directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 47656 - incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder
Date Fri, 01 Oct 2004 18:02:25 GMT
Author: erodriguez
Date: Fri Oct  1 11:02:24 2004
New Revision: 47656

Added:
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncAsRepPartEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncKdcRepPartEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTgsRepPartEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTicketPartEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReqBodyEncoder.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KerberosMessageEncoder.java
Log:
kerberos ASN.1 encoder package

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncAsRepPartEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncAsRepPartEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,30 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+public class EncAsRepPartEncoder extends EncKdcRepPartEncoder {
+	
+	/*
+	 * EncASRepPart ::=    [APPLICATION 25[25]] EncKDCRepPart
+	 */
+	public static final int APPLICATION_CODE = 25;
+	
+	public EncAsRepPartEncoder() {
+		super(APPLICATION_CODE);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncKdcRepPartEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncKdcRepPartEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,93 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+import org.apache.kerberos.messages.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public abstract class EncKdcRepPartEncoder extends KerberosMessageEncoder {
+	
+	private int _applicationCode;
+	
+	protected EncKdcRepPartEncoder(int applicationCode) {
+		_applicationCode = applicationCode;
+	}
+	
+	public byte[] encode(KdcReply app) throws IOException {
+		ByteArrayOutputStream baos = new ByteArrayOutputStream();
+		ASN1OutputStream aos = new ASN1OutputStream(baos);
+		
+		DERSequence initialSequence = encodeInitialSequence(app);
+		aos.writeObject(new DERApplicationSpecific(_applicationCode, initialSequence));
+		
+		return baos.toByteArray();
+	}
+	
+	/*
+	   EncKDCRepPart ::=   SEQUENCE {
+	               key[0]                       EncryptionKey,
+	               last-req[1]                  LastReq,
+
+	               nonce[2]                     INTEGER,
+	               key-expiration[3]            KerberosTime OPTIONAL,
+	               flags[4]                     TicketFlags,
+	               authtime[5]                  KerberosTime,
+	               starttime[6]                 KerberosTime OPTIONAL,
+	               endtime[7]                   KerberosTime,
+	               renew-till[8]                KerberosTime OPTIONAL,
+	               srealm[9]                    Realm,
+	               sname[10]                    PrincipalName,
+	               caddr[11]                    HostAddresses OPTIONAL
+	}*/
+	protected DERSequence encodeInitialSequence(KdcReply reply) {
+
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, encodeEncryptionKey(reply.getKey())));
+		vector.add(new DERTaggedObject(1, encodeLastRequest(reply.getLastRequest())));
+		vector.add(new DERTaggedObject(2, new DERInteger(reply.getNonce())));
+		
+		// OPTIONAL
+		if (reply.getKeyExpiration() != null)
+			vector.add(new DERTaggedObject(3, encodeKerberosTime(reply.getKeyExpiration())));
+		
+		vector.add(new DERTaggedObject(4, encodeTicketFlags(reply.getFlags())));
+		vector.add(new DERTaggedObject(5, encodeKerberosTime(reply.getAuthTime())));
+		
+		// OPTIONAL
+		if (reply.getStartTime() != null)
+			vector.add(new DERTaggedObject(6, encodeKerberosTime(reply.getStartTime())));
+		
+		vector.add(new DERTaggedObject(7, encodeKerberosTime(reply.getEndTime())));
