You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/12 14:06:32 UTC
[24/50] [abbrv] directory-kerberos git commit: Renaming packages in
haox-kerb projects, using "apache"
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
new file mode 100644
index 0000000..ce6b930
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KeyUsage.java
@@ -0,0 +1,109 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * From krb5.hin
+ */
+public enum KeyUsage implements KrbEnum
+{
+ UNKNOWN(-1),
+ NONE(0),
+ //AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key
+ AS_REQ_PA_ENC_TS(1),
+ //AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key),
+ //encrypted with the service key (Section 5.3)
+ KDC_REP_TICKET(2),
+ //AS-REP encrypted part (includes TGS session key or application session key),
+ //encrypted with the client key (Section 5.4.2)
+ AS_REP_ENCPART(3),
+ //TGS-REQ KDC-REQ-BODY AuthorizationData,
+ //encrypted with the TGS session key (Section 5.4.1)
+ TGS_REQ_AD_SESSKEY(4),
+ //TGS-REQ KDC-REQ-BODY AuthorizationData,
+ //encrypted with the TGS authenticator subkey (Section 5.4.1)
+ TGS_REQ_AD_SUBKEY(5),
+ //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum,
+ //keyed with the TGS session key (Section 5.5.1)
+ TGS_REQ_AUTH_CKSUM(6),
+ //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey),
+ //encrypted with the TGS session key (Section 5.5.1)
+ TGS_REQ_AUTH(7),
+ //TGS-REP encrypted part (includes application session key),
+ //encrypted with the TGS session key (Section 5.4.2)
+ TGS_REP_ENCPART_SESSKEY(8),
+ //TGS-REP encrypted part (includes application session key),
+ //encrypted with the TGS authenticator subkey (Section 5.4.2)
+ TGS_REP_ENCPART_SUBKEY(9),
+ //AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
+ AP_REQ_AUTH_CKSUM(10),
+ //AP-REQ Authenticator (includes application authenticator subkey),
+ //encrypted with the application session key (Section 5.5.1)
+ AP_REQ_AUTH(11),
+ //AP-REP encrypted part (includes application session subkey),
+ //encrypted with the application session key (Section 5.5.2)
+ AP_REP_ENCPART(12),
+ //KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
+ KRB_PRIV_ENCPART(13),
+ KRB_CRED_ENCPART(14),
+ KRB_SAFE_CKSUM(15),
+ APP_DATA_ENCRYPT(16),
+ APP_DATA_CKSUM(17),
+ KRB_ERROR_CKSUM(18),
+ AD_KDCISSUED_CKSUM(19),
+ AD_MTE(20),
+ AD_ITE(21),
+ GSS_TOK_MIC(22),
+ GSS_TOK_WRAP_INTEG(23),
+ GSS_TOK_WRAP_PRIV(24),
+ //Defined in Integrating SAM Mechanisms with Kerberos draft
+ PA_SAM_CHALLENGE_CKSUM(25),
+ //Note conflict with @ref PA_S4U_X509_USER_REQUEST
+ PA_SAM_CHALLENGE_TRACKID(26),
+ //Note conflict with @ref PA_S4U_X509_USER_REPLY
+ PA_SAM_RESPONSE(27),
+ //Defined in [MS-SFU]
+ //Note conflict with @ref PA_SAM_CHALLENGE_TRACKID
+ PA_S4U_X509_USER_REQUEST(26),
+ //Note conflict with @ref PA_SAM_RESPONSE
+ PA_S4U_X509_USER_REPLY(27),
+ //unused
+ PA_REFERRAL(26),
+ AD_SIGNEDPATH(-21),
+ IAKERB_FINISHED(42),
+ PA_PKINIT_KX(44),
+ PA_OTP_REQUEST(45), //See RFC 6560 section 4.2
+ //define in preauth-framework
+ FAST_REQ_CHKSUM(50),
+ FAST_ENC(51),
+ FAST_REP(52),
+ FAST_FINISHED(53),
+ ENC_CHALLENGE_CLIENT(54),
+ ENC_CHALLENGE_KDC(55),
+ AS_REQ(56);
+
+ private int value;
+
+ private KeyUsage(int value) {
+ this.value = value;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public static KeyUsage fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (KeyUsage) e;
+ }
+ }
+ }
+ return UNKNOWN;
+ }
+
+ public static final boolean isValid(int usage) {
+ return usage > -1;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
new file mode 100644
index 0000000..0f49eb8
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbError.java
@@ -0,0 +1,147 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.KrbErrorCode;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+
+/**
+ KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (30),
+ ctime [2] KerberosTime OPTIONAL,
+ cusec [3] Microseconds OPTIONAL,
+ stime [4] KerberosTime,
+ susec [5] Microseconds,
+ error-code [6] Int32,
+ crealm [7] Realm OPTIONAL,
+ cname [8] PrincipalName OPTIONAL,
+ realm [9] Realm -- service realm --,
+ sname [10] PrincipalName -- service name --,
+ e-text [11] KerberosString OPTIONAL,
+ e-data [12] OCTET STRING OPTIONAL
+ }
+ */
+public class KrbError extends KrbMessage {
+ private static int CTIME = 2;
+ private static int CUSEC = 3;
+ private static int STIME = 4;
+ private static int SUSEC = 5;
+ private static int ERROR_CODE = 6;
+ private static int CREALM = 7;
+ private static int CNAME = 8;
+ private static int REALM = 9;
+ private static int SNAME = 10;
+ private static int ETEXT = 11;
+ private static int EDATA = 12;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, KerberosTime.class),
+ new Asn1FieldInfo(CUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(STIME, KerberosTime.class),
+ new Asn1FieldInfo(SUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(ERROR_CODE, Asn1Integer.class),
+ new Asn1FieldInfo(CREALM, KerberosString.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(REALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(ETEXT, KerberosString.class),
+ new Asn1FieldInfo(EDATA, Asn1OctetString.class)
+ };
+
+ public KrbError() {
+ super(KrbMessageType.KRB_ERROR, fieldInfos);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAs(CTIME, KerberosTime.class);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(0, cusec);
+ }
+
+ public KerberosTime getStime() {
+ return getFieldAs(STIME, KerberosTime.class);
+ }
+
+ public void setStime(KerberosTime stime) {
+ setFieldAs(STIME, stime);
+ }
+
+ public int getSusec() {
+ return getFieldAsInt(SUSEC);
+ }
+
+ public void setSusec(int susec) {
+ setFieldAsInt(0, susec);
+ }
+
+ public KrbErrorCode getErrorCode() {
+ return KrbErrorCode.fromValue(getFieldAsInt(ERROR_CODE));
+ }
+
+ public void setErrorCode(KrbErrorCode errorCode) {
+ setField(0, errorCode);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String realm) {
+ setFieldAs(CREALM, new KerberosString(realm));
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName sname) {
+ setFieldAs(CNAME, sname);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+
+ public String getEtext() {
+ return getFieldAsString(ETEXT);
+ }
+
+ public void setEtext(String realm) {
+ setFieldAs(ETEXT, new KerberosString(realm));
+ }
+
+ public byte[] getEdata() {
+ return getFieldAsOctetBytes(EDATA);
+ }
+
+ public void setEdata(byte[] edata) {
+ setFieldAsOctetBytes(EDATA, edata);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
new file mode 100644
