You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/12 14:06:33 UTC
[25/50] [abbrv] directory-kerberos git commit: Renaming packages in
haox-kerb projects, using "apache"
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/EncTsPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/EncTsPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/EncTsPreauthMeta.java
deleted file mode 100644
index 563c07a..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/EncTsPreauthMeta.java
+++ /dev/null
@@ -1,26 +0,0 @@
-package org.haox.kerb.preauth.builtin;
-
-import org.haox.kerb.preauth.PreauthPluginMeta;
-import org.haox.kerb.spec.pa.PaDataType;
-
-public class EncTsPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "encrypted_timestamp";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.ENC_TIMESTAMP
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/TgtPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/TgtPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/TgtPreauthMeta.java
deleted file mode 100644
index 596b377..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/builtin/TgtPreauthMeta.java
+++ /dev/null
@@ -1,29 +0,0 @@
-package org.haox.kerb.preauth.builtin;
-
-import org.haox.kerb.preauth.PreauthPluginMeta;
-import org.haox.kerb.spec.pa.PaDataType;
-
-/**
- * A faked preauth module for TGS request handling
- */
-public class TgtPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "TGT_preauth";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.TGS_REQ
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityOpts.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityOpts.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityOpts.java
deleted file mode 100644
index 56acae1..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityOpts.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package org.haox.kerb.preauth.pkinit;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class IdentityOpts {
-
- // From MIT Krb5 _pkinit_identity_opts
- public String identity;
- public List<String> AltIdentities = new ArrayList<String>(1);
- public List<String> anchors = new ArrayList<String>(4);
- public List<String> intermediates = new ArrayList<String>(2);
- public List<String> crls = new ArrayList<String>(2);
- public String ocsp;
- public IdentityType idType;
- public String certFile;
- public String keyFile;
-
- // PKCS11
- public String p11ModuleName;
- public int slotid;
- public String tokenLabel;
- public String certId;
- public String certLabel;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityType.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityType.java
deleted file mode 100644
index 2a5e574..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/IdentityType.java
+++ /dev/null
@@ -1,10 +0,0 @@
-package org.haox.kerb.preauth.pkinit;
-
-public enum IdentityType {
- NONE,
- FILE,
- DIR,
- PKCS11,
- PKCS12,
- ENVVAR,
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitIdenity.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitIdenity.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitIdenity.java
deleted file mode 100644
index 25ed9d6..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitIdenity.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package org.haox.kerb.preauth.pkinit;
-
-import org.haox.kerb.spec.common.PrincipalName;
-
-public class PkinitIdenity {
-
- public static void processIdentityOption(IdentityOpts identityOpts, String value) {
- IdentityType idType = IdentityType.NONE;
- String residual = null;
- if (value.contains(":")) {
- if (value.startsWith("FILE:")) {
- idType = IdentityType.FILE;
- } else if (value.startsWith("PKCS11:")) {
- idType = IdentityType.PKCS11;
- } else if (value.startsWith("PKCS12:")) {
- idType = IdentityType.PKCS12;
- } else if (value.startsWith("DIR:")) {
- idType = IdentityType.DIR;
- } else if (value.startsWith("ENV:")) {
- idType = IdentityType.ENVVAR;
- } else {
- throw new RuntimeException("Invalid Identity option format: " + value);
- }
- } else {
- residual = value;
- idType = IdentityType.FILE;
- }
-
- identityOpts.idType = idType;
- switch (idType) {
- case ENVVAR:
- processIdentityOption(identityOpts, System.getenv(residual));
- break;
- case FILE:
- parseFileOption(identityOpts, residual);
- break;
- case PKCS11:
- parsePkcs11Option(identityOpts, residual);
- break;
- case PKCS12:
- parsePkcs12Option(identityOpts, residual);
- break;
- case DIR:
- identityOpts.certFile = residual;
- break;
- }
- }
-
- public static void parseFileOption(IdentityOpts identityOpts, String residual) {
- String[] parts = residual.split(",");
- String certName = null;
- String keyName = null;
-
- certName = parts[0];
- if (parts.length > 1) {
- keyName = parts[1];
- }
-
- identityOpts.certFile = certName;
- identityOpts.keyFile = keyName;
- }
-
- public static void parsePkcs12Option(IdentityOpts identityOpts, String residual) {
- identityOpts.certFile = residual;
- identityOpts.keyFile = residual;
- }
-
- public static void parsePkcs11Option(IdentityOpts identityOpts, String residual) {
- // TODO
- }
-
- public static void loadCerts(IdentityOpts identityOpts, PrincipalName principal) {
- switch (identityOpts.idType) {
- case FILE:
- loadCertsFromFile(identityOpts, principal);
- break;
- case DIR:
- loadCertsFromDir(identityOpts, principal);
- break;
- case PKCS11:
- loadCertsAsPkcs11(identityOpts, principal);
- break;
- case PKCS12:
- loadCertsAsPkcs12(identityOpts, principal);
- break;
- }
- }
-
- private static void loadCertsAsPkcs12(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsAsPkcs11(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsFromDir(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- private static void loadCertsFromFile(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
- public static void initialize(IdentityOpts identityOpts, PrincipalName principal) {
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitPreauthMeta.java
deleted file mode 100644
index 14969e0..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PkinitPreauthMeta.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package org.haox.kerb.preauth.pkinit;
-
-import org.haox.kerb.preauth.PreauthPluginMeta;
-import org.haox.kerb.spec.pa.PaDataType;
-
-public class PkinitPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "PKINIT";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.PK_AS_REQ,
- PaDataType.PK_AS_REP,
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PluginOpts.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PluginOpts.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PluginOpts.java
deleted file mode 100644
index febbd35..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/pkinit/PluginOpts.java
+++ /dev/null
@@ -1,48 +0,0 @@
-package org.haox.kerb.preauth.pkinit;
-
-import org.apache.haox.asn1.type.Asn1ObjectIdentifier;
-import org.haox.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
-import org.haox.kerb.spec.pa.pkinit.TrustedCertifiers;
-import org.haox.kerb.spec.x509.AlgorithmIdentifier;
-
-public class PluginOpts {
-
- // From MIT Krb5 _pkinit_plg_opts
-
- // require EKU checking (default is true)
- public boolean requireEku = true;
- // accept secondary EKU (default is false)
- public boolean acceptSecondaryEku = false;
- // allow UPN-SAN instead of pkinit-SAN
- public boolean allowUpn = true;
- // selects DH or RSA based pkinit
- public boolean usingRsa = true;
- // require CRL for a CA (default is false)
- public boolean requireCrlChecking = false;
- // the size of the Diffie-Hellman key the client will attempt to use.
- // The acceptable values are 1024, 2048, and 4096. The default is 2048.