+		
+		// OPTIONAL
+		if (reply.getRenewTill() != null)
+			vector.add(new DERTaggedObject(8, encodeKerberosTime(reply.getRenewTill())));
+		
+		vector.add(new DERTaggedObject(9, encodeRealm(reply.getServerRealm())));
+		vector.add(new DERTaggedObject(10, encodePrincipalName(reply.getServerName())));
+		
+		// OPTIONAL
+		if (reply.getClientAddresses() != null)
+			vector.add(new DERTaggedObject(11, encodeHostAddresses(reply.getClientAddresses())));
+		
+		return new DERSequence(vector);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTgsRepPartEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTgsRepPartEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,30 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+public class EncTgsRepPartEncoder extends EncKdcRepPartEncoder {
+	
+	/*
+	 * EncTGSRepPart ::=   [APPLICATION 26] EncKDCRepPart
+	 */
+	public static final int APPLICATION_CODE = 26;
+	
+	public EncTgsRepPartEncoder() {
+		super(APPLICATION_CODE);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTicketPartEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/EncTicketPartEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,81 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+import org.apache.kerberos.messages.components.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public class EncTicketPartEncoder extends KerberosMessageEncoder {
+	
+	public static final int APPLICATION_CODE = 3;
+	
+	public byte[] encode(Ticket ticket) throws IOException {
+		ByteArrayOutputStream baos = new ByteArrayOutputStream();
+		ASN1OutputStream aos = new ASN1OutputStream(baos);
+		
+		DERSequence ticketSequence = encodeInitialSequence(ticket);
+		aos.writeObject(new DERApplicationSpecific(APPLICATION_CODE, ticketSequence));
+		aos.close();
+		
+		return baos.toByteArray();
+	}
+	
+	/*
+	-- Encrypted part of ticket
+	EncTicketPart ::=     [APPLICATION 3] SEQUENCE {
+	                      flags[0]             TicketFlags,
+	                      key[1]               EncryptionKey,
+	                      crealm[2]            Realm,
+	                      cname[3]             PrincipalName,
+	                      transited[4]         TransitedEncoding,
+	                      authtime[5]          KerberosTime,
+	                      starttime[6]         KerberosTime OPTIONAL,
+	                      endtime[7]           KerberosTime,
+	                      renew-till[8]        KerberosTime OPTIONAL,
+	                      caddr[9]             HostAddresses OPTIONAL,
+	                      authorization-data[10]   AuthorizationData OPTIONAL
+	}*/
+	public DERSequence encodeInitialSequence(Ticket ticket) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, encodeTicketFlags(ticket.getFlags())));
+		vector.add(new DERTaggedObject(1, encodeEncryptionKey(ticket.getSessionKey())));
+		vector.add(new DERTaggedObject(2, encodeRealm(ticket.getClientRealm())));
+		vector.add(new DERTaggedObject(3, encodePrincipalName(ticket.getClientName())));
+		vector.add(new DERTaggedObject(4, encodeTransitedEncoding(ticket.getTransitedEncoding())));
+		vector.add(new DERTaggedObject(5, encodeKerberosTime(ticket.getAuthtime())));
+		
+		// OPTIONAL
+		if (ticket.getStartTime() != null)
+			vector.add(new DERTaggedObject(6, encodeKerberosTime(ticket.getStartTime())));
+		
+		vector.add(new DERTaggedObject(7, encodeKerberosTime(ticket.getEndTime())));
+		
+		// OPTIONAL
+		if (ticket.getRenewTill() != null)
+			vector.add(new DERTaggedObject(8, encodeKerberosTime(ticket.getRenewTill())));
+		if (ticket.getClientAddresses() != null)
+			vector.add(new DERTaggedObject(9, encodeHostAddresses(ticket.getClientAddresses())));
+		if (ticket.getAuthorizationData() != null)
+			vector.add(new DERTaggedObject(10, encodeAuthorizationData(ticket.getAuthorizationData())));
+		
+		return new DERSequence(vector);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReplyEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,89 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+import org.apache.kerberos.messages.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public class KdcReplyEncoder extends KerberosMessageEncoder {
+	/*
+ 	AS-REP ::=    [APPLICATION 11] KDC-REP
+ 	TGS-REP ::=   [APPLICATION 13] KDC-REP
+	 */
+	public OutputStream encode(KdcReply app, OutputStream os) throws IOException {
+		
+		ASN1OutputStream aos = new ASN1OutputStream(os);
+		
+		DERSequence kdcrep = encodeKdcReplySequence(app);
+		aos.writeObject(new DERApplicationSpecific(app.getMessageType().getOrdinal(), kdcrep));
+		
+		aos.close();
+		
+		return aos;
+	}
+
+	/*
+	KDC-REP ::=   SEQUENCE {
+	              pvno[0]                    INTEGER,
+	              msg-type[1]                INTEGER,
+	              padata[2]                  SEQUENCE OF PA-DATA OPTIONAL,
+	              crealm[3]                  Realm,
+	              cname[4]                   PrincipalName,
+	              ticket[5]                  Ticket,
+	              enc-part[6]                EncryptedData
+	}*/
+	private DERSequence encodeKdcReplySequence(KdcReply app) {
+		
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(app.getProtocolVersionNumber())));
+		vector.add(new DERTaggedObject(1, new DERInteger(app.getMessageType().getOrdinal())));
+		if (app.getPaData() != null)
+			vector.add(new DERTaggedObject(2, encodePaData(app.getPaData())));
+		vector.add(new DERTaggedObject(3, encodeRealm(app.getCrealm())));
+		vector.add(new DERTaggedObject(4, encodePrincipalName(app.getCname())));
+		vector.add(new DERTaggedObject(5, encodeTicket(app.getTicket())));
+		vector.add(new DERTaggedObject(6, encodeEncryptedData(app.getEncPart())));
+		
+		return new DERSequence(vector);
+	}
+
+	/*
+	PA-DATA ::=        SEQUENCE {
+	           padata-type[1]        INTEGER,
+	           padata-value[2]       OCTET STRING,
+	                         -- might be encoded AP-REQ
+	}*/
+	private DERSequence encodePaData(PreAuthenticationData[] paData) {
+		
+		ASN1EncodableVector pa = new ASN1EncodableVector();
+		
+		for (int i = 0; i < paData.length; i++) {
+			ASN1EncodableVector vector = new ASN1EncodableVector();
+
+			vector.add(new DERTaggedObject(1, new DERInteger(paData[i].getDataType())));
+			vector.add(new DERTaggedObject(2, new DEROctetString(paData[i].getDataValue())));
+			pa.add(new DERSequence(vector));
+		}
+		
+		return new DERSequence(pa);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReqBodyEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KdcReqBodyEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,90 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+import org.apache.kerberos.messages.*;
+import org.bouncycastle.asn1.*;
+
+import java.io.*;
+
+public class KdcReqBodyEncoder extends KerberosMessageEncoder {
+
+	public byte[] encode(KdcRequest request) throws IOException {
+		ByteArrayOutputStream baos = new ByteArrayOutputStream();
+		ASN1OutputStream aos = new ASN1OutputStream(baos);
+		
+		aos.writeObject(encodeInitialSequence(request));
+		aos.flush();
+		aos.close();
+
+		return baos.toByteArray();
+	}
+	
+	/*
+	KDC-REQ-BODY ::=   SEQUENCE {
+        kdc-options[0]       KDCOptions,
+        cname[1]             PrincipalName OPTIONAL,
+                     -- Used only in AS-REQ
+        realm[2]             Realm, -- Server's realm
+                     -- Also client's in AS-REQ
