directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r533929 - /directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/
Date Tue, 01 May 2007 03:51:40 GMT
Author: erodriguez
Date: Mon Apr 30 20:51:39 2007
New Revision: 533929

URL: http://svn.apache.org/viewvc?view=rev&rev=533929
Log:
Enhancements to checksum package in kerberos-encryption-types branch:
o  Addition of Hashed Adapter to handle selection of checksum based on requested checksum
type.
o  Addition of checksum handlers for AES128, AES256, and DES3-CBC-SHA1-KD.
o  Improvements to package encapsulation.

Added:
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
  (with props)
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
  (with props)
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
  (with props)
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
  (with props)
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
  (with props)
Removed:
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
Modified:
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java?view=diff&rev=533929&r1=533928&r2=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
Mon Apr 30 20:51:39 2007
@@ -20,9 +20,6 @@
 package org.apache.directory.server.kerberos.shared.crypto.checksum;
 
 
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
 
 
@@ -32,43 +29,28 @@
  */
 public abstract class ChecksumEngine
 {
-    public abstract MessageDigest getDigest() throws NoSuchAlgorithmException;
-
-
+    /**
+     * Returns the checksum type of this checksum engine.
+     *
+     * @return The checksum type.
+     */
     public abstract ChecksumType checksumType();
 
 
+    /**
+     * Returns the key type of this checksum engine.
+     *
+     * @return The key type.
+     */
     public abstract CipherType keyType();
 
 
-    public abstract int checksumSize();
-
-
-    public abstract int keySize();
-
-
-    public abstract int confounderSize();
-
-
-    public abstract boolean isSafe();
-
-
-    public abstract byte[] calculateKeyedChecksum( byte[] data, byte[] key );
-
-
-    public abstract boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum
);
-
-
-    public byte[] calculateChecksum( byte[] data )
-    {
-        try
-        {
-            MessageDigest digester = getDigest();
-            return digester.digest( data );
-        }
-        catch ( NoSuchAlgorithmException nsae )
-        {
-            return null;
-        }
-    }
+    /**
+     * Calculate a checksum given raw bytes and an (optional) key.
+     *
+     * @param data
+     * @param key
+     * @return The checksum value.
+     */
+    public abstract byte[] calculateChecksum( byte[] data, byte[] key );
 }

Added: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java?view=auto&rev=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
(added)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
Mon Apr 30 20:51:39 2007
@@ -0,0 +1,109 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.Checksum;
+
+
+/**
+ * A Hashed Adapter encapsulating checksum engines for performing integrity checks.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ChecksumHandler
+{
+    /** A map of the default encodable class names to the encoder class names. */
+    private static final Map DEFAULT_CHECKSUMS;
+
+    static
+    {
+        Map<ChecksumType, Class> map = new HashMap<ChecksumType, Class>();
+
+        map.put( ChecksumType.HMAC_MD5, HmacMd5Checksum.class );
+        map.put( ChecksumType.HMAC_SHA1_96_AES128, HmacSha196Aes128Checksum.class );
+        map.put( ChecksumType.HMAC_SHA1_96_AES256, HmacSha196Aes256Checksum.class );
+        map.put( ChecksumType.HMAC_SHA1_DES3_KD, HmacSha1Des3KdChecksum.class );
+        map.put( ChecksumType.RSA_MD5, RsaMd5Checksum.class );
+
+        DEFAULT_CHECKSUMS = Collections.unmodifiableMap( map );
+    }
+
+
+    /**
+     * Verify a checksum by providing the raw bytes and an (optional) key for keyed checksums.
+     *
+     * @param checksum
+     * @param bytes
+     * @param key
+     * @throws KerberosException
+     */
+    public void verifyChecksum( Checksum checksum, byte[] bytes, byte[] key ) throws KerberosException
+    {
+        if ( checksum == null )
+        {
+            throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+        }
+
+        if ( !DEFAULT_CHECKSUMS.containsKey( checksum.getChecksumType() ) )
+        {
+            throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+        }
+
+        ChecksumEngine digester = getEngine( checksum.getChecksumType() );
+        Checksum newChecksum = new Checksum( digester.checksumType(), digester.calculateChecksum(
bytes, key ) );
+
+        if ( !newChecksum.equals( checksum ) )
+        {
+            throw new KerberosException( ErrorType.KRB_AP_ERR_MODIFIED );
+        }
+    }
+
+
+    private ChecksumEngine getEngine( ChecksumType checksumType ) throws KerberosException
+    {
+        Class clazz = ( Class ) DEFAULT_CHECKSUMS.get( checksumType );
+
+        if ( clazz == null )
+        {
+            throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+        }
+
+        try
+        {
+            return ( ChecksumEngine ) clazz.newInstance();
+        }
+        catch ( IllegalAccessException iae )
+        {
+            throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+        }
+        catch ( InstantiationException ie )
+        {
+            throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+        }
+    }
+}

Propchange: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java?view=diff&rev=533929&r1=533928&r2=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
Mon Apr 30 20:51:39 2007
@@ -52,13 +52,14 @@
     public static final ChecksumType SHA1_2 = new ChecksumType( 14, "sha1 (unkeyed)" );
     public static final ChecksumType HMAC_SHA1_96_AES128 = new ChecksumType( 15, "hmac-sha1-96-aes128"
);
     public static final ChecksumType HMAC_SHA1_96_AES256 = new ChecksumType( 16, "hmac-sha1-96-aes256"
);
+    public static final ChecksumType HMAC_MD5 = new ChecksumType( -138, "hmac-md5" );
 
     /**
      * These two lines are all that's necessary to export a List of VALUES.
      */
     private static final ChecksumType[] values =
         { UNKNOWN, NULL, CRC32, RSA_MD4, RSA_MD4_DES, DES_MAC, DES_MAC_K, RSA_MD4_DES_K,
RSA_MD5, RSA_MD5_DES,
-            RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128,
HMAC_SHA1_96_AES256 };
+            RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128,
HMAC_SHA1_96_AES256, HMAC_MD5 };
     // VALUES needs to be located here, otherwise illegal forward reference
     public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values
) );
 

Added: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java?view=auto&rev=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
(added)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
Mon Apr 30 20:51:39 2007
@@ -0,0 +1,73 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class HmacMd5Checksum extends ChecksumEngine
+{
+    HmacMd5Checksum()
+    {
+        // Package-scoped constructor; use ChecksumHandler. 
+    }
+
+
+    public ChecksumType checksumType()
+    {
+        return ChecksumType.HMAC_SHA1_DES3_KD;
+    }
+
+
+    public CipherType keyType()
+    {
+        return CipherType.DES3;
+    }
+
+
+    public byte[] calculateChecksum( byte[] data, byte[] key )
+    {
+        try
+        {
+            SecretKey sk = new SecretKeySpec( key, "DESede" );
+
+            Mac mac = Mac.getInstance( "HmacSHA1" );
+            mac.init( sk );
+
+            return mac.doFinal( data );
+        }
+        catch ( GeneralSecurityException nsae )
+        {
+            nsae.printStackTrace();
+            return null;
+        }
+    }
+}

Propchange: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java?view=auto&rev=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
(added)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
Mon Apr 30 20:51:39 2007
@@ -0,0 +1,73 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class HmacSha196Aes128Checksum extends ChecksumEngine
+{
+    HmacSha196Aes128Checksum()
+    {
+        // Package-scoped constructor; use ChecksumHandler. 
+    }
+
+
+    public ChecksumType checksumType()
+    {
+        return ChecksumType.HMAC_SHA1_96_AES128;
+    }
+
+
+    public CipherType keyType()
+    {
+        return CipherType.AES;
+    }
+
+
+    public byte[] calculateChecksum( byte[] data, byte[] key )
+    {
+        try
+        {
+            SecretKey sk = new SecretKeySpec( key, "AES" );
+
+            Mac mac = Mac.getInstance( "HmacSHA1" );
+            mac.init( sk );
+
+            return mac.doFinal( data );
+        }
+        catch ( GeneralSecurityException nsae )
+        {
+            nsae.printStackTrace();
+            return null;
+        }
+    }
+}

Propchange: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java?view=auto&rev=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
(added)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
Mon Apr 30 20:51:39 2007
@@ -0,0 +1,73 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class HmacSha196Aes256Checksum extends ChecksumEngine
+{
+    HmacSha196Aes256Checksum()
+    {
+        // Package-scoped constructor; use ChecksumHandler. 
+    }
+
+
+    public ChecksumType checksumType()
+    {
+        return ChecksumType.HMAC_SHA1_96_AES256;
+    }
+
+
+    public CipherType keyType()
+    {
+        return CipherType.AES;
+    }
+
+
+    public byte[] calculateChecksum( byte[] data, byte[] key )
+    {
+        try
+        {
+            SecretKey sk = new SecretKeySpec( key, "AES" );
+
+            Mac mac = Mac.getInstance( "HmacSHA1" );
+            mac.init( sk );
+
+            return mac.doFinal( data );
+        }
+        catch ( GeneralSecurityException nsae )
+        {
+            nsae.printStackTrace();
+            return null;
+        }
+    }
+}

Propchange: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java?view=auto&rev=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
(added)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
Mon Apr 30 20:51:39 2007
@@ -0,0 +1,73 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class HmacSha1Des3KdChecksum extends ChecksumEngine
+{
+    HmacSha1Des3KdChecksum()
+    {
+        // Package-scoped constructor; use ChecksumHandler. 
+    }
+
+
+    public ChecksumType checksumType()
+    {
+        return ChecksumType.HMAC_MD5;
+    }
+
+
+    public CipherType keyType()
+    {
+        return CipherType.ARCFOUR;
+    }
+
+
+    public byte[] calculateChecksum( byte[] data, byte[] key )
+    {
+        try
+        {
+            SecretKey sk = new SecretKeySpec( key, "ARCFOUR" );
+
+            Mac mac = Mac.getInstance( "HmacMD5" );
+            mac.init( sk );
+
+            return mac.doFinal( data );
+        }
+        catch ( GeneralSecurityException nsae )
+        {
+            nsae.printStackTrace();
+            return null;
+        }
+    }
+}

Propchange: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java?view=diff&rev=533929&r1=533928&r2=533929
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
Mon Apr 30 20:51:39 2007
@@ -32,9 +32,9 @@
  */
 public class RsaMd5Checksum extends ChecksumEngine
 {
-    public MessageDigest getDigest() throws NoSuchAlgorithmException
+    RsaMd5Checksum()
     {
-        return MessageDigest.getInstance( "MD5" );
+        // Package-scoped constructor; use ChecksumHandler. 
     }
 
 
@@ -50,38 +50,16 @@
     }
 
 
-    public int checksumSize()
+    public byte[] calculateChecksum( byte[] data, byte[] key )
     {
-        return 16;
-    }
-
-
-    public int keySize()
-    {
-        return 0;
-    }
-
-
-    public int confounderSize()
-    {
-        return 0;
-    }
-
-
-    public boolean isSafe()
-    {
-        return false;
-    }
-
-
-    public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
-    {
-        return null;
-    }
-
-
-    public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
-    {
-        return false;
+        try
+        {
+            MessageDigest digester = MessageDigest.getInstance( "MD5" );
+            return digester.digest( data );
+        }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            return null;
+        }
     }
 }



Mime
View raw message