You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/22 22:48:09 UTC
[30/45] directory-kerberos git commit: DIRKRB-149 New layout
structure with the new name "Apache Kerby"
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
deleted file mode 100644
index e1cd21f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CheckSumTypeHandler.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public interface CheckSumTypeHandler extends CryptoTypeHandler {
-
- public int confounderSize();
-
- public CheckSumType cksumType();
-
- public int computeSize(); // allocation size for checksum computation
-
- public int outputSize(); // possibly truncated output size
-
- public boolean isSafe();
-
- public int cksumSize();
-
- public int keySize();
-
- public byte[] checksum(byte[] data) throws KrbException;
-
- public byte[] checksum(byte[] data, int start, int len) throws KrbException;
-
- public boolean verify(byte[] data, byte[] checksum) throws KrbException;
-
- public boolean verify(byte[] data, int start, int len, byte[] checksum) throws KrbException;
-
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException;
-
- public byte[] checksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException;
-
- public boolean verifyWithKey(byte[] data,
- byte[] key, int usage, byte[] checksum) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
deleted file mode 100644
index cb81b82..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Cmac.java
+++ /dev/null
@@ -1,178 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 cmac.c
- */
-public class Cmac {
-
- private static byte[] constRb = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, (byte) 0x87
- };
-
- public static byte[] cmac(EncryptProvider encProvider, byte[] key,
- byte[] data, int outputSize) throws KrbException {
- return cmac(encProvider, key, data, 0, data.length, outputSize);
- }
-
- public static byte[] cmac(EncryptProvider encProvider, byte[] key, byte[] data,
- int start, int len, int outputSize) throws KrbException {
- byte[] hash = Cmac.cmac(encProvider, key, data, start, len);
- if (hash.length > outputSize) {
- byte[] output = new byte[outputSize];
- System.arraycopy(hash, 0, output, 0, outputSize);
- return output;
- } else {
- return hash;
- }
- }
-
- public static byte[] cmac(EncryptProvider encProvider,
- byte[] key, byte[] data) throws KrbException {
- return cmac(encProvider, key, data, 0, data.length);
- }
-
- public static byte[] cmac(EncryptProvider encProvider,
- byte[] key, byte[] data, int start, int len) throws KrbException {
-
- int blockSize = encProvider.blockSize();
-
- byte[] Y = new byte[blockSize];
- byte[] mLast = new byte[blockSize];
- byte[] padded = new byte[blockSize];
- byte[] K1 = new byte[blockSize];
- byte[] K2 = new byte[blockSize];
-
- // step 1
- makeSubkey(encProvider, key, K1, K2);
-
- // step 2
- int n = (len + blockSize - 1) / blockSize;
-
- // step 3
- boolean lastIsComplete;
- if (n == 0) {
- n = 1;
- lastIsComplete = false;
- } else {
- lastIsComplete = ((len % blockSize) == 0);
- }
-
- // Step 6 (all but last block)
- byte[] cipherState = new byte[blockSize];
- byte[] cipher = new byte[blockSize];
- for (int i = 0; i < n - 1; i++) {
- System.arraycopy(data, i * blockSize, cipher, 0, blockSize);
- encryptBlock(encProvider, key, cipherState, cipher);
- System.arraycopy(cipher, 0, cipherState, 0, blockSize);
- }
-
- // step 5
- System.arraycopy(cipher, 0, Y, 0, blockSize);
-
- // step 4
- int lastPos = (n - 1) * blockSize;
- int lastLen = lastIsComplete ? blockSize : len % blockSize;
- byte[] lastBlock = new byte[lastLen];
- System.arraycopy(data, lastPos, lastBlock, 0, lastLen);
- if (lastIsComplete) {
- BytesUtil.xor(lastBlock, K1, mLast);
- } else {
- padding(lastBlock, padded);
- BytesUtil.xor(padded, K2, mLast);
- }
-
- // Step 6 (last block)
- encryptBlock(encProvider, key, cipherState, mLast);
-
- return mLast;
- }
-
- // Generate subkeys K1 and K2 as described in RFC 4493 figure 2.2.
