You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/11/29 01:57:34 UTC
[07/13] directory-kerby git commit: Synced with latest master branch
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
deleted file mode 100644
index 0fe3bcb..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/EncTicketPart.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.asn1.type.Asn1FieldInfo;
-import org.apache.kerby.asn1.type.ExplicitField;
-import org.apache.kerby.kerberos.kerb.spec.KerberosString;
-import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerby.kerberos.kerb.spec.ad.AuthorizationData;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
-import org.apache.kerby.kerberos.kerb.spec.base.HostAddresses;
-import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
-import org.apache.kerby.kerberos.kerb.spec.base.TransitedEncoding;
-
-/**
- -- Encrypted part of ticket
- EncTicketPart ::= [APPLICATION 3] SEQUENCE {
- flags [0] TicketFlags,
- key [1] EncryptionKey,
- crealm [2] Realm,
- cname [3] PrincipalName,
- transited [4] TransitedEncoding,
- authtime [5] KerberosTime,
- starttime [6] KerberosTime OPTIONAL,
- endtime [7] KerberosTime,
- renew-till [8] KerberosTime OPTIONAL,
- caddr [9] HostAddresses OPTIONAL,
- authorization-data [10] AuthorizationData OPTIONAL
- }
- */
-public class EncTicketPart extends KrbAppSequenceType {
- public static final int TAG = 3;
-
- private static final int FLAGS = 0;
- private static final int KEY = 1;
- private static final int CREALM = 2;
- private static final int CNAME = 3;
- private static final int TRANSITED = 4;
- private static final int AUTHTIME = 5;
- private static final int STARTTIME = 6;
- private static final int ENDTIME = 7;
- private static final int RENEW_TILL = 8;
- private static final int CADDR = 9;
- private static final int AUTHORIZATION_DATA = 10;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new ExplicitField(FLAGS, 0, TicketFlags.class),
- new ExplicitField(KEY, 1, EncryptionKey.class),
- new ExplicitField(CREALM, 2, KerberosString.class),
- new ExplicitField(CNAME, 3, PrincipalName.class),
- new ExplicitField(TRANSITED, 4, TransitedEncoding.class),
- new ExplicitField(AUTHTIME, 5, KerberosTime.class),
- new ExplicitField(STARTTIME, 6, KerberosTime.class),
- new ExplicitField(ENDTIME, 7, KerberosTime.class),
- new ExplicitField(ENDTIME, 8, KerberosTime.class),
- new ExplicitField(CADDR, 9, HostAddresses.class),
- new ExplicitField(AUTHORIZATION_DATA, 10, AuthorizationData.class)
- };
-
- public EncTicketPart() {
- super(TAG, fieldInfos);
- }
-
- public TicketFlags getFlags() {
- return getFieldAs(FLAGS, TicketFlags.class);
- }
-
- public void setFlags(TicketFlags flags) {
- setFieldAs(FLAGS, flags);
- }
-
- public EncryptionKey getKey() {
- return getFieldAs(KEY, EncryptionKey.class);
- }
-
- public void setKey(EncryptionKey key) {
- setFieldAs(KEY, key);
- }
-
- public String getCrealm() {
- return getFieldAsString(CREALM);
- }
-
- public void setCrealm(String crealm) {
- setFieldAsString(CREALM, crealm);
- }
-
- public PrincipalName getCname() {
- return getFieldAs(CNAME, PrincipalName.class);
- }
-
- public void setCname(PrincipalName cname) {
- setFieldAs(CNAME, cname);
- }
-
- public TransitedEncoding getTransited() {
- return getFieldAs(TRANSITED, TransitedEncoding.class);
- }
-
- public void setTransited(TransitedEncoding transited) {
- setFieldAs(TRANSITED, transited);
- }
-
- public KerberosTime getAuthTime() {
- return getFieldAs(AUTHTIME, KerberosTime.class);
- }
-
- public void setAuthTime(KerberosTime authTime) {
- setFieldAs(AUTHTIME, authTime);
- }
-
- public KerberosTime getStartTime() {
- return getFieldAs(STARTTIME, KerberosTime.class);
- }
-
- public void setStartTime(KerberosTime startTime) {
- setFieldAs(STARTTIME, startTime);
- }
-
- public KerberosTime getEndTime() {
- return getFieldAs(ENDTIME, KerberosTime.class);
- }
-
- public void setEndTime(KerberosTime endTime) {
- setFieldAs(ENDTIME, endTime);
- }
-
- public KerberosTime getRenewtill() {
- return getFieldAs(RENEW_TILL, KerberosTime.class);
- }
-
- public void setRenewtill(KerberosTime renewtill) {
- setFieldAs(RENEW_TILL, renewtill);
- }
-
- public HostAddresses getClientAddresses() {
- return getFieldAs(CADDR, HostAddresses.class);
- }
-
- public void setClientAddresses(HostAddresses clientAddresses) {
- setFieldAs(CADDR, clientAddresses);
- }
-
- public AuthorizationData getAuthorizationData() {
- return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
- }
-
- public void setAuthorizationData(AuthorizationData authorizationData) {
- setFieldAs(AUTHORIZATION_DATA, authorizationData);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/KrbTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/KrbTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/KrbTicket.java
deleted file mode 100644
index 1aae717..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/KrbTicket.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
-import org.apache.kerby.kerberos.kerb.spec.kdc.EncKdcRepPart;
-
-public class KrbTicket {
- private Ticket ticket;
- private EncKdcRepPart encKdcRepPart;
-
- public KrbTicket(Ticket ticket, EncKdcRepPart encKdcRepPart) {
- this.ticket = ticket;
- this.encKdcRepPart = encKdcRepPart;
- }
-
- public Ticket getTicket() {
- return ticket;
- }
-
- public EncKdcRepPart getEncKdcRepPart() {
- return encKdcRepPart;
- }
-
- public EncryptionKey getSessionKey() {
- return encKdcRepPart.getKey();
- }
-
- public String getRealm() {
- return ticket.getRealm();
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
deleted file mode 100644
index 0c119fa..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/ServiceTicket.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.kerberos.kerb.spec.kdc.EncTgsRepPart;
-
-public class ServiceTicket extends KrbTicket {
- public ServiceTicket(Ticket ticket, EncTgsRepPart encKdcRepPart) {
- super(ticket, encKdcRepPart);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
deleted file mode 100644
index 4cc97b0..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TgtTicket.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
-import org.apache.kerby.kerberos.kerb.spec.kdc.EncAsRepPart;
-
-public class TgtTicket extends KrbTicket {
- private PrincipalName clientPrincipal;
-
- public TgtTicket(Ticket ticket, EncAsRepPart encKdcRepPart, PrincipalName clientPrincipal) {
- super(ticket, encKdcRepPart);
- this.clientPrincipal = clientPrincipal;
- }
-
- public PrincipalName getClientPrincipal() {
- return clientPrincipal;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
deleted file mode 100644
index a660210..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Ticket.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.asn1.type.Asn1FieldInfo;
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.asn1.type.ExplicitField;
-import org.apache.kerby.kerberos.kerb.KrbConstant;
-import org.apache.kerby.kerberos.kerb.spec.KerberosString;
-import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptedData;
-import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
-
-/**
- Ticket ::= [APPLICATION 1] SEQUENCE {
- tkt-vno [0] INTEGER (5),
- realm [1] Realm,
- sname [2] PrincipalName,
- enc-part [3] EncryptedData -- EncTicketPart
- }
- */
-public class Ticket extends KrbAppSequenceType {
- public static final int TKT_KVNO = KrbConstant.KRB_V5;
- public static final int TAG = 1;
-
- private static final int TKT_VNO = 0;
- private static final int REALM = 1;
- private static final int SNAME = 2;
- private static final int ENC_PART = 3;
-
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
- new ExplicitField(TKT_VNO, 0, Asn1Integer.class),
- new ExplicitField(REALM, 1, KerberosString.class),
- new ExplicitField(SNAME, 2, PrincipalName.class),
- new ExplicitField(ENC_PART, 3, EncryptedData.class)
- };
-
- public Ticket() {
- super(TAG, fieldInfos);
- setTktKvno(TKT_KVNO);
- }
-
- private EncTicketPart encPart;
-
- public int getTktvno() {
- return getFieldAsInt(TKT_VNO);
- }
-
- public void setTktKvno(int kvno) {
- setFieldAsInt(TKT_VNO, kvno);
- }
- public PrincipalName getSname() {
- return getFieldAs(SNAME, PrincipalName.class);
- }
-
- public void setSname(PrincipalName sname) {
- setFieldAs(SNAME, sname);
- }
-
- public String getRealm() {
- return getFieldAsString(REALM);
- }
-
- public void setRealm(String realm) {
- setFieldAs(REALM, new KerberosString(realm));
- }
-
- public EncryptedData getEncryptedEncPart() {
- return getFieldAs(ENC_PART, EncryptedData.class);
- }
-
- public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
- setFieldAs(ENC_PART, encryptedEncPart);
- }
-
- public EncTicketPart getEncPart() {
- return encPart;
- }
-
- public void setEncPart(EncTicketPart encPart) {
- this.encPart = encPart;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
deleted file mode 100644
index ef53cee..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlag.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.asn1.type.Asn1EnumType;
-
-public enum TicketFlag implements Asn1EnumType {
- NONE(-1),
- FORWARDABLE(0x40000000),
- FORWARDED(0x20000000),
- PROXIABLE(0x10000000),
- PROXY(0x08000000),
- MAY_POSTDATE(0x04000000),
- POSTDATED(0x02000000),
- INVALID(0x01000000),
- RENEWABLE(0x00800000),
- INITIAL(0x00400000),
- PRE_AUTH(0x00200000),
- HW_AUTH(0x00100000),
- TRANSIT_POLICY_CHECKED(0x00080000),
- OK_AS_DELEGATE(0x00040000),
- ENC_PA_REP(0x00010000),
- ANONYMOUS(0x00008000);
-
- private final int value;
-
- private TicketFlag(int value) {
- this.value = value;
- }
-
- @Override
- public int getValue() {
- return value;
- }
-
- public static TicketFlag fromValue(int value) {
- for (Asn1EnumType e : values()) {
- if (e.getValue() == value) {
- return (TicketFlag) e;
- }
- }
-
- return NONE;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
deleted file mode 100644
index 88f5c01..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/TicketFlags.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.asn1.type.Asn1Flags;
-
-import static org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
-
-public class TicketFlags extends Asn1Flags {
-
- public TicketFlags() {
- this(0);
- }
-
- public TicketFlags(int value) {
- setFlags(value);
- }
-
- public boolean isInvalid() {
- return isFlagSet(INVALID.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
deleted file mode 100644
index a7acef0..0000000
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/ticket/Tickets.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.spec.ticket;
-
-import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
-
-/**
- SEQUENCE OF Ticket
- */
-public class Tickets extends KrbSequenceOfType<Ticket> {
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosString.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosString.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosString.java
new file mode 100644
index 0000000..d635669
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosString.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1GeneralString;
+
+/**
+ KerberosString ::= GeneralString -- (IA5String)
+ */
+public class KerberosString extends Asn1GeneralString {
+ public KerberosString() {
+ super();
+ }
+
+ public KerberosString(String value) {
+ super(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosStrings.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosStrings.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosStrings.java
new file mode 100644
index 0000000..3103b7a
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosStrings.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import java.util.List;
+
+public class KerberosStrings extends KrbSequenceOfType<KerberosString> {
+
+ public KerberosStrings() {
+ super();
+ }
+
+ public KerberosStrings(List<String> strings) {
+ super();
+ setValues(strings);
+ }
+
+ public void setValues(List<String> values) {
+ clear();
+ if (values != null) {
+ for (String value : values) {
+ addElement(new KerberosString(value));
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosTime.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosTime.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosTime.java
new file mode 100644
index 0000000..3a78bf0
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KerberosTime.java
@@ -0,0 +1,160 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1GeneralizedTime;
+
+import java.util.Date;
+
+/**
+ * A specialization of the ASN.1 GeneralTime. The Kerberos time contains date and
+ * time up to the seconds, but with no fractional seconds. It's also always
+ * expressed as UTC timeZone, thus the 'Z' at the end of its string representation.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KerberosTime extends Asn1GeneralizedTime {
+
+ /** Constant for the {@link KerberosTime} "infinity." */
+ public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
+
+ /** The number of milliseconds in a minute. */
+ public static final int MINUTE = 60000;
+
+ /** The number of milliseconds in a day. */
+ public static final int DAY = MINUTE * 1440;
+
+ /** The number of milliseconds in a week. */
+ public static final int WEEK = MINUTE * 10080;
+
+ /**
+ * Creates a new instance of a KerberosTime object with the current time
+ */
+ public KerberosTime() {
+ // divide current time by 1000 to drop the ms then multiply by 1000 to convert to ms
+ super((System.currentTimeMillis() / 1000L) * 1000L);
+ }
+
+ /**
+ * @param time in milliseconds
+ */
+ public KerberosTime(long time) {
+ super(time);
+ }
+
+ /**
+ * @return time in milliseconds
+ */
+ public long getTime() {
+ return getValue().getTime();
+ }
+
+ /**
+ * @param time set time in milliseconds
+ */
+ public void setTime(long time) {
+ setValue(new Date(time));
+ }
+
+ /**
+ * get the time in seconds
+ * @return The time
+ */
+ public long getTimeInSeconds() {
+ return getTime() / 1000;
+ }
+
+ public boolean lessThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) < 0;
+ }
+
+ /**
+ * @param time in milliseconds
+ * @return true if less
+ */
+ public boolean lessThan(long time) {
+ return getValue().getTime() < time;
+ }
+
+ /**
+ * @param ktime compare with milliseconds
+ * @return true if greater
+ */
+ public boolean greaterThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) > 0;
+ }
+
+ /**
+ * time in milliseconds
+ * @param clockSkew The clock skew
+ * @return true if in clock skew
+ */
+ public boolean isInClockSkew(long clockSkew) {
+ long delta = Math.abs(getTime() - System.currentTimeMillis());
+
+ return delta < clockSkew;
+ }
+
+ public KerberosTime copy() {
+ long time = getTime();
+ return new KerberosTime(time);
+ }
+
+ /**
+ * time in milliseconds.
+ * @param duration The duration
+ * @return The kerberos time
+ */
+ public KerberosTime extend(long duration) {
+ long result = getTime() + duration;
+ return new KerberosTime(result);
+ }
+
+ /**
+ * Return diff time in milliseconds
+ * @param other The kerberos time
+ * @return The diff time
+ */
+ public long diff(KerberosTime other) {
+ return getTime() - other.getTime();
+ }
+
+ public static KerberosTime now() {
+ return new KerberosTime(new Date().getTime());
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+
+ KerberosTime time = (KerberosTime) o;
+ return this.getValue().equals(time.getValue());
+ }
+
+ @Override
+ public int hashCode() {
+ return getValue().hashCode();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbAppSequenceType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbAppSequenceType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbAppSequenceType.java
new file mode 100644
index 0000000..8de28e0
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbAppSequenceType.java
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1EnumType;
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.TaggingSequence;
+
+/**
+ * This is for application specific sequence tagged with a number.
+ */
+public abstract class KrbAppSequenceType extends TaggingSequence {
+ public KrbAppSequenceType(int tagNo, Asn1FieldInfo[] fieldInfos) {
+ super(tagNo, fieldInfos, true, false); // Kerberos favors explicit
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ return getFieldAs(index, KerberosTime.class);
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, Asn1EnumType krbEnum) {
+ setFieldAsInt(index, krbEnum.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbIntegers.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbIntegers.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbIntegers.java
new file mode 100644
index 0000000..9ca2826
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbIntegers.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1Integer;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbIntegers extends KrbSequenceOfType<Asn1Integer> {
+
+ public KrbIntegers() {
+ super();
+ }
+
+ public KrbIntegers(List<Integer> values) {
+ super();
+ setValues(values);
+ }
+
+ public void setValues(List<Integer> values) {
+ clear();
+ if (values != null) {
+ for (Integer value : values) {
+ addElement(new Asn1Integer(value));
+ }
+ }
+ }
+
+ public List<Integer> getValues() {
+ List<Integer> results = new ArrayList<Integer>();
+ for (Asn1Integer value : getElements()) {
+ results.add(value.getValue().intValue());
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceOfType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceOfType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceOfType.java
new file mode 100644
index 0000000..06bfdd8
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceOfType.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1SequenceOf;
+import org.apache.kerby.asn1.type.Asn1String;
+import org.apache.kerby.asn1.type.Asn1Type;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbSequenceOfType<T extends Asn1Type> extends Asn1SequenceOf<T> {
+
+ public List<String> getAsStrings() {
+ List<T> elements = getElements();
+ List<String> results = new ArrayList<String>();
+ for (T ele : elements) {
+ if (ele instanceof Asn1String) {
+ results.add(((Asn1String) ele).getValue());
+ } else {
+ throw new RuntimeException("The targeted field type isn't of string");
+ }
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceType.java
new file mode 100644
index 0000000..3ff278d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/KrbSequenceType.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type;
+
+import org.apache.kerby.asn1.type.Asn1EnumType;
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1SequenceType;
+
+public abstract class KrbSequenceType extends Asn1SequenceType {
+
+ public KrbSequenceType(Asn1FieldInfo[] fieldInfos) {
+ super(fieldInfos);
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ return getFieldAs(index, KerberosTime.class);
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, Asn1EnumType value) {
+ setFieldAsInt(index, value.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AdToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AdToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AdToken.java
new file mode 100644
index 0000000..690af6b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AdToken.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ad;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
+import org.apache.kerby.kerberos.kerb.type.base.KrbToken;
+
+/**
+ AD-TOKEN ::= SEQUENCE {
+ token [0] OCTET STRING,
+ }
+*/
+public class AdToken extends KrbSequenceType {
+ private static final int TOKEN = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(TOKEN, KrbToken.class)
+ };
+
+ public AdToken() {
+ super(fieldInfos);
+ }
+
+ public KrbToken getToken() {
+ return getFieldAs(TOKEN, KrbToken.class);
+ }
+
+ public void setToken(KrbToken token) {
+ setFieldAs(TOKEN, token);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationData.java
new file mode 100644
index 0000000..26c28bf
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationData.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ad;
+
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceOfType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationDataEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationDataEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationDataEntry.java
new file mode 100644
index 0000000..c2750a4
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationDataEntry.java
@@ -0,0 +1,63 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ad;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationDataEntry extends KrbSequenceType {
+ private static final int AD_TYPE = 0;
+ private static final int AD_DATA = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(AD_TYPE, 0, Asn1Integer.class),
+ new ExplicitField(AD_DATA, 1, Asn1OctetString.class)
+ };
+
+ public AuthorizationDataEntry() {
+ super(fieldInfos);
+ }
+
+ public AuthorizationType getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return AuthorizationType.fromValue(value);
+ }
+
+ public void setAuthzType(AuthorizationType authzType) {
+ setFieldAsInt(AD_TYPE, authzType.getValue());
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctets(AD_DATA);
+ }
+
+ public void setAuthzData(byte[] authzData) {
+ setFieldAsOctets(AD_DATA, authzData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationType.java
new file mode 100644
index 0000000..979fc13
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ad/AuthorizationType.java
@@ -0,0 +1,143 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ad;
+
+import org.apache.kerby.asn1.type.Asn1EnumType;
+
+public enum AuthorizationType implements Asn1EnumType {
+ /**
+ * Constant for the "null" authorization type.
+ */
+ NULL(0),
+
+ /**
+ * Constant for the "if relevant" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IF_RELEVANT(1),
+
+ /**
+ * Constant for the "intended for server" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_SERVER(2),
+
+ /**
+ * Constant for the "intended for application class" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_APPLICATION_CLASS(3),
+
+ /**
+ * Constant for the "kdc issued" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_KDC_ISSUED(4),
+
+ /**
+ * Constant for the "or" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_OR(5),
+
+ /**
+ * Constant for the "mandatory ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_TICKET_EXTENSIONS(6),
+
+ /**
+ * Constant for the "in ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IN_TICKET_EXTENSIONS(7),
+
+ /**
+ * Constant for the "mandatory-for-kdc" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_FOR_KDC(8),
+
+ /**
+ * Constant for the "OSF DCE" authorization type.
+ *
+ * RFC 1510
+ */
+ OSF_DCE(64),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ SESAME(65),
+
+ /**
+ * Constant for the "OSF-DCE pki certid" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_OSF_DCE_PKI_CERTID(66),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_WIN2K_PAC(128),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_ETYPE_NEGOTIATION(129);
+
+ private final int value;
+
+ private AuthorizationType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static AuthorizationType fromValue(Integer value) {
+ if (value != null) {
+ for (Asn1EnumType e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (AuthorizationType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
new file mode 100644
index 0000000..9676c2f
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOption.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.type.Asn1EnumType;
+
+/**
+ APOptions ::= KrbFlags
+ -- reserved(0),
+ -- use-session-key(1),
+ -- mutual-required(2)
+ */
+public enum ApOption implements Asn1EnumType {
+ NONE(-1),
+ RESERVED(0x80000000),
+ USE_SESSION_KEY(0x40000000),
+ MUTUAL_REQUIRED(0x20000000),
+ ETYPE_NEGOTIATION(0x00000002),
+ USE_SUBKEY(0x00000001);
+
+ private final int value;
+
+ private ApOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static ApOption fromValue(int value) {
+ for (Asn1EnumType e : values()) {
+ if (e.getValue() == value) {
+ return (ApOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOptions.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOptions.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOptions.java
new file mode 100644
index 0000000..a024734
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApOptions.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.type.Asn1Flags;
+
+public class ApOptions extends Asn1Flags {
+
+ public ApOptions() {
+ this(0);
+ }
+
+ public ApOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApRep.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApRep.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApRep.java
new file mode 100644
index 0000000..fab60b6
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApRep.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.base.EncryptedData;
+import org.apache.kerby.kerberos.kerb.type.base.KrbMessage;
+import org.apache.kerby.kerberos.kerb.type.base.KrbMessageType;
+
+/**
+ AP-REP ::= [APPLICATION 15] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (15),
+ enc-part [2] EncryptedData -- EncAPRepPart
+ }
+ */
+public class ApRep extends KrbMessage {
+ private static final int ENC_PART = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(PVNO, 0, Asn1Integer.class),
+ new ExplicitField(MSG_TYPE, 1, Asn1Integer.class),
+ new ExplicitField(ENC_PART, 2, EncryptedData.class)
+ };
+
+ public ApRep() {
+ super(KrbMessageType.AP_REP, fieldInfos);
+ }
+
+ private EncAPRepPart encRepPart;
+
+ public EncAPRepPart getEncRepPart() {
+ return encRepPart;
+ }
+
+ public void setEncRepPart(EncAPRepPart encRepPart) {
+ this.encRepPart = encRepPart;
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApReq.java
new file mode 100644
index 0000000..c6ea848
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/ApReq.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.base.EncryptedData;
+import org.apache.kerby.kerberos.kerb.type.base.KrbMessage;
+import org.apache.kerby.kerberos.kerb.type.base.KrbMessageType;
+import org.apache.kerby.kerberos.kerb.type.ticket.Ticket;
+
+/**
+ AP-REQ ::= [APPLICATION 14] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (14),
+ ap-options [2] APOptions,
+ ticket [3] Ticket,
+ authenticator [4] EncryptedData -- Authenticator
+ }
+ */
+public class ApReq extends KrbMessage {
+ private static final int AP_OPTIONS = 2;
+ private static final int TICKET = 3;
+ private static final int AUTHENTICATOR = 4;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(PVNO, Asn1Integer.class),
+ new ExplicitField(MSG_TYPE, Asn1Integer.class),
+ new ExplicitField(AP_OPTIONS, ApOptions.class),
+ new ExplicitField(TICKET, Ticket.class),
+ new ExplicitField(AUTHENTICATOR, EncryptedData.class)
+ };
+
+ private Authenticator authenticator;
+
+ public ApReq() {
+ super(KrbMessageType.AP_REQ, fieldInfos);
+ }
+
+ public ApOptions getApOptions() {
+ return getFieldAs(AP_OPTIONS, ApOptions.class);
+ }
+
+ public void setApOptions(ApOptions apOptions) {
+ setFieldAs(AP_OPTIONS, apOptions);
+ }
+
+ public Ticket getTicket() {
+ return getFieldAs(TICKET, Ticket.class);
+ }
+
+ public void setTicket(Ticket ticket) {
+ setFieldAs(TICKET, ticket);
+ }
+
+ public Authenticator getAuthenticator() {
+ return authenticator;
+ }
+
+ public void setAuthenticator(Authenticator authenticator) {
+ this.authenticator = authenticator;
+ }
+
+ public EncryptedData getEncryptedAuthenticator() {
+ return getFieldAs(AUTHENTICATOR, EncryptedData.class);
+ }
+
+ public void setEncryptedAuthenticator(EncryptedData encryptedAuthenticator) {
+ setFieldAs(AUTHENTICATOR, encryptedAuthenticator);
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/Authenticator.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/Authenticator.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/Authenticator.java
new file mode 100644
index 0000000..8fae5d3
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/Authenticator.java
@@ -0,0 +1,145 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KerberosString;
+import org.apache.kerby.kerberos.kerb.type.KerberosTime;
+import org.apache.kerby.kerberos.kerb.type.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.type.ad.AuthorizationData;
+import org.apache.kerby.kerberos.kerb.type.base.CheckSum;
+import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
+
+/**
+ Authenticator ::= [APPLICATION 2] SEQUENCE {
+ authenticator-vno [0] INTEGER (5),
+ crealm [1] Realm,
+ cname [2] PrincipalName,
+ cksum [3] Checksum OPTIONAL,
+ cusec [4] Microseconds,
+ ctime [5] KerberosTime,
+ subkey [6] EncryptionKey OPTIONAL,
+ seq-number [7] UInt32 OPTIONAL,
+ authorization-data [8] AuthorizationData OPTIONAL
+ }
+ */
+public class Authenticator extends KrbAppSequenceType {
+ public static final int TAG = 2;
+ private static final int AUTHENTICATOR_VNO = 0;
+ private static final int CREALM = 1;
+ private static final int CNAME = 2;
+ private static final int CKSUM = 3;
+ private static final int CUSEC = 4;
+ private static final int CTIME = 5;
+ private static final int SUBKEY = 6;
+ private static final int SEQ_NUMBER = 7;
+ private static final int AUTHORIZATION_DATA = 8;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(AUTHENTICATOR_VNO, 0, Asn1Integer.class),
+ new ExplicitField(CREALM, 1, KerberosString.class),
+ new ExplicitField(CNAME, 2, PrincipalName.class),
+ new ExplicitField(CKSUM, 3, CheckSum.class),
+ new ExplicitField(CUSEC, 4, Asn1Integer.class),
+ new ExplicitField(CTIME, 5, KerberosTime.class),
+ new ExplicitField(SUBKEY, 6, EncryptionKey.class),
+ new ExplicitField(SEQ_NUMBER, 7, Asn1Integer.class),
+ new ExplicitField(AUTHORIZATION_DATA, 8, AuthorizationData.class)
+ };
+
+ public Authenticator() {
+ super(TAG, fieldInfos);
+ }
+
+ public int getAuthenticatorVno() {
+ return getFieldAsInt(AUTHENTICATOR_VNO);
+ }
+
+ public void setAuthenticatorVno(int authenticatorVno) {
+ setFieldAsInt(AUTHENTICATOR_VNO, authenticatorVno);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String crealm) {
+ setFieldAsString(CREALM, crealm);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public CheckSum getCksum() {
+ return getFieldAs(CKSUM, CheckSum.class);
+ }
+
+ public void setCksum(CheckSum cksum) {
+ setFieldAs(CKSUM, cksum);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public EncryptionKey getSubKey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubKey(EncryptionKey subKey) {
+ setFieldAs(SUBKEY, subKey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ setFieldAs(AUTHORIZATION_DATA, authorizationData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/EncAPRepPart.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/EncAPRepPart.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/EncAPRepPart.java
new file mode 100644
index 0000000..4a0f589
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/ap/EncAPRepPart.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.ap;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KerberosTime;
+import org.apache.kerby.kerberos.kerb.type.KrbAppSequenceType;
+import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
+
+/**
+ EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
+ ctime [0] KerberosTime,
+ cusec [1] Microseconds,
+ subkey [2] EncryptionKey OPTIONAL,
+ seq-number [3] UInt32 OPTIONAL
+ }
+ */
+public class EncAPRepPart extends KrbAppSequenceType {
+ public static final int TAG = 27;
+ private static final int CTIME = 0;
+ private static final int CUSEC = 1;
+ private static final int SUBKEY = 2;
+ private static final int SEQ_NUMBER = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(CTIME, 0, KerberosTime.class),
+ new ExplicitField(CUSEC, 1, Asn1Integer.class),
+ new ExplicitField(SUBKEY, 2, EncryptionKey.class),
+ new ExplicitField(SEQ_NUMBER, 3, Asn1Integer.class)
+ };
+
+ public EncAPRepPart() {
+ super(TAG, fieldInfos);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public EncryptionKey getSubkey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubkey(EncryptionKey subkey) {
+ setFieldAs(SUBKEY, subkey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/AuthToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/AuthToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/AuthToken.java
new file mode 100644
index 0000000..5166f9e
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/AuthToken.java
@@ -0,0 +1,144 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.base;
+
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * This is the token definition API according to TokenPreauth draft.
