You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/11/16 19:00:04 UTC
svn commit: r1035713 - in
/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos:
KerberosConstants.java components/KdcRep.java components/KdcReq.java
Author: elecharny
Date: Tue Nov 16 18:00:03 2010
New Revision: 1035713
URL: http://svn.apache.org/viewvc?rev=1035713&view=rev
Log:
o Added the KdcRep class
o Fixed some Javadoc
Added:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java
Modified:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosConstants.java
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosConstants.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosConstants.java?rev=1035713&r1=1035712&r2=1035713&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosConstants.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosConstants.java Tue Nov 16 18:00:03 2010
@@ -84,6 +84,15 @@ public class KerberosConstants
public static final int KDC_REQ_MSG_TYPE_TAG = 0xA2;
public static final int KDC_REQ_PA_DATA_TAG = 0xA3;
public static final int KDC_REQ_KDC_REQ_BODY_TAG = 0xA4;
+
+ /** KRB-REP's tags */
+ public static final int KDC_REP_PVNO_TAG = 0xA0;
+ public static final int KDC_REP_MSG_TYPE_TAG = 0xA1;
+ public static final int KDC_REP_PA_DATA_TAG = 0xA2;
+ public static final int KDC_REP_CREALM_TAG = 0xA3;
+ public static final int KDC_REP_CNAME_TAG = 0xA4;
+ public static final int KDC_REP_TICKET_TAG = 0xA5;
+ public static final int KDC_REP_ENC_PART_TAG = 0xA6;
/** AS-REQ's tags */
public static final int AS_REQ_TAG = 0x6A;
Added: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java?rev=1035713&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java (added)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java Tue Nov 16 18:00:03 2010
@@ -0,0 +1,447 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.shared.kerberos.components;
+
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.directory.server.i18n.I18n;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.kerberos.KerberosConstants;
+import org.apache.directory.shared.kerberos.KerberosMessageType;
+import org.apache.directory.shared.kerberos.messages.Ticket;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+/**
+ * The KDC-REP data structure. It will store the object described by the ASN.1 grammar :
+ * <pre>
+ * KDC-REP ::= SEQUENCE {
+ * pvno [0] INTEGER (5),
+ * msg-type [1] INTEGER (11 -- AS -- | 13 -- TGS --),
+ * padata [2] SEQUENCE OF PA-DATA OPTIONAL
+ * -- NOTE: not empty --,
+ * crealm [3] Realm,
+ * cname [4] <PrincipalName>,
+ * ticket [5] <Ticket>,
+ * enc-part [6] <EncryptedData>
+ * -- EncASRepPart or EncTGSRepPart,
+ * -- as appropriate
+ * }
+ * </pre>
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KdcRep
+{
+ /** The PVNO field */
+ private int pvno;
+
+ /** The message type, either it's a AS-REP or a TGS-REP */
+ private KerberosMessageType msgType;
+
+ /** The PA-DATAs */
+ private List<PaData> paData;
+
+ /** The client realm */
+ private String crealm;
+
+ /** A storage for a byte array representation of the realm */
+ private byte[] crealmBytes;
+
+ /** The client principal name */
+ private PrincipalName cname;
+
+ /** The ticket tickets */
+ private Ticket ticket;
+
+ /** Encoded part */
+ private EncryptedData encPart;
+
+ // Storage for computed lengths
+ private transient int pvnoLength;
+ private transient int msgTypeLength;
+ private transient int paDataLength;
+ private transient int paDataSeqLength;
+ private transient int[] paDataLengths;
+ private transient int cnameLength;
+ private transient int crealmLength;
+ private transient int ticketLength;
+ private transient int encPartLength;
+ private transient int kdcRepSeqLength;
+ private transient int kdcRepLength;
+
+ /**
+ * Creates a new instance of KDC-REP.
+ */
+ public KdcRep( KerberosMessageType msgType )
+ {
+ this.msgType = msgType;
+ paData = new ArrayList<PaData>();
+ }
+
+
+ /**
+ * @return the pvno
+ */
+ public int getPvno()
+ {
+ return pvno;
+ }
+
+
+ /**
+ * @param pvno the pvno to set
+ */
+ public void setPvno( int pvno )
+ {
+ this.pvno = pvno;
+ }
+
+
+ /**
+ * @return the msgType
+ */
+ public KerberosMessageType getMsgType()
+ {
+ return msgType;
+ }
+
+
+ /**
+ * @return the paData
+ */
+ public List<PaData> getPaData()
+ {
+ return paData;
+ }
+
+
+ /**
+ * @param paData the paData to set
+ */
+ public void addPaData( PaData paData )
+ {
+ this.paData.add( paData );
+ }
+
+
+ /**
+ * Returns the client realm.
+ *
+ * @return The client realm.
+ */
+ public String getCRealm()
+ {
+ return crealm;
+ }
+
+
+ /**
+ * Set the client realm
+ * @param crealm the client realm
+ */
+ public void setCRealm( String crealm )
+ {
+ this.crealm = crealm;
+ }
+
+
+ /**
+ * Returns the client {@link PrincipalName}.
+ *
+ * @return The client {@link PrincipalName}.
+ */
+ public PrincipalName getCName()
+ {
+ return cname;
+ }
+
+
+ /**
+ * Set the client principalName
+ * @param cname the client principalName
+ */
+ public void setSName( PrincipalName cname )
+ {
+ this.cname = cname;
+ }
+
+
+ /**
+ * Returns the {@link Ticket}
+ *
+ * @return The {@link Ticket}
+ */
+ public Ticket getTicket()
+ {
+ return ticket;
+ }
+
+
+ /**
+ * Set the Ticket
+ * @param ticket the ticket to set
+ */
+ public void setTicket( Ticket ticket )
+ {
+ this.ticket = ticket;
+ }
+
+
+ /**
+ * Returns the encrypted part as {@link EncryptedData}.
+ *
+ * @return The encrypted part as {@link EncryptedData}.
+ */
+ public EncryptedData getEncPart()
+ {
+ return encPart;
+ }
+
+
+ /**
+ * @param encPart the encPart to set
+ */
+ public void setEncPart( EncryptedData encPart )
+ {
+ this.encPart = encPart;
+ }
+
+
+ /**
+ * Compute the KDC-REP length
+ * <pre>
+ * KDC-REP :
+ *
+ * 0x30 L1 KDC-REP sequence
+ * |
+ * +--> 0xA0 0x03 pvno tag
+ * | |
+ * | +--> 0x02 0x01 0x05 pvno (5)
+ * |
+ * +--> 0xA1 0x03 msg-type tag
+ * | |
+ * | +--> 0x02 0x01 0x0B/0x0D msg-type : either AS-REP (0x0B) or TGS-REP (0x0D)
+ * |
+ * +--> 0xA2 L2 pa-data tag
+ * | |
+ * | +--> 0x30 L2-1 pa-data SEQ
+ * | |
+ * | +--> 0x30 L2-1-1 pa-data
+ * | |
+ * | +--> 0x30 L2-1-2 pa-data
+ * | :
+ * |
+ * +--> 0xA3 L3 crealm tag
+ * | |
+ * | +--> 0x1B L3-1 crealm
+ * |
+ * +--> 0xA4 L4 cname tag
+ * | |
+ * | +--> 0x30 L4-1 cname
+ * |
+ * +--> 0xA5 L5 ticket tag
+ * | |
+ * | +--> 0x61 L5-1 ticket
+ * |
+ * +--> 0xA6 L6 enc-part tag
+ * |
+ * +--> 0x30 L6-1 enc-part
+ *
+ * </pre>
+ */
+ public int computeLength()
+ {
+ // The pvno length
+ pvnoLength = 1 + 1 + 1;
+
+ // The msg-type length
+ msgTypeLength = 1 + 1 + 1;
+
+ // Compute the pa-data length.
+ paDataLengths = new int[paData.size()];
+ int pos = 0;
+
+ for ( PaData paDataElem : paData )
+ {
+ paDataLengths[pos] = paDataElem.computeLength();
+ paDataSeqLength += paDataLengths[pos];
+ pos++;
+ }
+
+ paDataLength = 1 + TLV.getNbBytes( paDataSeqLength ) + paDataSeqLength;
+
+ // The crealm length
+ crealmBytes = StringTools.getBytesUtf8( crealm );
+ crealmLength = 1 + TLV.getNbBytes( crealmBytes.length ) + crealmBytes.length;
+
+ // Compute the client principalName length
+ cnameLength = cname.computeLength();
+
+ // Compute the ticket length
+ ticketLength = ticket.computeLength();
+
+ // Compute the encrypted part
+ encPartLength = encPart.computeLength();
+
+ // Compute the sequence size.
+ kdcRepSeqLength = 1 + TLV.getNbBytes( pvnoLength ) + pvnoLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( msgTypeLength ) + msgTypeLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( paDataLength ) + paDataLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( crealmLength ) + crealmLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( cnameLength ) + cnameLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( ticketLength ) + ticketLength;
+ kdcRepSeqLength += 1 + TLV.getNbBytes( encPartLength ) + encPartLength;
+
+ // compute the global size
+ kdcRepLength = 1 + TLV.getNbBytes( kdcRepSeqLength ) + kdcRepSeqLength;
+
+ return kdcRepLength;
+ }
+
+
+ /**
+ * Encode the KDC-REP component
+ *
+ * @param buffer The buffer containing the encoded result
+ * @return The encoded component
+ * @throws EncoderException If the encoding failed
+ */
+ public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+ {
+ if ( buffer == null )
+ {
+ throw new EncoderException( I18n.err( I18n.ERR_148 ) );
+ }
+
+ // The KDC-REP SEQ Tag
+ buffer.put( UniversalTag.SEQUENCE.getValue() );
+ buffer.put( TLV.getBytes( kdcRepSeqLength ) );
+
+ // The PVNO -----------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REQ_PVNO_TAG );
+ buffer.put( TLV.getBytes( pvnoLength ) );
+
+ // The value
+ Value.encode( buffer, pvno );
+
+ // The MSG-TYPE if any ------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_MSG_TYPE_TAG );
+ buffer.put( TLV.getBytes( msgTypeLength ) );
+
+ // The value
+ Value.encode( buffer, msgType.getValue() );
+
+ // The PD-DATA --------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_PA_DATA_TAG );
+ buffer.put( TLV.getBytes( paDataLength ) );
+
+ // The sequence
+ buffer.put( UniversalTag.SEQUENCE.getValue() );
+ buffer.put( TLV.getBytes( paDataSeqLength ) );
+
+ // The values
+ for ( PaData paDataElem : paData )
+ {
+ paDataElem.encode( buffer );
+ }
+
+ // The CREALM ---------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_CREALM_TAG );
+ buffer.put( TLV.getBytes( crealmLength ) );
+
+ // The value
+ buffer.put( UniversalTag.GENERAL_STRING.getValue() );
+ buffer.put( TLV.getBytes( crealmBytes.length ) );
+ buffer.put( crealmBytes );
+
+ // The CNAME ----------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_CNAME_TAG );
+ buffer.put( TLV.getBytes( cnameLength ) );
+
+ // The value
+ cname.encode( buffer );
+
+ // The TICKET ---------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_TICKET_TAG );
+ buffer.put( TLV.getBytes( ticketLength ) );
+
+ // The value
+ ticket.encode( buffer );
+
+ // The ENC-PART -------------------------------------------------------
+ // The tag
+ buffer.put( (byte)KerberosConstants.KDC_REP_ENC_PART_TAG );
+ buffer.put( TLV.getBytes( encPartLength ) );
+
+ // The value
+ encPart.encode( buffer );
+
+ return buffer;
+ }
+
+
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ StringBuilder sb = new StringBuilder();
+
+ if ( msgType == KerberosMessageType.AS_REP )
+ {
+ sb.append( "AS-REP" ).append( '\n' );
+ }
+ else if ( msgType == KerberosMessageType.TGS_REP )
+ {
+ sb.append( "TGS-REP" ).append( '\n' );
+ }
+ else
+ {
+ sb.append( "Unknown" ).append( '\n' );
+ }
+
+ sb.append( "pvno : " ).append( pvno ).append( '\n' );
+
+ sb.append( "msg-type : " );
+
+ for ( PaData paDataElem : paData )
+ {
+ sb.append( "padata : " ).append( paDataElem ).append( '\n' );
+ }
+
+ sb.append( "crealm : " ).append( crealm ).append( '\n' );
+ sb.append( "cname : " ).append( cname ).append( '\n' );
+ sb.append( "ticket : " ).append( ticket ).append( '\n' );
+ sb.append( "enc-part : " ).append( encPart ).append( '\n' );
+
+ return sb.toString();
+ }
+}
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java?rev=1035713&r1=1035712&r2=1035713&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java Tue Nov 16 18:00:03 2010
@@ -59,7 +59,7 @@ public abstract class KdcReq
/** The PA-DATAs */
private List<PaData> paData;
- /** The KDC-REQ-BODYl */
+ /** The KDC-REQ-BODY */
private KdcReqBody kdcReqBody;
// Storage for computed lengths
@@ -162,7 +162,12 @@ public abstract class KdcReq
* |
* +--> 0xA3 L2 pa-data tag
* | |
- * | +--> 0x30 L2-1 pa-data
+ * | +--> 0x30 L2-1 pa-data SEQ
+ * | |
+ * | +--> 0x30 L2-1-1 pa-data
+ * | |
+ * | +--> 0x30 L2-1-2 pa-data
+ * | :
* |
* +--> 0xA4 L3 req-body tag
* | |