- private static void makeSubkey(EncryptProvider encProvider,
- byte[] key, byte[] K1, byte[] K2) throws KrbException {
-
- // L := encrypt(K, const_Zero)
- byte[] L = new byte[K1.length];
- Arrays.fill(L, (byte) 0);
- encryptBlock(encProvider, key, null, L);
-
- // K1 := (MSB(L) == 0) ? L << 1 : (L << 1) XOR const_Rb
- if ((L[0] & 0x80) == 0) {
- leftShiftByOne(L, K1);
- } else {
- byte[] tmp = new byte[K1.length];
- leftShiftByOne(L, tmp);
- BytesUtil.xor(tmp, constRb, K1);
- }
-
- // K2 := (MSB(K1) == 0) ? K1 << 1 : (K1 << 1) XOR const_Rb
- if ((K1[0] & 0x80) == 0) {
- leftShiftByOne(K1, K2);
- } else {
- byte[] tmp = new byte[K1.length];
- leftShiftByOne(K1, tmp);
- BytesUtil.xor(tmp, constRb, K2);
- }
- }
-
- private static void encryptBlock(EncryptProvider encProvider,
- byte[] key, byte[] cipherState, byte[] block) throws KrbException {
- if (cipherState == null) {
- cipherState = new byte[encProvider.blockSize()];
- }
- if (encProvider.supportCbcMac()) {
- encProvider.cbcMac(key, cipherState, block);
- } else {
- encProvider.encrypt(key, cipherState, block);
- }
- }
-
- private static void leftShiftByOne(byte[] input, byte[] output) {
- byte overflow = 0;
-
- for (int i = input.length - 1; i >= 0; i--) {
- output[i] = (byte) (input[i] << 1);
- output[i] |= overflow;
- overflow = (byte) ((input[i] & 0x80) != 0 ? 1 : 0);
- }
- }
-
- // Padding out data with a 1 bit followed by 0 bits, placing the result in pad
- private static void padding(byte[] data, byte[] padded) {
- int len = data.length;
-
- // original last block
- System.arraycopy(data, 0, padded, 0, len);
-
- padded[len] = (byte) 0x80;
-
- for (int i = len + 1; i < padded.length; i++) {
- padded[i] = 0x00;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
deleted file mode 100644
index 5060c2c..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Confounder.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public final class Confounder {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static byte[] makeBytes(int size) {
- byte[] data = new byte[size];
- srand.nextBytes(data);
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
deleted file mode 100644
index 5b934f0..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Crc32.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Reference: http://introcs.cs.princeton.edu/java/51data/CRC32.java
- */
-public class Crc32 {
-
- private static long[] table = {
- 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3,
- 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91,
- 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
- 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5,
- 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
- 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
- 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f,
- 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,
- 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
- 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
- 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457,
- 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
- 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb,
- 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9,
- 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
- 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad,
- 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683,
- 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
- 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7,
- 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
- 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
- 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79,
- 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f,
- 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
- 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
- 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21,
- 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
- 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45,
- 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db,
- 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
- 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
- 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d,
- };
-
- public static byte[] crc(byte[] data, int start, int size) {
- long c = crc(0, data, start, size);
- return BytesUtil.int2bytes((int) c, false);
- }
-
- public static long crc(long initial, byte[] data, int start, int len) {
- long c = initial;
-
- int idx;
- for (int i = 0; i < len; i++) {
- idx = (int) ((data[start + i] ^ c) & 0xff);
- c = ((c & 0xffffffffL) >>> 8) ^ table[idx]; // why?
- }
-
- return c;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
deleted file mode 100644
index d449d2d..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/CryptoTypeHandler.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-
-public interface CryptoTypeHandler {
-
- public String name();
-
- public String displayName();
-
- public EncryptProvider encProvider();
-
- public HashProvider hashProvider();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
deleted file mode 100644
index c94814f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Des.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 weak_key.c
- */
-public class Des {
-
- /*
- * The following are the weak DES keys:
- */
- static byte[][] WEAK_KEYS = {
- /* weak keys */
- {(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01,(byte) 0x01},
- {(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe,(byte) 0xfe},
