You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/12 14:06:31 UTC
[23/50] [abbrv] directory-kerberos git commit: Renaming packages in
haox-kerb projects, using "apache"
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
new file mode 100644
index 0000000..1f85fb9
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaAuthenticationSetElem.java
@@ -0,0 +1,55 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-AUTHENTICATION-SET-ELEM ::= SEQUENCE {
+ pa-type [0] Int32,
+ -- same as padata-type.
+ pa-hint [1] OCTET STRING OPTIONAL,
+ pa-value [2] OCTET STRING OPTIONAL
+ }
+ */
+public class PaAuthenticationSetElem extends KrbSequenceType {
+ private static int PA_TYPE = 0;
+ private static int PA_HINT = 1;
+ private static int PA_VALUE = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PA_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_HINT, Asn1OctetString.class),
+ new Asn1FieldInfo(PA_VALUE, Asn1OctetString.class)
+ };
+
+ public PaAuthenticationSetElem() {
+ super(fieldInfos);
+ }
+
+ public PaDataType getPaType() {
+ Integer value = getFieldAsInteger(PA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaType(PaDataType paDataType) {
+ setFieldAsInt(PA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaHint() {
+ return getFieldAsOctets(PA_HINT);
+ }
+
+ public void setPaHint(byte[] paHint) {
+ setFieldAsOctets(PA_HINT, paHint);
+ }
+
+ public byte[] getPaValue() {
+ return getFieldAsOctets(PA_VALUE);
+ }
+
+ public void setPaValue(byte[] paDataValue) {
+ setFieldAsOctets(PA_VALUE, paDataValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
new file mode 100644
index 0000000..5e803a0
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaData.java
@@ -0,0 +1,22 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ PA-DATA ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ padata-type [1] Int32,
+ padata-value [2] OCTET STRING -- might be encoded AP-REQ
+ }
+ */
+public class PaData extends KrbSequenceOfType<PaDataEntry> {
+
+ public PaDataEntry findEntry(PaDataType paType) {
+ for (PaDataEntry pae : getElements()) {
+ if (pae.getPaDataType() == paType) {
+ return pae;
+ }
+ }
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
new file mode 100644
index 0000000..1c3c0ee
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataEntry.java
@@ -0,0 +1,50 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-DATA ::= SEQUENCE {
+ -- NOTE: first tag is [1], not [0]
+ padata-type [1] Int32,
+ padata-value [2] OCTET STRING -- might be encoded AP-REQ
+ }
+ */
+public class PaDataEntry extends KrbSequenceType {
+ private static int PADATA_TYPE = 0;
+ private static int PADATA_VALUE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PADATA_TYPE, 1, Asn1Integer.class),
+ new Asn1FieldInfo(PADATA_VALUE, 2, Asn1OctetString.class)
+ };
+
+ public PaDataEntry() {
+ super(fieldInfos);
+ }
+
+ public PaDataEntry(PaDataType type, byte[] paData) {
+ this();
+ setPaDataType(type);
+ setPaDataValue(paData);
+ }
+
+ public PaDataType getPaDataType() {
+ Integer value = getFieldAsInteger(PADATA_TYPE);
+ return PaDataType.fromValue(value);
+ }
+
+ public void setPaDataType(PaDataType paDataType) {
+ setFieldAsInt(PADATA_TYPE, paDataType.getValue());
+ }
+
+ public byte[] getPaDataValue() {
+ return getFieldAsOctets(PADATA_VALUE);
+ }
+
+ public void setPaDataValue(byte[] paDataValue) {
+ setFieldAsOctets(PADATA_VALUE, paDataValue);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
new file mode 100644
index 0000000..de577cd
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaDataType.java
@@ -0,0 +1,73 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * From krb5.h
+ */
+public enum PaDataType implements KrbEnum {
+ NONE (0),
+ TGS_REQ (1),
+ AP_REQ (1),
+ ENC_TIMESTAMP (2), // RFC 4120
+ PW_SALT (3), // RFC 4120
+ ENC_ENCKEY (4), // Key encrypted within itself
+ ENC_UNIX_TIME (5), // timestamp encrypted in key. RFC 4120
+ ENC_SANDIA_SECURID (6), // SecurId passcode. RFC 4120
+ SESAME (7), // Sesame project. RFC 4120
+ OSF_DCE (8), // OSF DCE. RFC 4120
+ CYBERSAFE_SECUREID (9), // Cybersafe. RFC 4120
+ AFS3_SALT (10), // Cygnus. RFC 4120, 3961
+ ETYPE_INFO (11), // Etype info for preauth. RFC 4120
+ SAM_CHALLENGE (12), // SAM/OTP
+ SAM_RESPONSE (13), // SAM/OTP
+ PK_AS_REQ (16), // PKINIT. RFC 4556
+ PK_AS_REP (17), // PKINIT. RFC 4556
+ ETYPE_INFO2 (19), // RFC 4120
+ USE_SPECIFIED_KVNO (20), // RFC 4120
+ SVR_REFERRAL_INFO (20), // Windows 2000 referrals. RFC 6820
+ SAM_REDIRECT (21), // SAM/OTP. RFC 4120
+ GET_FROM_TYPED_DATA (22), // Embedded in typed data. RFC 4120
+ REFERRAL (25), // draft referral system
+ SAM_CHALLENGE_2 (30), // draft challenge system, updated
+ SAM_RESPONSE_2 (31), // draft challenge system, updated
+ /* MS-KILE */
+ PAC_REQUEST (128), // include Windows PAC
+ FOR_USER (129), // username protocol transition request
+ S4U_X509_USER (130), // certificate protocol transition request
+ AS_CHECKSUM (132), // AS checksum
+ FX_COOKIE (133), // RFC 6113
+ FX_FAST (136), // RFC 6113
+ FX_ERROR (137), // RFC 6113
+ ENCRYPTED_CHALLENGE (138), // RFC 6113
+ OTP_CHALLENGE (141), // RFC 6560 section 4.1
+ OTP_REQUEST (142), // RFC 6560 section 4.2
+ OTP_PIN_CHANGE (144), // RFC 6560 section 4.3
+ PKINIT_KX (147), // RFC 6112
+ ENCPADATA_REQ_ENC_PA_REP (149), // RFC 6806
+ TOKEN_REQUEST (148), // TokenPreauth
+ TOKEN_CHALLENGE (149);
+
+ private final int value;
+
+ private PaDataType(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static PaDataType fromValue(Integer value) {
+ if (value != null) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value.intValue()) {
+ return (PaDataType) e;
+ }
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
new file mode 100644
index 0000000..5fbe669
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/PaEncTsEnc.java
@@ -0,0 +1,47 @@
+package org.apache.kerberos.kerb.spec.pa;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-ENC-TS-ENC ::= SEQUENCE {
+ patimestamp [0] KerberosTime -- client's time --,
+ pausec [1] Microseconds OPTIONAL
+ }
+ */
+public class PaEncTsEnc extends KrbSequenceType {
+ private static int PATIMESTAMP = 0;
+ private static int PAUSEC = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PATIMESTAMP, 1, KerberosTime.class),
+ new Asn1FieldInfo(PAUSEC, 2, Asn1Integer.class)
+ };
+
+ public PaEncTsEnc() {
+ super(fieldInfos);
+ }
+
+ public KerberosTime getPaTimestamp() {
+ return getFieldAsTime(PATIMESTAMP);
+ }
+
+ public void setPaTimestamp(KerberosTime paTimestamp) {
+ setFieldAs(PATIMESTAMP, paTimestamp);
+ }
+
+ public int getPaUsec() {
+ return getFieldAsInt(PAUSEC);
+ }
+
+ public void setPaUsec(int paUsec) {
+ setFieldAsInt(PAUSEC, paUsec);
+ }
+
+ public KerberosTime getAllTime() {
+ KerberosTime paTimestamp = getPaTimestamp();
+ return paTimestamp.extend(getPaUsec() / 1000);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
new file mode 100644
index 0000000..03626a1
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/OtpTokenInfo.java
@@ -0,0 +1,50 @@
