You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2007/10/31 16:23:33 UTC
svn commit: r590715 - in /directory/apacheds/branches/bigbang:
kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/
kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/
kerberos-shared/src/main/jav...
Author: elecharny
Date: Wed Oct 31 08:23:32 2007
New Revision: 590715
URL: http://svn.apache.org/viewvc?rev=590715&view=rev
Log:
o The EncryptionType[] has been replaced by a Set<EncryptionType>
o Moved the getBestEncryptionTypes methods to KerberosUtils
o Renamed and moved the getEncryptionTypesSting() method (was getEncryptionTypes)
Modified:
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/KerberosUtils.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionTypeDecoder.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeEncoder.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/KerberosUtils.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/KerberosUtils.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/KerberosUtils.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/KerberosUtils.java Wed Oct 31 08:23:32 2007
@@ -22,9 +22,11 @@
import java.text.ParseException;
import java.util.ArrayList;
import java.util.List;
+import java.util.Set;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
import org.apache.directory.shared.ldap.util.StringTools;
@@ -219,5 +221,56 @@
}
return new KerberosPrincipal( name, principal.getNameType().getOrdinal() );
+ }
+
+
+ /**
+ * Get the matching encryption type from the configured types, searching
+ * into the requested types. We returns the first we find.
+ *
+ * @param requestedTypes The client encryption types
+ * @param configuredTypes The configured encryption types
+ * @return The first matching encryption type.
+ */
+ public static EncryptionType getBestEncryptionType( Set<EncryptionType> requestedTypes, Set<EncryptionType> configuredTypes )
+ {
+ for ( EncryptionType encryptionType:requestedTypes )
+ {
+ if ( configuredTypes.contains( encryptionType ) )
+ {
+ return encryptionType;
+ }
+ }
+
+ return null;
+ }
+
+
+ /**
+ * Build a list of encryptionTypes
+ *
+ * @param encryptionTypes The encryptionTypes
+ * @return A list comma separated of the encryptionTypes
+ */
+ public static String getEncryptionTypesString( Set<EncryptionType> encryptionTypes )
+ {
+ StringBuilder sb = new StringBuilder();
+ boolean isFirst = true;
+
+ for ( EncryptionType etype:encryptionTypes )
+ {
+ if ( isFirst )
+ {
+ isFirst = false;
+ }
+ else
+ {
+ sb.append( ", " );
+ }
+
+ sb.append( etype );
+ }
+
+ return sb.toString();
}
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionTypeDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionTypeDecoder.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionTypeDecoder.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionTypeDecoder.java Wed Oct 31 08:23:32 2007
@@ -21,8 +21,11 @@
import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.shared.asn1.der.DEREncodable;
import org.apache.directory.shared.asn1.der.DERInteger;
import org.apache.directory.shared.asn1.der.DERSequence;
@@ -37,15 +40,16 @@
* etype[8] SEQUENCE OF INTEGER, -- EncryptionType,
* -- in preference order
*/
- protected static EncryptionType[] decode( DERSequence sequence )
+ protected static Set<EncryptionType> decode( DERSequence sequence )
{
- EncryptionType[] eTypes = new EncryptionType[sequence.size()];
+ Set<EncryptionType> eTypes = new HashSet<EncryptionType>( sequence.size() );
int ii = 0;
- for ( Enumeration e = sequence.getObjects(); e.hasMoreElements(); )
+
+ for ( Enumeration<DEREncodable> e = sequence.getObjects(); e.hasMoreElements(); )
{
DERInteger object = ( DERInteger ) e.nextElement();
- eTypes[ii] = EncryptionType.getTypeByOrdinal( object.intValue() );
+ eTypes.add( EncryptionType.getTypeByOrdinal( object.intValue() ) );
ii++;
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java Wed Oct 31 08:23:32 2007
@@ -195,6 +195,7 @@
DERSequence etype = ( DERSequence ) derObject;
modifier.setEType( EncryptionTypeDecoder.decode( etype ) );
break;
+
case 9:
DERSequence hostAddresses = ( DERSequence ) derObject;
modifier.setAddresses( HostAddressDecoder.decodeSequence( hostAddresses ) );
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeEncoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeEncoder.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeEncoder.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeEncoder.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,8 @@
package org.apache.directory.server.kerberos.shared.io.encoder;
+import java.util.Set;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.shared.asn1.der.DERInteger;
import org.apache.directory.shared.asn1.der.DERSequence;
@@ -35,13 +37,13 @@
* etype[8] SEQUENCE OF INTEGER, -- EncryptionEngine,
* -- in preference order
*/
- protected static DERSequence encode( EncryptionType[] eType )
+ protected static DERSequence encode( Set<EncryptionType> eType )
{
DERSequence sequence = new DERSequence();
- for ( int ii = 0; ii < eType.length; ii++ )
+ for ( EncryptionType encryptionType:eType )
{
- sequence.add( DERInteger.valueOf( eType[ii].getOrdinal() ) );
+ sequence.add( DERInteger.valueOf( encryptionType.getOrdinal() ) );
}
return sequence;
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,8 @@
package org.apache.directory.server.kerberos.shared.messages;
+import java.util.Set;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.KerberosMessageType;
@@ -173,7 +175,7 @@
*
* @return The array of {@link EncryptionType}s.