- public int dhMinBits = 2048;
-
- public AlgorithmIdentifiers createSupportedCMSTypes() {
- AlgorithmIdentifiers cmsAlgorithms = new AlgorithmIdentifiers();
- AlgorithmIdentifier des3Alg = new AlgorithmIdentifier();
- cmsAlgorithms.add(des3Alg);
-
- String oidStr = "DES3-OID";
- Asn1ObjectIdentifier des3Oid = new Asn1ObjectIdentifier(oidStr);
- des3Alg.setAlgorithm(des3Oid);
- des3Alg.setParameters(null);
-
- return cmsAlgorithms;
- }
-
- public TrustedCertifiers createTrustedCertifiers() {
- TrustedCertifiers trustedCertifiers = new TrustedCertifiers();
-
- return trustedCertifiers;
- }
-
- public byte[] createIssuerAndSerial() {
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/token/TokenPreauthMeta.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/token/TokenPreauthMeta.java b/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/token/TokenPreauthMeta.java
deleted file mode 100644
index e29f5e2..0000000
--- a/haox-kerb/kerb-common/src/main/java/org/haox/kerb/preauth/token/TokenPreauthMeta.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package org.haox.kerb.preauth.token;
-
-import org.haox.kerb.preauth.PreauthPluginMeta;
-import org.haox.kerb.spec.pa.PaDataType;
-
-public class TokenPreauthMeta implements PreauthPluginMeta {
-
- private static String NAME = "TokenPreauth";
- private static int VERSION = 1;
- private static PaDataType[] PA_TYPES = new PaDataType[] {
- PaDataType.TOKEN_CHALLENGE,
- PaDataType.TOKEN_REQUEST
- };
-
- @Override
- public String getName() {
- return NAME;
- }
-
- public int getVersion() {
- return VERSION;
- }
-
- public PaDataType[] getPaTypes() {
- return PA_TYPES;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/resources/kdc-krb5.conf b/haox-kerb/kerb-common/src/main/resources/kdc-krb5.conf
deleted file mode 100644
index d118dd1..0000000
--- a/haox-kerb/kerb-common/src/main/resources/kdc-krb5.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = {0}
- udp_preference_limit = 1
-
-[realms]
- {0} = '{'
- kdc = {1}:{2}
- '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-common/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-common/src/main/resources/kdc.ldiff b/haox-kerb/kerb-common/src/main/resources/kdc.ldiff
deleted file mode 100644
index e344131..0000000
--- a/haox-kerb/kerb-common/src/main/resources/kdc.ldiff
+++ /dev/null
@@ -1,30 +0,0 @@
-dn: ou=users,dc=${0},dc=${1}
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: KDC Service
-sn: Service
-uid: krbtgt
-userPassword: secret
-krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
-krb5KeyVersionNumber: 0
-
-dn: uid=ldap,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: LDAP
-sn: Service
-uid: ldap
-userPassword: secret
-krb5PrincipalName: ldap/${4}@${2}.${3}
-krb5KeyVersionNumber: 0
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
new file mode 100644
index 0000000..6075f67
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbConstant.java
@@ -0,0 +1,7 @@
+package org.apache.kerberos.kerb;
+
+public interface KrbConstant {
+ public final static int KRB_V5 = 5;
+
+ public final static String TGS_PRINCIPAL = "krbtgt";
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
new file mode 100644
index 0000000..b7be499
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorCode.java
@@ -0,0 +1,109 @@
+package org.apache.kerberos.kerb;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum KrbErrorCode implements KrbEnum {
+ KDC_ERR_NONE(0, "No error"),
+ KDC_ERR_NAME_EXP(1, "Client's entry in database has expired"),
+ KDC_ERR_SERVICE_EXP(2, "Server's entry in database has expired"),
+ KDC_ERR_BAD_PVNO(3, "Requested protocol version number not supported"),
+ KDC_ERR_C_OLD_MAST_KVNO(4, "Client's key encrypted in old master key"),
+ KDC_ERR_S_OLD_MAST_KVNO(5, "Server's key encrypted in old master key"),
+ KDC_ERR_C_PRINCIPAL_UNKNOWN(6, "Client not found in Kerberos database"),
+ KDC_ERR_S_PRINCIPAL_UNKNOWN(7, "Server not found in Kerberos database"),
+ KDC_ERR_PRINCIPAL_NOT_UNIQUE(8, "Multiple principal entries in database"),
+ KDC_ERR_NULL_KEY(9, "The client or server has a null key"),
+ KDC_ERR_CANNOT_POSTDATE(10, "Ticket not eligible for postdating"),
+ KDC_ERR_NEVER_VALID(11, "Requested start time is later than end time"),
+ KDC_ERR_POLICY(12, "KDC policy rejects request"),
+ KDC_ERR_BADOPTION(13, "KDC cannot accommodate requested option"),
+ KDC_ERR_ETYPE_NOSUPP(14, "KDC has no support for encryption type"),
+ KDC_ERR_SUMTYPE_NOSUPP(15, "KDC has no support for checksum type"),
+ KDC_ERR_PADATA_TYPE_NOSUPP(16, "KDC has no support for padata type"),
+ KDC_ERR_TRTYPE_NOSUPP(17, "KDC has no support for transited type"),
+ KDC_ERR_CLIENT_REVOKED(18, "Clients credentials have been revoked"),
+ KDC_ERR_SERVICE_REVOKED(19, "Credentials for server have been revoked"),
+ KDC_ERR_TGT_REVOKED(20, "TGT has been revoked"),
+ KDC_ERR_CLIENT_NOTYET(21, "Client not yet valid; try again later"),
+ KDC_ERR_SERVICE_NOTYET(22, "Server not yet valid; try again later"),
+ KDC_ERR_KEY_EXPIRED(23, "Password has expired; change password to reset"),
+ KDC_ERR_PREAUTH_FAILED(24, "Pre-authentication information was invalid"),
+ KDC_ERR_PREAUTH_REQUIRED(25, "Additional pre-authentication required"),
+ KDC_ERR_SERVER_NOMATCH(26, "Requested server and ticket don't match"),
+ KDC_ERR_MUST_USE_USER2USER(27, "Server valid for user2user only"),
+ KDC_ERR_PATH_NOT_ACCEPTED(28, "KDC Policy rejects transited path"),
+ KDC_ERR_SVC_UNAVAILABLE(29, "A service is not available"),
+ KRB_AP_ERR_BAD_INTEGRITY(31, "Integrity check on decrypted field failed"),
+ KRB_AP_ERR_TKT_EXPIRED(32, "Ticket expired"),
+ KRB_AP_ERR_TKT_NYV(33, "Ticket not yet valid"),
+ KRB_AP_ERR_REPEAT(34, "Request is a replay"),
+ KRB_AP_ERR_NOT_US(35, "The ticket isn't for us"),
+ KRB_AP_ERR_BADMATCH(36, "Ticket and authenticator don't match"),
+ KRB_AP_ERR_SKEW(37, "Clock skew too great"),
+ KRB_AP_ERR_BADADDR(38, "Incorrect net address"),
+ KRB_AP_ERR_BADVERSION(39, "Protocol version mismatch"),
+ KRB_AP_ERR_MSG_TYPE(40, "Invalid msg type"),
+ KRB_AP_ERR_MODIFIED(41, "Message stream modified"),
+ KRB_AP_ERR_BADORDER(42, "Message out of order"),
+ KRB_AP_ERR_BADKEYVER(44, "Specified version of key is not available"),
+ KRB_AP_ERR_NOKEY(45, "Service key not available"),
+ KRB_AP_ERR_MUT_FAIL(46, "Mutual authentication failed"),
+ KRB_AP_ERR_BADDIRECTION(47, "Incorrect message direction"),
+ KRB_AP_ERR_METHOD(48, "Alternative authentication method required"),
+ KRB_AP_ERR_BADSEQ(49, "Incorrect sequence number in message"),
+ KRB_AP_ERR_INAPP_CKSUM(50, "Inappropriate type of checksum in message"),
+ KRB_AP_PATH_NOT_ACCEPTED(51, "Policy rejects transited path"),
+ RESPONSE_TOO_BIG(52, "Response too big for UDP; retry with TCP"),
+ KRB_ERR_GENERIC(60, "Generic error (description in e-text)"),
+ FIELD_TOOLONG(61, "Field is too long for this implementation"),
+ KDC_ERR_CLIENT_NOT_TRUSTED(62, "Client is not trusted"),
+ KDC_NOT_TRUSTED(63, "KDC is not trusted"),
+ KDC_ERR_INVALID_SIG(64, "Signature is invalid"),
+ KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED(65, "Diffie-Hellman (DH) key parameters not accepted."),
+ CERTIFICATE_MISMATCH(66, "Certificates do not match"),
+ KRB_AP_ERR_NO_TGT(67, "No TGT available to validate USER-TO-USER"),
+ WRONG_REALM(68, "Wrong realm"),
+ KRB_AP_ERR_USER_TO_USER_REQUIRED(69, "Ticket must be for USER-TO-USER"),