+ */
+public interface AuthToken {
+
+ /**
+ * Get the token subject
+ * @return token subject
+ */
+ String getSubject();
+
+ /**
+ * Set token subject
+ * @param sub The token subject
+ */
+ void setSubject(String sub);
+
+ /**
+ * Get the token issuer
+ * @return token issuer
+ */
+ String getIssuer();
+
+ /**
+ * Set token issuer
+ * @param issuer The token issuer
+ */
+ void setIssuer(String issuer);
+
+ /**
+ * Get token audiences
+ * @return token audiences
+ */
+ List<String> getAudiences();
+
+ /**
+ * Set token audiences
+ * @param audiences The token audiences
+ */
+ void setAudiences(List<String> audiences);
+
+ /**
+ * Is an Identity Token ?
+ * @return true if it's an identity token, false otherwise
+ */
+ boolean isIdToken();
+
+ void isIdToken(boolean isIdToken);
+
+ /**
+ * Is an Access Token ?
+ * @return true if it's an access token, false otherwise
+ */
+ boolean isAcToken();
+
+ void isAcToken(boolean isAcToken);
+
+ /**
+ * Is a Bearer Token ?
+ * @return true if it's an bearer token, false otherwise
+ */
+ boolean isBearerToken();
+
+ /**
+ * Is an Holder-of-Key Token (HOK) ?
+ * @return true if it's a HOK token, false otherwise
+ */
+ boolean isHolderOfKeyToken();
+
+ /**
+ * Get token expired data time.
+ * @return expired time
+ */
+ Date getExpiredTime();
+
+ /**
+ * Set token expired time
+ * @param exp The token expired time
+ */
+ void setExpirationTime(Date exp);
+
+ /**
+ * Get token not before time.
+ * @return not before time
+ */
+ Date getNotBeforeTime();
+
+ /**
+ * Set token not before time.
+ * @param nbt The time
+ */
+ void setNotBeforeTime(Date nbt);
+
+ /**
+ * Get token issued at time when the token is issued.
+ * @return issued at time
+ */
+ Date getIssueTime();
+
+ /**
+ * Set token issued at time.
+ * @param iat Time time when token issued
+ */
+ void setIssueTime(Date iat);
+
+ /**
+ * Get token attributes.
+ * @return token attributes
+ */
+ Map<String, Object> getAttributes();
+
+ /**
+ * Add a token attribute.
+ * @param name The attribute name
+ * @param value The attribute value
+ */
+ void addAttribute(String name, Object value);
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSum.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSum.java
new file mode 100644
index 0000000..f70c426
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSum.java
@@ -0,0 +1,114 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.base;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ Checksum ::= SEQUENCE {
+ cksumtype [0] Int32,
+ checksum [1] OCTET STRING
+ }
+ */
+public class CheckSum extends KrbSequenceType {
+ private static final int CKSUM_TYPE = 0;
+ private static final int CHECK_SUM = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(CKSUM_TYPE, 0, Asn1Integer.class),
+ new ExplicitField(CHECK_SUM, 1, Asn1OctetString.class)
+ };
+
+ public CheckSum() {
+ super(fieldInfos);
+ }
+
+ public CheckSum(CheckSumType cksumType, byte[] checksum) {
+ this();
+
+ setCksumtype(cksumType);
+ setChecksum(checksum);
+ }
+
+ public CheckSum(int cksumType, byte[] checksum) {
+ this(CheckSumType.fromValue(cksumType), checksum);
+ }
+
+ public CheckSumType getCksumtype() {
+ Integer value = getFieldAsInteger(CKSUM_TYPE);
+ return CheckSumType.fromValue(value);
+ }
+
+ public void setCksumtype(CheckSumType cksumtype) {
+ setFieldAsInt(CKSUM_TYPE, cksumtype.getValue());
+ }
+
+ public byte[] getChecksum() {
+ return getFieldAsOctets(CHECK_SUM);
+ }
+
+ public void setChecksum(byte[] checksum) {
+ setFieldAsOctets(CHECK_SUM, checksum);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (other == null || getClass() != other.getClass()) {
+ return false;
+ }
+
+ CheckSum that = (CheckSum) other;
+
+ if (getCksumtype() != that.getCksumtype()) {
+ return false;
+ }
+
+ return Arrays.equals(getChecksum(), that.getChecksum());
+ }
+
+ @Override
+ public int hashCode() {
+ int result = 0;
+ if (getCksumtype() != null) {
+ result = 31 * result + getCksumtype().hashCode();
+ }
+ if (getChecksum() != null) {
+ result = 31 * result + Arrays.hashCode(getChecksum());
+ }
+ return result;
+ }
+
+ public boolean isEqual(CheckSum other) {
+ return this.equals(other);
+ }
+
+ public boolean isEqual(byte[] cksumBytes) {
+ return Arrays.equals(getChecksum(), cksumBytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSumType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSumType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSumType.java
new file mode 100644
index 0000000..d52093e
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/CheckSumType.java
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.base;