+package org.apache.kerberos.kerb.spec.pa.otp;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.haox.asn1.type.Asn1Utf8String;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.pa.pkinit.AlgorithmIdentifiers;
+
+/**
+ OTP-TOKENINFO ::= SEQUENCE {
+ flags [0] OTPFlags,
+ otp-vendor [1] UTF8String OPTIONAL,
+ otp-challenge [2] OCTET STRING (SIZE(1..MAX)) OPTIONAL,
+ otp-length [3] Int32 OPTIONAL,
+ otp-format [4] OTPFormat OPTIONAL,
+ otp-tokenID [5] OCTET STRING OPTIONAL,
+ otp-algID [6] AnyURI OPTIONAL,
+ supportedHashAlg [7] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ iterationCount [8] Int32 OPTIONAL
+ }
+ */
+public class OtpTokenInfo extends KrbSequenceType {
+ private static int FLAGS = 0;
+ private static int OTP_VENDOR = 1;
+ private static int OTP_CHALLENGE = 2;
+ private static int OTP_LENGTH = 3;
+ private static int OTP_FORMAT = 4;
+ private static int OTP_TOKEN_ID = 5;
+ private static int OTP_ALG_ID = 6;
+ private static int SUPPORTED_HASH_ALG = 7;
+ private static int ITERATION_COUNT = 8;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_VENDOR, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_CHALLENGE, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_LENGTH, KerberosString.class),
+ new Asn1FieldInfo(OTP_FORMAT, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_TOKEN_ID, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_ALG_ID, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SUPPORTED_HASH_ALG, AlgorithmIdentifiers.class),
+ new Asn1FieldInfo(ITERATION_COUNT, Asn1Integer.class, true)
+ };
+
+ public OtpTokenInfo() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
new file mode 100644
index 0000000..bbf48d3
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/otp/PaOtpChallenge.java
@@ -0,0 +1,36 @@
+package org.apache.kerberos.kerb.spec.pa.otp;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.haox.asn1.type.Asn1Utf8String;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-OTP-CHALLENGE ::= SEQUENCE {
+ nonce [0] OCTET STRING,
+ otp-service [1] UTF8String OPTIONAL,
+ otp-tokenInfo [2] SEQUENCE (SIZE(1..MAX)) OF OTP-TOKENINFO,
+ salt [3] KerberosString OPTIONAL,
+ s2kparams [4] OCTET STRING OPTIONAL,
+ }
+ */
+public class PaOtpChallenge extends KrbSequenceType {
+ private static int NONCE = 0;
+ private static int OTP_SERVICE = 1;
+ private static int OTP_TOKEN_INFO = 2;
+ private static int SALT = 3;
+ private static int S2KPARAMS = 4;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(NONCE, Asn1OctetString.class, true),
+ new Asn1FieldInfo(OTP_SERVICE, Asn1Utf8String.class),
+ new Asn1FieldInfo(OTP_TOKEN_INFO, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SALT, KerberosString.class),
+ new Asn1FieldInfo(S2KPARAMS, Asn1OctetString.class, true)
+ };
+
+ public PaOtpChallenge() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
new file mode 100644
index 0000000..5c9f215
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AdInitialVerifiedCas.java
@@ -0,0 +1,9 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ * AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier
+ */
+public class AdInitialVerifiedCas extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
new file mode 100644
index 0000000..ccc7fde
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AlgorithmIdentifiers.java
@@ -0,0 +1,11 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+import org.apache.kerberos.kerb.spec.x509.AlgorithmIdentifier;
+
+/**
+ trustedCertifiers SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ */
+public class AlgorithmIdentifiers extends KrbSequenceOfType<AlgorithmIdentifier> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
new file mode 100644
index 0000000..249edee
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/AuthPack.java
@@ -0,0 +1,63 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.x509.SubjectPublicKeyInfo;
+
+/**
+ AuthPack ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
+ supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ clientDHNonce [3] DHNonce OPTIONAL
+ }
+ */
+public class AuthPack extends KrbSequenceType {
+ private static int PK_AUTHENTICATOR = 0;
+ private static int CLIENT_PUBLIC_VALUE = 1;
+ private static int SUPPORTED_CMS_TYPES = 2;
+ private static int CLIENT_DH_NONCE = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(PK_AUTHENTICATOR, PkAuthenticator.class),
+ new Asn1FieldInfo(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class),
+ new Asn1FieldInfo(SUPPORTED_CMS_TYPES, AlgorithmIdentifiers.class),
+ new Asn1FieldInfo(CLIENT_DH_NONCE, DHNonce.class)
+ };
+
+ public AuthPack() {
+ super(fieldInfos);
+ }
+
+ public PkAuthenticator getPkAuthenticator() {
+ return getFieldAs(PK_AUTHENTICATOR, PkAuthenticator.class);
+ }
+
+ public void setPkAuthenticator(PkAuthenticator pkAuthenticator) {
+ setFieldAs(PK_AUTHENTICATOR, pkAuthenticator);
+ }
+
+ public SubjectPublicKeyInfo getClientPublicValue() {
+ return getFieldAs(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class);
+ }
+
+ public void setClientPublicValue(SubjectPublicKeyInfo clientPublicValue) {
+ setFieldAs(CLIENT_PUBLIC_VALUE, clientPublicValue);
+ }
+
+ public AlgorithmIdentifiers getsupportedCmsTypes() {
+ return getFieldAs(CLIENT_DH_NONCE, AlgorithmIdentifiers.class);
+ }
+
+ public void setsupportedCmsTypes(AlgorithmIdentifiers supportedCMSTypes) {
+ setFieldAs(CLIENT_DH_NONCE, supportedCMSTypes);
+ }
+
+ public DHNonce getClientDhNonce() {
+ return getFieldAs(CLIENT_DH_NONCE, DHNonce.class);
+ }
+
+ public void setClientDhNonce(DHNonce dhNonce) {
+ setFieldAs(CLIENT_DH_NONCE, dhNonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
new file mode 100644
index 0000000..7d8493a
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHNonce.java
@@ -0,0 +1,9 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1OctetString;
+
+/**
+ * DHNonce ::= OCTET STRING
+ */
+public class DHNonce extends Asn1OctetString {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
new file mode 100644
index 0000000..74e8513
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/DHRepInfo.java
@@ -0,0 +1,41 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ DHRepInfo ::= SEQUENCE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ serverDHNonce [1] DHNonce OPTIONAL
+ }
+ */
+public class DHRepInfo extends KrbSequenceType {
+ private static int DH_SIGNED_DATA = 0;
+ private static int SERVER_DH_NONCE = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(DH_SIGNED_DATA, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SERVER_DH_NONCE, DHNonce.class)
+ };
+
+ public DHRepInfo() {
+ super(fieldInfos);
+ }
+
+ public byte[] getDHSignedData() {
+ return getFieldAsOctets(DH_SIGNED_DATA);
+ }
+
+ public void setDHSignedData(byte[] dhSignedData) {
+ setFieldAsOctets(DH_SIGNED_DATA, dhSignedData);
+ }
+
+ public DHNonce getServerDhNonce() {
+ return getFieldAs(SERVER_DH_NONCE, DHNonce.class);
+ }
+
+ public void setServerDhNonce(DHNonce dhNonce) {
+ setFieldAs(SERVER_DH_NONCE, dhNonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
new file mode 100644
index 0000000..b05294b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ExternalPrincipalIdentifier.java
@@ -0,0 +1,52 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ExternalPrincipalIdentifier ::= SEQUENCE {
+ subjectName [0] IMPLICIT OCTET STRING OPTIONAL,
+ issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL,
+ subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL
+ }
+ */
+public class ExternalPrincipalIdentifier extends KrbSequenceType {
+ private static int SUBJECT_NAME = 0;
+ private static int ISSUER_AND_SERIAL_NUMBER = 1;
+ private static int SUBJECT_KEY_IDENTIFIER = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SUBJECT_NAME, Asn1OctetString.class, true),
+ new Asn1FieldInfo(ISSUER_AND_SERIAL_NUMBER, Asn1OctetString.class, true),
+ new Asn1FieldInfo(SUBJECT_KEY_IDENTIFIER, Asn1OctetString.class, true)
+ };
+
+ public ExternalPrincipalIdentifier() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSubjectName() {
+ return getFieldAsOctets(SUBJECT_NAME);
+ }
+
+ public void setSubjectName(byte[] subjectName) {
+ setFieldAsOctets(SUBJECT_NAME, subjectName);
+ }
+
+ public byte[] getIssuerSerialNumber() {
+ return getFieldAsOctets(ISSUER_AND_SERIAL_NUMBER);
+ }
+
+ public void setIssuerSerialNumber(byte[] issuerSerialNumber) {
+ setFieldAsOctets(ISSUER_AND_SERIAL_NUMBER, issuerSerialNumber);
+ }
+
+ public byte[] getSubjectKeyIdentifier() {
+ return getFieldAsOctets(SUBJECT_KEY_IDENTIFIER);
+ }
+
+ public void setSubjectKeyIdentifier(byte[] subjectKeyIdentifier) {
+ setFieldAsOctets(SUBJECT_KEY_IDENTIFIER, subjectKeyIdentifier);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
new file mode 100644
index 0000000..537fd6a
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/KdcDHKeyInfo.java
@@ -0,0 +1,46 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1BitString;
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ KDCDHKeyInfo ::= SEQUENCE {
+ subjectPublicKey [0] BIT STRING,
+ nonce [1] INTEGER (0..4294967295),
+ dhKeyExpiration [2] KerberosTime OPTIONAL,
+ }
+ */
+public class KdcDHKeyInfo extends KrbSequenceType {
+ private static int SUBJECT_PUBLICK_KEY = 0;
+ private static int NONCE = 1;
+ private static int DH_KEY_EXPIRATION = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SUBJECT_PUBLICK_KEY, Asn1BitString.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(DH_KEY_EXPIRATION, KerberosTime.class)
+ };
+
+ public KdcDHKeyInfo() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSubjectPublicKey() {
+ return getFieldAsOctets(SUBJECT_PUBLICK_KEY);
+ }
+
+ public void setSubjectPublicKey(byte[] subjectPublicKey) {
+ setFieldAsOctets(SUBJECT_PUBLICK_KEY, subjectPublicKey);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
new file mode 100644
index 0000000..d8e451f
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/Krb5PrincipalName.java
@@ -0,0 +1,42 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerberos.kerb.spec.common.Realm;
+
+/**
+ KRB5PrincipalName ::= SEQUENCE {
+ realm [0] Realm,
+ principalName [1] PrincipalName
+ }
+ */
+public class Krb5PrincipalName extends KrbSequenceType {
+ private static int REALM = 0;
+ private static int PRINCIPAL_NAME = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(REALM, Realm.class),
+ new Asn1FieldInfo(PRINCIPAL_NAME, PrincipalName.class)
+ };
+
+ public Krb5PrincipalName() {
+ super(fieldInfos);
+ }
+
+ public String getRelm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAsString(REALM, realm);
+ }
+
+ public PrincipalName getPrincipalName() {
+ return getFieldAs(PRINCIPAL_NAME, PrincipalName.class);
+ }
+
+ public void setPrincipalName(PrincipalName principalName) {
+ setFieldAs(PRINCIPAL_NAME, principalName);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
new file mode 100644
index 0000000..50a257b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsRep.java
@@ -0,0 +1,41 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1Choice;
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+
+/**
+ PA-PK-AS-REP ::= CHOICE {
+ dhInfo [0] DHRepInfo,
+ encKeyPack [1] IMPLICIT OCTET STRING,
+ }
+ */
+public class PaPkAsRep extends Asn1Choice {
+ private static int DH_INFO = 0;
+ private static int ENCKEY_PACK = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(DH_INFO, DHRepInfo.class),
+ new Asn1FieldInfo(ENCKEY_PACK, Asn1OctetString.class, true)
+ };
+
+ public PaPkAsRep() {
+ super(fieldInfos);
+ }
+
+ public DHRepInfo getDHRepInfo() {
+ return getFieldAs(DH_INFO, DHRepInfo.class);
+ }
+
+ public void setDHRepInfo(DHRepInfo dhRepInfo) {
+ setFieldAs(DH_INFO, dhRepInfo);
+ }
+
+ public byte[] getEncKeyPack() {
+ return getFieldAsOctets(ENCKEY_PACK);
+ }
+
+ public void setEncKeyPack(byte[] encKeyPack) {
+ setFieldAsOctets(ENCKEY_PACK, encKeyPack);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
new file mode 100644
index 0000000..81073ae
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PaPkAsReq.java
@@ -0,0 +1,52 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-PK-AS-REQ ::= SEQUENCE {
+ signedAuthPack [0] IMPLICIT OCTET STRING,
+ trustedCertifiers [1] SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
+ kdcPkId [2] IMPLICIT OCTET STRING OPTIONAL
+ }
+ */
+public class PaPkAsReq extends KrbSequenceType {
+ private static int SIGNED_AUTH_PACK = 0;
+ private static int TRUSTED_CERTIFIERS = 1;
+ private static int KDC_PKID = 2;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(SIGNED_AUTH_PACK, Asn1OctetString.class, true),
+ new Asn1FieldInfo(TRUSTED_CERTIFIERS, TrustedCertifiers.class),
+ new Asn1FieldInfo(KDC_PKID, Asn1OctetString.class, true)
+ };
+
+ public PaPkAsReq() {
+ super(fieldInfos);
+ }
+
+ public byte[] getSignedAuthPack() {
+ return getFieldAsOctets(SIGNED_AUTH_PACK);
+ }
+
+ public void setSignedAuthPack(byte[] signedAuthPack) {
+ setFieldAsOctets(SIGNED_AUTH_PACK, signedAuthPack);
+ }
+
+ public TrustedCertifiers getTrustedCertifiers() {
+ return getFieldAs(TRUSTED_CERTIFIERS, TrustedCertifiers.class);
+ }
+
+ public void setTrustedCertifiers(TrustedCertifiers trustedCertifiers) {
+ setFieldAs(TRUSTED_CERTIFIERS, trustedCertifiers);
+ }
+
+ public byte[] getKdcPkId() {
+ return getFieldAsOctets(KDC_PKID);
+ }
+
+ public void setKdcPkId(byte[] kdcPkId) {
+ setFieldAsOctets(KDC_PKID, kdcPkId);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
new file mode 100644
index 0000000..280cb2c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/PkAuthenticator.java
@@ -0,0 +1,72 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PKAuthenticator ::= SEQUENCE {
+ cusec [0] INTEGER (0..999999),
+ ctime [1] KerberosTime,
+ -- cusec and ctime are used as in [RFC4120], for
+ -- replay prevention.
+ nonce [2] INTEGER (0..4294967295),
+ -- Chosen randomly; this nonce does not need to
+ -- match with the nonce in the KDC-REQ-BODY.
+ paChecksum [3] OCTET STRING OPTIONAL,
+ -- MUST be present.
+ -- Contains the SHA1 checksum, performed over
+ -- KDC-REQ-BODY.
+ }
+ */
+public class PkAuthenticator extends KrbSequenceType {
+ private static int CUSEC = 0;
+ private static int CTIME = 1;
+ private static int NONCE = 2;
+ private static int PA_CHECKSUM = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(CUSEC, Asn1Integer.class),
+ new Asn1FieldInfo(CTIME, KerberosTime.class),
+ new Asn1FieldInfo(NONCE, Asn1Integer.class),
+ new Asn1FieldInfo(PA_CHECKSUM, Asn1OctetString.class)
+ };
+
+ public PkAuthenticator() {
+ super(fieldInfos);
+ }
+
+ public int getCusec() {
+ return getFieldAsInt(CUSEC);
+ }
+
+ public void setCusec(int cusec) {
+ setFieldAsInt(CUSEC, cusec);
+ }
+
+ public KerberosTime getCtime() {
+ return getFieldAsTime(CTIME);
+ }
+
+ public void setCtime(KerberosTime ctime) {
+ setFieldAs(CTIME, ctime);
+ }
+
+ public int getNonce() {
+ return getFieldAsInt(NONCE);
+ }
+
+ public void setNonce(int nonce) {
+ setFieldAsInt(NONCE, nonce);
+ }
+
+ public byte[] getPaChecksum() {
+ return getFieldAsOctets(PA_CHECKSUM);
+ }
+
+ public void setPaChecksum(byte[] paChecksum) {
+ setFieldAsOctets(PA_CHECKSUM, paChecksum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
new file mode 100644
index 0000000..f758b44
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/ReplyKeyPack.java
@@ -0,0 +1,42 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.CheckSum;
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+
+/**
+ ReplyKeyPack ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ asChecksum [1] Checksum,
+ }
+ */
+public class ReplyKeyPack extends KrbSequenceType {
+ private static int REPLY_KEY = 0;
+ private static int AS_CHECKSUM = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(REPLY_KEY, EncryptionKey.class),
+ new Asn1FieldInfo(AS_CHECKSUM, CheckSum.class)
+ };
+
+ public ReplyKeyPack() {
+ super(fieldInfos);
+ }
+
+ public EncryptionKey getReplyKey() {
+ return getFieldAs(REPLY_KEY, EncryptionKey.class);
+ }
+
+ public void setReplyKey(EncryptionKey replyKey) {
+ setFieldAs(REPLY_KEY, replyKey);
+ }
+
+ public CheckSum getAsChecksum() {
+ return getFieldAs(AS_CHECKSUM, CheckSum.class);
+ }
+
+ public void setAsChecksum(CheckSum checkSum) {
+ setFieldAs(AS_CHECKSUM, checkSum);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
new file mode 100644
index 0000000..72bc128
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TdDhParameters.java
@@ -0,0 +1,7 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+/**
+ * TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier
+ */
+public class TdDhParameters extends AlgorithmIdentifiers {
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
new file mode 100644
index 0000000..1cfe59a
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/pkinit/TrustedCertifiers.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.pa.pkinit;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ trustedCertifiers SEQUENCE OF ExternalPrincipalIdentifier OPTIONAL,
+ */
+public class TrustedCertifiers extends KrbSequenceOfType<ExternalPrincipalIdentifier> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
new file mode 100644
index 0000000..6dd8d3c
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenChallenge.java
@@ -0,0 +1,21 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ PA-TOKEN-CHALLENGE ::= SEQUENCE {
+ tokenInfos [0] SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
+ }
+*/
+public class PaTokenChallenge extends KrbSequenceType {
+ private static int TOKENINFOS = 0;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKENINFOS, TokenInfos.class)
+ };
+
+ public PaTokenChallenge() {
+ super(fieldInfos);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
new file mode 100644
index 0000000..a2b2735
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/PaTokenRequest.java
@@ -0,0 +1,42 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+import org.apache.kerberos.kerb.spec.common.KrbToken;
+
+/**
+ PA-TOKEN-REQUEST ::= SEQUENCE {
+ token [0] OCTET STRING,
+ tokenInfo [1] TokenInfo
+ }
+*/
+public class PaTokenRequest extends KrbSequenceType {
+ private static int TOKEN_INFO = 0;
+ private static int TOKEN = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TOKEN_INFO, TokenInfo.class),
+ new Asn1FieldInfo(TOKEN, KrbToken.class)
+ };
+
+ public PaTokenRequest() {
+ super(fieldInfos);
+ }
+
+ public KrbToken getToken() {
+ return getFieldAs(TOKEN, KrbToken.class);
+ }
+
+ public void setToken(KrbToken token) {
+ setFieldAs(TOKEN, token);
+ }
+
+ public String getTokenInfo() {
+ return getFieldAsString(TOKEN_INFO);
+ }
+
+ public void setTokenInfo(TokenInfo tokenInfo) {
+ setFieldAs(TOKEN_INFO, tokenInfo);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
new file mode 100644
index 0000000..2edf584
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlag.java
@@ -0,0 +1,32 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum TokenFlag implements KrbEnum {
+ NONE(-1),
+ ID_TOKEN_REQUIRED(0x40000000),
+ AC_TOKEN_REQUIRED(0x20000000),
+ BEARER_TOKEN_REQUIRED(0x10000000),
+ HOK_TOKEN_REQUIRED(0x08000000);
+
+ private final int value;
+
+ private TokenFlag(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TokenFlag fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (TokenFlag) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
new file mode 100644
index 0000000..e77a920
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenFlags.java
@@ -0,0 +1,20 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerberos.kerb.spec.common.KrbFlags;
+
+import static org.apache.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
+
+public class TokenFlags extends KrbFlags {
+
+ public TokenFlags() {
+ this(0);
+ }
+
+ public TokenFlags(int value) {
+ setFlags(value);
+ }
+
+ public boolean isInvalid() {
+ return isFlagSet(INVALID.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
new file mode 100644
index 0000000..01dc8cb
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfo.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1OctetString;
+import org.apache.haox.asn1.type.Asn1Utf8String;
+import org.apache.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ TokenInfo ::= SEQUENCE {
+ flags [0] TokenFlags,
+ tokenVendor [1] UTF8String,
+ }
+ */
+public class TokenInfo extends KrbSequenceType {
+ private static int FLAGS = 0;
+ private static int TOKEN_VENDOR = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, Asn1OctetString.class, true),
+ new Asn1FieldInfo(TOKEN_VENDOR, Asn1Utf8String.class),
+ };
+
+ public TokenInfo() {
+ super(fieldInfos);
+ }
+
+ public TokenFlags getFlags() {
+ return getFieldAs(FLAGS, TokenFlags.class);
+ }
+
+ public void setFlags(TokenFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public String getTokenVendor() {
+ return getFieldAsString(TOKEN_VENDOR);
+ }
+
+ public void setTokenVendor(String tokenVendor) {
+ setFieldAs(TOKEN_VENDOR, new Asn1Utf8String(tokenVendor));
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
new file mode 100644
index 0000000..56e7a63
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/pa/token/TokenInfos.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.pa.token;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ SEQUENCE (SIZE(1..MAX)) OF TokenInfo,
+*/
+public class TokenInfos extends KrbSequenceOfType<TokenInfo> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
new file mode 100644
index 0000000..b119263
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/AbstractServiceTicket.java
@@ -0,0 +1,30 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerberos.kerb.spec.kdc.EncKdcRepPart;
+
+public class AbstractServiceTicket {
+ private Ticket ticket;
+ private EncKdcRepPart encKdcRepPart;
+
+ public AbstractServiceTicket(Ticket ticket, EncKdcRepPart encKdcRepPart) {
+ this.ticket = ticket;
+ this.encKdcRepPart = encKdcRepPart;
+ }
+
+ public Ticket getTicket() {
+ return ticket;
+ }
+
+ public EncKdcRepPart getEncKdcRepPart() {
+ return encKdcRepPart;
+ }
+
+ public EncryptionKey getSessionKey() {
+ return encKdcRepPart.getKey();
+ }
+
+ public String getRealm() {
+ return ticket.getRealm();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
new file mode 100644
index 0000000..d33e695
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/EncTicketPart.java
@@ -0,0 +1,145 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerberos.kerb.spec.common.*;
+
+/**
+ -- Encrypted part of ticket
+ EncTicketPart ::= [APPLICATION 3] SEQUENCE {
+ flags [0] TicketFlags,
+ key [1] EncryptionKey,
+ crealm [2] Realm,
+ cname [3] PrincipalName,
+ transited [4] TransitedEncoding,
+ authtime [5] KerberosTime,
+ starttime [6] KerberosTime OPTIONAL,
+ endtime [7] KerberosTime,
+ renew-till [8] KerberosTime OPTIONAL,
+ caddr [9] HostAddresses OPTIONAL,
+ authorization-data [10] AuthorizationData OPTIONAL
+ }
+ */
+public class EncTicketPart extends KrbAppSequenceType {
+ public static final int TAG = 3;
+
+ private static int FLAGS = 0;
+ private static int KEY = 1;
+ private static int CREALM = 2;
+ private static int CNAME = 3;
+ private static int TRANSITED = 4;
+ private static int AUTHTIME = 5;
+ private static int STARTTIME = 6;
+ private static int ENDTIME = 7;
+ private static int RENEW_TILL = 8;
+ private static int CADDR = 9;
+ private static int AUTHORIZATION_DATA = 10;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(FLAGS, 0, TicketFlags.class),
+ new Asn1FieldInfo(KEY, 1, EncryptionKey.class),
+ new Asn1FieldInfo(CREALM, 2, KerberosString.class),
+ new Asn1FieldInfo(CNAME, 3, PrincipalName.class),
+ new Asn1FieldInfo(TRANSITED, 4, TransitedEncoding.class),
+ new Asn1FieldInfo(AUTHTIME, 5, KerberosTime.class),
+ new Asn1FieldInfo(STARTTIME, 6, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, 7, KerberosTime.class),
+ new Asn1FieldInfo(ENDTIME, 8, KerberosTime.class),
+ new Asn1FieldInfo(CADDR, 9, HostAddresses.class),
+ new Asn1FieldInfo(AUTHORIZATION_DATA, 10, AuthorizationData.class)
+ };
+
+ public EncTicketPart() {
+ super(TAG, fieldInfos);
+ }
+
+ public TicketFlags getFlags() {
+ return getFieldAs(FLAGS, TicketFlags.class);
+ }
+
+ public void setFlags(TicketFlags flags) {
+ setFieldAs(FLAGS, flags);
+ }
+
+ public EncryptionKey getKey() {
+ return getFieldAs(KEY, EncryptionKey.class);
+ }
+
+ public void setKey(EncryptionKey key) {
+ setFieldAs(KEY, key);
+ }
+
+ public String getCrealm() {
+ return getFieldAsString(CREALM);
+ }
+
+ public void setCrealm(String crealm) {
+ setFieldAsString(CREALM, crealm);
+ }
+
+ public PrincipalName getCname() {
+ return getFieldAs(CNAME, PrincipalName.class);
+ }
+
+ public void setCname(PrincipalName cname) {
+ setFieldAs(CNAME, cname);
+ }
+
+ public TransitedEncoding getTransited() {
+ return getFieldAs(TRANSITED, TransitedEncoding.class);
+ }
+
+ public void setTransited(TransitedEncoding transited) {
+ setFieldAs(TRANSITED, transited);
+ }
+
+ public KerberosTime getAuthTime() {
+ return getFieldAs(AUTHTIME, KerberosTime.class);
+ }
+
+ public void setAuthTime(KerberosTime authTime) {
+ setFieldAs(AUTHTIME, authTime);
+ }
+
+ public KerberosTime getStartTime() {
+ return getFieldAs(STARTTIME, KerberosTime.class);
+ }
+
+ public void setStartTime(KerberosTime startTime) {
+ setFieldAs(STARTTIME, startTime);
+ }
+
+ public KerberosTime getEndTime() {
+ return getFieldAs(ENDTIME, KerberosTime.class);
+ }
+
+ public void setEndTime(KerberosTime endTime) {
+ setFieldAs(ENDTIME, endTime);
+ }
+
+ public KerberosTime getRenewtill() {
+ return getFieldAs(RENEW_TILL, KerberosTime.class);
+ }
+
+ public void setRenewtill(KerberosTime renewtill) {
+ setFieldAs(RENEW_TILL, renewtill);
+ }
+
+ public HostAddresses getClientAddresses() {
+ return getFieldAs(CADDR, HostAddresses.class);
+ }
+
+ public void setClientAddresses(HostAddresses clientAddresses) {
+ setFieldAs(CADDR, clientAddresses);
+ }
+
+ public AuthorizationData getAuthorizationData() {
+ return getFieldAs(AUTHORIZATION_DATA, AuthorizationData.class);
+ }
+
+ public void setAuthorizationData(AuthorizationData authorizationData) {
+ setFieldAs(AUTHORIZATION_DATA, authorizationData);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
new file mode 100644
index 0000000..46926ba
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/ServiceTicket.java
@@ -0,0 +1,9 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.kdc.EncTgsRepPart;
+
+public class ServiceTicket extends AbstractServiceTicket {
+ public ServiceTicket(Ticket ticket, EncTgsRepPart encKdcRepPart) {
+ super(ticket, encKdcRepPart);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
new file mode 100644
index 0000000..dcf9d5b
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TgtTicket.java
@@ -0,0 +1,17 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+import org.apache.kerberos.kerb.spec.kdc.EncAsRepPart;
+
+public class TgtTicket extends AbstractServiceTicket {
+ private PrincipalName clientPrincipal;
+
+ public TgtTicket(Ticket ticket, EncAsRepPart encKdcRepPart, String clientPrincipal) {
+ super(ticket, encKdcRepPart);
+ this.clientPrincipal = new PrincipalName(clientPrincipal);
+ }
+
+ public PrincipalName getClientPrincipal() {
+ return clientPrincipal;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
new file mode 100644
index 0000000..594d756
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Ticket.java
@@ -0,0 +1,80 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1Integer;
+import org.apache.kerberos.kerb.KrbConstant;
+import org.apache.kerberos.kerb.spec.KerberosString;
+import org.apache.kerberos.kerb.spec.KrbAppSequenceType;
+import org.apache.kerberos.kerb.spec.common.EncryptedData;
+import org.apache.kerberos.kerb.spec.common.PrincipalName;
+
+/**
+ Ticket ::= [APPLICATION 1] SEQUENCE {
+ tkt-vno [0] INTEGER (5),
+ realm [1] Realm,
+ sname [2] PrincipalName,
+ enc-part [3] EncryptedData -- EncTicketPart
+ }
+ */
+public class Ticket extends KrbAppSequenceType {
+ public static final int TKT_KVNO = KrbConstant.KRB_V5;
+ public static final int TAG = 1;
+
+ private static int TKT_VNO = 0;
+ private static int REALM = 1;
+ private static int SNAME = 2;
+ private static int ENC_PART = 3;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(TKT_VNO, 0, Asn1Integer.class),
+ new Asn1FieldInfo(REALM, 1, KerberosString.class),
+ new Asn1FieldInfo(SNAME, 2, PrincipalName.class),
+ new Asn1FieldInfo(ENC_PART, 3, EncryptedData.class)
+ };
+
+ public Ticket() {
+ super(TAG, fieldInfos);
+ setTktKvno(TKT_KVNO);
+ }
+
+ private EncTicketPart encPart;
+
+ public int getTktvno() {
+ return getFieldAsInt(TKT_VNO);
+ }
+
+ public void setTktKvno(int kvno) {
+ setFieldAsInt(TKT_VNO, kvno);
+ }
+ public PrincipalName getSname() {
+ return getFieldAs(SNAME, PrincipalName.class);
+ }
+
+ public void setSname(PrincipalName sname) {
+ setFieldAs(SNAME, sname);
+ }
+
+ public String getRealm() {
+ return getFieldAsString(REALM);
+ }
+
+ public void setRealm(String realm) {
+ setFieldAs(REALM, new KerberosString(realm));
+ }
+
+ public EncryptedData getEncryptedEncPart() {
+ return getFieldAs(ENC_PART, EncryptedData.class);
+ }
+
+ public void setEncryptedEncPart(EncryptedData encryptedEncPart) {
+ setFieldAs(ENC_PART, encryptedEncPart);
+ }
+
+ public EncTicketPart getEncPart() {
+ return encPart;
+ }
+
+ public void setEncPart(EncTicketPart encPart) {
+ this.encPart = encPart;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
new file mode 100644
index 0000000..42925de
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlag.java
@@ -0,0 +1,43 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.KrbEnum;
+
