You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/11/10 17:26:56 UTC
svn commit: r1033568 - in /directory/apacheds/trunk/kerberos-codec/src:
main/java/org/apache/directory/shared/kerberos/
main/java/org/apache/directory/shared/kerberos/components/
test/java/org/apache/directory/shared/kerberos/codec/
Author: elecharny
Date: Wed Nov 10 16:26:55 2010
New Revision: 1033568
URL: http://svn.apache.org/viewvc?rev=1033568&view=rev
Log:
o Added the KerberosTime class
o Finished the KRB-REQ-BODY encoder
o Added a fully decoded PDU in the test
Added:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosTime.java
Modified:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java
directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java
Added: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosTime.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosTime.java?rev=1033568&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosTime.java (added)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosTime.java Wed Nov 10 16:26:55 2010
@@ -0,0 +1,135 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.shared.kerberos;
+
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.TimeZone;
+import java.util.regex.Pattern;
+
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * An specialization of the ASN.1 GeneralTime. The Kerberos time contains date and
+ * time up to the seconds, but with no fractional seconds. It's also always
+ * expressed as UTC timeZone, thus the 'Z' at the end of its string representation.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KerberosTime
+{
+ /** A logger for this class */
+ private static final Logger LOG = LoggerFactory.getLogger( KerberosTime.class );
+
+ /** The GeneralizedDate pattern matching */
+ private static final String GENERALIZED_TIME_PATTERN =
+ "^\\d{4}" // century + year : 0000 to 9999
+ + "(0[1-9]|1[0-2])" // month : 01 to 12
+ + "(0[1-9]|[12]\\d|3[01])" // day : 01 to 31
+ + "([01]\\d|2[0-3])" // hour : 00 to 23
+ + "([0-5]\\d)" // minute : 00 to 59
+ + "([0-5]\\d)Z"; // second and UTC TZ
+
+ /** The date pattern. The regexp pattern is immutable, only one instance needed. */
+ private static final Pattern DATE_PATTERN = Pattern.compile( GENERALIZED_TIME_PATTERN );
+
+ /** The format for a KerberosTime */
+ private static final SimpleDateFormat sdf = new SimpleDateFormat( "yyyyMMddHHmmss'Z'" );
+
+ /** The UTC timeZone */
+ private static final TimeZone UTC = TimeZone.getTimeZone( "UTC" );
+
+ /** The KerberosTime */
+ private String date;
+
+ // Initialize the dateFormat with the UTC TZ
+ static
+ {
+ sdf.setTimeZone( UTC );
+ }
+
+ /**
+ * Creates a new instance of a KerberosTime object
+ */
+ public KerberosTime()
+ {
+ }
+
+
+ /**
+ * Creates a new instance of a KerberosTime object
+ */
+ public KerberosTime( long date )
+ {
+ Calendar calendar = Calendar.getInstance( UTC );
+ calendar.setTimeInMillis( date );
+ this.date = sdf.format( calendar.getTime() );
+ }
+
+
+ /**
+ * Sets the date if it's a valid KerberosTime
+ * @param date The date to store
+ */
+ public void setDate( String date )
+ {
+ boolean result = DATE_PATTERN.matcher( date ).find();
+
+ if ( result )
+ {
+ this.date = date;
+ LOG.debug( "Syntax valid for '{}'", date );
+ }
+ else
+ {
+ LOG.debug( "Syntax invalid for '{}'", date );
+ throw new IllegalArgumentException();
+ }
+ }
+
+
+ /**
+ * @return The date as a byte[]
+ */
+ public byte[] getBytes()
+ {
+ return StringTools.getBytesUtf8( date );
+ }
+
+
+ /**
+ * @return The stored date
+ */
+ public String getDate()
+ {
+ return date;
+ }
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public String toString()
+ {
+ return date;
+ }
+}
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java?rev=1033568&r1=1033567&r2=1033568&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java Wed Nov 10 16:26:55 2010
@@ -32,13 +32,13 @@ import org.apache.directory.shared.asn1.
