You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/02/03 02:43:04 UTC
svn commit: r151098 - in
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos:
crypto/encryption/EncryptionEngineFactory.java
kdc/AuthenticationService.java kdc/KerberosService.java
kdc/TicketGrantingService.java
Author: erodriguez
Date: Wed Feb 2 17:43:02 2005
New Revision: 151098
URL: http://svn.apache.org/viewcvs?view=rev&rev=151098
Log:
Moved selection of encryption engine to static factory method.
Added:
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/crypto/encryption/EncryptionEngineFactory.java
Modified:
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/crypto/encryption/EncryptionEngineFactory.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/crypto/encryption/EncryptionEngineFactory.java?view=auto&rev=151098
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/crypto/encryption/EncryptionEngineFactory.java (added)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/crypto/encryption/EncryptionEngineFactory.java Wed Feb 2 17:43:02 2005
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.crypto.encryption;
+
+import org.apache.kerberos.kdc.KerberosException;
+import org.apache.kerberos.messages.value.EncryptionKey;
+
+
+public class EncryptionEngineFactory
+{
+ public static EncryptionEngine getEncryptionEngineFor( EncryptionKey key )
+ throws KerberosException
+ {
+ int type = key.getKeyType().getOrdinal();
+
+ switch ( type )
+ {
+ case 0:
+ return new NullEncryption();
+ case 1:
+ return new DesCbcCrcEncryption();
+ case 2:
+ return new DesCbcMd4Encryption();
+ case 3:
+ return new DesCbcMd5Encryption();
+ case 5:
+ return new Des3CbcMd5Encryption();
+ case 7:
+ return new Des3CbcSha1Encryption();
+ }
+
+ throw KerberosException.KDC_ERR_ETYPE_NOSUPP;
+ }
+}
+
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java?view=diff&r1=151097&r2=151098
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java Wed Feb 2 17:43:02 2005
@@ -23,6 +23,7 @@
import org.apache.kerberos.crypto.RandomKey;
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
+import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.io.decoder.EncryptedDataDecoder;
import org.apache.kerberos.io.decoder.EncryptedTimestampDecoder;
import org.apache.kerberos.io.encoder.EncAsRepPartEncoder;
@@ -111,7 +112,7 @@
EncryptedDataDecoder decoder = new EncryptedDataDecoder();
EncryptedData dataValue = decoder.decode( paData[ ii ].getDataValue() );
- EncryptionEngine engine = getEncryptionEngine( clientKey );
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( clientKey );
byte[] decTimestamp = engine.getDecryptedData( clientKey, dataValue );
@@ -258,7 +259,7 @@
{
byte[] plainText = encoder.encode(ticketPart);
- EncryptionEngine engine = getEncryptionEngine(serverKey);
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( serverKey );
encryptedTicketPart = engine.getEncryptedData(serverKey, plainText);
@@ -277,7 +278,7 @@
{
byte[] plainText = encoder.encode(reply);
- EncryptionEngine engine = getEncryptionEngine(clientKey);
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( clientKey );
EncryptedData cipherText = engine.getEncryptedData(clientKey, plainText);
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java?view=diff&r1=151097&r2=151098
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java Wed Feb 2 17:43:02 2005
@@ -14,33 +14,40 @@
* limitations under the License.
*
*/
+
package org.apache.kerberos.kdc;
-import org.apache.kerberos.crypto.checksum.*;
-import org.apache.kerberos.crypto.encryption.DesCbcMd5Encryption;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.kerberos.crypto.checksum.ChecksumType;
+import org.apache.kerberos.crypto.checksum.Crc32Checksum;
+import org.apache.kerberos.crypto.checksum.RsaMd4Checksum;
+import org.apache.kerberos.crypto.checksum.RsaMd5Checksum;
+import org.apache.kerberos.crypto.checksum.Sha1Checksum;
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
+import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.io.decoder.AuthenticatorDecoder;
+import org.apache.kerberos.io.decoder.EncTicketPartDecoder;
+import org.apache.kerberos.kdc.replay.InMemoryReplayCache;
+import org.apache.kerberos.kdc.replay.ReplayCache;
import org.apache.kerberos.kdc.store.PrincipalStore;
import org.apache.kerberos.kdc.store.PrincipalStoreEntry;
-import org.apache.kerberos.kdc.replay.ReplayCache;
-import org.apache.kerberos.kdc.replay.InMemoryReplayCache;
-import org.apache.kerberos.messages.components.Ticket;
+import org.apache.kerberos.messages.ApplicationRequest;
+import org.apache.kerberos.messages.MessageType;