index 0000000..713ddff
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbFlags.java
@@ -0,0 +1,99 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1BitString;
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+import java.io.IOException;
+
+/**
+ KrbFlags ::= BIT STRING (SIZE (32..MAX))
+ -- minimum number of bits shall be sent,
+ -- but no fewer than 32
+ */
+public class KrbFlags extends Asn1BitString {
+ private static final int MAX_SIZE = 32;
+ private int flags;
+
+ public KrbFlags() {
+ this(0);
+ }
+
+ public KrbFlags(int value) {
+ super();
+ setFlags(value);
+ }
+
+ public void setFlags(int flags) {
+ this.flags = flags;
+ flags2Value();
+ }
+
+ public int getFlags() {
+ return flags;
+ }
+
+ public boolean isFlagSet(int flag) {
+ return (flags & (1 << flagPos(flag))) != 0;
+ }
+
+ public void setFlag(int flag) {
+ int newFlags = flags | 1 << flagPos(flag);
+ setFlags(newFlags);
+ }
+
+ public void clearFlag(int flag) {
+ int newFlags = flags & ~(1 << flagPos(flag));
+ setFlags(newFlags);
+ }
+
+ public void clear() {
+ setFlags(0);
+ }
+
+ public boolean isFlagSet(KrbEnum flag) {
+ return isFlagSet(flag.getValue());
+ }
+
+ public void setFlag(KrbEnum flag) {
+ setFlag(flag.getValue());
+ }
+
+ public void setFlag(KrbEnum flag, boolean isSet) {
+ if (isSet) {
+ setFlag(flag.getValue());
+ } else {
+ clearFlag(flag);
+ }
+ }
+
+ public void clearFlag(KrbEnum flag) {
+ clearFlag(flag.getValue());
+ }
+
+ private int flagPos(int flag) {
+ return MAX_SIZE - 1 - flag;
+ }
+
+ private void flags2Value() {
+ byte[] bytes = new byte[4];
+ bytes[0] = (byte) (flags >> 24);
+ bytes[1] = (byte) ((flags >> 16) & 0xFF);
+ bytes[2] = (byte) ((flags >> 8) & 0xFF);
+ bytes[3] = (byte) (flags & 0xFF);
+
+ setValue(bytes);
+ }
+
+ @Override
+ protected void toValue() throws IOException {
+ super.toValue();
+
+ if (getPadding() != 0 || getValue().length != 4) {
+ throw new IOException("Bad bitstring decoded as invalid krb flags");
+ }
+
+ byte[] valueBytes = getValue();
+ flags = ((valueBytes[0] & 0xFF) << 24) | ((valueBytes[1] & 0xFF) << 16) |
+ ((valueBytes[2] & 0xFF) << 8) | (0xFF & valueBytes[3]);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
new file mode 100644
index 0000000..a6fbe05
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessage.java
@@ -0,0 +1,35 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.KrbConstant;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+
+public abstract class KrbMessage extends KrbAppSequenceType {
+ protected static int PVNO = 0;
+ protected static int MSG_TYPE = 1;
+
+ private final int pvno = KrbConstant.KRB_V5;
+
+ public KrbMessage(KrbMessageType msgType, Asn1FieldInfo[] fieldInfos) {
+ super(msgType.getValue(), fieldInfos);
+ setPvno(pvno);
+ setMsgType(msgType);
+ }
+
+ public int getPvno() {
+ return pvno;
+ }
+
+ protected void setPvno(int pvno) {
+ setFieldAsInt(0, pvno);
+ }
+
+ public KrbMessageType getMsgType() {
+ Integer value = getFieldAsInteger(MSG_TYPE);
+ return KrbMessageType.fromValue(value);
+ }
+
+ public void setMsgType(KrbMessageType msgType) {
+ setFieldAsInt(MSG_TYPE, msgType.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
new file mode 100644
index 0000000..996aaf0
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbMessageType.java
@@ -0,0 +1,40 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum KrbMessageType implements KrbEnum {
+ NONE(-1),
+ AS_REQ(10),
+ AS_REP(11),
+ TGS_REQ(12),
+ TGS_REP(13),
+ AP_REQ(14),
+ AP_REP(15),
+ KRB_SAFE(20),
+ KRB_PRIV(21),
+ KRB_CRED(22),
+ KRB_ERROR(30);
+
+ private int value;
+
+ private KrbMessageType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static KrbMessageType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (KrbMessageType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
new file mode 100644
index 0000000..439bf3d
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbToken.java
@@ -0,0 +1,80 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.nio.ByteBuffer;
+import java.util.Map;
+
+/**
+ KRB-TOKEN_VALUE ::= SEQUENCE {
+ token-format [0] INTEGER,
+ token-value [1] OCTET STRING,
+ }
+ */
+public class KrbToken extends KrbSequenceType {
+ private static KrbTokenEncoder tokenEncoder;
+
+ private static int TOKEN_FORMAT = 0;
+ private static int TOKEN_VALUE = 1;
+
+ private Map<String, Object> attributes;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN_FORMAT, 0, Asn1Integer.class),
+ new Asn1FieldInfo(TOKEN_VALUE, 1, Asn1OctetString.class)
+ };
+
+ public KrbToken() {
+ super(fieldInfos);
+ }
+
+ @Override
+ public void encode(ByteBuffer buffer) {
+ setTokenValue(tokenEncoder.encode(this));
+ super.encode(buffer);
+ }
+
+ /*
+ @Override
+ public void decode(ByteBuffer content) throws IOException {
+ super.decode(content);
+ this.attributes = tokenEncoder.decode(this);
+ }
+ */
+
+ public static void setTokenEncoder(KrbTokenEncoder encoder) {
+ tokenEncoder = encoder;
+ }
+
+ public TokenFormat getTokenFormat() {
+ Integer value = getFieldAsInteger(TOKEN_FORMAT);
+ return TokenFormat.fromValue(value);
+ }
+
+ public void setTokenFormat(TokenFormat tokenFormat) {
+ setFieldAsInt(TOKEN_FORMAT, tokenFormat.getValue());
+ }
+
+ public byte[] getTokenValue() {
+ return getFieldAsOctets(TOKEN_VALUE);
+ }
+
+ public void setTokenValue(byte[] tokenValue) {
+ setFieldAsOctets(TOKEN_VALUE, tokenValue);
+ }
+
+ public Map<String, Object> getAttributes() {
+ if (attributes == null) {
+ this.attributes = tokenEncoder.decode(this);
+ }
+ return attributes;
+ }
+
+ public String getPrincipal() {
+ return (String) attributes.get("sub");
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
new file mode 100644
index 0000000..b8804a0
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/KrbTokenEncoder.java
@@ -0,0 +1,9 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import java.util.Map;
+
+public interface KrbTokenEncoder {
+
+ public byte[] encode(KrbToken token);
+ public Map<String, Object> decode(KrbToken token);
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
new file mode 100644
index 0000000..2175536
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReq.java
@@ -0,0 +1,13 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ LastReq ::= SEQUENCE OF SEQUENCE {
+ lr-type [0] Int32,
+ lr-value [1] KerberosTime
+ }
+ */
+public class LastReq extends KrbSequenceOfType<LastReqEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
new file mode 100644
index 0000000..9bc4b44
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqEntry.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ LastReq ::= SEQUENCE OF SEQUENCE {
+ lr-type [0] Int32,
+ lr-value [1] KerberosTime
+ }
+ */
+public class LastReqEntry extends KrbSequenceType {
+ private static int LR_TYPE = 0;
+ private static int LR_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(LR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(LR_VALUE, 1, KerberosTime.class)
+ };
+
+ public LastReqEntry() {
+ super(fieldInfos);
+ }
+
+ public LastReqType getLrType() {
+ Integer value = getFieldAsInteger(LR_TYPE);
+ return LastReqType.fromValue(value);
+ }
+
+ public void setLrType(LastReqType lrType) {
+ setFieldAsInt(LR_TYPE, lrType.getValue());
+ }
+
+ public KerberosTime getLrValue() {
+ return getFieldAs(LR_VALUE, KerberosTime.class);
+ }
+
+ public void setLrValue(KerberosTime lrValue) {
+ setFieldAs(LR_VALUE, lrValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
new file mode 100644
index 0000000..19d25b7
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/LastReqType.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum LastReqType implements KrbEnum {
+ NONE(0),
+ ALL_LAST_TGT(1),
+ THE_LAST_TGT(-1),
+ ALL_LAST_INITIAL(2),
+ THE_LAST_INITIAL(-2),
+ ALL_LAST_TGT_ISSUED(3),
+ THE_LAST_TGT_ISSUED(-3),
+ ALL_LAST_RENEWAL(4),
+ THE_LAST_RENEWAL(-4),
+ ALL_LAST_REQ(5),
+ THE_LAST_REQ(-5),
+ ALL_PW_EXPTIME(6),
+ THE_PW_EXPTIME(-6),
+ ALL_ACCT_EXPTIME(7),
+ THE_ACCT_EXPTIME(-7);
+
+ private int value;
+
+ private LastReqType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static LastReqType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (LastReqType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
new file mode 100644
index 0000000..bece84c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/MethodData.java
@@ -0,0 +1,11 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
+
+/**
+ METHOD-DATA ::= SEQUENCE OF PA-DATA
+ */
+public class MethodData extends KrbSequenceOfType<PaDataEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
new file mode 100644
index 0000000..18cbdaf
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/NameType.java
@@ -0,0 +1,35 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum NameType implements KrbEnum {
+ NT_UNKNOWN(0),
+ NT_PRINCIPAL(1),
+ NT_SRV_INST(2),
+ NT_SRV_HST(3),
+ NT_SRV_XHST(4),
+ NT_UID(5);
+
+ private int value;
+
+ private NameType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static NameType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (NameType) e;
+ }
+ }
+ }
+
+ return NT_UNKNOWN;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
new file mode 100644
index 0000000..79e296e
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/PrincipalName.java
@@ -0,0 +1,180 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosStrings;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ PrincipalName ::= SEQUENCE {
+ name-type [0] Int32,
+ name-string [1] SEQUENCE OF KerberosString
+ }
+ */
+public class PrincipalName extends KrbSequenceType {
+ private String realm;
+
+ private static int NAME_TYPE = 0;
+ private static int NAME_STRING = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NAME_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(NAME_STRING, KerberosStrings.class)
+ };
+
+ public PrincipalName() {
+ super(fieldInfos);
+ }
+
+ public PrincipalName(String nameString) {
+ this();
+ setNameType(NameType.NT_PRINCIPAL);
+ fromNameString(nameString);
+ }
+
+ public PrincipalName(List<String> nameStrings, NameType type) {
+ this();
+ setNameStrings(nameStrings);
+ setNameType(type);
+ }
+
+ public NameType getNameType() {
+ Integer value = getFieldAsInteger(NAME_TYPE);
+ return NameType.fromValue(value);
+ }
+
+ public void setNameType(NameType nameType) {
+ setFieldAsInt(NAME_TYPE, nameType.getValue());
+ }
+
+ public List<String> getNameStrings() {
+ KerberosStrings krbStrings = getFieldAs(NAME_STRING, KerberosStrings.class);
+ if (krbStrings != null) {
+ return krbStrings.getAsStrings();
+ }
+ return Collections.EMPTY_LIST;
+ }
+
+ public void setNameStrings(List<String> nameStrings) {
+ setFieldAs(NAME_STRING, new KerberosStrings(nameStrings));
+ }
+
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
+
+ public String getRealm() {
+ return this.realm;
+ }
+
+ public String getName() {
+ return makeSingleName();
+ }
+
+ private String makeSingleName() {
+ List<String> names = getNameStrings();
+ StringBuilder sb = new StringBuilder();
+ boolean isFirst = true;
+ for (String name : names) {
+ sb.append(name);
+ if (isFirst && names.size() > 1) {
+ sb.append('/');
+ }
+ isFirst = false;
+ }
+
+ String realm = getRealm();
+ if (realm != null && !realm.isEmpty()) {
+ sb.append('@');
+ sb.append(realm);
+ }
+
+ return sb.toString();
+ }
+
+ @Override
+ public String toString() {
+ return getName();
+ }
+
+ @Override
+ public int hashCode() {
+ return getName().hashCode();
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (other == null) {
+ return false;
+ } else if (this == other) {
+ return true;
+ } else if (other instanceof String) {
+ String otherPrincipal = (String) other;
+ String thisPrincipal = getName();
+ return thisPrincipal.equals(otherPrincipal);
+ } else if (! (other instanceof PrincipalName)) {
+ return false;
+ }
+
+ PrincipalName otherPrincipal = (PrincipalName) other;
+ if (getNameType() != ((PrincipalName) other).getNameType()) {
+ return false;
+ }
+
+ return getName().equals(otherPrincipal.getName());
+ }
+
+ private void fromNameString(String nameString) {
+ String tmpRealm = null;
+ List<String> nameStrings;
+ int pos = nameString.indexOf('@');
+ String nameParts = nameString;
+ if (pos != -1) {
+ nameParts = nameString.substring(0, pos);
+ tmpRealm = nameString.substring(pos + 1);
+ }
+ String parts[] = nameParts.split("\\/");
+ nameStrings = Arrays.asList(parts);
+
+ setNameStrings(nameStrings);
+ setRealm(tmpRealm);
+ }
+
+ public static String extractRealm(String principal) {
+ int pos = principal.indexOf('@');
+
+ if (pos > 0) {
+ return principal.substring(pos + 1);
+ }
+
+ throw new IllegalArgumentException("Not a valid principal, missing realm name");
+ }
+
+
+ public static String extractName(String principal) {
+ int pos = principal.indexOf('@');
+
+ if (pos < 0) {
+ return principal;
+ }
+
+ return principal.substring(0, pos);
+ }
+
+ public static String makeSalt(PrincipalName principalName) {
+ StringBuilder salt = new StringBuilder();
+ if (principalName.getRealm() != null) {
+ salt.append(principalName.getRealm().toString());
+ }
+ List<String> nameStrings = principalName.getNameStrings();
