You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/12/06 12:58:42 UTC
svn commit: r1042597 - in
/directory/apacheds/branches/apacheds-kerberos-codec-2.0:
kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/
kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/
kerberos-cod...
Author: elecharny
Date: Mon Dec 6 11:58:41 2010
New Revision: 1042597
URL: http://svn.apache.org/viewvc?rev=1042597&view=rev
Log:
Moved the Kerberos encoder/decoder to kerberos-codec
Some more fixes
Added:
directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/
directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java
Removed:
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java
Modified:
directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorDecoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyDecoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestEncoder.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractTicketGrantingServiceTest.java
directory/apacheds/branches/apacheds-kerberos-codec-2.0/server-integ/src/test/java/org/apache/directory/server/kerberos/KeyDerivationServiceIT.java
Added: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java?rev=1042597&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java (added)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java Mon Dec 6 11:58:41 2010
@@ -0,0 +1,628 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.protocol;
+
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
+import org.apache.directory.shared.asn1.ber.Asn1Container;
+import org.apache.directory.shared.asn1.ber.Asn1Decoder;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.TLVStateEnum;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.DecoderException;
+import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
+import org.apache.directory.shared.kerberos.codec.EncKdcRepPart.EncKdcRepPartContainer;
+import org.apache.directory.shared.kerberos.codec.apRep.ApRepContainer;
+import org.apache.directory.shared.kerberos.codec.apReq.ApReqContainer;
+import org.apache.directory.shared.kerberos.codec.authenticator.AuthenticatorContainer;
+import org.apache.directory.shared.kerberos.codec.authorizationData.AuthorizationDataContainer;
+import org.apache.directory.shared.kerberos.codec.encApRepPart.EncApRepPartContainer;
+import org.apache.directory.shared.kerberos.codec.encKrbPrivPart.EncKrbPrivPartContainer;
+import org.apache.directory.shared.kerberos.codec.encTicketPart.EncTicketPartContainer;
+import org.apache.directory.shared.kerberos.codec.encryptedData.EncryptedDataContainer;
+import org.apache.directory.shared.kerberos.codec.encryptionKey.EncryptionKeyContainer;
+import org.apache.directory.shared.kerberos.codec.krbPriv.KrbPrivContainer;
+import org.apache.directory.shared.kerberos.codec.paEncTsEnc.PaEncTsEncContainer;
+import org.apache.directory.shared.kerberos.codec.principalName.PrincipalNameContainer;
+import org.apache.directory.shared.kerberos.codec.ticket.TicketContainer;
+import org.apache.directory.shared.kerberos.components.AuthorizationData;
+import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
+import org.apache.directory.shared.kerberos.components.EncKrbPrivPart;
+import org.apache.directory.shared.kerberos.components.EncTicketPart;
+import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
+import org.apache.directory.shared.kerberos.components.PrincipalName;
+import org.apache.directory.shared.kerberos.exceptions.ErrorType;
+import org.apache.directory.shared.kerberos.messages.ApRep;
+import org.apache.directory.shared.kerberos.messages.ApReq;
+import org.apache.directory.shared.kerberos.messages.Authenticator;
+import org.apache.directory.shared.kerberos.messages.EncApRepPart;
+import org.apache.directory.shared.kerberos.messages.KrbPriv;
+import org.apache.directory.shared.kerberos.messages.Ticket;
+import org.apache.directory.shared.ldap.codec.LdapDecoder;
+import org.apache.mina.core.buffer.IoBuffer;
+import org.apache.mina.core.session.IoSession;
+import org.apache.mina.filter.codec.ProtocolDecoderAdapter;
+import org.apache.mina.filter.codec.ProtocolDecoderOutput;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KerberosDecoder extends ProtocolDecoderAdapter
+{
+
+ /** The logger */
+ private static Logger LOG = LoggerFactory.getLogger( LdapDecoder.class );
+
+ /** A speedup for logger */
+ private static final boolean IS_DEBUG = LOG.isDebugEnabled();
+
+ /** The ASN 1 decoder instance */
