You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/24 02:27:07 UTC
svn commit: r541123 [17/25] - in
/directory/apacheds/branches/apacheds-sasl-branch: ./ benchmarks/
bootstrap-extract/ bootstrap-extract/src/ bootstrap-extract/src/main/
bootstrap-extract/src/main/java/ bootstrap-extract/src/main/java/org/
bootstrap-ext...
Modified: directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java Wed May 23 17:26:40 2007
@@ -21,7 +21,6 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -51,6 +50,7 @@
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -183,7 +183,7 @@
if ( nextObject instanceof String )
{
name = ( String ) nextObject;
- log.warn( "Using default cache size of {} for index on attribute {}",
+ log.debug( "Using default cache size of {} for index on attribute {}",
new Integer( cacheSize ), name );
}
// custom cache size is used
@@ -285,7 +285,7 @@
if ( ! customAddedSystemIndices.contains( systemIndexName ) )
{
AttributeType type = attributeTypeRegistry.lookup( systemIndexName );
- log.warn( "Using default cache size of {} for index on attribute {}",
+ log.debug( "Using default cache size of {} for index on attribute {}",
new Integer( IndexConfiguration.DEFAULT_INDEX_CACHE_SIZE ), systemIndexName );
if ( systemIndexName.equals( Oid.EXISTANCE ) )
{
@@ -359,7 +359,7 @@
oidRegistry = config.getOidRegistry();
attributeTypeRegistry = config.getAttributeTypeRegistry();
- OBJECT_CLASS_AT = attributeTypeRegistry.lookup( "objectClass" );
+ OBJECT_CLASS_AT = attributeTypeRegistry.lookup( SchemaConstants.OBJECT_CLASS_AT );
ALIAS_AT = attributeTypeRegistry.lookup( ALIAS_ATTRIBUTE );
this.upSuffix = new LdapDN( config.getSuffixDn() );
@@ -378,12 +378,12 @@
if ( cacheSize < 0 )
{
cacheSize = DEFAULT_CACHE_SIZE;
- log.warn( "Using the default entry cache size of {} for {} partition",
+ log.debug( "Using the default entry cache size of {} for {} partition",
new Integer( cacheSize ), config.getName() );
}
else
{
- log.info( "Using the custom configured cache size of {} for {} partition",
+ log.debug( "Using the custom configured cache size of {} for {} partition",
new Integer( cacheSize ), config.getName() );
}
recMan = new CacheRecordManager( base, new MRU( cacheSize ) );
@@ -783,32 +783,32 @@
}
- public BigInteger getEntryId( String dn ) throws NamingException
+ public Long getEntryId( String dn ) throws NamingException
{
- return ndnIdx.forwardLookup( dn );
+ return (Long)ndnIdx.forwardLookup( dn );
}
- public String getEntryDn( BigInteger id ) throws NamingException
+ public String getEntryDn( Long id ) throws NamingException
{
return ( String ) ndnIdx.reverseLookup( id );
}
- public BigInteger getParentId( String dn ) throws NamingException
+ public Long getParentId( String dn ) throws NamingException
{
- BigInteger childId = ndnIdx.forwardLookup( dn );
- return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+ Long childId = (Long)ndnIdx.forwardLookup( dn );
+ return ( Long ) hierarchyIdx.reverseLookup( childId );
}
- public BigInteger getParentId( BigInteger childId ) throws NamingException
+ public Long getParentId( Long childId ) throws NamingException
{
- return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+ return ( Long ) hierarchyIdx.reverseLookup( childId );
}
- public String getEntryUpdn( BigInteger id ) throws NamingException
+ public String getEntryUpdn( Long id ) throws NamingException
{
return ( String ) updnIdx.reverseLookup( id );
}
@@ -816,7 +816,7 @@
public String getEntryUpdn( String dn ) throws NamingException
{
- BigInteger id = ndnIdx.forwardLookup( dn );
+ Long id = (Long)ndnIdx.forwardLookup( dn );
return ( String ) updnIdx.reverseLookup( id );
}
@@ -835,13 +835,13 @@
* @param aliasId the id of the alias entry in the master table
* @throws NamingException if we cannot delete the indices
*/
- private void dropAliasIndices( BigInteger aliasId ) throws NamingException
+ private void dropAliasIndices( Long aliasId ) throws NamingException
{
String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
- BigInteger targetId = getEntryId( targetDn );
+ Long targetId = getEntryId( targetDn );
String aliasDn = getEntryDn( aliasId );
LdapDN ancestorDn = ( LdapDN ) new LdapDN( aliasDn ).getPrefix( 1 );
- BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+ Long ancestorId = getEntryId( ancestorDn.toString() );
/*
* We cannot just drop all tuples in the one level and subtree indices
@@ -880,12 +880,12 @@
* @throws NamingException if index addition fails, of the alias is not
* allowed due to chaining or cycle formation.
*/
- private void addAliasIndices( BigInteger aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
+ private void addAliasIndices( Long aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
{
LdapDN normalizedAliasTargetDn = null; // Name value of aliasedObjectName
- BigInteger targetId = null; // Id of the aliasedObjectName
+ Long targetId = null; // Id of the aliasedObjectName
LdapDN ancestorDn = null; // Name of an alias entry relative
- BigInteger ancestorId = null; // Id of an alias entry relative
+ Long ancestorId = null; // Id of an alias entry relative
// Access aliasedObjectName, normalize it and generate the Name
normalizedAliasTargetDn = new LdapDN( aliasTarget );
@@ -930,7 +930,7 @@
}
// L O O K U P T A R G E T I D
- targetId = ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
+ targetId = (Long)ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
/*
* Check For Target Existance
@@ -1007,8 +1007,8 @@
public void add( LdapDN normName, Attributes entry ) throws NamingException
{
- BigInteger id;
- BigInteger parentId = null;
+ Long id;
+ Long parentId = null;
id = master.getNextId();
@@ -1021,7 +1021,7 @@
LdapDN parentDn = null;
if ( normName.equals( normSuffix ) )
{
- parentId = BigInteger.ZERO;
+ parentId = 0L;
}
else
{
@@ -1091,16 +1091,16 @@
}
- public Attributes lookup( BigInteger id ) throws NamingException
+ public Attributes lookup( Long id ) throws NamingException
{
return master.get( id );
}
- public void delete( BigInteger id ) throws NamingException
+ public void delete( Long id ) throws NamingException
{
Attributes entry = lookup( id );
- BigInteger parentId = getParentId( id );
+ Long parentId = getParentId( id );
NamingEnumeration attrs = entry.getIDs();
Attribute objectClass = AttributeUtils.getAttribute( entry, OBJECT_CLASS_AT );
@@ -1114,7 +1114,7 @@
hierarchyIdx.drop( id );
// Remove parent's reference to entry only if entry is not the upSuffix
- if ( !parentId.equals( BigInteger.ZERO ) )
+ if ( !parentId.equals( 0L ) )
{
hierarchyIdx.drop( parentId, id );
}
@@ -1150,13 +1150,13 @@
}
- public NamingEnumeration list( BigInteger id ) throws NamingException
+ public NamingEnumeration list( Long id ) throws NamingException
{
return hierarchyIdx.listIndices( id );
}
- public int getChildCount( BigInteger id ) throws NamingException
+ public int getChildCount( Long id ) throws NamingException
{
return hierarchyIdx.count( id );
}
@@ -1175,7 +1175,7 @@
public Attributes getSuffixEntry() throws NamingException
{
- BigInteger id = getEntryId( normSuffix.toNormName() );
+ Long id = getEntryId( normSuffix.toNormName() );
if ( null == id )
{
@@ -1198,7 +1198,7 @@
}
- public Attributes getIndices( BigInteger id ) throws NamingException
+ public Attributes getIndices( Long id ) throws NamingException
{
Attributes attributes = new AttributesImpl();
@@ -1276,7 +1276,7 @@
* @throws NamingException if index alteration or attribute addition
* fails.