+public enum TicketFlag implements KrbEnum {
+ NONE(-1),
+ FORWARDABLE(0x40000000),
+ FORWARDED(0x20000000),
+ PROXIABLE(0x10000000),
+ PROXY(0x08000000),
+ MAY_POSTDATE(0x04000000),
+ POSTDATED(0x02000000),
+ INVALID(0x01000000),
+ RENEWABLE(0x00800000),
+ INITIAL(0x00400000),
+ PRE_AUTH(0x00200000),
+ HW_AUTH(0x00100000),
+ TRANSIT_POLICY_CHECKED( 0x00080000),
+ OK_AS_DELEGATE(0x00040000),
+ ENC_PA_REP(0x00010000),
+ ANONYMOUS(0x00008000);
+
+ private final int value;
+
+ private TicketFlag(int value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getValue() {
+ return value;
+ }
+
+ public static TicketFlag fromValue(int value) {
+ for (KrbEnum e : values()) {
+ if (e.getValue() == value) {
+ return (TicketFlag) e;
+ }
+ }
+
+ return NONE;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
new file mode 100644
index 0000000..87a0cc6
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/TicketFlags.java
@@ -0,0 +1,20 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.common.KrbFlags;
+
+import static org.apache.kerberos.kerb.spec.ticket.TicketFlag.INVALID;
+
+public class TicketFlags extends KrbFlags {
+
+ public TicketFlags() {
+ this(0);
+ }
+
+ public TicketFlags(int value) {
+ setFlags(value);
+ }
+
+ public boolean isInvalid() {
+ return isFlagSet(INVALID.getValue());
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
new file mode 100644
index 0000000..40d891f
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/ticket/Tickets.java
@@ -0,0 +1,10 @@
+package org.apache.kerberos.kerb.spec.ticket;
+
+import org.apache.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ SEQUENCE OF Ticket
+ */
+public class Tickets extends KrbSequenceOfType<Ticket> {
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
new file mode 100644
index 0000000..1ce8534
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/AlgorithmIdentifier.java
@@ -0,0 +1,39 @@
+package org.apache.kerberos.kerb.spec.x509;
+
+import org.apache.haox.asn1.type.*;
+
+/**
+ AlgorithmIdentifier ::= SEQUENCE {
+ algorithm OBJECT IDENTIFIER,
+ parameters ANY DEFINED BY algorithm OPTIONAL
+ }
+ */
+public class AlgorithmIdentifier extends Asn1SequenceType {
+ private static int ALGORITHM = 0;
+ private static int PARAMETERS = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ALGORITHM, -1, Asn1ObjectIdentifier.class),
+ new Asn1FieldInfo(PARAMETERS, -1, Asn1Any.class)
+ };
+
+ public AlgorithmIdentifier() {
+ super(fieldInfos);
+ }
+
+ public Asn1ObjectIdentifier getAlgorithm() {
+ return getFieldAs(ALGORITHM, Asn1ObjectIdentifier.class);
+ }
+
+ public void setAlgorithm(Asn1ObjectIdentifier algorithm) {
+ setFieldAs(ALGORITHM, algorithm);
+ }
+
+ public Asn1Type getParameters() {
+ return getFieldAsAny(PARAMETERS);
+ }
+
+ public void setParameters(Asn1Type parameters) {
+ setFieldAsAny(PARAMETERS, parameters);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
new file mode 100644
index 0000000..71fad22
--- /dev/null
+++ b/haox-kerb/kerb-core/src/main/java/org/apache/kerberos/kerb/spec/x509/SubjectPublicKeyInfo.java
@@ -0,0 +1,41 @@
+package org.apache.kerberos.kerb.spec.x509;
+
+import org.apache.haox.asn1.type.Asn1BitString;
+import org.apache.haox.asn1.type.Asn1FieldInfo;
+import org.apache.haox.asn1.type.Asn1SequenceType;
+
+/**
+ SubjectPublicKeyInfo ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ subjectPublicKey BIT STRING
+ }
+ */
+public class SubjectPublicKeyInfo extends Asn1SequenceType {
+ private static int ALGORITHM = 0;
+ private static int SUBJECT_PUBLIC_KEY = 1;
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ new Asn1FieldInfo(ALGORITHM, -1, AlgorithmIdentifier.class),
+ new Asn1FieldInfo(SUBJECT_PUBLIC_KEY, -1, Asn1BitString.class)
+ };
+
+ public SubjectPublicKeyInfo() {
+ super(fieldInfos);
+ }
+
+ public AlgorithmIdentifier getAlgorithm() {
+ return getFieldAs(ALGORITHM, AlgorithmIdentifier.class);
+ }
+
+ public void setAlgorithm(AlgorithmIdentifier algorithm) {
+ setFieldAs(ALGORITHM, algorithm);
+ }
+
+ public byte[] getSubjectPubKey() {
+ return getFieldAsOctets(SUBJECT_PUBLIC_KEY);
+ }
+
+ public void setSubjectPubKey(byte[] subjectPubKey) {
+ setFieldAs(SUBJECT_PUBLIC_KEY, new Asn1BitString(subjectPubKey));
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbConstant.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbConstant.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbConstant.java
deleted file mode 100644
index b3f9b23..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbConstant.java
+++ /dev/null
@@ -1,7 +0,0 @@
-package org.haox.kerb;
-
-public interface KrbConstant {
- public final static int KRB_V5 = 5;
-
- public final static String TGS_PRINCIPAL = "krbtgt";
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorCode.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorCode.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorCode.java
deleted file mode 100644
index 4936d3b..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorCode.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package org.haox.kerb;
-
-import org.haox.kerb.spec.KrbEnum;
-
-public enum KrbErrorCode implements KrbEnum {
- KDC_ERR_NONE(0, "No error"),
- KDC_ERR_NAME_EXP(1, "Client's entry in database has expired"),
- KDC_ERR_SERVICE_EXP(2, "Server's entry in database has expired"),
- KDC_ERR_BAD_PVNO(3, "Requested protocol version number not supported"),
- KDC_ERR_C_OLD_MAST_KVNO(4, "Client's key encrypted in old master key"),
- KDC_ERR_S_OLD_MAST_KVNO(5, "Server's key encrypted in old master key"),
- KDC_ERR_C_PRINCIPAL_UNKNOWN(6, "Client not found in Kerberos database"),
- KDC_ERR_S_PRINCIPAL_UNKNOWN(7, "Server not found in Kerberos database"),
- KDC_ERR_PRINCIPAL_NOT_UNIQUE(8, "Multiple principal entries in database"),
- KDC_ERR_NULL_KEY(9, "The client or server has a null key"),
- KDC_ERR_CANNOT_POSTDATE(10, "Ticket not eligible for postdating"),
- KDC_ERR_NEVER_VALID(11, "Requested start time is later than end time"),
- KDC_ERR_POLICY(12, "KDC policy rejects request"),
- KDC_ERR_BADOPTION(13, "KDC cannot accommodate requested option"),
- KDC_ERR_ETYPE_NOSUPP(14, "KDC has no support for encryption type"),
- KDC_ERR_SUMTYPE_NOSUPP(15, "KDC has no support for checksum type"),
- KDC_ERR_PADATA_TYPE_NOSUPP(16, "KDC has no support for padata type"),
- KDC_ERR_TRTYPE_NOSUPP(17, "KDC has no support for transited type"),
- KDC_ERR_CLIENT_REVOKED(18, "Clients credentials have been revoked"),
- KDC_ERR_SERVICE_REVOKED(19, "Credentials for server have been revoked"),
- KDC_ERR_TGT_REVOKED(20, "TGT has been revoked"),
- KDC_ERR_CLIENT_NOTYET(21, "Client not yet valid; try again later"),
- KDC_ERR_SERVICE_NOTYET(22, "Server not yet valid; try again later"),
- KDC_ERR_KEY_EXPIRED(23, "Password has expired; change password to reset"),
- KDC_ERR_PREAUTH_FAILED(24, "Pre-authentication information was invalid"),
- KDC_ERR_PREAUTH_REQUIRED(25, "Additional pre-authentication required"),
- KDC_ERR_SERVER_NOMATCH(26, "Requested server and ticket don't match"),
- KDC_ERR_MUST_USE_USER2USER(27, "Server valid for user2user only"),
- KDC_ERR_PATH_NOT_ACCEPTED(28, "KDC Policy rejects transited path"),
- KDC_ERR_SVC_UNAVAILABLE(29, "A service is not available"),
- KRB_AP_ERR_BAD_INTEGRITY(31, "Integrity check on decrypted field failed"),
- KRB_AP_ERR_TKT_EXPIRED(32, "Ticket expired"),
- KRB_AP_ERR_TKT_NYV(33, "Ticket not yet valid"),
- KRB_AP_ERR_REPEAT(34, "Request is a replay"),
- KRB_AP_ERR_NOT_US(35, "The ticket isn't for us"),
- KRB_AP_ERR_BADMATCH(36, "Ticket and authenticator don't match"),
- KRB_AP_ERR_SKEW(37, "Clock skew too great"),
- KRB_AP_ERR_BADADDR(38, "Incorrect net address"),
- KRB_AP_ERR_BADVERSION(39, "Protocol version mismatch"),
- KRB_AP_ERR_MSG_TYPE(40, "Invalid msg type"),