+ KDC_ERR_CANT_VERIFY_CERTIFICATE(70, "Can't verify certificate"),
+ KDC_ERR_INVALID_CERTIFICATE(71, "Invalid certificate"),
+ KDC_ERR_REVOKED_CERTIFICATE(72, "Revoked certificate"),
+ KDC_ERR_REVOCATION_STATUS_UNKNOWN(73, "Revocation status unknown"),
+ REVOCATION_STATUS_UNAVAILABLE(74, "Revocation status unavailable"),
+ KDC_ERR_CLIENT_NAME_MISMATCH(75, "Client names do not match"),
+ KDC_NAME_MISMATCH(76, "KDC names do not match"),
+ KDC_ERR_INCONSISTENT_KEY_PURPOSE(77, "Inconsistent key purpose"),
+ KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED(78, "Digest in certificate not accepted"),
+ KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED(79, "PA checksum must be included"),
+ KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED(80, "Digest in signed data not accepted"),
+ KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED(81, "Public key encryption not supported"),
+
+ KRB_TIMEOUT(5000, "Network timeout");
+
+ private final int value;
+ private final String message;
+
+ private KrbErrorCode(int value, String message) {
+ this.value = value;
+ this.message = message;
+ }
+
+ public static KrbErrorCode fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (KrbErrorCode) e;
+ }
+ }
+ }
+
+ return KRB_ERR_GENERIC;
+ }
+
+ public int getValue() {
+ return value;
+ }
+
+ public String getMessage() {
+ return message;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
new file mode 100644
index 0000000..bd6b0b4
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbErrorException.java
@@ -0,0 +1,16 @@
+package org.apache.kerberos.kerb;
+
+import org.apache.kerberos.kerb.spec.common.KrbError;
+
+public class KrbErrorException extends KrbException {
+ private KrbError krbError;
+
+ public KrbErrorException(KrbError krbError) {
+ super(krbError.getErrorCode().getMessage());
+ this.krbError = krbError;
+ }
+
+ public KrbError getKrbError() {
+ return krbError;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
new file mode 100644
index 0000000..5e50f3c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/KrbException.java
@@ -0,0 +1,24 @@
+package org.apache.kerberos.kerb;
+
+public class KrbException extends Exception {
+
+ public KrbException(String message) {
+ super(message);
+ }
+
+ public KrbException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public KrbException(KrbErrorCode errorCode) {
+ super(errorCode.getMessage());
+ }
+
+ public KrbException(KrbErrorCode errorCode, Throwable cause) {
+ super(errorCode.getMessage(), cause);
+ }
+
+ public KrbException(KrbErrorCode errorCode, String message) {
+ super(message + " with error code: " + errorCode.name());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
new file mode 100644
index 0000000..a42a261
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/codec/KrbCodec.java
@@ -0,0 +1,74 @@
+package org.apache.kerberos.kerb.codec;
+
+import org.apache.haox.asn1.LimitedByteBuffer;
+import org.apache.haox.asn1.type.AbstractAsn1Type;
+import org.apache.haox.asn1.type.Asn1Type;
+import org.apache.kerberos.kerb.KrbException;
+import org.apache.kerberos.kerb.spec.ap.ApReq;
+import org.apache.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerberos.kerb.spec.kdc.AsRep;
+import org.apache.kerberos.kerb.spec.kdc.AsReq;
+import org.apache.kerberos.kerb.spec.kdc.TgsRep;
+import org.apache.kerberos.kerb.spec.kdc.TgsReq;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class KrbCodec {
+
+ public static byte[] encode(Asn1Type krbObj) throws KrbException {
+ return krbObj.encode();
+ }
+
+ public static <T extends Asn1Type> T decode(byte[] content, Class<T> krbType) throws KrbException {
+ return decode(ByteBuffer.wrap(content), krbType);
+ }
+
+ public static <T extends Asn1Type> T decode(ByteBuffer content, Class<T> krbType) throws KrbException {
+ Asn1Type implObj = null;
+ try {
+ implObj = krbType.newInstance();
+ } catch (Exception e) {
+ throw new KrbException("Decoding failed", e);
+ }
+
+ try {
+ implObj.decode(content);
+ } catch (IOException e) {
+ throw new KrbException("Decoding failed", e);
+ }
+
+ return (T) implObj;
+ }
+
+ public static KrbMessage decodeMessage(ByteBuffer byteBuffer) throws IOException {
+ LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(byteBuffer);
+ int tag = AbstractAsn1Type.readTag(limitedBuffer);
+ int tagNo = AbstractAsn1Type.readTagNo(limitedBuffer, tag);
+ int length = AbstractAsn1Type.readLength(limitedBuffer);
+ LimitedByteBuffer valueBuffer = new LimitedByteBuffer(limitedBuffer, length);
+
+ KrbMessage msg = null;
+ KrbMessageType msgType = KrbMessageType.fromValue(tagNo);
+ if (msgType == KrbMessageType.TGS_REQ) {
+ msg = new TgsReq();
+ } else if (msgType == KrbMessageType.AS_REP) {
+ msg = new AsRep();
+ } else if (msgType == KrbMessageType.AS_REQ) {
+ msg = new AsReq();
+ } else if (msgType == KrbMessageType.TGS_REP) {
+ msg = new TgsRep();
+ } else if (msgType == KrbMessageType.AP_REQ) {
+ msg = new ApReq();
+ } else if (msgType == KrbMessageType.AP_REP) {
+ msg = new ApReq();
+ } else {
+ throw new IOException("To be supported krb message type with tag: " + tag);
+ }
+ msg.decode(tag, tagNo, valueBuffer);
+
+ return msg;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
new file mode 100644
index 0000000..8a79018
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosString.java
@@ -0,0 +1,15 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1GeneralString;
+
+/**
+ KerberosString ::= GeneralString -- (IA5String)
+ */
+public class KerberosString extends Asn1GeneralString {
+ public KerberosString() {
+ }
+
+ public KerberosString(String value) {
+ super(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
new file mode 100644
index 0000000..b902069
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosStrings.java
@@ -0,0 +1,24 @@
+package org.apache.kerberos.kerb.spec;
+
+import java.util.List;
+
+public class KerberosStrings extends KrbSequenceOfType<KerberosString> {
+
+ public KerberosStrings() {
+ super();
+ }
+
+ public KerberosStrings(List<String> strings) {
+ super();
+ setValues(strings);
+ }
+
+ public void setValues(List<String> values) {
+ clear();
+ if (values != null) {
+ for (String value : values) {
+ addElement(new KerberosString(value));
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
new file mode 100644
index 0000000..2817077
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KerberosTime.java
@@ -0,0 +1,99 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1GeneralizedTime;
+
+import java.util.Date;
+import java.util.TimeZone;
+
+/**
+ KerberosTime ::= GeneralizedTime -- with no fractional seconds
+ */
+public class KerberosTime extends Asn1GeneralizedTime {
+ private static final TimeZone UTC = TimeZone.getTimeZone("UTC");
+
+ public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
+
+ public static final int MINUTE = 60000;
+
+ public static final int DAY = MINUTE * 1440;
+
+ public static final int WEEK = MINUTE * 10080;
+
+ public KerberosTime() {
+ super(0L);
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public KerberosTime(long time) {
+ super(time);
+ }
+
+ /**
+ * Return time in milliseconds
+ */
+ public long getTime() {
+ if (getValue() != null) {
+ return getValue().getTime();
+ }
+ return 0L;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public void setTime(long time) {
+ setValue(new Date(time));
+ }
+
+ public long getTimeInSeconds() {
+ return getTime() / 1000;
+ }
+
+ public boolean lessThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) < 0;
+ }
+
+ public boolean lessThan(long time) {
+ return getValue().getTime() <= time * 1000;
+ }
+
+ public boolean greaterThan(KerberosTime ktime) {
+ return getValue().compareTo(ktime.getValue()) > 0;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public boolean isInClockSkew(long clockSkew) {
+ long delta = Math.abs(getTime() - System.currentTimeMillis());
+
+ return delta < clockSkew;
+ }
+
+ public KerberosTime copy() {
+ long time = getTime();
+ KerberosTime result = new KerberosTime(time);
+ return result;
+ }
+
+ /**
+ * time in milliseconds
+ */
+ public KerberosTime extend(long duration) {
+ long result = getTime() + duration;
+ return new KerberosTime(result);
+ }
+
+ /**
+ * Return diff time in milliseconds
+ */
+ public long diff(KerberosTime other) {
+ return getTime() - other.getTime();
+ }
+
+ public static KerberosTime now() {
+ return new KerberosTime(new Date().getTime());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
new file mode 100644
index 0000000..ce196af
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbAppSequenceType.java
@@ -0,0 +1,38 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.TaggingSequence;
+
+/**
+ * This is for application specific sequence tagged with a number.
+ */
+public abstract class KrbAppSequenceType extends TaggingSequence {
+ public KrbAppSequenceType(int tagNo, Asn1FieldInfo[] fieldInfos) {
+ super(tagNo, fieldInfos, true);
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ KerberosTime value = getFieldAs(index, KerberosTime.class);
+ return value;
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, KrbEnum krbEnum) {
+ setFieldAsInt(index, krbEnum.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
new file mode 100644
index 0000000..2457ad8
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbEnum.java
@@ -0,0 +1,5 @@
+package org.apache.kerberos.kerb.spec;
+
+public interface KrbEnum {
+ public int getValue();
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
new file mode 100644
index 0000000..cb86a79
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbIntegers.java
@@ -0,0 +1,35 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1Integer;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbIntegers extends KrbSequenceOfType<Asn1Integer> {
+
+ public KrbIntegers() {
+ super();
+ }
+
+ public KrbIntegers(List<Integer> values) {
+ super();
+ setValues(values);
+ }
+
+ public void setValues(List<Integer> values) {
+ clear();
+ if (values != null) {
+ for (Integer value : values) {
+ addElement(new Asn1Integer(value));
+ }
+ }
+ }
+
+ public List<Integer> getValues() {
+ List<Integer> results = new ArrayList<Integer>();
+ for (Asn1Integer value : getElements()) {
+ results.add(value.getValue());
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
new file mode 100644
index 0000000..f3225da
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceOfType.java
@@ -0,0 +1,24 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1SequenceOf;
+import org.apache.haox.asn1.type.Asn1String;
+import org.apache.haox.asn1.type.Asn1Type;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class KrbSequenceOfType<T extends Asn1Type> extends Asn1SequenceOf<T> {
+
+ public List<String> getAsStrings() {
+ List<T> elements = getElements();
+ List<String> results = new ArrayList<String>();
+ for (T ele : elements) {
+ if (ele instanceof Asn1String) {
+ results.add(((Asn1String) ele).getValue());
+ } else {
+ throw new RuntimeException("The targeted field type isn't of string");
+ }
+ }
+ return results;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
new file mode 100644
index 0000000..adf3828
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/KrbSequenceType.java
@@ -0,0 +1,36 @@
+package org.apache.kerberos.kerb.spec;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1SequenceType;
+
+public abstract class KrbSequenceType extends Asn1SequenceType {
+
+ public KrbSequenceType(Asn1FieldInfo[] fieldInfos) {
+ super(fieldInfos);
+ }
+
+ protected int getFieldAsInt(int index) {
+ Integer value = getFieldAsInteger(index);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ protected void setFieldAsString(int index, String value) {
+ setFieldAs(index, new KerberosString(value));
+ }
+
+ protected KerberosTime getFieldAsTime(int index) {
+ KerberosTime value = getFieldAs(index, KerberosTime.class);
+ return value;
+ }
+
+ protected void setFieldAsTime(int index, long value) {
+ setFieldAs(index, new KerberosTime(value));
+ }
+
+ protected void setField(int index, KrbEnum value) {
+ setFieldAsInt(index, value.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
new file mode 100644
index 0000000..6f9b5c2
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOption.java
@@ -0,0 +1,39 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+/**
+ APOptions ::= KrbFlags
+ -- reserved(0),
+ -- use-session-key(1),
+ -- mutual-required(2)
+ */
+public enum ApOption implements KrbEnum {
+ NONE(-1),
+ RESERVED(0x80000000),
+ USE_SESSION_KEY(0x40000000),
+ MUTUAL_REQUIRED(0x20000000),
+ ETYPE_NEGOTIATION(0x00000002),
+ USE_SUBKEY(0x00000001);
+
+ private final int value;
+
+ private ApOption(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static ApOption fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (ApOption) e;
+ }
+ }
+
+ return NONE;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
new file mode 100644
index 0000000..b829f35
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApOptions.java
@@ -0,0 +1,14 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.kerberos.kerb.spec.common.KrbFlags;
+
+public class ApOptions extends KrbFlags {
+
+ public ApOptions() {
+ this(0);
+ }
+
+ public ApOptions(int value) {
+ setFlags(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
new file mode 100644
index 0000000..0cdc71b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApRep.java
@@ -0,0 +1,46 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+
+/**
+ AP-REP ::= [APPLICATION 15] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (15),
+ enc-part [2] EncryptedData -- EncAPRepPart
+ }
+ */
+public class ApRep extends KrbMessage {
+ private static int ENC_PART = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, 1, Asn1Integer.class),
+ new Asn1FieldInfo(ENC_PART, 2, EncryptedData.class)
+ };
+
+ public ApRep() {
+ super(KrbMessageType.AP_REP, fieldInfos);
+ }
+
+ private EncAPRepPart encRepPart;
+
+ public EncAPRepPart getEncRepPart() {
+ return encRepPart;
+ }
+
+ public void setEncRepPart(EncAPRepPart encRepPart) {
+ this.encRepPart = encRepPart;
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
new file mode 100644
index 0000000..7c7cba5
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/ApReq.java
@@ -0,0 +1,70 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.common.KrbMessage;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerberos.kerb.spec.ticket.Ticket;
+
+/**
+ AP-REQ ::= [APPLICATION 14] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (14),
+ ap-options [2] APOptions,
+ ticket [3] Ticket,
+ authenticator [4] EncryptedData -- Authenticator
+ }
+ */
+public class ApReq extends KrbMessage {
+ private static int AP_OPTIONS = 2;
+ private static int TICKET = 3;
+ private static int AUTHENTICATOR = 4;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PVNO, Asn1Integer.class),
+ new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(AP_OPTIONS, ApOptions.class),
+ new Asn1FieldInfo(TICKET, Ticket.class),
+ new Asn1FieldInfo(AUTHENTICATOR, EncryptedData.class)
+ };
+
+ private Authenticator authenticator;
+
+ public ApReq() {
+ super(KrbMessageType.AP_REQ, fieldInfos);
+ }
+
+ public ApOptions getApOptions() {
+ return getFieldAs(AP_OPTIONS, ApOptions.class);
+ }
+
+ public void setApOptions(ApOptions apOptions) {
+ setFieldAs(AP_OPTIONS, apOptions);
+ }
+
+ public Ticket getTicket() {
+ return getFieldAs(TICKET, Ticket.class);
+ }
+
+ public void setTicket(Ticket ticket) {
+ setFieldAs(TICKET, ticket);
+ }
+
+ public Authenticator getAuthenticator() {
+ return authenticator;
+ }
+
+ public void setAuthenticator(Authenticator authenticator) {
+ this.authenticator = authenticator;
+ }
+
+ public EncryptedData getEncryptedAuthenticator() {
+ return getFieldAs(AUTHENTICATOR, EncryptedData.class);
+ }
+
+ public void setEncryptedAuthenticator(EncryptedData encryptedAuthenticator) {
+ setFieldAs(AUTHENTICATOR, encryptedAuthenticator);
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
new file mode 100644
index 0000000..1d7b076
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/Authenticator.java
@@ -0,0 +1,125 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerberos.kerb.spec.common.AuthorizationData;
+import org.apache.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+
+/**
+ Authenticator ::= [APPLICATION 2] SEQUENCE {
+ authenticator-vno [0] INTEGER (5),
+ crealm [1] Realm,
+ cname [2] PrincipalName,
+ cksum [3] Checksum OPTIONAL,
+ cusec [4] Microseconds,
+ ctime [5] KerberosTime,
+ subkey [6] EncryptionKey OPTIONAL,
+ seq-number [7] UInt32 OPTIONAL,
+ authorization-data [8] AuthorizationData OPTIONAL
+ }
+ */
+public class Authenticator extends KrbAppSequenceType {
+ public static int TAG = 2;
+ private static int AUTHENTICATOR_VNO = 0;
+ private static int CREALM = 1;
+ private static int CNAME = 2;
+ private static int CKSUM = 3;
+ private static int CUSEC = 4;
+ private static int CTIME = 5;
+ private static int SUBKEY = 6;
+ private static int SEQ_NUMBER = 7;
+ private static int AUTHORIZATION_DATA = 8;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AUTHENTICATOR_VNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CREALM, 1, KerberosString.class),
+ new Asn1FieldInfo(CNAME, 2, PrincipalName.class),
+ new Asn1FieldInfo(CKSUM, 3, CheckSum.class),
+ new Asn1FieldInfo(CUSEC, 4, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, 5, KerberosTime.class),
+ new Asn1FieldInfo(SUBKEY, 6, EncryptionKey.class),
+ new Asn1FieldInfo(SEQ_NUMBER, 7, Asn1Integer.class),
+ new Asn1FieldInfo(AUTHORIZATION_DATA, 8, AuthorizationData.class)
+ };
+
+ public Authenticator() {
+ super(TAG, fieldInfos);
+ }
+
+ public int getAuthenticatorVno() {
+ return getFieldAsInt(AUTHENTICATOR_VNO);
+ }
+
+ public void setAuthenticatorVno(int authenticatorVno) {
+ setFieldAsInt(AUTHENTICATOR_VNO, authenticatorVno);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String crealm) {
+ setFieldAsString(CREALM, crealm);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public CheckSum getCksum() {
+ return getFieldAs(CKSUM, CheckSum.class);
+ }
+
+ public void setCksum(CheckSum cksum) {
+ setFieldAs(CKSUM, cksum);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public EncryptionKey getSubKey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubKey(EncryptionKey subKey) {
+ setFieldAs(SUBKEY, subKey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ setFieldAs(AUTHORIZATION_DATA, authorizationData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
new file mode 100644
index 0000000..871ffc1
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ap/EncAPRepPart.java
@@ -0,0 +1,66 @@
+package org.apache.kerberos.kerb.spec.ap;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+
+/**
+ EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
+ ctime [0] KerberosTime,
+ cusec [1] Microseconds,
+ subkey [2] EncryptionKey OPTIONAL,
+ seq-number [3] UInt32 OPTIONAL
+ }
+ */
+public class EncAPRepPart extends KrbAppSequenceType {
+ public static int TAG = 27;
+ private static int CTIME = 0;
+ private static int CUSEC = 1;
+ private static int SUBKEY = 2;
+ private static int SEQ_NUMBER = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CTIME, 0, KerberosTime.class),
+ new Asn1FieldInfo(CUSEC, 1, Asn1Integer.class),
+ new Asn1FieldInfo(SUBKEY, 2, EncryptionKey.class),
+ new Asn1FieldInfo(SEQ_NUMBER, 3, Asn1Integer.class)
+ };
+
+ public EncAPRepPart() {
+ super(TAG, fieldInfos);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public EncryptionKey getSubkey() {
+ return getFieldAs(SUBKEY, EncryptionKey.class);
+ }
+
+ public void setSubkey(EncryptionKey subkey) {
+ setFieldAs(SUBKEY, subkey);
+ }
+
+ public int getSeqNumber() {
+ return getFieldAsInt(SEQ_NUMBER);
+ }
+
+ public void setSeqNumber(Integer seqNumber) {
+ setFieldAsInt(SEQ_NUMBER, seqNumber);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
new file mode 100644
index 0000000..11e8580
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AdToken.java
@@ -0,0 +1,30 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ AD-TOKEN ::= SEQUENCE {
+ token [0] OCTET STRING,
+ }
+*/
+public class AdToken extends KrbSequenceType {
+ private static int TOKEN = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN, KrbToken.class)
+ };
+
+ public AdToken() {
+ super(fieldInfos);
+ }
+
+ public KrbToken getToken() {
+ return getFieldAs(TOKEN, KrbToken.class);
+ }
+
+ public void setToken(KrbToken token) {
+ setFieldAs(TOKEN, token);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
new file mode 100644
index 0000000..88758b8
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationData.java
@@ -0,0 +1,13 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
new file mode 100644
index 0000000..216eebe
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationDataEntry.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthorizationDataEntry extends KrbSequenceType {
+ private static int AD_TYPE = 0;
+ private static int AD_DATA = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AD_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(AD_DATA, 1, Asn1OctetString.class)
+ };
+
+ public AuthorizationDataEntry() {
+ super(fieldInfos);
+ }
+
+ public AuthorizationType getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return AuthorizationType.fromValue(value);
+ }
+
+ public void setAuthzType(AuthorizationType authzType) {
+ setFieldAsInt(AD_TYPE, authzType.getValue());
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctets(AD_DATA);
+ }
+
+ public void setAuthzData(byte[] authzData) {
+ setFieldAsOctets(AD_DATA, authzData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
new file mode 100644
index 0000000..53f5588
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/AuthorizationType.java
@@ -0,0 +1,124 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum AuthorizationType implements KrbEnum {
+ /**
+ * Constant for the "null" authorization type.
+ */
+ NULL(0),
+
+ /**
+ * Constant for the "if relevant" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IF_RELEVANT(1),
+
+ /**
+ * Constant for the "intended for server" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_SERVER(2),
+
+ /**
+ * Constant for the "intended for application class" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_INTENDED_FOR_APPLICATION_CLASS(3),
+
+ /**
+ * Constant for the "kdc issued" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_KDC_ISSUED(4),
+
+ /**
+ * Constant for the "or" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_OR(5),
+
+ /**
+ * Constant for the "mandatory ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_TICKET_EXTENSIONS(6),
+
+ /**
+ * Constant for the "in ticket extensions" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_IN_TICKET_EXTENSIONS(7),
+
+ /**
+ * Constant for the "mandatory-for-kdc" authorization type.
+ *
+ * RFC 4120
+ */
+ AD_MANDATORY_FOR_KDC(8),
+
+ /**
+ * Constant for the "OSF DCE" authorization type.
+ *
+ * RFC 1510
+ */
+ OSF_DCE(64),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ SESAME(65),
+
+ /**
+ * Constant for the "OSF-DCE pki certid" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_OSF_DCE_PKI_CERTID(66),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_WIN2K_PAC(128),
+
+ /**
+ * Constant for the "sesame" authorization type.
+ *
+ * RFC 1510
+ */
+ AD_ETYPE_NEGOTIATION(129);
+
+ private final int value;
+
+ private AuthorizationType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static AuthorizationType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (AuthorizationType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
new file mode 100644
index 0000000..e50dbca
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSum.java
@@ -0,0 +1,76 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ Checksum ::= SEQUENCE {
+ cksumtype [0] Int32,
+ checksum [1] OCTET STRING
+ }
+ */
+public class CheckSum extends KrbSequenceType {
+ private static int CKSUM_TYPE = 0;
+ private static int CHECK_SUM = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CKSUM_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(CHECK_SUM, 1, Asn1OctetString.class)
+ };
+
+ public CheckSum() {
+ super(fieldInfos);
+ }
+
+ public CheckSum(CheckSumType cksumType, byte[] checksum) {
+ this();
+
+ setCksumtype(cksumType);
+ setChecksum(checksum);
+ }
+
+ public CheckSum(int cksumType, byte[] checksum) {
+ this(CheckSumType.fromValue(cksumType), checksum);
+ }
+
+ public CheckSumType getCksumtype() {
+ Integer value = getFieldAsInteger(CKSUM_TYPE);
+ return CheckSumType.fromValue(value);
+ }
+
+ public void setCksumtype(CheckSumType cksumtype) {
+ setFieldAsInt(CKSUM_TYPE, cksumtype.getValue());
+ }
+
+ public byte[] getChecksum() {
+ return getFieldAsOctets(CHECK_SUM);
+ }
+
+ public void setChecksum(byte[] checksum) {
+ setFieldAsOctets(CHECK_SUM, checksum);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) return true;
+ if (other == null || getClass() != other.getClass()) return false;
+
+ CheckSum that = (CheckSum) other;
+
+ if (getCksumtype() != that.getCksumtype()) return false;
+
+ return Arrays.equals(getChecksum(), that.getChecksum());
+ }
+
+ public boolean isEqual(CheckSum other) {
+ return this.equals(other);
+ }
+
+ public boolean isEqual(byte[] cksumBytes) {
+ return Arrays.equals(getChecksum(), cksumBytes);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
new file mode 100644
index 0000000..0dc7a4f
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/CheckSumType.java
@@ -0,0 +1,96 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum CheckSumType implements KrbEnum {
+ NONE(0, "none", "None checksum type"),
+
+ CRC32(0x0001, "crc32", "CRC-32"),
+
+ RSA_MD4(0x0002, "md4", "RSA-MD4"),
+
+ RSA_MD4_DES(0x0003, "md4-des", "RSA-MD4 with DES cbc mode"),
+
+ DES_CBC(0x0004, "des-cbc", "DES cbc mode"),
+ DES_MAC(0x0004, "des-mac", "DES cbc mode"),
+
+ //des-mac-k
+
+ //rsa-md4-des-k
+
+ RSA_MD5(0x0007, "md5", "RSA-MD5"),
+
+ RSA_MD5_DES(0x0008, "md5-des", "RSA-MD5 with DES cbc mode"),
+
+ NIST_SHA(0x0009, "sha", "NIST-SHA"),
+
+ HMAC_SHA1_DES3(0x000c, "hmac-sha1-des3", "HMAC-SHA1 DES3 key"),
+ HMAC_SHA1_DES3_KD(0x000c, "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key"),
+
+ ////RFC 3962. Used with ENCTYPE_AES128_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES128(0x000f, "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key"),
+
+ //RFC 3962. Used with ENCTYPE_AES256_CTS_HMAC_SHA1_96
+ HMAC_SHA1_96_AES256(0x0010, "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA128(0x0011, "cmac-camellia128", "CMAC Camellia128 key"),
+
+ //RFC 6803
+ CMAC_CAMELLIA256(0x0012, "cmac-camellia256", "CMAC Camellia256 key"),
+
+ //Microsoft netlogon cksumtype
+ MD5_HMAC_ARCFOUR(-137, "md5-hmac-rc4", "Microsoft MD5 HMAC"),
+
+ //Microsoft md5 hmac cksumtype
+ HMAC_MD5_ARCFOUR(-138, "hmac-md5-arcfour", "Microsoft HMAC MD5"),
+ HMAC_MD5_ENC(-138, "hmac-md5-enc", "Microsoft HMAC MD5"),
+ HMAC_MD5_RC4(-138, "hmac-md5-rc4", "Microsoft HMAC MD5");
+
+ private final int value;
+
+ private final String name;
+
+ private final String displayName;
+
+ private CheckSumType(int value, String name, String displayName) {
+ this.value = value;
+ this.name = name;
+ this.displayName = displayName;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public static CheckSumType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (CheckSumType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ public static CheckSumType fromName(String name) {
+ if (name != null) {
+ for (CheckSumType cs : values()) {
+ if (cs.getName() == name) {
+ return (CheckSumType) cs;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
new file mode 100644
index 0000000..27361fc
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptedData.java
@@ -0,0 +1,77 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptedData ::= SEQUENCE {
+ etype [0] Int32 -- EncryptionType --,
+ kvno [1] UInt32 OPTIONAL,
+ cipher [2] OCTET STRING -- ciphertext
+ }
+ */
+public class EncryptedData extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int KVNO = 1;
+ private static int CIPHER = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(KVNO, 1, Asn1Integer.class),
+ new Asn1FieldInfo(CIPHER, 2, Asn1OctetString.class)
+ };
+
+ public EncryptedData() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEType() {
+ Integer value = getFieldAsInteger(ETYPE);
+ return EncryptionType.fromValue(value);