*/
- public EncryptionType[] getEType()
+ public Set<EncryptionType> getEType()
{
return requestBody.getEType();
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,8 @@
package org.apache.directory.server.kerberos.shared.messages.value;
+import java.util.Set;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
@@ -39,7 +41,7 @@
private KerberosTime till;
private KerberosTime rtime; //optional
private int nonce;
- private EncryptionType[] eType;
+ private Set<EncryptionType> eType;
private HostAddresses addresses; //optional
private EncryptedData encAuthorizationData; //optional
private Ticket[] additionalTickets; //optional
@@ -61,7 +63,7 @@
* @param additionalTickets
*/
public RequestBody( KdcOptions kdcOptions, KerberosPrincipal clientPrincipal, KerberosPrincipal serverPrincipal,
- KerberosTime from, KerberosTime till, KerberosTime rtime, int nonce, EncryptionType[] eType,
+ KerberosTime from, KerberosTime till, KerberosTime rtime, int nonce, Set<EncryptionType> eType,
HostAddresses addresses, EncryptedData encAuthorizationData, Ticket[] additionalTickets )
{
this.kdcOptions = kdcOptions;
@@ -138,7 +140,7 @@
*
* @return The requested {@link EncryptionType}s.
*/
- public EncryptionType[] getEType()
+ public Set<EncryptionType> getEType()
{
return eType;
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,8 @@
package org.apache.directory.server.kerberos.shared.messages.value;
+import java.util.Set;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
@@ -39,7 +41,7 @@
private KerberosTime till;
private KerberosTime rtime; //optional
private int nonce;
- private EncryptionType[] eType;
+ private Set<EncryptionType> eType;
private HostAddresses addresses; //optional
private EncryptedData encAuthorizationData; //optional
private Ticket[] additionalTickets; //optional
@@ -132,7 +134,7 @@
*
* @param type
*/
- public void setEType( EncryptionType[] type )
+ public void setEType( Set<EncryptionType> type )
{
eType = type;
}
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java Wed Oct 31 08:23:32 2007
@@ -23,7 +23,10 @@
import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.ArrayList;
+import java.util.HashSet;
import java.util.List;
+import java.util.Map;
+import java.util.Set;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -101,7 +104,7 @@
private static final boolean DEFAULT_VERIFY_BODY_CHECKSUM = true;
/** The encryption types. */
- private EncryptionType[] encryptionTypes;
+ private Set<EncryptionType> encryptionTypes;
/** The primary realm */
private String primaryRealm = DEFAULT_REALM;
@@ -238,10 +241,31 @@
/**
+ * Initialize the encryptionTypes set
+ *
* @param encryptionTypes the encryptionTypes to set
*/
public void setEncryptionTypes( EncryptionType[] encryptionTypes )
{
+ if ( encryptionTypes != null )
+ {
+ this.encryptionTypes.clear();
+
+ for ( EncryptionType encryptionType:encryptionTypes )
+ {
+ this.encryptionTypes.add( encryptionType );
+ }
+ }
+ }
+
+
+ /**
+ * Initialize the encryptionTypes set
+ *
+ * @param encryptionTypes the encryptionTypes to set
+ */
+ public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
+ {
this.encryptionTypes = encryptionTypes;
}
@@ -363,7 +387,7 @@
*
* @return The encryption types.