- KRB_AP_ERR_MODIFIED(41, "Message stream modified"),
- KRB_AP_ERR_BADORDER(42, "Message out of order"),
- KRB_AP_ERR_BADKEYVER(44, "Specified version of key is not available"),
- KRB_AP_ERR_NOKEY(45, "Service key not available"),
- KRB_AP_ERR_MUT_FAIL(46, "Mutual authentication failed"),
- KRB_AP_ERR_BADDIRECTION(47, "Incorrect message direction"),
- KRB_AP_ERR_METHOD(48, "Alternative authentication method required"),
- KRB_AP_ERR_BADSEQ(49, "Incorrect sequence number in message"),
- KRB_AP_ERR_INAPP_CKSUM(50, "Inappropriate type of checksum in message"),
- KRB_AP_PATH_NOT_ACCEPTED(51, "Policy rejects transited path"),
- RESPONSE_TOO_BIG(52, "Response too big for UDP; retry with TCP"),
- KRB_ERR_GENERIC(60, "Generic error (description in e-text)"),
- FIELD_TOOLONG(61, "Field is too long for this implementation"),
- KDC_ERR_CLIENT_NOT_TRUSTED(62, "Client is not trusted"),
- KDC_NOT_TRUSTED(63, "KDC is not trusted"),
- KDC_ERR_INVALID_SIG(64, "Signature is invalid"),
- KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED(65, "Diffie-Hellman (DH) key parameters not accepted."),
- CERTIFICATE_MISMATCH(66, "Certificates do not match"),
- KRB_AP_ERR_NO_TGT(67, "No TGT available to validate USER-TO-USER"),
- WRONG_REALM(68, "Wrong realm"),
- KRB_AP_ERR_USER_TO_USER_REQUIRED(69, "Ticket must be for USER-TO-USER"),
- KDC_ERR_CANT_VERIFY_CERTIFICATE(70, "Can't verify certificate"),
- KDC_ERR_INVALID_CERTIFICATE(71, "Invalid certificate"),
- KDC_ERR_REVOKED_CERTIFICATE(72, "Revoked certificate"),
- KDC_ERR_REVOCATION_STATUS_UNKNOWN(73, "Revocation status unknown"),
- REVOCATION_STATUS_UNAVAILABLE(74, "Revocation status unavailable"),
- KDC_ERR_CLIENT_NAME_MISMATCH(75, "Client names do not match"),
- KDC_NAME_MISMATCH(76, "KDC names do not match"),
- KDC_ERR_INCONSISTENT_KEY_PURPOSE(77, "Inconsistent key purpose"),
- KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED(78, "Digest in certificate not accepted"),
- KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED(79, "PA checksum must be included"),
- KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED(80, "Digest in signed data not accepted"),
- KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED(81, "Public key encryption not supported"),
-
- KRB_TIMEOUT(5000, "Network timeout");
-
- private final int value;
- private final String message;
-
- private KrbErrorCode(int value, String message) {
- this.value = value;
- this.message = message;
- }
-
- public static KrbErrorCode fromValue(Integer value) {
- if (value != null) {
- for (KrbEnum e : values()) {
- if (e.getValue() == value.intValue()) {
- return (KrbErrorCode) e;
- }
- }
- }
-
- return KRB_ERR_GENERIC;
- }
-
- public int getValue() {
- return value;
- }
-
- public String getMessage() {
- return message;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorException.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorException.java
deleted file mode 100644
index 74e04cf..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbErrorException.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package org.haox.kerb;
-
-import org.haox.kerb.spec.common.KrbError;
-
-public class KrbErrorException extends KrbException {
- private KrbError krbError;
-
- public KrbErrorException(KrbError krbError) {
- super(krbError.getErrorCode().getMessage());
- this.krbError = krbError;
- }
-
- public KrbError getKrbError() {
- return krbError;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbException.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbException.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbException.java
deleted file mode 100644
index 44f6921..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/KrbException.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package org.haox.kerb;
-
-public class KrbException extends Exception {
-
- public KrbException(String message) {
- super(message);
- }
-
- public KrbException(String message, Throwable cause) {
- super(message, cause);
- }
-
- public KrbException(KrbErrorCode errorCode) {
- super(errorCode.getMessage());
- }
-
- public KrbException(KrbErrorCode errorCode, Throwable cause) {
- super(errorCode.getMessage(), cause);
- }
-
- public KrbException(KrbErrorCode errorCode, String message) {
- super(message + " with error code: " + errorCode.name());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/codec/KrbCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/codec/KrbCodec.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/codec/KrbCodec.java
deleted file mode 100644
index 31eaa8c..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/codec/KrbCodec.java
+++ /dev/null
@@ -1,74 +0,0 @@
-package org.haox.kerb.codec;
-
-import org.apache.haox.asn1.LimitedByteBuffer;
-import org.apache.haox.asn1.type.AbstractAsn1Type;
-import org.apache.haox.asn1.type.Asn1Type;
-import org.haox.kerb.KrbException;
-import org.haox.kerb.spec.ap.ApReq;
-import org.haox.kerb.spec.common.KrbMessage;
-import org.haox.kerb.spec.common.KrbMessageType;
-import org.haox.kerb.spec.kdc.AsRep;
-import org.haox.kerb.spec.kdc.AsReq;
-import org.haox.kerb.spec.kdc.TgsRep;
-import org.haox.kerb.spec.kdc.TgsReq;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-
-public class KrbCodec {
-
- public static byte[] encode(Asn1Type krbObj) throws KrbException {
- return krbObj.encode();
- }
-
- public static <T extends Asn1Type> T decode(byte[] content, Class<T> krbType) throws KrbException {
- return decode(ByteBuffer.wrap(content), krbType);
- }
-
- public static <T extends Asn1Type> T decode(ByteBuffer content, Class<T> krbType) throws KrbException {
- Asn1Type implObj = null;
- try {
- implObj = krbType.newInstance();
- } catch (Exception e) {
- throw new KrbException("Decoding failed", e);
- }
-
- try {
- implObj.decode(content);
- } catch (IOException e) {
- throw new KrbException("Decoding failed", e);
- }
-
- return (T) implObj;
- }
-
- public static KrbMessage decodeMessage(ByteBuffer byteBuffer) throws IOException {
- LimitedByteBuffer limitedBuffer = new LimitedByteBuffer(byteBuffer);
- int tag = AbstractAsn1Type.readTag(limitedBuffer);
- int tagNo = AbstractAsn1Type.readTagNo(limitedBuffer, tag);
- int length = AbstractAsn1Type.readLength(limitedBuffer);
- LimitedByteBuffer valueBuffer = new LimitedByteBuffer(limitedBuffer, length);
-
- KrbMessage msg = null;
- KrbMessageType msgType = KrbMessageType.fromValue(tagNo);
- if (msgType == KrbMessageType.TGS_REQ) {
- msg = new TgsReq();
- } else if (msgType == KrbMessageType.AS_REP) {
- msg = new AsRep();
- } else if (msgType == KrbMessageType.AS_REQ) {
- msg = new AsReq();
- } else if (msgType == KrbMessageType.TGS_REP) {
- msg = new TgsRep();
- } else if (msgType == KrbMessageType.AP_REQ) {
- msg = new ApReq();
- } else if (msgType == KrbMessageType.AP_REP) {
- msg = new ApReq();
- } else {
- throw new IOException("To be supported krb message type with tag: " + tag);
- }
- msg.decode(tag, tagNo, valueBuffer);
-
- return msg;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosString.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosString.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosString.java
deleted file mode 100644
index 8aec97d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosString.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1GeneralString;
-
-/**
- KerberosString ::= GeneralString -- (IA5String)
- */
-public class KerberosString extends Asn1GeneralString {
- public KerberosString() {
- }
-
- public KerberosString(String value) {
- super(value);
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosStrings.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosStrings.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosStrings.java
deleted file mode 100644
index 21213e8..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosStrings.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package org.haox.kerb.spec;
-
-import java.util.List;
-
-public class KerberosStrings extends KrbSequenceOfType<KerberosString> {
-
- public KerberosStrings() {
- super();
- }
-
- public KerberosStrings(List<String> strings) {
- super();
- setValues(strings);
- }
-
- public void setValues(List<String> values) {
- clear();
- if (values != null) {
- for (String value : values) {
- addElement(new KerberosString(value));
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosTime.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosTime.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosTime.java
deleted file mode 100644
index e526a5f..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KerberosTime.java
+++ /dev/null
@@ -1,99 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1GeneralizedTime;
-
-import java.util.Date;
-import java.util.TimeZone;
-
-/**
- KerberosTime ::= GeneralizedTime -- with no fractional seconds
- */
-public class KerberosTime extends Asn1GeneralizedTime {
- private static final TimeZone UTC = TimeZone.getTimeZone("UTC");
-
- public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
-
- public static final int MINUTE = 60000;
-
- public static final int DAY = MINUTE * 1440;
-
- public static final int WEEK = MINUTE * 10080;
-
- public KerberosTime() {
- super(0L);
- }
-
- /**
- * time in milliseconds
- */
- public KerberosTime(long time) {
- super(time);
- }
-
- /**
- * Return time in milliseconds
- */
- public long getTime() {
- if (getValue() != null) {
- return getValue().getTime();
- }
- return 0L;
- }
-
- /**
- * time in milliseconds
- */
- public void setTime(long time) {
- setValue(new Date(time));
- }
-
- public long getTimeInSeconds() {
- return getTime() / 1000;
- }
-
- public boolean lessThan(KerberosTime ktime) {
- return getValue().compareTo(ktime.getValue()) < 0;
- }
-
- public boolean lessThan(long time) {
- return getValue().getTime() <= time * 1000;
- }
-
- public boolean greaterThan(KerberosTime ktime) {
- return getValue().compareTo(ktime.getValue()) > 0;
- }
-
- /**
- * time in milliseconds
- */
- public boolean isInClockSkew(long clockSkew) {
- long delta = Math.abs(getTime() - System.currentTimeMillis());
-
- return delta < clockSkew;
- }
-
- public KerberosTime copy() {
- long time = getTime();
- KerberosTime result = new KerberosTime(time);
- return result;
- }
-
- /**
- * time in milliseconds
- */
- public KerberosTime extend(long duration) {
- long result = getTime() + duration;
- return new KerberosTime(result);
- }
-
- /**
- * Return diff time in milliseconds
- */
- public long diff(KerberosTime other) {
- return getTime() - other.getTime();
- }
-
- public static KerberosTime now() {
- return new KerberosTime(new Date().getTime());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbAppSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbAppSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbAppSequenceType.java
deleted file mode 100644
index c59d53d..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbAppSequenceType.java
+++ /dev/null
@@ -1,38 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.TaggingSequence;
-
-/**
- * This is for application specific sequence tagged with a number.
- */
-public abstract class KrbAppSequenceType extends TaggingSequence {
- public KrbAppSequenceType(int tagNo, Asn1FieldInfo[] fieldInfos) {
- super(tagNo, fieldInfos, true);
- }
-
- protected int getFieldAsInt(int index) {
- Integer value = getFieldAsInteger(index);
- if (value != null) {
- return value.intValue();
- }
- return -1;
- }
-
- protected void setFieldAsString(int index, String value) {
- setFieldAs(index, new KerberosString(value));
- }
-
- protected KerberosTime getFieldAsTime(int index) {
- KerberosTime value = getFieldAs(index, KerberosTime.class);
- return value;
- }
-
- protected void setFieldAsTime(int index, long value) {
- setFieldAs(index, new KerberosTime(value));
- }
-
- protected void setField(int index, KrbEnum krbEnum) {
- setFieldAsInt(index, krbEnum.getValue());
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbEnum.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbEnum.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbEnum.java
deleted file mode 100644
index 48655ba..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbEnum.java
+++ /dev/null
@@ -1,5 +0,0 @@
-package org.haox.kerb.spec;
-
-public interface KrbEnum {
- public int getValue();
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbIntegers.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbIntegers.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbIntegers.java
deleted file mode 100644
index c5840fb..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbIntegers.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1Integer;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class KrbIntegers extends KrbSequenceOfType<Asn1Integer> {
-
- public KrbIntegers() {
- super();
- }
-
- public KrbIntegers(List<Integer> values) {
- super();
- setValues(values);
- }
-
- public void setValues(List<Integer> values) {
- clear();
- if (values != null) {
- for (Integer value : values) {
- addElement(new Asn1Integer(value));
- }
- }
- }
-
- public List<Integer> getValues() {
- List<Integer> results = new ArrayList<Integer>();
- for (Asn1Integer value : getElements()) {
- results.add(value.getValue());
- }
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceOfType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceOfType.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceOfType.java
deleted file mode 100644
index 11260ce..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceOfType.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1SequenceOf;
-import org.apache.haox.asn1.type.Asn1String;
-import org.apache.haox.asn1.type.Asn1Type;
-
-import java.util.ArrayList;
-import java.util.List;
-
-public class KrbSequenceOfType<T extends Asn1Type> extends Asn1SequenceOf<T> {
-
- public List<String> getAsStrings() {
- List<T> elements = getElements();
- List<String> results = new ArrayList<String>();
- for (T ele : elements) {
- if (ele instanceof Asn1String) {
- results.add(((Asn1String) ele).getValue());
- } else {
- throw new RuntimeException("The targeted field type isn't of string");
- }
- }
- return results;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/967d7e1c/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceType.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceType.java b/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceType.java
deleted file mode 100644
index ab4b98e..0000000
--- a/haox-kerb/kerb-core/src/main/java/org/haox/kerb/spec/KrbSequenceType.java
+++ /dev/null
@@ -1,36 +0,0 @@
-package org.haox.kerb.spec;
-
-import org.apache.haox.asn1.type.Asn1FieldInfo;
-import org.apache.haox.asn1.type.Asn1SequenceType;
-
-public abstract class KrbSequenceType extends Asn1SequenceType {
-
- public KrbSequenceType(Asn1FieldInfo[] fieldInfos) {
- super(fieldInfos);
- }
-
- protected int getFieldAsInt(int index) {
- Integer value = getFieldAsInteger(index);
- if (value != null) {
- return value.intValue();
- }
- return -1;
- }
-
- protected void setFieldAsString(int index, String value) {
- setFieldAs(index, new KerberosString(value));
- }
-
- protected KerberosTime getFieldAsTime(int index) {
- KerberosTime value = getFieldAs(index, KerberosTime.class);
- return value;
- }
-
- protected void setFieldAsTime(int index, long value) {
- setFieldAs(index, new KerberosTime(value));
- }
-
- protected void setField(int index, KrbEnum value) {
- setFieldAsInt(index, value.getValue());
- }
-}