+ private Asn1Decoder asn1Decoder = new Asn1Decoder();
+
+ /** the key used while storing message container in the session */
+ private static final String KERBEROS_MESSAGE_CONTAINER = "kerberosMessageContainer";
+
+ public void decode( IoSession session, IoBuffer in, ProtocolDecoderOutput out ) throws IOException
+ {
+ ByteBuffer buf = in.buf();
+ KerberosMessageContainer kerberosMessageContainer = ( KerberosMessageContainer ) session.getAttribute( KERBEROS_MESSAGE_CONTAINER );
+
+ //System.out.println( "IN : " + StringTools.dumpBytes( buf.array() ) );
+
+ if ( kerberosMessageContainer == null )
+ {
+ kerberosMessageContainer = new KerberosMessageContainer();
+ session.setAttribute( KERBEROS_MESSAGE_CONTAINER, kerberosMessageContainer );
+ kerberosMessageContainer.setStream( buf );
+ kerberosMessageContainer.setGathering( true );
+ }
+
+ while ( buf.hasRemaining() )
+ {
+ try
+ {
+ asn1Decoder.decode( buf, kerberosMessageContainer );
+
+ TLV tlv = kerberosMessageContainer.getCurrentTLV();
+ Value value = tlv.getValue();
+
+ if ( kerberosMessageContainer.getState() == TLVStateEnum.PDU_DECODED )
+ {
+ if ( IS_DEBUG )
+ {
+ LOG.debug( "Decoded KerberosMessage : " + kerberosMessageContainer.getMessage() );
+ buf.mark();
+ }
+
+ out.write( kerberosMessageContainer.getMessage() );
+
+ kerberosMessageContainer.clean();
+ }
+ }
+ catch ( DecoderException de )
+ {
+ buf.clear();
+ kerberosMessageContainer.clean();
+ }
+ catch ( Exception e )
+ {
+ LOG.warn( "error while decoding", e );
+ }
+ }
+ }
+
+
+ /**
+ * Decode an EncrytedData structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncryptedData
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncryptedData decodeEncryptedData( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncryptedData Container
+ Asn1Container encryptedDataContainer = new EncryptedDataContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncryptedData PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encryptedDataContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncryptedData
+ EncryptedData encryptedData = ( ( EncryptedDataContainer ) encryptedDataContainer ).getEncryptedData();
+
+ return encryptedData;
+ }
+
+
+ /**
+ * Decode an PaEncTsEnc structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of PaEncTsEnc
+ * @throws KerberosException If the decoding fails
+ */
+ public static PaEncTsEnc decodePaEncTsEnc( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a PaEncTsEnc Container
+ Asn1Container paEncTsEncContainer = new PaEncTsEncContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the PaEncTsEnc PDU
+ try
+ {
+ kerberosDecoder.decode( stream, paEncTsEncContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded PaEncTsEnc
+ PaEncTsEnc paEncTsEnc = ( ( PaEncTsEncContainer ) paEncTsEncContainer ).getPaEncTsEnc();
+
+ return paEncTsEnc;
+ }
+
+
+ /**
+ * Decode an EncApRepPart structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncApRepPart
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncApRepPart decodeEncApRepPart( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncApRepPart Container
+ Asn1Container encApRepPartContainer = new EncApRepPartContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncApRepPart PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encApRepPartContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncApRepPart
+ EncApRepPart encApRepPart = ( ( EncApRepPartContainer ) encApRepPartContainer ).getEncApRepPart();
+
+ return encApRepPart;
+ }
+
+
+ /**
+ * Decode an EncKdcRepPart structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncKdcRepPart
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncKdcRepPart decodeEncKdcRepPart( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncKdcRepPart Container
+ Asn1Container encKdcRepPartContainer = new EncKdcRepPartContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncKdcRepPart PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encKdcRepPartContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncKdcRepPart
+ EncKdcRepPart encKdcRepPart = ( ( EncKdcRepPartContainer ) encKdcRepPartContainer ).getEncKdcRepPart();
+
+ return encKdcRepPart;
+ }
+
+
+ /**
+ * Decode an EncKrbPrivPart structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncKrbPrivPart
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncKrbPrivPart decodeEncKrbPrivPart( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncKrbPrivPart Container
