You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by se...@apache.org on 2018/07/29 20:44:41 UTC
[directory-server] branch master updated: DIRSERVER-2244: Support
AES Encryption with HMAC-SHA2 for Kerberos 5 defined in RFC 8009
This is an automated email from the ASF dual-hosted git repository.
seelmann pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-server.git
The following commit(s) were added to refs/heads/master by this push:
new f6e08c4 DIRSERVER-2244: Support AES Encryption with HMAC-SHA2 for Kerberos 5 defined in RFC 8009
f6e08c4 is described below
commit f6e08c4443d552340896c196148cd1f38cea298d
Author: Stefan Seelmann <ma...@stefan-seelmann.de>
AuthorDate: Sun Jul 29 22:44:30 2018 +0200
DIRSERVER-2244: Support AES Encryption with HMAC-SHA2 for Kerberos 5 defined in RFC 8009
---
.../shared/kerberos/codec/types/EncryptionType.java | 10 ++++++++++
.../shared/kerberos/crypto/checksum/ChecksumType.java | 14 ++++++++++++++
2 files changed, 24 insertions(+)
diff --git a/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/types/EncryptionType.java b/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/types/EncryptionType.java
index 5ac1c83..547b73a 100644
--- a/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/types/EncryptionType.java
+++ b/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/codec/types/EncryptionType.java
@@ -130,6 +130,16 @@ public enum EncryptionType
AES256_CTS_HMAC_SHA1_96(18, "aes256-cts-hmac-sha1-96"),
/**
+ * The aes128-cts-hmac-sha256-128 encryption type (RFC8009).
+ */
+ AES128_CTS_HMAC_SHA256_128(19, "aes128-cts-hmac-sha256-128"),
+
+ /**
+ * The aes256-cts-hmac-sha384-192 encryption type (RFC8009).
+ */
+ AES256_CTS_HMAC_SHA384_192(20, "aes256-cts-hmac-sha384-192"),
+
+ /**
* The rc4-hmac encryption type.
*/
RC4_HMAC(23, "rc4-hmac"),
diff --git a/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/crypto/checksum/ChecksumType.java b/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/crypto/checksum/ChecksumType.java
index d25c7b8..e0624be 100644
--- a/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/crypto/checksum/ChecksumType.java
+++ b/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/crypto/checksum/ChecksumType.java
@@ -113,6 +113,16 @@ public enum ChecksumType implements Comparable<ChecksumType>
HMAC_SHA1_96_AES256(16, "hmac-sha1-96-aes256"),
/**
+ * The hmac-sha256-128-aes128 checksum type (RFC8009).
+ */
+ HMAC_SHA256_128_AES128(19, "hmac-sha256-128-aes128"),
+
+ /**
+ * The hmac-sha384-192-aes256 checksum type (RFC8009).
+ */
+ HMAC_SHA384_192_AES256(20, "hmac-sha384-192-aes256"),
+
+ /**
* The hmac-md5 checksum type (RFC4757).
*/
HMAC_MD5(-138, "hmac-md5");
@@ -182,6 +192,10 @@ public enum ChecksumType implements Comparable<ChecksumType>
return HMAC_SHA1_96_AES128;
case 16:
return HMAC_SHA1_96_AES256;
+ case 19:
+ return HMAC_SHA256_128_AES128;
+ case 20:
+ return HMAC_SHA384_192_AES256;
case -138:
return HMAC_MD5;
default: