You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pl...@apache.org on 2016/02/15 03:42:40 UTC
[16/36] directory-kerby git commit: Refine some codes.
Refine some codes.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/b316a5a1
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/b316a5a1
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/b316a5a1
Branch: refs/heads/kadmin-remote
Commit: b316a5a135949648b1c401920e9552d4be4a1106
Parents: 5ccad97
Author: plusplusjiajia <ji...@intel.com>
Authored: Mon Jan 25 15:39:25 2016 +0800
Committer: plusplusjiajia <ji...@intel.com>
Committed: Mon Jan 25 15:39:25 2016 +0800
----------------------------------------------------------------------
.../kerby/kerberos/kerb/client/request/ArmoredRequest.java | 2 +-
.../kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java | 8 +++++---
.../org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java | 1 -
3 files changed, 6 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b316a5a1/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredRequest.java
index 4bc99ed..a52d652 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredRequest.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/ArmoredRequest.java
@@ -186,7 +186,7 @@ public class ArmoredRequest {
*/
private EncryptionKey makeArmorKey(EncryptionKey subKey, EncryptionKey armorCacheKey)
throws KrbException {
- EncryptionKey armorKey = FastUtil.cf2(subKey, "subkeyarmor", armorCacheKey, "ticketarmor");
+ EncryptionKey armorKey = FastUtil.makeArmorKey(subKey, armorCacheKey);
return armorKey;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b316a5a1/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java
index 2a1d05e..f4981a8 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java
@@ -121,7 +121,9 @@ public class PkinitCrypto {
LOG.error(errMsg);
throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, errMsg);
}
- checkDHWellknown(cryptoctx, dhParameter, dhPrimeBits);
+ if (!checkDHWellknown(cryptoctx, dhParameter, dhPrimeBits)) {
+ throw new KrbException(KrbErrorCode.KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED);
+ }
}
/**
@@ -199,7 +201,7 @@ public class PkinitCrypto {
}
/**
- * The contentType field of the type ContentInfo
+ * RFC4556: The contentType field of the type ContentInfo
* is id-signedData (1.2.840.113549.1.7.2),
* and the content field is a SignedData.
* The eContentType field for the type SignedData is
@@ -214,7 +216,7 @@ public class PkinitCrypto {
* @param certificateSet The certificate set
* @param crls The revocation info choices
* @param signerInfos The signerInfos
- * @return The encoded
+ * @return The encoded signed data bytes
* @throws KrbException e
*/
public static byte[] cmsSignedDataCreate(byte[] data, String oid, int version,
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b316a5a1/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
index 1bab24f..0d92eb3 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/fast/FastUtil.java
@@ -31,7 +31,6 @@ import java.nio.charset.StandardCharsets;
*/
public class FastUtil {
-
/**
* Call the PRF function multiple times with the pepper prefixed with
* a count byte to get enough bits of output.