+ Asn1Container encKrbPrivPartContainer = new EncKrbPrivPartContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncKrbPrivPart PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encKrbPrivPartContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncKrbPrivPart
+ EncKrbPrivPart encKrbPrivPart = ( ( EncKrbPrivPartContainer ) encKrbPrivPartContainer ).getEncKrbPrivPart();
+
+ return encKrbPrivPart;
+ }
+
+
+ /**
+ * Decode an EncTicketPart structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncTicketPart
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncTicketPart decodeEncTicketPart( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncTicketPart Container
+ Asn1Container encTicketPartContainer = new EncTicketPartContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncTicketPart PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encTicketPartContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncTicketPart
+ EncTicketPart encTicketPart = ( ( EncTicketPartContainer ) encTicketPartContainer ).getEncTicketPart();
+
+ return encTicketPart;
+ }
+
+
+ /**
+ * Decode an EncryptionKey structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of EncryptionKey
+ * @throws KerberosException If the decoding fails
+ */
+ public static EncryptionKey decodeEncryptionKey( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a EncryptionKey Container
+ Asn1Container encryptionKeyContainer = new EncryptionKeyContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the EncryptionKey PDU
+ try
+ {
+ kerberosDecoder.decode( stream, encryptionKeyContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded EncryptionKey
+ EncryptionKey encryptionKey = ( ( EncryptionKeyContainer ) encryptionKeyContainer ).getEncryptionKey();
+
+ return encryptionKey;
+ }
+
+
+ /**
+ * Decode an PrincipalName structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of PrincipalName
+ * @throws KerberosException If the decoding fails
+ */
+ public static PrincipalName decodePrincipalName( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a PrincipalName Container
+ Asn1Container principalNameContainer = new PrincipalNameContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the PrincipalName PDU
+ try
+ {
+ kerberosDecoder.decode( stream, principalNameContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded PrincipalName
+ PrincipalName principalName = ( ( PrincipalNameContainer ) principalNameContainer ).getPrincipalName();
+
+ return principalName;
+ }
+
+
+ /**
+ * Decode a Ticket structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of Ticket
+ * @throws KerberosException If the decoding fails
+ */
+ public static Ticket decodeTicket( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a Ticket Container
+ Asn1Container ticketContainer = new TicketContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the Ticket PDU
+ try
+ {
+ kerberosDecoder.decode( stream, ticketContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded Ticket
+ Ticket ticket = ( ( TicketContainer ) ticketContainer ).getTicket();
+
+ return ticket;
+ }
+
+
+ /**
+ * Decode a Authenticator structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of Authenticator
+ * @throws KerberosException If the decoding fails
+ */
+ public static Authenticator decodeAuthenticator( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a Authenticator Container
+ Asn1Container authenticatorContainer = new AuthenticatorContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the Ticket PDU
+ try
+ {
+ kerberosDecoder.decode( stream, authenticatorContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded Authenticator
+ Authenticator authenticator = ( ( AuthenticatorContainer ) authenticatorContainer ).getAuthenticator();
+
+ return authenticator;
+ }
+
+
+ /**
+ * Decode a AuthorizationData structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of AuthorizationData
+ * @throws KerberosException If the decoding fails
+ */
+ public static AuthorizationData decodeAuthorizationData( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a AuthorizationData Container
+ Asn1Container authorizationDataContainer = new AuthorizationDataContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the Ticket PDU
+ try
+ {
+ kerberosDecoder.decode( stream, authorizationDataContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded AuthorizationData
+ AuthorizationData authorizationData = ( ( AuthorizationDataContainer ) authorizationDataContainer ).getAuthorizationData();
+
+ return authorizationData;
+ }
+
+
+ /**
+ * Decode a AP-REP structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of ApRep
+ * @throws KerberosException If the decoding fails
+ */
+ public static ApRep decodeApRep( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a ApRep Container
+ Asn1Container apRepContainer = new ApRepContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the ApRep PDU
+ try
+ {
+ kerberosDecoder.decode( stream, apRepContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded ApRep
+ ApRep apRep = ( ( ApRepContainer ) apRepContainer ).getApRep();
+
+ return apRep;
+ }
+
+
+ /**
+ * Decode a AP-REQ structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of ApReq
+ * @throws KerberosException If the decoding fails
+ */
+ public static ApReq decodeApReq( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a ApReq Container
+ Asn1Container apReqContainer = new ApReqContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the ApReq PDU
+ try
+ {
+ kerberosDecoder.decode( stream, apReqContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded ApReq
+ ApReq apReq = ( ( ApReqContainer ) apReqContainer ).getApReq();
+
+ return apReq;
+ }
+
+
+ /**
+ * Decode a KRB-PRIV structure
+ *
+ * @param data The byte array containing the data structure to decode
+ * @return An instance of KrbPriv
+ * @throws KerberosException If the decoding fails
+ */
+ public static KrbPriv decodeKrbPriv( byte[] data ) throws KerberosException
+ {
+ ByteBuffer stream = ByteBuffer.allocate( data.length );
+ stream.put( data );
+ stream.flip();
+
+ // Allocate a KrbPriv Container
+ Asn1Container krbPrivContainer = new KrbPrivContainer();
+
+ Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+ // Decode the KrbPriv PDU
+ try
+ {
+ kerberosDecoder.decode( stream, krbPrivContainer );
+ }
+ catch ( DecoderException de )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+ }
+
+ // get the decoded KrbPriv
+ KrbPriv krbPriv = ( ( KrbPrivContainer ) krbPrivContainer ).getKrbPriv();
+
+ return krbPriv;
+ }
+}
Added: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java?rev=1042597&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java (added)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java Mon Dec 6 11:58:41 2010
@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.protocol;
+
+
+import java.io.IOException;
+
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.mina.core.buffer.IoBuffer;
+import org.apache.mina.core.session.IoSession;
+import org.apache.mina.filter.codec.ProtocolEncoderAdapter;
+import org.apache.mina.filter.codec.ProtocolEncoderOutput;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KerberosEncoder extends ProtocolEncoderAdapter
+{
+ public void encode( IoSession session, Object message, ProtocolEncoderOutput out ) throws IOException
+ {
+ AbstractAsn1Object asn1Obj = ( AbstractAsn1Object ) message;
+
+ IoBuffer buf = IoBuffer.allocate( asn1Obj.computeLength() );
+
+ try
+ {
+ asn1Obj.encode( buf.buf() );
+
+ buf.flip();
+
+ out.write( buf );
+ }
+ catch( EncoderException e )
+ {
+ e.printStackTrace();
+ }
+
+// if ( message instanceof KdcReply )
+// {
+// replyEncoder.encode( ( KdcReply ) message, buf.buf() );
+// }
+// else
+// {
+// if ( message instanceof ErrorMessage )
+// {
+// errorEncoder.encode( ( ErrorMessage ) message, buf.buf() );
+// }
+// }
+
+ }
+}
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java Mon Dec 6 11:58:41 2010
@@ -27,10 +27,12 @@ import java.util.Map;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.i18n.I18n;
+import org.apache.directory.server.kerberos.protocol.KerberosDecoder;
import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.codec.types.SamType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
import org.apache.directory.shared.ldap.entry.StringValue;
import org.apache.directory.shared.ldap.entry.Value;
@@ -278,7 +280,7 @@ public class PrincipalStoreEntryModifier
* @throws LdapException
* @throws IOException
*/
- public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( EntryAttribute krb5key ) throws IOException, LdapException
+ public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( EntryAttribute krb5key ) throws KerberosException, LdapException
{
Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java Mon Dec 6 11:58:41 2010
@@ -20,7 +20,6 @@
package org.apache.directory.server.kerberos.shared.store.operations;
-import java.io.IOException;
import java.text.ParseException;
import java.util.Map;
@@ -37,6 +36,7 @@ import org.apache.directory.shared.kerbe
import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType;
import org.apache.directory.shared.kerberos.codec.types.SamType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.shared.ldap.entry.Entry;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
import org.apache.directory.shared.ldap.name.DN;
@@ -143,7 +143,7 @@ public class GetPrincipal implements Dir
Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
modifier.setKeyMap( keyMap );
}
- catch ( IOException ioe )
+ catch ( KerberosException ioe )
{
throw new Exception( I18n.err( I18n.ERR_623, KerberosAttribute.KRB5_KEY_AT ) );
}
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorDecoder.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorDecoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorDecoder.java Mon Dec 6 11:58:41 2010
@@ -24,6 +24,7 @@ import java.io.IOException;
import java.nio.ByteBuffer;
import org.apache.directory.server.changepw.messages.ChangePasswordError;
+import org.apache.directory.server.kerberos.protocol.KerberosDecoder;
import org.apache.directory.shared.kerberos.messages.KrbError;
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyDecoder.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyDecoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyDecoder.java Mon Dec 6 11:58:41 2010
@@ -24,7 +24,7 @@ import java.io.IOException;
import java.nio.ByteBuffer;
import org.apache.directory.server.changepw.messages.ChangePasswordReply;
-import org.apache.directory.server.kerberos.shared.io.decoder.PrivateMessageDecoder;
+import org.apache.directory.server.kerberos.protocol.KerberosDecoder;
import org.apache.directory.server.kerberos.shared.messages.application.PrivateMessage;
import org.apache.directory.shared.kerberos.messages.ApRep;
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java Mon Dec 6 11:58:41 2010
@@ -25,10 +25,9 @@ import java.nio.ByteBuffer;
import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
import org.apache.directory.server.changepw.messages.ChangePasswordRequestModifier;
-import org.apache.directory.server.kerberos.shared.io.decoder.ApplicationRequestDecoder;
-import org.apache.directory.server.kerberos.shared.io.decoder.PrivateMessageDecoder;
-import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
-import org.apache.directory.server.kerberos.shared.messages.application.PrivateMessage;
+import org.apache.directory.server.kerberos.protocol.KerberosDecoder;
+import org.apache.directory.shared.kerberos.messages.ApReq;
+import org.apache.directory.shared.kerberos.messages.KrbPriv;
/**
@@ -56,16 +55,14 @@ public class ChangePasswordRequestDecode
byte[] undecodedAuthHeader = new byte[authHeaderLength];
buf.get( undecodedAuthHeader, 0, authHeaderLength );
- ApplicationRequestDecoder decoder = new ApplicationRequestDecoder();
- ApplicationRequest authHeader = decoder.decode( undecodedAuthHeader );
+ ApReq authHeader = KerberosDecoder.decodeApReq( undecodedAuthHeader );
modifier.setAuthHeader( authHeader );
byte[] encodedPrivate = new byte[buf.remaining()];
buf.get( encodedPrivate, 0, buf.remaining() );
- PrivateMessageDecoder privateDecoder = new PrivateMessageDecoder();
- PrivateMessage privMessage = privateDecoder.decode( encodedPrivate );
+ KrbPriv privMessage = KerberosDecoder.decodeKrbPriv( encodedPrivate );
modifier.setPrivateMessage( privMessage );
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestEncoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestEncoder.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestEncoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestEncoder.java Mon Dec 6 11:58:41 2010
@@ -24,8 +24,8 @@ import java.io.IOException;
import java.nio.ByteBuffer;
import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
-import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.application.PrivateMessage;
+import org.apache.directory.shared.kerberos.messages.ApReq;
/**
@@ -46,7 +46,7 @@ public class ChangePasswordRequestEncode
public void encode( ByteBuffer buf, ChangePasswordRequest message ) throws IOException
{
// Build application request bytes
- ApplicationRequest appRequest = message.getAuthHeader();
+ ApReq appRequest = message.getAuthHeader();
ApplicationRequestEncoder appEncoder = new ApplicationRequestEncoder();
byte[] encodedAppRequest = appEncoder.encode( appRequest );