+ for (String ns : nameStrings) {
+ salt.append(ns);
+ }
+ return salt.toString();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
new file mode 100644
index 0000000..3236dd5
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/Realm.java
@@ -0,0 +1,15 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KerberosString;
+
+/**
+ * Realm ::= KerberosString
+ */
+public class Realm extends KerberosString {
+ public Realm() {
+ }
+
+ public Realm(String value) {
+ super(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
new file mode 100644
index 0000000..6c3ccc4
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/SamType.java
@@ -0,0 +1,47 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum SamType implements KrbEnum
+{
+ SAM_NONE(0),
+ /** safe SAM type enum for Enigma Logic */
+ SAM_TYPE_ENIGMA(1), // Enigma Logic"
+
+ /** safe SAM type enum for Digital Pathways */
+ SAM_TYPE_DIGI_PATH(2), // Digital Pathways
+
+ /** safe SAM type enum for S/key where KDC has key 0 */
+ SAM_TYPE_SKEY_K0(3), // S/key where KDC has key 0
+
+ /** safe SAM type enum for Traditional S/Key */
+ SAM_TYPE_SKEY(4), // Traditional S/Key
+
+ /** safe SAM type enum for Security Dynamics */
+ SAM_TYPE_SECURID(5), // Security Dynamics
+
+ /** safe SAM type enum for CRYPTOCard */
+ SAM_TYPE_CRYPTOCARD(6); // CRYPTOCard
+
+ private int value;
+
+ private SamType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static SamType fromValue(Integer value) {
+ if (value != null) {
+ for (SamType st : SamType.values() ) {
+ if (value == st.getValue()) {
+ return st;
+ }
+ }
+ }
+ return SAM_NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
new file mode 100644
index 0000000..f5a070b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TokenFormat.java
@@ -0,0 +1,31 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum TokenFormat implements KrbEnum {
+ NONE (0),
+ JWT (1);
+
+ private final int value;
+
+ private TokenFormat(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TokenFormat fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (TokenFormat) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
new file mode 100644
index 0000000..80574b7
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncoding.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ TransitedEncoding ::= SEQUENCE {
+ tr-type [0] Int32 -- must be registered --,
+ contents [1] OCTET STRING
+ }
+ */
+public class TransitedEncoding extends KrbSequenceType {
+ private static int TR_TYPE = 0;
+ private static int CONTENTS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CONTENTS, 1, Asn1OctetString.class)
+ };
+
+ public TransitedEncoding() {
+ super(fieldInfos);
+ }
+
+ public TransitedEncodingType getTrType() {
+ Integer value = getFieldAsInteger(TR_TYPE);
+ return TransitedEncodingType.fromValue(value);
+ }
+
+ public void setTrType(TransitedEncodingType trType) {
+ setField(TR_TYPE, trType);
+ }
+
+ public byte[] getContents() {
+ return getFieldAsOctets(CONTENTS);
+ }
+
+ public void setContents(byte[] contents) {
+ setFieldAsOctets(CONTENTS, contents);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
new file mode 100644
index 0000000..c96df4e
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/TransitedEncodingType.java
@@ -0,0 +1,32 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum TransitedEncodingType implements KrbEnum {
+ UNKNOWN(-1),
+ NULL(0),
+ DOMAIN_X500_COMPRESS(1);
+
+ private final int value;
+
+ private TransitedEncodingType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TransitedEncodingType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (TransitedEncodingType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
new file mode 100644
index 0000000..35a1011
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/ArmorType.java
@@ -0,0 +1,31 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum ArmorType implements KrbEnum {
+ NONE (0),
+ ARMOR_AP_REQUEST (1);
+
+ private final int value;
+
+ private ArmorType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static ArmorType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (ArmorType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
new file mode 100644
index 0000000..42cae2f
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOption.java
@@ -0,0 +1,32 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum FastOption implements KrbEnum {
+ NONE(-1),
+ RESERVED(0),
+ HIDE_CLIENT_NAMES(1),
+
+ KDC_FOLLOW_REFERRALS(16);
+
+ private final int value;
+
+ private FastOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static FastOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (FastOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
new file mode 100644
index 0000000..65e0d0d
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/FastOptions.java
@@ -0,0 +1,14 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.kerberos.kerb.spec.common.KrbFlags;
+
+public class FastOptions extends KrbFlags {
+
+ public FastOptions() {
+ this(0);
+ }
+
+ public FastOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
new file mode 100644
index 0000000..0e1de88
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmor.java
@@ -0,0 +1,45 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ KrbFastArmor ::= SEQUENCE {
+ armor-type [0] Int32,
+ -- Type of the armor.
+ armor-value [1] OCTET STRING,
+ -- Value of the armor.
+ }
+ */
+public class KrbFastArmor extends KrbSequenceType {
+ private static int ARMOR_TYPE = 0;
+ private static int ARMOR_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMOR_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(ARMOR_VALUE, Asn1OctetString.class)
+ };
+
+ public KrbFastArmor() {
+ super(fieldInfos);
+ }
+
+ public ArmorType getArmorType() {
+ Integer value = getFieldAsInteger(ARMOR_TYPE);
+ return ArmorType.fromValue(value);
+ }
+
+ public void setArmorType(ArmorType armorType) {
+ setFieldAsInt(ARMOR_TYPE, armorType.getValue());
+ }
+
+ public byte[] getArmorValue() {
+ return getFieldAsOctets(ARMOR_VALUE);
+ }
+
+ public void setArmorValue(byte[] armorValue) {
+ setFieldAsOctets(ARMOR_VALUE, armorValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
new file mode 100644
index 0000000..73b22e8
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredRep.java
@@ -0,0 +1,33 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+
+/**
+ KrbFastArmoredRep ::= SEQUENCE {
+ enc-fast-rep [0] EncryptedData, -- KrbFastResponse --
+ -- The encryption key is the armor key in the request, and
+ -- the key usage number is KEY_USAGE_FAST_REP.
+ }
+ */
+public class KrbFastArmoredRep extends KrbSequenceType {
+ private static int ENC_FAST_REP = 0;
+
+ //private
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ENC_FAST_REP, EncryptedData.class)
+ };
+
+ public KrbFastArmoredRep() {
+ super(fieldInfos);
+ }
+
+ public EncryptedData getEncFastRep() {
+ return getFieldAs(ENC_FAST_REP, EncryptedData.class);
+ }
+
+ public void setEncFastRep(EncryptedData encFastRep) {
+ setFieldAs(ENC_FAST_REP, encFastRep);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
new file mode 100644
index 0000000..6d8ada4
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastArmoredReq.java
@@ -0,0 +1,76 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+
+/**
+ KrbFastArmoredReq ::= SEQUENCE {
+ armor [0] KrbFastArmor OPTIONAL,
+ -- Contains the armor that identifies the armor key.
+ -- MUST be present in AS-REQ.
+ req-checksum [1] Checksum,
+ -- For AS, contains the checksum performed over the type
+ -- KDC-REQ-BODY for the req-body field of the KDC-REQ
+ -- structure;
+ -- For TGS, contains the checksum performed over the type
+ -- AP-REQ in the PA-TGS-REQ padata.
+ -- The checksum key is the armor key, the checksum
+ -- type is the required checksum type for the enctype of
+ -- the armor key, and the key usage number is
+ -- KEY_USAGE_FAST_REQ_CHKSUM.
+ enc-fast-req [2] EncryptedData, -- KrbFastReq --
+ -- The encryption key is the armor key, and the key usage
+ -- number is KEY_USAGE_FAST_ENC.
+ }
+ */
+public class KrbFastArmoredReq extends KrbSequenceType {
+ private static int ARMOR = 0;
+ private static int REQ_CHECKSUM = 1;
+ private static int ENC_FAST_REQ = 2;
+
+ private KrbFastReq fastReq;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMOR, KrbFastArmor.class),
+ new Asn1FieldInfo(REQ_CHECKSUM, CheckSum.class),
+ new Asn1FieldInfo(ENC_FAST_REQ, EncryptedData.class),
+ };
+
+ public KrbFastArmoredReq() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(ARMOR, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(ARMOR, armor);
+ }
+
+ public CheckSum getReqChecksum() {
+ return getFieldAs(REQ_CHECKSUM, CheckSum.class);
+ }
+
+ public void setReqChecksum(CheckSum checkSum) {
+ setFieldAs(REQ_CHECKSUM, checkSum);
+ }
+
+ public KrbFastReq getFastReq() {
+ return fastReq;
+ }
+
+ public void setFastReq(KrbFastReq fastReq) {
+ this.fastReq = fastReq;
+ }
+
+ public EncryptedData getEncryptedFastReq() {
+ return getFieldAs(ENC_FAST_REQ, EncryptedData.class);
+ }
+
+ public void setEncryptedFastReq(EncryptedData encFastReq) {
+ setFieldAs(ENC_FAST_REQ, encFastReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
new file mode 100644
index 0000000..8f2df04
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastFinished.java
@@ -0,0 +1,63 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastFinished ::= SEQUENCE {
+ timestamp [0] KerberosTime,
+ usec [1] Microseconds,
+ -- timestamp and usec represent the time on the KDC when
+ -- the reply was generated.
+ crealm [2] Realm,
+ cname [3] PrincipalName,
+ -- Contains the client realm and the client name.
+ ticket-checksum [4] Checksum,
+ -- checksum of the ticket in the KDC-REP using the armor
+ -- and the key usage is KEY_USAGE_FAST_FINISH.
+ -- The checksum type is the required checksum type
+ -- of the armor key.
+ }
+ */
+public class KrbFastFinished extends KrbSequenceType {
+ private static int FAST_OPTIONS = 0;
+ private static int PADATA = 1;
+ private static int REQ_BODY = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
+ };
+
+ public KrbFastFinished() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(FAST_OPTIONS, armor);
+ }
+
+ public CheckSum getReqChecksum() {
+ return getFieldAs(PADATA, CheckSum.class);
+ }
+
+ public void setReqChecksum(CheckSum checkSum) {
+ setFieldAs(PADATA, checkSum);
+ }
+
+ public EncryptedData getEncFastReq() {
+ return getFieldAs(REQ_BODY, EncryptedData.class);
+ }
+
+ public void setEncFastReq(EncryptedData encFastReq) {
+ setFieldAs(REQ_BODY, encFastReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
new file mode 100644
index 0000000..ac6d85e
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastReq.java
@@ -0,0 +1,59 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastReq ::= SEQUENCE {
+ fast-options [0] FastOptions,
+ -- Additional options.
+ padata [1] SEQUENCE OF PA-DATA,
+ -- padata typed holes.
+ req-body [2] KDC-REQ-BODY,
+ -- Contains the KDC request body as defined in Section
+ -- 5.4.1 of [RFC4120].
+ -- This req-body field is preferred over the outer field
+ -- in the KDC request.
+ }
+ */
+public class KrbFastReq extends KrbSequenceType {
+ private static int FAST_OPTIONS = 0;
+ private static int PADATA = 1;
+ private static int REQ_BODY = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FAST_OPTIONS, KrbFastArmor.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, EncryptedData.class),
+ };
+
+ public KrbFastReq() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmor getArmor() {
+ return getFieldAs(FAST_OPTIONS, KrbFastArmor.class);
+ }
+
+ public void setArmor(KrbFastArmor armor) {
+ setFieldAs(FAST_OPTIONS, armor);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public EncryptedData getEncFastReq() {
+ return getFieldAs(REQ_BODY, EncryptedData.class);
+ }
+
+ public void setEncFastReq(EncryptedData encFastReq) {
+ setFieldAs(REQ_BODY, encFastReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
new file mode 100644
index 0000000..faa6a7c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/KrbFastResponse.java
@@ -0,0 +1,71 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerberos.kerb.spec.pa.PaData;
+
+/**
+ KrbFastResponse ::= SEQUENCE {
+ padata [0] SEQUENCE OF PA-DATA,
+ -- padata typed holes.
+ strengthen-key [1] EncryptionKey OPTIONAL,
+ -- This, if present, strengthens the reply key for AS and
+ -- TGS. MUST be present for TGS.
+ -- MUST be absent in KRB-ERROR.
+ finished [2] KrbFastFinished OPTIONAL,
+ -- Present in AS or TGS reply; absent otherwise.
+ nonce [3] UInt32,
+ -- Nonce from the client request.