import org.apache.kerberos.messages.components.Authenticator;
import org.apache.kerberos.messages.components.EncTicketPart;
import org.apache.kerberos.messages.components.EncTicketPartModifier;
-import org.apache.kerberos.messages.value.EncryptionKey;
+import org.apache.kerberos.messages.components.Ticket;
import org.apache.kerberos.messages.value.ApOptions;
-import org.apache.kerberos.messages.value.TicketFlags;
+import org.apache.kerberos.messages.value.EncryptionKey;
import org.apache.kerberos.messages.value.KerberosTime;
-import org.apache.kerberos.messages.ApplicationRequest;
-import org.apache.kerberos.messages.MessageType;
-import org.apache.kerberos.io.decoder.EncTicketPartDecoder;
-import org.apache.kerberos.io.decoder.AuthenticatorDecoder;
+import org.apache.kerberos.messages.value.TicketFlags;
-import javax.security.auth.kerberos.KerberosPrincipal;
-import java.util.HashMap;
-import java.util.Map;
-import java.io.IOException;
public class KerberosService
{
@@ -81,21 +88,7 @@
return key;
}
-
- public EncryptionEngine getEncryptionEngine(EncryptionKey key)
- throws KerberosException
- {
- int type = key.getKeyType().getOrdinal();
-
- switch (type)
- {
- case 3:
- return new DesCbcMd5Encryption();
- }
-
- throw KerberosException.KDC_ERR_ETYPE_NOSUPP;
- }
-
+
protected EncryptionType getBestEncryptionType(EncryptionType[] requestedTypes)
throws KerberosException
{
@@ -152,7 +145,7 @@
}
try {
- EncryptionEngine engine = getEncryptionEngine(serverKey);
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( serverKey );
byte[] decTicketPart = engine.getDecryptedData(serverKey, ticket.getEncPart());
@@ -166,7 +159,7 @@
Authenticator authenticator;
try {
- EncryptionEngine engine = getEncryptionEngine(ticket.getSessionKey());
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( ticket.getSessionKey() );
byte[] decAuthenticator = engine.getDecryptedData(ticket.getSessionKey(), authHeader.getEncPart());
AuthenticatorDecoder authDecoder = new AuthenticatorDecoder();
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java?view=diff&r1=151097&r2=151098
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java Wed Feb 2 17:43:02 2005
@@ -16,10 +16,18 @@
*/
package org.apache.kerberos.kdc;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
import org.apache.kerberos.crypto.RandomKey;
import org.apache.kerberos.crypto.checksum.ChecksumEngine;
import org.apache.kerberos.crypto.checksum.RsaMd5Checksum;
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
+import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
import org.apache.kerberos.io.decoder.ApplicationRequestDecoder;
import org.apache.kerberos.io.decoder.AuthorizationDataDecoder;
@@ -34,13 +42,15 @@
import org.apache.kerberos.messages.components.EncTicketPart;
import org.apache.kerberos.messages.components.EncTicketPartModifier;
import org.apache.kerberos.messages.components.Ticket;
-import org.apache.kerberos.messages.value.*;
-
-import javax.security.auth.kerberos.KerberosPrincipal;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
+import org.apache.kerberos.messages.value.AuthorizationData;
+import org.apache.kerberos.messages.value.Checksum;
+import org.apache.kerberos.messages.value.EncryptedData;
+import org.apache.kerberos.messages.value.EncryptionKey;
+import org.apache.kerberos.messages.value.KdcOptions;
+import org.apache.kerberos.messages.value.KerberosTime;
+import org.apache.kerberos.messages.value.LastRequest;
+import org.apache.kerberos.messages.value.PreAuthenticationDataType;
+import org.apache.kerberos.messages.value.TicketFlags;
/**
* RFC 1510 A.6. KRB_TGS_REQ verification and KRB_TGS_REP generation
@@ -351,7 +361,7 @@
if (request.getEncAuthorizationData() != null) {
try {
- EncryptionEngine engine = getEncryptionEngine(authHeader.getSubSessionKey());
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( authHeader.getSubSessionKey() );
byte[] decryptedAuthData = engine.getDecryptedData(authHeader.getSubSessionKey(),
request.getEncAuthorizationData());
@@ -417,7 +427,7 @@
} else {
// encrypt with serverKey
}
- EncryptionEngine engine = getEncryptionEngine(serverKey);
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( serverKey );
return engine.getEncryptedData(serverKey, encodedTicket);
}
@@ -426,7 +436,7 @@
EncTgsRepPartEncoder encoder = new EncTgsRepPartEncoder();
try {
byte[] plainText = encoder.encode(reply);
- EncryptionEngine engine = getEncryptionEngine(key);
+ EncryptionEngine engine = EncryptionEngineFactory.getEncryptionEngineFor( key );
EncryptedData cipherText = engine.getEncryptedData(key, plainText);