*/
- public EncryptionType[] getEncryptionTypes()
+ public Set<EncryptionType> getEncryptionTypes()
{
return encryptionTypes;
}
@@ -439,11 +463,14 @@
}
+ /**
+ * Construct an HashSet containing the default encryption types
+ */
private void prepareEncryptionTypes()
{
String[] encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
- List<EncryptionType> encTypes = new ArrayList<EncryptionType>();
+ encryptionTypes = new HashSet<EncryptionType>();
for ( String enc : encryptionTypeStrings )
{
@@ -451,11 +478,9 @@
{
if ( type.getName().equalsIgnoreCase( enc ) )
{
- encTypes.add( type );
+ encryptionTypes.add( type );
}
}
}
-
- encryptionTypes = encTypes.toArray( new EncryptionType[encTypes.size()] );
}
}
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java Wed Oct 31 08:23:32 2007
@@ -20,7 +20,7 @@
package org.apache.directory.server.kerberos.kdc;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -74,7 +74,7 @@
sb.append( "\n\t" + "kdcOptions: " + request.getKdcOptions() );
sb.append( "\n\t" + "clientPrincipal: " + request.getClientPrincipal() );
sb.append( "\n\t" + "serverPrincipal: " + request.getServerPrincipal() );
- sb.append( "\n\t" + "encryptionType: " + getEncryptionTypes( request ) );
+ sb.append( "\n\t" + "encryptionType: " + KerberosUtils.getEncryptionTypesString( request.getEType() ) );
sb.append( "\n\t" + "realm: " + request.getRealm() );
sb.append( "\n\t" + "from time: " + request.getFrom() );
sb.append( "\n\t" + "till time: " + request.getTill() );
@@ -91,26 +91,6 @@
}
next.execute( session, message );
- }
-
-
- protected String getEncryptionTypes( KdcRequest request )
- {
- EncryptionType[] etypes = request.getEType();
-
- StringBuffer sb = new StringBuffer();
-
- for ( int ii = 0; ii < etypes.length; ii++ )
- {
- sb.append( etypes[ii].toString() );
-
- if ( ii < etypes.length - 1 )
- {
- sb.append( ", " );
- }
- }
-
- return sb.toString();
}
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,9 @@
package org.apache.directory.server.kerberos.kdc;
+import java.util.Set;
+
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
@@ -46,9 +49,9 @@
KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() );
KdcServer config = kdcContext.getConfig();
- EncryptionType[] requestedTypes = kdcContext.getRequest().getEType();
+ Set<EncryptionType> requestedTypes = kdcContext.getRequest().getEType();
- EncryptionType bestType = getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
+ EncryptionType bestType = KerberosUtils.getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
log.debug( "Session will use encryption type {}.", bestType );
@@ -60,23 +63,6 @@
kdcContext.setEncryptionType( bestType );
next.execute( session, message );
- }
-
-
- protected EncryptionType getBestEncryptionType( EncryptionType[] requestedTypes, EncryptionType[] configuredTypes )
- {
- for ( int ii = 0; ii < requestedTypes.length; ii++ )
- {
- for ( int jj = 0; jj < configuredTypes.length; jj++ )
- {
- if ( requestedTypes[ii] == configuredTypes[jj] )
- {
- return configuredTypes[jj];
- }
- }
- }
-
- return null;
}
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java Wed Oct 31 08:23:32 2007
@@ -23,6 +23,7 @@
import java.io.IOException;
import java.net.InetAddress;
import java.util.Date;
+import java.util.Set;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -33,6 +34,7 @@
import org.apache.directory.server.kerberos.sam.SamException;
import org.apache.directory.server.kerberos.sam.SamSubsystem;
import org.apache.directory.server.kerberos.shared.KerberosConstants;
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
@@ -110,9 +112,9 @@
KdcContext kdcContext = ( KdcContext ) session.getAttribute( CONTEXT_KEY );
KdcServer config = kdcContext.getConfig();
- EncryptionType[] requestedTypes = kdcContext.getRequest().getEType();
+ Set<EncryptionType> requestedTypes = kdcContext.getRequest().getEType();
- EncryptionType bestType = getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
+ EncryptionType bestType = KerberosUtils.getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
LOG.debug( "Session will use encryption type {}.", bestType );
@@ -630,7 +632,7 @@
sb.append( "\n\t" + "kdcOptions: " + request.getKdcOptions() );
sb.append( "\n\t" + "clientPrincipal: " + request.getClientPrincipal() );
sb.append( "\n\t" + "serverPrincipal: " + request.getServerPrincipal() );
- sb.append( "\n\t" + "encryptionType: " + getEncryptionTypes( request ) );
+ sb.append( "\n\t" + "encryptionType: " + KerberosUtils.getEncryptionTypesString( request.getEType() ) );
sb.append( "\n\t" + "realm: " + request.getRealm() );
sb.append( "\n\t" + "from time: " + request.getFrom() );
sb.append( "\n\t" + "till time: " + request.getTill() );
@@ -768,34 +770,13 @@
/**
- * Find the best encryption type, comparing the requested type with
- * configured types.