*/
- private void add( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void add( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1329,7 +1329,7 @@
* @throws NamingException if index alteration or attribute modification
* fails.
*/
- private void remove( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void remove( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1395,7 +1395,7 @@
* @throws NamingException if index alteration or attribute modification
* fails.
*/
- private void replace( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void replace( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1444,7 +1444,7 @@
public void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException
{
NamingEnumeration attrs = null;
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = master.get( id );
switch ( modOp )
@@ -1497,7 +1497,7 @@
public void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
{
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = master.get( id );
for ( int ii = 0; ii < mods.length; ii++ )
@@ -1546,11 +1546,11 @@
* @throws NamingException if there are any errors propagating the name
* changes.
*/
- public void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
+ public void rename( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
{
String newRdnAttr = NamespaceTools.getRdnAttribute( newRdn );
String newRdnValue = NamespaceTools.getRdnValue( newRdn );
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = lookup( id );
LdapDN updn = new LdapDN( getEntryUpdn( id ) );
@@ -1671,7 +1671,7 @@
* which affects alias indices.
* @throws NamingException if something goes wrong
*/
- private void modifyDn( BigInteger id, LdapDN updn, boolean isMove ) throws NamingException
+ private void modifyDn( Long id, LdapDN updn, boolean isMove ) throws NamingException
{
String aliasTarget = null;
@@ -1710,7 +1710,7 @@
{
// Get the child and its id
IndexRecord rec = ( IndexRecord ) children.next();
- BigInteger childId = rec.getEntryId();
+ Long childId = (Long)rec.getEntryId();
/*
* Calculate the Dn for the child's new name by copying the parents
@@ -1729,8 +1729,8 @@
public void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn ) throws NamingException
{
- BigInteger childId = getEntryId( oldChildDn.toString() );
- modifyRn( oldChildDn, newRdn, deleteOldRdn );
+ Long childId = getEntryId( oldChildDn.toString() );
+ rename( oldChildDn, newRdn, deleteOldRdn );
move( oldChildDn, childId, newParentDn );
if ( isSyncOnWrite )
@@ -1742,7 +1742,7 @@
public void move( LdapDN oldChildDn, LdapDN newParentDn ) throws NamingException
{
- BigInteger childId = getEntryId( oldChildDn.toString() );
+ Long childId = getEntryId( oldChildDn.toString() );
move( oldChildDn, childId, newParentDn );
if ( isSyncOnWrite )
@@ -1765,11 +1765,11 @@
* @param newParentDn the normalized dn of the new parent for the child
* @throws NamingException if something goes wrong
*/
- private void move( LdapDN oldChildDn, BigInteger childId, LdapDN newParentDn ) throws NamingException
+ private void move( LdapDN oldChildDn, Long childId, LdapDN newParentDn ) throws NamingException
{
// Get the child and the new parent to be entries and Ids
- BigInteger newParentId = getEntryId( newParentDn.toString() );
- BigInteger oldParentId = getParentId( childId );
+ Long newParentId = getEntryId( newParentDn.toString() );
+ Long oldParentId = getParentId( childId );
/*
* All aliases including and below oldChildDn, will be affected by
@@ -1818,7 +1818,7 @@
{
public boolean assertCandidate( IndexRecord rec ) throws NamingException
{
- String dn = getEntryDn( rec.getEntryId() );
+ String dn = getEntryDn( (Long)rec.getEntryId() );
if ( dn.endsWith( movedBase.toString() ) )
{
return true;
@@ -1828,7 +1828,7 @@
}
};
- BigInteger movedBaseId = getEntryId( movedBase.toString() );
+ Long movedBaseId = getEntryId( movedBase.toString() );
if ( aliasIdx.reverseLookup( movedBaseId ) != null )
{
dropAliasIndices( movedBaseId, movedBase );
@@ -1839,7 +1839,7 @@
while ( aliases.hasMore() )
{
IndexRecord entry = ( IndexRecord ) aliases.next();
- dropAliasIndices( entry.getEntryId(), movedBase );
+ dropAliasIndices( (Long)entry.getEntryId(), movedBase );
}
}
@@ -1852,10 +1852,10 @@
* @param movedBase the base where the move occured
* @throws NamingException if indices fail
*/
- private void dropAliasIndices( BigInteger aliasId, LdapDN movedBase ) throws NamingException
+ private void dropAliasIndices( Long aliasId, LdapDN movedBase ) throws NamingException
{
String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
- BigInteger targetId = getEntryId( targetDn );
+ Long targetId = getEntryId( targetDn );
String aliasDn = getEntryDn( aliasId );
/*
@@ -1863,7 +1863,7 @@
* moved base. This is the first ancestor effected by the move.
*/
LdapDN ancestorDn = ( LdapDN ) movedBase.getPrefix( 1 );
- BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+ Long ancestorId = getEntryId( ancestorDn.toString() );
/*
* We cannot just drop all tuples in the one level and subtree indices
Modified: directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java Wed May 23 17:26:40 2007
@@ -35,6 +35,7 @@
import jdbm.RecordManager;
import jdbm.btree.BTree;
+import jdbm.helper.Serializer;
import jdbm.helper.TupleBrowser;
import org.apache.commons.collections.iterators.ArrayIterator;
@@ -101,9 +102,14 @@
* @throws NamingException if the table's file cannot be created
*/
public JdbmTable( String name, boolean allowsDuplicates, int numDupLimit,
- RecordManager manager, TupleComparator comparator )
+ RecordManager manager, TupleComparator comparator, Serializer keySerializer,
+ Serializer valueSerializer )
throws NamingException
{
+ /*System.out.println( "Creating BTree for " + name + ", key serializer = " +
+ (keySerializer == null ? "null" : keySerializer.getClass().getName()) +
+ ", valueSerializer = " +
+ (valueSerializer == null ? "null" : valueSerializer.getClass().getName()) );*/
this.numDupLimit = numDupLimit;
this.name = name;
this.recMan = manager;
@@ -138,7 +144,7 @@
}
else
{
- bt = BTree.createInstance( recMan, comparator.getKeyComparator() );
+ bt = BTree.createInstance( recMan, comparator.getKeyComparator(), keySerializer, valueSerializer );
recId = bt.getRecid();
recMan.setNamedObject( name, recId );
recId = recMan.insert( new Integer( 0 ) );
@@ -163,9 +169,10 @@
* @param keyComparator a tuple comparator
* @throws NamingException if the table's file cannot be created
*/
- public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator ) throws NamingException
+ public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator, Serializer keySerializer, Serializer valueSerializer )
+ throws NamingException
{
- this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ) );
+ this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ), keySerializer, valueSerializer );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-kerberos-shared</artifactId>
<name>ApacheDS Protocol Kerberos Shared</name>
@@ -13,10 +13,6 @@
</description>
<packaging>jar</packaging>
<dependencies>
- <dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>lcrypto-jdk14</artifactId>
- </dependency>
<dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java Wed May 23 17:26:40 2007
@@ -21,50 +21,38 @@
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public abstract class ChecksumEngine
+public interface ChecksumEngine
{
- public abstract Digest getDigest();
-
-
- public abstract ChecksumType checksumType();
-
-
- public abstract CipherType keyType();
-
-
- public abstract int checksumSize();
-
-
- public abstract int keySize();
-
-
- public abstract int confounderSize();
-
-
- public abstract boolean isSafe();
-
-
- public abstract byte[] calculateKeyedChecksum( byte[] data, byte[] key );
-
-
- public abstract boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum );
-
-
- public byte[] calculateChecksum( byte[] data )
- {
- Digest digester = getDigest();
-
- digester.reset();
- digester.update( data, 0, data.length );
- byte[] returnValue = new byte[digester.getDigestSize()];
- digester.doFinal( returnValue, 0 );
- return returnValue;
- }
+ /**
+ * Returns the checksum type of this checksum engine.
+ *
+ * @return The checksum type.
+ */
+ public ChecksumType checksumType();
+
+
+ /**
+ * Returns the key type of this checksum engine.
+ *
+ * @return The key type.
+ */
+ public CipherType keyType();
+
+
+ /**
+ * Calculate a checksum given raw bytes and an (optional) key.
+ *
+ * @param data
+ * @param key
+ * @param usage
+ * @return The checksum value.
+ */
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java Wed May 23 17:26:40 2007
@@ -26,56 +26,143 @@
/**
+ * A type-safe enumeration of Kerberos checksum types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class ChecksumType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The "unknown" checksum type.
*/
public static final ChecksumType UNKNOWN = new ChecksumType( -1, "UNKNOWN" );
+
+ /**
+ * The "null" checksum type.
+ */
public static final ChecksumType NULL = new ChecksumType( 0, "NULL" );
+
+ /**
+ * The CRC32 checksum type.
+ */
public static final ChecksumType CRC32 = new ChecksumType( 1, "CRC32" );
+
+ /**
+ * The rsa-md4 checksum type.
+ */
public static final ChecksumType RSA_MD4 = new ChecksumType( 2, "rsa-md4" );
+
+ /**
+ * The rsa-md4-des checksum type.
+ */
public static final ChecksumType RSA_MD4_DES = new ChecksumType( 3, "rsa-md4-des" );
+
+ /**
+ * The des-mac checksum type.
+ */
public static final ChecksumType DES_MAC = new ChecksumType( 4, "des-mac" );
+
+ /**
+ * The des-mac-k checksum type.
+ */
public static final ChecksumType DES_MAC_K = new ChecksumType( 5, "des-mac-k" );
+
+ /**
+ * The rsa-md4-des-k checksum type.
+ */
public static final ChecksumType RSA_MD4_DES_K = new ChecksumType( 6, "rsa-md4-des-k" );
+
+ /**
+ * The rsa-md5 checksum type.
+ */
public static final ChecksumType RSA_MD5 = new ChecksumType( 7, "rsa-md5" );
+
+ /**
+ * The rsa-md5-des checksum type.
+ */
public static final ChecksumType RSA_MD5_DES = new ChecksumType( 8, "rsa-md5-des" );
+
+ /**
+ * The rsa-md5-des3 checksum type.
+ */
public static final ChecksumType RSA_MD5_DES3 = new ChecksumType( 9, "rsa-md5-des3" );
+
+ /**
+ * The sha1 (unkeyed) checksum type.
+ */
public static final ChecksumType SHA1 = new ChecksumType( 10, "sha1 (unkeyed)" );
+
+ /**
+ * The hmac-sha1-des3-kd checksum type.
+ */
public static final ChecksumType HMAC_SHA1_DES3_KD = new ChecksumType( 12, "hmac-sha1-des3-kd" );
+
+ /**
+ * The hmac-sha1-des3 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_DES3 = new ChecksumType( 13, "hmac-sha1-des3" );
+
+ /**
+ * The sha1 (unkeyed) checksum type.
+ */
public static final ChecksumType SHA1_2 = new ChecksumType( 14, "sha1 (unkeyed)" );
+
+ /**
+ * The hmac-sha1-96-aes128 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_96_AES128 = new ChecksumType( 15, "hmac-sha1-96-aes128" );
+
+ /**
+ * The hmac-sha1-96-aes256 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_96_AES256 = new ChecksumType( 16, "hmac-sha1-96-aes256" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * The hmac-md5 checksum type.
+ */
+ public static final ChecksumType HMAC_MD5 = new ChecksumType( -138, "hmac-md5" );
+
+ /**
+ * Array for building a List of VALUES.
*/
private static final ChecksumType[] values =
{ UNKNOWN, NULL, CRC32, RSA_MD4, RSA_MD4_DES, DES_MAC, DES_MAC_K, RSA_MD4_DES_K, RSA_MD5, RSA_MD5_DES,
- RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256 };
- // VALUES needs to be located here, otherwise illegal forward reference
+ RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256,
+ HMAC_MD5 };
+
+ /**
+ * A List of all the checksum type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the checksum type.
+ */
private final String name;
+
+ /**
+ * The value/code for the checksum type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private ChecksumType(int ordinal, String name)
+ private ChecksumType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
+ /**
+ * Returns the checksum type when specified by its ordinal.
+ *
+ * @param type
+ * @return The checksum type.
+ */
public static ChecksumType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -90,6 +177,11 @@
}
+ /**
+ * Returns the number associated with this checksum type.
+ *
+ * @return The checksum type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
Copied: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java (from r540837, directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java?view=diff&rev=541123&p1=directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java&r1=540837&p2=directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java&r2=541123
==============================================================================
(empty)
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java Wed May 23 17:26:40 2007
@@ -20,23 +20,19 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class RsaMd5Checksum extends ChecksumEngine
+class RsaMd5Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new MD5Digest();
- }
-
-
public ChecksumType checksumType()
{
return ChecksumType.RSA_MD5;
@@ -49,38 +45,16 @@
}
- public int checksumSize()
- {
- return 16;
- }
-
-
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return false;
+ try
+ {
+ MessageDigest digester = MessageDigest.getInstance( "MD5" );
+ return digester.digest( data );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ return null;
+ }
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java Wed May 23 17:26:40 2007
@@ -26,26 +26,47 @@
/**
+ * A type-safe enumeration of Kerberos cipher types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class CipherType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The null cipher type.
*/
public static final CipherType NULL = new CipherType( "NULL" );
+
+ /**
+ * The DES cipher type.
+ */
public static final CipherType DES = new CipherType( "DES" );
- public static final CipherType DES3 = new CipherType( "DES3" );
- public static final CipherType AES128 = new CipherType( "AES128" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * The Triple-DES cipher type.
+ */
+ public static final CipherType DES3 = new CipherType( "DESede" );
+
+ /**
+ * The AES (both 128 and 256) cipher type.
+ */
+ public static final CipherType AES = new CipherType( "AES" );
+
+ /**
+ * The ARCFOUR cipher type.
+ */
+ public static final CipherType ARCFOUR = new CipherType( "ARCFOUR" );
+
+ /**
+ * Array for building a List of VALUES.
*/
private static final CipherType[] values =
- { NULL, DES, DES3, AES128 };
- // VALUES needs to be located here, otherwise illegal forward reference
+ { NULL, DES, DES3, AES, ARCFOUR };
+
+ /**
+ * A List of all the cipher type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
private final String name;
@@ -56,12 +77,18 @@
/**
* Private constructor prevents construction outside of this class.
*/
- private CipherType(String name)
+ private CipherType( String name )
{
this.name = name;
}
+ /**
+ * Returns the cipher type when specified by its ordinal.
+ *
+ * @param type
+ * @return The cipher type.
+ */
public CipherType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
Copied: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java (from r540837, directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java?view=diff&rev=541123&p1=directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java&r1=540837&p2=directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java&r2=541123
==============================================================================
(empty)
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java Wed May 23 17:26:40 2007
@@ -20,49 +20,153 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class DesCbcMd5Encryption extends DesCbcEncryption
+class DesCbcMd5Encryption extends EncryptionEngine
{
- public ChecksumEngine getChecksumEngine()
+ private static final byte[] iv = new byte[]
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00 };
+
+
+ public EncryptionType getEncryptionType()
{
- return new RsaMd5Checksum();
+ return EncryptionType.DES_CBC_MD5;
}
- public EncryptionType encryptionType()
+ public int getConfounderLength()
{
- return EncryptionType.DES_CBC_MD5;
+ return 8;
}
- public ChecksumType checksumType()
+ public int getChecksumLength()
{
- return ChecksumType.RSA_MD5;
+ return 16;
}
- public int confounderSize()
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
{
- return 8;
+ try
+ {
+ MessageDigest digester = MessageDigest.getInstance( "MD5" );
+ return digester.digest( data );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ return null;
+ }
}
- public int checksumSize()
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
{
- return 16;
+ // decrypt the data
+ byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+
+ // extract the old checksum
+ byte[] oldChecksum = new byte[getChecksumLength()];
+ System.arraycopy( decryptedData, getConfounderLength(), oldChecksum, 0, oldChecksum.length );
+
+ // zero out the old checksum in the cipher text
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ decryptedData[i] = 0;
+ }
+
+ // calculate a new checksum
+ byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+ // compare checksums
+ if ( !Arrays.equals( oldChecksum, newChecksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+ }
+
+ // remove leading confounder and checksum
+ return removeLeadingBytes( decryptedData, getConfounderLength(), getChecksumLength() );
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ // build the ciphertext structure
+ byte[] conFounder = getRandomBytes( getConfounderLength() );
+ byte[] zeroedChecksum = new byte[getChecksumLength()];
+ byte[] paddedPlainText = padString( plainText );
+ byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
+ byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+ byte[] paddedDataBytes = padString( dataBytes );
+
+ // lay the checksum into the ciphertext
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ paddedDataBytes[i] = checksumBytes[i - getConfounderLength()];
+ }
+
+ byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
+
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), encryptedData );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
}
- public int minimumPadSize()
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
{
- return 0;
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "DES" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java Wed May 23 17:26:40 2007
@@ -22,14 +22,9 @@
import java.security.SecureRandom;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
/**
@@ -41,78 +36,64 @@
private static final SecureRandom random = new SecureRandom();
- public abstract ChecksumEngine getChecksumEngine();
+ protected abstract byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage )
+ throws KerberosException;
- public abstract BlockCipher getBlockCipher();
+ protected abstract EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage );
- public abstract EncryptionType encryptionType();
+ protected abstract EncryptionType getEncryptionType();
- public abstract ChecksumType checksumType();
+ protected abstract int getConfounderLength();
- public abstract CipherType keyType();
+ protected abstract int getChecksumLength();
- public abstract int confounderSize();
+ protected abstract byte[] encrypt( byte[] plainText, byte[] key );
- public abstract int checksumSize();
+ protected abstract byte[] decrypt( byte[] cipherText, byte[] key );
- public abstract int blockSize();
+ protected abstract byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage );
- public abstract int minimumPadSize();
-
-
- public abstract int keySize();
-
-
- public byte[] getDecryptedData( EncryptionKey key, EncryptedData data )
+ protected byte[] deriveRandom( byte[] key, byte[] usage, int n, int k )
{
- byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+ byte[] nFoldedUsage = NFold.nFold( n, usage );
- return removeBytes( decryptedData, confounderSize(), checksumSize() );
- }
+ int kBytes = k / 8;
+ byte[] result = new byte[kBytes];
+ byte[] fillingKey = encrypt( nFoldedUsage, key );
- public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText )
- {
- byte[] conFounder = getRandomBytes( confounderSize() );
- byte[] zeroedChecksum = new byte[checksumSize()];
- byte[] paddedPlainText = padString( plainText );
- byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
- byte[] checksumBytes = calculateChecksum( dataBytes );
- byte[] paddedDataBytes = padString( dataBytes );
+ int pos = 0;
- // lay the checksum into the ciphertext
- for ( int i = confounderSize(); i < confounderSize() + checksumSize(); i++ )
+ for ( int i = 0; i < kBytes; i++ )
{
- paddedDataBytes[i] = checksumBytes[i - confounderSize()];
+ if ( pos < fillingKey.length )
+ {
+ result[i] = fillingKey[pos];
+ pos++;
+ }
+ else
+ {
+ fillingKey = encrypt( fillingKey, key );
+ pos = 0;
+ result[i] = fillingKey[pos];
+ pos++;
+ }
}
- byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
-
- return new EncryptedData( encryptionType(), key.getKeyVersion(), encryptedData );
- }
-
-
- private byte[] encrypt( byte[] data, byte[] key )
- {
- return processBlockCipher( true, data, key, null );
- }
-
-
- private byte[] decrypt( byte[] data, byte[] key )
- {
- return processBlockCipher( false, data, key, null );
+ return result;
}
- private byte[] getRandomBytes( int size )
+ // Encryption
+ protected byte[] getRandomBytes( int size )
{
byte[] bytes = new byte[size];
@@ -123,7 +104,8 @@
}
- private byte[] padString( byte encodedString[] )
+ // Encryption
+ protected byte[] padString( byte encodedString[] )
{
int x;
if ( encodedString.length < 8 )
@@ -153,7 +135,8 @@
}
- private byte[] concatenateBytes( byte[] array1, byte[] array2 )
+ // Encryption
+ protected byte[] concatenateBytes( byte[] array1, byte[] array2 )
{
byte concatenatedBytes[] = new byte[array1.length + array2.length];
@@ -171,20 +154,28 @@
}
- private byte[] calculateChecksum( byte[] data )
+ // Decryption
+ protected byte[] removeLeadingBytes( byte[] array, int confounder, int checksum )
{
- ChecksumEngine digester = getChecksumEngine();
+ byte lessBytes[] = new byte[array.length - confounder - checksum];
- return digester.calculateChecksum( data );
+ int j = 0;
+ for ( int i = confounder + checksum; i < array.length; i++ )
+ {
+ lessBytes[j] = array[i];
+ j++;
+ }
+
+ return lessBytes;
}
- private byte[] removeBytes( byte[] array, int confounder, int checksum )
+ protected byte[] removeTrailingBytes( byte[] array, int confounder, int checksum )
{
byte lessBytes[] = new byte[array.length - confounder - checksum];
int j = 0;
- for ( int i = confounder + checksum; i < array.length; i++ )
+ for ( int i = 0; i < array.length - confounder - checksum; i++ )
{
lessBytes[j] = array[i];
j++;
@@ -194,39 +185,76 @@
}
- private byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+ protected int getBit( byte[] data, int pos )
{
- byte[] returnData = new byte[data.length];
- CBCBlockCipher cbcCipher = new CBCBlockCipher( getBlockCipher() );
- KeyParameter keyParameter = new KeyParameter( key );
+ int posByte = pos / 8;
+ int posBit = pos % 8;
- if ( ivec != null )
- {
- ParametersWithIV kpWithIV = new ParametersWithIV( keyParameter, ivec );
- cbcCipher.init( encrypt, kpWithIV );
- }
- else
- {
- cbcCipher.init( encrypt, keyParameter );
- }
+ byte valByte = data[posByte];
+ int valInt = valByte >> ( 8 - ( posBit + 1 ) ) & 0x0001;
+ return valInt;
+ }
- int offset = 0;
- int processedBytesLength = 0;
- while ( offset < returnData.length )
- {
- try
- {
- processedBytesLength = cbcCipher.processBlock( data, offset, returnData, offset );
- offset += processedBytesLength;
- }
- catch ( Exception e )
- {
- e.printStackTrace();
- break;
- }
- }
+ protected void setBit( byte[] data, int pos, int val )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+ byte oldByte = data[posByte];
+ oldByte = ( byte ) ( ( ( 0xFF7F >> posBit ) & oldByte ) & 0x00FF );
+ byte newByte = ( byte ) ( ( val << ( 8 - ( posBit + 1 ) ) ) | oldByte );
+ data[posByte] = newByte;
+ }
+
- return returnData;
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Kc = DK(base-key, usage | 0x99);
+ */
+ protected byte[] getUsageKc( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0x99 );
+ }
+
+
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Ke = DK(base-key, usage | 0xAA);
+ */
+ protected byte[] getUsageKe( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0xAA );
+ }
+
+
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Ki = DK(base-key, usage | 0x55);
+ */
+ protected byte[] getUsageKi( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0x55 );
+ }
+
+
+ private byte[] getUsage( int usage, byte constant )
+ {
+ byte[] bytes = new byte[5];
+ bytes[0] = ( byte ) ( ( usage >>> 24 ) & 0x000000FF );
+ bytes[1] = ( byte ) ( ( usage >> 16 ) & 0x000000FF );
+ bytes[2] = ( byte ) ( ( usage >> 8 ) & 0x000000FF );
+ bytes[3] = ( byte ) ( usage & 0x00FF );
+ bytes[4] = constant;
+
+ return bytes;
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java Wed May 23 17:26:40 2007
@@ -26,45 +26,142 @@
/**
+ * A type-safe enumeration of Kerberos encryption types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class EncryptionType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The "unknown" encryption type.
*/
public static final EncryptionType UNKNOWN = new EncryptionType( -1, "UNKNOWN" );
+
+ /**
+ * The "null" encryption type.
+ */
public static final EncryptionType NULL = new EncryptionType( 0, "NULL" );
+
+ /**
+ * The des-cbc-crc encryption type.
+ */
public static final EncryptionType DES_CBC_CRC = new EncryptionType( 1, "des-cbc-crc" );
+
+ /**
+ * The des-cbc-md4 encryption type.
+ */
public static final EncryptionType DES_CBC_MD4 = new EncryptionType( 2, "des-cbc-md4" );
+
+ /**
+ * The des-cbc-md5 encryption type.
+ */
public static final EncryptionType DES_CBC_MD5 = new EncryptionType( 3, "des-cbc-md5" );
+
+ /**
+ * The reserved (4) encryption type.
+ */
public static final EncryptionType RESERVED4 = new EncryptionType( 4, "[reserved]" );
+
+ /**
+ * The des3-cbc-md5 encryption type.
+ */
public static final EncryptionType DES3_CBC_MD5 = new EncryptionType( 5, "des3-cbc-md5" );
+
+ /**
+ * The reserved (6) encryption type.
+ */
public static final EncryptionType RESERVED6 = new EncryptionType( 6, "[reserved]" );
+
+ /**
+ * The des3-cbc-sha1 encryption type.
+ */
public static final EncryptionType DES3_CBC_SHA1 = new EncryptionType( 7, "des3-cbc-sha1" );
+
+ /**
+ * The dsaWithSHA1-CmsOID encryption type.
+ */
public static final EncryptionType DSAWITHSHA1_CMSOID = new EncryptionType( 9, "dsaWithSHA1-CmsOID" );
+
+ /**
+ * The md5WithRSAEncryption-CmsOID encryption type.
+ */
public static final EncryptionType MD5WITHRSAENCRYPTION_CMSOID = new EncryptionType( 10,
"md5WithRSAEncryption-CmsOID" );
+
+ /**
+ * The sha1WithRSAEncryption-CmsOID encryption type.
+ */
public static final EncryptionType SHA1WITHRSAENCRYPTION_CMSOID = new EncryptionType( 11,
"sha1WithRSAEncryption-CmsOID" );
+
+ /**
+ * The rc2CBC-EnvOID encryption type.
+ */
public static final EncryptionType RC2CBC_ENVOID = new EncryptionType( 12, "rc2CBC-EnvOID" );
+
+ /**
+ * The rsaEncryption-EnvOID encryption type.
+ */
public static final EncryptionType RSAENCRYPTION_ENVOID = new EncryptionType( 13, "rsaEncryption-EnvOID" );
+
+ /**
+ * The rsaES-OAEP-ENV-OID encryption type.
+ */
public static final EncryptionType RSAES_OAEP_ENV_OID = new EncryptionType( 14, "rsaES-OAEP-ENV-OID" );
+
+ /**
+ * The des-ede3-cbc-Env-OID encryption type.
+ */
public static final EncryptionType DES_EDE3_CBC_ENV_OID = new EncryptionType( 15, "des-ede3-cbc-Env-OID" );
+
+ /**
+ * The des3-cbc-sha1-kd encryption type.
+ */
public static final EncryptionType DES3_CBC_SHA1_KD = new EncryptionType( 16, "des3-cbc-sha1-kd" );
+
+ /**
+ * The aes128-cts-hmac-sha1-96 encryption type.
+ */
public static final EncryptionType AES128_CTS_HMAC_SHA1_96 = new EncryptionType( 17, "aes128-cts-hmac-sha1-96" );
+
+ /**
+ * The aes256-cts-hmac-sha1-96 encryption type.
+ */
public static final EncryptionType AES256_CTS_HMAC_SHA1_96 = new EncryptionType( 18, "aes256-cts-hmac-sha1-96" );
+
+ /**
+ * The rc4-hmac encryption type.
+ */
public static final EncryptionType RC4_HMAC = new EncryptionType( 23, "rc4-hmac" );
+
+ /**
+ * The rc4-hmac-exp encryption type.
+ */
public static final EncryptionType RC4_HMAC_EXP = new EncryptionType( 24, "rc4-hmac-exp" );
+
+ /**
+ * The subkey-keymaterial encryption type.
+ */
public static final EncryptionType SUBKEY_KEYMATERIAL = new EncryptionType( 65, "subkey-keymaterial" );
+
+ /**
+ * The rc4-md4 encryption type.
+ */
public static final EncryptionType RC4_MD4 = new EncryptionType( -128, "rc4-md4" );
+
+ /**
+ * The c4-hmac-old encryption type.
+ */
public static final EncryptionType RC4_HMAC_OLD = new EncryptionType( -133, "rc4-hmac-old" );
+
+ /**
+ * The rc4-hmac-old-exp encryption type.
+ */
public static final EncryptionType RC4_HMAC_OLD_EXP = new EncryptionType( -135, "rc4-hmac-old-exp" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * Array for building a List of VALUES.
*/
private static final EncryptionType[] values =
{ UNKNOWN, NULL, DES_CBC_CRC, DES_CBC_MD4, DES_CBC_MD5, RESERVED4, DES3_CBC_MD5, RESERVED6, DES3_CBC_SHA1,
@@ -73,22 +170,38 @@
AES256_CTS_HMAC_SHA1_96, RC4_HMAC, RC4_HMAC_EXP, SUBKEY_KEYMATERIAL, RC4_MD4, RC4_HMAC_OLD,
RC4_HMAC_OLD_EXP };
+ /**
+ * A List of all the encryption type constants.
+ */
public static final List<EncryptionType> VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the encryption type.
+ */
private final String name;
+
+ /**
+ * The value/code for the encryption type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private EncryptionType(int ordinal, String name)
+ private EncryptionType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
+ /**
+ * Returns the encryption type when specified by its ordinal.
+ *
+ * @param type
+ * @return The encryption type.
+ */
public static EncryptionType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -103,9 +216,25 @@
}
+ /**
+ * Returns the number associated with this encryption type.
+ *
+ * @return The encryption type number.
+ */
public int getOrdinal()
{
return ordinal;
+ }
+
+
+ /**
+ * Returns the name associated with this encryption type.
+ *
+ * @return The name.
+ */
+ public String getName()
+ {
+ return name;
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java Wed May 23 17:26:40 2007
@@ -20,85 +20,67 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.bouncycastle.crypto.BlockCipher;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class NullEncryption extends EncryptionEngine
+class NullEncryption extends EncryptionEngine
{
- public BlockCipher getBlockCipher()
- {
- return null;
- }
-
-
- public ChecksumEngine getChecksumEngine()
- {
- return null;
- }
-
-
- public EncryptionType encryptionType()
+ public EncryptionType getEncryptionType()
{
return EncryptionType.NULL;
}
- public CipherType keyType()
+ public int getChecksumLength()
{
- return CipherType.NULL;
+ return 0;
}
- public ChecksumType checksumType()
+ public int getConfounderLength()
{
- return ChecksumType.NULL;
+ return 0;
}
- public int blockSize()
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
{
- return 1;
+ return data.getCipherText();
}
- public int keySize()
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
{
- return 0;
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), plainText );
}
- public int checksumSize()
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
{
- return 0;
+ return processCipher( true, plainText, keyBytes );
}
- public int confounderSize()
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
{
- return 0;
+ return processCipher( false, cipherText, keyBytes );
}
- public int minimumPadSize()
+ public byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage )
{
- return 0;
+ return null;
}
- protected byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+ private byte[] processCipher( boolean encrypt, byte[] data, byte[] key )
{
return data;
- }
-
-
- public byte[] calculateChecksum( byte[] plainText )
- {
- return null;
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java Wed May 23 17:26:40 2007
@@ -26,103 +26,364 @@
/**
- * Type safe enumeration of Kerberos error types
+ * A type-safe enumeration of Kerberos error types.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class ErrorType implements Comparable
{
- /*
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ /**
+ * No error.
*/
public static final ErrorType KDC_ERR_NONE = new ErrorType( 0, "No error" );
+
+ /**
+ * Client's entry in database expired.
+ */
public static final ErrorType KDC_ERR_NAME_EXP = new ErrorType( 1, "Client's entry in database expired" );
+
+ /**
+ * Server's entry in database has expired.
+ */
public static final ErrorType KDC_ERR_SERVICE_EXP = new ErrorType( 2, "Server's entry in database has expired" );
+
+ /**
+ * Requested protocol version number not supported.
+ */
public static final ErrorType KDC_ERR_BAD_PVNO = new ErrorType( 3,
"Requested protocol version number not supported" );
+
+ /**
+ * Client's key encrypted in old master key.
+ */
public static final ErrorType KDC_ERR_C_OLD_MAST_KVNO = new ErrorType( 4,
"Client's key encrypted in old master key" );
+
+ /**
+ * Server's key encrypted in old master key.
+ */
public static final ErrorType KDC_ERR_S_OLD_MAST_KVNO = new ErrorType( 5,
"Server's key encrypted in old master key" );
+
+ /**
+ * Client not found in Kerberos database.
+ */
public static final ErrorType KDC_ERR_C_PRINCIPAL_UNKNOWN = new ErrorType( 6,
"Client not found in Kerberos database" );
+
+ /**
+ * Server not found in Kerberos database.
+ */
public static final ErrorType KDC_ERR_S_PRINCIPAL_UNKNOWN = new ErrorType( 7,
"Server not found in Kerberos database" );
+
+ /**
+ * Multiple principal entries in database.
+ */
public static final ErrorType KDC_ERR_PRINCIPAL_NOT_UNIQUE = new ErrorType( 8,
"Multiple principal entries in database" );
+
+ /**
+ * The client or server has a null key.
+ */
public static final ErrorType KDC_ERR_NULL_KEY = new ErrorType( 9, "The client or server has a null key" );
+
+ /**
+ * Ticket not eligible for postdating.
+ */
public static final ErrorType KDC_ERR_CANNOT_POSTDATE = new ErrorType( 10, "Ticket not eligible for postdating" );
+
+ /**
+ * Requested start time is later than end time.
+ */
public static final ErrorType KDC_ERR_NEVER_VALID = new ErrorType( 11,
"Requested start time is later than end time" );
+
+ /**
+ * KDC policy rejects request.
+ */
public static final ErrorType KDC_ERR_POLICY = new ErrorType( 12, "KDC policy rejects request" );
+
+ /**
+ * KDC cannot accommodate requested option.
+ */
public static final ErrorType KDC_ERR_BADOPTION = new ErrorType( 13, "KDC cannot accommodate requested option" );
+
+ /**
+ * KDC has no support for encryption type.
+ */
public static final ErrorType KDC_ERR_ETYPE_NOSUPP = new ErrorType( 14, "KDC has no support for encryption type" );
+
+ /**
+ * KDC has no support for checksum type.
+ */
public static final ErrorType KDC_ERR_SUMTYPE_NOSUPP = new ErrorType( 15, "KDC has no support for checksum type" );
+
+ /**
+ * KDC has no support for padata type.
+ */
public static final ErrorType KDC_ERR_PADATA_TYPE_NOSUPP = new ErrorType( 16, "KDC has no support for padata type" );
+
+ /**
+ * KDC has no support for transitedEncoding type.