+        sname[3]             PrincipalName OPTIONAL,
+        from[4]              KerberosTime OPTIONAL,
+        till[5]              KerberosTime,
+        rtime[6]             KerberosTime OPTIONAL,
+        nonce[7]             INTEGER,
+
+        etype[8]             SEQUENCE OF INTEGER, -- EncryptionEngine,
+                     -- in preference order
+        addresses[9]         HostAddresses OPTIONAL,
+        enc-authorization-data[10]   EncryptedData OPTIONAL,
+                     -- Encrypted AuthorizationData encoding
+        additional-tickets[11]       SEQUENCE OF Ticket OPTIONAL
+    }*/
+	private DERSequence encodeInitialSequence(KdcRequest request) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, encodeKdcOptions(request.getKdcOptions())));
+		// OPTIONAL
+		if (request.getCname() != null)
+			vector.add(new DERTaggedObject(1, encodePrincipalName(request.getCname())));
+		vector.add(new DERTaggedObject(2, encodeRealm(request.getRealm())));
+		// OPTIONAL
+		if (request.getSname() != null)
+			vector.add(new DERTaggedObject(3, encodePrincipalName(request.getSname())));
+		// OPTIONAL
+		if (request.getFrom() != null)
+			vector.add(new DERTaggedObject(4, encodeKerberosTime(request.getFrom())));
+		vector.add(new DERTaggedObject(5, encodeKerberosTime(request.getTill())));
+		// OPTIONAL
+		if (request.getRtime() != null)
+			vector.add(new DERTaggedObject(6, encodeKerberosTime(request.getRtime())));
+		vector.add(new DERTaggedObject(7, new DERInteger(request.getNonce())));
+		vector.add(new DERTaggedObject(8, encodeEncryptionType(request.getEType())));
+		// OPTIONAL
+		if (request.getAddresses() != null)
+			vector.add(new DERTaggedObject(9, encodeHostAddresses(request.getAddresses())));
+		// OPTIONAL
+		if (request.getEncAuthorizationData() != null)
+			vector.add(new DERTaggedObject(10, encodeEncryptedData(request.getEncAuthorizationData())));
+		// OPTIONAL
+		if (request.getAdditionalTickets() != null)
+			vector.add(new DERTaggedObject(11, encodeAdditionalTickets(request.getAdditionalTickets())));
+
+		return new DERSequence(vector);
+	}
+}
+

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KerberosMessageEncoder.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/io/encoder/KerberosMessageEncoder.java
Fri Oct  1 11:02:24 2004
@@ -0,0 +1,299 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.io.encoder;
+
+import org.apache.kerberos.crypto.encryption.*;
+import org.apache.kerberos.messages.components.*;
+import org.apache.kerberos.messages.value.*;
+import org.bouncycastle.asn1.*;
+
+import java.util.*;
+
+public abstract class KerberosMessageEncoder {
+	
+	/*
+	PrincipalName ::=   SEQUENCE {
+	              name-type[0]     INTEGER,
+	              name-string[1]   SEQUENCE OF GeneralString
+	}*/
+	protected DERSequence encodePrincipalName(PrincipalName name) {
+		
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(name.getNameType())));
+		vector.add(new DERTaggedObject(1, encodeNameSequence(name)));
+		
+		return new DERSequence(vector);
+	}
+	
+	protected DERSequence encodeNameSequence(PrincipalName name) {
+		Iterator it = name.getNameStrings().iterator();
+		
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		while (it.hasNext())
+			vector.add(new DERGeneralString((String)it.next()));
+		
+		return new DERSequence(vector);
+		
+	}
+	
+	/*
+	Ticket ::=                    [APPLICATION 1] SEQUENCE {
+        tkt-vno[0]                   INTEGER,
+        realm[1]                     Realm,
+        sname[2]                     PrincipalName,
+        enc-part[3]                  EncryptedData
+    }*/
+    protected DERApplicationSpecific encodeTicket(Ticket ticket) {
+    	
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(ticket.getTicketVersionNumber())));
+		vector.add(new DERTaggedObject(1, new DERGeneralString(ticket.getRealm().toString())));
+		vector.add(new DERTaggedObject(2, encodePrincipalName(ticket.getServerName())));
+		vector.add(new DERTaggedObject(3, encodeEncryptedData(ticket.getEncPart())));
+		
+		DERApplicationSpecific ticketSequence = null;
+		try {
+			ticketSequence = new DERApplicationSpecific(1, new DERSequence(vector));
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return ticketSequence;
+    }
+    
+	/*
+	KerberosTime ::=   GeneralizedTime
+	            -- Specifying UTC time zone (Z)
+	*/
+    protected DERGeneralizedTime encodeKerberosTime(KerberosTime time) {
+    	return new DERGeneralizedTime(time.toDate());
+    }
+	
+	/*
+    etype[8]             SEQUENCE OF INTEGER, -- EncryptionEngine,
+                -- in preference order
+    */
+	protected DERSequence encodeEncryptionType(EncryptionType[] eType) {
+		
+		ASN1EncodableVector outerVector = new ASN1EncodableVector();
+		
+		for (int i = 0; i < eType.length; i++) {
+			outerVector.add(new DERInteger(eType[i].getOrdinal()));
+		}
+		return new DERSequence(outerVector);
+	}
+	
+	/*
+	 HostAddress ::=     SEQUENCE  {
+                        addr-type[0]             INTEGER,
+                        address[1]               OCTET STRING
+    }*/
+	protected DERSequence encodeHostAddress(HostAddress host) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(host.getAddrType())));
+		vector.add(new DERTaggedObject(1, new DEROctetString(host.getAddress())));
+		
+		return new DERSequence(vector);
+	}
+	
+	/*
+	HostAddresses ::=   SEQUENCE OF SEQUENCE {
+	                    addr-type[0]             INTEGER,
+	                    address[1]               OCTET STRING
+	}*/
+	protected DERSequence encodeHostAddresses(HostAddresses hosts) {
+		
+		HostAddress[] addresses = hosts.getAddresses();
+		ASN1EncodableVector outerVector = new ASN1EncodableVector();
+		
+		for (int i = 0; i < addresses.length; i++) {
+			ASN1EncodableVector vector = new ASN1EncodableVector();
+			vector.add(new DERTaggedObject(0, new DERInteger(addresses[i].getAddrType())));
+			vector.add(new DERTaggedObject(1, new DEROctetString(addresses[i].getAddress())));
+			outerVector.add(new DERSequence(vector));
+		}
+		return new DERSequence(outerVector);
+	}
+	
+	/*
+	EncryptedData ::=   SEQUENCE {
+	            etype[0]     INTEGER, -- EncryptionEngine
+	            kvno[1]      INTEGER OPTIONAL,
+	            cipher[2]    OCTET STRING -- ciphertext
+	}*/
+	protected DERSequence encodeEncryptedData(EncryptedData encPart) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(encPart.getEncryptionType().getOrdinal())));
+		if (encPart.getKeyVersion() > 0)
+			vector.add(new DERTaggedObject(1, new DERInteger(encPart.getKeyVersion())));
+		vector.add(new DERTaggedObject(2, new DEROctetString(encPart.getCipherText())));
+		
+		return new DERSequence(vector);
+	}
+	
+	protected DERGeneralString encodeRealm(Realm realm) {
+		return new DERGeneralString(realm.toString());
+	}
+	
+	protected DERSequence encodeEncryptionKey(EncryptionKey key) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(key.getKeyType().getOrdinal())));
+		vector.add(new DERTaggedObject(1, new DEROctetString(key.getKeyValue())));
+		
+		return new DERSequence(vector);
+	}
+	
+	/*
+	Checksum ::=   SEQUENCE {
+             cksumtype[0]   INTEGER,
+             checksum[1]    OCTET STRING
+    }
+	*/
+	protected DERSequence encodeChecksum(Checksum checksum) {
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(checksum.getChecksumType().getOrdinal())));
+		vector.add(new DERTaggedObject(1, new DEROctetString(checksum.getChecksumValue())));
+		
+		return new DERSequence(vector);
+	}
+	
+	/*
+	LastReq ::=   SEQUENCE OF SEQUENCE {
+	lr-type[0]               INTEGER,
+	lr-value[1]              KerberosTime
+	}*/
+	protected DERSequence encodeLastRequest(LastRequest lastReq) {
+
+		LastRequestEntry[] entries = lastReq.getEntries();
+		ASN1EncodableVector outerVector = new ASN1EncodableVector();
+		for (int i = 0; i < entries.length; i++) {
+			ASN1EncodableVector vector = new ASN1EncodableVector();
+			vector.add(new DERTaggedObject(0, new DERInteger(entries[i].getLastRequestType())));
+			vector.add(new DERTaggedObject(1, new DERGeneralizedTime(entries[i].getLastRequestValue().toDate())));
+			outerVector.add(new DERSequence(vector));
+			}
+		
+		return new DERSequence(outerVector);
+	}
+	
+	/*
+	APOptions ::=   BIT STRING {
+	    reserved(0),
+	    use-session-key(1),
+	    mutual-required(2)
+	}*/
+	protected DERBitString encodeApOptions(ApOptions options) {
+		return new DERBitString(options.getBytes());
+	}
+	
+	/*
+	TicketFlags ::=   BIT STRING {
+	      reserved(0),
+	      forwardable(1),
+	      forwarded(2),
+	      proxiable(3),
+	      proxy(4),
+	      may-postdate(5),
+	      postdated(6),
+	      invalid(7),
+	      renewable(8),
+	      initial(9),
+	      pre-authent(10),
+	      hw-authent(11)
+	}*/
+	protected DERBitString encodeTicketFlags(TicketFlags flags) {
+		return new DERBitString(flags.getBytes());
+	}
+	
+	/*
+    KDCOptions ::=   BIT STRING {
+        reserved(0),
+        forwardable(1),
+        forwarded(2),
+        proxiable(3),
+        proxy(4),
+        allow-postdate(5),
+        postdated(6),
+
+        unused7(7),
+        renewable(8),
+        unused9(9),
+        unused10(10),
+        unused11(11),
+        renewable-ok(27),
+        enc-tkt-in-skey(28),
+        renew(30),
+        validate(31)
+        }*/
+	protected DERBitString encodeKdcOptions(KdcOptions options) {
+		return new DERBitString(options.getBytes());
+	}
+	
+	/*
+	TransitedEncoding ::=         SEQUENCE {
+        tr-type[0]  INTEGER, -- must be registered
+        contents[1]          OCTET STRING
+    }*/
+	protected DERSequence encodeTransitedEncoding(TransitedEncoding te) {
+		
+		ASN1EncodableVector vector = new ASN1EncodableVector();
+		
+		vector.add(new DERTaggedObject(0, new DERInteger(te.getType())));
+		vector.add(new DERTaggedObject(1, new DEROctetString(te.getContents())));
+		
+		return new DERSequence(vector);
+	}
+	
+	/*
+	AuthorizationData ::=   SEQUENCE OF SEQUENCE {
+        ad-type[0]               INTEGER,
+        ad-data[1]               OCTET STRING
+    }*/
+	protected DERSequence encodeAuthorizationData(AuthorizationData data) {
+		
+		Iterator it = data.iterator();
+		ASN1EncodableVector outerVector = new ASN1EncodableVector();
+		
+		while (it.hasNext()) {
+			AuthorizationDataEntry entry = (AuthorizationDataEntry)it.next();
+			ASN1EncodableVector vector = new ASN1EncodableVector();
+			vector.add(new DERTaggedObject(0, new DERInteger(entry.getAuthorizationDataType())));
+			vector.add(new DERTaggedObject(1, new DEROctetString(entry.getAuthorizationData())));
+			outerVector.add(new DERSequence(vector));
+		}
+		return new DERSequence(outerVector);
+	}
+	
+	protected DERSequence encodeAdditionalTickets(Ticket[] tickets) {
+
+		ASN1EncodableVector outerVector = new ASN1EncodableVector();
+
+		for (int i = 0; i < tickets.length; i++) {
+			ASN1EncodableVector vector = new ASN1EncodableVector();
+			vector.add(encodeTicket(tickets[i]));
+			outerVector.add(new DERSequence(vector));
+		}
+		return new DERSequence(outerVector);
+	}
+}
+

Mime
View raw message