+ }
+ */
+public class KrbFastResponse extends KrbSequenceType {
+ private static int PADATA = 0;
+ private static int STRENGTHEN_KEY = 1;
+ private static int FINISHED = 2;
+ private static int NONCE = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(STRENGTHEN_KEY, EncryptionKey.class),
+ new Asn1FieldInfo(FINISHED, KrbFastFinished.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class)
+ };
+
+ public KrbFastResponse() {
+ super(fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public EncryptionKey getStrengthenKey() {
+ return getFieldAs(STRENGTHEN_KEY, EncryptionKey.class);
+ }
+
+ public void setStrengthenKey(EncryptionKey strengthenKey) {
+ setFieldAs(STRENGTHEN_KEY, strengthenKey);
+ }
+
+ public KrbFastFinished getFastFinished() {
+ return getFieldAs(FINISHED, KrbFastFinished.class);
+ }
+
+ public void setFastFinished(KrbFastFinished fastFinished) {
+ setFieldAs(FINISHED, fastFinished);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
new file mode 100644
index 0000000..99b8a75
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnEntry.java
@@ -0,0 +1,61 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.pa.PaDataType;
+
+/**
+ PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
+ pa-type [0] Int32,
+ pa-hint [1] OCTET STRING OPTIONAL,
+ pa-value [2] OCTET STRING OPTIONAL,
+ }
+ */
+public class PaAuthnEntry extends KrbSequenceType {
+ private static int PA_TYPE = 0;
+ private static int PA_HINT = 1;
+ private static int PA_VALUE = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
+ new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
+ };
+
+ public PaAuthnEntry() {
+ super(fieldInfos);
+ }
+
+ public PaAuthnEntry(PaDataType type, byte[] paData) {
+ this();
+ setPaType(type);
+ setPaValue(paData);
+ }
+
+ public PaDataType getPaType() {
+ Integer value = getFieldAsInteger(PA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaType(PaDataType paDataType) {
+ setFieldAsInt(PA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaHint() {
+ return getFieldAsOctets(PA_HINT);
+ }
+
+ public void setPaHint(byte[] paHint) {
+ setFieldAsOctets(PA_HINT, paHint);
+ }
+
+ public byte[] getPaValue() {
+ return getFieldAsOctets(PA_VALUE);
+ }
+
+ public void setPaValue(byte[] paValue) {
+ setFieldAsOctets(PA_VALUE, paValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
new file mode 100644
index 0000000..88f1507
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaAuthnSet.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
+ */
+public class PaAuthnSet extends KrbSequenceOfType<PaAuthnEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
new file mode 100644
index 0000000..4c4b646
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastReply.java
@@ -0,0 +1,29 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1Choice;
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+
+/**
+ PA-FX-FAST-REPLY ::= CHOICE {
+ armored-data [0] KrbFastArmoredRep,
+ }
+ */
+public class PaFxFastReply extends Asn1Choice {
+ private static int ARMORED_DATA = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredRep.class)
+ };
+
+ public PaFxFastReply() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmoredRep getFastArmoredRep() {
+ return getFieldAs(ARMORED_DATA, KrbFastArmoredRep.class);
+ }
+
+ public void setFastArmoredRep(KrbFastArmoredRep fastArmoredRep) {
+ setFieldAs(ARMORED_DATA, fastArmoredRep);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
new file mode 100644
index 0000000..5d6fa43
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/fast/PaFxFastRequest.java
@@ -0,0 +1,29 @@
+package org.apache.kerberos.kerb.spec.fast;
+
+import org.apache.haox.asn1.type.Asn1Choice;
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+
+/**
+ PA-FX-FAST-REQUEST ::= CHOICE {
+ armored-data [0] KrbFastArmoredReq,
+ }
+ */
+public class PaFxFastRequest extends Asn1Choice {
+ private static int ARMORED_DATA = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ARMORED_DATA, KrbFastArmoredReq.class)
+ };
+
+ public PaFxFastRequest() {
+ super(fieldInfos);
+ }
+
+ public KrbFastArmoredReq getFastArmoredReq() {
+ return getFieldAs(ARMORED_DATA, KrbFastArmoredReq.class);
+ }
+
+ public void setFastArmoredReq(KrbFastArmoredReq fastArmoredReq) {
+ setFieldAs(ARMORED_DATA, fastArmoredReq);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
new file mode 100644
index 0000000..a6baeb0
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsRep.java
@@ -0,0 +1,13 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AS-REP ::= [APPLICATION 11] KDC-REP
+ */
+public class AsRep extends KdcRep {
+
+ public AsRep() {
+ super(KrbMessageType.AS_REP);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
new file mode 100644
index 0000000..3bbc043
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/AsReq.java
@@ -0,0 +1,12 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AS-REQ ::= [APPLICATION 10] KDC-REQ
+ */
+public class AsReq extends KdcReq {
+ public AsReq() {
+ super(KrbMessageType.AS_REQ);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
new file mode 100644
index 0000000..8680cdd
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncAsRepPart.java
@@ -0,0 +1,12 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+/**
+EncASRepPart ::= [APPLICATION 25] EncKDCRepPart
+*/
+public class EncAsRepPart extends EncKdcRepPart {
+ public static final int TAG = 25;
+
+ public EncAsRepPart() {
+ super(TAG);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
new file mode 100644
index 0000000..b49f502
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncKdcRepPart.java
@@ -0,0 +1,158 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerberos.kerb.spec.common.HostAddresses;
+import org.apache.kerberos.kerb.spec.common.LastReq;
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerberos.kerb.spec.ticket.TicketFlags;
+
+/**
+ EncKDCRepPart ::= SEQUENCE {
+ key [0] EncryptionKey,
+ last-req [1] LastReq,
+ nonce [2] UInt32,
+ key-expiration [3] KerberosTime OPTIONAL,
+ flags [4] TicketFlags,
+ authtime [5] KerberosTime,
+ starttime [6] KerberosTime OPTIONAL,
+ endtime [7] KerberosTime,
+ renew-till [8] KerberosTime OPTIONAL,
+ srealm [9] Realm,
+ sname [10] PrincipalName,
+ caddr [11] HostAddresses OPTIONAL
+ }
+ */
+public abstract class EncKdcRepPart extends KrbAppSequenceType {
+ private static int KEY = 0;
+ private static int LAST_REQ = 1;
+ private static int NONCE = 2;
+ private static int KEY_EXPIRATION = 3;
+ private static int FLAGS = 4;
+ private static int AUTHTIME = 5;
+ private static int STARTTIME = 6;
+ private static int ENDTIME = 7;
+ private static int RENEW_TILL = 8;
+ private static int SREALM = 9;
+ private static int SNAME = 10;