+
+import org.apache.kerby.asn1.type.Asn1EnumType;
+
+public enum CheckSumType implements Asn1EnumType {
+ NONE(0, "none", "None checksum type"),
+
+ CRC32(0x0001, "crc32", "CRC-32"),
+
+ RSA_MD4(0x0002, "md4", "RSA-MD4"),
+
+ RSA_MD4_DES(0x0003, "md4-des", "RSA-MD4 with DES cbc mode"),
+
+ DES_CBC(0x0004, "des-cbc", "DES cbc mode"),
+ DES_MAC(0x0004, "des-mac", "DES cbc mode"),
+
+ //des-mac-k
+
+ //rsa-md4-des-k
+
+ RSA_MD5(0x0007, "md5", "RSA-MD5"),
+
+ RSA_MD5_DES(0x0008, "md5-des", "RSA-MD5 with DES cbc mode"),
+
+ NIST_SHA(0x0009, "sha", "NIST-SHA"),
+
+ HMAC_SHA1_DES3(0x000c, "hmac-sha1-des3", "HMAC-SHA1 DES3 key"),
+ HMAC_SHA1_DES3_KD(0x000c, "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key"),
+
+ ////RFC 3962. Used with ENCTYPE_AES128_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES128(0x000f, "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key"),
+
+ //RFC 3962. Used with ENCTYPE_AES256_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES256(0x0010, "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA128(0x0011, "cmac-camellia128", "CMAC Camellia128 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA256(0x0012, "cmac-camellia256", "CMAC Camellia256 key"),
+
+ //Microsoft netlogon cksumtype
+ MD5_HMAC_ARCFOUR(-137, "md5-hmac-rc4", "Microsoft MD5 HMAC"),
+
+ //Microsoft md5 hmac cksumtype
+ HMAC_MD5_ARCFOUR(-138, "hmac-md5-arcfour", "Microsoft HMAC MD5"),
+ HMAC_MD5_ENC(-138, "hmac-md5-enc", "Microsoft HMAC MD5"),
+ HMAC_MD5_RC4(-138, "hmac-md5-rc4", "Microsoft HMAC MD5");
+
+ private final int value;
+
+ private final String name;
+
+ private final String displayName;
+
+ private CheckSumType(int value, String name, String displayName) {
+ this.value = value;
+ this.name = name;
+ this.displayName = displayName;
+ }
+
+ public static CheckSumType fromValue(Integer value) {
+ if (value != null) {
+ for (Asn1EnumType e : values()) {
+ if (e.getValue() == value) {
+ return (CheckSumType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ public static CheckSumType fromName(String name) {
+ if (name != null) {
+ for (CheckSumType cs : values()) {
+ if (cs.getName().equals(name)) {
+ return cs;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ /**
+ * Is the type uses AES256 or not
+ * @return true if uses AES256, false otherwise.
+ */
+ public boolean usesAES256() {
+ return name.contains("aes256");
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/800e02fd/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/EncryptedData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/EncryptedData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/EncryptedData.java
new file mode 100644
index 0000000..57a5d2d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/EncryptedData.java
@@ -0,0 +1,115 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.base;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptedData ::= SEQUENCE {
+ etype [0] Int32 -- EncryptionType --,
+ kvno [1] UInt32 OPTIONAL,
+ cipher [2] OCTET STRING -- ciphertext
+ }
+ */
+public class EncryptedData extends KrbSequenceType {
+ private static final int ETYPE = 0;
+ private static final int KVNO = 1;
+ private static final int CIPHER = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new ExplicitField(ETYPE, 0, Asn1Integer.class),
+ new ExplicitField(KVNO, 1, Asn1Integer.class),
+ new ExplicitField(CIPHER, 2, Asn1OctetString.class)
+ };
+
+ public EncryptedData() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEType() {
+ Integer value = getFieldAsInteger(ETYPE);
+ return EncryptionType.fromValue(value);
+ }
+
+ public void setEType(EncryptionType eType) {
+ setFieldAsInt(ETYPE, eType.getValue());
+ }
+
+ public int getKvno() {
+ Integer value = getFieldAsInteger(KVNO);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ public void setKvno(int kvno) {
+ setFieldAsInt(KVNO, kvno);
+ }
+
+ public byte[] getCipher() {
+ return getFieldAsOctets(CIPHER);
+ }
+
+ public void setCipher(byte[] cipher) {
+ setFieldAsOctets(CIPHER, cipher);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+
+ EncryptedData that = (EncryptedData) o;
+
+ /*
+ if (getKvno() != -1 && that.getKvno() != -1 &&
+ getKvno() != that.getKvno()) return false;
+ */
+
+ if (getEType() != that.getEType()) {
+ return false;
+ }
+
+ return Arrays.equals(getCipher(), that.getCipher());
+ }
+
+ @Override
+ public int hashCode() {
+ int result = 0;
+ if (getEType() != null) {
+ result = 31 * result + getEType().hashCode();
+ }
+ if (getCipher() != null) {
+ result = 31 * result + Arrays.hashCode(getCipher());
+ }
+ return result;
+ }
+}