You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/09/10 20:25:59 UTC
svn commit: r280022 - in
/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos:
crypto/DesStringToKey.java crypto/RandomKey.java service/DesStringToKey.java
Author: erodriguez
Date: Sat Sep 10 11:25:54 2005
New Revision: 280022
URL: http://svn.apache.org/viewcvs?rev=280022&view=rev
Log:
Refactored random session key generation to be a chain link.
Added:
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java (contents, props changed)
- copied, changed from r280020, directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/DesStringToKey.java
Removed:
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/DesStringToKey.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/RandomKey.java
Copied: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java (from r280020, directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/DesStringToKey.java)
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java?p2=directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java&p1=directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/DesStringToKey.java&r1=280020&r2=280022&rev=280022&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/crypto/DesStringToKey.java (original)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java Sat Sep 10 11:25:54 2005
@@ -14,32 +14,28 @@
* limitations under the License.
*
*/
-package org.apache.kerberos.crypto;
+package org.apache.kerberos.service;
+import java.io.UnsupportedEncodingException;
+
+import org.apache.kerberos.chain.impl.CommandBase;
import org.bouncycastle.crypto.engines.DESEngine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-public class DesStringToKey
+public abstract class DesStringToKey extends CommandBase
{
- private byte[] desKey;
-
- public DesStringToKey( String passPhrase )
+ public byte[] getKey( String passPhrase )
{
- desKey = generateKey( passPhrase );
+ return generateKey( passPhrase );
}
// This is the concatenation order as designated in RFC 1510
- public DesStringToKey( String password, String realmName, String userName )
+ public byte[] getKey( String password, String realmName, String userName )
{
- desKey = generateKey( password + realmName + userName );
- }
-
- public byte[] getKey()
- {
- return desKey;
+ return generateKey( password + realmName + userName );
}
private byte[] generateKey( String passPhrase )
@@ -73,62 +69,66 @@
{
byte secretKey[] = new byte[ 8 ];
- int i = paddedByteArray.length / 8;
+ int div = paddedByteArray.length / 8;
- for ( int x = 0; x < i; x++ )
+ for ( int ii = 0; ii < div; ii++ )
{
byte blockValue1[] = new byte[ 8 ];
- System.arraycopy( paddedByteArray, x * 8, blockValue1, 0, 8 );
+ System.arraycopy( paddedByteArray, ii * 8, blockValue1, 0, 8 );
- if ( x % 2 == 1 )
+ if ( ii % 2 == 1 )
{
byte tempbyte1 = 0;
byte tempbyte2 = 0;
byte blockValue2[] = new byte[ 8 ];
- for ( int y = 0; y < 8; y++ )
+ for ( int jj = 0; jj < 8; jj++ )
{
tempbyte2 = 0;
- for ( int z = 0; z < 4; z++ )
+
+ for ( int kk = 0; kk < 4; kk++ )
{
- tempbyte2 = (byte) ( ( 1 << ( 7 - z ) ) & 0xff );
- tempbyte1 |= ( blockValue1[ y ] & tempbyte2 ) >>> ( 7 - 2 * z );
+ tempbyte2 = (byte) ( ( 1 << ( 7 - kk ) ) & 0xff );
+ tempbyte1 |= ( blockValue1[ jj ] & tempbyte2 ) >>> ( 7 - 2 * kk );
tempbyte2 = 0;
}
- for ( int z = 4; z < 8; z++ )
+
+ for ( int kk = 4; kk < 8; kk++ )
{
- tempbyte2 = (byte) ( ( 1 << ( 7 - z ) ) & 0xff );
- tempbyte1 |= ( blockValue1[ y ] & tempbyte2 ) << ( 2 * z - 7 );
+ tempbyte2 = (byte) ( ( 1 << ( 7 - kk ) ) & 0xff );
+ tempbyte1 |= ( blockValue1[ jj ] & tempbyte2 ) << ( 2 * kk - 7 );
tempbyte2 = 0;
}
- blockValue2[ 7 - y ] = tempbyte1;
+
+ blockValue2[ 7 - jj ] = tempbyte1;
tempbyte1 = 0;
}
- for ( int a = 0; a < 8; a++ )
+ for ( int jj = 0; jj < 8; jj++ )
{
- blockValue2[ a ] = (byte) ( ( ( blockValue2[ a ] & 0xff ) >>> 1 ) & 0xff );
+ blockValue2[ jj ] = (byte) ( ( ( blockValue2[ jj ] & 0xff ) >>> 1 ) & 0xff );
}
System.arraycopy( blockValue2, 0, blockValue1, 0, blockValue2.length );
}
- for ( int a = 0; a < 8; a++ )
+ for ( int jj = 0; jj < 8; jj++ )
{
- blockValue1[ a ] = (byte) ( ( ( blockValue1[ a ] & 0xff ) << 1 ) & 0xff );
+ blockValue1[ jj ] = (byte) ( ( ( blockValue1[ jj ] & 0xff ) << 1 ) & 0xff );
}
// ... eXclusive-ORed with itself to form an 8-byte DES key
- for ( int b = 0; b < 8; b++ )
+ for ( int jj = 0; jj < 8; jj++ )
{
- secretKey[ b ] ^= blockValue1[ b ];
+ secretKey[ jj ] ^= blockValue1[ jj ];
}
}
+
return secretKey;
}
// TODO - Re-evaluate when DES3 keys are supported. This is duplicated
- // with parts of CryptoService, but makes this class standalone.
+ // with parts of EncryptionEngine, but makes this class standalone.
private byte[] encryptSecretKey( byte data[], byte key[] )
{
CBCBlockCipher cipher = new CBCBlockCipher( new DESEngine() );
@@ -141,10 +141,10 @@
byte encKey[] = new byte[ data.length ];
byte ivBytes[] = new byte[ 8 ];
- for ( int x = 0; x < data.length / 8; x++ )
+ for ( int ii = 0; ii < data.length / 8; ii++ )
{
- cipher.processBlock( data, x * 8, encKey, x * 8 );
- System.arraycopy( encKey, x * 8, ivBytes, 0, 8 );
+ cipher.processBlock( data, ii * 8, encKey, ii * 8 );
+ System.arraycopy( encKey, ii * 8, ivBytes, 0, 8 );
iv = new ParametersWithIV( kp, ivBytes );
cipher.init( true, iv );
}
@@ -156,6 +156,7 @@
private byte[] getStrongKey( byte keyValue[] )
{
keyValue[ 7 ] ^= 0xf0;
+
return keyValue;
}
@@ -163,41 +164,44 @@
private byte[] characterEncodeString( String str )
{
byte encodedByteArray[] = new byte[ str.length() ];
+
try
{
encodedByteArray = str.getBytes( "8859_1" );
}
- catch ( java.io.UnsupportedEncodingException ue )
+ catch ( UnsupportedEncodingException ue )
{
}
+
return encodedByteArray;
}
// Add padding to make an exact multiple of 8.
// TODO - Re-evaluate when DES3 keys are supported. This is duplicated
- // with parts of CryptoService, but makes this class standalone.
+ // with parts of EncryptionEngine, but makes this class standalone.
private byte[] padString( byte encodedString[] )
{
- int x;
+ int length;
+
if ( encodedString.length < 8 )
{
- x = encodedString.length;
+ length = encodedString.length;
}
else
{
- x = encodedString.length % 8;
+ length = encodedString.length % 8;
}
- if ( x == 0 )
+ if ( length == 0 )
{
return encodedString;
}
- byte paddedByteArray[] = new byte[ ( 8 - x ) + encodedString.length ];
+ byte paddedByteArray[] = new byte[ ( 8 - length ) + encodedString.length ];
- for ( int y = paddedByteArray.length - 1; y > encodedString.length - 1; y-- )
+ for ( int ii = paddedByteArray.length - 1; ii > encodedString.length - 1; ii-- )
{
- paddedByteArray[ y ] = 0;
+ paddedByteArray[ ii ] = 0;
}
System.arraycopy( encodedString, 0, paddedByteArray, 0, encodedString.length );
Propchange: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/DesStringToKey.java
------------------------------------------------------------------------------
svn:keywords = Rev