+ private static int CADDR = 11;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KEY, EncryptionKey.class),
+ new Asn1FieldInfo(LAST_REQ, LastReq.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(KEY_EXPIRATION, KerberosTime.class),
+ new Asn1FieldInfo(FLAGS, TicketFlags.class),
+ new Asn1FieldInfo(AUTHTIME, KerberosTime.class),
+ new Asn1FieldInfo(STARTTIME, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, KerberosTime.class),
+ new Asn1FieldInfo(RENEW_TILL, KerberosTime.class),
+ new Asn1FieldInfo(SREALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(CADDR, HostAddresses.class)
+ };
+
+ public EncKdcRepPart(int tagNo) {
+ super(tagNo, fieldInfos);
+ }
+
+ public EncryptionKey getKey() {
+ return getFieldAs(KEY, EncryptionKey.class);
+ }
+
+ public void setKey(EncryptionKey key) {
+ setFieldAs(KEY, key);
+ }
+
+ public LastReq getLastReq() {
+ return getFieldAs(LAST_REQ, LastReq.class);
+ }
+
+ public void setLastReq(LastReq lastReq) {
+ setFieldAs(LAST_REQ, lastReq);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public KerberosTime getKeyExpiration() {
+ return getFieldAsTime(KEY_EXPIRATION);
+ }
+
+ public void setKeyExpiration(KerberosTime keyExpiration) {
+ setFieldAs(KEY_EXPIRATION, keyExpiration);
+ }
+
+ public TicketFlags getFlags() {
+ return getFieldAs(FLAGS, TicketFlags.class);
+ }
+
+ public void setFlags(TicketFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public KerberosTime getAuthTime() {
+ return getFieldAsTime(AUTHTIME);
+ }
+
+ public void setAuthTime(KerberosTime authTime) {
+ setFieldAs(AUTHTIME, authTime);
+ }
+
+ public KerberosTime getStartTime() {
+ return getFieldAsTime(STARTTIME);
+ }
+
+ public void setStartTime(KerberosTime startTime) {
+ setFieldAs(STARTTIME, startTime);
+ }
+
+ public KerberosTime getEndTime() {
+ return getFieldAsTime(ENDTIME);
+ }
+
+ public void setEndTime(KerberosTime endTime) {
+ setFieldAs(ENDTIME, endTime);
+ }
+
+ public KerberosTime getRenewTill() {
+ return getFieldAsTime(RENEW_TILL);
+ }
+
+ public void setRenewTill(KerberosTime renewTill) {
+ setFieldAs(RENEW_TILL, renewTill);
+ }
+
+ public String getSrealm() {
+ return getFieldAsString(SREALM);
+ }
+
+ public void setSrealm(String srealm) {
+ setFieldAsString(SREALM, srealm);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public HostAddresses getCaddr() {
+ return getFieldAs(CADDR, HostAddresses.class);
+ }
+
+ public void setCaddr(HostAddresses caddr) {
+ setFieldAs(CADDR, caddr);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
new file mode 100644
index 0000000..b4dc8d4
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/EncTgsRepPart.java
@@ -0,0 +1,12 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+/**
+ EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
+ */
+public class EncTgsRepPart extends EncKdcRepPart {
+ public static final int TAG = 26;
+
+ public EncTgsRepPart() {
+ super(TAG);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
new file mode 100644
index 0000000..2e00127
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOption.java
@@ -0,0 +1,60 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum KdcOption implements KrbEnum {
+ NONE(-1),
+ //RESERVED(0x80000000),
+ FORWARDABLE(0x40000000),
+ FORWARDED(0x20000000),
+ PROXIABLE(0x10000000),
+ PROXY(0x08000000),
+ ALLOW_POSTDATE(0x04000000),
+ POSTDATED(0x02000000),
+ //UNUSED(0x01000000),
+ RENEWABLE(0x00800000),
+ //UNUSED(0x00400000),
+ //RESERVED(0x00200000),
+ //RESERVED(0x00100000),
+ //RESERVED(0x00080000),
+ //RESERVED(0x00040000),
+ CNAME_IN_ADDL_TKT(0x00020000),
+ CANONICALIZE(0x00010000),
+ REQUEST_ANONYMOUS(0x00008000),
+ //RESERVED(0x00004000),
+ //RESERVED(0x00002000),
+ //RESERVED(0x00001000),
+ //RESERVED(0x00000800),
+ //RESERVED(0x00000400),
+ //RESERVED(0x00000200),
+ //RESERVED(0x00000100),
+ //RESERVED(0x00000080),
+ //RESERVED(0x00000040),
+ DISABLE_TRANSITED_CHECK(0x00000020),
+ RENEWABLE_OK(0x00000010),
+ ENC_TKT_IN_SKEY(0x00000008),
+ //UNUSED(0x00000004),
+ RENEW(0x00000002),
+ VALIDATE(0x00000001);
+
+ private final int value;
+
+ private KdcOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static KdcOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (KdcOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
new file mode 100644
index 0000000..a3c8867
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcOptions.java
@@ -0,0 +1,14 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.common.KrbFlags;
+
+public class KdcOptions extends KrbFlags {
+
+ public KdcOptions() {
+ this(0);
+ }
+
+ public KdcOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
new file mode 100644
index 0000000..2371e97
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcRep.java
@@ -0,0 +1,97 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerberos.kerb.spec.ticket.Ticket;
+
+/**
+ KDC-REP ::= SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (11 -- AS -- | 13 -- TGS --),
+ padata [2] SEQUENCE OF PA-DATA OPTIONAL
+ -- NOTE: not empty --,
+ crealm [3] Realm,
+ cname [4] PrincipalName,
+ ticket [5] Ticket,
+ enc-part [6] EncryptedData
+ -- EncASRepPart or EncTGSRepPart,
+ -- as appropriate
+ }
+ */
+public class KdcRep extends KrbMessage {
+ private static int PADATA = 2;
+ private static int CREALM = 3;
+ private static int CNAME = 4;
+ private static int TICKET = 5;
+ private static int ENC_PART = 6;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA, PaData.class),
+ new Asn1FieldInfo(CREALM, KerberosString.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(TICKET, Ticket.class),
+ new Asn1FieldInfo(ENC_PART, EncryptedData.class)
+ };
+
+ private EncKdcRepPart encPart;
+
+ public KdcRep(KrbMessageType msgType) {
+ super(msgType, fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName sname) {
+ setFieldAs(CNAME, sname);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String realm) {
+ setFieldAs(CREALM, new KerberosString(realm));
+ }
+
+ public Ticket getTicket() {
+ return getFieldAs(TICKET, Ticket.class);
+ }
+
+ public void setTicket(Ticket ticket) {
+ setFieldAs(TICKET, ticket);
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+
+ public EncKdcRepPart getEncPart() {
+ return encPart;
+ }
+
+ public void setEncPart(EncKdcRepPart encPart) {
+ this.encPart = encPart;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
new file mode 100644
index 0000000..b05b434
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReq.java
@@ -0,0 +1,57 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerberos.kerb.spec.pa.PaData;
+import org.apache.kerberos.kerb.spec.pa.PaDataEntry;
+
+/**
+ KDC-REQ ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ pvno [1] INTEGER (5) ,
+ msg-type [2] INTEGER (10 -- AS -- | 12 -- TGS --),
+ padata [3] SEQUENCE OF PA-DATA OPTIONAL
+ -- NOTE: not empty --,
+ req-encodeBody [4] KDC-REQ-BODY
+ }
+ */
+public class KdcReq extends KrbMessage {
+ private static int PADATA = 2;
+ private static int REQ_BODY = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, 1, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, 2, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA, 3, PaData.class),
+ new Asn1FieldInfo(REQ_BODY, 4, KdcReqBody.class)
+ };
+
+ public KdcReq(KrbMessageType msgType) {
+ super(msgType, fieldInfos);
+ }
+
+ public PaData getPaData() {
+ return getFieldAs(PADATA, PaData.class);
+ }
+
+ public void setPaData(PaData paData) {
+ setFieldAs(PADATA, paData);
+ }
+
+ public void addPaData(PaDataEntry paDataEntry) {
+ if (getPaData() == null) {
+ setPaData(new PaData());
+ }
+ getPaData().addElement(paDataEntry);
+ }
+
+ public KdcReqBody getReqBody() {
+ return getFieldAs(REQ_BODY, KdcReqBody.class);
+ }
+
+ public void setReqBody(KdcReqBody reqBody) {
+ setFieldAs(REQ_BODY, reqBody);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
new file mode 100644
index 0000000..a86513d
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/KdcReqBody.java
@@ -0,0 +1,190 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbIntegers;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.*;
+import org.apache.kerberos.kerb.spec.ticket.Tickets;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ KDC-REQ-BODY ::= SEQUENCE {
+ kdc-options [0] KDCOptions,
+ cname [1] PrincipalName OPTIONAL
+ -- Used only in AS-REQ --,
+ realm [2] Realm
+ -- Server's realm
+ -- Also client's in AS-REQ --,
+ sname [3] PrincipalName OPTIONAL,
+ from [4] KerberosTime OPTIONAL,
+ till [5] KerberosTime,
+ rtime [6] KerberosTime OPTIONAL,
+ nonce [7] UInt32,
+ etype [8] SEQUENCE OF Int32 -- EncryptionType
+ -- in preference order --,
+ addresses [9] HostAddresses OPTIONAL,
+ enc-authorization-data [10] EncryptedData OPTIONAL
+ -- AuthorizationData --,
+ additional-tickets [11] SEQUENCE OF Ticket OPTIONAL
+ -- NOTE: not empty
+ }
+ */
+public class KdcReqBody extends KrbSequenceType {
+ private static int KDC_OPTIONS = 0;
+ private static int CNAME = 1;
+ private static int REALM = 2;
+ private static int SNAME = 3;
+ private static int FROM = 4;
+ private static int TILL = 5;
+ private static int RTIME = 6;
+ private static int NONCE = 7;
+ private static int ETYPE = 8;
+ private static int ADDRESSES = 9;
+ private static int ENC_AUTHORIZATION_DATA = 10;
+ private static int ADDITIONAL_TICKETS = 11;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KDC_OPTIONS, KdcOptions.class),
+ new Asn1FieldInfo(CNAME, PrincipalName.class),
+ new Asn1FieldInfo(REALM, KerberosString.class),
+ new Asn1FieldInfo(SNAME, PrincipalName.class),
+ new Asn1FieldInfo(FROM, KerberosTime.class),
+ new Asn1FieldInfo(TILL, KerberosTime.class),
+ new Asn1FieldInfo(RTIME, KerberosTime.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(ETYPE, KrbIntegers.class),
+ new Asn1FieldInfo(ADDRESSES, HostAddresses.class),
+ new Asn1FieldInfo(ENC_AUTHORIZATION_DATA, AuthorizationData.class),
+ new Asn1FieldInfo(ADDITIONAL_TICKETS, Tickets.class)
+ };
+
+ public KdcReqBody() {
+ super(fieldInfos);
+ }
+
+ private AuthorizationData authorizationData;
+
+ public KerberosTime getFrom() {
+ return getFieldAs(FROM, KerberosTime.class);
+ }
+
+ public void setFrom(KerberosTime from) {
+ setFieldAs(FROM, from);
+ }
+
+ public KerberosTime getTill() {
+ return getFieldAs(TILL, KerberosTime.class);
+ }
+
+ public void setTill(KerberosTime till) {
+ setFieldAs(TILL, till);
+ }
+
+ public KerberosTime getRtime() {
+ return getFieldAs(RTIME, KerberosTime.class);
+ }
+
+ public void setRtime(KerberosTime rtime) {
+ setFieldAs(RTIME, rtime);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public List<EncryptionType> getEtypes() {
+ KrbIntegers values = getFieldAs(ETYPE, KrbIntegers.class);
+ if (values == null) {
+ return Collections.emptyList();
+ }
+
+ List<EncryptionType> results = new ArrayList<EncryptionType>();
+ for (Integer value : values.getValues()) {
+ results.add(EncryptionType.fromValue(value));
+ }
+ return results;
+ }
+
+ public void setEtypes(List<EncryptionType> etypes) {
+ List<Integer> values = new ArrayList<Integer>();
+ for (EncryptionType etype: etypes) {
+ values.add(etype.getValue());
+ }
+ KrbIntegers value = new KrbIntegers(values);
+ setFieldAs(ETYPE, value);
+ }
+
+ public HostAddresses getAddresses() {
+ return getFieldAs(ADDRESSES, HostAddresses.class);
+ }
+
+ public void setAddresses(HostAddresses addresses) {
+ setFieldAs(ADDRESSES, addresses);
+ }
+
+ public EncryptedData getEncryptedAuthorizationData() {
+ return getFieldAs(ENC_AUTHORIZATION_DATA, EncryptedData.class);
+ }
+
+ public void setEncryptedAuthorizationData(EncryptedData encAuthorizationData) {
+ setFieldAs(ENC_AUTHORIZATION_DATA, encAuthorizationData);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return authorizationData;
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ this.authorizationData = authorizationData;
+ }
+
+ public Tickets getAdditionalTickets() {
+ return getFieldAs(ADDITIONAL_TICKETS, Tickets.class);
+ }
+
+ public void setAdditionalTickets(Tickets additionalTickets) {
+ setFieldAs(ADDITIONAL_TICKETS, additionalTickets);
+ }
+
+ public KdcOptions getKdcOptions() {
+ return getFieldAs(KDC_OPTIONS, KdcOptions.class);
+ }
+
+ public void setKdcOptions(KdcOptions kdcOptions) {
+ setFieldAs(KDC_OPTIONS, kdcOptions);
+ }
+
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
new file mode 100644
index 0000000..3fd91be
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsRep.java
@@ -0,0 +1,12 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ TGS-REP ::= [APPLICATION 13] KDC-REP
+ */
+public class TgsRep extends KdcRep {
+ public TgsRep() {
+ super(KrbMessageType.TGS_REP);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
new file mode 100644
index 0000000..4841e5c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/kdc/TgsReq.java
@@ -0,0 +1,13 @@
+package org.apache.kerberos.kerb.spec.kdc;
+
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ TGS-REQ ::= [APPLICATION 12] KDC-REQ
+ */
+public class TgsReq extends KdcReq {
+
+ public TgsReq() {
+ super(KrbMessageType.TGS_REQ);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
new file mode 100644
index 0000000..df765ad
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSet.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-AUTHENTICATION-SET ::= SEQUENCE OF PA-AUTHENTICATION-SET-ELEM
+ */
+public class PaAuthenticationSet extends KrbSequenceOfType<PaAuthenticationSetElem> {
+
+}