- {(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x1f,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e,(byte) 0x0e},
- {(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xe0,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1,(byte) 0xf1},
-
- /* semi-weak */
- {(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01,(byte) 0xfe,(byte) 0x01},
-
- {(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1},
- {(byte) 0xe0,(byte) 0x1f,(byte) 0xe0,(byte) 0x1f,(byte) 0xf1,(byte) 0x0e,(byte) 0xf1,(byte) 0x0e},
-
- {(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1},
- {(byte) 0xe0,(byte) 0x01,(byte) 0xe0,(byte) 0x01,(byte) 0xf1,(byte) 0x01,(byte) 0xf1,(byte) 0x01},
-
- {(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x1f,(byte) 0xfe,(byte) 0x0e,(byte) 0xfe,(byte) 0x0e},
-
- {(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e},
- {(byte) 0x1f,(byte) 0x01,(byte) 0x1f,(byte) 0x01,(byte) 0x0e,(byte) 0x01,(byte) 0x0e,(byte) 0x01},
-
- {(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe},
- {(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xe0,(byte) 0xfe,(byte) 0xf1,(byte) 0xfe,(byte) 0xf1}
- };
-
- public static boolean isWeakKey(byte[] key, int offset, int len) {
- boolean match;
- for (byte[] weakKey : WEAK_KEYS) {
- match = true;
- if (weakKey.length == len) {
- for (int i = 0; i < len; i++) {
- if (weakKey[i] != key[i]) {
- match = false;
- break;
- }
- }
- }
- if (match) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * MIT krb5 FIXUP(k) in s2k_des.c
- */
- public static void fixKey(byte[] key, int offset, int len) {
- if (isWeakKey(key, offset, len)) {
- key[offset + 7] ^= (byte) 0xf0;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
deleted file mode 100644
index c52d17e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncTypeHandler.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-import org.apache.kerberos.kerb.spec.common.EncryptionType;
-
-public interface EncTypeHandler extends CryptoTypeHandler {
-
- public EncryptionType eType();
-
- public int keyInputSize();
-
- public int keySize();
-
- public int confounderSize();
-
- public int checksumSize();
-
- public int paddingSize();
-
- public byte[] str2key(String string,
- String salt, byte[] param) throws KrbException;
-
- public byte[] random2Key(byte[] randomBits) throws KrbException;
-
- public CheckSumType checksumType();
-
- public byte[] encrypt(byte[] data, byte[] key, int usage)
- throws KrbException;
-
- public byte[] encrypt(byte[] data, byte[] key, byte[] ivec,
- int usage) throws KrbException;
-
- public byte[] decrypt(byte[] cipher, byte[] key, int usage)
- throws KrbException;
-
- public byte[] decrypt(byte[] cipher, byte[] key, byte[] ivec,
- int usage) throws KrbException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
deleted file mode 100644
index 2d1d64e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.KrbErrorCode;
-import org.apache.kerberos.kerb.crypto.enc.*;
-import org.apache.kerberos.kerb.KrbException;
-import org.apache.kerberos.kerb.spec.common.*;
-
-public class EncryptionHandler {
-
- public static EncryptionType getEncryptionType(String eType) throws KrbException {
- EncryptionType result = EncryptionType.fromName(eType);
- return result;
- }
-
- public static EncTypeHandler getEncHandler(String eType) throws KrbException {
- EncryptionType result = EncryptionType.fromName(eType);
- return getEncHandler(result);
- }
-
- public static EncTypeHandler getEncHandler(int eType) throws KrbException {
- EncryptionType eTypeEnum = EncryptionType.fromValue(eType);
- return getEncHandler(eTypeEnum);
- }
-
- public static EncTypeHandler getEncHandler(EncryptionType eType) throws KrbException {
- return getEncHandler(eType, false);
- }
-
- private static EncTypeHandler getEncHandler(EncryptionType eType, boolean check) throws KrbException {
- EncTypeHandler encHandler = null;
-
- switch (eType) {
- case DES_CBC_CRC:
- encHandler = new DesCbcCrcEnc();
- break;
-
- case DES_CBC_MD5:
- case DES:
- encHandler = new DesCbcMd5Enc();
- break;
-
- case DES_CBC_MD4:
- encHandler = new DesCbcMd4Enc();
- break;
-
- case DES3_CBC_SHA1:
- case DES3_CBC_SHA1_KD:
- case DES3_HMAC_SHA1:
- encHandler = new Des3CbcSha1Enc();
- break;
-
- case AES128_CTS_HMAC_SHA1_96:
- case AES128_CTS:
- encHandler = new Aes128CtsHmacSha1Enc();
- break;
-
- case AES256_CTS_HMAC_SHA1_96:
- case AES256_CTS:
- encHandler = new Aes256CtsHmacSha1Enc();
- break;
-
- case CAMELLIA128_CTS_CMAC:
- case CAMELLIA128_CTS:
- encHandler = new Camellia128CtsCmacEnc();
- break;
-
- case CAMELLIA256_CTS_CMAC:
- case CAMELLIA256_CTS:
- encHandler = new Camellia256CtsCmacEnc();
- break;
-
- case RC4_HMAC:
- case ARCFOUR_HMAC:
- case ARCFOUR_HMAC_MD5:
- encHandler = new Rc4HmacEnc();
- break;
-
- case RC4_HMAC_EXP:
- case ARCFOUR_HMAC_EXP:
- case ARCFOUR_HMAC_MD5_EXP:
- encHandler = new Rc4HmacExpEnc();
- break;
-
- case NONE:
- default:
- break;
- }
-
- if (encHandler == null && ! check) {
- String message = "Unsupported encryption type: " + eType.name();
- throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP, message);
- }
-
- return encHandler;
- }
-
- public static EncryptedData encrypt(byte[] plainText, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
- byte[] cipher = handler.encrypt(plainText, key.getKeyData(), usage.getValue());
-
- EncryptedData ed = new EncryptedData();
- ed.setCipher(cipher);
- ed.setEType(key.getKeyType());
- ed.setKvno(key.getKvno());
-
- return ed;
- }
-
- public static byte[] decrypt(byte[] data, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
-
- byte[] plainData = handler.decrypt(data, key.getKeyData(), usage.getValue());