+ */
public static final ErrorType KDC_ERR_TRTYPE_NOSUPP = new ErrorType( 17,
"KDC has no support for transitedEncoding type" );
+
+ /**
+ * Clients credentials have been revoked.
+ */
public static final ErrorType KDC_ERR_CLIENT_REVOKED = new ErrorType( 18, "Clients credentials have been revoked" );
+
+ /**
+ * Credentials for server have been revoked.
+ */
public static final ErrorType KDC_ERR_SERVICE_REVOKED = new ErrorType( 19,
"Credentials for server have been revoked" );
+
+ /**
+ * TGT has been revoked.
+ */
public static final ErrorType KDC_ERR_TGT_REVOKED = new ErrorType( 20, "TGT has been revoked" );
+
+ /**
+ * Client not yet valid - try again later.
+ */
public static final ErrorType KDC_ERR_CLIENT_NOTYET = new ErrorType( 21, "Client not yet valid - try again later" );
+
+ /**
+ * Server not yet valid - try again later.
+ */
public static final ErrorType KDC_ERR_SERVICE_NOTYET = new ErrorType( 22, "Server not yet valid - try again later" );
+
+ /**
+ * Password has expired - change password to reset.
+ */
public static final ErrorType KDC_ERR_KEY_EXPIRED = new ErrorType( 23,
"Password has expired - change password to reset" );
+
+ /**
+ * Pre-authentication information was invalid.
+ */
public static final ErrorType KDC_ERR_PREAUTH_FAILED = new ErrorType( 24,
"Pre-authentication information was invalid" );
+
+ /**
+ * Additional pre-authentication required.
+ */
public static final ErrorType KDC_ERR_PREAUTH_REQUIRED = new ErrorType( 25,
"Additional pre-authentication required" );
+
+ /**
+ * Requested server and ticket don't match.
+ */
public static final ErrorType KDC_ERR_SERVER_NOMATCH = new ErrorType( 26, "Requested server and ticket don't match" );
+
+ /**
+ * Server valid for user2user only.
+ */
public static final ErrorType KDC_ERR_MUST_USE_USER2USER = new ErrorType( 27, "Server valid for user2user only" );
+
+ /**
+ * KDC Policy rejects transitedEncoding path.
+ */
public static final ErrorType KDC_ERR_PATH_NOT_ACCEPTED = new ErrorType( 28,
"KDC Policy rejects transitedEncoding path" );
+
+ /**
+ * A service is not available.
+ */
public static final ErrorType KDC_ERR_SVC_UNAVAILABLE = new ErrorType( 29, "A service is not available" );
+
+ /**
+ * Integrity check on decrypted field failed.
+ */
public static final ErrorType KRB_AP_ERR_BAD_INTEGRITY = new ErrorType( 31,
"Integrity check on decrypted field failed" );
+
+ /**
+ * Ticket expired.
+ */
public static final ErrorType KRB_AP_ERR_TKT_EXPIRED = new ErrorType( 32, "Ticket expired" );
+
+ /**
+ * Ticket not yet valid.
+ */
public static final ErrorType KRB_AP_ERR_TKT_NYV = new ErrorType( 33, "Ticket not yet valid" );
+
+ /**
+ * Request is a replay.
+ */
public static final ErrorType KRB_AP_ERR_REPEAT = new ErrorType( 34, "Request is a replay" );
+
+ /**
+ * The ticket isn't for us.
+ */
public static final ErrorType KRB_AP_ERR_NOT_US = new ErrorType( 35, "The ticket isn't for us" );
+
+ /**
+ * Ticket and authenticator don't match.
+ */
public static final ErrorType KRB_AP_ERR_BADMATCH = new ErrorType( 36, "Ticket and authenticator don't match" );
+
+ /**
+ * Clock skew too great.
+ */
public static final ErrorType KRB_AP_ERR_SKEW = new ErrorType( 37, "Clock skew too great" );
+
+ /**
+ * Incorrect net address.
+ */
public static final ErrorType KRB_AP_ERR_BADADDR = new ErrorType( 38, "Incorrect net address" );
+
+ /**
+ * Protocol version mismatch.
+ */
public static final ErrorType KRB_AP_ERR_BADVERSION = new ErrorType( 39, "Protocol version mismatch" );
+
+ /**
+ * Invalid msg type.
+ */
public static final ErrorType KRB_AP_ERR_MSG_TYPE = new ErrorType( 40, "Invalid msg type" );
+
+ /**
+ * Message stream modified.
+ */
public static final ErrorType KRB_AP_ERR_MODIFIED = new ErrorType( 41, "Message stream modified" );
+
+ /**
+ * Message out of order.
+ */
public static final ErrorType KRB_AP_ERR_BADORDER = new ErrorType( 42, "Message out of order" );
+
+ /**
+ * Specified version of key is not available.
+ */
public static final ErrorType KRB_AP_ERR_BADKEYVER = new ErrorType( 44, "Specified version of key is not available" );
+
+ /**
+ * Service key not available.
+ */
public static final ErrorType KRB_AP_ERR_NOKEY = new ErrorType( 45, "Service key not available" );
+
+ /**
+ * Mutual authentication failed.
+ */
public static final ErrorType KRB_AP_ERR_MUT_FAIL = new ErrorType( 46, "Mutual authentication failed" );
+
+ /**
+ * Incorrect message direction.
+ */
public static final ErrorType KRB_AP_ERR_BADDIRECTION = new ErrorType( 47, "Incorrect message direction" );
+
+ /**
+ * Alternative authentication method required.
+ */
public static final ErrorType KRB_AP_ERR_METHOD = new ErrorType( 48, "Alternative authentication method required" );
+
+ /**
+ * Incorrect sequence number in message.
+ */
public static final ErrorType KRB_AP_ERR_BADSEQ = new ErrorType( 49, "Incorrect sequence number in message" );
+
+ /**
+ * Inappropriate type of checksum in message.
+ */
public static final ErrorType KRB_AP_ERR_INAPP_CKSUM = new ErrorType( 50,
"Inappropriate type of checksum in message" );
+
+ /**
+ * Generic error (description in e-text).
+ */
public static final ErrorType KRB_ERR_GENERIC = new ErrorType( 60, "Generic error (description in e-text)" );
+
+ /**
+ * Field is too long for this implementation.
+ */
public static final ErrorType KRB_ERR_FIELD_TOOLONG = new ErrorType( 61,
"Field is too long for this implementation" );
+
+ /**
+ * Client is not trusted.
+ */
public static final ErrorType KRB_ERR_CLIENT_NOT_TRUSTED = new ErrorType( 62, "Client is not trusted" );
+
+ /**
+ * KDC is not trusted.
+ */
public static final ErrorType KRB_ERR_KDC_NOT_TRUSTED = new ErrorType( 63, "KDC is not trusted" );
+
+ /**
+ * Signature is invalid.
+ */
public static final ErrorType KRB_ERR_INVALID_SIG = new ErrorType( 64, "Signature is invalid" );
+
+ /**
+ * Key too weak.
+ */
public static final ErrorType KRB_ERR_KEY_TOO_WEAK = new ErrorType( 65, "Key too weak" );
+
+ /**
+ * Certificates do not match.
+ */
public static final ErrorType KRB_ERR_CERTIFICATE_MISMATCH = new ErrorType( 66, "Certificates do not match" );
+
+ /**
+ * No tgt for user-to-user authentication.
+ */
public static final ErrorType KRB_AP_ERR_NO_TGT = new ErrorType( 67, "No tgt for user-to-user authentication" );
+
+ /**
+ * Wrong realm.
+ */
public static final ErrorType KRB_ERR_WRONG_REALM = new ErrorType( 68, "Wrong realm" );
+
+ /**
+ * User-to-user authentication required.
+ */
public static final ErrorType KRB_AP_ERR_USER_TO_USER_REQUIRED = new ErrorType( 69,
"User-to-user authentication required" );
+
+ /**
+ * Can't verify certificate.
+ */
public static final ErrorType KRB_ERR_CANT_VERIFY_CERTIFICATE = new ErrorType( 70, "Can't verify certificate" );
+
+ /**
+ * Invalid certificate.
+ */
public static final ErrorType KRB_ERR_INVALID_CERTIFICATE = new ErrorType( 71, "Invalid certificate" );
+
+ /**
+ * Revoked certificate.
+ */
public static final ErrorType KRB_ERR_REVOKED_CERTIFICATE = new ErrorType( 72, "Revoked certificate" );
+
+ /**
+ * Revocation status unknown.
+ */
public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNKNOWN = new ErrorType( 73, "Revocation status unknown" );
+
+ /**
+ * Revocation status unavailable.
+ */
public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNAVAILABLE = new ErrorType( 74,
"Revocation status unavailable" );
+
+ /**
+ * Client names do not match.
+ */
public static final ErrorType KRB_ERR_CLIENT_NAME_MISMATCH = new ErrorType( 75, "Client names do not match" );
+
+ /**
+ * KDC names do not match.
+ */
public static final ErrorType KRB_ERR_KDC_NAME_MISMATCH = new ErrorType( 76, "KDC names do not match" );
- /** Array for building a List of VALUES. */
+ /**
+ * Array for building a List of VALUES.
+ */
private static final ErrorType[] values =
{ KDC_ERR_NONE, KDC_ERR_NAME_EXP, KDC_ERR_SERVICE_EXP, KDC_ERR_BAD_PVNO, KDC_ERR_C_OLD_MAST_KVNO,
KDC_ERR_S_OLD_MAST_KVNO, KDC_ERR_C_PRINCIPAL_UNKNOWN, KDC_ERR_S_PRINCIPAL_UNKNOWN,
@@ -142,20 +403,26 @@
KRB_ERR_REVOCATION_STATUS_UNKNOWN, KRB_ERR_REVOCATION_STATUS_UNAVAILABLE, KRB_ERR_CLIENT_NAME_MISMATCH,
KRB_ERR_KDC_NAME_MISMATCH };
- /** a list of all the error type constants */
+ /**
+ * A List of all the error type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
- /** the name of the error type */
+ /**
+ * The name of the error type.
+ */
private final String name;
- /** the value/code for the error type */
+ /**
+ * The value/code for the error type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private ErrorType(int ordinal, String name)
+ private ErrorType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java Wed May 23 17:26:40 2007
@@ -41,6 +41,13 @@
*/
public class ApplicationRequestDecoder
{
+ /**
+ * Decodes a byte array into an {@link ApplicationRequest}.
+ *
+ * @param encodedAuthHeader
+ * @return The {@link ApplicationRequest}.
+ * @throws IOException
+ */
public ApplicationRequest decode( byte[] encodedAuthHeader ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedAuthHeader );
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java Wed May 23 17:26:40 2007
@@ -42,6 +42,8 @@
* cksumtype[0] INTEGER,
* checksum[1] OCTET STRING
* }
+ * @param sequence
+ * @return The {@link Checksum}.
*/
public static Checksum decode( DERSequence sequence )
{
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java Wed May 23 17:26:40 2007
@@ -32,5 +32,12 @@
*/
public interface Decoder
{
+ /**
+ * Decodes the byte array into an {@link Encodable} object.
+ *
+ * @param object
+ * @return The {@link Encodable} object.
+ * @throws IOException
+ */
public Encodable decode( byte[] object ) throws IOException;
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java Wed May 23 17:26:40 2007
@@ -27,5 +27,10 @@
*/
public interface DecoderFactory
{
+ /**
+ * Returns the {@link Decoder}.
+ *
+ * @return The {@link Decoder}.
+ */
public Decoder getDecoder();
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java Wed May 23 17:26:40 2007
@@ -40,6 +40,13 @@
*/
public class EncryptedDataDecoder
{
+ /**
+ * Decodes a byte array into an {@link EncryptedData}.
+ *
+ * @param encodedEncryptedData
+ * @return The {@link EncryptedData}.
+ * @throws IOException
+ */
public static EncryptedData decode( byte[] encodedEncryptedData ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedEncryptedData );
@@ -51,11 +58,16 @@
/**
+ * Decodes a {@link DERSequence} into an {@link EncryptedData}.
+ *
* EncryptedData ::= SEQUENCE {
* etype[0] INTEGER, -- EncryptionEngine
* kvno[1] INTEGER OPTIONAL,
* cipher[2] OCTET STRING -- ciphertext
* }
+ *
+ * @param sequence
+ * @return The {@link EncryptedData}.
*/
public static EncryptedData decode( DERSequence sequence )
{
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java Wed May 23 17:26:40 2007
@@ -20,10 +20,12 @@
package org.apache.directory.server.kerberos.shared.io.decoder;
+import java.io.IOException;
import java.util.Enumeration;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.shared.asn1.der.ASN1InputStream;
import org.apache.directory.shared.asn1.der.DEREncodable;
import org.apache.directory.shared.asn1.der.DERInteger;
import org.apache.directory.shared.asn1.der.DEROctetString;
@@ -37,6 +39,23 @@
*/
public class EncryptionKeyDecoder
{
+ /**
+ * Decodes a byte array into an {@link EncryptionKey}.
+ *
+ * @param encodedEncryptionKey
+ * @return The {@link EncryptionKey}.
+ * @throws IOException
+ */
+ public static EncryptionKey decode( byte[] encodedEncryptionKey ) throws IOException
+ {
+ ASN1InputStream ais = new ASN1InputStream( encodedEncryptionKey );
+
+ DERSequence sequence = ( DERSequence ) ais.readObject();
+
+ return decode( sequence );
+ }
+
+
/**
* EncryptionKey ::= SEQUENCE {
* keytype[0] INTEGER,
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java Wed May 23 17:26:40 2007
@@ -47,6 +47,13 @@
*/
public class KdcRequestDecoder
{
+ /**
+ * Decodes a {@link ByteBuffer} into a {@link KdcRequest}.
+ *
+ * @param in
+ * @return The {@link KdcRequest}.
+ * @throws IOException
+ */
public KdcRequest decode( ByteBuffer in ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( in );
Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java Wed May 23 17:26:40 2007
@@ -40,6 +40,13 @@
*/
public class PreAuthenticationDataDecoder
{
+ /**
+ * Decodes a byte array into {@link PreAuthenticationData}.
+ *
+ * @param encodedPreAuthData
+ * @return The {@link PreAuthenticationData}.
+ * @throws IOException
+ */
public PreAuthenticationData decode( byte[] encodedPreAuthData ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedPreAuthData );