You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/11/07 00:49:47 UTC
svn commit: r1032186 - in /directory/apacheds/trunk/kerberos-codec/src:
main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java
test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java
Author: elecharny
Date: Sat Nov 6 23:49:47 2010
New Revision: 1032186
URL: http://svn.apache.org/viewvc?rev=1032186&view=rev
Log:
Finished the Ticket decoder implementation
Modified:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java
directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java?rev=1032186&r1=1032185&r2=1032186&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/KerberosMessageGrammar.java Sat Nov 6 23:49:47 2010
@@ -35,9 +35,9 @@ import org.apache.directory.shared.asn1.
import org.apache.directory.shared.i18n.I18n;
import org.apache.directory.shared.kerberos.KerberosConstants;
import org.apache.directory.shared.kerberos.codec.actions.CheckNotNullLength;
+import org.apache.directory.shared.kerberos.codec.encryptedData.EncryptedDataContainer;
import org.apache.directory.shared.kerberos.codec.principalName.PrincipalNameContainer;
-import org.apache.directory.shared.kerberos.codec.principalName.actions.PrincipalNameNameString;
-import org.apache.directory.shared.kerberos.codec.principalName.actions.PrincipalNameNameType;
+import org.apache.directory.shared.kerberos.components.EncryptedData;
import org.apache.directory.shared.kerberos.components.PrincipalName;
import org.apache.directory.shared.kerberos.messages.Ticket;
import org.apache.directory.shared.ldap.util.StringTools;
@@ -268,6 +268,8 @@ public final class KerberosMessageGramma
PrincipalName principalName = principalNameContainer.getPrincipalName();
Ticket ticket = kerberosMessageContainer.getTicket();
ticket.setSName( principalName );
+
+ container.setParentTLV( tlv.getParent() );
if ( IS_DEBUG )
{
@@ -321,6 +323,8 @@ public final class KerberosMessageGramma
PrincipalName principalName = principalNameContainer.getPrincipalName();
kerberosMessageContainer.setPrincipalName( principalName );
+
+ container.setParentTLV( tlv.getParent() );
if ( IS_DEBUG )
{
@@ -329,58 +333,58 @@ public final class KerberosMessageGramma
}
} );
- // ============================================================================================
- // PrincipalName
- // ============================================================================================
- // --------------------------------------------------------------------------------------------
- // Transition from PrincipalName init to name-type tag
- // --------------------------------------------------------------------------------------------
- // PrincipalName ::= SEQUENCE {
- // name-type [0]
- super.transitions[KerberosStatesEnum.PRINCIPAL_NAME_STATE.ordinal()][KerberosConstants.PRINCIPAL_NAME_NAME_TYPE_TAG] = new GrammarTransition(
- KerberosStatesEnum.PRINCIPAL_NAME_STATE, KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_TAG_STATE, KerberosConstants.PRINCIPAL_NAME_NAME_TYPE_TAG,
- new CheckNotNullLength() );
-
// --------------------------------------------------------------------------------------------
- // Transition from name-type tag to name-type value
+ // Transition from enc-part tag to enc-part value
// --------------------------------------------------------------------------------------------
- // PrincipalName ::= SEQUENCE {
- // name-type [0] Int32,
- super.transitions[KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_TAG_STATE.ordinal()][UniversalTag.INTEGER.getValue()] = new GrammarTransition(
- KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_TAG_STATE, KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_STATE, UniversalTag.INTEGER.getValue(),
- new PrincipalNameNameType() );
-
- // --------------------------------------------------------------------------------------------
- // Transition from name-type value to name-string tag
- // --------------------------------------------------------------------------------------------
- // PrincipalName ::= SEQUENCE {
- // name-type [0] Int32,
- // name-string [1]
- super.transitions[KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_STATE.ordinal()][KerberosConstants.PRINCIPAL_NAME_NAME_STRING_TAG] = new GrammarTransition(
- KerberosStatesEnum.PRINCIPAL_NAME_NAME_TYPE_STATE, KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_TAG_STATE, KerberosConstants.PRINCIPAL_NAME_NAME_STRING_TAG,
- new CheckNotNullLength() );
-
- // --------------------------------------------------------------------------------------------
- // Transition from name-string tag to name-string SEQ
- // --------------------------------------------------------------------------------------------
- // PrincipalName ::= SEQUENCE {
- // name-type [0] Int32,
- // name-string [1] SEQUENCE OF
- super.transitions[KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_TAG_STATE.ordinal()][UniversalTag.SEQUENCE.getValue()] = new GrammarTransition(
- KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_TAG_STATE, KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_SEQ_STATE, UniversalTag.SEQUENCE.getValue(),
- new CheckNotNullLength() );
-
- // --------------------------------------------------------------------------------------------
- // Transition from name-string SEQ to name-string value
- // --------------------------------------------------------------------------------------------
- // PrincipalName ::= SEQUENCE {
- // name-type [0] Int32,
- // name-string [1] SEQUENCE OF KerberosString
- super.transitions[KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_SEQ_STATE.ordinal()][UniversalTag.GENERAL_STRING.getValue()] = new GrammarTransition(
- KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_SEQ_STATE, KerberosStatesEnum.PRINCIPAL_NAME_NAME_STRING_SEQ_STATE, UniversalTag.GENERAL_STRING.getValue(),
- new PrincipalNameNameString() );
-
-
+ // Ticket ::= [APPLICATION 1] SEQUENCE {
+ // ...
+ // enc-part [3] EncryptedData
+ //
+ super.transitions[KerberosStatesEnum.TICKET_SNAME_TAG_STATE.ordinal()][KerberosConstants.TICKET_ENC_PART_TAG] = new GrammarTransition(
+ KerberosStatesEnum.TICKET_SNAME_TAG_STATE, KerberosStatesEnum.TICKET_ENC_PART_TAG_STATE, KerberosConstants.TICKET_ENC_PART_TAG,
+ new GrammarAction( "Kerberos Ticket EncryptedData" )
+ {
+ public void action( Asn1Container container ) throws DecoderException
+ {
+ KerberosMessageContainer kerberosMessageContainer = ( KerberosMessageContainer ) container;
+
+ TLV tlv = kerberosMessageContainer.getCurrentTLV();
+
+ // The Length should not be null
+ if ( tlv.getLength() == 0 )
+ {
+ LOG.error( I18n.err( I18n.ERR_04066 ) );
+
+ // This will generate a PROTOCOL_ERROR
+ throw new DecoderException( I18n.err( I18n.ERR_04067 ) );
+ }
+
+ // Now, let's decode the PrincipalName
+ Asn1Decoder encryptedDataDecoder = new Asn1Decoder();
+
+ EncryptedDataContainer encryptedDataContainer = new EncryptedDataContainer();
+
+ // Decode the Ticket PDU
+ try
+ {
+ encryptedDataDecoder.decode( container.getStream(), encryptedDataContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw de;
+ }
+
+ EncryptedData encryptedData = encryptedDataContainer.getEncryptedData();
+ Ticket ticket = (Ticket)kerberosMessageContainer.getMessage();
+ ticket.setEncPart( encryptedData );
+
+ if ( IS_DEBUG )
+ {
+ LOG.debug( "EncryptedData : " + encryptedData );
+ }
+ }
+ } );
+
/*
// --------------------------------------------------------------------------------------------
// Transition from LdapMessage to Message ID
Modified: directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java?rev=1032186&r1=1032185&r2=1032186&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/TicketDecoderTest.java Sat Nov 6 23:49:47 2010
@@ -20,16 +20,25 @@
package org.apache.directory.shared.kerberos.codec;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.nio.ByteBuffer;
+import java.util.Arrays;
import org.apache.directory.junit.tools.Concurrent;
import org.apache.directory.junit.tools.ConcurrentJunitRunner;
import org.apache.directory.shared.asn1.ber.Asn1Container;
import org.apache.directory.shared.asn1.ber.Asn1Decoder;
import org.apache.directory.shared.asn1.codec.DecoderException;
-import org.apache.directory.shared.kerberos.messages.KerberosMessage;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.EncryptionType;
+import org.apache.directory.shared.kerberos.components.PrincipalName;
+import org.apache.directory.shared.kerberos.components.PrincipalNameType;
+import org.apache.directory.shared.kerberos.messages.Ticket;
import org.apache.directory.shared.ldap.util.StringTools;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -42,9 +51,6 @@ import org.junit.runner.RunWith;
@Concurrent()
public class TicketDecoderTest
{
- /** The encoder instance */
- //LdapEncoder encoder = new LdapEncoder();
-
/**
* Test the decoding of a Ticket message
*/
@@ -53,24 +59,32 @@ public class TicketDecoderTest
{
Asn1Decoder kerberosDecoder = new Asn1Decoder();
- ByteBuffer stream = ByteBuffer.allocate( 0x35 );
+ ByteBuffer stream = ByteBuffer.allocate( 0x46 );
byte LL = 0;
stream.put( new byte[]
- { 0x61, 0x2C, // Ticket
- 0x30, 0x2A,
+ { 0x61, 0x44, // Ticket
+ 0x30, 0x42,
(byte)0xA0, 0x03, // tkt-vno
- 0x02, 0x01, 0x05, // 5
+ 0x02, 0x01, 0x05,
(byte)0xA1, 0x0D, // realm
0x1B, 0x0B, 'E', 'X', 'A', 'M', 'P', 'L', 'E', '.', 'C', 'O', 'M',
(byte)0xA2, 0x14, // sname
0x30, 0x12,
(byte)0xA0, 0x03, // name-type
- 0x02, 0x01, 0x01, // NT-PRINCIPAL
+ 0x02, 0x01, 0x01,
(byte)0xA1, 0x0B, // name-string
0x30, 0x09,
0x1B, 0x07, 'h', 'n', 'e', 'l', 's', 'o', 'n',
- (byte)0xA3, 0x02, 0x01, 0x02 // enc-part
+ (byte)0xA3, 0x16, // enc-part
+ 0x030, 0x14,
+ (byte)0xA0, 0x03, // etype
+ 0x02, 0x01, 0x12,
+ (byte)0xA1, 0x03, // kvno
+ 0x02, 0x01, 0x05,
+ (byte)0xA2, 0x08, // cipher
+ 0x04, 0x06,
+ 'a', 'b', 'c', 'd', 'e', 'f'
} );
String decodedPdu = StringTools.dumpBytes( stream.array() );
@@ -92,22 +106,31 @@ public class TicketDecoderTest
}
// Check the decoded BindRequest
- KerberosMessage ticket = ( ( KerberosMessageContainer ) kerberosMessageContainer ).getMessage();
+ Ticket ticket = ( ( KerberosMessageContainer ) kerberosMessageContainer ).getTicket();
+
+ assertEquals( 5, ticket.getTktVno() );
+ assertEquals( "EXAMPLE.COM", ticket.getRealm() );
+
+ PrincipalName principalName = ticket.getSName();
- /*
- assertEquals( 1, bindRequest.getMessageId() );
- assertTrue( bindRequest.isVersion3() );
- assertEquals( "uid=akarasulu,dc=example,dc=com", bindRequest.getName().toString() );
- assertTrue( bindRequest.isSimple() );
- assertEquals( "password", StringTools.utf8ToString( bindRequest.getCredentials() ) );
+ assertNotNull( principalName );
+ assertEquals( PrincipalNameType.KRB_NT_PRINCIPAL, principalName.getNameType() );
+ assertTrue( principalName.getNames().contains( "hnelson" ) );
+
+ EncryptedData encryptedData = ticket.getEncPart();
+
+ assertNotNull( encryptedData );
+ assertEquals( EncryptionType.AES256_CTS_HMAC_SHA1_96, encryptedData.getEType() );
+ assertEquals( 5, encryptedData.getKvno() );
+ assertTrue( Arrays.equals( StringTools.getBytesUtf8( "abcdef" ), encryptedData.getCipher() ) );
// Check the encoding
try
{
- ByteBuffer bb = encoder.encodeMessage( bindRequest );
+ ByteBuffer bb = ticket.encode();
// Check the length
- assertEquals( 0x35, bb.limit() );
+ assertEquals( 0x46, bb.limit() );
String encodedPdu = StringTools.dumpBytes( bb.array() );
@@ -118,6 +141,5 @@ public class TicketDecoderTest
ee.printStackTrace();
fail( ee.getMessage() );
}
- */
}
}