- return plainData;
- }
-
- public static byte[] decrypt(EncryptedData data, EncryptionKey key, KeyUsage usage) throws KrbException {
- EncTypeHandler handler = getEncHandler(key.getKeyType());
-
- byte[] plainData = handler.decrypt(data.getCipher(), key.getKeyData(), usage.getValue());
- return plainData;
- }
-
- public static boolean isImplemented(EncryptionType eType) {
- EncTypeHandler handler = null;
- try {
- handler = getEncHandler(eType, true);
- } catch (KrbException e) {
- return false;
- }
- return handler != null;
- }
-
- public static EncryptionKey string2Key(String principalName,
- String passPhrase, EncryptionType eType) throws KrbException {
- PrincipalName principal = new PrincipalName(principalName);
- return string2Key(passPhrase,
- PrincipalName.makeSalt(principal), null, eType);
- }
-
- public static EncryptionKey string2Key(String string, String salt,
- byte[] s2kparams, EncryptionType eType) throws KrbException {
- EncTypeHandler handler = getEncHandler(eType);
- byte[] keyBytes = handler.str2key(string, salt, s2kparams);
- return new EncryptionKey(eType, keyBytes);
- }
-
- public static EncryptionKey random2Key(EncryptionType eType) throws KrbException {
- EncTypeHandler handler = getEncHandler(eType);
-
- byte[] randomBytes = Random.makeBytes(handler.keyInputSize());
- byte[] keyBytes = handler.random2Key(randomBytes);
- EncryptionKey encKey = new EncryptionKey(eType, keyBytes);
- return encKey;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
deleted file mode 100644
index 0117e9f..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Hmac.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import org.apache.kerberos.kerb.crypto.cksum.HashProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 hmac.c
- */
-public class Hmac {
-
- public static byte[] hmac(HashProvider hashProvider, byte[] key,
- byte[] data, int outputSize) throws KrbException {
- return hmac(hashProvider, key, data, 0, data.length, outputSize);
- }
-
- public static byte[] hmac(HashProvider hashProvider, byte[] key, byte[] data,
- int start, int len, int outputSize) throws KrbException {
- byte[] hash = Hmac.hmac(hashProvider, key, data, start, len);
-
- byte[] output = new byte[outputSize];
- System.arraycopy(hash, 0, output, 0, outputSize);
- return output;
- }
-
- public static byte[] hmac(HashProvider hashProvider,
- byte[] key, byte[] data) throws KrbException {
- return hmac(hashProvider, key, data, 0, data.length);
- }
-
- public static byte[] hmac(HashProvider hashProvider,
- byte[] key, byte[] data, int start, int len) throws KrbException {
-
- int blockLen = hashProvider.blockSize();
- byte[] innerPaddedKey = new byte[blockLen];
- byte[] outerPaddedKey = new byte[blockLen];
-
- // Create the inner padded key
- Arrays.fill(innerPaddedKey, (byte)0x36);
- for (int i = 0; i < key.length; i++) {
- innerPaddedKey[i] ^= key[i];
- }
-
- // Create the outer padded key
- Arrays.fill(outerPaddedKey, (byte)0x5c);
- for (int i = 0; i < key.length; i++) {
- outerPaddedKey[i] ^= key[i];
- }
-
- hashProvider.hash(innerPaddedKey);
-
- hashProvider.hash(data, start, len);
-
- byte[] tmp = hashProvider.output();
-
- hashProvider.hash(outerPaddedKey);
- hashProvider.hash(tmp);
-
- tmp = hashProvider.output();
- return tmp;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
deleted file mode 100644
index 8534c39..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Md4.java
+++ /dev/null
@@ -1,339 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.DigestException;
-import java.security.MessageDigest;
-import java.security.MessageDigestSpi;
-
-/**
- * MD4.java - An implementation of Ron Rivest's MD4 message digest algorithm.
- * The MD4 algorithm is designed to be quite fast on 32-bit machines. In
- * addition, the MD4 algorithm does not require any large substitution
- * tables.
- *
- * @see The <a href="http://www.ietf.org/rfc/rfc1320.txt">MD4</a> Message-
- * Digest Algorithm by R. Rivest.
- *
- * @author <a href="http://mina.apache.org">Apache MINA Project</a>
- * @since MINA 2.0.0-M3
- */
-
-/**
- * Copied from Mina project and modified a bit
- */
-public class Md4 extends MessageDigest {
-
- /**
- * The MD4 algorithm message digest length is 16 bytes wide.
- */
- public static final int BYTE_DIGEST_LENGTH = 16;
-
- /**
- * The MD4 algorithm block length is 64 bytes wide.
- */
- public static final int BYTE_BLOCK_LENGTH = 64;
-
- /**
- * The initial values of the four registers. RFC gives the values
- * in LE so we converted it as JAVA uses BE endianness.
- */
- private final static int A = 0x67452301;
-
- private final static int B = 0xefcdab89;
-
- private final static int C = 0x98badcfe;
-
- private final static int D = 0x10325476;
-
- /**
- * The four registers initialized with the above IVs.
- */
- private int a = A;
-
- private int b = B;
-
- private int c = C;
-
- private int d = D;
-
- /**
- * Counts the total length of the data being digested.
- */
- private long msgLength;
-
- /**
- * The internal buffer is {@link BLOCK_LENGTH} wide.
- */
- private final byte[] buffer = new byte[BYTE_BLOCK_LENGTH];
-
- /**
- * Default constructor.
- */
- public Md4() {
- super("MD4");
- engineReset();
- }
-
- /**
- * Returns the digest length in bytes.
- *
- * @return the digest length in bytes.
- */
- protected int engineGetDigestLength() {
- return BYTE_DIGEST_LENGTH;
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineUpdate(byte b) {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- buffer[pos] = b;
- msgLength++;
-
- // If buffer contains enough data then process it.