import org.apache.directory.shared.asn1.ber.tlv.Value;
import org.apache.directory.shared.asn1.codec.EncoderException;
import org.apache.directory.shared.kerberos.KerberosConstants;
+import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.messages.Ticket;
import org.apache.directory.shared.ldap.util.StringTools;
import sun.security.krb5.internal.AuthorizationData;
-import sun.security.krb5.internal.KerberosTime;
@@ -588,7 +588,7 @@ public class KdcReqBody
// compute the global size
kdcReqBodyLength = 1 + TLV.getNbBytes( kdcReqBodySeqLength ) + kdcReqBodySeqLength;
- return 1 + TLV.getNbBytes( kdcReqBodyLength ) + kdcReqBodyLength;
+ return kdcReqBodyLength;
}
@@ -651,7 +651,9 @@ public class KdcReqBody
buffer.put( TLV.getBytes( fromLength ) );
// The value
- //Value.encode( buffer, from );
+ buffer.put( (byte)UniversalTag.GENERALIZED_TIME.getValue() );
+ buffer.put( (byte)0x0F );
+ buffer.put( from.getBytes() );
}
// The till -----------------------------------------------------------
@@ -660,7 +662,9 @@ public class KdcReqBody
buffer.put( TLV.getBytes( tillLength ) );
// The value
- //aaa
+ buffer.put( (byte)UniversalTag.GENERALIZED_TIME.getValue() );
+ buffer.put( (byte)0x0F );
+ buffer.put( till.getBytes() );
// The rtime if any ---------------------------------------------------
if ( rtime != null )
@@ -670,7 +674,9 @@ public class KdcReqBody
buffer.put( TLV.getBytes( rtimeLength ) );
// The value
- //aaa
+ buffer.put( (byte)UniversalTag.GENERALIZED_TIME.getValue() );
+ buffer.put( (byte)0x0F );
+ buffer.put( rtime.getBytes() );
}
// The nonce ----------------------------------------------------------
@@ -739,6 +745,7 @@ public class KdcReqBody
return buffer;
}
+
/**
* @see Object#toString()
*/
Modified: directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java?rev=1033568&r1=1033567&r2=1033568&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/test/java/org/apache/directory/shared/kerberos/codec/KdcReqBodyDecoderTest.java Wed Nov 10 16:26:55 2010
@@ -27,7 +27,9 @@ import java.nio.ByteBuffer;
import org.apache.directory.junit.tools.Concurrent;
import org.apache.directory.junit.tools.ConcurrentJunitRunner;
+import org.apache.directory.shared.asn1.ber.Asn1Decoder;
import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.codec.types.HostAddrType;
@@ -42,8 +44,6 @@ import org.apache.directory.shared.ldap.
import org.junit.Test;
import org.junit.runner.RunWith;
-import sun.security.krb5.internal.KerberosTime;
-
/**
* Test the decoder for a KdcReqBody
@@ -59,12 +59,132 @@ public class KdcReqBodyDecoderTest
@Test
public void testEncodeTicket() throws Exception
{
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ ByteBuffer stream = ByteBuffer.allocate( 0x15B );
+
+ stream.put( new byte[]
+ {
+ 0x30, (byte)0x82, 0x01, 0x57,
+ (byte)0xA0, 0x07,
+ 0x03, 0x04,
+ 0x01, 0x02, 0x03, 0x04,
+ (byte)0xA1, 0x13,
+ 0x30, 0x11,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x0A,
+ (byte)0xA1, 0x0A,
+ 0x30, 0x08,
+ 0x1B, 0x06,
+ 'c', 'l', 'i', 'e', 'n', 't',
+ (byte)0xA2, 0x0D,
+ 0x1B, 0x0B,
+ 'E', 'X', 'A', 'M', 'P', 'L', 'E', '.', 'C', 'O', 'M',
+ (byte)0xA3, 0x13,
+ 0x30, 0x11,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x0A,
+ (byte)0xA1, 0x0A,
+ 0x30, 0x08,
+ 0x1B, 0x06,
+ 's', 'e', 'r', 'v', 'e', 'r',
+ (byte)0xA4, 0x11,
+ 0x18, 0x0F,
