directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 57024 - incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto
Date Tue, 09 Nov 2004 12:36:43 GMT
Author: erodriguez
Date: Tue Nov  9 04:36:43 2004
New Revision: 57024

Removed:
   incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/Confounder.java
Modified:
   incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
Log:
Rolled functions of Confounder into CryptoService.

Modified: incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
==============================================================================
--- incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
(original)
+++ incubator/directory/kerberos/trunk/kerberos/src/java/org/apache/kerberos/crypto/CryptoService.java
Tue Nov  9 04:36:43 2004
@@ -22,12 +22,17 @@
 import org.apache.kerberos.messages.value.EncryptedData;
 import org.apache.kerberos.messages.value.EncryptionKey;
 
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
+import java.security.SecureRandom;
 
 public class CryptoService {
-	
+
+    private static final SecureRandom random = new SecureRandom();
+
 	private static final Map _encryptionEngines = new HashMap();
 	private static final Map _checksumEngines   = new HashMap();
 	
@@ -59,7 +64,7 @@
 	}
 
 	public EncryptionKey getNewSessionKey() {
-		byte[] confounder = Confounder.bytes(8);
+		byte[] confounder = getRandomBytes(8);
 		DesStringToKey subSessionKey = new DesStringToKey(new String(confounder));
 		return new EncryptionKey(EncryptionType.DES_CBC_MD5, subSessionKey.getKey());
 	}
@@ -70,7 +75,18 @@
 		byte[] plaintext = long2octet(date.getTime());
 		return encryptionEngine.encrypt(plaintext, key.getKeyValue());
 	}
-	
+
+    public static KerberosKey getRandomKeyFor(KerberosPrincipal principal)
+    {
+        final int DES_KEY_TYPE = 3;
+		int keyVersion = 1;
+
+		byte[] randomBytes = getRandomBytes( 8 );
+		DesStringToKey randomKey = new DesStringToKey( new String( randomBytes ) );
+
+		return new KerberosKey( principal, randomKey.getKey(), DES_KEY_TYPE, keyVersion );
+    }
+    
 	public EncryptionKey getEncryptionKey(String password, String realm, String username) {
 		DesStringToKey key = new DesStringToKey(password, realm, username);
 		byte[] keyBytes = key.getKey();
@@ -93,7 +109,7 @@
 		
 		EncryptionEngine type = getInstance(key.getKeyType());
 		
-		byte[] conFounder      = Confounder.bytes(type.confounderSize());
+		byte[] conFounder      = getRandomBytes(type.confounderSize());
 		byte[] zeroedChecksum  = new byte[type.checksumSize()];
 		byte[] dataBytes       = concatenateBytes(conFounder, concatenateBytes(zeroedChecksum,
 				padString(plainText)));
@@ -105,6 +121,13 @@
 		
 		return new EncryptedData(type.encryptionType(), key.getKeyVersion(), encryptedData);
 	}
+
+    private static synchronized byte[] getRandomBytes(int size)
+    {
+        byte[] bytes = new byte[size];
+        random.nextBytes(bytes);
+        return bytes;
+    }
 
     private static byte[] long2octet(long input) {
 		byte[] output = new byte[8];

Mime
View raw message