object defaultValue, String sectionName) {
+ this(defaultValue);
+ this.sectionName = sectionName;
+ }
+
+ /**
+ * Use the propertyKey, we can get the configuration value from Object Conf.
+ */
+ @Override
+ public String getPropertyKey() {
+ return name().toLowerCase();
+ }
+
+ @Override
+ public Object getDefaultValue() {
+ return this.defaultValue;
+ }
+
+ @Override
+ public String getSectionName() {
+ return sectionName;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcContext.java
new file mode 100644
index 0000000..bb7b467
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcContext.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.server.replay.ReplayCheckService;
+
+import java.util.List;
+
+public class KdcContext {
+ private KdcConfig config;
+ private List<String> supportedKdcRealms;
+ private String kdcRealm;
+ private IdentityService identityService;
+ private ReplayCheckService replayCache;
+ private PreauthHandler preauthHandler;
+
+ public void init(KdcConfig config) {
+ this.config = config;
+ }
+
+ public KdcConfig getConfig() {
+ return config;
+ }
+
+ public void setPreauthHandler(PreauthHandler preauthHandler) {
+ this.preauthHandler = preauthHandler;
+ }
+
+ public PreauthHandler getPreauthHandler() {
+ return this.preauthHandler;
+ }
+
+ public List<String> getSupportedKdcRealms() {
+ return supportedKdcRealms;
+ }
+
+ public void setSupportedKdcRealms(List<String> supportedKdcRealms) {
+ this.supportedKdcRealms = supportedKdcRealms;
+ }
+
+ public void setKdcRealm(String realm) {
+ this.kdcRealm = realm;
+ }
+
+ public String getServerRealm() {
+ return config.getKdcRealm();
+ }
+
+ public String getKdcRealm() {
+ if (kdcRealm != null) {
+ return kdcRealm;
+ }
+ return config.getKdcRealm();
+ }
+
+ public void setReplayCache(ReplayCheckService replayCache) {
+ this.replayCache = replayCache;
+ }
+
+ public ReplayCheckService getReplayCache() {
+ return replayCache;
+ }
+
+ public void setIdentityService(IdentityService identityService) {
+ this.identityService = identityService;
+ }
+
+
+ public IdentityService getIdentityService() {
+ return identityService;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
new file mode 100644
index 0000000..07de64d
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
@@ -0,0 +1,148 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.common.KrbUtil;
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandler;
+import org.apache.kerby.kerberos.kerb.server.replay.ReplayCheckService;
+import org.apache.kerby.kerberos.kerb.server.request.AsRequest;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.server.request.TgsRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerby.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.spec.kdc.AsReq;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+import org.apache.kerby.kerberos.kerb.spec.kdc.TgsReq;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.tcp.TcpTransport;
+
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+public class KdcHandler extends MessageHandler {
+
+ private List<String> kdcRealms = new ArrayList<String>(1);
+ private Map<String, KdcContext> kdcContexts;
+
+ private KdcConfig kdcConfig;
+ private PreauthHandler preauthHandler;
+
+ // TODO: per realm for below
+ private IdentityService identityService;
+ private ReplayCheckService replayCheckService;
+
+ /**
+ * Should be called when all the necessary properties are set
+ */
+ public void init() {
+ loadKdcRealms();
+
+ preauthHandler = new PreauthHandler();
+ preauthHandler.init(kdcConfig);
+
+ kdcContexts = new HashMap<String, KdcContext>(1);
+ for (String realm : kdcRealms) {
+ initRealmContext(realm);
+ }
+ }
+
+ private void initRealmContext(String kdcRealm) {
+ KdcContext kdcContext = new KdcContext();
+ kdcContext.init(kdcConfig);
+ kdcContext.setKdcRealm(kdcRealm);
+ kdcContext.setPreauthHandler(preauthHandler);
+ kdcContext.setIdentityService(identityService);
+ kdcContext.setReplayCache(replayCheckService);
+
+ kdcContexts.put(kdcRealm, kdcContext);
+ }
+
+ public void setKdcRealm(String realm) {
+ this.kdcRealms.add(realm);
+ }
+
+ public void setConfig(KdcConfig config) {
+ this.kdcConfig = config;
+ }
+
+ public void setIdentityService(IdentityService identityService) {
+ this.identityService = identityService;
+ }
+
+ @Override
+ protected void handleMessage(MessageEvent event) throws Exception {
+ ByteBuffer message = event.getMessage();
+ Transport transport = event.getTransport();
+
+ KrbMessage krbRequest = KrbUtil.decodeMessage(message);
+ KdcRequest kdcRequest = null;
+
+ KrbMessageType messageType = krbRequest.getMsgType();
+ if (messageType == KrbMessageType.TGS_REQ || messageType == KrbMessageType.AS_REQ) {
+ KdcReq kdcReq = (KdcReq) krbRequest;
+ String realm = getRequestRealm(kdcReq);
+ if (realm == null || !kdcContexts.containsKey(realm)) {
+ throw new KrbException("Invalid realm from kdc request: " + realm);
+ }
+
+ KdcContext kdcContext = kdcContexts.get(realm);
+ if (messageType == KrbMessageType.TGS_REQ) {
+ kdcRequest = new TgsRequest((TgsReq) kdcReq, kdcContext);
+ } else if (messageType == KrbMessageType.AS_REQ) {
+ kdcRequest = new AsRequest((AsReq) kdcReq, kdcContext);
+ }
+ }
+
+ InetSocketAddress clientAddress = transport.getRemoteAddress();
+ kdcRequest.setClientAddress(clientAddress.getAddress());
+ boolean isTcp = (transport instanceof TcpTransport);
+ kdcRequest.isTcp(isTcp);
+
+ kdcRequest.process();
+
+ KrbMessage krbResponse = kdcRequest.getReply();
+ KrbUtil.sendMessage(krbResponse, transport);
+ }
+
+ private void loadKdcRealms() {
+ if (kdcRealms.isEmpty()) {
+ kdcRealms.add(kdcConfig.getKdcRealm());
+ }
+ }
+
+ private String getRequestRealm(KdcReq kdcReq) {
+ String realm = kdcReq.getReqBody().getRealm();
+ if (realm == null && kdcReq.getReqBody().getCname() != null) {
+ realm = kdcReq.getReqBody().getCname().getRealm();
+ }
+ if (realm == null || realm.isEmpty()) {
+ realm = "NULL-KDC-REALM";
+ }
+ return realm;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
new file mode 100644
index 0000000..74ece70
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
@@ -0,0 +1,196 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.kerberos.kerb.common.KrbStreamingDecoder;
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.transport.Network;
+
+import java.io.File;
+
+public class KdcServer {
+ private String kdcHost;
+ private short kdcTcpPort;
+ private short kdcUdpPort;
+ private String kdcRealm;
+
+ private boolean started;
+ private String serviceName = "HaoxKdc";
+
+ private KdcHandler kdcHandler;
+ private EventHub eventHub;
+
+ protected KdcConfig kdcConfig;
+ protected IdentityService identityService;
+ protected File workDir;
+
+ public KdcServer() {
+ kdcConfig = new KdcConfig();
+ }
+
+ public void init() {
+ initConfig();
+
+ initWorkDir();
+ }
+
+ protected void initWorkDir() {
+ String path = kdcConfig.getWorkDir();
+ File file;
+ if (path != null) {
+ file = new File(path);
+ file.mkdirs();
+ } else {
+ file = new File(".");
+ }
+
+ this.workDir = file;
+ }
+
+ protected void initConfig() {}
+
+ public void start() {
+ try {
+ doStart();
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to start " + getServiceName(), e);
+ }
+
+ started = true;
+ }
+
+ public String getKdcRealm() {
+ if (kdcRealm != null) {
+ return kdcRealm;
+ }
+ return kdcConfig.getKdcRealm();
+ }
+
+ private String getKdcHost() {
+ if (kdcHost != null) {
+ return kdcHost;
+ }
+ return kdcConfig.getKdcHost();
+ }
+
+ private short getKdcTcpPort() {
+ if (kdcTcpPort > 0) {
+ return kdcTcpPort;
+ }
+ return kdcConfig.getKdcTcpPort();
+ }
+
+ private short getKdcUdpPort() {
+ if (kdcUdpPort > 0) {
+ return kdcUdpPort;
+ }
+ return kdcConfig.getKdcUdpPort();
+ }
+
+ public void setKdcHost(String kdcHost) {
+ this.kdcHost = kdcHost;
+ }
+
+ public void setKdcTcpPort(short kdcTcpPort) {
+ this.kdcTcpPort = kdcTcpPort;
+ }
+
+ public void setKdcUdpPort(short kdcUdpPort) {
+ this.kdcUdpPort = kdcUdpPort;
+ }
+
+ public void setKdcRealm(String realm) {
+ this.kdcRealm = realm;
+ }
+
+ public boolean enableDebug() {
+ return kdcConfig.enableDebug();
+ }
+
+ protected void doStart() throws Exception {
+ prepareHandler();
+
+ this.eventHub = new EventHub();
+
+ eventHub.register(kdcHandler);
+
+ Network network = new Network();
+ network.setStreamingDecoder(new KrbStreamingDecoder());
+ eventHub.register(network);
+
+ eventHub.start();
+ network.tcpListen(getKdcHost(), getKdcTcpPort());
+ network.udpListen(getKdcHost(), getKdcUdpPort());
+ }
+
+ private void prepareHandler() {
+ this.kdcHandler = new KdcHandler();
+ kdcHandler.setConfig(kdcConfig);
+ kdcHandler.setIdentityService(identityService);
+ if (kdcRealm != null) {
+ kdcHandler.setKdcRealm(kdcRealm);
+ }
+ kdcHandler.init();
+ }
+
+ public void stop() {
+ try {
+ doStop();
+ } catch (Exception e) {
+ throw new RuntimeException("Failed to stop " + getServiceName());
+ }
+ }
+
+ protected void doStop() throws Exception {
+ eventHub.stop();
+ }
+
+ public KdcConfig getConfig() {
+ return kdcConfig;
+ }
+
+ public boolean isStarted() {
+ return started;
+ }
+
+ protected void setStarted( boolean started ) {
+ this.started = started;
+ }
+
+ protected void setServiceName( String name ) {
+ this.serviceName = name;
+ }
+
+ protected String getServiceName() {
+ if (serviceName != null) {
+ return serviceName;
+ }
+ return kdcConfig.getKdcServiceName();
+ }
+
+ public IdentityService getIdentityService() {
+ return identityService;
+ }
+
+ protected void setIdentityService(IdentityService identityService) {
+ this.identityService = identityService;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
new file mode 100644
index 0000000..4cc0b35
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.kerberos.kerb.identity.backend.SimpleIdentityBackend;
+
+import java.io.File;
+
+public class SimpleKdcServer extends KdcServer {
+
+ public SimpleKdcServer() {
+ super();
+ }
+
+ public void init() {
+ super.init();
+ initIdentityService();
+ }
+
+ protected void initIdentityService() {
+ File identityFile = new File(workDir, "simplekdb.dat");
+ IdentityService identityService = new SimpleIdentityBackend(identityFile);
+ setIdentityService(identityService);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
new file mode 100644
index 0000000..17ade95
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/AbstractPreauthPlugin.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class AbstractPreauthPlugin implements KdcPreauth {
+
+ private PreauthPluginMeta pluginMeta;
+
+ public AbstractPreauthPlugin(PreauthPluginMeta meta) {
+ this.pluginMeta = meta;
+ }
+
+ @Override
+ public String getName() {
+ return pluginMeta.getName();
+ }
+
+ public int getVersion() {
+ return pluginMeta.getVersion();
+ }
+
+ public PaDataType[] getPaTypes() {
+ return pluginMeta.getPaTypes();
+ }
+
+ @Override
+ public void initWith(KdcContext kdcContext) {
+
+ }
+
+ @Override
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
+ return null;
+ }
+
+ @Override
+ public void provideEdata(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaData outPaData) throws KrbException {
+
+ }
+
+ @Override
+ public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataEntry paData) throws KrbException {
+ return false;
+ }
+
+ @Override
+ public void providePaData(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaData paData) {
+
+ }
+
+ @Override
+ public PaFlags getFlags(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataType paType) {
+ return null;
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/FastContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/FastContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/FastContext.java
new file mode 100644
index 0000000..736ff01
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/FastContext.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.fast.FastOptions;
+import org.apache.kerby.kerberos.kerb.spec.fast.KrbFastArmor;
+import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
+
+public class FastContext {
+
+ public KdcReq fastOuterRequest;
+ public EncryptionKey armorKey;
+ public KrbFastArmor fastArmor;
+ public FastOptions fastOptions;
+ public int nonce;
+ public int fastFlags;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcPreauth.java
new file mode 100644
index 0000000..ee0b247
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcPreauth.java
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import org.apache.kerby.kerberos.kerb.preauth.PaFlags;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.PreauthPluginMeta;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+/**
+ * KDC side preauth plugin module
+ */
+public interface KdcPreauth extends PreauthPluginMeta {
+
+ /**
+ * Initializing plugin context for each realm
+ */
+ public void initWith(KdcContext context);
+
+ /**
+ * Initializing request context
+ */
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest);
+
+ /**
+ * Optional: provide pa_data to send to the client as part of the "you need to
+ * use preauthentication" error.
+ */
+ public void provideEdata(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaData outPaData) throws KrbException;
+
+ /**
+ * Optional: verify preauthentication data sent by the client, setting the
+ * TKT_FLG_PRE_AUTH or TKT_FLG_HW_AUTH flag in the enc_tkt_reply's "flags"
+ * field as appropriate.
+ */
+ public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataEntry paData) throws KrbException;
+
+ /**
+ * Optional: generate preauthentication response data to send to the client as
+ * part of the AS-REP.
+ */
+ public void providePaData(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaData paData);
+
+ /**
+ * Return PA_REAL if pa_type is a real preauthentication type or PA_INFO if it is
+ * an informational type.
+ */
+ public PaFlags getFlags(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataType paType);
+
+ /**
+ * When exiting...
+ */
+ public void destroy();
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthContext.java
new file mode 100644
index 0000000..551e1b3
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthContext.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class PreauthContext {
+ private boolean preauthRequired = true;
+ private List<PreauthHandle> handles = new ArrayList<PreauthHandle>(5);
+
+ public PreauthContext() {
+
+ }
+
+ public boolean isPreauthRequired() {
+ return preauthRequired;
+ }
+
+ public void setPreauthRequired(boolean preauthRequired) {
+ this.preauthRequired = preauthRequired;
+ }
+
+ public List<PreauthHandle> getHandles() {
+ return handles;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandle.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandle.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandle.java
new file mode 100644
index 0000000..2893925
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandle.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+
+public class PreauthHandle {
+
+ public KdcPreauth preauth;
+ public PluginRequestContext requestContext;
+
+ public PreauthHandle(KdcPreauth preauth) {
+ this.preauth = preauth;
+ }
+
+ public void initRequestContext(KdcRequest kdcRequest) {
+ requestContext = preauth.initRequestContext(kdcRequest);
+ }
+
+ public void provideEdata(KdcRequest kdcRequest, PaData outPaData) throws KrbException {
+ preauth.provideEdata(kdcRequest, requestContext, outPaData);
+ }
+
+ public void verify(KdcRequest kdcRequest, PaDataEntry paData) throws KrbException {
+ preauth.verify(kdcRequest, requestContext, paData);
+ }
+
+ public void providePaData(KdcRequest kdcRequest, PaData paData) {
+ preauth.providePaData(kdcRequest, requestContext, paData);
+ }
+
+ public void destroy() {
+ preauth.destroy();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandler.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandler.java
new file mode 100644
index 0000000..262e152
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/PreauthHandler.java
@@ -0,0 +1,124 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth;
+
+import org.apache.kerby.kerberos.kerb.server.KdcConfig;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.builtin.EncTsPreauth;
+import org.apache.kerby.kerberos.kerb.server.preauth.builtin.TgtPreauth;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class PreauthHandler {
+
+ private List<KdcPreauth> preauths;
+
+ /**
+ * Should be called only once, for global
+ */
+ public void init(KdcConfig kdcConfig) {
+ loadPreauthPlugins(kdcConfig);
+ }
+
+ private void loadPreauthPlugins(KdcConfig kdcConfig) {
+ preauths = new ArrayList<KdcPreauth>();
+
+ KdcPreauth preauth = new EncTsPreauth();
+ preauths.add(preauth);
+
+ preauth = new TgtPreauth();
+ preauths.add(preauth);
+ }
+
+ /**
+ * Should be called per realm
+ * @param context
+ */
+ public void initWith(KdcContext context) {
+ for (KdcPreauth preauth : preauths) {
+ preauth.initWith(context);
+ }
+ }
+
+ public PreauthContext preparePreauthContext(KdcRequest kdcRequest) {
+ PreauthContext preauthContext = new PreauthContext();
+
+ KdcContext kdcContext = kdcRequest.getKdcContext();
+ preauthContext.setPreauthRequired(kdcContext.getConfig().isPreauthRequired());
+
+ for (KdcPreauth preauth : preauths) {
+ PreauthHandle handle = new PreauthHandle(preauth);
+ handle.initRequestContext(kdcRequest);
+ preauthContext.getHandles().add(handle);
+ }
+
+ return preauthContext;
+ }
+
+ public void provideEdata(KdcRequest kdcRequest, PaData outPaData) throws KrbException {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PreauthHandle handle : preauthContext.getHandles()) {
+ handle.provideEdata(kdcRequest, outPaData);
+ }
+ }
+
+ public void verify(KdcRequest kdcRequest, PaData paData) throws KrbException {
+ for (PaDataEntry paEntry : paData.getElements()) {
+ PreauthHandle handle = findHandle(kdcRequest, paEntry.getPaDataType());
+ if (handle != null) {
+ handle.verify(kdcRequest, paEntry);
+ }
+ }
+ }
+
+ public void providePaData(KdcRequest kdcRequest, PaData paData) {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PreauthHandle handle : preauthContext.getHandles()) {
+ handle.providePaData(kdcRequest, paData);
+ }
+ }
+
+ private PreauthHandle findHandle(KdcRequest kdcRequest, PaDataType paType) {
+ PreauthContext preauthContext = kdcRequest.getPreauthContext();
+
+ for (PreauthHandle handle : preauthContext.getHandles()) {
+ for (PaDataType pt : handle.preauth.getPaTypes()) {
+ if (pt == paType) {
+ return handle;
+ }
+ }
+ }
+ return null;
+ }
+
+ public void destroy() {
+ for (KdcPreauth preauth : preauths) {
+ preauth.destroy();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
new file mode 100644
index 0000000..85f8452
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/EncTsPreauth.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.builtin.EncTsPreauthMeta;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaEncTsEnc;
+
+public class EncTsPreauth extends AbstractPreauthPlugin {
+
+ public EncTsPreauth() {
+ super(new EncTsPreauthMeta());
+ }
+
+ @Override
+ public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataEntry paData) throws KrbException {
+ EncryptedData encData = KrbCodec.decode(paData.getPaDataValue(), EncryptedData.class);
+ EncryptionKey clientKey = kdcRequest.getClientKey(encData.getEType());
+ PaEncTsEnc timestamp = EncryptionUtil.unseal(encData, clientKey,
+ KeyUsage.AS_REQ_PA_ENC_TS, PaEncTsEnc.class);
+
+ KdcContext kdcContext = kdcRequest.getKdcContext();
+ long clockSkew = kdcContext.getConfig().getAllowableClockSkew() * 1000;
+ if (!timestamp.getAllTime().isInClockSkew(clockSkew)) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_PREAUTH_FAILED);
+ }
+
+ return true;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/TgtPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
new file mode 100644
index 0000000..a60ba7d
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/builtin/TgtPreauth.java
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.builtin;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.builtin.TgtPreauthMeta;
+import org.apache.kerby.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.server.request.TgsRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+
+public class TgtPreauth extends AbstractPreauthPlugin {
+
+ public TgtPreauth() {
+ super(new TgtPreauthMeta());
+ }
+
+ @Override
+ public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataEntry paData) throws KrbException {
+
+ TgsRequest tgsRequest = (TgsRequest) kdcRequest;
+ tgsRequest.verifyAuthenticator(paData);
+ return true;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
new file mode 100644
index 0000000..9fb9e51
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitKdcContext.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.IdentityOpts;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PluginOpts;
+
+public class PkinitKdcContext {
+
+ public PluginOpts pluginOpts;
+ public IdentityOpts identityOpts;
+ public String realm;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
new file mode 100644
index 0000000..c383037
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.codec.KrbCodec;
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.preauth.pkinit.PkinitPreauthMeta;
+import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.apache.kerby.kerberos.kerb.server.preauth.AbstractPreauthPlugin;
+import org.apache.kerby.kerberos.kerb.server.request.KdcRequest;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.PaPkAsReq;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class PkinitPreauth extends AbstractPreauthPlugin {
+
+ private Map<String, PkinitKdcContext> pkinitContexts;
+
+ public PkinitPreauth() {
+ super(new PkinitPreauthMeta());
+
+ pkinitContexts = new HashMap<String, PkinitKdcContext>(1);
+ }
+
+ @Override
+ public void initWith(KdcContext kdcContext) {
+ super.initWith(kdcContext);
+
+ PkinitKdcContext tmp = new PkinitKdcContext();
+ tmp.realm = kdcContext.getKdcRealm();
+ pkinitContexts.put(kdcContext.getKdcRealm(), tmp);
+ }
+
+ @Override
+ public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
+ PkinitRequestContext reqCtx = new PkinitRequestContext();
+
+ //reqCtx.updateRequestOpts(pkinitContext.pluginOpts);
+
+ return reqCtx;
+ }
+
+ @Override
+ public boolean verify(KdcRequest kdcRequest, PluginRequestContext requestContext,
+ PaDataEntry paData) throws KrbException {
+
+ PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
+ PkinitKdcContext pkinitContext = findContext(kdcRequest.getServerPrincipal());
+ if (pkinitContext == null) {
+ return false;
+ }
+
+ reqCtx.paType = paData.getPaDataType();
+ if (paData.getPaDataType() == PaDataType.PK_AS_REQ) {
+ PaPkAsReq paPkAsReq = KrbCodec.decode(paData.getPaDataValue(), PaPkAsReq.class);
+ if (paPkAsReq == null) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ private PkinitKdcContext findContext(PrincipalName principal) {
+ String realm = principal.getRealm();
+ if (pkinitContexts.containsKey(realm)) {
+ return pkinitContexts.get(realm);
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
new file mode 100644
index 0000000..97ca7c4
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitRequestContext.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.pkinit;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.spec.pa.pkinit.AuthPack;
+
+public class PkinitRequestContext implements PluginRequestContext {
+
+ public AuthPack authPack;
+ public PaDataType paType;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenRequestContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenRequestContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenRequestContext.java
new file mode 100644
index 0000000..6f0b73d
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenRequestContext.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.preauth.token;
+
+import org.apache.kerby.kerberos.kerb.preauth.PluginRequestContext;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
+
+public class TokenRequestContext implements PluginRequestContext {
+
+ public boolean doIdentityMatching;
+ public PaDataType paType;
+ public boolean identityInitialized;
+ public boolean identityPrompted;
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/CacheService.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/CacheService.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/CacheService.java
new file mode 100644
index 0000000..dc766d8
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/CacheService.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.replay;
+
+public interface CacheService
+{
+ boolean checkAndCache(RequestRecord request);
+ void clear();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckService.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckService.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckService.java
new file mode 100644
index 0000000..485621f
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckService.java
@@ -0,0 +1,25 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.replay;
+
+public interface ReplayCheckService
+{
+ boolean checkReplay(String clientPrincipal, String serverPrincipal, long requestTime, int microseconds);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
new file mode 100644
index 0000000..822674f
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/ReplayCheckServiceImpl.java
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.replay;
+
+public class ReplayCheckServiceImpl implements ReplayCheckService
+{
+ private CacheService cacheService;
+
+ public ReplayCheckServiceImpl(CacheService cacheService) {
+ this.cacheService = cacheService;
+ }
+
+ public ReplayCheckServiceImpl() {
+ this(new SimpleCacheService());
+ }
+
+ @Override
+ public boolean checkReplay(String clientPrincipal, String serverPrincipal,
+ long requestTime, int microseconds) {
+ RequestRecord record = new RequestRecord(clientPrincipal, serverPrincipal, requestTime, microseconds);
+ return cacheService.checkAndCache(record);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/RequestRecord.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/RequestRecord.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/RequestRecord.java
new file mode 100644
index 0000000..3708d18
--- /dev/null
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/replay/RequestRecord.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server.replay;
+
+public class RequestRecord {
+ private String clientPrincipal;
+ private String serverPrincipal;
+ private long requestTime;
+ private int microseconds;
+
+ public RequestRecord(String clientPrincipal, String serverPrincipal, long requestTime, int microseconds) {
+ this.clientPrincipal = clientPrincipal;
+ this.serverPrincipal = serverPrincipal;
+ this.requestTime = requestTime;
+ this.microseconds = microseconds;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ RequestRecord that = (RequestRecord) o;
+
+ if (microseconds != that.microseconds) return false;
+ if (requestTime != that.requestTime) return false;
+ if (!clientPrincipal.equals(that.clientPrincipal)) return false;
+ if (!serverPrincipal.equals(that.serverPrincipal)) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = clientPrincipal.hashCode();
+ result = 31 * result + serverPrincipal.hashCode();
+ result = 31 * result + (int) (requestTime ^ (requestTime >>> 32));
+ result = 31 * result + microseconds;
+ return result;
+ }
+}
[32/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
deleted file mode 100644
index a32833b..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
+++ /dev/null
@@ -1,177 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.HostAddresses;
-import org.apache.kerberos.kerb.spec.common.LastReq;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
-
-/**
- EncKDCRepPart ::= SEQUENCE {
- key [0] EncryptionKey,
- last-req [1] LastReq,
- nonce [2] UInt32,
- key-expiration [3] KerberosTime OPTIONAL,
- flags [4] TicketFlags,
- authtime [5] KerberosTime,
- starttime [6] KerberosTime OPTIONAL,
- endtime [7] KerberosTime,
- renew-till [8] KerberosTime OPTIONAL,
- srealm [9] Realm,
- sname [10] PrincipalName,
- caddr [11] HostAddresses OPTIONAL
- }
- */
-public abstract class EncKdcRepPart extends KrbAppSequenceType {
- private static int KEY = 0;
- private static int LAST_REQ = 1;
- private static int NONCE = 2;
- private static int KEY_EXPIRATION = 3;
- private static int FLAGS = 4;
- private static int AUTHTIME = 5;
- private static int STARTTIME = 6;
- private static int ENDTIME = 7;
- private static int RENEW_TILL = 8;
- private static int SREALM = 9;
- private static int SNAME = 10;
- private static int CADDR = 11;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(KEY, EncryptionKey.class),
- new Asn1FieldInfo(LAST_REQ, LastReq.class),
- new Asn1FieldInfo(NONCE, Asn1Integer.class),
- new Asn1FieldInfo(KEY_EXPIRATION, KerberosTime.class),
- new Asn1FieldInfo(FLAGS, TicketFlags.class),
- new Asn1FieldInfo(AUTHTIME, KerberosTime.class),
- new Asn1FieldInfo(STARTTIME, KerberosTime.class),
- new Asn1FieldInfo(ENDTIME, KerberosTime.class),
- new Asn1FieldInfo(RENEW_TILL, KerberosTime.class),
- new Asn1FieldInfo(SREALM, KerberosString.class),
- new Asn1FieldInfo(SNAME, PrincipalName.class),
- new Asn1FieldInfo(CADDR, HostAddresses.class)
- };
-
- public EncKdcRepPart(int tagNo) {
- super(tagNo, fieldInfos);
- }
-
- public EncryptionKey getKey() {
- return getFieldAs(KEY, EncryptionKey.class);
- }
-
- public void setKey(EncryptionKey key) {
- setFieldAs(KEY, key);
- }
-
- public LastReq getLastReq() {
- return getFieldAs(LAST_REQ, LastReq.class);
- }
-
- public void setLastReq(LastReq lastReq) {
- setFieldAs(LAST_REQ, lastReq);
- }
-
- public int getNonce() {
- return getFieldAsInt(NONCE);
- }
-
- public void setNonce(int nonce) {
- setFieldAsInt(NONCE, nonce);
- }
-
- public KerberosTime getKeyExpiration() {
- return getFieldAsTime(KEY_EXPIRATION);
- }
-
- public void setKeyExpiration(KerberosTime keyExpiration) {
- setFieldAs(KEY_EXPIRATION, keyExpiration);
- }
-
- public TicketFlags getFlags() {
- return getFieldAs(FLAGS, TicketFlags.class);
- }
-
- public void setFlags(TicketFlags flags) {
- setFieldAs(FLAGS, flags);
- }
-
- public KerberosTime getAuthTime() {
- return getFieldAsTime(AUTHTIME);
- }
-
- public void setAuthTime(KerberosTime authTime) {
- setFieldAs(AUTHTIME, authTime);
- }
-
- public KerberosTime getStartTime() {
- return getFieldAsTime(STARTTIME);
- }
-
- public void setStartTime(KerberosTime startTime) {
- setFieldAs(STARTTIME, startTime);
- }
-
- public KerberosTime getEndTime() {
- return getFieldAsTime(ENDTIME);
- }
-
- public void setEndTime(KerberosTime endTime) {
- setFieldAs(ENDTIME, endTime);
- }
-
- public KerberosTime getRenewTill() {
- return getFieldAsTime(RENEW_TILL);
- }
-
- public void setRenewTill(KerberosTime renewTill) {
- setFieldAs(RENEW_TILL, renewTill);
- }
-
- public String getSrealm() {
- return getFieldAsString(SREALM);
- }
-
- public void setSrealm(String srealm) {
- setFieldAsString(SREALM, srealm);
- }
-
- public PrincipalName getSname() {
- return getFieldAs(SNAME, PrincipalName.class);
- }
-
- public void setSname(PrincipalName sname) {
- setFieldAs(SNAME, sname);
- }
-
- public HostAddresses getCaddr() {
- return getFieldAs(CADDR, HostAddresses.class);
- }
-
- public void setCaddr(HostAddresses caddr) {
- setFieldAs(CADDR, caddr);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
deleted file mode 100644
index f8cd5cd..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-/**
- EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
- */
-public class EncTgsRepPart extends EncKdcRepPart {
- public static final int TAG = 26;
-
- public EncTgsRepPart() {
- super(TAG);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
deleted file mode 100644
index 868c08c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum KdcOption implements KrbEnum {
- NONE(-1),
- //RESERVED(0x80000000),
- FORWARDABLE(0x40000000),
- FORWARDED(0x20000000),
- PROXIABLE(0x10000000),
- PROXY(0x08000000),
- ALLOW_POSTDATE(0x04000000),
- POSTDATED(0x02000000),
- //UNUSED(0x01000000),
- RENEWABLE(0x00800000),
- //UNUSED(0x00400000),
- //RESERVED(0x00200000),
- //RESERVED(0x00100000),
- //RESERVED(0x00080000),
- //RESERVED(0x00040000),
- CNAME_IN_ADDL_TKT(0x00020000),
- CANONICALIZE(0x00010000),
- REQUEST_ANONYMOUS(0x00008000),
- //RESERVED(0x00004000),
- //RESERVED(0x00002000),
- //RESERVED(0x00001000),
- //RESERVED(0x00000800),
- //RESERVED(0x00000400),
- //RESERVED(0x00000200),
- //RESERVED(0x00000100),
- //RESERVED(0x00000080),
- //RESERVED(0x00000040),
- DISABLE_TRANSITED_CHECK(0x00000020),
- RENEWABLE_OK(0x00000010),
- ENC_TKT_IN_SKEY(0x00000008),
- //UNUSED(0x00000004),
- RENEW(0x00000002),
- VALIDATE(0x00000001);
-
- private final int value;
-
- private KdcOption(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static KdcOption fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (KdcOption) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
deleted file mode 100644
index 701e126..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-public class KdcOptions extends KrbFlags {
-
- public KdcOptions() {
- this(0);
- }
-
- public KdcOptions(int value) {
- setFlags(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
deleted file mode 100644
index a174158..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-
-/**
- KDC-REP ::= SEQUENCE {
- pvno [0] INTEGER (5),
- msg-type [1] INTEGER (11 -- AS -- | 13 -- TGS --),
- padata [2] SEQUENCE OF PA-DATA OPTIONAL
- -- NOTE: not empty --,
- crealm [3] Realm,
- cname [4] PrincipalName,
- ticket [5] Ticket,
- enc-part [6] EncryptedData
- -- EncASRepPart or EncTGSRepPart,
- -- as appropriate
- }
- */
-public class KdcRep extends KrbMessage {
- private static int PADATA = 2;
- private static int CREALM = 3;
- private static int CNAME = 4;
- private static int TICKET = 5;
- private static int ENC_PART = 6;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PVNO, Asn1Integer.class),
- new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(PADATA, PaData.class),
- new Asn1FieldInfo(CREALM, KerberosString.class),
- new Asn1FieldInfo(CNAME, PrincipalName.class),
- new Asn1FieldInfo(TICKET, Ticket.class),
- new Asn1FieldInfo(ENC_PART, EncryptedData.class)
- };
-
- private EncKdcRepPart encPart;
-
- public KdcRep(KrbMessageType msgType) {
- super(msgType, fieldInfos);
- }
-
- public PaData getPaData() {
- return getFieldAs(PADATA, PaData.class);
- }
-
- public void setPaData(PaData paData) {
- setFieldAs(PADATA, paData);
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName sname) {
- setFieldAs(CNAME, sname);
- }
-
- public String getCrealm() {
- return getFieldAsString(CREALM);
- }
-
- public void setCrealm(String realm) {
- setFieldAs(CREALM, new KerberosString(realm));
- }
-
- public Ticket getTicket() {
- return getFieldAs(TICKET, Ticket.class);
- }
-
- public void setTicket(Ticket ticket) {
- setFieldAs(TICKET, ticket);
- }
-
- public EncryptedData getEncryptedEncPart() {
- return getFieldAs(ENC_PART, EncryptedData.class);
- }
-
- public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
- setFieldAs(ENC_PART, encryptedEncPart);
- }
-
- public EncKdcRepPart getEncPart() {
- return encPart;
- }
-
- public void setEncPart(EncKdcRepPart encPart) {
- this.encPart = encPart;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
deleted file mode 100644
index 40706b0..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.common.KrbMessage;
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-import org.apache.kerberos.kerb.spec.pa.PaData;
-import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
-
-/**
- KDC-REQ ::= SEQUENCE {
- -- NOTE: first tag is [1], not [0]
- pvno [1] INTEGER (5) ,
- msg-type [2] INTEGER (10 -- AS -- | 12 -- TGS --),
- padata [3] SEQUENCE OF PA-DATA OPTIONAL
- -- NOTE: not empty --,
- req-encodeBody [4] KDC-REQ-BODY
- }
- */
-public class KdcReq extends KrbMessage {
- private static int PADATA = 2;
- private static int REQ_BODY = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PVNO, 1, Asn1Integer.class),
- new Asn1FieldInfo(MSG_TYPE, 2, Asn1Integer.class),
- new Asn1FieldInfo(PADATA, 3, PaData.class),
- new Asn1FieldInfo(REQ_BODY, 4, KdcReqBody.class)
- };
-
- public KdcReq(KrbMessageType msgType) {
- super(msgType, fieldInfos);
- }
-
- public PaData getPaData() {
- return getFieldAs(PADATA, PaData.class);
- }
-
- public void setPaData(PaData paData) {
- setFieldAs(PADATA, paData);
- }
-
- public void addPaData(PaDataEntry paDataEntry) {
- if (getPaData() == null) {
- setPaData(new PaData());
- }
- getPaData().addElement(paDataEntry);
- }
-
- public KdcReqBody getReqBody() {
- return getFieldAs(REQ_BODY, KdcReqBody.class);
- }
-
- public void setReqBody(KdcReqBody reqBody) {
- setFieldAs(REQ_BODY, reqBody);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
deleted file mode 100644
index e6c8e20..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
+++ /dev/null
@@ -1,209 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbIntegers;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.*;
-import org.apache.kerberos.kerb.spec.ticket.Tickets;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-/**
- KDC-REQ-BODY ::= SEQUENCE {
- kdc-options [0] KDCOptions,
- cname [1] PrincipalName OPTIONAL
- -- Used only in AS-REQ --,
- realm [2] Realm
- -- Server's realm
- -- Also client's in AS-REQ --,
- sname [3] PrincipalName OPTIONAL,
- from [4] KerberosTime OPTIONAL,
- till [5] KerberosTime,
- rtime [6] KerberosTime OPTIONAL,
- nonce [7] UInt32,
- etype [8] SEQUENCE OF Int32 -- EncryptionType
- -- in preference order --,
- addresses [9] HostAddresses OPTIONAL,
- enc-authorization-data [10] EncryptedData OPTIONAL
- -- AuthorizationData --,
- additional-tickets [11] SEQUENCE OF Ticket OPTIONAL
- -- NOTE: not empty
- }
- */
-public class KdcReqBody extends KrbSequenceType {
- private static int KDC_OPTIONS = 0;
- private static int CNAME = 1;
- private static int REALM = 2;
- private static int SNAME = 3;
- private static int FROM = 4;
- private static int TILL = 5;
- private static int RTIME = 6;
- private static int NONCE = 7;
- private static int ETYPE = 8;
- private static int ADDRESSES = 9;
- private static int ENC_AUTHORIZATION_DATA = 10;
- private static int ADDITIONAL_TICKETS = 11;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(KDC_OPTIONS, KdcOptions.class),
- new Asn1FieldInfo(CNAME, PrincipalName.class),
- new Asn1FieldInfo(REALM, KerberosString.class),
- new Asn1FieldInfo(SNAME, PrincipalName.class),
- new Asn1FieldInfo(FROM, KerberosTime.class),
- new Asn1FieldInfo(TILL, KerberosTime.class),
- new Asn1FieldInfo(RTIME, KerberosTime.class),
- new Asn1FieldInfo(NONCE, Asn1Integer.class),
- new Asn1FieldInfo(ETYPE, KrbIntegers.class),
- new Asn1FieldInfo(ADDRESSES, HostAddresses.class),
- new Asn1FieldInfo(ENC_AUTHORIZATION_DATA, AuthorizationData.class),
- new Asn1FieldInfo(ADDITIONAL_TICKETS, Tickets.class)
- };
-
- public KdcReqBody() {
- super(fieldInfos);
- }
-
- private AuthorizationData authorizationData;
-
- public KerberosTime getFrom() {
- return getFieldAs(FROM, KerberosTime.class);
- }
-
- public void setFrom(KerberosTime from) {
- setFieldAs(FROM, from);
- }
-
- public KerberosTime getTill() {
- return getFieldAs(TILL, KerberosTime.class);
- }
-
- public void setTill(KerberosTime till) {
- setFieldAs(TILL, till);
- }
-
- public KerberosTime getRtime() {
- return getFieldAs(RTIME, KerberosTime.class);
- }
-
- public void setRtime(KerberosTime rtime) {
- setFieldAs(RTIME, rtime);
- }
-
- public int getNonce() {
- return getFieldAsInt(NONCE);
- }
-
- public void setNonce(int nonce) {
- setFieldAsInt(NONCE, nonce);
- }
-
- public List<EncryptionType> getEtypes() {
- KrbIntegers values = getFieldAs(ETYPE, KrbIntegers.class);
- if (values == null) {
- return Collections.emptyList();
- }
-
- List<EncryptionType> results = new ArrayList<EncryptionType>();
- for (Integer value : values.getValues()) {
- results.add(EncryptionType.fromValue(value));
- }
- return results;
- }
-
- public void setEtypes(List<EncryptionType> etypes) {
- List<Integer> values = new ArrayList<Integer>();
- for (EncryptionType etype: etypes) {
- values.add(etype.getValue());
- }
- KrbIntegers value = new KrbIntegers(values);
- setFieldAs(ETYPE, value);
- }
-
- public HostAddresses getAddresses() {
- return getFieldAs(ADDRESSES, HostAddresses.class);
- }
-
- public void setAddresses(HostAddresses addresses) {
- setFieldAs(ADDRESSES, addresses);
- }
-
- public EncryptedData getEncryptedAuthorizationData() {
- return getFieldAs(ENC_AUTHORIZATION_DATA, EncryptedData.class);
- }
-
- public void setEncryptedAuthorizationData(EncryptedData encAuthorizationData) {
- setFieldAs(ENC_AUTHORIZATION_DATA, encAuthorizationData);
- }
-
- public AuthorizationData getAuthorizationData() {
- return authorizationData;
- }
-
- public void setAuthorizationData(AuthorizationData authorizationData) {
- this.authorizationData = authorizationData;
- }
-
- public Tickets getAdditionalTickets() {
- return getFieldAs(ADDITIONAL_TICKETS, Tickets.class);
- }
-
- public void setAdditionalTickets(Tickets additionalTickets) {
- setFieldAs(ADDITIONAL_TICKETS, additionalTickets);
- }
-
- public KdcOptions getKdcOptions() {
- return getFieldAs(KDC_OPTIONS, KdcOptions.class);
- }
-
- public void setKdcOptions(KdcOptions kdcOptions) {
- setFieldAs(KDC_OPTIONS, kdcOptions);
- }
-
- public PrincipalName getSname() {
- return getFieldAs(SNAME, PrincipalName.class);
- }
-
- public void setSname(PrincipalName sname) {
- setFieldAs(SNAME, sname);
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName cname) {
- setFieldAs(CNAME, cname);
- }
-
- public String getRealm() {
- return getFieldAsString(REALM);
- }
-
- public void setRealm(String realm) {
- setFieldAs(REALM, new KerberosString(realm));
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
deleted file mode 100644
index 9057b62..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-
-/**
- TGS-REP ::= [APPLICATION 13] KDC-REP
- */
-public class TgsRep extends KdcRep {
- public TgsRep() {
- super(KrbMessageType.TGS_REP);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
deleted file mode 100644
index ce4ae9c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.kdc;
-
-import org.apache.kerberos.kerb.spec.common.KrbMessageType;
-
-/**
- TGS-REQ ::= [APPLICATION 12] KDC-REQ
- */
-public class TgsReq extends KdcReq {
-
- public TgsReq() {
- super(KrbMessageType.TGS_REQ);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
deleted file mode 100644
index 400233c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
- */
-public class PaAuthenticationSet extends KrbSequenceOfType<PaAuthenticationSetElem> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
deleted file mode 100644
index 192e9f8..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
- pa-type [0] Int32,
- -- same as padata-type.