+ '2', '0', '1', '0', '1', '1', '1', '0', '1', '5', '4', '5', '2', '5', 'Z',
+ (byte)0xA5, 0x11,
+ 0x18, 0x0F,
+ '2', '0', '1', '0', '1', '1', '1', '0', '1', '5', '4', '5', '2', '5', 'Z',
+ (byte)0xA6, 0x11,
+ 0x18, 0x0F,
+ '2', '0', '1', '0', '1', '1', '1', '0', '1', '5', '4', '5', '2', '5', 'Z',
+ (byte)0xA7, 0x04,
+ 0x02, 0x02,
+ 0x30, 0x39,
+ (byte)0xA8, 0x0B,
+ 0x30, 0x09,
+ 0x02, 0x01, 0x06,
+ 0x02, 0x01, 0x11,
+ 0x02, 0x01, 0x12,
+ (byte)0xA9, 0x2E,
+ 0x30, 0x2C,
+ 0x30, 0x14,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x02,
+ (byte)0xA1, 0x0D,
+ 0x04, 0x0B,
+ '1', '9', '2', '.', '1', '6', '8', '.', '0', '.', '1',
+ 0x30, 0x14,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x02,
+ (byte)0xA1, 0x0D,
+ 0x04, 0x0B,
+ '1', '9', '2', '.', '1', '6', '8', '.', '0', '.', '2',
+ (byte)0xAA, 0x11,
+ 0x30, 0x0F,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x11,
+ (byte)0xA2, 0x08,
+ 0x04, 0x06,
+ 'a', 'b', 'c', 'd', 'e', 'f',
+ (byte)0xAB, (byte)0x81, (byte)0x83,
+ 0x30, (byte)0x81, (byte)0x80,
+ 0x61, 0x3E,
+ 0x30, 0x3C,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x05,
+ (byte)0xA1, 0x0D,
+ 0x1B, 0x0B,
+ 'E', 'X', 'A', 'M', 'P', 'L', 'E', '.', 'C', 'O', 'M',
+ (byte)0xA2, 0x13,
+ 0x30, 0x11,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x01,
+ (byte)0xA1, 0x0A,
+ 0x30, 0x08,
+ 0x1B, 0x06,
+ 'c', 'l', 'i', 'e', 'n', 't',
+ (byte)0xA3, 0x11,
+ 0x30, 0x0F,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x11,
+ (byte)0xA2, 0x08,
+ 0x04, 0x06,
+ 'a', 'b', 'c', 'd', 'e', 'f',
+ 0x61, 0x3E,
+ 0x30, 0x3C,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x05,
+ (byte)0xA1, 0x0D,
+ 0x1B, 0x0B,
+ 'E', 'X', 'A', 'M', 'P', 'L', 'E', '.', 'C', 'O', 'M',
+ (byte)0xA2, 0x13,
+ 0x30, 0x11,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x01,
+ (byte)0xA1, 0x0A,
+ 0x30, 0x08,
+ 0x1B, 0x06,
+ 's', 'e', 'r', 'v', 'e', 'r',
+ (byte)0xA3, 0x11,
+ 0x30, 0x0F,
+ (byte)0xA0, 0x03,
+ 0x02, 0x01, 0x11,
+ (byte)0xA2, 0x08,
+ 0x04, 0x06,
+ 'a', 'b', 'c', 'd', 'e', 'f',
+
+ });
+
+ String decodedPdu = StringTools.dumpBytes( stream.array() );
+ stream.flip();
+
KdcReqBody body = new KdcReqBody();
body.setKdcOptions( new KdcOptions( new byte[]{0x01, 0x02, 0x03, 0x04} ) );
body.setCName( new PrincipalName( "client", PrincipalNameType.KRB_NT_ENTERPRISE ) );
body.setRealm( "EXAMPLE.COM" );
body.setSName( new PrincipalName( "server", PrincipalNameType.KRB_NT_ENTERPRISE ) );
+
body.setFrom( new KerberosTime( System.currentTimeMillis() ) );
body.setTill( new KerberosTime( System.currentTimeMillis() ) );
body.setRtime( new KerberosTime( System.currentTimeMillis() ) );
@@ -102,21 +222,19 @@ public class KdcReqBodyDecoderTest
int length = body.computeLength();
// Check the length
- assertEquals( 0x15E, length );
+ assertEquals( 0x15B, length );
// Check the encoding
- ByteBuffer bb = ByteBuffer.allocate( length );
+ ByteBuffer encodedPdu = ByteBuffer.allocate( length );
try
{
- bb = body.encode( bb );
+ encodedPdu = body.encode( encodedPdu );
// Check the length
- assertEquals( 0x15E, bb.limit() );
-
- System.out.println( StringTools.dumpBytes( bb.array() ) );
+ assertEquals( 0x15B, encodedPdu.limit() );
- //assertEquals( encodedPdu, decodedPdu );
+ //assertEquals( StringTools.dumpBytes( encodedPdu.array() ), decodedPdu );
}
catch ( EncoderException ee )
{