- if (pos == (BYTE_BLOCK_LENGTH - 1)) {
- process(buffer, 0);
- }
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineUpdate(byte[] b, int offset, int len) {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- int nbOfCharsToFillBuf = BYTE_BLOCK_LENGTH - pos;
- int blkStart = 0;
-
- msgLength += len;
-
- // Process each full block
- if (len >= nbOfCharsToFillBuf) {
- System.arraycopy(b, offset, buffer, pos, nbOfCharsToFillBuf);
- process(buffer, 0);
- for (blkStart = nbOfCharsToFillBuf; blkStart + BYTE_BLOCK_LENGTH - 1 < len; blkStart += BYTE_BLOCK_LENGTH) {
- process(b, offset + blkStart);
- }
- pos = 0;
- }
-
- // Fill buffer with the remaining data
- if (blkStart < len) {
- System.arraycopy(b, offset + blkStart, buffer, pos, len - blkStart);
- }
- }
-
- /**
- * {@inheritDoc}
- */
- protected byte[] engineDigest() {
- byte[] p = pad();
- engineUpdate(p, 0, p.length);
- byte[] digest = { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16), (byte) (a >>> 24), (byte) b, (byte) (b >>> 8),
- (byte) (b >>> 16), (byte) (b >>> 24), (byte) c, (byte) (c >>> 8), (byte) (c >>> 16), (byte) (c >>> 24),
- (byte) d, (byte) (d >>> 8), (byte) (d >>> 16), (byte) (d >>> 24) };
-
- engineReset();
-
- return digest;
- }
-
- /**
- * {@inheritDoc}
- */
- protected int engineDigest(byte[] buf, int offset, int len) throws DigestException {
- if (offset < 0 || offset + len >= buf.length) {
- throw new DigestException("Wrong offset or not enough space to store the digest");
- }
- int destLength = Math.min(len, BYTE_DIGEST_LENGTH);
- System.arraycopy(engineDigest(), 0, buf, offset, destLength);
- return destLength;
- }
-
- /**
- * {@inheritDoc}
- */
- protected void engineReset() {
- a = A;
- b = B;
- c = C;
- d = D;
- msgLength = 0;
- }
-
- /**
- * Pads the buffer by appending the byte 0x80, then append as many zero
- * bytes as necessary to make the buffer length a multiple of 64 bytes.
- * The last 8 bytes will be filled with the length of the buffer in bits.
- * If there's no room to store the length in bits in the block i.e the block
- * is larger than 56 bytes then an additionnal 64-bytes block is appended.
- *
- * @see sections 3.1 & 3.2 of the RFC 1320.
- *
- * @return the pad byte array
- */
- private byte[] pad() {
- int pos = (int) (msgLength % BYTE_BLOCK_LENGTH);
- int padLength = (pos < 56) ? (64 - pos) : (128 - pos);
- byte[] pad = new byte[padLength];
-
- // First bit of the padding set to 1
- pad[0] = (byte) 0x80;
-
- long bits = msgLength << 3;
- int index = padLength - 8;
- for (int i = 0; i < 8; i++) {
- pad[index++] = (byte) (bits >>> (i << 3));
- }
-
- return pad;
- }
-
- /**
- * Process one 64-byte block. Algorithm is constituted by three rounds.
- * Note that F, G and H functions were inlined for improved performance.
- *
- * @param in the byte array to process
- * @param offset the offset at which the 64-byte block is stored
- */
- private void process(byte[] in, int offset) {
- // Save previous state.
- int aa = a;
- int bb = b;
- int cc = c;
- int dd = d;
-
- // Copy the block to process into X array
- int[] X = new int[16];
- for (int i = 0; i < 16; i++) {
- X[i] = (in[offset++] & 0xff) | (in[offset++] & 0xff) << 8 | (in[offset++] & 0xff) << 16
- | (in[offset++] & 0xff) << 24;
- }
-
- // Round 1
- a += ((b & c) | (~b & d)) + X[0];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[1];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[2];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[3];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[4];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[5];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[6];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[7];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[8];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[9];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[10];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[11];
- b = b << 19 | b >>> (32 - 19);
- a += ((b & c) | (~b & d)) + X[12];
- a = a << 3 | a >>> (32 - 3);
- d += ((a & b) | (~a & c)) + X[13];
- d = d << 7 | d >>> (32 - 7);
- c += ((d & a) | (~d & b)) + X[14];
- c = c << 11 | c >>> (32 - 11);
- b += ((c & d) | (~c & a)) + X[15];
- b = b << 19 | b >>> (32 - 19);
-
- // Round 2
- a += ((b & (c | d)) | (c & d)) + X[0] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[4] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[8] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[12] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[1] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[5] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[9] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[13] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[2] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[6] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[10] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[14] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
- a += ((b & (c | d)) | (c & d)) + X[3] + 0x5a827999;
- a = a << 3 | a >>> (32 - 3);
- d += ((a & (b | c)) | (b & c)) + X[7] + 0x5a827999;
- d = d << 5 | d >>> (32 - 5);
- c += ((d & (a | b)) | (a & b)) + X[11] + 0x5a827999;
- c = c << 9 | c >>> (32 - 9);
- b += ((c & (d | a)) | (d & a)) + X[15] + 0x5a827999;
- b = b << 13 | b >>> (32 - 13);
-
- // Round 3
- a += (b ^ c ^ d) + X[0] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[8] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[4] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[12] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[2] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[10] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[6] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[14] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[1] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[9] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[5] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[13] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
- a += (b ^ c ^ d) + X[3] + 0x6ed9eba1;
- a = a << 3 | a >>> (32 - 3);
- d += (a ^ b ^ c) + X[11] + 0x6ed9eba1;
- d = d << 9 | d >>> (32 - 9);
- c += (d ^ a ^ b) + X[7] + 0x6ed9eba1;
- c = c << 11 | c >>> (32 - 11);
- b += (c ^ d ^ a) + X[15] + 0x6ed9eba1;
- b = b << 15 | b >>> (32 - 15);
-
- //Update state.
- a += aa;
- b += bb;
- c += cc;
- d += dd;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
deleted file mode 100644
index c53f32e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nfold.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.util.Arrays;
-
-/**
- * Based on MIT krb5 nfold.c
- */
-
-/*
- * n-fold(k-bits):
- * l = lcm(n,k)
- * r = l/k
- * s = k-bits | k-bits rot 13 | k-bits rot 13*2 | ... | k-bits rot 13*(r-1)
- * compute the 1's complement sum:
- * n-fold = s[0..n-1]+s[n..2n-1]+s[2n..3n-1]+..+s[(k-1)*n..k*n-1]
- */
-public class Nfold {
-
- /**
- * representation: msb first, assume n and k are multiples of 8, and
- * that k>=16. this is the case of all the cryptosystems which are
- * likely to be used. this function can be replaced if that
- * assumption ever fails.
- */
- public static byte[] nfold(byte[] inBytes, int size) {
- int inBytesNum = inBytes.length; // count inBytes byte
- int outBytesNum = size; // count inBytes byte
-
- int a, b, c, lcm;
- a = outBytesNum;
- b = inBytesNum;
-
- while (b != 0) {
- c = b;
- b = a % b;
- a = c;
- }
- lcm = (outBytesNum * inBytesNum) / a;
-
- byte[] outBytes = new byte[outBytesNum];
- Arrays.fill(outBytes, (byte)0);
-
- int tmpByte = 0;
- int msbit, i, tmp;
-
- for (i = lcm-1; i >= 0; i--) {
- // first, start with the msbit inBytes the first, unrotated byte
- tmp = ((inBytesNum<<3)-1);
- // then, for each byte, shift to the right for each repetition
- tmp += (((inBytesNum<<3)+13)*(i/inBytesNum));
- // last, pick outBytes the correct byte within that shifted repetition
- tmp += ((inBytesNum-(i%inBytesNum)) << 3);
-
- msbit = tmp % (inBytesNum << 3);
-
- // pull outBytes the byte value itself
- tmp = ((((inBytes[((inBytesNum - 1)-(msbit >>> 3)) % inBytesNum] & 0xff) << 8) |
- (inBytes[((inBytesNum) - (msbit >>> 3)) % inBytesNum] & 0xff))
- >>>((msbit & 7)+1)) & 0xff;
-
- tmpByte += tmp;
- tmp = (outBytes[i % outBytesNum] & 0xff);
- tmpByte += tmp;
-
- outBytes[i % outBytesNum] = (byte) (tmpByte & 0xff);
-
- tmpByte >>>= 8;
- }
-
- // if there's a carry bit left over, add it back inBytes
- if (tmpByte != 0) {
- for (i = outBytesNum-1; i >= 0; i--) {
- // do the addition
- tmpByte += (outBytes[i] & 0xff);
- outBytes[i] = (byte) (tmpByte & 0xff);
-
- tmpByte >>>= 8;
- }
- }
-
- return outBytes;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
deleted file mode 100644
index 638a852..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Nonce.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public class Nonce {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static synchronized int value() {
- int value = srand.nextInt();
- return value & 0x7fffffff;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
deleted file mode 100644
index b447123..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Pbkdf.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import java.security.GeneralSecurityException;
-
-public class Pbkdf {
-
- public static byte[] PBKDF2(char[] secret, byte[] salt,
- int count, int keySize) throws GeneralSecurityException {
-
- PBEKeySpec ks = new PBEKeySpec(secret, salt, count, keySize * 8);
- SecretKeyFactory skf =
- SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
- SecretKey key = skf.generateSecret(ks);
- byte[] result = key.getEncoded();
-
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
deleted file mode 100644
index 6839fc8..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Random.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-import java.security.SecureRandom;
-
-public final class Random {
-
- private static SecureRandom srand = new SecureRandom();
-
- public static byte[] makeBytes(int size) {
- byte[] data = new byte[size];
- srand.nextBytes(data);
- return data;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
deleted file mode 100644
index 6b2a502..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/Rc4.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto;
-
-/**
- * Based on MIT krb5 enc_rc4.c
- */
-public class Rc4 {
-
- private static byte[] L40 = "fortybits".getBytes();
-
- public static byte[] getSalt(int usage, boolean exportable) {
- int newUsage = convertUsage(usage);
- byte[] salt;
-
- if (exportable) {
- salt = new byte[14];
- System.arraycopy(L40, 0, salt, 0, 9);
- BytesUtil.int2bytes(newUsage, salt, 10, false);
- } else {
- salt = new byte[4];
- BytesUtil.int2bytes(newUsage, salt, 0, false);
- }
-
- return salt;
- }
-
- private static int convertUsage(int usage) {
- switch (usage) {
- case 1: return 1; /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, */
- case 2: return 2; /* ticket from kdc */
- case 3: return 8; /* as-rep encrypted part */
- case 4: return 4; /* tgs-req authz data */
- case 5: return 5; /* tgs-req authz data in subkey */
- case 6: return 6; /* tgs-req authenticator cksum */
- case 7: return 7; /* tgs-req authenticator */
- case 8: return 8;
- case 9: return 9; /* tgs-rep encrypted with subkey */
- case 10: return 10; /* ap-rep authentication cksum (never used by MS) */
- case 11: return 11; /* app-req authenticator */
- case 12: return 12; /* app-rep encrypted part */
- case 23: return 13; /* sign wrap token*/
- default: return usage;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
deleted file mode 100644
index 8515f95..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractCheckSumTypeHandler.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.AbstractCryptoTypeHandler;
-import org.apache.kerberos.kerb.crypto.CheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractCheckSumTypeHandler
- extends AbstractCryptoTypeHandler implements CheckSumTypeHandler {
-
- private int computeSize;
- private int outputSize;
-
- public AbstractCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(encProvider, hashProvider);
- this.computeSize = computeSize;
- this.outputSize = outputSize;
- }
-
- @Override
- public String name() {
- return cksumType().getName();
- }
-
- @Override
- public String displayName() {
- return cksumType().getDisplayName();
- }
-
- @Override
- public int computeSize() {
- return computeSize;
- }
-
- @Override
- public int outputSize() {
- return outputSize;
- }
-
- public boolean isSafe() {
- return false;
- }
-
- public int cksumSize() {
- return 4;
- }
-
- public int keySize() {
- return 0;
- }
-
- public int confounderSize() {
- return 0;
- }
-
- @Override
- public byte[] checksum(byte[] data) throws KrbException {
- return checksum(data, 0, data.length);
- }
-
- @Override
- public byte[] checksum(byte[] data, int start, int size) throws KrbException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public boolean verify(byte[] data, byte[] checksum) throws KrbException {
- return verify(data, 0, data.length, checksum);
- }
-
- @Override
- public boolean verify(byte[] data, int start, int size, byte[] checksum) throws KrbException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException {
- return checksumWithKey(data, 0, data.length, key, usage);
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data, int start, int size,
- byte[] key, int usage) throws KrbException {
- throw new UnsupportedOperationException();
- }
- @Override
- public boolean verifyWithKey(byte[] data,
- byte[] key, int usage, byte[] checksum) throws KrbException {
- throw new UnsupportedOperationException();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
deleted file mode 100644
index 24f3157..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/AbstractKeyedCheckSumTypeHandler.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.crypto.key.KeyMaker;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class AbstractKeyedCheckSumTypeHandler extends AbstractCheckSumTypeHandler {
-
- private KeyMaker keyMaker;
-
- public AbstractKeyedCheckSumTypeHandler(EncryptProvider encProvider, HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(encProvider, hashProvider, computeSize, outputSize);
- }
-
- protected void keyMaker(KeyMaker keyMaker) {
- this.keyMaker = keyMaker;
- }
-
- protected KeyMaker keyMaker() {
- return keyMaker;
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data,
- byte[] key, int usage) throws KrbException {
- return checksumWithKey(data, 0, data.length, key, usage);
- }
-
- @Override
- public byte[] checksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- int outputSize = outputSize();
-
- byte[] tmp = doChecksumWithKey(data, start, len, key, usage);
- if (outputSize < tmp.length) {
- byte[] output = new byte[outputSize];
- System.arraycopy(tmp, 0, output, 0, outputSize);
- return output;
- } else {
- return tmp;
- }
- }
-
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- return new byte[0];
- }
-
- @Override
- public boolean verifyWithKey(byte[] data, byte[] key,
- int usage, byte[] checksum) throws KrbException {
- byte[] newCksum = checksumWithKey(data, key, usage);
- return checksumEqual(checksum, newCksum);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
deleted file mode 100644
index 1a985f5..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia128CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class CmacCamellia128CheckSum extends CmacKcCheckSum {
-
- public CmacCamellia128CheckSum() {
- super(new Camellia128Provider(), 16, 16);
-
- keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CMAC_CAMELLIA128;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
deleted file mode 100644
index 1eb5bed..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacCamellia256CheckSum.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.enc.provider.Camellia256Provider;
-import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class CmacCamellia256CheckSum extends CmacKcCheckSum {
-
- public CmacCamellia256CheckSum() {
- super(new Camellia256Provider(), 16, 16);
-
- keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider()));
- }
-
- public int confounderSize() {
- return 16;
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CMAC_CAMELLIA256;
- }
-
- public boolean isSafe() {
- return true;
- }
-
- public int cksumSize() {
- return 16; // bytes
- }
-
- public int keySize() {
- return 16; // bytes
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
deleted file mode 100644
index 469d677..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Cmac;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class CmacKcCheckSum extends KcCheckSum {
-
- public CmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
- super(encProvider, null, computeSize, outputSize);
- }
-
- protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] mac = Cmac.cmac(encProvider(), Kc, data, start, len);