- pa-hint [1] OCTET STRING OPTIONAL,
- pa-value [2] OCTET STRING OPTIONAL
- }
- */
-public class PaAuthenticationSetElem extends KrbSequenceType {
- private static int PA_TYPE = 0;
- private static int PA_HINT = 1;
- private static int PA_VALUE = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
- new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
- new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
- };
-
- public PaAuthenticationSetElem() {
- super(fieldInfos);
- }
-
- public PaDataType getPaType() {
- Integer value = getFieldAsInteger(PA_TYPE);
- return PaDataType.fromValue(value);
- }
-
- public void setPaType(PaDataType paDataType) {
- setFieldAsInt(PA_TYPE, paDataType.getValue());
- }
-
- public byte[] getPaHint() {
- return getFieldAsOctets(PA_HINT);
- }
-
- public void setPaHint(byte[] paHint) {
- setFieldAsOctets(PA_HINT, paHint);
- }
-
- public byte[] getPaValue() {
- return getFieldAsOctets(PA_VALUE);
- }
-
- public void setPaValue(byte[] paDataValue) {
- setFieldAsOctets(PA_VALUE, paDataValue);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
deleted file mode 100644
index 99e10c3..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- PA-DATA ::= SEQUENCE {
- -- NOTE: first tag is [1], not [0]
- padata-type [1] Int32,
- padata-value [2] OCTET STRING -- might be encoded AP-REQ
- }
- */
-public class PaData extends KrbSequenceOfType<PaDataEntry> {
-
- public PaDataEntry findEntry(PaDataType paType) {
- for (PaDataEntry pae : getElements()) {
- if (pae.getPaDataType() == paType) {
- return pae;
- }
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
deleted file mode 100644
index f987974..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-DATA ::= SEQUENCE {
- -- NOTE: first tag is [1], not [0]
- padata-type [1] Int32,
- padata-value [2] OCTET STRING -- might be encoded AP-REQ
- }
- */
-public class PaDataEntry extends KrbSequenceType {
- private static int PADATA_TYPE = 0;
- private static int PADATA_VALUE = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PADATA_TYPE, 1, Asn1Integer.class),
- new Asn1FieldInfo(PADATA_VALUE, 2, Asn1OctetString.class)
- };
-
- public PaDataEntry() {
- super(fieldInfos);
- }
-
- public PaDataEntry(PaDataType type, byte[] paData) {
- this();
- setPaDataType(type);
- setPaDataValue(paData);
- }
-
- public PaDataType getPaDataType() {
- Integer value = getFieldAsInteger(PADATA_TYPE);
- return PaDataType.fromValue(value);
- }
-
- public void setPaDataType(PaDataType paDataType) {
- setFieldAsInt(PADATA_TYPE, paDataType.getValue());
- }
-
- public byte[] getPaDataValue() {
- return getFieldAsOctets(PADATA_VALUE);
- }
-
- public void setPaDataValue(byte[] paDataValue) {
- setFieldAsOctets(PADATA_VALUE, paDataValue);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
deleted file mode 100644
index 753cd59..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-/**
- * From krb5.h
- */
-public enum PaDataType implements KrbEnum {
- NONE (0),
- TGS_REQ (1),
- AP_REQ (1),
- ENC_TIMESTAMP (2), // RFC 4120
- PW_SALT (3), // RFC 4120
- ENC_ENCKEY (4), // Key encrypted within itself
- ENC_UNIX_TIME (5), // timestamp encrypted in key. RFC 4120
- ENC_SANDIA_SECURID (6), // SecurId passcode. RFC 4120
- SESAME (7), // Sesame project. RFC 4120
- OSF_DCE (8), // OSF DCE. RFC 4120
- CYBERSAFE_SECUREID (9), // Cybersafe. RFC 4120
- AFS3_SALT (10), // Cygnus. RFC 4120, 3961
- ETYPE_INFO (11), // Etype info for preauth. RFC 4120
- SAM_CHALLENGE (12), // SAM/OTP
- SAM_RESPONSE (13), // SAM/OTP
- PK_AS_REQ (16), // PKINIT. RFC 4556
- PK_AS_REP (17), // PKINIT. RFC 4556
- ETYPE_INFO2 (19), // RFC 4120
- USE_SPECIFIED_KVNO (20), // RFC 4120
- SVR_REFERRAL_INFO (20), // Windows 2000 referrals. RFC 6820
- SAM_REDIRECT (21), // SAM/OTP. RFC 4120
- GET_FROM_TYPED_DATA (22), // Embedded in typed data. RFC 4120
- REFERRAL (25), // draft referral system
- SAM_CHALLENGE_2 (30), // draft challenge system, updated
- SAM_RESPONSE_2 (31), // draft challenge system, updated
- /* MS-KILE */
- PAC_REQUEST (128), // include Windows PAC
- FOR_USER (129), // username protocol transition request
- S4U_X509_USER (130), // certificate protocol transition request
- AS_CHECKSUM (132), // AS checksum
- FX_COOKIE (133), // RFC 6113
- FX_FAST (136), // RFC 6113
- FX_ERROR (137), // RFC 6113
- ENCRYPTED_CHALLENGE (138), // RFC 6113
- OTP_CHALLENGE (141), // RFC 6560 section 4.1
- OTP_REQUEST (142), // RFC 6560 section 4.2
- OTP_PIN_CHANGE (144), // RFC 6560 section 4.3
- PKINIT_KX (147), // RFC 6112
- ENCPADATA_REQ_ENC_PA_REP (149), // RFC 6806
- TOKEN_REQUEST (148), // TokenPreauth
- TOKEN_CHALLENGE (149);
-
- private final int value;
-
- private PaDataType(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static PaDataType fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (PaDataType) e;
- }
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
deleted file mode 100644
index 9b20ff5..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-ENC-TS-ENC ::= SEQUENCE {
- patimestamp [0] KerberosTime -- client's time --,
- pausec [1] Microseconds OPTIONAL
- }
- */
-public class PaEncTsEnc extends KrbSequenceType {
- private static int PATIMESTAMP = 0;
- private static int PAUSEC = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PATIMESTAMP, 1, KerberosTime.class),
- new Asn1FieldInfo(PAUSEC, 2, Asn1Integer.class)
- };
-
- public PaEncTsEnc() {
- super(fieldInfos);
- }
-
- public KerberosTime getPaTimestamp() {
- return getFieldAsTime(PATIMESTAMP);
- }
-
- public void setPaTimestamp(KerberosTime paTimestamp) {
- setFieldAs(PATIMESTAMP, paTimestamp);
- }
-
- public int getPaUsec() {
- return getFieldAsInt(PAUSEC);
- }
-
- public void setPaUsec(int paUsec) {
- setFieldAsInt(PAUSEC, paUsec);
- }
-
- public KerberosTime getAllTime() {
- KerberosTime paTimestamp = getPaTimestamp();
- return paTimestamp.extend(getPaUsec() / 1000);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
deleted file mode 100644
index 6dbeb99..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.otp;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.haox.asn1.type.Asn1Utf8String;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
-
-/**
- OTP-TOKENINFO ::= SEQUENCE {
- flags [0] OTPFlags,
- otp-vendor [1] UTF8String OPTIONAL,
- otp-challenge [2] OCTET STRING (SIZE(1..MAX)) OPTIONAL,
- otp-length [3] Int32 OPTIONAL,
- otp-format [4] OTPFormat OPTIONAL,
- otp-tokenID [5] OCTET STRING OPTIONAL,
- otp-algID [6] AnyURI OPTIONAL,
- supportedHashAlg [7] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
- iterationCount [8] Int32 OPTIONAL
- }
- */
-public class OtpTokenInfo extends KrbSequenceType {
- private static int FLAGS = 0;
- private static int OTP_VENDOR = 1;
- private static int OTP_CHALLENGE = 2;
- private static int OTP_LENGTH = 3;
- private static int OTP_FORMAT = 4;
- private static int OTP_TOKEN_ID = 5;
- private static int OTP_ALG_ID = 6;
- private static int SUPPORTED_HASH_ALG = 7;
- private static int ITERATION_COUNT = 8;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
- new Asn1FieldInfo(OTP_VENDOR, Asn1Utf8String.class),
- new Asn1FieldInfo(OTP_CHALLENGE, Asn1OctetString.class, true),
- new Asn1FieldInfo(OTP_LENGTH, KerberosString.class),
- new Asn1FieldInfo(OTP_FORMAT, Asn1OctetString.class, true),
- new Asn1FieldInfo(OTP_TOKEN_ID, Asn1Utf8String.class),
- new Asn1FieldInfo(OTP_ALG_ID, Asn1OctetString.class, true),
- new Asn1FieldInfo(SUPPORTED_HASH_ALG, AlgorithmIdentifiers.class),
- new Asn1FieldInfo(ITERATION_COUNT, Asn1Integer.class, true)
- };
-
- public OtpTokenInfo() {
- super(fieldInfos);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
deleted file mode 100644
index 9ed3c14..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.otp;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.haox.asn1.type.Asn1Utf8String;
-import org.apache.kerberos.kerb.spec.KerberosString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-OTP-CHALLENGE ::= SEQUENCE {
- nonce [0] OCTET STRING,
- otp-service [1] UTF8String OPTIONAL,
- otp-tokenInfo [2] SEQUENCE (SIZE(1..MAX)) OF OTP-TOKENINFO,
- salt [3] KerberosString OPTIONAL,
- s2kparams [4] OCTET STRING OPTIONAL,
- }
- */
-public class PaOtpChallenge extends KrbSequenceType {
- private static int NONCE = 0;
- private static int OTP_SERVICE = 1;
- private static int OTP_TOKEN_INFO = 2;
- private static int SALT = 3;
- private static int S2KPARAMS = 4;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(NONCE, Asn1OctetString.class, true),
- new Asn1FieldInfo(OTP_SERVICE, Asn1Utf8String.class),
- new Asn1FieldInfo(OTP_TOKEN_INFO, Asn1OctetString.class, true),
- new Asn1FieldInfo(SALT, KerberosString.class),
- new Asn1FieldInfo(S2KPARAMS, Asn1OctetString.class, true)
- };
-
- public PaOtpChallenge() {
- super(fieldInfos);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
deleted file mode 100644
index 1fb63b6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- * AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier
- */
-public class AdInitialVerifiedCas extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
deleted file mode 100644
index ae12d29..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
-import org.apache.kerberos.kerb.spec.x509.AlgorithmIdentifier;
-
-/**
- trustedCertifiers SEQUENCE OF AlgorithmIdentifier OPTIONAL,
- */
-public class AlgorithmIdentifiers extends KrbSequenceOfType<AlgorithmIdentifier> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
deleted file mode 100644
index cffc8e2..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.x509.SubjectPublicKeyInfo;
-
-/**
- AuthPack ::= SEQUENCE {
- pkAuthenticator [0] PKAuthenticator,
- clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
- supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
- clientDHNonce [3] DHNonce OPTIONAL
- }
- */
-public class AuthPack extends KrbSequenceType {
- private static int PK_AUTHENTICATOR = 0;
- private static int CLIENT_PUBLIC_VALUE = 1;
- private static int SUPPORTED_CMS_TYPES = 2;
- private static int CLIENT_DH_NONCE = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(PK_AUTHENTICATOR, PkAuthenticator.class),
- new Asn1FieldInfo(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class),
- new Asn1FieldInfo(SUPPORTED_CMS_TYPES, AlgorithmIdentifiers.class),
- new Asn1FieldInfo(CLIENT_DH_NONCE, DHNonce.class)
- };
-
- public AuthPack() {
- super(fieldInfos);
- }
-
- public PkAuthenticator getPkAuthenticator() {
- return getFieldAs(PK_AUTHENTICATOR, PkAuthenticator.class);
- }
-
- public void setPkAuthenticator(PkAuthenticator pkAuthenticator) {
- setFieldAs(PK_AUTHENTICATOR, pkAuthenticator);
- }
-
- public SubjectPublicKeyInfo getClientPublicValue() {
- return getFieldAs(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class);
- }
-
- public void setClientPublicValue(SubjectPublicKeyInfo clientPublicValue) {
- setFieldAs(CLIENT_PUBLIC_VALUE, clientPublicValue);
- }
-
- public AlgorithmIdentifiers getsupportedCmsTypes() {
- return getFieldAs(CLIENT_DH_NONCE, AlgorithmIdentifiers.class);
- }
-
- public void setsupportedCmsTypes(AlgorithmIdentifiers supportedCMSTypes) {
- setFieldAs(CLIENT_DH_NONCE, supportedCMSTypes);
- }
-
- public DHNonce getClientDhNonce() {
- return getFieldAs(CLIENT_DH_NONCE, DHNonce.class);
- }
-
- public void setClientDhNonce(DHNonce dhNonce) {
- setFieldAs(CLIENT_DH_NONCE, dhNonce);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
deleted file mode 100644
index 14d0b7a..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1OctetString;
-
-/**
- * DHNonce ::= OCTET STRING
- */
-public class DHNonce extends Asn1OctetString {
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
deleted file mode 100644
index 5b641f6..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- DHRepInfo ::= SEQUENCE {
- dhSignedData [0] IMPLICIT OCTET STRING,
- serverDHNonce [1] DHNonce OPTIONAL
- }
- */
-public class DHRepInfo extends KrbSequenceType {
- private static int DH_SIGNED_DATA = 0;
- private static int SERVER_DH_NONCE = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(DH_SIGNED_DATA, Asn1OctetString.class, true),
- new Asn1FieldInfo(SERVER_DH_NONCE, DHNonce.class)
- };
-
- public DHRepInfo() {
- super(fieldInfos);
- }
-
- public byte[] getDHSignedData() {
- return getFieldAsOctets(DH_SIGNED_DATA);
- }
-
- public void setDHSignedData(byte[] dhSignedData) {
- setFieldAsOctets(DH_SIGNED_DATA, dhSignedData);
- }
-
- public DHNonce getServerDhNonce() {
- return getFieldAs(SERVER_DH_NONCE, DHNonce.class);
- }
-
- public void setServerDhNonce(DHNonce dhNonce) {
- setFieldAs(SERVER_DH_NONCE, dhNonce);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
deleted file mode 100644
index ab5e155..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- ExternalPrincipalIdentifier ::= SEQUENCE {
- subjectName [0] IMPLICIT OCTET STRING OPTIONAL,
- issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL,
- subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL
- }
- */
-public class ExternalPrincipalIdentifier extends KrbSequenceType {
- private static int SUBJECT_NAME = 0;
- private static int ISSUER_AND_SERIAL_NUMBER = 1;
- private static int SUBJECT_KEY_IDENTIFIER = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(SUBJECT_NAME, Asn1OctetString.class, true),
- new Asn1FieldInfo(ISSUER_AND_SERIAL_NUMBER, Asn1OctetString.class, true),
- new Asn1FieldInfo(SUBJECT_KEY_IDENTIFIER, Asn1OctetString.class, true)
- };
-
- public ExternalPrincipalIdentifier() {
- super(fieldInfos);
- }
-
- public byte[] getSubjectName() {
- return getFieldAsOctets(SUBJECT_NAME);
- }
-
- public void setSubjectName(byte[] subjectName) {
- setFieldAsOctets(SUBJECT_NAME, subjectName);
- }
-
- public byte[] getIssuerSerialNumber() {
- return getFieldAsOctets(ISSUER_AND_SERIAL_NUMBER);
- }
-
- public void setIssuerSerialNumber(byte[] issuerSerialNumber) {
- setFieldAsOctets(ISSUER_AND_SERIAL_NUMBER, issuerSerialNumber);
- }
-
- public byte[] getSubjectKeyIdentifier() {
- return getFieldAsOctets(SUBJECT_KEY_IDENTIFIER);
- }
-
- public void setSubjectKeyIdentifier(byte[] subjectKeyIdentifier) {
- setFieldAsOctets(SUBJECT_KEY_IDENTIFIER, subjectKeyIdentifier);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
deleted file mode 100644
index 05b39af..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1BitString;
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- KDCDHKeyInfo ::= SEQUENCE {
- subjectPublicKey [0] BIT STRING,
- nonce [1] INTEGER (0..4294967295),
- dhKeyExpiration [2] KerberosTime OPTIONAL,
- }
- */
-public class KdcDHKeyInfo extends KrbSequenceType {
- private static int SUBJECT_PUBLICK_KEY = 0;
- private static int NONCE = 1;
- private static int DH_KEY_EXPIRATION = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(SUBJECT_PUBLICK_KEY, Asn1BitString.class),
- new Asn1FieldInfo(NONCE, Asn1Integer.class),
- new Asn1FieldInfo(DH_KEY_EXPIRATION, KerberosTime.class)
- };
-
- public KdcDHKeyInfo() {
- super(fieldInfos);
- }
-
- public byte[] getSubjectPublicKey() {
- return getFieldAsOctets(SUBJECT_PUBLICK_KEY);
- }
-
- public void setSubjectPublicKey(byte[] subjectPublicKey) {
- setFieldAsOctets(SUBJECT_PUBLICK_KEY, subjectPublicKey);
- }
-
- public int getNonce() {
- return getFieldAsInt(NONCE);
- }
-
- public void setNonce(int nonce) {
- setFieldAsInt(NONCE, nonce);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
deleted file mode 100644
index 01c083e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-import org.apache.kerberos.kerb.spec.common.Realm;
-
-/**
- KRB5PrincipalName ::= SEQUENCE {
- realm [0] Realm,
- principalName [1] PrincipalName
- }
- */
-public class Krb5PrincipalName extends KrbSequenceType {
- private static int REALM = 0;
- private static int PRINCIPAL_NAME = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(REALM, Realm.class),
- new Asn1FieldInfo(PRINCIPAL_NAME, PrincipalName.class)
- };
-
- public Krb5PrincipalName() {
- super(fieldInfos);
- }
-
- public String getRelm() {
- return getFieldAsString(REALM);
- }
-
- public void setRealm(String realm) {
- setFieldAsString(REALM, realm);
- }
-
- public PrincipalName getPrincipalName() {
- return getFieldAs(PRINCIPAL_NAME, PrincipalName.class);
- }
-
- public void setPrincipalName(PrincipalName principalName) {
- setFieldAs(PRINCIPAL_NAME, principalName);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
deleted file mode 100644
index a0da24a..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1Choice;
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-
-/**
- PA-PK-AS-REP ::= CHOICE {
- dhInfo [0] DHRepInfo,
- encKeyPack [1] IMPLICIT OCTET STRING,
- }
- */
-public class PaPkAsRep extends Asn1Choice {
- private static int DH_INFO = 0;
- private static int ENCKEY_PACK = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(DH_INFO, DHRepInfo.class),
- new Asn1FieldInfo(ENCKEY_PACK, Asn1OctetString.class, true)
- };
-
- public PaPkAsRep() {
- super(fieldInfos);
- }
-
- public DHRepInfo getDHRepInfo() {
- return getFieldAs(DH_INFO, DHRepInfo.class);
- }
-
- public void setDHRepInfo(DHRepInfo dhRepInfo) {
- setFieldAs(DH_INFO, dhRepInfo);
- }
-
- public byte[] getEncKeyPack() {
- return getFieldAsOctets(ENCKEY_PACK);
- }
-
- public void setEncKeyPack(byte[] encKeyPack) {
- setFieldAsOctets(ENCKEY_PACK, encKeyPack);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
deleted file mode 100644
index 5ae8461..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PA-PK-AS-REQ ::= SEQUENCE {
- signedAuthPack [0] IMPLICIT OCTET STRING,
- trustedCertifiers [1] SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
- kdcPkId [2] IMPLICIT OCTET STRING OPTIONAL
- }
- */
-public class PaPkAsReq extends KrbSequenceType {
- private static int SIGNED_AUTH_PACK = 0;
- private static int TRUSTED_CERTIFIERS = 1;
- private static int KDC_PKID = 2;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(SIGNED_AUTH_PACK, Asn1OctetString.class, true),
- new Asn1FieldInfo(TRUSTED_CERTIFIERS, TrustedCertifiers.class),
- new Asn1FieldInfo(KDC_PKID, Asn1OctetString.class, true)
- };
-
- public PaPkAsReq() {
- super(fieldInfos);
- }
-
- public byte[] getSignedAuthPack() {
- return getFieldAsOctets(SIGNED_AUTH_PACK);
- }
-
- public void setSignedAuthPack(byte[] signedAuthPack) {
- setFieldAsOctets(SIGNED_AUTH_PACK, signedAuthPack);
- }
-
- public TrustedCertifiers getTrustedCertifiers() {
- return getFieldAs(TRUSTED_CERTIFIERS, TrustedCertifiers.class);
- }
-
- public void setTrustedCertifiers(TrustedCertifiers trustedCertifiers) {
- setFieldAs(TRUSTED_CERTIFIERS, trustedCertifiers);
- }
-
- public byte[] getKdcPkId() {
- return getFieldAsOctets(KDC_PKID);
- }
-
- public void setKdcPkId(byte[] kdcPkId) {
- setFieldAsOctets(KDC_PKID, kdcPkId);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
deleted file mode 100644
index 4d1085f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1Integer;
-import org.apache.haox.asn1.type.Asn1OctetString;
-import org.apache.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-
-/**
- PKAuthenticator ::= SEQUENCE {
- cusec [0] INTEGER (0..999999),
- ctime [1] KerberosTime,
- -- cusec and ctime are used as in [RFC4120], for
- -- replay prevention.
- nonce [2] INTEGER (0..4294967295),
- -- Chosen randomly; this nonce does not need to
- -- match with the nonce in the KDC-REQ-BODY.
- paChecksum [3] OCTET STRING OPTIONAL,
- -- MUST be present.
- -- Contains the SHA1 checksum, performed over
- -- KDC-REQ-BODY.
- }
- */
-public class PkAuthenticator extends KrbSequenceType {
- private static int CUSEC = 0;
- private static int CTIME = 1;
- private static int NONCE = 2;
- private static int PA_CHECKSUM = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(CUSEC, Asn1Integer.class),
- new Asn1FieldInfo(CTIME, KerberosTime.class),
- new Asn1FieldInfo(NONCE, Asn1Integer.class),
- new Asn1FieldInfo(PA_CHECKSUM, Asn1OctetString.class)
- };
-
- public PkAuthenticator() {
- super(fieldInfos);
- }
-
- public int getCusec() {
- return getFieldAsInt(CUSEC);
- }
-
- public void setCusec(int cusec) {
- setFieldAsInt(CUSEC, cusec);
- }
-
- public KerberosTime getCtime() {
- return getFieldAsTime(CTIME);
- }
-
- public void setCtime(KerberosTime ctime) {
- setFieldAs(CTIME, ctime);
- }
-
- public int getNonce() {
- return getFieldAsInt(NONCE);
- }
-
- public void setNonce(int nonce) {
- setFieldAsInt(NONCE, nonce);
- }
-
- public byte[] getPaChecksum() {
- return getFieldAsOctets(PA_CHECKSUM);
- }
-
- public void setPaChecksum(byte[] paChecksum) {
- setFieldAsOctets(PA_CHECKSUM, paChecksum);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
deleted file mode 100644
index 514b666..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.kerberos.kerb.spec.KrbSequenceType;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-
-/**
- ReplyKeyPack ::= SEQUENCE {
- replyKey [0] EncryptionKey,
- asChecksum [1] Checksum,
- }
- */
-public class ReplyKeyPack extends KrbSequenceType {
- private static int REPLY_KEY = 0;
- private static int AS_CHECKSUM = 1;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new Asn1FieldInfo(REPLY_KEY, EncryptionKey.class),
- new Asn1FieldInfo(AS_CHECKSUM, CheckSum.class)
- };
-
- public ReplyKeyPack() {
- super(fieldInfos);
- }
-
- public EncryptionKey getReplyKey() {
- return getFieldAs(REPLY_KEY, EncryptionKey.class);
- }
-
- public void setReplyKey(EncryptionKey replyKey) {
- setFieldAs(REPLY_KEY, replyKey);
- }
-
- public CheckSum getAsChecksum() {
- return getFieldAs(AS_CHECKSUM, CheckSum.class);
- }
-
- public void setAsChecksum(CheckSum checkSum) {
- setFieldAs(AS_CHECKSUM, checkSum);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
deleted file mode 100644
index 9fccf00..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.spec.pa.pkinit;
-
-/**
- * TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier
- */
-public class TdDhParameters extends AlgorithmIdentifiers {
-}
[27/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
deleted file mode 100644
index 76e60c5..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DecryptionTest.java
+++ /dev/null
@@ -1,985 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.haox.util.HexUtil;
-import org.junit.Test;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-/**
- * Decryption test with known ciphertexts.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public class DecryptionTest {
- /**
- * The class used to store the test values
- */
- private static class TestCase {
- EncryptionType encType;
- String plainText;
- int keyUsage;
- String key;
- String cipher;
-
- TestCase(EncryptionType encType, String plainText,
- int keyUsage, String key, String cipher) {
- this.encType = encType;
- this.plainText = plainText;
- this.keyUsage = keyUsage;
- this.key = key;
- this.cipher = cipher;
- }
- }
-
- /**
- * Actually do the test
- */
- private boolean testDecrypt(TestCase testCase) throws Exception {
- KeyUsage ku = KeyUsage.fromValue(testCase.keyUsage);
-
- byte[] cipherBytes = HexUtil.hex2bytes(testCase.cipher);
- byte[] keyBytes = HexUtil.hex2bytes(testCase.key);
-
- EncryptionKey encKey = new EncryptionKey(testCase.encType, keyBytes);
- byte[] decrypted = EncryptionHandler.decrypt(cipherBytes, encKey, ku);
- String plainText = new String(decrypted);
-
- return plainText.startsWith(testCase.plainText);
- }
-
- /**
- * Perform all the checks for a testcase
- */
- private void performTestDecrypt(TestCase testCase) {
- //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
- if (! EncryptionHandler.isImplemented(testCase.encType)) {
- System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());
- return;
- }
-
- try {
- assertTrue(testDecrypt(testCase));
- } catch (Exception e) {
- fail(e.getMessage());
- }
- }
-
- /**
- * Test for DES_CBC_CRC encryption type, with 0 byte
- */
- @Test
- public void testDecryptDES_CBC_CRC_0() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_CRC,
- "", 0,
- "45E6087CDF138FB5",
- "28F6B09A012BCCF72FB05122B2839E6E");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_CRC encryption type, with 1 byte
- */
- @Test
- public void testDecryptDES_CBC_CRC_1() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_CRC,
- "1", 1,
- "92A7155810586B2F",
- "B4C871C2F3E7BF7605EFD62F2EEEC205");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_CRC encryption type, with 9 bytes
- */
- @Test
- public void testDecryptDES_CBC_CRC_9() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_CRC,
- "9 bytesss", 2,
- "A4B9514A61646423",
- "5F14C35178D33D7CDE0EC169C623CC83" +
- "21B7B8BD34EA7EFE");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_CRC encryption type, with 13 bytes
- */
- @Test
- public void testDecryptDES_CBC_CRC_13() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_CRC,
- "13 bytes byte", 3,
- "2F16A2A7FDB05768",
- "0B588E38D971433C9D86D8BAEBF63E4C" +
- "1A01666E76D8A54A3293F72679ED88C9");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_CRC encryption type, with 30 bytes
- */
- @Test
- public void testDecryptDES_CBC_CRC_30() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_CRC,
- "30 bytes bytes bytes bytes byt", 4,
- "BC8F70FD2097D67C",
- "38D632D2C20A7C2EA250FC8ECE42938E" +
- "92A9F5D302502665C1A33729C1050DC2" +
- "056298FBFB1682CEEB65E59204FDA7DF");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD4 encryption type, with 0 byte
- */
- @Test
- public void testDecryptDES_CBC_MD4_0() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD4,
- "", 0,
- "13EF45D0D6D9A15D",
- "1FB202BF07AF3047FB7801E588568686" +
- "BA63D78BE3E87DC7");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD4 encryption type, with 1 byte
- */
- @Test
- public void testDecryptDES_CBC_MD4_1() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD4,
- "1", 1,
- "64688654DC269E67",
- "1F6CB9CECB73F755ABFDB3D565BD31D5" +
- "A2E64BFE44C491E20EEBE5BD20E4D2A9");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD4 encryption type, with 9 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD4_9() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD4,
- "9 bytesss", 2,
- "6804FB26DF8A4C32",
- "08A53D62FEC3338AD1D218E60DBDD3B2" +
- "12940679D125E0621B3BAB4680CE0367" +
- "6A2C420E9BE784EB");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD4 encryption type, with 13 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD4_13() {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD4,
- "13 bytes byte", 3,
- "234A436EC72FA80B",
- "17CD45E14FF06B2840A6036E9AA7A414" +
- "4E29768144A0C1827D8C4BC7C9906E72" +
- "CD4DC328F6648C99");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD4 encryption type, with 30 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD4_30()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD4,
- "30 bytes bytes bytes bytes byt", 4,
- "1FD5F74334C4FB8C",
- "51134CD8951E9D57C0A36053E04CE03E" +
- "CB8422488FDDC5C074C4D85E60A2AE42" +
- "3C3C701201314F362CB07448091679C6" +
- "A496C11D7B93C71B");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD5 encryption type, with 0 byte
- */
- @Test
- public void testDecryptDES_CBC_MD5_0()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD5,
- "", 0,
- "4A545E0BF7A22631",
- "784CD81591A034BE82556F56DCA3224B" +
- "62D9956FA90B1B93");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD5 encryption type, with 1 byte
- */
- @Test
- public void testDecryptDES_CBC_MD5_1()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD5,
- "1", 1,
- "D5804A269DC4E645",
- "FFA25C7BE287596BFE58126E90AAA0F1" +
- "2D9A82A0D86DF6D5F9074B6B399E7FF1");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD5 encryption type, with 9 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD5_9()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD5,
- "9 bytesss", 2,
- "C8312F7F83EA4640",
- "E7850337F2CC5E3F35CE3D69E2C32986" +
- "38A7AA44B878031E39851E47C15B5D0E" +
- "E7E7AC54DE111D80");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD5 encryption type, with 13 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD5_13()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD5,
- "13 bytes byte", 3,
- "7FDA3E62AD8AF18C",
- "D7A8032E19994C928777506595FBDA98" +
- "83158A8514548E296E911C29F465C672" +
- "366000558BFC2E88");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_MD5 encryption type, with 30 bytes
- */
- @Test
- public void testDecryptDES_CBC_MD5_30()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES_CBC_MD5,
- "30 bytes bytes bytes bytes byt", 4,
- "D3D6832970A73752",
- "8A48166A4C6FEAE607A8CF68B381C075" +
- "5E402B19DBC0F81A7D7CA19A25E05223" +
- "F6064409BF5A4F50ACD826639FFA7673" +
- "FD324EC19E429502");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_SHA1 encryption type, with 0 byte
- */
- @Test
- public void testDecryptDES_CBC_SHA1_0()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "", 0,
- "7A25DF8992296DCEDA0E135BC4046E23" +
- "75B3C14C98FBC162",
- "548AF4D504F7D723303F12175FE8386B" +
- "7B5335A967BAD61F3BF0B143");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_SHA1 encryption type, with 1 byte
- */
- @Test
- public void testDecryptDES_CBC_SHA1_1()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "1", 1,
- "BC0783891513D5CE57BC138FD3C11AE6" +
- "40452385322962B6",
- "9C3C1DBA4747D85AF2916E4745F2DCE3" +
- "8046796E5104BCCDFB669A91D44BC356" +
- "660945C7");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_SHA1 encryption type, with 9 bytes
- */
- @Test
- public void testDecryptDES_CBC_SHA1_9()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "9 bytesss", 2,
- "2FD0F725CE04100D2FC8A18098831F85" +
- "0B45D9EF850BD920",
- "CF9144EBC8697981075A8BAD8D74E5D7" +
- "D591EB7D9770C7ADA25EE8C5B3D69444" +
- "DFEC79A5B7A01482D9AF74E6");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_SHA1 encryption type, with 13 bytes
- */
- @Test
- public void testDecryptDES_CBC_SHA1_13()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "13 bytes byte", 3,
- "0DD52094E0F41CECCB5BE510A764B351" +
- "76E3981332F1E598",
- "839A17081ECBAFBCDC91B88C6955DD3C" +
- "4514023CF177B77BF0D0177A16F705E8" +
- "49CB7781D76A316B193F8D30");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for DES_CBC_SHA1 encryption type, with 30 bytes
- */
- @Test
- public void testDecryptDES_CBC_SHA1_30()
- {
- TestCase testCase = new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "30 bytes bytes bytes bytes byt", 4,
- "F11686CBBC9E23EA54FECD2A3DCDFB20" +
- "B6FE98BF2645C4C4",
- "89433E83FD0EA3666CFFCD18D8DEEBC5" +
- "3B9A34EDBEB159D9F667C6C2B9A96440" +
- "1D55E7E9C68D648D65C3AA84FFA3790C" +
- "14A864DA8073A9A95C4BA2BC");
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 0 byte
- */
- @Test
- public void testDecryptARC_FOUR_0()
- {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC,
- "", 0,
- "F81FEC39255F5784E850C4377C88BD85",
- "02C1EB15586144122EC717763DD348BF" +
- "00434DDC6585954C"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 1 byte
- */
- @Test
- public void testDecryptARC_FOUR_1()
- {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC,
- "1", 1,
- "67D1300D281223867F9647FF48721273",
- "6156E0CC04E0A0874F9FDA008F498A7A" +
- "DBBC80B70B14DDDBC0"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 9 bytes
- */
- @Test
- public void testDecryptARC_FOUR_9()
- {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC,
- "9 bytesss", 2,
- "3E40AB6093695281B3AC1A9304224D98",
- "0F9AD121D99D4A09448E4F1F718C4F5C" +
- "BE6096262C66F29DF232A87C9F98755D" +
- "55"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 13 bytes
- */
- @Test
- public void testDecryptARC_FOUR_13()
- {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC,
- "13 bytes byte", 3,
- "4BA2FBF0379FAED87A254D3B353D5A7E",
- "612C57568B17A70352BAE8CF26FB9459" +
- "A6F3353CD35FD439DB3107CBEC765D32" +
- "6DFC04C1DD"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 30 bytes
- */
- @Test
- public void testDecryptARC_FOUR_30()
- {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC,
- "30 bytes bytes bytes bytes byt", 4,
- "68F263DB3FCE15D031C9EAB02D67107A",
- "95F9047C3AD75891C2E9B04B16566DC8" +
- "B6EB9CE4231AFB2542EF87A7B5A0F260" +
- "A99F0460508DE0CECC632D07C354124E" +
- "46C5D2234EB8"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC_EXP encryption type, with 0 byte
- */
- @Test
- public void testDecryptARCFOUR_HMAC_EXP_0() {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC_EXP,
- "", 0,
- "F7D3A155AF5E238A0B7A871A96BA2AB2",
- "2827F0E90F62E7460C4E2FB39F9657BA" +
- "8BFAA991D7FDADFF"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 1 byte
- */
- @Test
- public void testDecryptARCFOUR_HMAC_EXP_1() {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC_EXP,
- "1", 1,
- "DEEAA0607DB799E2FDD6DB2986BB8D65",
- "3DDA392E2E275A4D75183FA6328A0A4E" +
- "6B752DF6CD2A25FA4E"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 9 bytes
- */
- @Test
- public void testDecryptARCFOUR_HMAC_EXP_9() {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC_EXP,
- "9 bytesss", 2,
- "33AD7FC2678615569B2B09836E0A3AB6",
- "09D136AC485D92644EC6701D6A0D03E8" +
- "982D7A3CA7EFD0F8F4F83660EF4277BB" +
- "81"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 13 bytes
- */
- @Test
- public void testDecryptARCFOUR_HMAC_EXP_13() {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC_EXP,
- "13 bytes byte", 3,
- "39F25CD4F0D41B2B2D9D300FCB2981CB",
- "912388D7C07612819E3B640FF5CECDAF" +
- "72E5A59DF10F1091A6BEC39CAAD748AF" +
- "9BD2D8D546"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for ARCFOUR_HMAC encryption type, with 30 bytes
- */
- @Test
- public void testDecryptARCFOUR_HMAC_EXP_30() {
- TestCase testCase = new TestCase(
- EncryptionType.ARCFOUR_HMAC_EXP,
- "30 bytes bytes bytes bytes byt", 4,
- "9F725542D9F72AA1F386CBE7896984FC",
- "78B35A08B08BE265AEB4145F076513B6" +
- "B56EFED3F7526574AF74F7D2F9BAE96E" +
- "ABB76F2D87386D2E93E3A77B99919F1D" +
- "976490E2BD45"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 0 byte
- */
- @Test
- public void testDecryptAES128_CTS_HMAC_SHA1_96_0() {
- TestCase testCase = new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "", 0,
- "5A5C0F0BA54F3828B2195E66CA24A289",
- "49FF8E11C173D9583A3254FBE7B1F1DF" +
- "36C538E8416784A1672E6676"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 1 byte
- */
- @Test
- public void testDecryptAES128_CTS_HMAC_SHA1_96_1() {
- TestCase testCase = new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "1", 1,
- "98450E3F3BAA13F5C99BEB936981B06F",
- "F86742F537B35DC2174A4DBAA920FAF9" +
- "042090B065E1EBB1CAD9A65394"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 9 bytes
- */
- @Test
- public void testDecryptAES128_CTS_HMAC_SHA1_96_9() {
- TestCase testCase = new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "9 bytesss", 2,
- "9062430C8CDA3388922E6D6A509F5B7A",
- "68FB9679601F45C78857B2BF820FD6E5" +
- "3ECA8D42FD4B1D7024A09205ABB7CD2E" +
- "C26C355D2F"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 13 bytes
- */
- @Test
- public void testDecryptAES128_CTS_HMAC_SHA1_96_13() {
- TestCase testCase = new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "13 bytes byte", 3,
- "033EE6502C54FD23E27791E987983827",
- "EC366D0327A933BF49330E650E49BC6B" +
- "974637FE80BF532FE51795B4809718E6" +
- "194724DB948D1FD637"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 30 bytes
- */
- @Test
- public void testDecryptAES128_CTS_HMAC_SHA1_96_30() {
- TestCase testCase = new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "30 bytes bytes bytes bytes byt", 4,
- "DCEEB70B3DE76562E689226C76429148",
- "C96081032D5D8EEB7E32B4089F789D0F" +
- "AA481DEA74C0F97CBF3146DDFCF8E800" +
- "156ECB532FC203E30FF600B63B350939" +
- "FECE510F02D7FF1E7BAC"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 0 byte
- */
- @Test
- public void testDecryptAES256_CTS_HMAC_SHA1_96_0() {
- TestCase testCase = new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "", 0,
- "17F275F2954F2ED1F90C377BA7F4D6A3" +
- "69AA0136E0BF0C927AD6133C693759A9",
- "E5094C55EE7B38262E2B044280B06937" +
- "9A95BF95BD8376FB3281B435"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 1 byte
- */
- @Test
- public void testDecryptAES256_CTS_HMAC_SHA1_96_1() {
- TestCase testCase = new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "1", 1,
- "B9477E1FF0329C0050E20CE6C72D2DFF" +
- "27E8FE541AB0954429A9CB5B4F7B1E2A",
- "406150B97AEB76D43B36B62CC1ECDFBE" +
- "6F40E95755E0BEB5C27825F3A4"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 9 bytes
- */
- @Test
- public void testDecryptAES256_CTS_HMAC_SHA1_96_9() {
- TestCase testCase = new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "9 bytesss", 2,
- "B1AE4CD8462AFF1677053CC9279AAC30" +
- "B796FB81CE21474DD3DDBCFEA4EC76D7",
- "09957AA25FCAF88F7B39E4406E633012" +
- "D5FEA21853F6478DA7065CAEF41FD454" +
- "A40824EEC5"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 13 bytes
- */
- @Test
- public void testDecryptAES256_CTS_HMAC_SHA1_96_13() {
- TestCase testCase = new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "13 bytes byte", 3,
- "E5A72BE9B7926C1225BAFEF9C1872E7B" +
- "A4CDB2B17893D84ABD90ACDD8764D966",
- "D8F1AAFEEC84587CC3E700A774E56651" +
- "A6D693E174EC4473B5E6D96F80297A65" +
- "3FB818AD893E719F96"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 30 bytes
- */
- @Test
- public void testDecryptAES256_CTS_HMAC_SHA1_96_30() {
- TestCase testCase = new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "30 bytes bytes bytes bytes byt", 4,
- "F1C795E9248A09338D82C3F8D5B56704" +
- "0B0110736845041347235B1404231398",
- "D1137A4D634CFECE924DBC3BF6790648" +
- "BD5CFF7DE0E7B99460211D0DAEF3D79A" +
- "295C688858F3B34B9CBD6EEBAE81DAF6" +
- "B734D4D498B6714F1C1D"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA128_CTS_CMAC encryption type, with 0 byte
- */
- @Test
- public void testDecryptCAMELIA128_CTS_CMAC_0() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "", 0,
- "1DC46A8D763F4F93742BCBA3387576C3",
- "C466F1871069921EDB7C6FDE244A52DB" +
- "0BA10EDC197BDB8006658CA3CCCE6EB8"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA128_CTS_CMAC encryption type, with 1 byte
- */
- @Test
- public void testDecryptCAMELIA128_CTS_CMAC_1() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "1", 1,
- "5027BC231D0F3A9D23333F1CA6FDBE7C",
- "842D21FD950311C0DD464A3F4BE8D6DA" +
- "88A56D559C9B47D3F9A85067AF661559" +
- "B8"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA128_CTS_CMAC encryption type, with 9 bytes
- */
- @Test
- public void testDecryptCAMELIA128_CTS_CMAC_9() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "9 bytesss", 2,
- "A1BB61E805F9BA6DDE8FDBDDC05CDEA0",
- "619FF072E36286FF0A28DEB3A352EC0D" +
- "0EDF5C5160D663C901758CCF9D1ED33D" +
- "71DB8F23AABF8348A0"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA128_CTS_CMAC encryption type, with 13 bytes
- */
- @Test
- public void testDecryptCAMELIA128_CTS_CMAC_13() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "13 bytes byte", 3,
- "2CA27A5FAF5532244506434E1CEF6676",
- "B8ECA3167AE6315512E59F98A7C50020" +
- "5E5F63FF3BB389AF1C41A21D640D8615" +
- "C9ED3FBEB05AB6ACB67689B5EA"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA128_CTS_CMAC encryption type, with 30 bytes
- */
- @Test
- public void testDecryptCAMELIA128_CTS_CMAC_30() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "30 bytes bytes bytes bytes byt", 4,
- "7824F8C16F83FF354C6BF7515B973F43",
- "A26A3905A4FFD5816B7B1E27380D0809" +
- "0C8EC1F304496E1ABDCD2BDCD1DFFC66" +
- "0989E117A713DDBB57A4146C1587CBA4" +
- "356665591D2240282F5842B105A5"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA256_CTS_CMAC encryption type, with 0 byte
- */
- @Test
- public void testDecryptCAMELIA256_CTS_CMAC_0() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "", 0,
- "B61C86CC4E5D2757545AD423399FB703" +
- "1ECAB913CBB900BD7A3C6DD8BF92015B",
- "03886D03310B47A6D8F06D7B94D1DD83" +
- "7ECCE315EF652AFF620859D94A259266"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA256_CTS_CMAC encryption type, with 1 byte
- */
- @Test
- public void testDecryptCAMELIA256_CTS_CMAC_1() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "1", 1,
- "1B97FE0A190E2021EB30753E1B6E1E77" +
- "B0754B1D684610355864104963463833",
- "2C9C1570133C99BF6A34BC1B0212002F" +
- "D194338749DB4135497A347CFCD9D18A12"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA256_CTS_CMAC encryption type, with 9 bytes
- */
- @Test
- public void testDecryptCAMELIA256_CTS_CMAC_9() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "9 bytesss", 2,
- "32164C5B434D1D1538E4CFD9BE8040FE" +
- "8C4AC7ACC4B93D3314D2133668147A05",
- "9C6DE75F812DE7ED0D28B2963557A115" +
- "640998275B0AF5152709913FF52A2A9C" +
- "8E63B872F92E64C839"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA256_CTS_CMAC encryption type, with 13 bytes
- */
- @Test
- public void testDecryptCAMELIA256_CTS_CMAC_13() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "13 bytes byte", 3,
- "B038B132CD8E06612267FAB7170066D8" +
- "8AECCBA0B744BFC60DC89BCA182D0715",
- "EEEC85A9813CDC536772AB9B42DEFC57" +
- "06F726E975DDE05A87EB5406EA324CA1" +
- "85C9986B42AABE794B84821BEE"
- );
-
- performTestDecrypt(testCase);
- }
-
-
- /**
- * Test for CAMELLIA256_CTS_CMAC encryption type, with 30 bytes
- */
- @Test
- public void testDecryptCAMELIA256_CTS_CMAC_30() {
- TestCase testCase = new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "30 bytes bytes bytes bytes byt", 4,
- "CCFCD349BF4C6677E86E4B02B8EAB924" +
- "A546AC731CF9BF6989B996E7D6BFBBA7",
- "0E44680985855F2D1F1812529CA83BFD" +
- "8E349DE6FD9ADA0BAAA048D68E265FEB" +
- "F34AD1255A344999AD37146887A6C684" +
- "5731AC7F46376A0504CD06571474"
- );
-
- performTestDecrypt(testCase);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
deleted file mode 100644
index ebc8055..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/DesKeyMakerTest.java
+++ /dev/null
@@ -1,65 +0,0 @@
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.key.DesKeyMaker;
-import org.haox.util.HexUtil;
-import org.junit.Assert;
-import org.junit.Test;
-
-/**
- * This is just for my experimental tweaking, so pleas bear it.
- */
-public class DesKeyMakerTest {
-
- /**
- * The class used to store the test values
- */
- private static class TestCase {
- String salt;
- String passwd;
- String passwdSaltBytes;
- String fanFoldedKey;
- String intermediateKey;
- String finalKey;
-
- private TestCase(String salt, String passwd, String passwdSaltBytes,
- String fanFoldedKey, String intermediateKey, String finalKey) {
- this.salt = salt;
- this.passwd = passwd;
- this.passwdSaltBytes = passwdSaltBytes;
- this.fanFoldedKey = fanFoldedKey;
- this.intermediateKey = intermediateKey;
- this.finalKey = finalKey;
- }
- }
-
- /**
- * Actually do the test
- */
- private void test(TestCase tc) {
- byte[] expectedValue = HexUtil.hex2bytes(tc.passwdSaltBytes);
- byte[] value = DesKeyMaker.makePasswdSalt(tc.passwd, tc.salt);
- Assert.assertArrayEquals("PasswdSalt bytes", expectedValue, value);
-
- expectedValue = HexUtil.hex2bytes(tc.fanFoldedKey);
- value = DesKeyMaker.fanFold(tc.passwd, tc.salt, null);
- Assert.assertArrayEquals("FanFold result", expectedValue, value);
-
- expectedValue = HexUtil.hex2bytes(tc.intermediateKey);
- value = DesKeyMaker.intermediateKey(value);
- Assert.assertArrayEquals("IntermediateKey result", expectedValue, value);
-
- // finalKey check ignored here and it's done in String2keyTest.
- }
-
- /**
- * This is just for my experimental tweaking, so pleas bear it.
- */
- //@Test
- public void testCase1() {
- TestCase tc = new TestCase("ATHENA.MIT.EDUraeburn",
- "password", "70617373776f7264415448454e412e4d49542e4544557261656275726e",
- "c01e38688ac86c2e", "c11f38688ac86d2f", "cbc22fae235298e3");
-
- test(tc);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/KeyDeriveTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/KeyDeriveTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/KeyDeriveTest.java
deleted file mode 100644
index 0540b62..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/KeyDeriveTest.java
+++ /dev/null
@@ -1,228 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.*;
-import org.apache.kerberos.kerb.crypto.key.AesKeyMaker;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.crypto.key.Des3KeyMaker;
-import org.apache.kerberos.kerb.crypto.key.DkKeyMaker;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.haox.util.HexUtil;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.util.Arrays;
-
-/**
- * Key derivation test with known values.
- */
-public class KeyDeriveTest {
-
- static class TestCase {
- EncryptionType encType;
- String inkey;
- String constant;
- String answer;
-
- TestCase(EncryptionType encType, String inkey,
- String constant, String answer) {
- this.encType = encType;
- this.inkey = inkey;
- this.constant = constant;
- this.answer = answer;
- }
- }
-
- static TestCase[] testCases = new TestCase[] {
- /* Kc, Ke, Kei for a DES3 key */
- new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "850BB51358548CD05E86768C313E3BFE" +
- "F7511937DCF72C3E",
- "0000000299",
- "F78C496D16E6C2DAE0E0B6C24057A84C" +
- "0426AEEF26FD6DCE"
- ),
- new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "850BB51358548CD05E86768C313E3BFE" +
- "F7511937DCF72C3E",
- "00000002AA",
- "5B5723D0B634CB684C3EBA5264E9A70D" +
- "52E683231AD3C4CE"
- ),
- new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "850BB51358548CD05E86768C313E3BFE" +
- "F7511937DCF72C3E",
- "0000000255",
- "A77C94980E9B7345A81525C423A737CE" +
- "67F4CD91B6B3DA45"
- ),
-
- /* Kc, Ke, Ki for an AES-128 key */
- new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "42263C6E89F4FC28B8DF68EE09799F15",
- "0000000299",
- "34280A382BC92769B2DA2F9EF066854B"
- ),
- new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "42263C6E89F4FC28B8DF68EE09799F15",
- "00000002AA",
- "5B14FC4E250E14DDF9DCCF1AF6674F53"
- ),
- new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "42263C6E89F4FC28B8DF68EE09799F15",
- "0000000255",
- "4ED31063621684F09AE8D89991AF3E8F"
- ),
-
- /* Kc, Ke, Ki for an AES-256 key */
- new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "FE697B52BC0D3CE14432BA036A92E65B" +
- "BB52280990A2FA27883998D72AF30161",
- "0000000299",
- "BFAB388BDCB238E9F9C98D6A878304F0" +
- "4D30C82556375AC507A7A852790F4674"
- ),
- new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "FE697B52BC0D3CE14432BA036A92E65B" +
- "BB52280990A2FA27883998D72AF30161",
- "00000002AA",
- "C7CFD9CD75FE793A586A542D87E0D139" +
- "6F1134A104BB1A9190B8C90ADA3DDF37"
- ),
- new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "FE697B52BC0D3CE14432BA036A92E65B" +
- "BB52280990A2FA27883998D72AF30161",
- "0000000255",
- "97151B4C76945063E2EB0529DC067D97" +
- "D7BBA90776D8126D91F34F3101AEA8BA"
- ),
-
- /* Kc, Ke, Ki for a Camellia-128 key */
- new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "57D0297298FFD9D35DE5A47FB4BDE24B",
- "0000000299",
- "D155775A209D05F02B38D42A389E5A56"
- ),
- new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "57D0297298FFD9D35DE5A47FB4BDE24B",
- "00000002AA",
- "64DF83F85A532F17577D8C37035796AB"
- ),
- new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "57D0297298FFD9D35DE5A47FB4BDE24B",
- "0000000255",
- "3E4FBDF30FB8259C425CB6C96F1F4635"
- ),
-
- /* Kc, Ke, Ki for a Camellia-256 key */
- new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "B9D6828B2056B7BE656D88A123B1FAC6" +
- "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
- "0000000299",
- "E467F9A9552BC7D3155A6220AF9C1922" +
- "0EEED4FF78B0D1E6A1544991461A9E50"
- ),
- new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "B9D6828B2056B7BE656D88A123B1FAC6" +
- "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
- "00000002AA",
- "412AEFC362A7285FC3966C6A5181E760" +
- "5AE675235B6D549FBFC9AB6630A4C604"
- ),
- new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "B9D6828B2056B7BE656D88A123B1FAC6" +
- "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
- "0000000255",
- "FA624FA0E523993FA388AEFDC67E67EB" +
- "CD8C08E8A0246B1D73B0D1DD9FC582B0"
- )
- };
-
- static DkKeyMaker getKeyMaker(EncryptionType encType) {
- switch (encType) {
- case DES3_CBC_SHA1:
- return new Des3KeyMaker(new Des3Provider());
- case AES128_CTS_HMAC_SHA1_96:
- return new AesKeyMaker(new Aes128Provider());
- case AES256_CTS_HMAC_SHA1_96:
- return new AesKeyMaker(new Aes256Provider());
- case CAMELLIA128_CTS_CMAC:
- return new CamelliaKeyMaker(new Camellia128Provider());
- case CAMELLIA256_CTS_CMAC:
- return new CamelliaKeyMaker(new Camellia256Provider());
- default:
- return null;
- }
- }
-
- @Test
- public void testDeriveKeys() {
- boolean overallResult = true;
-
- for (TestCase tc : testCases) {
- System.err.println("Key deriving test for " + tc.encType.getName());
- try {
- if (! testWith(tc)) {
- overallResult = false;
- }
- } catch (Exception e) {
- e.printStackTrace();
- overallResult = false;
- }
- }
-
- if (!overallResult) {
- Assert.fail();
- }
- }
-
- private boolean testWith(TestCase testCase) throws Exception {
- byte[] answer = HexUtil.hex2bytes(testCase.answer);
- byte[] inkey = HexUtil.hex2bytes(testCase.inkey);
- byte[] constant = HexUtil.hex2bytes(testCase.constant);
- byte[] outkey;
-
- DkKeyMaker km = getKeyMaker(testCase.encType);
- outkey = km.dk(inkey, constant);
- if (! Arrays.equals(answer, outkey)) {
- System.err.println("failed with:");
- System.err.println("outKey:" + HexUtil.bytesToHex(outkey));
- System.err.println("answer:" + testCase.answer);
- return false;
- }
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java b/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
deleted file mode 100644
index e2dd18c..0000000
--- a/haox-kerb/kerb-crypto/src/test/java/org/apache/kerberos/kerb/crypto/String2keyTest.java
+++ /dev/null
@@ -1,583 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.haox.util.HexUtil;
-import org.junit.Test;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-/**
- * By ref. MIT krb5 t_str2key.c and RFC3961 test vectors
- *
- * String 2 key test with known values.
- */
-public class String2keyTest {
-
- static class TestCase {
- EncryptionType encType;
- String password;
- String salt;
- String param;
- String answer;
- boolean allowWeak;
-
- TestCase(EncryptionType encType, String password, String salt, String param,
- String answer, boolean allowWeak) {
- this.encType = encType;
- this.password = password;
- this.salt = salt;
- this.param = param;
- this.answer = answer;
- this.allowWeak = allowWeak;
- }
- }
-
- /**
- * Test vectors from RFC 3961 appendix A.2.
- */
-
- @Test
- public void test_DES_CBC_CRC_0() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00",
- "CBC22FAE235298E3",
- false));
- }
-
- @Test
- public void test_DES_CBC_CRC_1() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- "potatoe",
- "WHITEHOUSE.GOVdanny",
- "00",
- "DF3D32A74FD92A01",
- false));
- }
-
- @Test
- public void test_DES_CBC_CRC_2() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- toUtf8("F09D849E"),
- "EXAMPLE.COMpianist",
- "00",
- "4FFB26BAB0CD9413",
- false));
- }
-
- @Test
- public void test_DES_CBC_CRC_3() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- toUtf8("C39F"),
- "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
- "00",
- "62C81A5232B5E69D",
- false));
- }
-
- @Test
- public void test_DES_CBC_CRC_4() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- "11119999",
- "AAAAAAAA",
- "00",
- "984054d0f1a73e31",
- false));
- }
-
- @Test
- public void test_DES_CBC_CRC_5() {
- performTest(new TestCase(
- EncryptionType.DES_CBC_CRC,
- "NNNN6666",
- "FFFFAAAA",
- "00",
- "C4BF6B25ADF7A4F8",
- false));
- }
-
- // Test vectors from RFC 3961 appendix A.4.
-
- @Test
- public void test_DES3_CBC_SHA1_0() {
- performTest(new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "password",
- "ATHENA.MIT.EDUraeburn",
- null,
- "850BB51358548CD05E86768C" +
- "313E3BFEF7511937DCF72C3E",
- false));
- }
-
- @Test
- public void test_DES3_CBC_SHA1_1() {
- performTest(new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "potatoe",
- "WHITEHOUSE.GOVdanny",
- null,
- "DFCD233DD0A43204EA6DC437" +
- "FB15E061B02979C1F74F377A",
- false));
- }
-
- @Test
- public void test_DES3_CBC_SHA1_2() {
- performTest(new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- "penny",
- "EXAMPLE.COMbuckaroo",
- null,
- "6D2FCDF2D6FBBC3DDCADB5DA" +
- "5710A23489B0D3B69D5D9D4A",
- false));
- }
-
- @Test
- public void test_DES3_CBC_SHA1_3() {
- performTest(new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- toUtf8("C39F"),
- "ATHENA.MIT.EDUJuri" + toUtf8("C5A169C487"),
- null,
- "16D5A40E1CE3BACB61B9DCE0" +
- "0470324C831973A7B952FEB0",
- false));
- }
-
- @Test
- public void test_DES3_CBC_SHA1_4() {
- performTest(new TestCase(
- EncryptionType.DES3_CBC_SHA1,
- toUtf8("F09D849E"),
- "EXAMPLE.COMpianist",
- null,
- "85763726585DBC1CCE6EC43E" +
- "1F751F07F1C4CBB098F40B19",
- false));
- }
-
- // Test vectors from RFC 3962 appendix B.
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_0() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000001",
- "42263C6E89F4FC28B8DF68EE09799F15",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_1() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000002",
- "C651BF29E2300AC27FA469D693BDDA13",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_2() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "000004B0", // 1200
- "4C01CD46D632D01E6DBE230A01ED642A",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_3() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "password",
- toUtf8("1234567878563412"),
- "00000005",
- "E9B23D52273747DD5C35CB55BE619D8E",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_4() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase exceeds block size",
- "000004B0", // 1200
- "CB8005DC5F90179A7F02104C0018751D",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_5() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- toUtf8("F09D849E"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "F149C1F2E154A73452D43E7FE62A56E5",
- true));
- }
-
- @Test
- public void test_AES128_CTS_HMAC_SHA1_96_6() {
- performTest(new TestCase(
- EncryptionType.AES128_CTS_HMAC_SHA1_96,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase equals block size",
- "000004B0", // 1200
- "59D1BB789A828B1AA54EF9C2883F69ED",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_0() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000001",
- "FE697B52BC0D3CE14432BA036A92E65B" +
- "BB52280990A2FA27883998D72AF30161",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_1() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000002",
- "A2E16D16B36069C135D5E9D2E25F8961" +
- "02685618B95914B467C67622225824FF",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_2() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "000004B0", // 1200
- "55A6AC740AD17B4846941051E1E8B0A7" +
- "548D93B0AB30A8BC3FF16280382B8C2A",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_3() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "password",
- toUtf8("1234567878563412"),
- "00000005",
- "97A4E786BE20D81A382D5EBC96D5909C" +
- "ABCDADC87CA48F574504159F16C36E31",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_4() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase equals block size",
- "000004B0", // 1200
- "89ADEE3608DB8BC71F1BFBFE459486B0" +
- "5618B70CBAE22092534E56C553BA4B34",
- true));
- }
-
-
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_5() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase exceeds block size",
- "000004B0", // 1200
- "D78C5C9CB872A8C9DAD4697F0BB5B2D2" +
- "1496C82BEB2CAEDA2112FCEEA057401B",
- true));
- }
-
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_6() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- toUtf8("F09D849E"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "4B6D9839F84406DF1F09CC166DB4B83C" +
- "571848B784A3D6BDC346589A3E393F9E",
- true));
- }
-
- // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden
- @Test
- public void test_AES256_CTS_HMAC_SHA1_96_7() {
- performTest(new TestCase(
- EncryptionType.AES256_CTS_HMAC_SHA1_96,
- toUtf8("F09D849E"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "4B6D9839F84406DF1F09CC166DB4B83C" +
- "571848B784A3D6BDC346589A3E393F9E",
- false));
- }
-
- // The same inputs applied to Camellia enctypes.
- @Test
- public void test_CAMELLIA128_CTS_CMAC_0() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000001",
- "57D0297298FFD9D35DE5A47FB4BDE24B",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_1() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000002",
- "73F1B53AA0F310F93B1DE8CCAA0CB152",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_2() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "000004B0", // 1200
- "8E571145452855575FD916E7B04487AA",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_3() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "password",
- toUtf8("1234567878563412"),
- "00000005",
- "00498FD916BFC1C2B1031C170801B381",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_4() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase equals block size",
- "000004B0", // 1200
- "8BF6C3EF709B981DBB585D086843BE05",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_5() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase exceeds block size",
- "000004B0", // 1200
- "5752AC8D6AD1CCFE8430B312871C2F74",
- true));
- }
-
- @Test
- public void test_CAMELLIA128_CTS_CMAC_6() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA128_CTS_CMAC,
- toUtf8("f09d849e"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "CC75C7FD260F1C1658011FCC0D560616",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_1() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000001",
- "B9D6828B2056B7BE656D88A123B1FAC6" +
- "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_2() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "00000002",
- "83FC5866E5F8F4C6F38663C65C87549F" +
- "342BC47ED394DC9D3CD4D163ADE375E3",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_3() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "password",
- "ATHENA.MIT.EDUraeburn",
- "000004B0", // 1200
- "77F421A6F25E138395E837E5D85D385B" +
- "4C1BFD772E112CD9208CE72A530B15E6",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_4() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "password",
- toUtf8("1234567878563412"),
- "00000005",
- "11083A00BDFE6A41B2F19716D6202F0A" +
- "FA94289AFE8B27A049BD28B1D76C389A",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_5() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase equals block size",
- "000004B0", // 1200
- "119FE2A1CB0B1BE010B9067A73DB63ED" +
- "4665B4E53A98D178035DCFE843A6B9B0",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_6() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
- "pass phrase exceeds block size",
- "000004B0", // 1200
- "614D5DFC0BA6D390B412B89AE4D5B088" +
- "B612B316510994679DDB4383C7126DDF",
- true));
- }
-
- @Test
- public void test_CAMELLIA256_CTS_CMAC_7() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- toUtf8("f09d849e"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "163B768C6DB148B4EEC7163DF5AED70E" +
- "206B68CEC078BC069ED68A7ED36B1ECC",
- true));
- }
-
- // Check for KRB5_ERR_BAD_S2K_PARAMS return when weak iteration counts are forbidden.
- @Test
- public void test_CAMELLIA256_CTS_CMAC_8() {
- performTest(new TestCase(
- EncryptionType.CAMELLIA256_CTS_CMAC,
- toUtf8("f09d849e"),
- "EXAMPLE.COMpianist",
- "00000032", // 50
- "163B768C6DB148B4EEC7163DF5AED70E" +
- "206B68CEC078BC069ED68A7ED36B1ECC",
- false));
- }
-
- /**
- * Convert hex string into password
- */
- private static String toUtf8(String string) {
- return new String(HexUtil.hex2bytes(string), StandardCharsets.UTF_8); // Per spec
- }
-
- /**
- * Perform all the checks for a testcase
- */
- private void performTest(TestCase testCase) {
- //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
- if (! EncryptionHandler.isImplemented(testCase.encType)) {
- System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());
- return;
- }
-
- try {
- assertTrue(testWith(testCase));
- } catch (Exception e) {
- fail(e.getMessage());
- }
- }
-
- /**
- * Do the actual test work
- */
- private boolean testWith(TestCase tc) throws Exception {
- byte[] answer = HexUtil.hex2bytes(tc.answer);
- byte[] params = tc.param != null ? HexUtil.hex2bytes(tc.param) : null;
- EncryptionKey outkey = EncryptionHandler.string2Key(tc.password, tc.salt, params, tc.encType);
- if (! Arrays.equals(answer, outkey.getKeyData())) {
- System.err.println("failed with:" + tc.salt);
- System.err.println("outKey:" + HexUtil.bytesToHex(outkey.getKeyData()));
- System.err.println("answer:" + tc.answer);
- return false;
- }
- return true;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt b/haox-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
deleted file mode 100644
index e6ebe8a..0000000
--- a/haox-kerb/kerb-crypto/src/test/resources/camellia-expect-vt.txt
+++ /dev/null
@@ -1,1036 +0,0 @@
-
-KEYSIZE=128
-
-KEY=00000000000000000000000000000000
-
-I=1
-PT=80000000000000000000000000000000
-CT=07923A39EB0A817D1C4D87BDB82D1F1C
-
-I=2
-PT=40000000000000000000000000000000
-CT=48CD6419809672D2349260D89A08D3D3
-
-I=3
-PT=20000000000000000000000000000000
-CT=D07493CCB2E95CE0B4945A05ACC97D82
-
-I=4
-PT=10000000000000000000000000000000
-CT=5DBE1EAC9F7080A88DBED7F6DA101448
-
-I=5
-PT=08000000000000000000000000000000
-CT=F01EE477D199DF2701027034B229622F
-
-I=6
-PT=04000000000000000000000000000000
-CT=C841587ABD9A912E563774CB569D051E
-
-I=7
-PT=02000000000000000000000000000000
-CT=1D9BC0C04546F0915C8CCD11391A455C
-
-I=8
-PT=01000000000000000000000000000000
-CT=05E6EBB4BA167F5C479CEFF3152F943B
-
-I=9
-PT=00800000000000000000000000000000
-CT=93211E0F788845B9FC0E4551FFE92AC9
-
-I=10
-PT=00400000000000000000000000000000
-CT=B6D35701CD8FADDE383BBE8E6B70BAF7
-
-I=11
-PT=00200000000000000000000000000000
-CT=8358F9F4EBCFEE348CB30551ACB151A0
-
-I=12
-PT=00100000000000000000000000000000
-CT=D57516EB5AD93C523E40521BF447AFCE
-
-I=13
-PT=00080000000000000000000000000000
-CT=66B2534C279C439133F52E5AD8B439A9
-
-I=14
-PT=00040000000000000000000000000000
-CT=A71C69184A9F63C2992A5F18F77C1FE9
-
-I=15
-PT=00020000000000000000000000000000
-CT=1ADCBE49AEACB9ECEBBD492B10E82C7B
-
-I=16
-PT=00010000000000000000000000000000
-CT=27E3BCFB227C5561DB6CF7FC30387036
-
-I=17
-PT=00008000000000000000000000000000
-CT=F4AE20365CC9D06B0CAE6B695ED2CEC1
-
-I=18
-PT=00004000000000000000000000000000
-CT=3DD682F0B641ED32AD3D43EA2A0456E4
-
-I=19
-PT=00002000000000000000000000000000
-CT=6E5D14A95ECC290B509EA6B673652E3A
-
-I=20
-PT=00001000000000000000000000000000
-CT=F1CDF0F8D7B3FFD95422D7CC0CF40B7B
-
-I=21
-PT=00000800000000000000000000000000
-CT=A9253D459A34C385A1F1B2CFFA3935C5
-
-I=22
-PT=00000400000000000000000000000000
-CT=291024D99FF09A47A1DEE45BA700AE52
-
-I=23
-PT=00000200000000000000000000000000
-CT=49241D9459B277187BB10081C60361C0
-
-I=24
-PT=00000100000000000000000000000000
-CT=AD9BA365CC4DD5553D2D9FE303841D88
-
-I=25
-PT=00000080000000000000000000000000
-CT=C2ECA616664A249DC622CC11196B4AE1
-
-I=26
-PT=00000040000000000000000000000000
-CT=6E1A2D4794BB0DC08777A0BC7523E70E
-
-I=27
-PT=00000020000000000000000000000000
-CT=6DB1F0CF59656BDD235E82B8CEF0BE8E
-
-I=28
-PT=00000010000000000000000000000000
-CT=52F239C5EAF401EBDC54D2F011FF4B6A
-
-I=29
-PT=00000008000000000000000000000000
-CT=6B58A08F648414B67FD6847D2AA51CBF
-
-I=30
-PT=00000004000000000000000000000000
-CT=2959DD5367885A75EB48053CF3251A36
-
-I=31
-PT=00000002000000000000000000000000
-CT=630B292E3B88EF641CDFD531E206605E
-
-I=32
-PT=00000001000000000000000000000000
-CT=4BBB88EF82B70593FCC56AFD91540FDB
-
-I=33
-PT=00000000800000000000000000000000
-CT=0A13055B118A45C606999257BD191426
-
-I=34
-PT=00000000400000000000000000000000
-CT=5CF8E5C9F15D7E4F865020224853EB77
-
-I=35
-PT=00000000200000000000000000000000
-CT=3898805042C7A4315C5EE51AF2DE47E2
-
-I=36
-PT=00000000100000000000000000000000
-CT=8D3F96372E87CBB0B375425B3A10B9E7
-
-I=37
-PT=00000000080000000000000000000000
-CT=4D9510A378BD784A70A66BCC75B7D3C8
-
-I=38
-PT=00000000040000000000000000000000
-CT=70DB1902D37CFBDFB98F7C516F79D416
-
-I=39
-PT=00000000020000000000000000000000
-CT=383C6C2AABEF7FDE25CD470BF774A331
-
-I=40
-PT=00000000010000000000000000000000
-CT=47CBCB5288349B1A15DC9F81FBEE6B8F
-
-I=41
-PT=00000000008000000000000000000000
-CT=21DA34D4468EEB13AED95DAE0FF48310
-
-I=42
-PT=00000000004000000000000000000000
-CT=021C9A8E6BD36FBD036411E5D852A80F
-
-I=43
-PT=00000000002000000000000000000000
-CT=6A459E2F839AF60ACDE83774D0BB5574
-
-I=44
-PT=00000000001000000000000000000000
-CT=C19255121F1B933CAE09E58AEC0E9977
-
-I=45
-PT=00000000000800000000000000000000
-CT=7BA949E27B2BE148A6B801F9305F43D5
-
-I=46
-PT=00000000000400000000000000000000
-CT=E8CEB1026BCF7BCEA32E8A380EA76DB7
-
-I=47
-PT=00000000000200000000000000000000
-CT=63F97747ED56A8F521B20CC65F6F9465
-
-I=48
-PT=00000000000100000000000000000000
-CT=2091CFDC629819106188424AC694F75B
-
-I=49
-PT=00000000000080000000000000000000
-CT=A91BDF8E8B88407942423CCE000527C4
-
-I=50
-PT=00000000000040000000000000000000
-CT=73F9B44B9635A3FD683DBF8D49E9825B
-
-I=51
-PT=00000000000020000000000000000000
-CT=9DC64B2133FAD5069FD9A7CC2FFFD1CC
-
-I=52
-PT=00000000000010000000000000000000
-CT=28240F81FEC36B71E13F1FEA7A7641E3
-
-I=53
-PT=00000000000008000000000000000000
-CT=20DD39FEE96CD2EFF972872A692B28FD
-
-I=54
-PT=00000000000004000000000000000000
-CT=47A9E40483EC1925B635E47E964E8E93
-
-I=55
-PT=00000000000002000000000000000000
-CT=9C0EBD822C49FB3D853DF5B315A87BA0
-
-I=56
-PT=00000000000001000000000000000000
-CT=C18D813FDB45A594C6DC24E5A1F6CE32
-
-I=57
-PT=00000000000000800000000000000000
-CT=7E5467FF245ECF80CB55C2D8E91F0711
-
-I=58
-PT=00000000000000400000000000000000
-CT=394D4365B77954FDEA4145FCF7A7A041
-
-I=59
-PT=00000000000000200000000000000000
-CT=B1D8311A492ED11F11E57B29221610C4
-
-I=60
-PT=00000000000000100000000000000000
-CT=E5FBB947A63AEA90163AF04AD6951EF8
-
-I=61
-PT=00000000000000080000000000000000
-CT=CA0627DDF580F0E7D59562825C9D0492
-
-I=62
-PT=00000000000000040000000000000000
-CT=EF98FFD1AED295AAE1860F0274C8F555
-
-I=63
-PT=00000000000000020000000000000000
-CT=8C698E5CFFF08FACE10C2DC5FF1E2A81
-
-I=64
-PT=00000000000000010000000000000000
-CT=35A7767E02032C35B5CE1A6F49C57C28
-
-I=65
-PT=00000000000000008000000000000000
-CT=AB36F8734E76EBA306CF00D6763D90B0
-
-I=66
-PT=00000000000000004000000000000000
-CT=E854EB66D4EC66889B5E6CD4F44A5806
-
-I=67
-PT=00000000000000002000000000000000
-CT=15B66DF1455ACD640B8716BCF5DB2D69
-
-I=68
-PT=00000000000000001000000000000000
-CT=4C57AB5333E5C2D4B7E30A007E449F48
-
-I=69
-PT=00000000000000000800000000000000
-CT=BA3E7FF28EB38EA09D8DB1440A9A3552
-
-I=70
-PT=00000000000000000400000000000000
-CT=64E60227AFD80C40C70186CC94804C1A
-
-I=71
-PT=00000000000000000200000000000000
-CT=CEB4423C20B4C91C2551F6FC227C9514
-
-I=72
-PT=00000000000000000100000000000000
-CT=F736894B843EF32DA28576DE500D448C
-
-I=73
-PT=00000000000000000080000000000000
-CT=58FDA98B678D15053D4B6C060368108C
-
-I=74
-PT=00000000000000000040000000000000
-CT=E28CAE384E578F47657755EBCD97996C
-
-I=75
-PT=00000000000000000020000000000000
-CT=0A64617BD4B5B166668240D105B7B6A2
-
-I=76
-PT=00000000000000000010000000000000
-CT=4BD090C7E3D365B5EA80F19B4798881E
-
-I=77
-PT=00000000000000000008000000000000
-CT=BC7B6CB9BFF4F72973BB2CD20A512C06
-
-I=78
-PT=00000000000000000004000000000000
-CT=4C7ADDC5C867594E9EE75F0AA6AB9C23
-
-I=79
-PT=00000000000000000002000000000000
-CT=1FBD05C71A36691AC6566A5298101D53
-
-I=80
-PT=00000000000000000001000000000000
-CT=42D7D6B1F499D412F8793972BD968DA2
-
-I=81
-PT=00000000000000000000800000000000
-CT=260EC86E2786FC68824576B934F32814
-
-I=82
-PT=00000000000000000000400000000000
-CT=576C26DFD7046F9357F34BEA7DFB26A0
-
-I=83
-PT=00000000000000000000200000000000
-CT=6D55E54BFB6F927174A02294C95E0F8F
-
-I=84
-PT=00000000000000000000100000000000
-CT=1A6CE91DD458229C7675A34950D10E23
-
-I=85
-PT=00000000000000000000080000000000
-CT=DAD0D5E7E000652825AA34D228EA8D8F
-
-I=86
-PT=00000000000000000000040000000000
-CT=E68013F48D75EAD2BBC0B0BDA5E690BF
-
-I=87
-PT=00000000000000000000020000000000
-CT=A07D92312FBAE37BFE8A834210AE4F9C
-
-I=88
-PT=00000000000000000000010000000000
-CT=6EEE5F8544CD7D456366EB448813989A
-
-I=89
-PT=00000000000000000000008000000000
-CT=F8E5C7FF4B79D7ABE8BFA2DD148820A8
-
-I=90
-PT=00000000000000000000004000000000
-CT=C6349D75C7472BBD66F95B3A07C79C91
-
-I=91
-PT=00000000000000000000002000000000
-CT=B85713C12D8658951CD1AD21C74D2CD2
-
-I=92
-PT=00000000000000000000001000000000
-CT=907AA00B9F7D47A97623FB55BA911F29
-
-I=93
-PT=00000000000000000000000800000000
-CT=DC3CD0ED23D11776FAB43A2A6A8F3557
-
-I=94
-PT=00000000000000000000000400000000
-CT=4BFE58A8FD69179C14765B09AB70B705
-
-I=95
-PT=00000000000000000000000200000000
-CT=A23996E0EA67EC280356E5F77130A551
-
-I=96
-PT=00000000000000000000000100000000
-CT=CDEADE859B3AACD273CCA85A3E2E45F2
-
-I=97
-PT=00000000000000000000000080000000
-CT=E0FC78489857D84DA03F40CE97147174
-
-I=98
-PT=00000000000000000000000040000000
-CT=7615EA6351F6BB12855E8579C6995D8E
-
-I=99
-PT=00000000000000000000000020000000
-CT=13E184344FE28C2E70ED0E4D0A8037F9
-
-I=100
-PT=00000000000000000000000010000000
-CT=A5FE395F568482B87BC3EB208C81C942
-
-I=101
-PT=00000000000000000000000008000000
-CT=B3103E11AF06C85565823F8CAA3159F6
-
-I=102
-PT=00000000000000000000000004000000
-CT=7EBC2234D271B89C519C396985300030
-
-I=103
-PT=00000000000000000000000002000000
-CT=0661D338F2E0C939BA1687820A768467
-
-I=104
-PT=00000000000000000000000001000000
-CT=EC2B42667C0195A90715499617884DA5
-
-I=105
-PT=00000000000000000000000000800000
-CT=AE077BA19D24E7188DDD3682FF196892
-
-I=106
-PT=00000000000000000000000000400000
-CT=98823C24B9C65A66073C7952DC2B4B5E
-
-I=107
-PT=00000000000000000000000000200000
-CT=6AB58432CBB3C2F503DA2D16796CC297
-
-I=108
-PT=00000000000000000000000000100000
-CT=EEB5EBB3A53E4196C2F22BC1A4DDF5E8
-
-I=109
-PT=00000000000000000000000000080000
-CT=33DC40AC5FDC126D38878416AF6C0FA6
-
-I=110
-PT=00000000000000000000000000040000
-CT=38EDDC08E18B4AD982CEA921D2765A9A
-
-I=111
-PT=00000000000000000000000000020000
-CT=7D6BEA038E9347C642E18631660A9558
-
-I=112
-PT=00000000000000000000000000010000
-CT=FDA57921A473B5EE3700AD5ADF035019
-
-I=113
-PT=00000000000000000000000000008000
-CT=699B4812E200337E9C1D2C397F0DFE4E
-
-I=114
-PT=00000000000000000000000000004000
-CT=7A1EADF68B0807145D6C414852DECFC8
-
-I=115
-PT=00000000000000000000000000002000
-CT=1645FFAA8AD76689C01DA8C40882781F
-
-I=116
-PT=00000000000000000000000000001000
-CT=BA0C053BE702FA62FC66D8FEB12FC97E
-
-I=117
-PT=00000000000000000000000000000800
-CT=841FD8AF69CF2C31F7D4D7B6959662B5
-
-I=118
-PT=00000000000000000000000000000400
-CT=F675D59BDB33231861268F539829DA0B
-
-I=119
-PT=00000000000000000000000000000200
-CT=A4967F45ABB4E8C7DC5E3806680F35E0
-
-I=120
-PT=00000000000000000000000000000100
-CT=4D7E08081CC82F92ABA7C58C99F8343F
-
-I=121
-PT=00000000000000000000000000000080
-CT=9AEFDB287C119B82353612B60ECCBFD8
-
-I=122
-PT=00000000000000000000000000000040
-CT=979BB6A1553A17592A86E78DF144A699
-
-I=123
-PT=00000000000000000000000000000020
-CT=A6FA8CAB06FD2E5BF3A858983C01757A
-
-I=124
-PT=00000000000000000000000000000010
-CT=BE8511254C31E25420B91D6FEF1710ED
-
-I=125
-PT=00000000000000000000000000000008
-CT=F589A908D18A21894971C0433581E1A5
-
-I=126
-PT=00000000000000000000000000000004
-CT=4237585130E7C9F715235EB1D8C94DE7
-
-I=127
-PT=00000000000000000000000000000002
-CT=DEFE3E0B5C54C94B4F2A0F5A46F6210D
-
-I=128
-PT=00000000000000000000000000000001
-CT=F5574ACC3148DFCB9015200631024DF9
-
-==========
-
-KEYSIZE=256
-
-KEY=0000000000000000000000000000000000000000000000000000000000000000
-
-I=1
-PT=80000000000000000000000000000000
-CT=B0C6B88AEA518AB09E847248E91B1B9D
-
-I=2
-PT=40000000000000000000000000000000
-CT=B8D7684E35FA1DB15BDCEE7A48659858
-
-I=3
-PT=20000000000000000000000000000000
-CT=F0CAD59AF92FBB79F36951E697492750
-
-I=4
-PT=10000000000000000000000000000000
-CT=117100F6635389560DC4A2DA24EBA70F
-
-I=5
-PT=08000000000000000000000000000000
-CT=DBDD62355553019ED84C35886421E532
-
-I=6
-PT=04000000000000000000000000000000
-CT=9CB8D04FA506F19848F7B9110518BFC8
-
-I=7
-PT=02000000000000000000000000000000
-CT=E4308E253BC3444D293500701BA82C6A
-
-I=8
-PT=01000000000000000000000000000000
-CT=EA2FAE53F7F30C0170A20E95A068503E
-
-I=9
-PT=00800000000000000000000000000000
-CT=14B14839EA221880B2C64D1FE000B93D
-
-I=10
-PT=00400000000000000000000000000000
-CT=A5CFC075B342D5101AACC334E73058BB
-
-I=11
-PT=00200000000000000000000000000000
-CT=477EA56B2EBAD0F8AC5E1936866560FF
-
-I=12
-PT=00100000000000000000000000000000
-CT=107E8598418404196EC59F63E45B7F6D
-
-I=13
-PT=00080000000000000000000000000000
-CT=FF6A891E7C1C074A68FEC291928FDD8D
-
-I=14
-PT=00040000000000000000000000000000
-CT=F64C250A13F45D377ADB7545B2B157A9
-
-I=15
-PT=00020000000000000000000000000000
-CT=FAD0F252086F11C830C65B63197CBC38
-
-I=16
-PT=00010000000000000000000000000000
-CT=9DCB89B209441F02AD0D25C6AB826629
-
-I=17
-PT=00008000000000000000000000000000
-CT=E62E4ED4E4F34EDC563710D960E09D4C
-
-I=18
-PT=00004000000000000000000000000000
-CT=98A1B926BA06895C3F2E84CCBACBC356
-
-I=19
-PT=00002000000000000000000000000000
-CT=29BE0BE4DB7F4D196718AEA38F3B0BFD
-
-I=20
-PT=00001000000000000000000000000000
-CT=F670C4EBECBA0B43E71F6D752BFD4854
-
-I=21
-PT=00000800000000000000000000000000
-CT=7D7666B4484CDB7E3605468E093A787C
-
-I=22
-PT=00000400000000000000000000000000
-CT=562D06B181C091DA6C43642AE99460C6
-
-I=23
-PT=00000200000000000000000000000000
-CT=AB0EFB5975E6186B7D76BC9672453488
-
-I=24
-PT=00000100000000000000000000000000
-CT=10C0756538E7BFF88D19AE2B1F7B859A
-
-I=25
-PT=00000080000000000000000000000000
-CT=AF7FCD5248F8C72F1695AA05DD1CADE0
-
-I=26
-PT=00000040000000000000000000000000
-CT=9841E555655609A75D7BE20B8A90EF1E
-
-I=27
-PT=00000020000000000000000000000000
-CT=27F9546E6A1B7464780000561783569C
-
-I=28
-PT=00000010000000000000000000000000
-CT=8671D935D7A8354EECB7288803D42D7A
-
-I=29
-PT=00000008000000000000000000000000
-CT=0DA44F508DEBC6F044394624FCEB8EBE
-
-I=30
-PT=00000004000000000000000000000000
-CT=AB137369BE6D93FBB18006BDB236EC09
-
-I=31
-PT=00000002000000000000000000000000
-CT=EB90C4E597A7E1779FFA260886E26F75
-
-I=32
-PT=00000001000000000000000000000000
-CT=618CF3588D5C128EAF252616230E08F7
-
-I=33
-PT=00000000800000000000000000000000
-CT=98DC4DB49D197AB9152D12B9DE2D73CA
-
-I=34
-PT=00000000400000000000000000000000
-CT=5BDDE24B15702A35E1F140C57D206443
-
-I=35
-PT=00000000200000000000000000000000
-CT=CF755809882BED8BA2F9F1A4ED296A2B
-
-I=36
-PT=00000000100000000000000000000000
-CT=F1A8DBB999538AE89D16F92A7F4D1DF1
-
-I=37
-PT=00000000080000000000000000000000
-CT=775222FDDAAECB81CF675C4E0B98179E
-
-I=38
-PT=00000000040000000000000000000000
-CT=12A648CADCD153C760A965826683119A
-
-I=39
-PT=00000000020000000000000000000000
-CT=0503FB10AB241E7CF45D8CDEEE474335
-
-I=40
-PT=00000000010000000000000000000000
-CT=3D299C0070CBBD831B802690B8E7CA24
-
-I=41
-PT=00000000008000000000000000000000
-CT=33105BD4D11D66753DC34D128BEFE3F4
-
-I=42
-PT=00000000004000000000000000000000
-CT=5EFCE2B4B987C0F77D27B44836881682
-
-I=43
-PT=00000000002000000000000000000000
-CT=7835449454128035D7F0EA99E327577B
-
-I=44
-PT=00000000001000000000000000000000
-CT=27BEDDA0601BE35122FB1D272D73AB3E
-
-I=45
-PT=00000000000800000000000000000000
-CT=54C3F99FF48E318CC515EDE75800C4B3
-
-I=46
-PT=00000000000400000000000000000000
-CT=C627C329F8E48299F6FDB23B9DBEA0BB
-
-I=47
-PT=00000000000200000000000000000000
-CT=1B6578F9E23BD8C1845A02431C5F9AA3
-
-I=48
-PT=00000000000100000000000000000000
-CT=6DB2FB8C0B9344D0547C0FF1292020C6
-
-I=49
-PT=00000000000080000000000000000000
-CT=4FAD9B2C37C131493FBEF53581FA4F83
-
-I=50
-PT=00000000000040000000000000000000
-CT=47502A01E93D2C87BD5584F6AFD3D99D
-
-I=51
-PT=00000000000020000000000000000000
-CT=056E1C6F651BFE50271B3B7A18E76D84
-
-I=52
-PT=00000000000010000000000000000000
-CT=5632BAF6627B3D96AD4E06FA6A561F55
-
-I=53
-PT=00000000000008000000000000000000
-CT=E29807CAACDFA2D41A7D9E91FA7FD8EB
-
-I=54
-PT=00000000000004000000000000000000
-CT=81DD44BB5D1822DEE605F9E6FF01D7B3
-
-I=55
-PT=00000000000002000000000000000000
-CT=5C3649925E47D7FF96482A8FBD9666FD
-
-I=56
-PT=00000000000001000000000000000000
-CT=695415A836E66E737887845EC08A1ADB
-
-I=57
-PT=00000000000000800000000000000000
-CT=F5416BCE292D9E2CEA5D1CC70BBAEED1
-
-I=58
-PT=00000000000000400000000000000000
-CT=7AEC4F1388FC29C47F7FED74ADDE8485
-
-I=59
-PT=00000000000000200000000000000000
-CT=82A9F1A6CE08BC4876E649D8A8EA7EB6
-
-I=60
-PT=00000000000000100000000000000000
-CT=B6296C88ADF1A792908B065EEB04BFC2
-
-I=61
-PT=00000000000000080000000000000000
-CT=E766A39AECCA40BDBFBE6FF3FA292913
-
-I=62
-PT=00000000000000040000000000000000
-CT=C6D081454EA00D83C23B5A62C84359E1
-
-I=63
-PT=00000000000000020000000000000000
-CT=85D259A79CCA80484504D1603F7A8F53
-
-I=64
-PT=00000000000000010000000000000000
-CT=D8291FA1C6DC250078824B2D0A20883F
-
-I=65
-PT=00000000000000008000000000000000
-CT=95387CB74C48FFBD1F8D64A6CC45E074
-
-I=66
-PT=00000000000000004000000000000000
-CT=A17F975F538F56CDF629B516011DE837
-
-I=67
-PT=00000000000000002000000000000000
-CT=B50B615A1654C6E1CB6AB33716C097FE
-
-I=68
-PT=00000000000000001000000000000000
-CT=7BBB2CBB874DF6C8B821DA7FB0F9011B
-
-I=69
-PT=00000000000000000800000000000000
-CT=E9EFE074D096A275E47CD2E6206DF6A1
-
-I=70
-PT=00000000000000000400000000000000
-CT=88F2F8D5A836406AE8BBB98C65BBDA55
-
-I=71
-PT=00000000000000000200000000000000
-CT=F64620D8D87585A3EF038B9AD58F5EA0
-
-I=72
-PT=00000000000000000100000000000000
-CT=694438EC141C8ED5F2F898B4554A298F
-
-I=73
-PT=00000000000000000080000000000000
-CT=3E6226EC7726A1EE5F5FA9B18CCE8C44
-
-I=74
-PT=00000000000000000040000000000000
-CT=8AB6949E79911647800B9E87362AB97A
-
-I=75
-PT=00000000000000000020000000000000
-CT=093C5CF24EDAF7F9F1C8A80DE4FF50A9
-
-I=76
-PT=00000000000000000010000000000000
-CT=28A36E50061F19E240351ED0E378CBF4
-
-I=77
-PT=00000000000000000008000000000000
-CT=B93BB36CB88BF26EA79198652AA51D3C
-
-I=78
-PT=00000000000000000004000000000000
-CT=DE4948083D044FAC9BCA6DA8CD67B8A6
-
-I=79
-PT=00000000000000000002000000000000
-CT=6E778B5BDA6CA118117E47470D080D3C
-
-I=80
-PT=00000000000000000001000000000000
-CT=0A9107324DA32B4281D032A3487EF875
-
-I=81
-PT=00000000000000000000800000000000
-CT=18ED5635312D71ABD123CCE779D4D68A
-
-I=82
-PT=00000000000000000000400000000000
-CT=2E3C63F95C4BC1F944BAB06DEDC9AA8E
-
-I=83
-PT=00000000000000000000200000000000
-CT=ACCC869EF07004C8C3C709083BE7BA2F
-
-I=84
-PT=00000000000000000000100000000000
-CT=DF60B34FB1A59147CC1FB049C1578206
-
-I=85
-PT=00000000000000000000080000000000
-CT=4228DC636C08E41021054AA0E1E2227A
-
-I=86
-PT=00000000000000000000040000000000
-CT=7CE27F66EFD735FFD6B3E1738C50495B
-
-I=87
-PT=00000000000000000000020000000000
-CT=F8E74B33A9CDE351DA0BBC06D69093D7
-
-I=88
-PT=00000000000000000000010000000000
-CT=AE0D22A5B37B8DC5D81CC641EED334D0
-
-I=89
-PT=00000000000000000000008000000000
-CT=C181C6CA5E163743458B9167A0B6A16A
-
-I=90
-PT=00000000000000000000004000000000
-CT=5171F4F6095E4B276CFBA1F07223FBE6
-
-I=91
-PT=00000000000000000000002000000000
-CT=2732F4D3A8C9D1D8D493840D6E0B864F
-
-I=92
-PT=00000000000000000000001000000000
-CT=3EF04E0059A061D973532CA5C1DFBE7B
-
-I=93
-PT=00000000000000000000000800000000
-CT=6D9A8F23579E4978EBAA87B5ADEB77E5
-
-I=94
-PT=00000000000000000000000400000000
-CT=BBD08873CC44BA4253C0C41FEEB7F124
-
-I=95
-PT=00000000000000000000000200000000
-CT=72E4B2437CBD283F3809CE686F6A591E
-
-I=96
-PT=00000000000000000000000100000000
-CT=6E5580514B92512B1BF4B1B987B9AA1B
-
-I=97
-PT=00000000000000000000000080000000
-CT=5EF5D0C5BCBDCB604D3A083B68CE0FA3
-
-I=98
-PT=00000000000000000000000040000000
-CT=9D991FDD723AD2182777A15CA0E0F665
-
-I=99
-PT=00000000000000000000000020000000
-CT=24440626EFC8F86BEA7DE78085AB8A22
-
-I=100
-PT=00000000000000000000000010000000
-CT=17C3630D62D13C1E826C0FCCBD74A864
-
-I=101
-PT=00000000000000000000000008000000
-CT=4CF5AB86A56AB134A7FE46CCE3F9FCE9
-
-I=102
-PT=00000000000000000000000004000000
-CT=3E6B9C0388F6D9B8F458F30221907607
-
-I=103
-PT=00000000000000000000000002000000
-CT=AD9C926B8A5CD98EEE88200617E59958
-
-I=104
-PT=00000000000000000000000001000000
-CT=AFF8AED5E075E02AF720CA4BF0028B3B
-
-I=105
-PT=00000000000000000000000000800000
-CT=D90EAFF909202BB209BB3BB8C7F9A954
-
-I=106
-PT=00000000000000000000000000400000
-CT=2C709B00E6A22F00F64A7D8EE341853F
-
-I=107
-PT=00000000000000000000000000200000
-CT=CCEC598F0D9F0BF201B2F487136D54A4
-
-I=108
-PT=00000000000000000000000000100000
-CT=73B2883A0A166AAE1BF14E60A5195FA3
-
-I=109
-PT=00000000000000000000000000080000
-CT=E676867BD9AD5EF915143388496779D7
-
-I=110
-PT=00000000000000000000000000040000
-CT=CDCB73D1BFCFD4BE7F1DAA9B1C6A4055
-
-I=111
-PT=00000000000000000000000000020000
-CT=02A3A5C89DAA24CD2C517F7A73286A89
-
-I=112
-PT=00000000000000000000000000010000
-CT=C0FA2AC9E92EE58C2DD12D6D43AB7035
-
-I=113
-PT=00000000000000000000000000008000
-CT=EDC2CB1F7291353BDBF2385519E6AE16
-
-I=114
-PT=00000000000000000000000000004000
-CT=B4B62D16D197A98CD3B978812B9D9884
-
-I=115
-PT=00000000000000000000000000002000
-CT=5CDFC95A529A905101CEA26BC1B891ED
-
-I=116
-PT=00000000000000000000000000001000
-CT=CC7150CD3650B98363296C7C4ED368D1
-
-I=117
-PT=00000000000000000000000000000800
-CT=CC57706B0C6526B8E25A5DBD32EACBDB
-
-I=118
-PT=00000000000000000000000000000400
-CT=30D30456AD98B182D64C649648F6AEC9
-
-I=119
-PT=00000000000000000000000000000200
-CT=D7E9DA7F631938EB649A08AF82FBD75F
-
-I=120
-PT=00000000000000000000000000000100
-CT=B8DA2AF6600B07895B5D0FFAF4991469
-
-I=121
-PT=00000000000000000000000000000080
-CT=0F6F64F930BA6C178943322B98114599
-
-I=122
-PT=00000000000000000000000000000040
-CT=8B1F247802E47C91BEE2AA34ECFD7A01
-
-I=123
-PT=00000000000000000000000000000020
-CT=7A6985778D3A66E97F23E01F0D0E45E7
-
-I=124
-PT=00000000000000000000000000000010
-CT=BA664AC39855518DFDEE10D1B3111FAE
-
-I=125
-PT=00000000000000000000000000000008
-CT=7C92854D801A1648F65CA81813DDBF83
-
-I=126
-PT=00000000000000000000000000000004
-CT=6A3F25AAB7E92D9CF378E5D9C040F26B
-
-I=127
-PT=00000000000000000000000000000002
-CT=3D4B2CDE666761BA5DFB305178E667FB
-
-I=128
-PT=00000000000000000000000000000001
-CT=9CDB269B5D293BC5DB9C55B057D9B591
-
-==========
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/pom.xml b/haox-kerb/kerb-identity/pom.xml
deleted file mode 100644
index df38c85..0000000
--- a/haox-kerb/kerb-identity/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-identity</artifactId>
-
- <name>Haox-kerb Identity</name>
- <description>Haox-kerb Identity</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-crypto</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Attribute.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Attribute.java b/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Attribute.java
deleted file mode 100644
index f0f18aa..0000000
--- a/haox-kerb/kerb-identity/src/main/java/org/apache/kerberos/kerb/identity/Attribute.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.identity;
-
-public abstract class Attribute {
- private String name;
-
- public Attribute(String name) {
- this.name = name;
- }
-
- public String getName() {
- return name;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-}
[36/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlag.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlag.java
deleted file mode 100644
index 4d2cca9..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlag.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth;
-
-import org.apache.kerberos.kerb.spec.KrbEnum;
-
-public enum PaFlag implements KrbEnum {
- NONE(-1),
- PA_REAL(0x01),
- PA_INFO(0x02);
-
- private final int value;
-
- private PaFlag(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static PaFlag fromValue(int value) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value) {
- return (PaFlag) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlags.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlags.java
deleted file mode 100644
index 0afae21..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PaFlags.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth;
-
-import org.apache.kerberos.kerb.spec.common.KrbFlags;
-
-public class PaFlags extends KrbFlags {
-
- public PaFlags() {
- this(0);
- }
-
- public PaFlags(int value) {
- setFlags(value);
- }
-
- public boolean isReal() {
- return isFlagSet(PaFlag.PA_REAL);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PluginRequestContext.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PluginRequestContext.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PluginRequestContext.java
deleted file mode 100644
index 78961b5..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PluginRequestContext.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth;
-
-/**
- * Per request per module
- */
-public interface PluginRequestContext {
- // Nothing here, just as a type mark
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PreauthPluginMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PreauthPluginMeta.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PreauthPluginMeta.java
deleted file mode 100644
index 7ae553a..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/PreauthPluginMeta.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth;
-
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public interface PreauthPluginMeta {
-
- public String getName();
-
- public int getVersion();
-
- public PaDataType[] getPaTypes();
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
deleted file mode 100644
index 56fe281..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/EncTsPreauthMeta.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.builtin;
-
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class EncTsPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "encrypted_timestamp";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.ENC_TIMESTAMP
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
deleted file mode 100644
index 772312c..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/builtin/TgtPreauthMeta.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.builtin;
-
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-/**
- * A faked preauth module for TGS request handling
- */
-public class TgtPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "TGT_preauth";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.TGS_REQ
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityOpts.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityOpts.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityOpts.java
deleted file mode 100644
index 336b8c6..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityOpts.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.pkinit;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class IdentityOpts {
-
- // From MIT Krb5 _pkinit_identity_opts
- public String identity;
- public List<String> AltIdentities = new ArrayList<String>(1);
- public List<String> anchors = new ArrayList<String>(4);
- public List<String> intermediates = new ArrayList<String>(2);
- public List<String> crls = new ArrayList<String>(2);
- public String ocsp;
- public IdentityType idType;
- public String certFile;
- public String keyFile;
-
- // PKCS11
- public String p11ModuleName;
- public int slotid;
- public String tokenLabel;
- public String certId;
- public String certLabel;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityType.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityType.java
deleted file mode 100644
index c8ab9ad..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/IdentityType.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.pkinit;
-
-public enum IdentityType {
- NONE,
- FILE,
- DIR,
- PKCS11,
- PKCS12,
- ENVVAR,
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitIdenity.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
deleted file mode 100644
index 8f5b30b..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitIdenity.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.pkinit;
-
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-public class PkinitIdenity {
-
- public static void processIdentityOption(IdentityOpts identityOpts, String value) {
- IdentityType idType = IdentityType.NONE;
- String residual = null;
- if (value.contains(":")) {
- if (value.startsWith("FILE:")) {
- idType = IdentityType.FILE;
- } else if (value.startsWith("PKCS11:")) {
- idType = IdentityType.PKCS11;
- } else if (value.startsWith("PKCS12:")) {
- idType = IdentityType.PKCS12;
- } else if (value.startsWith("DIR:")) {
- idType = IdentityType.DIR;
- } else if (value.startsWith("ENV:")) {
- idType = IdentityType.ENVVAR;
- } else {
- throw new RuntimeException("Invalid Identity option format: " + value);
- }
- } else {
- residual = value;
- idType = IdentityType.FILE;
- }
-
- identityOpts.idType = idType;
- switch (idType) {
- case ENVVAR:
- processIdentityOption(identityOpts, System.getenv(residual));
- break;
- case FILE:
- parseFileOption(identityOpts, residual);
- break;
- case PKCS11:
- parsePkcs11Option(identityOpts, residual);
- break;
- case PKCS12:
- parsePkcs12Option(identityOpts, residual);
- break;
- case DIR:
- identityOpts.certFile = residual;
- break;
- }
- }
-
- public static void parseFileOption(IdentityOpts identityOpts, String residual) {
- String[] parts = residual.split(",");
- String certName = null;
- String keyName = null;
-
- certName = parts[0];
- if (parts.length > 1) {
- keyName = parts[1];
- }
-
- identityOpts.certFile = certName;
- identityOpts.keyFile = keyName;
- }
-
- public static void parsePkcs12Option(IdentityOpts identityOpts, String residual) {
- identityOpts.certFile = residual;
- identityOpts.keyFile = residual;
- }
-
- public static void parsePkcs11Option(IdentityOpts identityOpts, String residual) {
- // TODO
- }
-
- public static void loadCerts(IdentityOpts identityOpts, PrincipalName principal) {
- switch (identityOpts.idType) {
- case FILE:
- loadCertsFromFile(identityOpts, principal);
- break;
- case DIR:
- loadCertsFromDir(identityOpts, principal);
- break;
- case PKCS11:
- loadCertsAsPkcs11(identityOpts, principal);
- break;
- case PKCS12:
- loadCertsAsPkcs12(identityOpts, principal);
- break;
- }
- }
-
- private static void loadCertsAsPkcs12(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsAsPkcs11(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsFromDir(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsFromFile(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- public static void initialize(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
deleted file mode 100644
index eb6e026..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PkinitPreauthMeta.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.pkinit;
-
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class PkinitPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "PKINIT";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.PK_AS_REQ,
- PaDataType.PK_AS_REP,
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PluginOpts.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PluginOpts.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PluginOpts.java
deleted file mode 100644
index 627155b..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/pkinit/PluginOpts.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.pkinit;
-
-import org.apache.haox.asn1.type.Asn1ObjectIdentifier;
-import org.apache.kerberos.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
-import org.apache.kerberos.kerb.spec.pa.pkinit.TrustedCertifiers;
-import org.apache.kerberos.kerb.spec.x509.AlgorithmIdentifier;
-
-public class PluginOpts {
-
- // From MIT Krb5 _pkinit_plg_opts
-
- // require EKU checking (default is true)
- public boolean requireEku = true;
- // accept secondary EKU (default is false)
- public boolean acceptSecondaryEku = false;
- // allow UPN-SAN instead of pkinit-SAN
- public boolean allowUpn = true;
- // selects DH or RSA based pkinit
- public boolean usingRsa = true;
- // require CRL for a CA (default is false)
- public boolean requireCrlChecking = false;
- // the size of the Diffie-Hellman key the client will attempt to use.
- // The acceptable values are 1024, 2048, and 4096. The default is 2048.
- public int dhMinBits = 2048;
-
- public AlgorithmIdentifiers createSupportedCMSTypes() {
- AlgorithmIdentifiers cmsAlgorithms = new AlgorithmIdentifiers();
- AlgorithmIdentifier des3Alg = new AlgorithmIdentifier();
- cmsAlgorithms.add(des3Alg);
-
- String oidStr = "DES3-OID";
- Asn1ObjectIdentifier des3Oid = new Asn1ObjectIdentifier(oidStr);
- des3Alg.setAlgorithm(des3Oid);
- des3Alg.setParameters(null);
-
- return cmsAlgorithms;
- }
-
- public TrustedCertifiers createTrustedCertifiers() {
- TrustedCertifiers trustedCertifiers = new TrustedCertifiers();
-
- return trustedCertifiers;
- }
-
- public byte[] createIssuerAndSerial() {
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/token/TokenPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/token/TokenPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/token/TokenPreauthMeta.java
deleted file mode 100644
index 7ce28e1..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/apache/kerberos/kerb/preauth/token/TokenPreauthMeta.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.preauth.token;
-
-import org.apache.kerberos.kerb.preauth.PreauthPluginMeta;
-import org.apache.kerberos.kerb.spec.pa.PaDataType;
-
-public class TokenPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "TokenPreauth";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.TOKEN_CHALLENGE,
- PaDataType.TOKEN_REQUEST
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/pom.xml
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/pom.xml b/haox-kerb/kerb-core-test/pom.xml
deleted file mode 100644
index 9c68a34..0000000
--- a/haox-kerb/kerb-core-test/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-kerb</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>kerb-core-test</artifactId>
-
- <name>haox-kerb-coreTest</name>
- <description>Kerb core tests</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-asn1</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-core</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-util</artifactId>
- <version>1.0-SNAPSHOT</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data b/haox-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data
deleted file mode 100644
index 7f3b582..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/aes128-kerberos-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes128-key-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes128-key-data b/haox-kerb/kerb-core-test/src/main/resources/aes128-key-data
deleted file mode 100644
index 4ba2540..0000000
--- a/haox-kerb/kerb-core-test/src/main/resources/aes128-key-data
+++ /dev/null
@@ -1 +0,0 @@
-����\���U�s�7"
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes128-spnego-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes128-spnego-data b/haox-kerb/kerb-core-test/src/main/resources/aes128-spnego-data
deleted file mode 100644
index 13c89e6..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/aes128-spnego-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data b/haox-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data
deleted file mode 100644
index b7d539f..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/aes256-kerberos-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes256-key-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes256-key-data b/haox-kerb/kerb-core-test/src/main/resources/aes256-key-data
deleted file mode 100644
index 24792c1..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/aes256-key-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/aes256-spnego-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/aes256-spnego-data b/haox-kerb/kerb-core-test/src/main/resources/aes256-spnego-data
deleted file mode 100644
index 6a7e55c..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/aes256-spnego-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/asrep.token
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/asrep.token b/haox-kerb/kerb-core-test/src/main/resources/asrep.token
deleted file mode 100644
index d77cff7..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/asrep.token and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/asreq.token
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/asreq.token b/haox-kerb/kerb-core-test/src/main/resources/asreq.token
deleted file mode 100644
index 6d503b3..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/asreq.token and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/des-kerberos-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/des-kerberos-data b/haox-kerb/kerb-core-test/src/main/resources/des-kerberos-data
deleted file mode 100644
index 3db6963..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/des-kerberos-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/des-key-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/des-key-data b/haox-kerb/kerb-core-test/src/main/resources/des-key-data
deleted file mode 100644
index 84a0c50..0000000
--- a/haox-kerb/kerb-core-test/src/main/resources/des-key-data
+++ /dev/null
@@ -1 +0,0 @@
-��2^�L�
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/des-pac-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/des-pac-data b/haox-kerb/kerb-core-test/src/main/resources/des-pac-data
deleted file mode 100644
index 7408111..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/des-pac-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/des-spnego-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/des-spnego-data b/haox-kerb/kerb-core-test/src/main/resources/des-spnego-data
deleted file mode 100644
index 04a56e8..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/des-spnego-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/exceptions.properties
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/exceptions.properties b/haox-kerb/kerb-core-test/src/main/resources/exceptions.properties
deleted file mode 100644
index c9cc814..0000000
--- a/haox-kerb/kerb-core-test/src/main/resources/exceptions.properties
+++ /dev/null
@@ -1,55 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-object.cast.fail=Unable to cast object from {0} to {1}.
-
-spnego.token.empty=Empty SPNego token.
-spnego.token.invalid=Not a valid SPNego token: {0}.
-spnego.token.malformed=Malformed SPNego token.
-spnego.field.invalid=Not a valid SPNego token field: {0}.
-
-
-kerberos.object.cast=Unable to cast Kerberos object from {0} to {1}.
-kerberos.token.empty=Empty Kerberos token.
-kerberos.token.invalid=Not a Kerberos token.
-kerberos.token.malformed=Malformed Kerberos token.
-kerberos.kdcReq.empty=Empty message.
-kerberos.kdcReq.invalid=Not a KRB_AP_REQ message.
-kerberos.ticket.empty=Empty Kerberos ticket.
-kerberos.ticket.invalid=Not a Kerberos v5 ticket.
-kerberos.ticket.malformed=Malformed Kerberos ticket.
-kerberos.field.invalid=Not a valid Kerberos ticket field: {0}.
-kerberos.field.malformed=Malformed Kerberos ticket field.
-kerberos.key.notfound=Unable to find appropriate key of type {0}.
-kerberos.version.invalid=Invalid version of Kerberos ticket: {0}.
-kerberos.login.fail=Unable to get server keys.
-kerberos.decrypt.fail=Unable to decrypt encrypted data using key of type {0}.
-
-pac.token.empty=Empty PAC token.
-pac.token.malformed=Malformed PAC token.
-pac.logoninfo.malformed=Malformed PAC logon info.
-pac.signature.malformed=Malformed PAC signature.
-pac.signature.invalid=Invalid PAC signature.
-pac.string.notempty=String not empty while expected null.
-pac.string.malformed.size=Inconsistent string lengths.
-pac.string.invalid.size=Inconsistent string size: {1}, expecting {0}.
-pac.groups.invalid.size=Group count ({0}) doesn't match the real number of groups ({1}) in the PAC.
-pac.extrasids.invalid.size=Extra SID count ({0}) doesn't match the real number of extra SID ({1}) in the PAC.
-pac.resourcegroups.invalid.size=Resource group count ({0}) doesn't match the real number of resource groups ({1}) in the PAC.
-pac.sid.malformed.size=Inconsistent SID length.
-pac.subauthority.malformed.size=Incorrect byte array length: {0}; must be multiple of 4.
-pac.version.invalid=Invalid version of PAC token: {0}.
-pac.check.fail=Unable to check PAC signature.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data b/haox-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data
deleted file mode 100644
index 6be7086..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/rc4-kerberos-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/rc4-key-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/rc4-key-data b/haox-kerb/kerb-core-test/src/main/resources/rc4-key-data
deleted file mode 100644
index 64f9d9c..0000000
--- a/haox-kerb/kerb-core-test/src/main/resources/rc4-key-data
+++ /dev/null
@@ -1 +0,0 @@
-l�܇y#�l�mv��k�
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/rc4-pac-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/rc4-pac-data b/haox-kerb/kerb-core-test/src/main/resources/rc4-pac-data
deleted file mode 100644
index df45f91..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/rc4-pac-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/rc4-spnego-data
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/rc4-spnego-data b/haox-kerb/kerb-core-test/src/main/resources/rc4-spnego-data
deleted file mode 100644
index 91cbe26..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/rc4-spnego-data and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/server.keytab
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/server.keytab b/haox-kerb/kerb-core-test/src/main/resources/server.keytab
deleted file mode 100644
index b44347c..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/server.keytab and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/tgsrep.token
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/tgsrep.token b/haox-kerb/kerb-core-test/src/main/resources/tgsrep.token
deleted file mode 100644
index 25d6270..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/tgsrep.token and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/main/resources/tgsreq.token
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/tgsreq.token b/haox-kerb/kerb-core-test/src/main/resources/tgsreq.token
deleted file mode 100644
index 69f6b46..0000000
Binary files a/haox-kerb/kerb-core-test/src/main/resources/tgsreq.token and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/README.txt
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/README.txt b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/README.txt
deleted file mode 100644
index f1e0a3f..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/README.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-This project is simple for integration testing purpose. It's inspired by and originated from JaasLaunge.
-Eventually I will replace most of the codes by mine or get the granting permission of the author.
-
-http://jaaslounge.sourceforge.net/
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/AuthzDataUtil.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
deleted file mode 100644
index 77c1548..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/AuthzDataUtil.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.codec.pac.Pac;
-import org.apache.kerberos.kerb.spec.common.AuthorizationData;
-import org.apache.kerberos.kerb.spec.common.AuthorizationDataEntry;
-import org.apache.kerberos.kerb.spec.common.AuthorizationType;
-
-import java.io.IOException;
-import java.util.List;
-
-public class AuthzDataUtil {
-
- public static Pac getPac(AuthorizationData authzData, byte[] serverKey) throws IOException, KrbException {
- AuthorizationDataEntry ifRelevantAd = null;
- for (AuthorizationDataEntry entry : authzData.getElements()) {
- if (entry.getAuthzType() == AuthorizationType.AD_IF_RELEVANT) {
- ifRelevantAd = entry;
- break;
- }
- }
-
- if (ifRelevantAd != null) {
- List<AuthorizationDataEntry> entries = decode(ifRelevantAd);
- for (AuthorizationDataEntry entry : entries) {
- if (entry.getAuthzType() == AuthorizationType.AD_WIN2K_PAC) {
- return decodeAsPac(entry, serverKey);
- }
- }
- }
-
- return null;
- }
-
- public static List<AuthorizationDataEntry> decode(AuthorizationDataEntry entry) throws IOException {
- AuthorizationData authzData = new AuthorizationData();
- authzData.decode(entry.getAuthzData());
- return authzData.getElements();
- }
-
- public static Pac decodeAsPac(AuthorizationDataEntry entry, byte[] key) throws IOException, KrbException {
- if (entry.getAuthzType() != AuthorizationType.AD_WIN2K_PAC) {
- throw new IllegalArgumentException("Not AD_WIN2K_PAC type: " + entry.getAuthzType().name());
- }
-
- return new Pac(entry.getAuthzData(), key);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosApRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosApRequest.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosApRequest.java
deleted file mode 100644
index bb2ad72..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosApRequest.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.spec.ap.ApOptions;
-import org.apache.kerberos.kerb.spec.ap.ApReq;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-
-import java.io.IOException;
-
-public class KerberosApRequest {
- private ApReq apReq;
- private KerberosTicket ticket;
-
- public KerberosApRequest(byte[] token, EncryptionKey key) throws Exception {
- if(token.length <= 0) {
- throw new IOException("kerberos request empty");
- }
-
- apReq = KrbCodec.decode(token, ApReq.class);
- ticket = new KerberosTicket(apReq.getTicket(), apReq.getApOptions(), key);
- }
-
- public ApOptions getApOptions() throws KrbException {
- return apReq.getApOptions();
- }
-
- public KerberosTicket getTicket() {
- return ticket;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosConstants.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosConstants.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosConstants.java
deleted file mode 100644
index a09e349..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosConstants.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-public interface KerberosConstants {
-
- static final String KERBEROS_OID = "1.2.840.113554.1.2.2";
- static final String KERBEROS_VERSION = "5";
-
- static final String KERBEROS_AP_REQ = "14";
-
- static final int AF_INTERNET = 2;
- static final int AF_CHANET = 5;
- static final int AF_XNS = 6;
- static final int AF_ISO = 7;
-
- static final int AUTH_DATA_RELEVANT = 1;
- static final int AUTH_DATA_PAC = 128;
-
- static final int DES_ENC_TYPE = 3;
- static final int RC4_ENC_TYPE = 23;
- static final String RC4_ALGORITHM = "ARCFOUR";
- static final String HMAC_ALGORITHM = "HmacMD5";
- static final int CONFOUNDER_SIZE = 8;
- static final int CHECKSUM_SIZE = 16;
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosCredentials.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosCredentials.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosCredentials.java
deleted file mode 100644
index a512b5f..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosCredentials.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-import org.apache.kerberos.kerb.keytab.Keytab;
-import org.apache.kerberos.kerb.keytab.KeytabEntry;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-import org.apache.kerberos.kerb.spec.common.PrincipalName;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public class KerberosCredentials {
-
- private static Keytab keytab;
-
- private static void init() throws IOException {
- InputStream kis = KerberosCredentials.class.getResourceAsStream("/server.keytab");
- keytab = new Keytab();
- keytab.load(kis);
- }
-
- public static EncryptionKey getServerKey(EncryptionType etype) throws IOException {
- if (keytab == null) {
- init();
- }
-
- for (PrincipalName principal : keytab.getPrincipals()) {
- for (KeytabEntry entry : keytab.getKeytabEntries(principal)) {
- if (entry.getKey().getKeyType() == etype) {
- return entry.getKey();
- }
- }
- }
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosTicket.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosTicket.java
deleted file mode 100644
index 805db38..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosTicket.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.codec.KrbCodec;
-import org.apache.kerberos.kerb.crypto.EncryptionHandler;
-import org.apache.kerberos.kerb.spec.ap.ApOptions;
-import org.apache.kerberos.kerb.spec.common.AuthorizationData;
-import org.apache.kerberos.kerb.spec.common.EncryptedData;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-import org.apache.kerberos.kerb.spec.ticket.EncTicketPart;
-import org.apache.kerberos.kerb.spec.ticket.Ticket;
-
-import java.util.Arrays;
-
-public class KerberosTicket {
- private String serverPrincipalName;
- private String serverRealm;
- private Ticket ticket;
-
- public KerberosTicket(Ticket ticket, ApOptions apOptions, EncryptionKey key)
- throws Exception {
- this.ticket = ticket;
-
- byte[] decrypted = EncryptionHandler.decrypt(
- ticket.getEncryptedEncPart(), key, KeyUsage.KDC_REP_TICKET);
-
- EncTicketPart encPart = KrbCodec.decode(decrypted, EncTicketPart.class);
- ticket.setEncPart(encPart);
-
- /**
- * Also test encryption by the way
- */
- EncryptedData encrypted = EncryptionHandler.encrypt(
- decrypted, key, KeyUsage.KDC_REP_TICKET);
-
- byte[] decrypted2 = EncryptionHandler.decrypt(
- encrypted, key, KeyUsage.KDC_REP_TICKET);
- if (!Arrays.equals(decrypted, decrypted2)) {
- throw new KrbException("Encryption checking failed after decryption");
- }
- }
-
- public String getUserPrincipalName() throws KrbException {
- return ticket.getEncPart().getCname().getName();
- }
-
- public String getUserRealm() throws KrbException {
- return ticket.getEncPart().getCrealm();
- }
-
- public String getServerPrincipalName() throws KrbException {
- return ticket.getSname().getName();
- }
-
- public String getServerRealm() throws KrbException {
- return ticket.getRealm();
- }
-
- public AuthorizationData getAuthorizationData() throws KrbException {
- return ticket.getEncPart().getAuthorizationData();
- }
-
- public Ticket getTicket() {
- return ticket;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosToken.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosToken.java
deleted file mode 100644
index 26e2db8..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/kerberos/KerberosToken.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.kerberos;
-
-import org.apache.haox.asn1.Asn1InputBuffer;
-import org.apache.haox.asn1.type.Asn1Item;
-import org.apache.kerberos.kerb.spec.common.EncryptionKey;
-
-import java.io.IOException;
-
-public class KerberosToken {
-
- private KerberosApRequest apRequest;
-
- public KerberosToken(byte[] token) throws Exception {
- this(token, null);
- }
-
- public KerberosToken(byte[] token, EncryptionKey key) throws Exception {
-
- if(token.length <= 0)
- throw new IOException("kerberos.token.empty");
-
- Asn1InputBuffer buffer = new Asn1InputBuffer(token);
-
- Asn1Item value = (Asn1Item) buffer.read();
- if(! value.isAppSpecific() && ! value.isConstructed())
- throw new IOException("kerberos.token.malformed");
-
- buffer = new Asn1InputBuffer(value.getBodyContent());
- buffer.skipNext();
-
- buffer.skipBytes(2);
-
- apRequest = new KerberosApRequest(buffer.readAllLeftBytes(), key);
- }
-
- public KerberosApRequest getApRequest() {
- return apRequest;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/Pac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/Pac.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/Pac.java
deleted file mode 100644
index 560ed17..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/Pac.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.crypto.CheckSumHandler;
-import org.apache.kerberos.kerb.spec.common.CheckSum;
-import org.apache.kerberos.kerb.spec.common.KeyUsage;
-
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-
-public class Pac {
-
- private PacLogonInfo logonInfo;
- private PacCredentialType credentialType;
- private PacSignature serverSignature;
- private PacSignature kdcSignature;
-
- public Pac(byte[] data, byte[] key) throws KrbException {
- byte[] checksumData = data.clone();
- try {
- PacDataInputStream pacStream = new PacDataInputStream(new DataInputStream(
- new ByteArrayInputStream(data)));
-
- if(data.length <= 8)
- throw new IOException("pac.token.empty");
-
- int bufferCount = pacStream.readInt();
- int version = pacStream.readInt();
-
- if(version != PacConstants.PAC_VERSION) {
- Object[] args = new Object[]{version};
- throw new IOException("pac.version.invalid");
- }
-
- for(int bufferIndex = 0; bufferIndex < bufferCount; bufferIndex++) {
- int bufferType = pacStream.readInt();
- int bufferSize = pacStream.readInt();
- long bufferOffset = pacStream.readLong();
- byte[] bufferData = new byte[bufferSize];
- System.arraycopy(data, (int)bufferOffset, bufferData, 0, bufferSize);
-
- switch (bufferType) {
- case PacConstants.LOGON_INFO:
- // PAC Credential Information
- logonInfo = new PacLogonInfo(bufferData);
- break;
- case PacConstants.CREDENTIAL_TYPE:
- // PAC Credential Type
- credentialType = new PacCredentialType(bufferData);
- break;
- case PacConstants.SERVER_CHECKSUM:
- // PAC Server Signature
- serverSignature = new PacSignature(bufferData);
- // Clear signature from checksum copy
- for(int i = 0; i < bufferSize; i++)
- checksumData[(int)bufferOffset + 4 + i] = 0;
- break;
- case PacConstants.PRIVSVR_CHECKSUM:
- // PAC KDC Signature
- kdcSignature = new PacSignature(bufferData);
- // Clear signature from checksum copy
- for(int i = 0; i < bufferSize; i++)
- checksumData[(int)bufferOffset + 4 + i] = 0;
- break;
- default:
- }
- }
- } catch(IOException e) {
- throw new KrbException("pac.token.malformed", e);
- }
-
- CheckSum checksum = new CheckSum(serverSignature.getType(), serverSignature.getChecksum());
- if (! CheckSumHandler.verifyWithKey(checksum, checksumData, key, KeyUsage.APP_DATA_CKSUM)) {
- throw new KrbException("Check sum verifying failed");
- }
- }
-
- public PacLogonInfo getLogonInfo() {
- return logonInfo;
- }
-
- public PacCredentialType getCredentialType() {
- return credentialType;
- }
-
- public PacSignature getServerSignature() {
- return serverSignature;
- }
-
- public PacSignature getKdcSignature() {
- return kdcSignature;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacConstants.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacConstants.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacConstants.java
deleted file mode 100644
index c076d4e..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacConstants.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-public interface PacConstants {
-
- static final int PAC_VERSION = 0;
-
- static final int LOGON_INFO = 1;
- static final int CREDENTIAL_TYPE = 2;
- static final int SERVER_CHECKSUM = 6;
- static final int PRIVSVR_CHECKSUM = 7;
-
- static final int LOGON_EXTRA_SIDS = 0x20;
- static final int LOGON_RESOURCE_GROUPS = 0x200;
-
- static final long FILETIME_BASE = -11644473600000L;
-
- static final int MD5_KRB_SALT = 17;
- static final int MD5_BLOCK_LENGTH = 64;
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacCredentialType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacCredentialType.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacCredentialType.java
deleted file mode 100644
index 8d42528..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacCredentialType.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.IOException;
-
-public class PacCredentialType {
-
- private static final int MINIMAL_BUFFER_SIZE = 32;
-
- private byte[] credentialType;
-
- public PacCredentialType(byte[] data) throws IOException {
- credentialType = data;
- if(!isCredentialTypeCorrect()) {
- throw new IOException("pac.credentialtype.malformed");
- }
- }
-
- public boolean isCredentialTypeCorrect() {
- return credentialType != null && credentialType.length < MINIMAL_BUFFER_SIZE;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacDataInputStream.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacDataInputStream.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacDataInputStream.java
deleted file mode 100644
index 81f41e5..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacDataInputStream.java
+++ /dev/null
@@ -1,158 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.util.Date;
-
-public class PacDataInputStream {
-
- private DataInputStream dis;
- private int size;
-
- public PacDataInputStream(InputStream in) throws IOException {
- dis = new DataInputStream(in);
- size = in.available();
- }
-
- public void align(int mask) throws IOException {
- int position = size - dis.available();
- int shift = position & mask - 1;
- if(mask != 0 && shift != 0)
- dis.skip(mask - shift);
- }
-
- public int available() throws IOException {
- return dis.available();
- }
-
- public void readFully(byte[] b) throws IOException {
- dis.readFully(b);
- }
-
- public void readFully(byte[] b, int off, int len) throws IOException {
- dis.readFully(b, off, len);
- }
-
- public char readChar() throws IOException {
- align(2);
- return dis.readChar();
- }
-
- public byte readByte() throws IOException {
- return dis.readByte();
- }
-
- public short readShort() throws IOException {
- align(2);
- return Short.reverseBytes((short)dis.readShort());
- }
-
- public int readInt() throws IOException {
- align(4);
- return Integer.reverseBytes(dis.readInt());
- }
-
- public long readLong() throws IOException {
- align(8);
- return Long.reverseBytes(dis.readLong());
- }
-
- public int readUnsignedByte() throws IOException {
- return ((int)readByte()) & 0xff;
- }
-
- public long readUnsignedInt() throws IOException {
- return ((long)readInt()) & 0xffffffffL;
- }
-
- public int readUnsignedShort() throws IOException {
- return ((int)readShort()) & 0xffff;
- }
-
- public Date readFiletime() throws IOException {
- Date date = null;
-
- long last = readUnsignedInt();
- long first = readUnsignedInt();
- if(first != 0x7fffffffL && last != 0xffffffffL) {
- BigInteger lastBigInt = BigInteger.valueOf(last);
- BigInteger firstBigInt = BigInteger.valueOf(first);
- BigInteger completeBigInt = lastBigInt.add(firstBigInt.shiftLeft(32));
- completeBigInt = completeBigInt.divide(BigInteger.valueOf(10000L));
- completeBigInt = completeBigInt.add(BigInteger.valueOf(PacConstants.FILETIME_BASE));
- date = new Date(completeBigInt.longValue());
- }
-
- return date;
- }
-
- public PacUnicodeString readUnicodeString() throws IOException {
- short length = readShort();
- short maxLength = readShort();
- int pointer = readInt();
-
- if(maxLength < length) {
- throw new IOException("pac.string.malformed.size");
- }
-
- return new PacUnicodeString(length, maxLength, pointer);
- }
-
- public String readString() throws IOException {
- int totalChars = readInt();
- int unusedChars = readInt();
- int usedChars = readInt();
-
- if(unusedChars > totalChars || usedChars > totalChars - unusedChars)
- throw new IOException("pac.string.malformed.size");
-
- dis.skip(unusedChars * 2);
- char[] chars = new char[usedChars];
- for(int l = 0; l < usedChars; l++)
- chars[l] = (char)readShort();
-
- return new String(chars);
- }
-
- public PacSid readId() throws IOException {
- byte[] bytes = new byte[4];
- readFully(bytes);
-
- return PacSid.createFromSubs(bytes);
- }
-
- public PacSid readSid() throws IOException {
- int sidSize = readInt();
-
- byte[] bytes = new byte[8 + sidSize * 4];
- readFully(bytes);
-
- return new PacSid(bytes);
- }
-
- public int skipBytes(int n) throws IOException {
- return dis.skipBytes(n);
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacGroup.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacGroup.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacGroup.java
deleted file mode 100644
index 3f159ff..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacGroup.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-public class PacGroup {
-
- private PacSid id;
- private int attributes;
-
- public PacGroup(PacSid id, int attributes) {
- super();
- this.id = id;
- this.attributes = attributes;
- }
-
- public PacSid getId() {
- return id;
- }
-
- public int getAttributes() {
- return attributes;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacLogonInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacLogonInfo.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacLogonInfo.java
deleted file mode 100644
index 61d436e..0000000
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/pac/PacLogonInfo.java
+++ /dev/null
@@ -1,322 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.codec.pac;
-
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.util.Date;
-
-public class PacLogonInfo {
-
- private Date logonTime;
- private Date logoffTime;
- private Date kickOffTime;
- private Date pwdLastChangeTime;
- private Date pwdCanChangeTime;
- private Date pwdMustChangeTime;
- private short logonCount;
- private short badPasswordCount;
- private String userName;
- private String userDisplayName;
- private String logonScript;
- private String profilePath;
- private String homeDirectory;
- private String homeDrive;
- private String serverName;
- private String domainName;
- private PacSid userSid;
- private PacSid groupSid;
- private PacSid[] groupSids;
- private PacSid[] resourceGroupSids;
- private PacSid[] extraSids;
- private int userAccountControl;
- private int userFlags;
-
- public PacLogonInfo(byte[] data) throws IOException {
- try {
- PacDataInputStream pacStream = new PacDataInputStream(new DataInputStream(
- new ByteArrayInputStream(data)));
-
- // Skip firsts
- pacStream.skipBytes(20);
-
- // Dates
- logonTime = pacStream.readFiletime();
- logoffTime = pacStream.readFiletime();
- kickOffTime = pacStream.readFiletime();
- pwdLastChangeTime = pacStream.readFiletime();
- pwdCanChangeTime = pacStream.readFiletime();
- pwdMustChangeTime = pacStream.readFiletime();
-
- // User related strings as UnicodeStrings
- PacUnicodeString userNameString = pacStream.readUnicodeString();
- PacUnicodeString userDisplayNameString = pacStream.readUnicodeString();
- PacUnicodeString logonScriptString = pacStream.readUnicodeString();
- PacUnicodeString profilePathString = pacStream.readUnicodeString();
- PacUnicodeString homeDirectoryString = pacStream.readUnicodeString();
- PacUnicodeString homeDriveString = pacStream.readUnicodeString();
-
- // Some counts
- logonCount = pacStream.readShort();
- badPasswordCount = pacStream.readShort();
-
- // IDs for user
- PacSid userId = pacStream.readId();
- PacSid groupId = pacStream.readId();
-
- // Groups information
- int groupCount = pacStream.readInt();
- int groupPointer = pacStream.readInt();
-
- // User flags about PAC Logon Info content
- userFlags = pacStream.readInt();
- boolean hasExtraSids = (userFlags & PacConstants.LOGON_EXTRA_SIDS) == PacConstants.LOGON_EXTRA_SIDS;
- boolean hasResourceGroups = (userFlags & PacConstants.LOGON_RESOURCE_GROUPS) == PacConstants.LOGON_RESOURCE_GROUPS;
-
- // Skip some reserved fields (User Session Key)
- pacStream.skipBytes(16);
-
- // Server related strings as UnicodeStrings
- PacUnicodeString serverNameString = pacStream.readUnicodeString();
- PacUnicodeString domainNameString = pacStream.readUnicodeString();
-
- // ID for domain (used with relative IDs to get SIDs)
- int domainIdPointer = pacStream.readInt();
-
- // Skip some reserved fields
- pacStream.skipBytes(8);
-
- userAccountControl = pacStream.readInt();
-
- // Skip some reserved fields
- pacStream.skipBytes(28);
-
- // Extra SIDs information
- int extraSidCount = pacStream.readInt();
- int extraSidPointer = pacStream.readInt();
-
- // ID for resource groups domain (used with IDs to get SIDs)
- int resourceDomainIdPointer = pacStream.readInt();
-
- // Resource groups information
- int resourceGroupCount = pacStream.readInt();
- int resourceGroupPointer = pacStream.readInt();
-
- // User related strings
- userName = userNameString.check(pacStream.readString());
- userDisplayName = userDisplayNameString.check(pacStream.readString());
- logonScript = logonScriptString.check(pacStream.readString());
- profilePath = profilePathString.check(pacStream.readString());
- homeDirectory = homeDirectoryString.check(pacStream.readString());
- homeDrive = homeDriveString.check(pacStream.readString());
-
- // Groups data
- PacGroup[] groups = new PacGroup[0];
- if(groupPointer != 0) {
- int realGroupCount = pacStream.readInt();
- if(realGroupCount != groupCount) {
- Object[] args = new Object[]{groupCount, realGroupCount};
- throw new IOException("pac.groups.invalid.size");
- }
- groups = new PacGroup[groupCount];
- for(int i = 0; i < groupCount; i++) {
- pacStream.align(4);
- PacSid id = pacStream.readId();
- int attributes = pacStream.readInt();
- groups[i] = new PacGroup(id, attributes);
- }
- }
-
- // Server related strings
- serverName = serverNameString.check(pacStream.readString());
- domainName = domainNameString.check(pacStream.readString());
-
- // ID for domain (used with relative IDs to get SIDs)
- PacSid domainId = null;
- if(domainIdPointer != 0)
- domainId = pacStream.readSid();
-
- // Extra SIDs data
- PacSidAttributes[] extraSidAtts = new PacSidAttributes[0];
- if(hasExtraSids && extraSidPointer != 0) {
- int realExtraSidCount = pacStream.readInt();
- if(realExtraSidCount != extraSidCount) {
- Object[] args = new Object[]{extraSidCount, realExtraSidCount};
- throw new IOException("pac.extrasids.invalid.size");
- }
- extraSidAtts = new PacSidAttributes[extraSidCount];
- int[] pointers = new int[extraSidCount];
- int[] attributes = new int[extraSidCount];
- for(int i = 0; i < extraSidCount; i++) {
- pointers[i] = pacStream.readInt();
- attributes[i] = pacStream.readInt();
- }
- for(int i = 0; i < extraSidCount; i++) {
- PacSid sid = (pointers[i] != 0) ? pacStream.readSid() : null;
- extraSidAtts[i] = new PacSidAttributes(sid, attributes[i]);
- }
- }
-
- // ID for resource domain (used with relative IDs to get SIDs)
- PacSid resourceDomainId = null;
- if(resourceDomainIdPointer != 0)
- resourceDomainId = pacStream.readSid();
-
- // Resource groups data
- PacGroup[] resourceGroups = new PacGroup[0];
- if(hasResourceGroups && resourceGroupPointer != 0) {
- int realResourceGroupCount = pacStream.readInt();
- if(realResourceGroupCount != resourceGroupCount) {
- Object[] args = new Object[]{resourceGroupCount, realResourceGroupCount};
- throw new IOException("pac.resourcegroups.invalid.size");
- }
- resourceGroups = new PacGroup[resourceGroupCount];
- for(int i = 0; i < resourceGroupCount; i++) {
- PacSid id = pacStream.readSid();
- int attributes = pacStream.readInt();
- resourceGroups[i] = new PacGroup(id, attributes);
- }
- }
-
- // Extract Extra SIDs
- extraSids = new PacSid[extraSidAtts.length];
- for(int i = 0; i < extraSidAtts.length; i++) {
- extraSids[i] = extraSidAtts[i].getId();
- }
-
- // Compute Resource Group IDs with Resource Domain ID to get SIDs
- resourceGroupSids = new PacSid[resourceGroups.length];
- for(int i = 0; i < resourceGroups.length; i++) {
- resourceGroupSids[i] = PacSid.append(resourceDomainId, resourceGroups[i].getId());
- }
-
- // Compute User IDs with Domain ID to get User SIDs
- // First extra is user if userId is empty
- if(!userId.isEmpty() && !userId.isBlank()) {
- userSid = PacSid.append(domainId, userId);
- } else if(extraSids.length > 0) {
- userSid = extraSids[0];
- }
- groupSid = PacSid.append(domainId, groupId);
-
- // Compute Group IDs with Domain ID to get Group SIDs
- groupSids = new PacSid[groups.length];
- for(int i = 0; i < groups.length; i++) {
- groupSids[i] = PacSid.append(domainId, groups[i].getId());
- }
- } catch(IOException e) {
- throw new IOException("pac.logoninfo.malformed", e);
- }
- }
-
- public Date getLogonTime() {
- return logonTime;
- }
-
- public Date getLogoffTime() {
- return logoffTime;
- }
-
- public Date getKickOffTime() {
- return kickOffTime;
- }
-
- public Date getPwdLastChangeTime() {
- return pwdLastChangeTime;
- }
-
- public Date getPwdCanChangeTime() {
- return pwdCanChangeTime;
- }
-
- public Date getPwdMustChangeTime() {
- return pwdMustChangeTime;
- }
-
- public short getLogonCount() {
- return logonCount;
- }
-
- public short getBadPasswordCount() {
- return badPasswordCount;
- }
-
- public String getUserName() {
- return userName;
- }
-
- public String getUserDisplayName() {
- return userDisplayName;
- }
-
- public String getLogonScript() {
- return logonScript;
- }
-
- public String getProfilePath() {
- return profilePath;
- }
-
- public String getHomeDirectory() {
- return homeDirectory;
- }
-
- public String getHomeDrive() {
- return homeDrive;
- }
-
- public String getServerName() {
- return serverName;
- }
-
- public String getDomainName() {
- return domainName;
- }
-
- public PacSid getUserSid() {
- return userSid;
- }
-
- public PacSid getGroupSid() {
- return groupSid;
- }
-
- public PacSid[] getGroupSids() {
- return groupSids;
- }
-
- public PacSid[] getResourceGroupSids() {
- return resourceGroupSids;
- }
-
- public PacSid[] getExtraSids() {
- return extraSids;
- }
-
- public int getUserAccountControl() {
- return userAccountControl;
- }
-
- public int getUserFlags() {
- return userFlags;
- }
-
-}
[09/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
new file mode 100644
index 0000000..3a7ffe9
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
@@ -0,0 +1,113 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+public class CamelliaEncTest {
+
+ private List<String> outputs = new ArrayList<String>();
+ private int keySize;
+
+ private byte[] plain = new byte[16];
+ private byte[] cipher = new byte[16];
+ private EncryptProvider encProvider;
+
+ private List<String> getExpectedLines() throws IOException {
+ InputStream res = CamelliaEncTest.class.getResourceAsStream("/camellia-expect-vt.txt");
+ BufferedReader br = new BufferedReader(new InputStreamReader(res));
+
+ List<String> results = new ArrayList<String>();
+ String line;
+ while ((line = br.readLine()) != null) {
+ line = line.trim();
+ if (! line.isEmpty()) {
+ results.add(line);
+ }
+ }
+ return results;
+ }
+
+ @Test
+ public void testEnc() throws IOException, KrbException {
+ List<String> expectedLines = getExpectedLines();
+
+ testWith(16);
+ outputs.add("==========");
+ testWith(32);
+ outputs.add("==========");
+
+ List<String> newLines = expectedLines;
+ Assert.assertEquals("Comparing new lines with expected lines",
+ expectedLines, outputs);
+ }
+
+ private void testWith(int keySize) throws KrbException {
+ this.keySize = keySize;
+ outputs.add("KEYSIZE=" + (keySize * 8));
+
+ encProvider = keySize == 16 ?
+ new Camellia128Provider() : new Camellia256Provider();
+
+ byte[] key = new byte[keySize];
+ Arrays.fill(key, (byte) 0);
+ hexDump("KEY", key);
+
+ for (int i = 0; i < 16 * 8; ++i) {
+ Arrays.fill(plain, (byte) 0);
+ setBit(plain, i);
+ outputs.add("I=" + (i + 1));
+ hexDump("PT", plain);
+ encWith(key);
+ hexDump("CT", cipher);
+ }
+ }
+
+ private void hexDump(String label, byte[] bytes) {
+ String line = label + "=" + HexUtil.bytesToHex(bytes);
+ outputs.add(line);
+ }
+
+ private static void setBit(byte[] bytes, int bitnum) {
+ int bytenum = bitnum / 8;
+ bitnum %= 8;
+ // First bit is the high bit!
+ bytes[bytenum] = (byte) (1 << (7 - bitnum));
+ }
+
+ private void encWith(byte[] key) throws KrbException {
+ System.arraycopy(plain, 0, cipher, 0, plain.length);
+ encProvider.encrypt(key, cipher);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
new file mode 100644
index 0000000..c47d9d4
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.spec.common.*;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Test;
+
+/**
+ * Only used to test for rsa-md4-des and rsa-md5-des
+ */
+public class CheckSumTest {
+
+ static class CksumTest {
+ CheckSumType cksumType;
+ String plainText;
+ String knownChecksum;
+
+ CksumTest(CheckSumType cksumType, String plainText, String knownChecksum) {
+ this.cksumType = cksumType;
+ this.plainText = plainText;
+ this.knownChecksum = knownChecksum;
+ }
+ }
+
+ static CksumTest[] testCases = new CksumTest[] {
+ new CksumTest(
+ CheckSumType.RSA_MD4_DES,
+ "this is a test",
+ "e3f76a07f3401e3536b43a3f54226c39422c35682c354835"
+ ),
+ new CksumTest(
+ CheckSumType.RSA_MD5_DES,
+ "this is a test",
+ "e3f76a07f3401e351143ee6f4c09be1edb4264d55015db53"
+ )
+ };
+
+ static byte[] TESTKEY = { (byte)0x45, (byte)0x01, (byte)0x49, (byte)0x61, (byte)0x58,
+ (byte)0x19, (byte)0x1a, (byte)0x3d };
+
+ @Test
+ public void testCheckSums() {
+ for (CksumTest tc : testCases) {
+ System.err.println("Checksum testing for " + tc.cksumType.getName());
+ try {
+ testWith(tc);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+ private void testWith(CksumTest testCase) throws Exception {
+ byte[] knownChecksum = HexUtil.hex2bytes(testCase.knownChecksum);
+ byte[] plainData = testCase.plainText.getBytes();
+ CheckSum newCksum;
+
+ if (! CheckSumHandler.isImplemented(testCase.cksumType)) {
+ System.err.println("Checksum type not supported yet: "
+ + testCase.cksumType.getName());
+ return;
+ }
+
+ EncryptionKey key = new EncryptionKey(EncryptionType.DES_CBC_CRC, TESTKEY);
+
+ newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key.getKeyData(), KeyUsage.NONE);
+
+ if (CheckSumHandler.verifyWithKey(newCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
+ System.err.println("Checksum verifying is OK for " + testCase.cksumType.getName());
+ } else {
+ System.err.println("Checksum verifying failed for " + testCase.cksumType.getName());
+ }
+
+ // corrupt and verify again
+ byte[] cont = newCksum.getChecksum();
+ cont[0]++;
+ newCksum.setChecksum(cont);
+ if (CheckSumHandler.verifyWithKey(newCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
+ System.err.println("Checksum verifying failed with corrupt data for " + testCase.cksumType.getName());
+ } else {
+ System.err.println("Checksum verifying is OK with corrupt data for " + testCase.cksumType.getName());
+ }
+
+ CheckSum knwnCksum = new CheckSum(testCase.cksumType, knownChecksum);
+ if (CheckSumHandler.verifyWithKey(knwnCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
+ System.err.println("Checksum verifying is OK with known checksum for " + testCase.cksumType.getName());
+ } else {
+ System.err.println("Checksum verifying failed with known checksum for " + testCase.cksumType.getName());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumsTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumsTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumsTest.java
new file mode 100644
index 0000000..3b21e7a
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumsTest.java
@@ -0,0 +1,233 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Test;
+
+import static org.junit.Assert.fail;
+
+/**
+ * These are to test the checksums of good answers, and the checksums
+ * are deterministic. For other cases, look at CheckSumTest.
+ */
+public class CheckSumsTest {
+
+ private static class CksumTest {
+ String plainText;
+ CheckSumType cksumType;
+ EncryptionType encType;
+ String key;
+ int keyUsage;
+ String answer;
+
+ CksumTest(String plainText, CheckSumType cksumType, EncryptionType encType,
+ int keyUsage, String key, String answer) {
+ this.plainText = plainText;
+ this.cksumType = cksumType;
+ this.encType = encType;
+ this.key = key;
+ this.keyUsage = keyUsage;
+ this.answer = answer;
+ }
+ }
+
+ @Test
+ public void testCheckSums_CRC32() throws Exception {
+ performTest(new CksumTest(
+ "abc",
+ CheckSumType.CRC32, EncryptionType.NONE, 0, "",
+ "D09865CA"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_RSA_MD4() throws Exception {
+ performTest(new CksumTest(
+ "one",
+ CheckSumType.RSA_MD4, EncryptionType.NONE, 0, "",
+ "305DCC2C0FDD5339969552C7B8996348"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_RSA_MD5() throws Exception {
+ performTest(new CksumTest(
+ "two three four five",
+ CheckSumType.RSA_MD5, EncryptionType.NONE, 0, "",
+ "BAB5321551E1084490869635B3C26815"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_NIST_SHA() throws Exception {
+ performTest(new CksumTest(
+ "",
+ CheckSumType.NIST_SHA, EncryptionType.NONE, 0, "",
+ "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_HMAC_SHA1_DES3() throws Exception {
+ performTest(new CksumTest(
+ "six seven",
+ CheckSumType.HMAC_SHA1_DES3, EncryptionType.DES3_CBC_SHA1, 2,
+ "7A25DF8992296DCEDA0E135BC4046E2375B3C14C98FBC162",
+ "0EEFC9C3E049AABC1BA5C401677D9AB699082BB4"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_HMAC_SHA1_96_AES128() throws Exception {
+ performTest(new CksumTest(
+ "eight nine ten eleven twelve thirteen",
+ CheckSumType.HMAC_SHA1_96_AES128, EncryptionType.AES128_CTS_HMAC_SHA1_96, 3,
+ "9062430C8CDA3388922E6D6A509F5B7A",
+ "01A4B088D45628F6946614E3"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_HMAC_SHA1_96_AES256() throws Exception {
+ performTest(new CksumTest(
+ "fourteen",
+ CheckSumType.HMAC_SHA1_96_AES256, EncryptionType.AES256_CTS_HMAC_SHA1_96, 4,
+ "B1AE4CD8462AFF1677053CC9279AAC30B796FB81CE21474DD3DDBCFEA4EC76D7",
+ "E08739E3279E2903EC8E3836"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_MD5_HMAC_ARCFOUR() throws Exception {
+ performTest(new CksumTest(
+ "fifteen sixteen",
+ CheckSumType.MD5_HMAC_ARCFOUR, EncryptionType.ARCFOUR_HMAC, 5,
+ "F7D3A155AF5E238A0B7A871A96BA2AB2",
+ "9F41DF304907DE735447001FD2A197B9"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_HMAC_MD5_ARCFOUR() throws Exception {
+ performTest(new CksumTest(
+ "seventeen eighteen nineteen twenty",
+ CheckSumType.HMAC_MD5_ARCFOUR, EncryptionType.ARCFOUR_HMAC, 6,
+ "F7D3A155AF5E238A0B7A871A96BA2AB2",
+ "EB38CC97E2230F59DA4117DC5859D7EC"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_CMAC_CAMELLIA128_1() throws Exception {
+ performTest(new CksumTest(
+ "abcdefghijk",
+ CheckSumType.CMAC_CAMELLIA128, EncryptionType.CAMELLIA128_CTS_CMAC, 7,
+ "1DC46A8D763F4F93742BCBA3387576C3",
+ "1178E6C5C47A8C1AE0C4B9C7D4EB7B6B"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_CMAC_CAMELLIA128_2() throws Exception {
+ performTest(new CksumTest(
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ CheckSumType.CMAC_CAMELLIA128, EncryptionType.CAMELLIA128_CTS_CMAC, 8,
+ "5027BC231D0F3A9D23333F1CA6FDBE7C",
+ "D1B34F7004A731F23A0C00BF6C3F753A"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_CMAC_CAMELLIA256_1() throws Exception {
+ performTest(new CksumTest(
+ "123456789",
+ CheckSumType.CMAC_CAMELLIA256, EncryptionType.CAMELLIA256_CTS_CMAC, 9,
+ "B61C86CC4E5D2757545AD423399FB7031ECAB913CBB900BD7A3C6DD8BF92015B",
+ "87A12CFD2B96214810F01C826E7744B1"
+ ));
+ }
+
+ @Test
+ public void testCheckSums_CMAC_CAMELLIA256_2() throws Exception {
+ performTest(new CksumTest(
+ "!@#$%^&*()!@#$%^&*()!@#$%^&*()",
+ CheckSumType.CMAC_CAMELLIA256, EncryptionType.CAMELLIA256_CTS_CMAC, 10,
+ "32164C5B434D1D1538E4CFD9BE8040FE8C4AC7ACC4B93D3314D2133668147A05",
+ "3FA0B42355E52B189187294AA252AB64"
+ ));
+ }
+
+ /**
+ * Perform checksum checks using the testcase data object
+ * @param testCase
+ * @throws Exception
+ */
+ private static void performTest(CksumTest testCase) throws Exception {
+ byte[] answer = HexUtil.hex2bytes(testCase.answer);
+ byte[] plainData = testCase.plainText.getBytes();
+ CheckSum newCksum;
+
+ if (! CheckSumHandler.isImplemented(testCase.cksumType)) {
+ fail("Checksum type not supported yet: "
+ + testCase.cksumType.getName());
+ return;
+ }
+
+ if (testCase.encType != EncryptionType.NONE) {
+ /**
+ * For keyed checksum types
+ */
+ if (! EncryptionHandler.isImplemented(testCase.encType)) {
+ fail("Key type not supported yet: " + testCase.encType.getName());
+ return;
+ }
+
+ byte[] key = HexUtil.hex2bytes(testCase.key);
+ KeyUsage keyUsage = KeyUsage.fromValue(testCase.keyUsage);
+ newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key, keyUsage);
+ if (CheckSumHandler.verifyWithKey(newCksum, plainData, key, keyUsage)) {
+ System.out.println("Checksum test OK for " + testCase.cksumType.getName());
+ } else {
+ fail("Checksum test failed for " + testCase.cksumType.getName());
+ }
+ } else {
+ /**
+ * For un-keyed checksum types
+ */
+ newCksum = CheckSumHandler.checksum(testCase.cksumType, plainData);
+ if (CheckSumHandler.verify(newCksum, plainData)) {
+ System.out.println("Checksum and verifying OK for " + testCase.cksumType.getName());
+ } else {
+ fail("Checksum and verifying failed for " + testCase.cksumType.getName());
+ }
+ }
+
+ if (! newCksum.isEqual(answer)) {
+ fail("Checksum test failed for " + testCase.cksumType.getName());
+ } else {
+ System.out.println("Checksum test OK for " + testCase.cksumType.getName());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
new file mode 100644
index 0000000..049b578
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
@@ -0,0 +1,85 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class CmacTest {
+
+ /* All examples use the following Camellia-128 key. */
+ static String keyBytes = "2b7e151628aed2a6" +
+ "abf7158809cf4f3c";
+
+ /* Example inputs are this message truncated to 0, 16, 40, and 64 bytes. */
+ static String inputBytes = "6bc1bee22e409f96" +
+ "e93d7e117393172a" +
+ "ae2d8a571e03ac9c" +
+ "9eb76fac45af8e51" +
+ "30c81c46a35ce411" +
+ "e5fbc1191a0a52ef" +
+ "f69f2445df4f9b17" +
+ "ad2b417be66c3710";
+
+ /* Expected result of CMAC on empty inputBytes. */
+ static String cmac1 = "ba925782aaa1f5d9" +
+ "a00f89648094fc71";
+
+ /* Expected result of CMAC on first 16 bytes of inputBytes. */
+ static String cmac2 = "6d962854a3b9fda5" +
+ "6d7d45a95ee17993";
+
+ /* Expected result of CMAC on first 40 bytes of inputBytes. */
+ static String cmac3 = "5c18d119ccd67661" +
+ "44ac1866131d9f22";
+
+ /* Expected result of CMAC on all 64 bytes of inputBytes. */
+ static String cmac4 = "c2699a6eba55ce9d" +
+ "939a8a4e19466ee9";
+
+
+ @Test
+ public void testCmac() throws KrbException, KrbException {
+ byte[] key = HexUtil.hex2bytes(keyBytes);
+ byte[] input = HexUtil.hex2bytes(inputBytes);
+ EncryptProvider encProvider = new Camellia128Provider();
+ byte[] result;
+
+ // test 1
+ result = Cmac.cmac(encProvider, key, input, 0, 0);
+ Assert.assertArrayEquals("Test 1", HexUtil.hex2bytes(cmac1), result);
+
+ // test 2
+ result = Cmac.cmac(encProvider, key, input, 0, 16);
+ Assert.assertArrayEquals("Test 2", HexUtil.hex2bytes(cmac2), result);
+
+ // test 3
+ result = Cmac.cmac(encProvider, key, input, 0, 40);
+ Assert.assertArrayEquals("Test 3", HexUtil.hex2bytes(cmac3), result);
+
+ // test 4
+ result = Cmac.cmac(encProvider, key, input, 0, 64);
+ Assert.assertArrayEquals("Test 4", HexUtil.hex2bytes(cmac4), result);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/Crc32Test.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/Crc32Test.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/Crc32Test.java
new file mode 100644
index 0000000..59879d7
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/Crc32Test.java
@@ -0,0 +1,119 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.util.HexUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class Crc32Test {
+
+ static class TestCase {
+ String data;
+ long answer;
+
+ public TestCase(String data, long answer) {
+ this.data = data;
+ this.answer = answer;
+ }
+ }
+
+ static TestCase[] testCases = new TestCase[] {
+ new TestCase("01", 0x77073096),
+ new TestCase("02", 0xee0e612c),
+ new TestCase("04", 0x076dc419),
+ new TestCase("08", 0x0edb8832),
+ new TestCase("10", 0x1db71064),
+ new TestCase("20", 0x3b6e20c8),
+ new TestCase("40", 0x76dc4190),
+ new TestCase("80", 0xedb88320),
+ new TestCase("0100", 0x191b3141),
+ new TestCase("0200", 0x32366282),
+ new TestCase("0400", 0x646cc504),
+ new TestCase("0800", 0xc8d98a08),
+ new TestCase("1000", 0x4ac21251),
+ new TestCase("2000", 0x958424a2),
+ new TestCase("4000", 0xf0794f05),
+ new TestCase("8000", 0x3b83984b),
+ new TestCase("0001", 0x77073096),
+ new TestCase("0002", 0xee0e612c),
+ new TestCase("0004", 0x076dc419),
+ new TestCase("0008", 0x0edb8832),
+ new TestCase("0010", 0x1db71064),
+ new TestCase("0020", 0x3b6e20c8),
+ new TestCase("0040", 0x76dc4190),
+ new TestCase("0080", 0xedb88320),
+ new TestCase("01000000", 0xb8bc6765),
+ new TestCase("02000000", 0xaa09c88b),
+ new TestCase("04000000", 0x8f629757),
+ new TestCase("08000000", 0xc5b428ef),
+ new TestCase("10000000", 0x5019579f),
+ new TestCase("20000000", 0xa032af3e),
+ new TestCase("40000000", 0x9b14583d),
+ new TestCase("80000000", 0xed59b63b),
+ new TestCase("00010000", 0x01c26a37),
+ new TestCase("00020000", 0x0384d46e),
+ new TestCase("00040000", 0x0709a8dc),
+ new TestCase("00080000", 0x0e1351b8),
+ new TestCase("00100000", 0x1c26a370),
+ new TestCase("00200000", 0x384d46e0),
+ new TestCase("00400000", 0x709a8dc0),
+ new TestCase("00800000", 0xe1351b80),
+ new TestCase("00000100", 0x191b3141),
+ new TestCase("00000200", 0x32366282),
+ new TestCase("00000400", 0x646cc504),
+ new TestCase("00000800", 0xc8d98a08),
+ new TestCase("00001000", 0x4ac21251),
+ new TestCase("00002000", 0x958424a2),
+ new TestCase("00004000", 0xf0794f05),
+ new TestCase("00008000", 0x3b83984b),
+ new TestCase("00000001", 0x77073096),
+ new TestCase("00000002", 0xee0e612c),
+ new TestCase("00000004", 0x076dc419),
+ new TestCase("00000008", 0x0edb8832),
+ new TestCase("00000010", 0x1db71064),
+ new TestCase("00000020", 0x3b6e20c8),
+ new TestCase("00000040", 0x76dc4190),
+ new TestCase("00000080", 0xedb88320),
+ new TestCase("666F6F", 0x7332bc33),
+ new TestCase("7465737430313233343536373839", 0xb83e88d6),
+ new TestCase("4D4153534143485653455454532049" +
+ "4E53544954565445204F4620544543484E4F4C4F4759", 0xe34180f7)
+ };
+
+ @Test
+ public void testCrc32() {
+ boolean isOk = true;
+ for (TestCase tc : testCases) {
+ if (! testWith(tc)) {
+ isOk = false;
+ System.err.println("Test with data " + tc.data + " failed");
+ }
+ }
+
+ Assert.assertTrue(isOk);
+ }
+
+ private boolean testWith(TestCase testCase) {
+ byte[] data = HexUtil.hex2bytes(testCase.data);
+ long value = Crc32.crc(0, data, 0, data.length);
+ return value == testCase.answer;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DecryptionTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DecryptionTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DecryptionTest.java
new file mode 100644
index 0000000..8d0c5ca
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DecryptionTest.java
@@ -0,0 +1,985 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.common.KeyUsage;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Test;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+/**
+ * Decryption test with known ciphertexts.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class DecryptionTest {
+ /**
+ * The class used to store the test values
+ */
+ private static class TestCase {
+ EncryptionType encType;
+ String plainText;
+ int keyUsage;
+ String key;
+ String cipher;
+
+ TestCase(EncryptionType encType, String plainText,
+ int keyUsage, String key, String cipher) {
+ this.encType = encType;
+ this.plainText = plainText;
+ this.keyUsage = keyUsage;
+ this.key = key;
+ this.cipher = cipher;
+ }
+ }
+
+ /**
+ * Actually do the test
+ */
+ private boolean testDecrypt(TestCase testCase) throws Exception {
+ KeyUsage ku = KeyUsage.fromValue(testCase.keyUsage);
+
+ byte[] cipherBytes = HexUtil.hex2bytes(testCase.cipher);
+ byte[] keyBytes = HexUtil.hex2bytes(testCase.key);
+
+ EncryptionKey encKey = new EncryptionKey(testCase.encType, keyBytes);
+ byte[] decrypted = EncryptionHandler.decrypt(cipherBytes, encKey, ku);
+ String plainText = new String(decrypted);
+
+ return plainText.startsWith(testCase.plainText);
+ }
+
+ /**
+ * Perform all the checks for a testcase
+ */
+ private void performTestDecrypt(TestCase testCase) {
+ //assertTrue(EncryptionHandler.isImplemented(testCase.encType));
+ if (! EncryptionHandler.isImplemented(testCase.encType)) {
+ System.err.println("Not implemented yet: " + testCase.encType.getDisplayName());
+ return;
+ }
+
+ try {
+ assertTrue(testDecrypt(testCase));
+ } catch (Exception e) {
+ fail(e.getMessage());
+ }
+ }
+
+ /**
+ * Test for DES_CBC_CRC encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_CRC_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "", 0,
+ "45E6087CDF138FB5",
+ "28F6B09A012BCCF72FB05122B2839E6E");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_CRC encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_CRC_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "1", 1,
+ "92A7155810586B2F",
+ "B4C871C2F3E7BF7605EFD62F2EEEC205");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_CRC encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_CRC_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "9 bytesss", 2,
+ "A4B9514A61646423",
+ "5F14C35178D33D7CDE0EC169C623CC83" +
+ "21B7B8BD34EA7EFE");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_CRC encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_CRC_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "13 bytes byte", 3,
+ "2F16A2A7FDB05768",
+ "0B588E38D971433C9D86D8BAEBF63E4C" +
+ "1A01666E76D8A54A3293F72679ED88C9");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_CRC encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_CRC_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_CRC,
+ "30 bytes bytes bytes bytes byt", 4,
+ "BC8F70FD2097D67C",
+ "38D632D2C20A7C2EA250FC8ECE42938E" +
+ "92A9F5D302502665C1A33729C1050DC2" +
+ "056298FBFB1682CEEB65E59204FDA7DF");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD4 encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_MD4_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD4,
+ "", 0,
+ "13EF45D0D6D9A15D",
+ "1FB202BF07AF3047FB7801E588568686" +
+ "BA63D78BE3E87DC7");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD4 encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_MD4_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD4,
+ "1", 1,
+ "64688654DC269E67",
+ "1F6CB9CECB73F755ABFDB3D565BD31D5" +
+ "A2E64BFE44C491E20EEBE5BD20E4D2A9");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD4 encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD4_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD4,
+ "9 bytesss", 2,
+ "6804FB26DF8A4C32",
+ "08A53D62FEC3338AD1D218E60DBDD3B2" +
+ "12940679D125E0621B3BAB4680CE0367" +
+ "6A2C420E9BE784EB");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD4 encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD4_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD4,
+ "13 bytes byte", 3,
+ "234A436EC72FA80B",
+ "17CD45E14FF06B2840A6036E9AA7A414" +
+ "4E29768144A0C1827D8C4BC7C9906E72" +
+ "CD4DC328F6648C99");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD4 encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD4_30()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD4,
+ "30 bytes bytes bytes bytes byt", 4,
+ "1FD5F74334C4FB8C",
+ "51134CD8951E9D57C0A36053E04CE03E" +
+ "CB8422488FDDC5C074C4D85E60A2AE42" +
+ "3C3C701201314F362CB07448091679C6" +
+ "A496C11D7B93C71B");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD5 encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_MD5_0()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD5,
+ "", 0,
+ "4A545E0BF7A22631",
+ "784CD81591A034BE82556F56DCA3224B" +
+ "62D9956FA90B1B93");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD5 encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_MD5_1()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD5,
+ "1", 1,
+ "D5804A269DC4E645",
+ "FFA25C7BE287596BFE58126E90AAA0F1" +
+ "2D9A82A0D86DF6D5F9074B6B399E7FF1");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD5 encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD5_9()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD5,
+ "9 bytesss", 2,
+ "C8312F7F83EA4640",
+ "E7850337F2CC5E3F35CE3D69E2C32986" +
+ "38A7AA44B878031E39851E47C15B5D0E" +
+ "E7E7AC54DE111D80");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD5 encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD5_13()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD5,
+ "13 bytes byte", 3,
+ "7FDA3E62AD8AF18C",
+ "D7A8032E19994C928777506595FBDA98" +
+ "83158A8514548E296E911C29F465C672" +
+ "366000558BFC2E88");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_MD5 encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_MD5_30()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES_CBC_MD5,
+ "30 bytes bytes bytes bytes byt", 4,
+ "D3D6832970A73752",
+ "8A48166A4C6FEAE607A8CF68B381C075" +
+ "5E402B19DBC0F81A7D7CA19A25E05223" +
+ "F6064409BF5A4F50ACD826639FFA7673" +
+ "FD324EC19E429502");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_SHA1 encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_SHA1_0()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "", 0,
+ "7A25DF8992296DCEDA0E135BC4046E23" +
+ "75B3C14C98FBC162",
+ "548AF4D504F7D723303F12175FE8386B" +
+ "7B5335A967BAD61F3BF0B143");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_SHA1 encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptDES_CBC_SHA1_1()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "1", 1,
+ "BC0783891513D5CE57BC138FD3C11AE6" +
+ "40452385322962B6",
+ "9C3C1DBA4747D85AF2916E4745F2DCE3" +
+ "8046796E5104BCCDFB669A91D44BC356" +
+ "660945C7");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_SHA1 encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_SHA1_9()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "9 bytesss", 2,
+ "2FD0F725CE04100D2FC8A18098831F85" +
+ "0B45D9EF850BD920",
+ "CF9144EBC8697981075A8BAD8D74E5D7" +
+ "D591EB7D9770C7ADA25EE8C5B3D69444" +
+ "DFEC79A5B7A01482D9AF74E6");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_SHA1 encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_SHA1_13()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "13 bytes byte", 3,
+ "0DD52094E0F41CECCB5BE510A764B351" +
+ "76E3981332F1E598",
+ "839A17081ECBAFBCDC91B88C6955DD3C" +
+ "4514023CF177B77BF0D0177A16F705E8" +
+ "49CB7781D76A316B193F8D30");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for DES_CBC_SHA1 encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptDES_CBC_SHA1_30()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "30 bytes bytes bytes bytes byt", 4,
+ "F11686CBBC9E23EA54FECD2A3DCDFB20" +
+ "B6FE98BF2645C4C4",
+ "89433E83FD0EA3666CFFCD18D8DEEBC5" +
+ "3B9A34EDBEB159D9F667C6C2B9A96440" +
+ "1D55E7E9C68D648D65C3AA84FFA3790C" +
+ "14A864DA8073A9A95C4BA2BC");
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptARC_FOUR_0()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC,
+ "", 0,
+ "F81FEC39255F5784E850C4377C88BD85",
+ "02C1EB15586144122EC717763DD348BF" +
+ "00434DDC6585954C"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptARC_FOUR_1()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC,
+ "1", 1,
+ "67D1300D281223867F9647FF48721273",
+ "6156E0CC04E0A0874F9FDA008F498A7A" +
+ "DBBC80B70B14DDDBC0"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptARC_FOUR_9()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC,
+ "9 bytesss", 2,
+ "3E40AB6093695281B3AC1A9304224D98",
+ "0F9AD121D99D4A09448E4F1F718C4F5C" +
+ "BE6096262C66F29DF232A87C9F98755D" +
+ "55"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptARC_FOUR_13()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC,
+ "13 bytes byte", 3,
+ "4BA2FBF0379FAED87A254D3B353D5A7E",
+ "612C57568B17A70352BAE8CF26FB9459" +
+ "A6F3353CD35FD439DB3107CBEC765D32" +
+ "6DFC04C1DD"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptARC_FOUR_30()
+ {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC,
+ "30 bytes bytes bytes bytes byt", 4,
+ "68F263DB3FCE15D031C9EAB02D67107A",
+ "95F9047C3AD75891C2E9B04B16566DC8" +
+ "B6EB9CE4231AFB2542EF87A7B5A0F260" +
+ "A99F0460508DE0CECC632D07C354124E" +
+ "46C5D2234EB8"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC_EXP encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptARCFOUR_HMAC_EXP_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC_EXP,
+ "", 0,
+ "F7D3A155AF5E238A0B7A871A96BA2AB2",
+ "2827F0E90F62E7460C4E2FB39F9657BA" +
+ "8BFAA991D7FDADFF"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptARCFOUR_HMAC_EXP_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC_EXP,
+ "1", 1,
+ "DEEAA0607DB799E2FDD6DB2986BB8D65",
+ "3DDA392E2E275A4D75183FA6328A0A4E" +
+ "6B752DF6CD2A25FA4E"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptARCFOUR_HMAC_EXP_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC_EXP,
+ "9 bytesss", 2,
+ "33AD7FC2678615569B2B09836E0A3AB6",
+ "09D136AC485D92644EC6701D6A0D03E8" +
+ "982D7A3CA7EFD0F8F4F83660EF4277BB" +
+ "81"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptARCFOUR_HMAC_EXP_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC_EXP,
+ "13 bytes byte", 3,
+ "39F25CD4F0D41B2B2D9D300FCB2981CB",
+ "912388D7C07612819E3B640FF5CECDAF" +
+ "72E5A59DF10F1091A6BEC39CAAD748AF" +
+ "9BD2D8D546"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for ARCFOUR_HMAC encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptARCFOUR_HMAC_EXP_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.ARCFOUR_HMAC_EXP,
+ "30 bytes bytes bytes bytes byt", 4,
+ "9F725542D9F72AA1F386CBE7896984FC",
+ "78B35A08B08BE265AEB4145F076513B6" +
+ "B56EFED3F7526574AF74F7D2F9BAE96E" +
+ "ABB76F2D87386D2E93E3A77B99919F1D" +
+ "976490E2BD45"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptAES128_CTS_HMAC_SHA1_96_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "", 0,
+ "5A5C0F0BA54F3828B2195E66CA24A289",
+ "49FF8E11C173D9583A3254FBE7B1F1DF" +
+ "36C538E8416784A1672E6676"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptAES128_CTS_HMAC_SHA1_96_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "1", 1,
+ "98450E3F3BAA13F5C99BEB936981B06F",
+ "F86742F537B35DC2174A4DBAA920FAF9" +
+ "042090B065E1EBB1CAD9A65394"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptAES128_CTS_HMAC_SHA1_96_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "9 bytesss", 2,
+ "9062430C8CDA3388922E6D6A509F5B7A",
+ "68FB9679601F45C78857B2BF820FD6E5" +
+ "3ECA8D42FD4B1D7024A09205ABB7CD2E" +
+ "C26C355D2F"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptAES128_CTS_HMAC_SHA1_96_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "13 bytes byte", 3,
+ "033EE6502C54FD23E27791E987983827",
+ "EC366D0327A933BF49330E650E49BC6B" +
+ "974637FE80BF532FE51795B4809718E6" +
+ "194724DB948D1FD637"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES128_CTS_HMAC_SHA1_96 encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptAES128_CTS_HMAC_SHA1_96_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "30 bytes bytes bytes bytes byt", 4,
+ "DCEEB70B3DE76562E689226C76429148",
+ "C96081032D5D8EEB7E32B4089F789D0F" +
+ "AA481DEA74C0F97CBF3146DDFCF8E800" +
+ "156ECB532FC203E30FF600B63B350939" +
+ "FECE510F02D7FF1E7BAC"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptAES256_CTS_HMAC_SHA1_96_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "", 0,
+ "17F275F2954F2ED1F90C377BA7F4D6A3" +
+ "69AA0136E0BF0C927AD6133C693759A9",
+ "E5094C55EE7B38262E2B044280B06937" +
+ "9A95BF95BD8376FB3281B435"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptAES256_CTS_HMAC_SHA1_96_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "1", 1,
+ "B9477E1FF0329C0050E20CE6C72D2DFF" +
+ "27E8FE541AB0954429A9CB5B4F7B1E2A",
+ "406150B97AEB76D43B36B62CC1ECDFBE" +
+ "6F40E95755E0BEB5C27825F3A4"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptAES256_CTS_HMAC_SHA1_96_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "9 bytesss", 2,
+ "B1AE4CD8462AFF1677053CC9279AAC30" +
+ "B796FB81CE21474DD3DDBCFEA4EC76D7",
+ "09957AA25FCAF88F7B39E4406E633012" +
+ "D5FEA21853F6478DA7065CAEF41FD454" +
+ "A40824EEC5"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptAES256_CTS_HMAC_SHA1_96_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "13 bytes byte", 3,
+ "E5A72BE9B7926C1225BAFEF9C1872E7B" +
+ "A4CDB2B17893D84ABD90ACDD8764D966",
+ "D8F1AAFEEC84587CC3E700A774E56651" +
+ "A6D693E174EC4473B5E6D96F80297A65" +
+ "3FB818AD893E719F96"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for AES256_CTS_HMAC_SHA1_96 encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptAES256_CTS_HMAC_SHA1_96_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "30 bytes bytes bytes bytes byt", 4,
+ "F1C795E9248A09338D82C3F8D5B56704" +
+ "0B0110736845041347235B1404231398",
+ "D1137A4D634CFECE924DBC3BF6790648" +
+ "BD5CFF7DE0E7B99460211D0DAEF3D79A" +
+ "295C688858F3B34B9CBD6EEBAE81DAF6" +
+ "B734D4D498B6714F1C1D"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA128_CTS_CMAC encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptCAMELIA128_CTS_CMAC_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "", 0,
+ "1DC46A8D763F4F93742BCBA3387576C3",
+ "C466F1871069921EDB7C6FDE244A52DB" +
+ "0BA10EDC197BDB8006658CA3CCCE6EB8"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA128_CTS_CMAC encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptCAMELIA128_CTS_CMAC_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "1", 1,
+ "5027BC231D0F3A9D23333F1CA6FDBE7C",
+ "842D21FD950311C0DD464A3F4BE8D6DA" +
+ "88A56D559C9B47D3F9A85067AF661559" +
+ "B8"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA128_CTS_CMAC encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA128_CTS_CMAC_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "9 bytesss", 2,
+ "A1BB61E805F9BA6DDE8FDBDDC05CDEA0",
+ "619FF072E36286FF0A28DEB3A352EC0D" +
+ "0EDF5C5160D663C901758CCF9D1ED33D" +
+ "71DB8F23AABF8348A0"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA128_CTS_CMAC encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA128_CTS_CMAC_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "13 bytes byte", 3,
+ "2CA27A5FAF5532244506434E1CEF6676",
+ "B8ECA3167AE6315512E59F98A7C50020" +
+ "5E5F63FF3BB389AF1C41A21D640D8615" +
+ "C9ED3FBEB05AB6ACB67689B5EA"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA128_CTS_CMAC encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA128_CTS_CMAC_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "30 bytes bytes bytes bytes byt", 4,
+ "7824F8C16F83FF354C6BF7515B973F43",
+ "A26A3905A4FFD5816B7B1E27380D0809" +
+ "0C8EC1F304496E1ABDCD2BDCD1DFFC66" +
+ "0989E117A713DDBB57A4146C1587CBA4" +
+ "356665591D2240282F5842B105A5"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA256_CTS_CMAC encryption type, with 0 byte
+ */
+ @Test
+ public void testDecryptCAMELIA256_CTS_CMAC_0() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "", 0,
+ "B61C86CC4E5D2757545AD423399FB703" +
+ "1ECAB913CBB900BD7A3C6DD8BF92015B",
+ "03886D03310B47A6D8F06D7B94D1DD83" +
+ "7ECCE315EF652AFF620859D94A259266"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA256_CTS_CMAC encryption type, with 1 byte
+ */
+ @Test
+ public void testDecryptCAMELIA256_CTS_CMAC_1() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "1", 1,
+ "1B97FE0A190E2021EB30753E1B6E1E77" +
+ "B0754B1D684610355864104963463833",
+ "2C9C1570133C99BF6A34BC1B0212002F" +
+ "D194338749DB4135497A347CFCD9D18A12"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA256_CTS_CMAC encryption type, with 9 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA256_CTS_CMAC_9() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "9 bytesss", 2,
+ "32164C5B434D1D1538E4CFD9BE8040FE" +
+ "8C4AC7ACC4B93D3314D2133668147A05",
+ "9C6DE75F812DE7ED0D28B2963557A115" +
+ "640998275B0AF5152709913FF52A2A9C" +
+ "8E63B872F92E64C839"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA256_CTS_CMAC encryption type, with 13 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA256_CTS_CMAC_13() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "13 bytes byte", 3,
+ "B038B132CD8E06612267FAB7170066D8" +
+ "8AECCBA0B744BFC60DC89BCA182D0715",
+ "EEEC85A9813CDC536772AB9B42DEFC57" +
+ "06F726E975DDE05A87EB5406EA324CA1" +
+ "85C9986B42AABE794B84821BEE"
+ );
+
+ performTestDecrypt(testCase);
+ }
+
+
+ /**
+ * Test for CAMELLIA256_CTS_CMAC encryption type, with 30 bytes
+ */
+ @Test
+ public void testDecryptCAMELIA256_CTS_CMAC_30() {
+ TestCase testCase = new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "30 bytes bytes bytes bytes byt", 4,
+ "CCFCD349BF4C6677E86E4B02B8EAB924" +
+ "A546AC731CF9BF6989B996E7D6BFBBA7",
+ "0E44680985855F2D1F1812529CA83BFD" +
+ "8E349DE6FD9ADA0BAAA048D68E265FEB" +
+ "F34AD1255A344999AD37146887A6C684" +
+ "5731AC7F46376A0504CD06571474"
+ );
+
+ performTestDecrypt(testCase);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DesKeyMakerTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DesKeyMakerTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DesKeyMakerTest.java
new file mode 100644
index 0000000..0c5f9c2
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/DesKeyMakerTest.java
@@ -0,0 +1,64 @@
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.key.DesKeyMaker;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Assert;
+
+/**
+ * This is just for my experimental tweaking, so pleas bear it.
+ */
+public class DesKeyMakerTest {
+
+ /**
+ * The class used to store the test values
+ */
+ private static class TestCase {
+ String salt;
+ String passwd;
+ String passwdSaltBytes;
+ String fanFoldedKey;
+ String intermediateKey;
+ String finalKey;
+
+ private TestCase(String salt, String passwd, String passwdSaltBytes,
+ String fanFoldedKey, String intermediateKey, String finalKey) {
+ this.salt = salt;
+ this.passwd = passwd;
+ this.passwdSaltBytes = passwdSaltBytes;
+ this.fanFoldedKey = fanFoldedKey;
+ this.intermediateKey = intermediateKey;
+ this.finalKey = finalKey;
+ }
+ }
+
+ /**
+ * Actually do the test
+ */
+ private void test(TestCase tc) {
+ byte[] expectedValue = HexUtil.hex2bytes(tc.passwdSaltBytes);
+ byte[] value = DesKeyMaker.makePasswdSalt(tc.passwd, tc.salt);
+ Assert.assertArrayEquals("PasswdSalt bytes", expectedValue, value);
+
+ expectedValue = HexUtil.hex2bytes(tc.fanFoldedKey);
+ value = DesKeyMaker.fanFold(tc.passwd, tc.salt, null);
+ Assert.assertArrayEquals("FanFold result", expectedValue, value);
+
+ expectedValue = HexUtil.hex2bytes(tc.intermediateKey);
+ value = DesKeyMaker.intermediateKey(value);
+ Assert.assertArrayEquals("IntermediateKey result", expectedValue, value);
+
+ // finalKey check ignored here and it's done in String2keyTest.
+ }
+
+ /**
+ * This is just for my experimental tweaking, so pleas bear it.
+ */
+ //@Test
+ public void testCase1() {
+ TestCase tc = new TestCase("ATHENA.MIT.EDUraeburn",
+ "password", "70617373776f7264415448454e412e4d49542e4544557261656275726e",
+ "c01e38688ac86c2e", "c11f38688ac86d2f", "cbc22fae235298e3");
+
+ test(tc);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/KeyDeriveTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/KeyDeriveTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/KeyDeriveTest.java
new file mode 100644
index 0000000..eb04804
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/KeyDeriveTest.java
@@ -0,0 +1,228 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.*;
+import org.apache.kerby.kerberos.kerb.crypto.key.AesKeyMaker;
+import org.apache.kerby.kerberos.kerb.crypto.key.CamelliaKeyMaker;
+import org.apache.kerby.kerberos.kerb.crypto.key.Des3KeyMaker;
+import org.apache.kerby.kerberos.kerb.crypto.key.DkKeyMaker;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerby.util.HexUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Arrays;
+
+/**
+ * Key derivation test with known values.
+ */
+public class KeyDeriveTest {
+
+ static class TestCase {
+ EncryptionType encType;
+ String inkey;
+ String constant;
+ String answer;
+
+ TestCase(EncryptionType encType, String inkey,
+ String constant, String answer) {
+ this.encType = encType;
+ this.inkey = inkey;
+ this.constant = constant;
+ this.answer = answer;
+ }
+ }
+
+ static TestCase[] testCases = new TestCase[] {
+ /* Kc, Ke, Kei for a DES3 key */
+ new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "850BB51358548CD05E86768C313E3BFE" +
+ "F7511937DCF72C3E",
+ "0000000299",
+ "F78C496D16E6C2DAE0E0B6C24057A84C" +
+ "0426AEEF26FD6DCE"
+ ),
+ new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "850BB51358548CD05E86768C313E3BFE" +
+ "F7511937DCF72C3E",
+ "00000002AA",
+ "5B5723D0B634CB684C3EBA5264E9A70D" +
+ "52E683231AD3C4CE"
+ ),
+ new TestCase(
+ EncryptionType.DES3_CBC_SHA1,
+ "850BB51358548CD05E86768C313E3BFE" +
+ "F7511937DCF72C3E",
+ "0000000255",
+ "A77C94980E9B7345A81525C423A737CE" +
+ "67F4CD91B6B3DA45"
+ ),
+
+ /* Kc, Ke, Ki for an AES-128 key */
+ new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "42263C6E89F4FC28B8DF68EE09799F15",
+ "0000000299",
+ "34280A382BC92769B2DA2F9EF066854B"
+ ),
+ new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "42263C6E89F4FC28B8DF68EE09799F15",
+ "00000002AA",
+ "5B14FC4E250E14DDF9DCCF1AF6674F53"
+ ),
+ new TestCase(
+ EncryptionType.AES128_CTS_HMAC_SHA1_96,
+ "42263C6E89F4FC28B8DF68EE09799F15",
+ "0000000255",
+ "4ED31063621684F09AE8D89991AF3E8F"
+ ),
+
+ /* Kc, Ke, Ki for an AES-256 key */
+ new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "FE697B52BC0D3CE14432BA036A92E65B" +
+ "BB52280990A2FA27883998D72AF30161",
+ "0000000299",
+ "BFAB388BDCB238E9F9C98D6A878304F0" +
+ "4D30C82556375AC507A7A852790F4674"
+ ),
+ new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "FE697B52BC0D3CE14432BA036A92E65B" +
+ "BB52280990A2FA27883998D72AF30161",
+ "00000002AA",
+ "C7CFD9CD75FE793A586A542D87E0D139" +
+ "6F1134A104BB1A9190B8C90ADA3DDF37"
+ ),
+ new TestCase(
+ EncryptionType.AES256_CTS_HMAC_SHA1_96,
+ "FE697B52BC0D3CE14432BA036A92E65B" +
+ "BB52280990A2FA27883998D72AF30161",
+ "0000000255",
+ "97151B4C76945063E2EB0529DC067D97" +
+ "D7BBA90776D8126D91F34F3101AEA8BA"
+ ),
+
+ /* Kc, Ke, Ki for a Camellia-128 key */
+ new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "57D0297298FFD9D35DE5A47FB4BDE24B",
+ "0000000299",
+ "D155775A209D05F02B38D42A389E5A56"
+ ),
+ new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "57D0297298FFD9D35DE5A47FB4BDE24B",
+ "00000002AA",
+ "64DF83F85A532F17577D8C37035796AB"
+ ),
+ new TestCase(
+ EncryptionType.CAMELLIA128_CTS_CMAC,
+ "57D0297298FFD9D35DE5A47FB4BDE24B",
+ "0000000255",
+ "3E4FBDF30FB8259C425CB6C96F1F4635"
+ ),
+
+ /* Kc, Ke, Ki for a Camellia-256 key */
+ new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "B9D6828B2056B7BE656D88A123B1FAC6" +
+ "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
+ "0000000299",
+ "E467F9A9552BC7D3155A6220AF9C1922" +
+ "0EEED4FF78B0D1E6A1544991461A9E50"
+ ),
+ new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "B9D6828B2056B7BE656D88A123B1FAC6" +
+ "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
+ "00000002AA",
+ "412AEFC362A7285FC3966C6A5181E760" +
+ "5AE675235B6D549FBFC9AB6630A4C604"
+ ),
+ new TestCase(
+ EncryptionType.CAMELLIA256_CTS_CMAC,
+ "B9D6828B2056B7BE656D88A123B1FAC6" +
+ "8214AC2B727ECF5F69AFE0C4DF2A6D2C",
+ "0000000255",
+ "FA624FA0E523993FA388AEFDC67E67EB" +
+ "CD8C08E8A0246B1D73B0D1DD9FC582B0"
+ )
+ };
+
+ static DkKeyMaker getKeyMaker(EncryptionType encType) {
+ switch (encType) {
+ case DES3_CBC_SHA1:
+ return new Des3KeyMaker(new Des3Provider());
+ case AES128_CTS_HMAC_SHA1_96:
+ return new AesKeyMaker(new Aes128Provider());
+ case AES256_CTS_HMAC_SHA1_96:
+ return new AesKeyMaker(new Aes256Provider());
+ case CAMELLIA128_CTS_CMAC:
+ return new CamelliaKeyMaker(new Camellia128Provider());
+ case CAMELLIA256_CTS_CMAC:
+ return new CamelliaKeyMaker(new Camellia256Provider());
+ default:
+ return null;
+ }
+ }
+
+ @Test
+ public void testDeriveKeys() {
+ boolean overallResult = true;
+
+ for (TestCase tc : testCases) {
+ System.err.println("Key deriving test for " + tc.encType.getName());
+ try {
+ if (! testWith(tc)) {
+ overallResult = false;
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ overallResult = false;
+ }
+ }
+
+ if (!overallResult) {
+ Assert.fail();
+ }
+ }
+
+ private boolean testWith(TestCase testCase) throws Exception {
+ byte[] answer = HexUtil.hex2bytes(testCase.answer);
+ byte[] inkey = HexUtil.hex2bytes(testCase.inkey);
+ byte[] constant = HexUtil.hex2bytes(testCase.constant);
+ byte[] outkey;
+
+ DkKeyMaker km = getKeyMaker(testCase.encType);
+ outkey = km.dk(inkey, constant);
+ if (! Arrays.equals(answer, outkey)) {
+ System.err.println("failed with:");
+ System.err.println("outKey:" + HexUtil.bytesToHex(outkey));
+ System.err.println("answer:" + testCase.answer);
+ return false;
+ }
+ return true;
+ }
+}
[10/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
new file mode 100644
index 0000000..8deee52
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md4Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class DesCbcMd4Enc extends DesCbcEnc {
+
+ public DesCbcMd4Enc() {
+ super(new Md4Provider());
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.DES_CBC_MD4;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.RSA_MD4_DES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
new file mode 100644
index 0000000..e87955d
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class DesCbcMd5Enc extends DesCbcEnc {
+
+ public DesCbcMd5Enc() {
+ super(new Md5Provider());
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.DES_CBC_MD5;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.RSA_MD5_DES;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/EncryptProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/EncryptProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/EncryptProvider.java
new file mode 100644
index 0000000..47168cb
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/EncryptProvider.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+/**
+ * krb5_enc_provider
+ */
+public interface EncryptProvider {
+
+ public int keyInputSize(); //input size to make key
+ public int keySize(); //output key size
+ public int blockSize(); //crypto block size
+
+ public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException;
+ public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException;
+ public void encrypt(byte[] key, byte[] data) throws KrbException;
+ public void decrypt(byte[] key, byte[] data) throws KrbException;
+ public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException;
+ public boolean supportCbcMac();
+
+ public byte[] initState(byte[] key, int keyUsage);
+ public void cleanState();
+ public void cleanKey();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiCmacEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
new file mode 100644
index 0000000..890c7ca
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiCmacEnc.java
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.Cmac;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class KeKiCmacEnc extends KeKiEnc {
+
+ public KeKiCmacEnc(EncryptProvider encProvider) {
+ super(encProvider, null);
+ }
+
+ @Override
+ public int paddingSize() {
+ return 0;
+ }
+
+ @Override
+ public int checksumSize() {
+ return encProvider().blockSize();
+ }
+
+ @Override
+ protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
+ throws KrbException {
+
+ // generate hash
+ byte[] hash = Cmac.cmac(encProvider(), key, data);
+
+ // truncate hash
+ byte[] output = new byte[hashSize];
+ System.arraycopy(hash, 0, output, 0, hashSize);
+ return output;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
new file mode 100644
index 0000000..9e562c7
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
@@ -0,0 +1,129 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.Confounder;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.crypto.key.DkKeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class KeKiEnc extends AbstractEncTypeHandler {
+
+ public KeKiEnc(EncryptProvider encProvider,
+ HashProvider hashProvider) {
+ super(encProvider, hashProvider);
+ }
+
+ @Override
+ public int paddingSize() {
+ return 0;
+ }
+
+
+ @Override
+ protected void encryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int inputLen = workLens[2];
+ int paddingLen = workLens[3];
+
+ byte[] Ke, Ki;
+ byte[] constant = new byte[5];
+ constant[0] = (byte) ((usage>>24)&0xff);
+ constant[1] = (byte) ((usage>>16)&0xff);
+ constant[2] = (byte) ((usage>>8)&0xff);
+ constant[3] = (byte) (usage&0xff);
+ constant[4] = (byte) 0xaa;
+ Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ constant[4] = (byte) 0x55;
+ Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
+
+ /**
+ * Instead of E(Confounder | Checksum | Plaintext | Padding),
+ * E(Confounder | Plaintext | Padding) | Checksum,
+ * so need to adjust the workBuffer arrangement
+ */
+
+ byte[] tmpEnc = new byte[confounderLen + inputLen + paddingLen];
+ // confounder
+ byte[] confounder = Confounder.makeBytes(confounderLen);
+ System.arraycopy(confounder, 0, tmpEnc, 0, confounderLen);
+
+ // data
+ System.arraycopy(workBuffer, confounderLen + checksumLen,
+ tmpEnc, confounderLen, inputLen);
+
+ // padding
+ for (int i = confounderLen + inputLen; i < paddingLen; ++i) {
+ tmpEnc[i] = 0;
+ }
+
+ // checksum & encrypt
+ byte[] checksum;
+ checksum = makeChecksum(Ki, tmpEnc, checksumLen);
+ encProvider().encrypt(Ke, iv, tmpEnc);
+
+ System.arraycopy(tmpEnc, 0, workBuffer, 0, tmpEnc.length);
+ System.arraycopy(checksum, 0, workBuffer, tmpEnc.length, checksum.length);
+ }
+
+ @Override
+ protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int dataLen = workLens[2];
+
+ byte[] Ke, Ki;
+ byte[] constant = new byte[5];
+ BytesUtil.int2bytes(usage, constant, 0, true);
+ constant[4] = (byte) 0xaa;
+ Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ constant[4] = (byte) 0x55;
+ Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
+
+ // decrypt and verify checksum
+
+ byte[] tmpEnc = new byte[confounderLen + dataLen];
+ System.arraycopy(workBuffer, 0,
+ tmpEnc, 0, confounderLen + dataLen);
+ byte[] checksum = new byte[checksumLen];
+ System.arraycopy(workBuffer, confounderLen + dataLen,
+ checksum, 0, checksumLen);
+
+ byte[] newChecksum;
+ encProvider().decrypt(Ke, iv, tmpEnc);
+ newChecksum = makeChecksum(Ki, tmpEnc, checksumLen);
+
+ if (! checksumEqual(checksum, newChecksum)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
+ }
+
+ byte[] data = new byte[dataLen];
+ System.arraycopy(tmpEnc, confounderLen, data, 0, dataLen);
+ return data;
+ }
+
+ protected abstract byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
+ throws KrbException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
new file mode 100644
index 0000000..70f49c0
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.crypto.Hmac;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.HashProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class KeKiHmacSha1Enc extends KeKiEnc {
+
+ public KeKiHmacSha1Enc(EncryptProvider encProvider,
+ HashProvider hashProvider) {
+ super(encProvider, hashProvider);
+ }
+
+ @Override
+ public int paddingSize() {
+ return 0;
+ }
+
+ @Override
+ protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize)
+ throws KrbException {
+
+ // generate hash
+ byte[] hash = Hmac.hmac(hashProvider(), key, data);
+
+ // truncate hash
+ byte[] output = new byte[hashSize];
+ System.arraycopy(hash, 0, output, 0, hashSize);
+ return output;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
new file mode 100644
index 0000000..126edaf
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.Confounder;
+import org.apache.kerby.kerberos.kerb.crypto.Rc4;
+import org.apache.kerby.kerberos.kerb.crypto.Hmac;
+import org.apache.kerby.kerberos.kerb.crypto.cksum.provider.Md5Provider;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.Rc4Provider;
+import org.apache.kerby.kerberos.kerb.crypto.key.Rc4KeyMaker;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.common.CheckSumType;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Rc4HmacEnc extends AbstractEncTypeHandler {
+ private boolean exportable;
+
+ public Rc4HmacEnc() {
+ this(false);
+ }
+
+ public Rc4HmacEnc(boolean exportable) {
+ super(new Rc4Provider(), new Md5Provider());
+ keyMaker(new Rc4KeyMaker(this.encProvider()));
+ this.exportable = exportable;
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.ARCFOUR_HMAC;
+ }
+
+ @Override
+ public int confounderSize() {
+ return 8;
+ }
+
+ @Override
+ public int paddingSize() {
+ return 0;
+ }
+
+ public CheckSumType checksumType() {
+ return CheckSumType.HMAC_MD5_ARCFOUR;
+ }
+
+ protected void encryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int dataLen = workLens[2];
+
+ /**
+ * Instead of E(Confounder | Checksum | Plaintext | Padding),
+ * Checksum | E(Confounder | Plaintext)
+ */
+
+ // confounder
+ byte[] confounder = Confounder.makeBytes(confounderLen);
+ System.arraycopy(confounder, 0, workBuffer, checksumLen, confounderLen);
+
+ // no padding
+
+ /* checksum and encryption */
+ byte[] usageKey = makeUsageKey(key, usage);
+
+ byte[] checksum = Hmac.hmac(hashProvider(), usageKey, workBuffer,
+ checksumLen, confounderLen + dataLen);
+
+ byte[] encKey = makeEncKey(usageKey, checksum);
+
+ byte[] tmpEnc = new byte[confounderLen + dataLen];
+ System.arraycopy(workBuffer, checksumLen,
+ tmpEnc, 0, confounderLen + dataLen);
+ encProvider().encrypt(encKey, iv, tmpEnc);
+ System.arraycopy(checksum, 0, workBuffer, 0, checksumLen);
+ System.arraycopy(tmpEnc, 0, workBuffer, checksumLen, tmpEnc.length);
+ }
+
+ protected byte[] makeUsageKey(byte[] key, int usage) throws KrbException {
+ byte[] salt = Rc4.getSalt(usage, exportable);
+ byte[] usageKey = Hmac.hmac(hashProvider(), key, salt);
+ return usageKey;
+ }
+
+ protected byte[] makeEncKey(byte[] usageKey, byte[] checksum) throws KrbException {
+ byte[] tmpKey = usageKey;
+
+ if (exportable) {
+ tmpKey = BytesUtil.duplicate(usageKey);
+ for (int i = 0; i < 9; ++i) {
+ tmpKey[i + 7] = (byte) 0xab;
+ }
+ }
+
+ byte[] encKey = Hmac.hmac(hashProvider(), tmpKey, checksum);
+ return encKey;
+ }
+
+ @Override
+ protected byte[] decryptWith(byte[] workBuffer, int[] workLens,
+ byte[] key, byte[] iv, int usage) throws KrbException {
+ int confounderLen = workLens[0];
+ int checksumLen = workLens[1];
+ int dataLen = workLens[2];
+
+ /* checksum and decryption */
+ byte[] usageKey = makeUsageKey(key, usage);
+
+ byte[] checksum = new byte[checksumLen];
+ System.arraycopy(workBuffer, 0, checksum, 0, checksumLen);
+
+ byte[] encKey = makeEncKey(usageKey, checksum);
+
+ byte[] tmpEnc = new byte[confounderLen + dataLen];
+ System.arraycopy(workBuffer, checksumLen,
+ tmpEnc, 0, confounderLen + dataLen);
+ encProvider().decrypt(encKey, iv, tmpEnc);
+
+ byte[] newChecksum = Hmac.hmac(hashProvider(), usageKey, tmpEnc);
+ if (! checksumEqual(checksum, newChecksum)) {
+ throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
+ }
+
+ byte[] data = new byte[dataLen];
+ System.arraycopy(tmpEnc, confounderLen,
+ data, 0, dataLen);
+
+ return data;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
new file mode 100644
index 0000000..42799a3
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc;
+
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
+
+public class Rc4HmacExpEnc extends Rc4HmacEnc {
+
+ public Rc4HmacExpEnc() {
+ super(true);
+ }
+
+ public EncryptionType eType() {
+ return EncryptionType.ARCFOUR_HMAC_EXP;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
new file mode 100644
index 0000000..2fcca14
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java
@@ -0,0 +1,99 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class AbstractEncryptProvider implements EncryptProvider {
+ private int blockSize;
+ private int keyInputSize;
+ private int keySize;
+
+ public AbstractEncryptProvider(int blockSize, int keyInputSize, int keySize) {
+ this.blockSize = blockSize;
+ this.keyInputSize = keyInputSize;
+ this.keySize = keySize;
+ }
+
+ @Override
+ public int keyInputSize() {
+ return keyInputSize;
+ }
+
+ @Override
+ public int keySize() {
+ return keySize;
+ }
+
+ @Override
+ public int blockSize() {
+ return blockSize;
+ }
+
+ @Override
+ public byte[] initState(byte[] key, int keyUsage) {
+ return new byte[0];
+ }
+
+ @Override
+ public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
+ doEncrypt(data, key, cipherState, true);
+ }
+
+ @Override
+ public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
+ doEncrypt(data, key, cipherState, false);
+ }
+
+ @Override
+ public void encrypt(byte[] key, byte[] data) throws KrbException {
+ byte[] cipherState = new byte[blockSize()];
+ encrypt(key, cipherState, data);
+ }
+
+ @Override
+ public void decrypt(byte[] key, byte[] data) throws KrbException {
+ byte[] cipherState = new byte[blockSize()];
+ decrypt(key, cipherState, data);
+ }
+
+ protected abstract void doEncrypt(byte[] data, byte[] key, byte[] cipherState, boolean encrypt) throws KrbException;
+
+ @Override
+ public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public boolean supportCbcMac() {
+ return false;
+ }
+
+ @Override
+ public void cleanState() {
+
+ }
+
+ @Override
+ public void cleanKey() {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes128Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
new file mode 100644
index 0000000..2e23a99
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes128Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+public class Aes128Provider extends AesProvider {
+
+ public Aes128Provider() {
+ super(16, 16, 16);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes256Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
new file mode 100644
index 0000000..f6eb4d6
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Aes256Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+public class Aes256Provider extends AesProvider {
+
+ public Aes256Provider() {
+ super(16, 32, 32);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AesProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AesProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AesProvider.java
new file mode 100644
index 0000000..004c30e
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/AesProvider.java
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.GeneralSecurityException;
+
+public abstract class AesProvider extends AbstractEncryptProvider {
+
+ public AesProvider(int blockSize, int keyInputSize, int keySize) {
+ super(blockSize, keyInputSize, keySize);
+ }
+
+ @Override
+ protected void doEncrypt(byte[] data, byte[] key,
+ byte[] cipherState, boolean encrypt) throws KrbException {
+ Cipher cipher = null;
+ try {
+ cipher = Cipher.getInstance("AES/CTS/NoPadding");
+ } catch (GeneralSecurityException e) {
+ KrbException ke = new KrbException("JCE provider may not be installed. "
+ + e.getMessage());
+ ke.initCause(e);
+ throw ke;
+ }
+
+ try {
+ SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
+ IvParameterSpec param = new IvParameterSpec(cipherState);
+
+ cipher.init(encrypt ?
+ Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, param);
+ byte[] output = cipher.doFinal(data);
+ System.arraycopy(output, 0, data, 0, output.length);
+ } catch (GeneralSecurityException e) {
+ KrbException ke = new KrbException(e.getMessage());
+ ke.initCause(e);
+ throw ke;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
new file mode 100644
index 0000000..e015dc4
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+public class Camellia128Provider extends CamelliaProvider {
+
+ public Camellia128Provider() {
+ super(16, 16, 16);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
new file mode 100644
index 0000000..8b0eeac
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+public class Camellia256Provider extends CamelliaProvider {
+
+ public Camellia256Provider() {
+ super(16, 32, 32);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
new file mode 100644
index 0000000..d3b69a6
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.crypto.Camellia;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class CamelliaProvider extends AbstractEncryptProvider {
+
+ public CamelliaProvider(int blockSize, int keyInputSize, int keySize) {
+ super(blockSize, keyInputSize, keySize);
+ }
+
+ @Override
+ protected void doEncrypt(byte[] data, byte[] key,
+ byte[] cipherState, boolean encrypt) throws KrbException {
+
+ Camellia cipher = new Camellia();
+ cipher.setKey(encrypt, key);
+ if (encrypt) {
+ cipher.encrypt(data, cipherState);
+ } else {
+ cipher.decrypt(data, cipherState);
+ }
+ }
+
+ @Override
+ public boolean supportCbcMac() {
+ return true;
+ }
+
+ @Override
+ public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) {
+ Camellia cipher = new Camellia();
+ cipher.setKey(true, key);
+
+ int blocksNum = data.length / blockSize();
+ cipher.cbcEnc(data, 0, blocksNum, cipherState);
+ return data;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Des3Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Des3Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Des3Provider.java
new file mode 100644
index 0000000..51a2be5
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Des3Provider.java
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESedeKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import java.security.GeneralSecurityException;
+import java.security.spec.KeySpec;
+
+public class Des3Provider extends AbstractEncryptProvider {
+
+ public Des3Provider() {
+ super(8, 21, 24);
+ }
+
+ @Override
+ protected void doEncrypt(byte[] input, byte[] key,
+ byte[] cipherState, boolean encrypt) throws KrbException {
+
+ Cipher cipher = null;
+ try {
+ cipher = Cipher.getInstance("DESede/CBC/NoPadding");
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("Failed to init cipher", e);
+ }
+
+ try {
+ IvParameterSpec params = new IvParameterSpec(cipherState);
+ KeySpec skSpec = new DESedeKeySpec(key, 0);
+
+ SecretKeyFactory skf = SecretKeyFactory.getInstance("desede");
+ SecretKey secretKey = skf.generateSecret(skSpec);
+
+ cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, params);
+
+ byte[] output = cipher.doFinal(input);
+ System.arraycopy(output, 0, input, 0, output.length);
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("Failed to doEncrypt", e);
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
new file mode 100644
index 0000000..0a03027
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
@@ -0,0 +1,98 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.GeneralSecurityException;
+
+public class DesProvider extends AbstractEncryptProvider {
+
+ public DesProvider() {
+ super(8, 7, 8);
+ }
+
+ @Override
+ protected void doEncrypt(byte[] input, byte[] key,
+ byte[] cipherState, boolean encrypt) throws KrbException {
+
+ Cipher cipher = null;
+ try {
+ cipher = Cipher.getInstance("DES/CBC/NoPadding");
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("Failed to init cipher", e);
+ }
+ IvParameterSpec params = new IvParameterSpec(cipherState);
+ SecretKeySpec skSpec = new SecretKeySpec(key, "DES");
+ try {
+ SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
+ SecretKey sk = (SecretKey) skSpec;
+
+ cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, sk, params);
+
+ byte[] output = cipher.doFinal(input);
+ System.arraycopy(output, 0, input, 0, output.length);
+ } catch (GeneralSecurityException e) {
+ KrbException ke = new KrbException(e.getMessage());
+ ke.initCause(e);
+ throw ke;
+ }
+ }
+
+ @Override
+ public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) throws KrbException {
+ Cipher cipher = null;
+ try {
+ cipher = Cipher.getInstance("DES/CBC/NoPadding");
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("Failed to init cipher", e);
+ }
+ IvParameterSpec params = new IvParameterSpec(cipherState);
+ SecretKeySpec skSpec = new SecretKeySpec(key, "DES");
+
+ byte[] output = null;
+ try {
+ SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
+ // SecretKey sk = skf.generateSecret(skSpec);
+ SecretKey sk = (SecretKey) skSpec;
+ cipher.init(Cipher.ENCRYPT_MODE, sk, params);
+ for (int i = 0; i < data.length / 8; i++) {
+ output = cipher.doFinal(data, i * 8, 8);
+ cipher.init(Cipher.ENCRYPT_MODE, sk, (new IvParameterSpec(output)));
+ }
+ }
+ catch (GeneralSecurityException e) {
+ KrbException ke = new KrbException(e.getMessage());
+ ke.initCause(e);
+ throw ke;
+ }
+ return output;
+ }
+
+ @Override
+ public boolean supportCbcMac() {
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Rc4Provider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
new file mode 100644
index 0000000..b00cf4f
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/Rc4Provider.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.GeneralSecurityException;
+
+public class Rc4Provider extends AbstractEncryptProvider {
+
+ public Rc4Provider() {
+ super(1, 16, 16);
+ }
+
+ @Override
+ protected void doEncrypt(byte[] data, byte[] key,
+ byte[] cipherState, boolean encrypt) throws KrbException {
+ try {
+ Cipher cipher = Cipher.getInstance("ARCFOUR");
+ SecretKeySpec secretKey = new SecretKeySpec(key, "ARCFOUR");
+ cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey);
+ byte[] output = cipher.doFinal(data);
+ System.arraycopy(output, 0, data, 0, output.length);
+ } catch (GeneralSecurityException e) {
+ KrbException ke = new KrbException(e.getMessage());
+ ke.initCause(e);
+ throw ke;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AbstractKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AbstractKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AbstractKeyMaker.java
new file mode 100644
index 0000000..3c2cf9c
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AbstractKeyMaker.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.io.UnsupportedEncodingException;
+
+public abstract class AbstractKeyMaker implements KeyMaker {
+
+ protected static final byte[] KERBEROS_CONSTANT = "kerberos".getBytes();
+
+ private EncryptProvider encProvider;
+
+ public AbstractKeyMaker(EncryptProvider encProvider) {
+ this.encProvider = encProvider;
+ }
+
+ protected EncryptProvider encProvider() {
+ return encProvider;
+ }
+
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ return new byte[0];
+ }
+
+ /**
+ * Visible for test
+ */
+ public static byte[] makePasswdSalt(String password, String salt) {
+ char[] chars = new char[password.length() + salt.length()];
+ System.arraycopy(password.toCharArray(), 0, chars, 0, password.length());
+ System.arraycopy(salt.toCharArray(), 0, chars, password.length(), salt.length());
+
+ try {
+ return new String(chars).getBytes("UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException("Character decoding failed", e);
+ }
+ }
+
+ protected static int getIterCount(byte[] param, int defCount) {
+ int iterCount = defCount;
+
+ if (param != null) {
+ if (param.length != 4) {
+ throw new IllegalArgumentException("Invalid param to str2Key");
+ }
+ iterCount = BytesUtil.bytes2int(param, 0, true);
+ }
+
+ return iterCount;
+ }
+
+ protected static byte[] getSaltBytes(String salt, String pepper)
+ throws UnsupportedEncodingException {
+ byte[] saltBytes = salt.getBytes("UTF-8");
+ if (pepper != null && ! pepper.isEmpty()) {
+ byte[] pepperBytes = pepper.getBytes("UTF-8");
+ int len = saltBytes.length;
+ len += 1 + pepperBytes.length;
+ byte[] results = new byte[len];
+ System.arraycopy(pepperBytes, 0, results, 0, pepperBytes.length);
+ results[pepperBytes.length] = (byte) 0;
+ System.arraycopy(saltBytes, 0,
+ results, pepperBytes.length + 1, saltBytes.length);
+
+ return results;
+ } else {
+ return saltBytes;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
new file mode 100644
index 0000000..8b385da
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.Pbkdf;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.AesProvider;
+
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+
+public class AesKeyMaker extends DkKeyMaker {
+
+ public AesKeyMaker(AesProvider encProvider) {
+ super(encProvider);
+ }
+
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ return randomBits;
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+ int iterCount = getIterCount(param, 4096);
+
+ byte[] saltBytes = null;
+ try {
+ saltBytes = getSaltBytes(salt, null);
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+
+ int keySize = encProvider().keySize();
+ byte[] random = new byte[0];
+ try {
+ random = Pbkdf.PBKDF2(string.toCharArray(), saltBytes, iterCount, keySize);
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("PBKDF2 failed", e);
+ }
+
+ byte[] tmpKey = random2Key(random);
+ byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
+
+ return result;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
new file mode 100644
index 0000000..4feb7c5
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
@@ -0,0 +1,121 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.Cmac;
+import org.apache.kerby.kerberos.kerb.crypto.Pbkdf;
+import org.apache.kerby.kerberos.kerb.crypto.enc.provider.CamelliaProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+
+public class CamelliaKeyMaker extends DkKeyMaker {
+
+ public CamelliaKeyMaker(CamelliaProvider encProvider) {
+ super(encProvider);
+ }
+
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ return randomBits;
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+ int iterCount = getIterCount(param, 32768);
+
+ byte[] saltBytes = null;
+ try {
+ saltBytes = getSaltBytes(salt, getPepper());
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+
+ int keySize = encProvider().keySize();
+ byte[] random = new byte[0];
+ try {
+ random = Pbkdf.PBKDF2(string.toCharArray(), saltBytes, iterCount, keySize);
+ } catch (GeneralSecurityException e) {
+ throw new KrbException("PBKDF2 failed", e);
+ }
+
+ byte[] tmpKey = random2Key(random);
+ byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
+
+ return result;
+ }
+
+ private String getPepper() {
+ int keySize = encProvider().keySize();
+ String pepper = keySize == 16 ? "camellia128-cts-cmac" : "camellia256-cts-cmac";
+ return pepper;
+ }
+
+ /*
+ * NIST SP800-108 KDF in feedback mode (section 5.2).
+ */
+ @Override
+ protected byte[] dr(byte[] key, byte[] constant) throws KrbException {
+
+ int blocksize = encProvider().blockSize();
+ int keyInuptSize = encProvider().keyInputSize();
+ byte[] keyBytes = new byte[keyInuptSize];
+ byte[] Ki;
+
+ int len = 0;
+ // K(i-1): the previous block of PRF output, initially all-zeros.
+ len += blocksize;
+ // four-byte big-endian binary string giving the block counter
+ len += 4;
+ // the fixed derived-key input
+ len += constant.length;
+ // 0x00: separator byte
+ len += 1;
+ // four-byte big-endian binary string giving the output length
+ len += 4;
+
+ Ki = new byte[len];
+ System.arraycopy(constant, 0, Ki, blocksize + 4, constant.length);
+ BytesUtil.int2bytes(keyInuptSize * 8, Ki, len - 4, true);
+
+ int i, n = 0;
+ byte[] tmp;
+ for (i = 1, n = 0; n < keyInuptSize; i++) {
+ // Update the block counter
+ BytesUtil.int2bytes(i, Ki, blocksize, true);
+
+ // Compute a CMAC checksum, update Ki with the result
+ tmp = Cmac.cmac(encProvider(), key, Ki);
+ System.arraycopy(tmp, 0, Ki, 0, blocksize);
+
+ if (n + blocksize >= keyInuptSize) {
+ System.arraycopy(Ki, 0, keyBytes, n, keyInuptSize - n);
+ break;
+ }
+
+ System.arraycopy(Ki, 0, keyBytes, n, blocksize);
+ n += blocksize;
+ }
+
+ return keyBytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
new file mode 100644
index 0000000..06caeb8
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.Des;
+import org.apache.kerby.kerberos.kerb.crypto.Nfold;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+
+public class Des3KeyMaker extends DkKeyMaker {
+
+ public Des3KeyMaker(EncryptProvider encProvider) {
+ super(encProvider);
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+ byte[] utf8Bytes = makePasswdSalt(string, salt);
+ int keyInputSize = encProvider().keyInputSize();
+ byte[] tmpKey = random2Key(Nfold.nfold(utf8Bytes, keyInputSize));
+ return dk(tmpKey, KERBEROS_CONSTANT);
+ }
+
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ if (randomBits.length != encProvider().keyInputSize()) {
+ throw new KrbException("Invalid random bits, not of correct bytes size");
+ }
+ /**
+ * Ref. k5_rand2key_des3 in random_to_key.c in MIT krb5
+ * Take the seven bytes, move them around into the top 7 bits of the
+ * 8 key bytes, then compute the parity bits. Do this three times.
+ */
+ byte[] key = new byte[encProvider().keySize()];
+ int nthByte;
+ int tmp;
+ for (int i = 0; i < 3; i++) {
+ System.arraycopy(randomBits, i * 7, key, i * 8, 7);
+ nthByte = i * 8;
+
+ key[nthByte + 7] = (byte) (((key[nthByte + 0] & 1) << 1) |
+ ((key[nthByte + 1] & 1) << 2) |
+ ((key[nthByte + 2] & 1) << 3) |
+ ((key[nthByte + 3] & 1) << 4) |
+ ((key[nthByte + 4] & 1) << 5) |
+ ((key[nthByte + 5] & 1) << 6) |
+ ((key[nthByte + 6] & 1) << 7));
+
+ for (int j = 0; j < 8; j++) {
+ tmp = key[nthByte + j] & 0xfe;
+ tmp |= (Integer.bitCount(tmp) & 1) ^ 1;
+ key[nthByte + j] = (byte) tmp;
+ }
+ }
+
+ for (int i = 0; i < 3; i++) {
+ Des.fixKey(key, i * 8, 8);
+ }
+
+ return key;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
new file mode 100644
index 0000000..2528b0d
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
@@ -0,0 +1,282 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.BytesUtil;
+import org.apache.kerby.kerberos.kerb.crypto.Des;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+
+public class DesKeyMaker extends AbstractKeyMaker {
+
+ public DesKeyMaker(EncryptProvider encProvider) {
+ super(encProvider);
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+ String error = null;
+ int type = 0;
+
+ if (param != null) {
+ if (param.length != 1) {
+ error = "Invalid param to S2K";
+ }
+ type = param[0];
+ if (type != 0 && type != 1) {
+ error = "Invalid param to S2K";
+ }
+ }
+ if (type == 1) {
+ error = "AFS not supported yet";
+ }
+
+ if (error != null) {
+ throw new KrbException(error);
+ }
+
+ byte[] key = toKey(string, salt);
+ return key;
+ }
+
+ /**
+ mit_des_string_to_key(string,salt) {
+ odd = 1;
+ s = string | salt;
+ tempstring = 0; // 56-bit string
+ pad(s); // with nulls to 8 byte boundary
+ for (8byteblock in s) {
+ 56bitstring = removeMSBits(8byteblock);
+ if (odd == 0) reverse(56bitstring);
+ odd = ! odd;
+ tempstring = tempstring XOR 56bitstring;
+ }
+ tempkey = key_correction(add_parity_bits(tempstring));
+ key = key_correction(DES-CBC-check(s,tempkey));
+ return(key);
+ }
+ */
+ private byte[] toKey(String string, String salt) throws KrbException {
+ byte[] bytes = makePasswdSalt(string, salt);
+ // padded with zero-valued octets to a multiple of eight octets.
+ byte[] paddedBytes = BytesUtil.padding(bytes, 8);
+
+ byte[] fanFoldedKey = fanFold(string, salt, paddedBytes);
+
+ byte[] intermediateKey = intermediateKey(fanFoldedKey);
+
+ byte[] key = desEncryptedKey(intermediateKey, paddedBytes);
+ keyCorrection(key);
+
+ return key;
+ }
+
+ /**
+ * Visible for test
+ */
+ public static byte[] fanFold(String string, String salt, byte[] paddedBytes) {
+ if (paddedBytes == null) {
+ byte[] bytes = makePasswdSalt(string, salt);
+ // padded with zero-valued octets to a multiple of eight octets.
+ paddedBytes = BytesUtil.padding(bytes, 8);
+ }
+
+ int blocksOfbytes8 = paddedBytes.length / 8;
+ boolean odd = true;
+ byte[] bits56 = new byte[8];
+ byte[] tempString = new byte[8];
+ for (int i = 0; i < blocksOfbytes8; ++i) {
+ System.arraycopy(paddedBytes, 8 * i, bits56, 0, 8);
+ removeMSBits(bits56);
+ if (!odd) {
+ reverse(bits56);
+ }
+ odd = !odd;
+ BytesUtil.xor(bits56, 0, tempString);
+ }
+
+ return tempString;
+ }
+
+ /**
+ * Visible for test
+ */
+ public static byte[] intermediateKey(byte[] fanFoldedKey) {
+ byte[] keyBytes = addParityBits(fanFoldedKey);
+ keyCorrection(keyBytes);
+
+ return keyBytes;
+ }
+
+ private byte[] desEncryptedKey(byte[] intermediateKey, byte[] originalBytes) throws KrbException {
+ byte[] resultKey = null;
+ if (encProvider().supportCbcMac()) {
+ resultKey = encProvider().cbcMac(intermediateKey, intermediateKey, originalBytes);
+ } else {
+ throw new KrbException("cbcMac should be supported by the provider: "
+ + encProvider().getClass());
+ }
+
+ keyCorrection(resultKey);
+
+ return resultKey;
+ }
+
+ /**
+ * Note this isn't hit any test yet, and very probably problematic
+ */
+ @Override
+ public byte[] random2Key(byte[] randomBits) throws KrbException {
+ if (randomBits.length != encProvider().keyInputSize()) {
+ throw new KrbException("Invalid random bits, not of correct bytes size");
+ }
+
+ byte[] keyBytes = addParityBits(randomBits);
+ keyCorrection(keyBytes);
+
+ return keyBytes;
+ }
+
+ // Processing an 8bytesblock
+ private static byte[] removeMSBits(byte[] bits56) {
+ /**
+ Treats a 64 bit block as 8 octets and removes the MSB in
+ each octet (in big endian mode) and concatenates the result.
+ E.g., the input octet string:
+ 01110000 01100001 11110011 01110011 11110111 01101111 11110010 01100100
+ =>
+ 1110000 1100001 1110011 1110011 1110111 1101111 1110010 1100100
+ */
+
+ /**
+ * We probably do nothing here, just pretending the MSB bit to be discarded,
+ * and ensure the MSB will not be used in the following processing.
+ */
+
+ return bits56;
+ }
+
+ // Processing an 56bitblock
+ private static void reverse(byte[] bits56) {
+ /**
+ Treats a 56-bit block as a binary string and reverses it.
+ E.g., the input string:
+ 1000001 1010100 1001000 1000101 1001110 1000001 0101110 1001101
+ =>
+ 1000001 0010101 0001001 1010001 0111001 1000001 0101110 1011001
+ =>
+ 1011001 0111010 1000001 0111001 1010001 0001001 0010101 1000001
+ */
+
+ // Reversing in a 7bit
+ int t1, t2;
+ byte bt;
+ for (int i = 0; i < 8; ++i) {
+ bt = bits56[i];
+
+ t1 = (bt >> 6) & 1;
+ t2 = (bt >> 0) & 1;
+ if (t1 != t2) bt ^= (1 << 6 | 1 << 0);
+
+ t1 = (bt >> 5) & 1;
+ t2 = (bt >> 1) & 1;
+ if (t1 != t2) bt ^= (1 << 5 | 1 << 1);
+
+ t1 = (bt >> 4) & 1;
+ t2 = (bt >> 2) & 1;
+ if (t1 != t2) bt ^= (1 << 4 | 1 << 2);
+
+ bits56[i] = bt;
+ }
+
+ // Reversing the 8 7bit
+ bt = bits56[7];
+ bits56[7] = bits56[0];
+ bits56[0] = bt;
+
+ bt = bits56[6];
+ bits56[6] = bits56[1];
+ bits56[1] = bt;
+
+ bt = bits56[5];
+ bits56[5] = bits56[2];
+ bits56[2] = bt;
+
+ bt = bits56[4];
+ bits56[4] = bits56[3];
+ bits56[3] = bt;
+ }
+
+ private static byte[] addParityBits(byte[] bits56) {
+ /**
+ Copies a 56-bit block into a 64-bit block, left shifts
+ content in each octet, and add DES parity bit.
+ E.g., the input string:
+ 1100000 0001111 0011100 0110100 1000101 1100100 0110110 0010111
+ =>
+ 11000001 00011111 00111000 01101000 10001010 11001000 01101101 00101111
+ */
+ byte bt;
+ for (int i = 0; i < 8; i++) {
+ bits56[i] <<= 1;
+ }
+
+ addParity(bits56);
+
+ return bits56;
+ }
+
+ private static void keyCorrection(byte[] key) {
+ addParity(key);
+ Des.fixKey(key, 0, key.length);
+ }
+
+ private static int smask(int step) {
+ return (1 << step) - 1;
+ }
+
+ private static byte pstep(byte x, int step) {
+ return (byte) ((x & smask(step)) ^ ((x >> step) & smask(step)));
+ }
+
+ private static byte parityChar(byte abyte) {
+ //#define smask(step) ((1<<step)-1)
+ //#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
+ //#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
+ return pstep(pstep(pstep(abyte, 4), 2), 1);
+ }
+
+ private static void addParity(byte[] key) {
+ for (int i = 0; i < key.length; ++i) {
+ key[i] &= 0xfe;
+ key[i] |= 1 ^ parityChar(key[i]);
+ }
+ }
+
+ // Returns true if the key has correct des parity
+ private static boolean checkKeyParity(byte[] key) {
+ for (int i = 0; i < key.length; ++i) {
+ if ((key[i] & 1) == parityChar((byte) (key[i] & 0xfe))) {
+ return false;
+ }
+ }
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
new file mode 100644
index 0000000..a1a515d
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.crypto.Nfold;
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+
+public abstract class DkKeyMaker extends AbstractKeyMaker {
+
+ public DkKeyMaker(EncryptProvider encProvider) {
+ super(encProvider);
+ }
+
+ // DK(Key, Constant) = random-to-key(DR(Key, Constant))
+ public byte[] dk(byte[] key, byte[] constant) throws KrbException {
+ return random2Key(dr(key, constant));
+ }
+
+ /*
+ * K1 = E(Key, n-fold(Constant), initial-cipher-state)
+ * K2 = E(Key, K1, initial-cipher-state)
+ * K3 = E(Key, K2, initial-cipher-state)
+ * K4 = ...
+ * DR(Key, Constant) = k-truncate(K1 | K2 | K3 | K4 ...)
+ */
+ protected byte[] dr(byte[] key, byte[] constant) throws KrbException {
+
+ int blocksize = encProvider().blockSize();
+ int keyInuptSize = encProvider().keyInputSize();
+ byte[] keyBytes = new byte[keyInuptSize];
+ byte[] Ki;
+
+ if (constant.length != blocksize) {
+ Ki = Nfold.nfold(constant, blocksize);
+ } else {
+ Ki = new byte[constant.length];
+ System.arraycopy(constant, 0, Ki, 0, constant.length);
+ }
+
+ int n = 0, len;
+ while (n < keyInuptSize) {
+ encProvider().encrypt(key, Ki);
+
+ if (n + blocksize >= keyInuptSize) {
+ System.arraycopy(Ki, 0, keyBytes, n, keyInuptSize - n);
+ break;
+ }
+
+ System.arraycopy(Ki, 0, keyBytes, n, blocksize);
+ n += blocksize;
+ }
+
+ return keyBytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/KeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/KeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/KeyMaker.java
new file mode 100644
index 0000000..8538c14
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/KeyMaker.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public interface KeyMaker {
+
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException;
+
+ public byte[] random2Key(byte[] randomBits) throws KrbException;
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Rc4KeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Rc4KeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Rc4KeyMaker.java
new file mode 100644
index 0000000..85e8ba2
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Rc4KeyMaker.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.key;
+
+import org.apache.kerby.kerberos.kerb.crypto.enc.EncryptProvider;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import sun.security.provider.MD4;
+
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+
+public class Rc4KeyMaker extends AbstractKeyMaker {
+
+ public Rc4KeyMaker(EncryptProvider encProvider) {
+ super(encProvider);
+ }
+
+ @Override
+ public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
+
+ if (param != null && param.length > 0) {
+ throw new RuntimeException("Invalid param to str2Key");
+ }
+
+ try {
+ byte[] passwd = string.getBytes("UTF-16LE"); // to unicode
+ MessageDigest md = MD4.getInstance();
+ md.update(passwd);
+ return md.digest();
+ } catch (UnsupportedEncodingException e) {
+ throw new KrbException("str2key failed", e);
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf b/kerby-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
new file mode 100644
index 0000000..d118dd1
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/resources/kdc-krb5.conf
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = {0}
+ udp_preference_limit = 1
+
+[realms]
+ {0} = '{'
+ kdc = {1}:{2}
+ '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/kerby-kerb/kerb-crypto/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/resources/kdc.ldiff b/kerby-kerb/kerb-crypto/src/main/resources/kdc.ldiff
new file mode 100644
index 0000000..bc989c3
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/resources/kdc.ldiff
@@ -0,0 +1,46 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+dn: ou=users,dc=${0},dc=${1}
+objectClass: organizationalUnit
+objectClass: top
+ou: users
+
+dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: KDC Service
+sn: Service
+uid: krbtgt
+userPassword: secret
+krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
+krb5KeyVersionNumber: 0
+
+dn: uid=ldap,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: LDAP
+sn: Service
+uid: ldap
+userPassword: secret
+krb5PrincipalName: ldap/${4}@${2}.${3}
+krb5KeyVersionNumber: 0