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractTicketGrantingServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractTicketGrantingServiceTest.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractTicketGrantingServiceTest.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractTicketGrantingServiceTest.java Mon Dec 6 11:58:41 2010
@@ -27,14 +27,13 @@ import java.security.SecureRandom;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.kerberos.shared.KerberosConstants;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
-import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPartModifier;
import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.kerberos.KerberosConstants;
import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.options.ApOptions;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
@@ -50,6 +49,7 @@ import org.apache.directory.shared.kerbe
import org.apache.directory.shared.kerberos.components.PrincipalName;
import org.apache.directory.shared.kerberos.components.TransitedEncoding;
import org.apache.directory.shared.kerberos.crypto.checksum.ChecksumType;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.shared.kerberos.flags.TicketFlag;
import org.apache.directory.shared.kerberos.flags.TicketFlags;
import org.apache.directory.shared.kerberos.messages.ApReq;
Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/server-integ/src/test/java/org/apache/directory/server/kerberos/KeyDerivationServiceIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/server-integ/src/test/java/org/apache/directory/server/kerberos/KeyDerivationServiceIT.java?rev=1042597&r1=1042596&r2=1042597&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/server-integ/src/test/java/org/apache/directory/server/kerberos/KeyDerivationServiceIT.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/server-integ/src/test/java/org/apache/directory/server/kerberos/KeyDerivationServiceIT.java Mon Dec 6 11:58:41 2010
@@ -54,6 +54,7 @@ import org.apache.directory.server.core.
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
+import org.apache.directory.server.kerberos.protocol.KerberosDecoder;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
@@ -63,6 +64,7 @@ import org.apache.directory.server.ldap.
import org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
import org.junit.Before;
import org.junit.Test;
@@ -219,7 +221,7 @@ public class KeyDerivationServiceIT exte
* @throws IOException on network errors
*/
@Test
- public void testAddDerivedKeys() throws NamingException, IOException
+ public void testAddDerivedKeys() throws NamingException, KerberosException
{
Hashtable<String, String> env = new Hashtable<String, String>();
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
@@ -290,7 +292,7 @@ public class KeyDerivationServiceIT exte
* @throws IOException on network errors
*/
@Test
- public void testModifyDerivedKeys() throws NamingException, IOException
+ public void testModifyDerivedKeys() throws NamingException, KerberosException
{
Hashtable<String, String> env = new Hashtable<String, String>();
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
@@ -427,7 +429,7 @@ public class KeyDerivationServiceIT exte
* @throws IOException on network errors
*/
@Test
- public void testModifyDerivedKeysWithoutPrincipalName() throws NamingException, IOException
+ public void testModifyDerivedKeysWithoutPrincipalName() throws NamingException, KerberosException
{
Hashtable<String, String> env = new Hashtable<String, String>();
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
@@ -556,7 +558,7 @@ public class KeyDerivationServiceIT exte
* @throws InvalidKeyException if the incorrect key results
*/
@Test
- public void testAddRandomKeys() throws NamingException, IOException, InvalidKeyException
+ public void testAddRandomKeys() throws NamingException, KerberosException, InvalidKeyException
{
Hashtable<String, String> env = new Hashtable<String, String>();
env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
@@ -705,14 +707,14 @@ public class KeyDerivationServiceIT exte
private Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key ) throws NamingException,
- IOException
+ KerberosException
{
Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
for ( int ii = 0; ii < krb5key.size(); ii++ )
{
byte[] encryptionKeyBytes = ( byte[] ) krb5key.get( ii );
- EncryptionKey encryptionKey = KrbDecoder.decodeEncryptionKey( encryptionKeyBytes );
+ EncryptionKey encryptionKey = KerberosDecoder.decodeEncryptionKey( encryptionKeyBytes );
map.put( encryptionKey.getKeyType(), encryptionKey );
}