- return mac;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
deleted file mode 100644
index f048d00..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/ConfounderedDesCheckSum.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Confounder;
-import org.apache.kerberos.kerb.crypto.enc.provider.DesProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-import javax.crypto.spec.DESKeySpec;
-import java.security.InvalidKeyException;
-
-public abstract class ConfounderedDesCheckSum extends AbstractKeyedCheckSumTypeHandler {
-
- public ConfounderedDesCheckSum(HashProvider hashProvider,
- int computeSize, int outputSize) {
- super(new DesProvider(), hashProvider, computeSize, outputSize);
- }
-
- @Override
- protected byte[] doChecksumWithKey(byte[] data, int start, int len,
- byte[] key, int usage) throws KrbException {
- int computeSize = computeSize();
- int blockSize = encProvider().blockSize();
- int hashSize = hashProvider().hashSize();
-
- byte[] workBuffer = new byte[computeSize];
-
- // confounder
- byte[] conf = Confounder.makeBytes(blockSize);
-
- // confounder | data
- byte[] toHash = new byte[blockSize + len];
- System.arraycopy(conf, 0, toHash, 0, blockSize);
- System.arraycopy(data, start, toHash, blockSize, len);
-
- HashProvider hashProvider = hashProvider();
- hashProvider.hash(toHash);
- byte[] hash = hashProvider.output();
-
- // confounder | hash
- System.arraycopy(conf, 0, workBuffer, 0, blockSize);
- System.arraycopy(hash, 0, workBuffer, blockSize, hashSize);
-
- // key
- byte[] newKey = deriveKey(key);
-
- encProvider().encrypt(newKey, workBuffer);
- return workBuffer;
- }
-
- protected byte[] deriveKey(byte[] key) {
- return fixKey(xorKey(key));
- }
-
- protected byte[] xorKey(byte[] key) {
- byte[] xorKey = new byte[encProvider().keySize()];
- System.arraycopy(key, 0, xorKey, 0, key.length);
- for (int i = 0; i < xorKey.length; i++) {
- xorKey[i] = (byte) (xorKey[i] ^ 0xf0);
- }
-
- return xorKey;
- }
-
- private byte[] fixKey(byte[] key) {
- boolean isWeak = true;
- try {
- isWeak = DESKeySpec.isWeak(key, 0);
- } catch (InvalidKeyException e) {
- e.printStackTrace();
- }
- if (isWeak) {
- key[7] = (byte)(key[7] ^ 0xF0);
- }
-
- return key;
- }
-
- @Override
- public boolean verifyWithKey(byte[] data,byte[] key,
- int usage, byte[] checksum) throws KrbException {
- int computeSize = computeSize();
- int blockSize = encProvider().blockSize();
- int hashSize = hashProvider().hashSize();
-
- // key
- byte[] newKey = deriveKey(key);
-
- encProvider().decrypt(newKey, checksum);
- byte[] decrypted = checksum; // confounder | hash
-
- // confounder | data
- byte[] toHash = new byte[blockSize + data.length];
- System.arraycopy(decrypted, 0, toHash, 0, blockSize);
- System.arraycopy(data, 0, toHash, blockSize, data.length);
-
- HashProvider hashProvider = hashProvider();
- hashProvider.hash(toHash);
- byte[] newHash = hashProvider.output();
-
- return checksumEqual(newHash, decrypted, blockSize, hashSize);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
deleted file mode 100644
index 5e4152e..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/Crc32CheckSum.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.cksum.provider.AbstractUnkeyedCheckSumTypeHandler;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Crc32Provider;
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class Crc32CheckSum extends AbstractUnkeyedCheckSumTypeHandler {
-
- public Crc32CheckSum() {
- super(new Crc32Provider(), 4, 4);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.CRC32;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
deleted file mode 100644
index 34e40a7..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/DesCbcCheckSum.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.spec.common.CheckSumType;
-
-public class DesCbcCheckSum extends ConfounderedDesCheckSum {
-
- public DesCbcCheckSum() {
- super(null, 8, 8);
- }
-
- public CheckSumType cksumType() {
- return CheckSumType.DES_CBC;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
deleted file mode 100644
index a1cddf2..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HashProvider.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.KrbException;
-
-/**
- * krb5_hash_provider
- */
-public interface HashProvider {
-
- public int hashSize();
- public int blockSize();
-
- public void hash(byte[] data, int start, int size) throws KrbException;
- public void hash(byte[] data) throws KrbException;
- public byte[] output();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/ceacb982/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
deleted file mode 100644
index ae4e102..0000000
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.kerb.crypto.cksum;
-
-import org.apache.kerberos.kerb.crypto.Hmac;
-import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider;
-import org.apache.kerberos.kerb.crypto.enc.EncryptProvider;
-import org.apache.kerberos.kerb.KrbException;
-
-public abstract class HmacKcCheckSum extends KcCheckSum {
-
- public HmacKcCheckSum(EncryptProvider encProvider, int computeSize, int outputSize) {
- super(encProvider, new Sha1Provider(), computeSize, outputSize);
- }
-
- protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] hmac = Hmac.hmac(hashProvider(), Kc, data, start, len);
- return hmac;
- }
-}