+ }
+
+ public void setEType(EncryptionType eType) {
+ setFieldAsInt(ETYPE, eType.getValue());
+ }
+
+ public int getKvno() {
+ Integer value = getFieldAsInteger(KVNO);
+ if (value != null) {
+ return value.intValue();
+ }
+ return -1;
+ }
+
+ public void setKvno(int kvno) {
+ setFieldAsInt(KVNO, kvno);
+ }
+
+ public byte[] getCipher() {
+ return getFieldAsOctets(CIPHER);
+ }
+
+ public void setCipher(byte[] cipher) {
+ setFieldAsOctets(CIPHER, cipher);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ EncryptedData that = (EncryptedData) o;
+
+ /*
+ if (getKvno() != -1 && that.getKvno() != -1 &&
+ getKvno() != that.getKvno()) return false;
+ */
+
+ if (getEType() != that.getEType()) return false;
+
+ return Arrays.equals(getCipher(), that.getCipher());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
new file mode 100644
index 0000000..4e1e440
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionKey.java
@@ -0,0 +1,88 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptionKey ::= SEQUENCE {
+ keytype [0] Int32 -- actually encryption type --,
+ keyvalue [1] OCTET STRING
+ }
+ */
+public class EncryptionKey extends KrbSequenceType {
+ private static int KEY_TYPE = 0;
+ private static int KEY_VALUE = 1;
+
+ private int kvno = -1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(KEY_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(KEY_VALUE, 1, Asn1OctetString.class)
+ };
+
+ public EncryptionKey() {
+ super(fieldInfos);
+ }
+
+ public EncryptionKey(int keyType, byte[] keyData) {
+ this(keyType, keyData, -1);
+ }
+
+ public EncryptionKey(int keyType, byte[] keyData, int kvno) {
+ this(EncryptionType.fromValue(keyType), keyData, kvno);
+ }
+
+ public EncryptionKey(EncryptionType keyType, byte[] keyData) {
+ this(keyType, keyData, -1);
+ }
+
+ public EncryptionKey(EncryptionType keyType, byte[] keyData, int kvno) {
+ this();
+ setKeyType(keyType);
+ setKeyData(keyData);
+ setKvno(kvno);
+ }
+
+ public EncryptionType getKeyType() {
+ Integer value = getFieldAsInteger(KEY_TYPE);
+ return EncryptionType.fromValue(value);
+ }
+
+ public void setKeyType(EncryptionType keyType) {
+ setFieldAsInt(KEY_TYPE, keyType.getValue());
+ }
+
+ public byte[] getKeyData() {
+ return getFieldAsOctets(KEY_VALUE);
+ }
+
+ public void setKeyData(byte[] keyData) {
+ setFieldAsOctets(KEY_VALUE, keyData);
+ }
+
+ public void setKvno(int kvno) {
+ this.kvno = kvno;
+ }
+
+ public int getKvno() {
+ return kvno;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ EncryptionKey that = (EncryptionKey) o;
+
+ if (kvno != -1 && that.kvno != -1 && kvno != that.kvno) return false;
+
+ if (getKeyType() != that.getKeyType()) return false;
+
+ return Arrays.equals(getKeyData(), that.getKeyData());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
new file mode 100644
index 0000000..f50b05b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EncryptionType.java
@@ -0,0 +1,113 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * According to krb5.hin
+ */
+public enum EncryptionType implements KrbEnum {
+
+ NONE(0, "none", "None encryption type"),
+
+ DES_CBC_CRC(0x0001, "des-cbc-crc", "DES cbc mode with CRC-32"),
+
+ DES_CBC_MD4(0x0002, "des-cbc-md4", "DES cbc mode with RSA-MD4"),
+
+ DES_CBC_MD5(0x0003, "des-cbc-md5", "DES cbc mode with RSA-MD5"),
+ DES(0x0003, "des", "DES cbc mode with RSA-MD5"),
+
+ DES_CBC_RAW(0x0004, "des-cbc-raw", "DES cbc mode raw"),
+
+ DES3_CBC_SHA(0x0005, "des3-cbc-sha", "DES-3 cbc with SHA1"),
+
+ DES3_CBC_RAW(0x0006, "des3-cbc-raw", "Triple DES cbc mode raw"),
+
+ DES_HMAC_SHA1(0x0008, "des-hmac-sha1", "DES with HMAC/sha1"),
+
+ DSA_SHA1_CMS(0x0009, "dsa-sha1-cms", "DSA with SHA1, CMS signature"),
+
+ MD5_RSA_CMS(0x000a, "md5-rsa-cms", "MD5 with RSA, CMS signature"),
+
+ SHA1_RSA_CMS(0x000b, "sha1-rsa-cms", "SHA1 with RSA, CMS signature"),
+
+ RC2_CBC_ENV(0x000c, "rc2-cbc-env", "RC2 cbc mode, CMS enveloped data"),
+
+ RSA_ENV(0x000d, "rsa-env", "RSA encryption, CMS enveloped data"),
+
+ RSA_ES_OAEP_ENV(0x000e, "rsa-es-oaep-env", "RSA w/OEAP encryption, CMS enveloped data"),
+
+ DES3_CBC_ENV(0x000f, "des3-cbc-env", "DES-3 cbc mode, CMS enveloped data"),
+
+ DES3_CBC_SHA1(0x0010, "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1"),
+ DES3_HMAC_SHA1(0x0010, "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1"),
+ DES3_CBC_SHA1_KD(0x0010, "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1"),
+
+ AES128_CTS_HMAC_SHA1_96 (0x0011, "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+ AES128_CTS (0x0011, "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+
+ AES256_CTS_HMAC_SHA1_96(0x0012, "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+ AES256_CTS(0x0012, "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+
+ ARCFOUR_HMAC(0x0017, "arcfour-hmac", "ArcFour with HMAC/md5"),
+ RC4_HMAC(0x0017, "rc4-hmac", "ArcFour with HMAC/md5"),
+ ARCFOUR_HMAC_MD5(0x0017, "arcfour-hmac-md5", "ArcFour with HMAC/md5"),
+
+ ARCFOUR_HMAC_EXP(0x0018, "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+ RC4_HMAC_EXP(0x0018, "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+ ARCFOUR_HMAC_MD5_EXP(0x0018, "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5"),
+
+ CAMELLIA128_CTS_CMAC(0x0019, "camellia128-cts-cmac", "Camellia-128 CTS mode with CMAC"),
+ CAMELLIA128_CTS(0x0019, "camellia128-cts", "Camellia-128 CTS mode with CMAC"),
+
+ CAMELLIA256_CTS_CMAC(0x001a, "camellia256-cts-cmac", "Camellia-256 CTS mode with CMAC"),
+ CAMELLIA256_CTS(0x001a, "camellia256-cts", "Camellia-256 CTS mode with CMAC");
+
+ //UNKNOWN(0x01ff, "UNKNOWN", "Unknown encryption type");
+
+ private final int value;
+
+ private final String name;
+
+ private final String displayName;
+
+ private EncryptionType(int value, String name, String displayName) {
+ this.value = value;
+ this.name = name;
+ this.displayName = displayName;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public static EncryptionType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (EncryptionType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+
+ public static EncryptionType fromName(String name) {
+ if (name != null) {
+ for (EncryptionType e : values()) {
+ if (e.getName() == name) {
+ return (EncryptionType) e;
+ }
+ }
+ }
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
new file mode 100644
index 0000000..c7b1eaf
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY
+ */
+public class EtypeInfo extends KrbSequenceOfType<EtypeInfoEntry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
