You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/03/26 03:01:56 UTC

directory-kerby git commit: WIP: Working on FAST/Preauth

Repository: directory-kerby
Updated Branches:
  refs/heads/master e63715bcf -> e59e24329


WIP: Working on FAST/Preauth


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/e59e2432
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/e59e2432
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/e59e2432

Branch: refs/heads/master
Commit: e59e243299fd6ea8bf79f46b80f975648ddc3ce8
Parents: e63715b
Author: Drankye <dr...@gmail.com>
Authored: Thu Mar 26 10:01:11 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Thu Mar 26 10:01:11 2015 +0800

----------------------------------------------------------------------
 .../kerb/client/request/ArmoredAsRequest.java   |  5 +-
 .../kerberos/kerb/crypto/fast/FastArmor.java    | 45 -------------
 .../kerberos/kerb/crypto/fast/FastUtil.java     | 67 ++++++++++++++++++++
 .../kerb/server/preauth/KdcFastContext.java     |  1 -
 4 files changed, 69 insertions(+), 49 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e59e2432/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredAsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredAsRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredAsRequest.java
index 35e541d..6d19bf6 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredAsRequest.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredAsRequest.java
@@ -24,7 +24,7 @@ import org.apache.kerby.kerberos.kerb.ccache.CredentialCache;
 import org.apache.kerby.kerberos.kerb.client.KOptions;
 import org.apache.kerby.kerberos.kerb.client.KrbContext;
 import org.apache.kerby.kerberos.kerb.client.KrbOption;
-import org.apache.kerby.kerberos.kerb.crypto.fast.FastArmor;
+import org.apache.kerby.kerberos.kerb.crypto.fast.FastUtil;
 import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
 
 import java.io.File;
@@ -57,8 +57,7 @@ public abstract class ArmoredAsRequest extends AsRequest {
     protected EncryptionKey makeArmorKey() throws KrbException {
         EncryptionKey subKey = null;
         EncryptionKey armorCacheKey = getArmorCacheKey();
-        EncryptionKey armorKey = FastArmor.cf2(subKey, "subkeyarmor",
-                armorCacheKey, "ticketarmor");
+        EncryptionKey armorKey = FastUtil.cf2(subKey, "subkeyarmor", armorCacheKey, "ticketarmor");
 
         return armorKey;
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e59e2432/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastArmor.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastArmor.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastArmor.java
deleted file mode 100644
index e2dd724..0000000
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastArmor.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- *  Licensed to the Apache Software Foundation (ASF) under one
- *  or more contributor license agreements.  See the NOTICE file
- *  distributed with this work for additional information
- *  regarding copyright ownership.  The ASF licenses this file
- *  to you under the Apache License, Version 2.0 (the
- *  "License"); you may not use this file except in compliance
- *  with the License.  You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing,
- *  software distributed under the License is distributed on an
- *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *  KIND, either express or implied.  See the License for the
- *  specific language governing permissions and limitations
- *  under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.crypto.fast;
-
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
-
-/**
- * Implementing FAST (RFC6113) armor key related algorithms.
- * Take two keys and two pepper strings as input and return a combined key.
- */
-public class FastArmor {
-
-    /**
-     * Call the PRF function multiple times with the pepper prefixed with
-     * a count byte  to get enough bits of output.
-     */
-    public static byte[] prfPlus(EncryptionKey key, String pepper,
-                                 int keyBytesLen) {
-        // TODO
-        return null;
-    }
-
-    public static EncryptionKey cf2(EncryptionKey key1, String pepper1,
-                                    EncryptionKey key2, String pepper2) {
-        // TODO
-        return null;
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e59e2432/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
new file mode 100644
index 0000000..6b31789
--- /dev/null
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
@@ -0,0 +1,67 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.crypto.fast;
+
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
+
+/**
+ * Implementing FAST (RFC6113) armor key related algorithms.
+ * Take two keys and two pepper strings as input and return a combined key.
+ */
+public class FastUtil {
+
+    /**
+     * Call the PRF function multiple times with the pepper prefixed with
+     * a count byte  to get enough bits of output.
+     */
+    public static byte[] prfPlus(EncryptionKey key, String pepper,
+                                 int keyBytesLen) {
+        // TODO
+        return null;
+    }
+
+    public static EncryptionKey cf2(EncryptionKey key1, String pepper1,
+                                    EncryptionKey key2, String pepper2) {
+        // TODO
+        return null;
+    }
+
+    /**
+     * Make an encryption key for replying.
+     * @param strengthenKey
+     * @param existingKey
+     * @return encryption key
+     */
+    public static EncryptionKey makeReplyKey(EncryptionKey strengthenKey,
+                                      EncryptionKey existingKey) {
+        return cf2(strengthenKey, "strengthenkey", existingKey, "replykey");
+    }
+
+    /**
+     * Make an encryption key for armoring.
+     * @param subkey
+     * @param ticketKey
+     * @return encryption key
+     */
+    public static EncryptionKey makeArmorKey(EncryptionKey subkey,
+                                             EncryptionKey ticketKey) {
+        return cf2(subkey, "subkeyarmor", ticketKey, "ticketarmor");
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e59e2432/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcFastContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcFastContext.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcFastContext.java
index 3b19a05..359f9bd 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcFastContext.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/KdcFastContext.java
@@ -19,7 +19,6 @@
  */
 package org.apache.kerby.kerberos.kerb.server.preauth;
 
-import org.apache.kerby.kerberos.kerb.crypto.fast.FastArmor;
 import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
 import org.apache.kerby.kerberos.kerb.spec.fast.FastOptions;
 import org.apache.kerby.kerberos.kerb.spec.fast.KrbFastArmor;