- */
- protected static EncryptionType getBestEncryptionType( EncryptionType[] requestedTypes, EncryptionType[] configuredTypes )
- {
- for ( EncryptionType requestedType:requestedTypes )
- {
- for ( EncryptionType configuredType:configuredTypes )
- {
- if ( requestedType == configuredType )
- {
- return configuredType;
- }
- }
- }
-
- return null;
- }
-
-
- /**
* Prepares a pre-authentication error message containing required
* encryption types.
*
* @param encryptionTypes
* @return The error message as bytes.
*/
- private static byte[] preparePreAuthenticationError( EncryptionType[] encryptionTypes )
+ private static byte[] preparePreAuthenticationError( Set<EncryptionType> encryptionTypes )
{
PaData[] paDataSequence = new PaData[2];
@@ -805,10 +786,12 @@
paDataSequence[0] = paData;
- EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[encryptionTypes.length];
- for ( int ii = 0; ii < encryptionTypes.length; ii++ )
+ EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[ encryptionTypes.size() ];
+ int i = 0;
+
+ for ( EncryptionType encryptionType:encryptionTypes )
{
- entries[ii] = new EncryptionTypeInfoEntry( encryptionTypes[ii], null );
+ entries[i++] = new EncryptionTypeInfoEntry( encryptionType, null );
}
byte[] encTypeInfo = null;
@@ -836,30 +819,5 @@
{
return null;
}
- }
-
-
- protected static String getEncryptionTypes( KdcRequest request )
- {
- EncryptionType[] etypes = request.getEType();
-
- StringBuilder sb = new StringBuilder();
- boolean isFirst = true;
-
- for ( EncryptionType etype:etypes )
- {
- if ( isFirst )
- {
- isFirst = false;
- }
- else
- {
- sb.append( ", " );
- }
-
- sb.append( etype );
- }
-
- return sb.toString();
}
}
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java Wed Oct 31 08:23:32 2007
@@ -88,8 +88,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- { EncryptionType.DES_CBC_MD5 };
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
modifier.setEType( encryptionTypes );
modifier.setNonce( random.nextInt() );
@@ -129,8 +129,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- { EncryptionType.AES128_CTS_HMAC_SHA1_96 };
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
modifier.setNonce( random.nextInt() );
@@ -180,8 +180,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- { EncryptionType.AES128_CTS_HMAC_SHA1_96 };
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
int nonce = random.nextInt();
@@ -231,8 +231,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] requestedEncryptionTypes =
- { EncryptionType.AES128_CTS_HMAC_SHA1_96 };
+ Set<EncryptionType> requestedEncryptionTypes = new HashSet<EncryptionType>();
+ requestedEncryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( requestedEncryptionTypes );
modifier.setNonce( random.nextInt() );
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java Wed Oct 31 08:23:32 2007
@@ -20,6 +20,9 @@
package org.apache.directory.server.kerberos.protocol;
+import java.util.HashSet;
+import java.util.Set;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcServer;
@@ -173,8 +176,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes = new EncryptionType[]
- { EncryptionType.DES3_CBC_MD5 };
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES3_CBC_MD5 );
modifier.setEType( encryptionTypes );
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java Wed Oct 31 08:23:32 2007
@@ -98,8 +98,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.DES_CBC_MD5};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
modifier.setEType( encryptionTypes );
@@ -149,8 +149,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.AES128_CTS_HMAC_SHA1_96};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
@@ -213,8 +213,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.AES128_CTS_HMAC_SHA1_96};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
@@ -276,8 +276,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.AES128_CTS_HMAC_SHA1_96};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
@@ -342,8 +342,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.AES128_CTS_HMAC_SHA1_96};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
@@ -406,8 +406,8 @@
modifier.setServerName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes =
- {EncryptionType.AES128_CTS_HMAC_SHA1_96};
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
modifier.setEType( encryptionTypes );
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java?rev=590715&r1=590714&r2=590715&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java Wed Oct 31 08:23:32 2007
@@ -21,6 +21,8 @@
import java.net.InetAddress;
+import java.util.HashSet;
+import java.util.Set;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -813,8 +815,8 @@
modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
modifier.setRealm( "EXAMPLE.COM" );
- EncryptionType[] encryptionTypes = new EncryptionType[]
- { EncryptionType.DES3_CBC_MD5 };
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES3_CBC_MD5 );
modifier.setEType( encryptionTypes );