new file mode 100644
index 0000000..59d9a3b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO2 ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY
+ */
+public class EtypeInfo2 extends KrbSequenceOfType<EtypeInfo2Entry> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
new file mode 100644
index 0000000..883abf8
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfo2Entry.java
@@ -0,0 +1,54 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO2-ENTRY ::= SEQUENCE {
+ etype [0] Int32,
+ salt [1] KerberosString OPTIONAL,
+ s2kparams [2] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfo2Entry extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int SALT = 1;
+ private static int S2KPARAMS = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(SALT, 1, KerberosString.class),
+ new Asn1FieldInfo(S2KPARAMS, 2, Asn1OctetString.class)
+ };
+
+ public EtypeInfo2Entry() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEtype() {
+ return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+ }
+
+ public void setEtype(EncryptionType etype) {
+ setField(ETYPE, etype);
+ }
+
+ public String getSalt() {
+ return getFieldAsString(SALT);
+ }
+
+ public void setSalt(String salt) {
+ setFieldAsString(SALT, salt);
+ }
+
+ public byte[] getS2kParams() {
+ return getFieldAsOctets(S2KPARAMS);
+ }
+
+ public void setS2kParams(byte[] s2kParams) {
+ setFieldAsOctets(S2KPARAMS, s2kParams);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
new file mode 100644
index 0000000..836db12
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/EtypeInfoEntry.java
@@ -0,0 +1,42 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO-ENTRY ::= SEQUENCE {
+ etype [0] Int32,
+ salt [1] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfoEntry extends KrbSequenceType {
+ private static int ETYPE = 0;
+ private static int SALT = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(SALT, 1, Asn1OctetString.class)
+ };
+
+ public EtypeInfoEntry() {
+ super(fieldInfos);
+ }
+
+ public EncryptionType getEtype() {
+ return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+ }
+
+ public void setEtype(EncryptionType etype) {
+ setField(ETYPE, etype);
+ }
+
+ public byte[] getSalt() {
+ return getFieldAsOctets(SALT);
+ }
+
+ public void setSalt(byte[] salt) {
+ setFieldAsOctets(SALT, salt);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
new file mode 100644
index 0000000..cb49a94
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddrType.java
@@ -0,0 +1,81 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum HostAddrType implements KrbEnum {
+ /**
+ * Constant for the "null" host address type.
+ */
+ NULL(0),
+
+ /**
+ * Constant for the "Internet" host address type.
+ */
+ ADDRTYPE_INET(2),
+
+ /**
+ * Constant for the "Arpanet" host address type.
+ */
+ ADDRTYPE_IMPLINK(3),
+
+ /**
+ * Constant for the "CHAOS" host address type.
+ */
+ ADDRTYPE_CHAOS(5),
+
+ /**
+ * Constant for the "XEROX Network Services" host address type.
+ */
+ ADDRTYPE_XNS(6),
+
+ /**
+ * Constant for the "OSI" host address type.
+ */
+ ADDRTYPE_OSI(7),
+
+ /**
+ * Constant for the "DECnet" host address type.
+ */
+ ADDRTYPE_DECNET(12),
+
+ /**
+ * Constant for the "AppleTalk" host address type.
+ */
+ ADDRTYPE_APPLETALK(16),
+
+ /**
+ * Constant for the "NetBios" host address type.
+ *
+ * Not in RFC
+ */
+ ADDRTYPE_NETBIOS(20),
+
+ /**
+ * Constant for the "Internet Protocol V6" host address type.
+ */
+ ADDRTYPE_INET6(24);
+
+
+ private final int value;
+
+ private HostAddrType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static HostAddrType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (HostAddrType) e;
+ }
+ }
+ }
+
+ return NULL;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
new file mode 100644
index 0000000..5c44e04
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddress.java
@@ -0,0 +1,90 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+import java.net.InetAddress;
+import java.util.Arrays;
+
+/*
+HostAddress ::= SEQUENCE {
+ addr-type [0] Int32,
+ address [1] OCTET STRING
+}
+ */
+public class HostAddress extends KrbSequenceType {
+ private static int ADDR_TYPE = 0;
+ private static int ADDRESS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ADDR_TYPE, 0, Asn1Integer.class),
+ new Asn1FieldInfo(ADDRESS, 1, Asn1OctetString.class)
+ };
+
+ public HostAddress() {
+ super(fieldInfos);
+ }
+
+ public HostAddress(InetAddress inetAddress) {
+ this();
+
+ setAddrType(HostAddrType.ADDRTYPE_INET);
+ setAddress(inetAddress.getAddress());
+ }
+
+ public HostAddrType getAddrType() {
+ Integer value = getFieldAsInteger(ADDR_TYPE);
+ return HostAddrType.fromValue(value);
+ }
+
+ public void setAddrType(HostAddrType addrType) {
+ setField(ADDR_TYPE, addrType);
+ }
+
+ public byte[] getAddress() {
+ return getFieldAsOctets(ADDRESS);
+ }
+
+ public void setAddress(byte[] address) {
+ setFieldAsOctets(ADDRESS, address);
+ }
+
+ public boolean equalsWith(InetAddress address) {
+ if (address == null) {
+ return false;
+ }
+ HostAddress that = new HostAddress(address);
+ return that.equals(this);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (other == null) {
+ return false;
+ }
+ if (other == this) {
+ return true;
+ } else if (! (other instanceof HostAddress)) {
+ return false;
+ }
+
+ HostAddress that = (HostAddress) other;
+ if (getAddrType() == that.getAddrType() &&
+ Arrays.equals(getAddress(), that.getAddress())) {
+ return true;
+ }
+ return false;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = getAddrType().getValue();
+ if (getAddress() != null) {
+ result = 31 * result + getAddress().hashCode();
+ }
+
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
new file mode 100644
index 0000000..fef9283
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/common/HostAddresses.java
@@ -0,0 +1,24 @@
+package org.apache.kerberos.kerb.spec.common;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+import java.net.InetAddress;
+
+/**
+ -- NOTE: HostAddresses is always used as an OPTIONAL field and
+ -- should not be empty.
+ HostAddresses -- NOTE: subtly different from rfc1510,
+ -- but has a value mapping and encodes the same
+ ::= SEQUENCE OF HostAddress
+ */
+public class HostAddresses extends KrbSequenceOfType<HostAddress> {
+
+ public boolean contains(InetAddress address) {
+ for (HostAddress hostAddress : getElements()) {
+ if (hostAddress.equalsWith(address)) {
+ return true;
+ }
+ }
+ return false;
+ }
+}