directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r541123 [17/25] - in /directory/apacheds/branches/apacheds-sasl-branch: ./ benchmarks/ bootstrap-extract/ bootstrap-extract/src/ bootstrap-extract/src/main/ bootstrap-extract/src/main/java/ bootstrap-extract/src/main/java/org/ bootstrap-ext...
Date Thu, 24 May 2007 00:27:07 GMT
Modified: directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java Wed May 23 17:26:40 2007
@@ -21,7 +21,6 @@
 
 import java.io.File;
 import java.io.IOException;
-import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -51,6 +50,7 @@
 import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
 import org.apache.directory.server.schema.registries.OidRegistry;
 import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
 import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
 import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
 import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -183,7 +183,7 @@
             if ( nextObject instanceof String ) 
             {
                 name = ( String ) nextObject;
-                log.warn( "Using default cache size of {} for index on attribute {}", 
+                log.debug( "Using default cache size of {} for index on attribute {}", 
                     new Integer( cacheSize ), name );
             }
             // custom cache size is used
@@ -285,7 +285,7 @@
             if ( ! customAddedSystemIndices.contains( systemIndexName ) )
             {
                 AttributeType type = attributeTypeRegistry.lookup( systemIndexName );
-                log.warn( "Using default cache size of {} for index on attribute {}", 
+                log.debug( "Using default cache size of {} for index on attribute {}", 
                     new Integer( IndexConfiguration.DEFAULT_INDEX_CACHE_SIZE ), systemIndexName );
                 if ( systemIndexName.equals( Oid.EXISTANCE ) )
                 {
@@ -359,7 +359,7 @@
         oidRegistry = config.getOidRegistry();
         attributeTypeRegistry = config.getAttributeTypeRegistry();
 
-        OBJECT_CLASS_AT = attributeTypeRegistry.lookup( "objectClass" );
+        OBJECT_CLASS_AT = attributeTypeRegistry.lookup( SchemaConstants.OBJECT_CLASS_AT );
         ALIAS_AT = attributeTypeRegistry.lookup( ALIAS_ATTRIBUTE );
         
         this.upSuffix = new LdapDN( config.getSuffixDn() );
@@ -378,12 +378,12 @@
             if ( cacheSize < 0 )
             {
                 cacheSize = DEFAULT_CACHE_SIZE;
-                log.warn( "Using the default entry cache size of {} for {} partition", 
+                log.debug( "Using the default entry cache size of {} for {} partition", 
                     new Integer( cacheSize ), config.getName() );
             }
             else
             {
-                log.info( "Using the custom configured cache size of {} for {} partition", 
+                log.debug( "Using the custom configured cache size of {} for {} partition", 
                     new Integer( cacheSize ), config.getName() );
             }
             recMan = new CacheRecordManager( base, new MRU( cacheSize ) );
@@ -783,32 +783,32 @@
     }
 
 
-    public BigInteger getEntryId( String dn ) throws NamingException
+    public Long getEntryId( String dn ) throws NamingException
     {
-        return ndnIdx.forwardLookup( dn );
+        return (Long)ndnIdx.forwardLookup( dn );
     }
 
 
-    public String getEntryDn( BigInteger id ) throws NamingException
+    public String getEntryDn( Long id ) throws NamingException
     {
         return ( String ) ndnIdx.reverseLookup( id );
     }
 
 
-    public BigInteger getParentId( String dn ) throws NamingException
+    public Long getParentId( String dn ) throws NamingException
     {
-        BigInteger childId = ndnIdx.forwardLookup( dn );
-        return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+        Long childId = (Long)ndnIdx.forwardLookup( dn );
+        return ( Long ) hierarchyIdx.reverseLookup( childId );
     }
 
 
-    public BigInteger getParentId( BigInteger childId ) throws NamingException
+    public Long getParentId( Long childId ) throws NamingException
     {
-        return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+        return ( Long ) hierarchyIdx.reverseLookup( childId );
     }
 
 
-    public String getEntryUpdn( BigInteger id ) throws NamingException
+    public String getEntryUpdn( Long id ) throws NamingException
     {
         return ( String ) updnIdx.reverseLookup( id );
     }
@@ -816,7 +816,7 @@
 
     public String getEntryUpdn( String dn ) throws NamingException
     {
-        BigInteger id = ndnIdx.forwardLookup( dn );
+        Long id = (Long)ndnIdx.forwardLookup( dn );
         return ( String ) updnIdx.reverseLookup( id );
     }
 
@@ -835,13 +835,13 @@
      * @param aliasId the id of the alias entry in the master table
      * @throws NamingException if we cannot delete the indices
      */
-    private void dropAliasIndices( BigInteger aliasId ) throws NamingException
+    private void dropAliasIndices( Long aliasId ) throws NamingException
     {
         String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
-        BigInteger targetId = getEntryId( targetDn );
+        Long targetId = getEntryId( targetDn );
         String aliasDn = getEntryDn( aliasId );
         LdapDN ancestorDn = ( LdapDN ) new LdapDN( aliasDn ).getPrefix( 1 );
-        BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+        Long ancestorId = getEntryId( ancestorDn.toString() );
 
         /*
          * We cannot just drop all tuples in the one level and subtree indices
@@ -880,12 +880,12 @@
      * @throws NamingException if index addition fails, of the alias is not 
      * allowed due to chaining or cycle formation.
      */
-    private void addAliasIndices( BigInteger aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
+    private void addAliasIndices( Long aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
     {
         LdapDN normalizedAliasTargetDn = null; // Name value of aliasedObjectName
-        BigInteger targetId = null; // Id of the aliasedObjectName
+        Long targetId = null; // Id of the aliasedObjectName
         LdapDN ancestorDn = null; // Name of an alias entry relative
-        BigInteger ancestorId = null; // Id of an alias entry relative
+        Long ancestorId = null; // Id of an alias entry relative
 
         // Access aliasedObjectName, normalize it and generate the Name 
         normalizedAliasTargetDn = new LdapDN( aliasTarget );
@@ -930,7 +930,7 @@
         }
 
         // L O O K U P   T A R G E T   I D
-        targetId = ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
+        targetId = (Long)ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
 
         /*
          * Check For Target Existance
@@ -1007,8 +1007,8 @@
     
     public void add( LdapDN normName, Attributes entry ) throws NamingException
     {
-        BigInteger id;
-        BigInteger parentId = null;
+        Long id;
+        Long parentId = null;
 
         id = master.getNextId();
 
@@ -1021,7 +1021,7 @@
         LdapDN parentDn = null;
         if ( normName.equals( normSuffix ) )
         {
-            parentId = BigInteger.ZERO;
+            parentId = 0L;
         }
         else
         {
@@ -1091,16 +1091,16 @@
     }
 
 
-    public Attributes lookup( BigInteger id ) throws NamingException
+    public Attributes lookup( Long id ) throws NamingException
     {
         return master.get( id );
     }
 
 
-    public void delete( BigInteger id ) throws NamingException
+    public void delete( Long id ) throws NamingException
     {
         Attributes entry = lookup( id );
-        BigInteger parentId = getParentId( id );
+        Long parentId = getParentId( id );
         NamingEnumeration attrs = entry.getIDs();
 
         Attribute objectClass = AttributeUtils.getAttribute( entry, OBJECT_CLASS_AT );
@@ -1114,7 +1114,7 @@
         hierarchyIdx.drop( id );
 
         // Remove parent's reference to entry only if entry is not the upSuffix
-        if ( !parentId.equals( BigInteger.ZERO ) )
+        if ( !parentId.equals( 0L ) )
         {
             hierarchyIdx.drop( parentId, id );
         }
@@ -1150,13 +1150,13 @@
     }
 
 
-    public NamingEnumeration list( BigInteger id ) throws NamingException
+    public NamingEnumeration list( Long id ) throws NamingException
     {
         return hierarchyIdx.listIndices( id );
     }
 
 
-    public int getChildCount( BigInteger id ) throws NamingException
+    public int getChildCount( Long id ) throws NamingException
     {
         return hierarchyIdx.count( id );
     }
@@ -1175,7 +1175,7 @@
 
     public Attributes getSuffixEntry() throws NamingException
     {
-        BigInteger id = getEntryId( normSuffix.toNormName() );
+        Long id = getEntryId( normSuffix.toNormName() );
 
         if ( null == id )
         {
@@ -1198,7 +1198,7 @@
     }
 
 
-    public Attributes getIndices( BigInteger id ) throws NamingException
+    public Attributes getIndices( Long id ) throws NamingException
     {
         Attributes attributes = new AttributesImpl();
 
@@ -1276,7 +1276,7 @@
      * @throws NamingException if index alteration or attribute addition
      * fails.
      */
-    private void add( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+    private void add( Long id, Attributes entry, Attribute mods ) throws NamingException
     {
         String modsOid = oidRegistry.getOid( mods.getID() );
         
@@ -1329,7 +1329,7 @@
      * @throws NamingException if index alteration or attribute modification 
      * fails.
      */
-    private void remove( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+    private void remove( Long id, Attributes entry, Attribute mods ) throws NamingException
     {
         String modsOid = oidRegistry.getOid( mods.getID() );
         
@@ -1395,7 +1395,7 @@
      * @throws NamingException if index alteration or attribute modification 
      * fails.
      */
-    private void replace( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+    private void replace( Long id, Attributes entry, Attribute mods ) throws NamingException
     {
         String modsOid = oidRegistry.getOid( mods.getID() );
         
@@ -1444,7 +1444,7 @@
     public void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException
     {
         NamingEnumeration attrs = null;
-        BigInteger id = getEntryId( dn.toString() );
+        Long id = getEntryId( dn.toString() );
         Attributes entry = master.get( id );
 
         switch ( modOp )
@@ -1497,7 +1497,7 @@
 
     public void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
     {
-        BigInteger id = getEntryId( dn.toString() );
+        Long id = getEntryId( dn.toString() );
         Attributes entry = master.get( id );
 
         for ( int ii = 0; ii < mods.length; ii++ )
@@ -1546,11 +1546,11 @@
      * @throws NamingException if there are any errors propagating the name
      *        changes.
      */
-    public void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
+    public void rename( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
     {
         String newRdnAttr = NamespaceTools.getRdnAttribute( newRdn );
         String newRdnValue = NamespaceTools.getRdnValue( newRdn );
-        BigInteger id = getEntryId( dn.toString() );
+        Long id = getEntryId( dn.toString() );
         Attributes entry = lookup( id );
         LdapDN updn = new LdapDN( getEntryUpdn( id ) );
 
@@ -1671,7 +1671,7 @@
      * which affects alias indices.
      * @throws NamingException if something goes wrong
      */
-    private void modifyDn( BigInteger id, LdapDN updn, boolean isMove ) throws NamingException
+    private void modifyDn( Long id, LdapDN updn, boolean isMove ) throws NamingException
     {
         String aliasTarget = null;
 
@@ -1710,7 +1710,7 @@
         {
             // Get the child and its id
             IndexRecord rec = ( IndexRecord ) children.next();
-            BigInteger childId = rec.getEntryId();
+            Long childId = (Long)rec.getEntryId();
 
             /* 
              * Calculate the Dn for the child's new name by copying the parents
@@ -1729,8 +1729,8 @@
 
     public void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn ) throws NamingException
     {
-        BigInteger childId = getEntryId( oldChildDn.toString() );
-        modifyRn( oldChildDn, newRdn, deleteOldRdn );
+        Long childId = getEntryId( oldChildDn.toString() );
+        rename( oldChildDn, newRdn, deleteOldRdn );
         move( oldChildDn, childId, newParentDn );
         
         if ( isSyncOnWrite )
@@ -1742,7 +1742,7 @@
 
     public void move( LdapDN oldChildDn, LdapDN newParentDn ) throws NamingException
     {
-        BigInteger childId = getEntryId( oldChildDn.toString() );
+        Long childId = getEntryId( oldChildDn.toString() );
         move( oldChildDn, childId, newParentDn );
         
         if ( isSyncOnWrite )
@@ -1765,11 +1765,11 @@
      * @param newParentDn the normalized dn of the new parent for the child
      * @throws NamingException if something goes wrong
      */
-    private void move( LdapDN oldChildDn, BigInteger childId, LdapDN newParentDn ) throws NamingException
+    private void move( LdapDN oldChildDn, Long childId, LdapDN newParentDn ) throws NamingException
     {
         // Get the child and the new parent to be entries and Ids
-        BigInteger newParentId = getEntryId( newParentDn.toString() );
-        BigInteger oldParentId = getParentId( childId );
+        Long newParentId = getEntryId( newParentDn.toString() );
+        Long oldParentId = getParentId( childId );
 
         /*
          * All aliases including and below oldChildDn, will be affected by
@@ -1818,7 +1818,7 @@
         {
             public boolean assertCandidate( IndexRecord rec ) throws NamingException
             {
-                String dn = getEntryDn( rec.getEntryId() );
+                String dn = getEntryDn( (Long)rec.getEntryId() );
                 if ( dn.endsWith( movedBase.toString() ) )
                 {
                     return true;
@@ -1828,7 +1828,7 @@
             }
         };
 
-        BigInteger movedBaseId = getEntryId( movedBase.toString() );
+        Long movedBaseId = getEntryId( movedBase.toString() );
         if ( aliasIdx.reverseLookup( movedBaseId ) != null )
         {
             dropAliasIndices( movedBaseId, movedBase );
@@ -1839,7 +1839,7 @@
         while ( aliases.hasMore() )
         {
             IndexRecord entry = ( IndexRecord ) aliases.next();
-            dropAliasIndices( entry.getEntryId(), movedBase );
+            dropAliasIndices( (Long)entry.getEntryId(), movedBase );
         }
     }
 
@@ -1852,10 +1852,10 @@
      * @param movedBase the base where the move occured
      * @throws NamingException if indices fail
      */
-    private void dropAliasIndices( BigInteger aliasId, LdapDN movedBase ) throws NamingException
+    private void dropAliasIndices( Long aliasId, LdapDN movedBase ) throws NamingException
     {
         String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
-        BigInteger targetId = getEntryId( targetDn );
+        Long targetId = getEntryId( targetDn );
         String aliasDn = getEntryDn( aliasId );
 
         /*
@@ -1863,7 +1863,7 @@
          * moved base.  This is the first ancestor effected by the move.
          */
         LdapDN ancestorDn = ( LdapDN ) movedBase.getPrefix( 1 );
-        BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+        Long ancestorId = getEntryId( ancestorDn.toString() );
 
         /*
          * We cannot just drop all tuples in the one level and subtree indices

Modified: directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java Wed May 23 17:26:40 2007
@@ -35,6 +35,7 @@
 
 import jdbm.RecordManager;
 import jdbm.btree.BTree;
+import jdbm.helper.Serializer;
 import jdbm.helper.TupleBrowser;
 
 import org.apache.commons.collections.iterators.ArrayIterator;
@@ -101,9 +102,14 @@
      * @throws NamingException if the table's file cannot be created
      */
     public JdbmTable( String name, boolean allowsDuplicates, int numDupLimit, 
-        RecordManager manager, TupleComparator comparator )
+        RecordManager manager, TupleComparator comparator, Serializer keySerializer, 
+        Serializer valueSerializer )
         throws NamingException
     {
+        /*System.out.println( "Creating BTree for " + name + ", key serializer = " + 
+            (keySerializer == null ? "null" : keySerializer.getClass().getName()) +
+            ", valueSerializer = " + 
+            (valueSerializer == null ? "null" : valueSerializer.getClass().getName()) );*/
         this.numDupLimit = numDupLimit;
         this.name = name;
         this.recMan = manager;
@@ -138,7 +144,7 @@
             }
             else
             {
-                bt = BTree.createInstance( recMan, comparator.getKeyComparator() );
+                bt = BTree.createInstance( recMan, comparator.getKeyComparator(), keySerializer, valueSerializer );
                 recId = bt.getRecid();
                 recMan.setNamedObject( name, recId );
                 recId = recMan.insert( new Integer( 0 ) );
@@ -163,9 +169,10 @@
      * @param keyComparator a tuple comparator
      * @throws NamingException if the table's file cannot be created
      */
-    public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator ) throws NamingException
+    public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator, Serializer keySerializer, Serializer valueSerializer ) 
+        throws NamingException
     {
-        this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ) );
+        this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ), keySerializer, valueSerializer );
     }
 
 

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.apache.directory.server</groupId>
     <artifactId>build</artifactId>
-    <version>1.5.0-SNAPSHOT</version>
+    <version>1.5.1-SNAPSHOT</version>
   </parent>
   <artifactId>apacheds-kerberos-shared</artifactId>
   <name>ApacheDS Protocol Kerberos Shared</name>
@@ -13,10 +13,6 @@
   </description>
   <packaging>jar</packaging>  
   <dependencies>
-    <dependency>
-      <groupId>bouncycastle</groupId>
-      <artifactId>lcrypto-jdk14</artifactId>
-    </dependency>
     <dependency>
       <groupId>org.apache.mina</groupId>
       <artifactId>mina-core</artifactId>

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java Wed May 23 17:26:40 2007
@@ -21,50 +21,38 @@
 
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 
 
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public abstract class ChecksumEngine
+public interface ChecksumEngine
 {
-    public abstract Digest getDigest();
-
-
-    public abstract ChecksumType checksumType();
-
-
-    public abstract CipherType keyType();
-
-
-    public abstract int checksumSize();
-
-
-    public abstract int keySize();
-
-
-    public abstract int confounderSize();
-
-
-    public abstract boolean isSafe();
-
-
-    public abstract byte[] calculateKeyedChecksum( byte[] data, byte[] key );
-
-
-    public abstract boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum );
-
-
-    public byte[] calculateChecksum( byte[] data )
-    {
-        Digest digester = getDigest();
-
-        digester.reset();
-        digester.update( data, 0, data.length );
-        byte[] returnValue = new byte[digester.getDigestSize()];
-        digester.doFinal( returnValue, 0 );
-        return returnValue;
-    }
+    /**
+     * Returns the checksum type of this checksum engine.
+     *
+     * @return The checksum type.
+     */
+    public ChecksumType checksumType();
+
+
+    /**
+     * Returns the key type of this checksum engine.
+     *
+     * @return The key type.
+     */
+    public CipherType keyType();
+
+
+    /**
+     * Calculate a checksum given raw bytes and an (optional) key.
+     *
+     * @param data
+     * @param key
+     * @param usage 
+     * @return The checksum value.
+     */
+    public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage );
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java Wed May 23 17:26:40 2007
@@ -26,56 +26,143 @@
 
 
 /**
+ * A type-safe enumeration of Kerberos checksum types.
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public final class ChecksumType implements Comparable
 {
     /**
-     * Enumeration elements are constructed once upon class loading.
-     * Order of appearance here determines the order of compareTo.
+     * The "unknown" checksum type.
      */
     public static final ChecksumType UNKNOWN = new ChecksumType( -1, "UNKNOWN" );
+
+    /**
+     * The "null" checksum type.
+     */
     public static final ChecksumType NULL = new ChecksumType( 0, "NULL" );
+
+    /**
+     * The CRC32 checksum type.
+     */
     public static final ChecksumType CRC32 = new ChecksumType( 1, "CRC32" );
+
+    /**
+     * The rsa-md4 checksum type.
+     */
     public static final ChecksumType RSA_MD4 = new ChecksumType( 2, "rsa-md4" );
+
+    /**
+     * The rsa-md4-des checksum type.
+     */
     public static final ChecksumType RSA_MD4_DES = new ChecksumType( 3, "rsa-md4-des" );
+
+    /**
+     * The des-mac checksum type.
+     */
     public static final ChecksumType DES_MAC = new ChecksumType( 4, "des-mac" );
+
+    /**
+     * The des-mac-k checksum type.
+     */
     public static final ChecksumType DES_MAC_K = new ChecksumType( 5, "des-mac-k" );
+
+    /**
+     * The rsa-md4-des-k checksum type.
+     */
     public static final ChecksumType RSA_MD4_DES_K = new ChecksumType( 6, "rsa-md4-des-k" );
+
+    /**
+     * The rsa-md5 checksum type.
+     */
     public static final ChecksumType RSA_MD5 = new ChecksumType( 7, "rsa-md5" );
+
+    /**
+     * The rsa-md5-des checksum type.
+     */
     public static final ChecksumType RSA_MD5_DES = new ChecksumType( 8, "rsa-md5-des" );
+
+    /**
+     * The rsa-md5-des3 checksum type.
+     */
     public static final ChecksumType RSA_MD5_DES3 = new ChecksumType( 9, "rsa-md5-des3" );
+
+    /**
+     * The sha1 (unkeyed) checksum type.
+     */
     public static final ChecksumType SHA1 = new ChecksumType( 10, "sha1 (unkeyed)" );
+
+    /**
+     * The hmac-sha1-des3-kd checksum type.
+     */
     public static final ChecksumType HMAC_SHA1_DES3_KD = new ChecksumType( 12, "hmac-sha1-des3-kd" );
+
+    /**
+     * The hmac-sha1-des3 checksum type.
+     */
     public static final ChecksumType HMAC_SHA1_DES3 = new ChecksumType( 13, "hmac-sha1-des3" );
+
+    /**
+     * The sha1 (unkeyed) checksum type.
+     */
     public static final ChecksumType SHA1_2 = new ChecksumType( 14, "sha1 (unkeyed)" );
+
+    /**
+     * The hmac-sha1-96-aes128 checksum type.
+     */
     public static final ChecksumType HMAC_SHA1_96_AES128 = new ChecksumType( 15, "hmac-sha1-96-aes128" );
+
+    /**
+     * The hmac-sha1-96-aes256 checksum type.
+     */
     public static final ChecksumType HMAC_SHA1_96_AES256 = new ChecksumType( 16, "hmac-sha1-96-aes256" );
 
     /**
-     * These two lines are all that's necessary to export a List of VALUES.
+     * The hmac-md5 checksum type.
+     */
+    public static final ChecksumType HMAC_MD5 = new ChecksumType( -138, "hmac-md5" );
+
+    /**
+     * Array for building a List of VALUES.
      */
     private static final ChecksumType[] values =
         { UNKNOWN, NULL, CRC32, RSA_MD4, RSA_MD4_DES, DES_MAC, DES_MAC_K, RSA_MD4_DES_K, RSA_MD5, RSA_MD5_DES,
-            RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256 };
-    // VALUES needs to be located here, otherwise illegal forward reference
+            RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256,
+            HMAC_MD5 };
+
+    /**
+     * A List of all the checksum type constants.
+     */
     public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
 
+    /**
+     * The name of the checksum type.
+     */
     private final String name;
+
+    /**
+     * The value/code for the checksum type.
+     */
     private final int ordinal;
 
 
     /**
      * Private constructor prevents construction outside of this class.
      */
-    private ChecksumType(int ordinal, String name)
+    private ChecksumType( int ordinal, String name )
     {
         this.ordinal = ordinal;
         this.name = name;
     }
 
 
+    /**
+     * Returns the checksum type when specified by its ordinal.
+     *
+     * @param type
+     * @return The checksum type.
+     */
     public static ChecksumType getTypeByOrdinal( int type )
     {
         for ( int ii = 0; ii < values.length; ii++ )
@@ -90,6 +177,11 @@
     }
 
 
+    /**
+     * Returns the number associated with this checksum type.
+     *
+     * @return The checksum type ordinal.
+     */
     public int getOrdinal()
     {
         return ordinal;

Copied: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java (from r540837, directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java?view=diff&rev=541123&p1=directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java&r1=540837&p2=directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java&r2=541123
==============================================================================
    (empty)

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java Wed May 23 17:26:40 2007
@@ -20,23 +20,19 @@
 package org.apache.directory.server.kerberos.shared.crypto.checksum;
 
 
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 
 
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class RsaMd5Checksum extends ChecksumEngine
+class RsaMd5Checksum implements ChecksumEngine
 {
-    public Digest getDigest()
-    {
-        return new MD5Digest();
-    }
-
-
     public ChecksumType checksumType()
     {
         return ChecksumType.RSA_MD5;
@@ -49,38 +45,16 @@
     }
 
 
-    public int checksumSize()
-    {
-        return 16;
-    }
-
-
-    public int keySize()
-    {
-        return 0;
-    }
-
-
-    public int confounderSize()
-    {
-        return 0;
-    }
-
-
-    public boolean isSafe()
-    {
-        return false;
-    }
-
-
-    public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
-    {
-        return null;
-    }
-
-
-    public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
+    public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
     {
-        return false;
+        try
+        {
+            MessageDigest digester = MessageDigest.getInstance( "MD5" );
+            return digester.digest( data );
+        }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            return null;
+        }
     }
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java Wed May 23 17:26:40 2007
@@ -26,26 +26,47 @@
 
 
 /**
+ * A type-safe enumeration of Kerberos cipher types.
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public final class CipherType implements Comparable
 {
     /**
-     * Enumeration elements are constructed once upon class loading.
-     * Order of appearance here determines the order of compareTo.
+     * The null cipher type.
      */
     public static final CipherType NULL = new CipherType( "NULL" );
+
+    /**
+     * The DES cipher type.
+     */
     public static final CipherType DES = new CipherType( "DES" );
-    public static final CipherType DES3 = new CipherType( "DES3" );
-    public static final CipherType AES128 = new CipherType( "AES128" );
 
     /**
-     * These two lines are all that's necessary to export a List of VALUES.
+     * The Triple-DES cipher type.
+     */
+    public static final CipherType DES3 = new CipherType( "DESede" );
+
+    /**
+     * The AES (both 128 and 256) cipher type.
+     */
+    public static final CipherType AES = new CipherType( "AES" );
+
+    /**
+     * The ARCFOUR cipher type.
+     */
+    public static final CipherType ARCFOUR = new CipherType( "ARCFOUR" );
+
+    /**
+     * Array for building a List of VALUES.
      */
     private static final CipherType[] values =
-        { NULL, DES, DES3, AES128 };
-    // VALUES needs to be located here, otherwise illegal forward reference
+        { NULL, DES, DES3, AES, ARCFOUR };
+
+    /**
+     * A List of all the cipher type constants.
+     */
     public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
 
     private final String name;
@@ -56,12 +77,18 @@
     /**
      * Private constructor prevents construction outside of this class.
      */
-    private CipherType(String name)
+    private CipherType( String name )
     {
         this.name = name;
     }
 
 
+    /**
+     * Returns the cipher type when specified by its ordinal.
+     *
+     * @param type
+     * @return The cipher type.
+     */
     public CipherType getTypeByOrdinal( int type )
     {
         for ( int ii = 0; ii < values.length; ii++ )

Copied: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java (from r540837, directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java?view=diff&rev=541123&p1=directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java&r1=540837&p2=directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java&r2=541123
==============================================================================
    (empty)

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java Wed May 23 17:26:40 2007
@@ -20,49 +20,153 @@
 package org.apache.directory.server.kerberos.shared.crypto.encryption;
 
 
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 
 
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class DesCbcMd5Encryption extends DesCbcEncryption
+class DesCbcMd5Encryption extends EncryptionEngine
 {
-    public ChecksumEngine getChecksumEngine()
+    private static final byte[] iv = new byte[]
+        { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+            ( byte ) 0x00 };
+
+
+    public EncryptionType getEncryptionType()
     {
-        return new RsaMd5Checksum();
+        return EncryptionType.DES_CBC_MD5;
     }
 
 
-    public EncryptionType encryptionType()
+    public int getConfounderLength()
     {
-        return EncryptionType.DES_CBC_MD5;
+        return 8;
     }
 
 
-    public ChecksumType checksumType()
+    public int getChecksumLength()
     {
-        return ChecksumType.RSA_MD5;
+        return 16;
     }
 
 
-    public int confounderSize()
+    public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
     {
-        return 8;
+        try
+        {
+            MessageDigest digester = MessageDigest.getInstance( "MD5" );
+            return digester.digest( data );
+        }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            return null;
+        }
     }
 
 
-    public int checksumSize()
+    public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
     {
-        return 16;
+        // decrypt the data
+        byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+
+        // extract the old checksum
+        byte[] oldChecksum = new byte[getChecksumLength()];
+        System.arraycopy( decryptedData, getConfounderLength(), oldChecksum, 0, oldChecksum.length );
+
+        // zero out the old checksum in the cipher text
+        for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+        {
+            decryptedData[i] = 0;
+        }
+
+        // calculate a new checksum
+        byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+        // compare checksums
+        if ( !Arrays.equals( oldChecksum, newChecksum ) )
+        {
+            throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+        }
+
+        // remove leading confounder and checksum
+        return removeLeadingBytes( decryptedData, getConfounderLength(), getChecksumLength() );
+    }
+
+
+    public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+    {
+        // build the ciphertext structure
+        byte[] conFounder = getRandomBytes( getConfounderLength() );
+        byte[] zeroedChecksum = new byte[getChecksumLength()];
+        byte[] paddedPlainText = padString( plainText );
+        byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
+        byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+        byte[] paddedDataBytes = padString( dataBytes );
+
+        // lay the checksum into the ciphertext
+        for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+        {
+            paddedDataBytes[i] = checksumBytes[i - getConfounderLength()];
+        }
+
+        byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
+
+        return new EncryptedData( getEncryptionType(), key.getKeyVersion(), encryptedData );
+    }
+
+
+    public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+    {
+        return processCipher( true, plainText, keyBytes );
+    }
+
+
+    public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+    {
+        return processCipher( false, cipherText, keyBytes );
     }
 
 
-    public int minimumPadSize()
+    private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
     {
-        return 0;
+        try
+        {
+            Cipher cipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+            SecretKey key = new SecretKeySpec( keyBytes, "DES" );
+
+            AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+            if ( isEncrypt )
+            {
+                cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+            }
+            else
+            {
+                cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+            }
+
+            return cipher.doFinal( data );
+        }
+        catch ( GeneralSecurityException nsae )
+        {
+            nsae.printStackTrace();
+            return null;
+        }
     }
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java Wed May 23 17:26:40 2007
@@ -22,14 +22,9 @@
 
 import java.security.SecureRandom;
 
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
 
 
 /**
@@ -41,78 +36,64 @@
     private static final SecureRandom random = new SecureRandom();
 
 
-    public abstract ChecksumEngine getChecksumEngine();
+    protected abstract byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage )
+        throws KerberosException;
 
 
-    public abstract BlockCipher getBlockCipher();
+    protected abstract EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage );
 
 
-    public abstract EncryptionType encryptionType();
+    protected abstract EncryptionType getEncryptionType();
 
 
-    public abstract ChecksumType checksumType();
+    protected abstract int getConfounderLength();
 
 
-    public abstract CipherType keyType();
+    protected abstract int getChecksumLength();
 
 
-    public abstract int confounderSize();
+    protected abstract byte[] encrypt( byte[] plainText, byte[] key );
 
 
-    public abstract int checksumSize();
+    protected abstract byte[] decrypt( byte[] cipherText, byte[] key );
 
 
-    public abstract int blockSize();
+    protected abstract byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage );
 
 
-    public abstract int minimumPadSize();
-
-
-    public abstract int keySize();
-
-
-    public byte[] getDecryptedData( EncryptionKey key, EncryptedData data )
+    protected byte[] deriveRandom( byte[] key, byte[] usage, int n, int k )
     {
-        byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+        byte[] nFoldedUsage = NFold.nFold( n, usage );
 
-        return removeBytes( decryptedData, confounderSize(), checksumSize() );
-    }
+        int kBytes = k / 8;
+        byte[] result = new byte[kBytes];
 
+        byte[] fillingKey = encrypt( nFoldedUsage, key );
 
-    public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText )
-    {
-        byte[] conFounder = getRandomBytes( confounderSize() );
-        byte[] zeroedChecksum = new byte[checksumSize()];
-        byte[] paddedPlainText = padString( plainText );
-        byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
-        byte[] checksumBytes = calculateChecksum( dataBytes );
-        byte[] paddedDataBytes = padString( dataBytes );
+        int pos = 0;
 
-        // lay the checksum into the ciphertext
-        for ( int i = confounderSize(); i < confounderSize() + checksumSize(); i++ )
+        for ( int i = 0; i < kBytes; i++ )
         {
-            paddedDataBytes[i] = checksumBytes[i - confounderSize()];
+            if ( pos < fillingKey.length )
+            {
+                result[i] = fillingKey[pos];
+                pos++;
+            }
+            else
+            {
+                fillingKey = encrypt( fillingKey, key );
+                pos = 0;
+                result[i] = fillingKey[pos];
+                pos++;
+            }
         }
 
-        byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
-
-        return new EncryptedData( encryptionType(), key.getKeyVersion(), encryptedData );
-    }
-
-
-    private byte[] encrypt( byte[] data, byte[] key )
-    {
-        return processBlockCipher( true, data, key, null );
-    }
-
-
-    private byte[] decrypt( byte[] data, byte[] key )
-    {
-        return processBlockCipher( false, data, key, null );
+        return result;
     }
 
 
-    private byte[] getRandomBytes( int size )
+    // Encryption
+    protected byte[] getRandomBytes( int size )
     {
         byte[] bytes = new byte[size];
 
@@ -123,7 +104,8 @@
     }
 
 
-    private byte[] padString( byte encodedString[] )
+    // Encryption
+    protected byte[] padString( byte encodedString[] )
     {
         int x;
         if ( encodedString.length < 8 )
@@ -153,7 +135,8 @@
     }
 
 
-    private byte[] concatenateBytes( byte[] array1, byte[] array2 )
+    // Encryption
+    protected byte[] concatenateBytes( byte[] array1, byte[] array2 )
     {
         byte concatenatedBytes[] = new byte[array1.length + array2.length];
 
@@ -171,20 +154,28 @@
     }
 
 
-    private byte[] calculateChecksum( byte[] data )
+    // Decryption
+    protected byte[] removeLeadingBytes( byte[] array, int confounder, int checksum )
     {
-        ChecksumEngine digester = getChecksumEngine();
+        byte lessBytes[] = new byte[array.length - confounder - checksum];
 
-        return digester.calculateChecksum( data );
+        int j = 0;
+        for ( int i = confounder + checksum; i < array.length; i++ )
+        {
+            lessBytes[j] = array[i];
+            j++;
+        }
+
+        return lessBytes;
     }
 
 
-    private byte[] removeBytes( byte[] array, int confounder, int checksum )
+    protected byte[] removeTrailingBytes( byte[] array, int confounder, int checksum )
     {
         byte lessBytes[] = new byte[array.length - confounder - checksum];
 
         int j = 0;
-        for ( int i = confounder + checksum; i < array.length; i++ )
+        for ( int i = 0; i < array.length - confounder - checksum; i++ )
         {
             lessBytes[j] = array[i];
             j++;
@@ -194,39 +185,76 @@
     }
 
 
-    private byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+    protected int getBit( byte[] data, int pos )
     {
-        byte[] returnData = new byte[data.length];
-        CBCBlockCipher cbcCipher = new CBCBlockCipher( getBlockCipher() );
-        KeyParameter keyParameter = new KeyParameter( key );
+        int posByte = pos / 8;
+        int posBit = pos % 8;
 
-        if ( ivec != null )
-        {
-            ParametersWithIV kpWithIV = new ParametersWithIV( keyParameter, ivec );
-            cbcCipher.init( encrypt, kpWithIV );
-        }
-        else
-        {
-            cbcCipher.init( encrypt, keyParameter );
-        }
+        byte valByte = data[posByte];
+        int valInt = valByte >> ( 8 - ( posBit + 1 ) ) & 0x0001;
+        return valInt;
+    }
 
-        int offset = 0;
-        int processedBytesLength = 0;
 
-        while ( offset < returnData.length )
-        {
-            try
-            {
-                processedBytesLength = cbcCipher.processBlock( data, offset, returnData, offset );
-                offset += processedBytesLength;
-            }
-            catch ( Exception e )
-            {
-                e.printStackTrace();
-                break;
-            }
-        }
+    protected void setBit( byte[] data, int pos, int val )
+    {
+        int posByte = pos / 8;
+        int posBit = pos % 8;
+        byte oldByte = data[posByte];
+        oldByte = ( byte ) ( ( ( 0xFF7F >> posBit ) & oldByte ) & 0x00FF );
+        byte newByte = ( byte ) ( ( val << ( 8 - ( posBit + 1 ) ) ) | oldByte );
+        data[posByte] = newByte;
+    }
+
 
-        return returnData;
+    /**
+     * The "well-known constant" used for the DK function is the key
+     * usage number, expressed as four octets in big-endian order,
+     * followed by one octet indicated below.
+     * 
+     *  Kc = DK(base-key, usage | 0x99);
+     */
+    protected byte[] getUsageKc( KeyUsage usage )
+    {
+        return getUsage( usage.getOrdinal(), ( byte ) 0x99 );
+    }
+
+
+    /**
+     * The "well-known constant" used for the DK function is the key
+     * usage number, expressed as four octets in big-endian order,
+     * followed by one octet indicated below.
+     * 
+     *  Ke = DK(base-key, usage | 0xAA);
+     */
+    protected byte[] getUsageKe( KeyUsage usage )
+    {
+        return getUsage( usage.getOrdinal(), ( byte ) 0xAA );
+    }
+
+
+    /**
+     * The "well-known constant" used for the DK function is the key
+     * usage number, expressed as four octets in big-endian order,
+     * followed by one octet indicated below.
+     * 
+     *  Ki = DK(base-key, usage | 0x55);
+     */
+    protected byte[] getUsageKi( KeyUsage usage )
+    {
+        return getUsage( usage.getOrdinal(), ( byte ) 0x55 );
+    }
+
+
+    private byte[] getUsage( int usage, byte constant )
+    {
+        byte[] bytes = new byte[5];
+        bytes[0] = ( byte ) ( ( usage >>> 24 ) & 0x000000FF );
+        bytes[1] = ( byte ) ( ( usage >> 16 ) & 0x000000FF );
+        bytes[2] = ( byte ) ( ( usage >> 8 ) & 0x000000FF );
+        bytes[3] = ( byte ) ( usage & 0x00FF );
+        bytes[4] = constant;
+
+        return bytes;
     }
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java Wed May 23 17:26:40 2007
@@ -26,45 +26,142 @@
 
 
 /**
+ * A type-safe enumeration of Kerberos encryption types.
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public final class EncryptionType implements Comparable
 {
     /**
-     * Enumeration elements are constructed once upon class loading.
-     * Order of appearance here determines the order of compareTo.
+     * The "unknown" encryption type.
      */
     public static final EncryptionType UNKNOWN = new EncryptionType( -1, "UNKNOWN" );
+
+    /**
+     * The "null" encryption type.
+     */
     public static final EncryptionType NULL = new EncryptionType( 0, "NULL" );
+
+    /**
+     * The des-cbc-crc encryption type.
+     */
     public static final EncryptionType DES_CBC_CRC = new EncryptionType( 1, "des-cbc-crc" );
+
+    /**
+     * The des-cbc-md4 encryption type.
+     */
     public static final EncryptionType DES_CBC_MD4 = new EncryptionType( 2, "des-cbc-md4" );
+
+    /**
+     * The des-cbc-md5 encryption type.
+     */
     public static final EncryptionType DES_CBC_MD5 = new EncryptionType( 3, "des-cbc-md5" );
+
+    /**
+     * The reserved (4) encryption type.
+     */
     public static final EncryptionType RESERVED4 = new EncryptionType( 4, "[reserved]" );
+
+    /**
+     * The des3-cbc-md5 encryption type.
+     */
     public static final EncryptionType DES3_CBC_MD5 = new EncryptionType( 5, "des3-cbc-md5" );
+
+    /**
+     * The reserved (6) encryption type.
+     */
     public static final EncryptionType RESERVED6 = new EncryptionType( 6, "[reserved]" );
+
+    /**
+     * The des3-cbc-sha1 encryption type.
+     */
     public static final EncryptionType DES3_CBC_SHA1 = new EncryptionType( 7, "des3-cbc-sha1" );
+
+    /**
+     * The dsaWithSHA1-CmsOID encryption type.
+     */
     public static final EncryptionType DSAWITHSHA1_CMSOID = new EncryptionType( 9, "dsaWithSHA1-CmsOID" );
+
+    /**
+     * The md5WithRSAEncryption-CmsOID encryption type.
+     */
     public static final EncryptionType MD5WITHRSAENCRYPTION_CMSOID = new EncryptionType( 10,
         "md5WithRSAEncryption-CmsOID" );
+
+    /**
+     * The sha1WithRSAEncryption-CmsOID encryption type.
+     */
     public static final EncryptionType SHA1WITHRSAENCRYPTION_CMSOID = new EncryptionType( 11,
         "sha1WithRSAEncryption-CmsOID" );
+
+    /**
+     * The rc2CBC-EnvOID encryption type.
+     */
     public static final EncryptionType RC2CBC_ENVOID = new EncryptionType( 12, "rc2CBC-EnvOID" );
+
+    /**
+     * The rsaEncryption-EnvOID encryption type.
+     */
     public static final EncryptionType RSAENCRYPTION_ENVOID = new EncryptionType( 13, "rsaEncryption-EnvOID" );
+
+    /**
+     * The rsaES-OAEP-ENV-OID encryption type.
+     */
     public static final EncryptionType RSAES_OAEP_ENV_OID = new EncryptionType( 14, "rsaES-OAEP-ENV-OID" );
+
+    /**
+     * The des-ede3-cbc-Env-OID encryption type.
+     */
     public static final EncryptionType DES_EDE3_CBC_ENV_OID = new EncryptionType( 15, "des-ede3-cbc-Env-OID" );
+
+    /**
+     * The des3-cbc-sha1-kd encryption type.
+     */
     public static final EncryptionType DES3_CBC_SHA1_KD = new EncryptionType( 16, "des3-cbc-sha1-kd" );
+
+    /**
+     * The aes128-cts-hmac-sha1-96 encryption type.
+     */
     public static final EncryptionType AES128_CTS_HMAC_SHA1_96 = new EncryptionType( 17, "aes128-cts-hmac-sha1-96" );
+
+    /**
+     * The aes256-cts-hmac-sha1-96 encryption type.
+     */
     public static final EncryptionType AES256_CTS_HMAC_SHA1_96 = new EncryptionType( 18, "aes256-cts-hmac-sha1-96" );
+
+    /**
+     * The rc4-hmac encryption type.
+     */
     public static final EncryptionType RC4_HMAC = new EncryptionType( 23, "rc4-hmac" );
+
+    /**
+     * The rc4-hmac-exp encryption type.
+     */
     public static final EncryptionType RC4_HMAC_EXP = new EncryptionType( 24, "rc4-hmac-exp" );
+
+    /**
+     * The subkey-keymaterial encryption type.
+     */
     public static final EncryptionType SUBKEY_KEYMATERIAL = new EncryptionType( 65, "subkey-keymaterial" );
+
+    /**
+     * The rc4-md4 encryption type.
+     */
     public static final EncryptionType RC4_MD4 = new EncryptionType( -128, "rc4-md4" );
+
+    /**
+     * The c4-hmac-old encryption type.
+     */
     public static final EncryptionType RC4_HMAC_OLD = new EncryptionType( -133, "rc4-hmac-old" );
+
+    /**
+     * The rc4-hmac-old-exp encryption type.
+     */
     public static final EncryptionType RC4_HMAC_OLD_EXP = new EncryptionType( -135, "rc4-hmac-old-exp" );
 
     /**
-     * These two lines are all that's necessary to export a List of VALUES.
+     * Array for building a List of VALUES.
      */
     private static final EncryptionType[] values =
         { UNKNOWN, NULL, DES_CBC_CRC, DES_CBC_MD4, DES_CBC_MD5, RESERVED4, DES3_CBC_MD5, RESERVED6, DES3_CBC_SHA1,
@@ -73,22 +170,38 @@
             AES256_CTS_HMAC_SHA1_96, RC4_HMAC, RC4_HMAC_EXP, SUBKEY_KEYMATERIAL, RC4_MD4, RC4_HMAC_OLD,
             RC4_HMAC_OLD_EXP };
 
+    /**
+     * A List of all the encryption type constants.
+     */
     public static final List<EncryptionType> VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
 
+    /**
+     * The name of the encryption type.
+     */
     private final String name;
+
+    /**
+     * The value/code for the encryption type.
+     */
     private final int ordinal;
 
 
     /**
      * Private constructor prevents construction outside of this class.
      */
-    private EncryptionType(int ordinal, String name)
+    private EncryptionType( int ordinal, String name )
     {
         this.ordinal = ordinal;
         this.name = name;
     }
 
 
+    /**
+     * Returns the encryption type when specified by its ordinal.
+     *
+     * @param type
+     * @return The encryption type.
+     */
     public static EncryptionType getTypeByOrdinal( int type )
     {
         for ( int ii = 0; ii < values.length; ii++ )
@@ -103,9 +216,25 @@
     }
 
 
+    /**
+     * Returns the number associated with this encryption type.
+     *
+     * @return The encryption type number.
+     */
     public int getOrdinal()
     {
         return ordinal;
+    }
+
+
+    /**
+     * Returns the name associated with this encryption type.
+     *
+     * @return The name.
+     */
+    public String getName()
+    {
+        return name;
     }
 
 

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java Wed May 23 17:26:40 2007
@@ -20,85 +20,67 @@
 package org.apache.directory.server.kerberos.shared.crypto.encryption;
 
 
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.bouncycastle.crypto.BlockCipher;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 
 
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class NullEncryption extends EncryptionEngine
+class NullEncryption extends EncryptionEngine
 {
-    public BlockCipher getBlockCipher()
-    {
-        return null;
-    }
-
-
-    public ChecksumEngine getChecksumEngine()
-    {
-        return null;
-    }
-
-
-    public EncryptionType encryptionType()
+    public EncryptionType getEncryptionType()
     {
         return EncryptionType.NULL;
     }
 
 
-    public CipherType keyType()
+    public int getChecksumLength()
     {
-        return CipherType.NULL;
+        return 0;
     }
 
 
-    public ChecksumType checksumType()
+    public int getConfounderLength()
     {
-        return ChecksumType.NULL;
+        return 0;
     }
 
 
-    public int blockSize()
+    public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
     {
-        return 1;
+        return data.getCipherText();
     }
 
 
-    public int keySize()
+    public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
     {
-        return 0;
+        return new EncryptedData( getEncryptionType(), key.getKeyVersion(), plainText );
     }
 
 
-    public int checksumSize()
+    public byte[] encrypt( byte[] plainText, byte[] keyBytes )
     {
-        return 0;
+        return processCipher( true, plainText, keyBytes );
     }
 
 
-    public int confounderSize()
+    public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
     {
-        return 0;
+        return processCipher( false, cipherText, keyBytes );
     }
 
 
-    public int minimumPadSize()
+    public byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage )
     {
-        return 0;
+        return null;
     }
 
 
-    protected byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+    private byte[] processCipher( boolean encrypt, byte[] data, byte[] key )
     {
         return data;
-    }
-
-
-    public byte[] calculateChecksum( byte[] plainText )
-    {
-        return null;
     }
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java Wed May 23 17:26:40 2007
@@ -26,103 +26,364 @@
 
 
 /**
- * Type safe enumeration of Kerberos error types
+ * A type-safe enumeration of Kerberos error types.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public final class ErrorType implements Comparable
 {
-    /*
-     * Enumeration elements are constructed once upon class loading.
-     * Order of appearance here determines the order of compareTo.
+    /**
+     * No error.
      */
     public static final ErrorType KDC_ERR_NONE = new ErrorType( 0, "No error" );
+
+    /**
+     * Client's entry in database expired.
+     */
     public static final ErrorType KDC_ERR_NAME_EXP = new ErrorType( 1, "Client's entry in database expired" );
+
+    /**
+     * Server's entry in database has expired.
+     */
     public static final ErrorType KDC_ERR_SERVICE_EXP = new ErrorType( 2, "Server's entry in database has expired" );
+
+    /**
+     * Requested protocol version number not supported.
+     */
     public static final ErrorType KDC_ERR_BAD_PVNO = new ErrorType( 3,
         "Requested protocol version number not supported" );
+
+    /**
+     * Client's key encrypted in old master key.
+     */
     public static final ErrorType KDC_ERR_C_OLD_MAST_KVNO = new ErrorType( 4,
         "Client's key encrypted in old master key" );
+
+    /**
+     * Server's key encrypted in old master key.
+     */
     public static final ErrorType KDC_ERR_S_OLD_MAST_KVNO = new ErrorType( 5,
         "Server's key encrypted in old master key" );
+
+    /**
+     * Client not found in Kerberos database.
+     */
     public static final ErrorType KDC_ERR_C_PRINCIPAL_UNKNOWN = new ErrorType( 6,
         "Client not found in Kerberos database" );
+
+    /**
+     * Server not found in Kerberos database.
+     */
     public static final ErrorType KDC_ERR_S_PRINCIPAL_UNKNOWN = new ErrorType( 7,
         "Server not found in Kerberos database" );
+
+    /**
+     * Multiple principal entries in database.
+     */
     public static final ErrorType KDC_ERR_PRINCIPAL_NOT_UNIQUE = new ErrorType( 8,
         "Multiple principal entries in database" );
+
+    /**
+     * The client or server has a null key.
+     */
     public static final ErrorType KDC_ERR_NULL_KEY = new ErrorType( 9, "The client or server has a null key" );
+
+    /**
+     * Ticket not eligible for postdating.
+     */
     public static final ErrorType KDC_ERR_CANNOT_POSTDATE = new ErrorType( 10, "Ticket not eligible for postdating" );
+
+    /**
+     * Requested start time is later than end time.
+     */
     public static final ErrorType KDC_ERR_NEVER_VALID = new ErrorType( 11,
         "Requested start time is later than end time" );
+
+    /**
+     * KDC policy rejects request.
+     */
     public static final ErrorType KDC_ERR_POLICY = new ErrorType( 12, "KDC policy rejects request" );
+
+    /**
+     * KDC cannot accommodate requested option.
+     */
     public static final ErrorType KDC_ERR_BADOPTION = new ErrorType( 13, "KDC cannot accommodate requested option" );
+
+    /**
+     * KDC has no support for encryption type.
+     */
     public static final ErrorType KDC_ERR_ETYPE_NOSUPP = new ErrorType( 14, "KDC has no support for encryption type" );
+
+    /**
+     * KDC has no support for checksum type.
+     */
     public static final ErrorType KDC_ERR_SUMTYPE_NOSUPP = new ErrorType( 15, "KDC has no support for checksum type" );
+
+    /**
+     * KDC has no support for padata type.
+     */
     public static final ErrorType KDC_ERR_PADATA_TYPE_NOSUPP = new ErrorType( 16, "KDC has no support for padata type" );
+
+    /**
+     * KDC has no support for transitedEncoding type.
+     */
     public static final ErrorType KDC_ERR_TRTYPE_NOSUPP = new ErrorType( 17,
         "KDC has no support for transitedEncoding type" );
+
+    /**
+     * Clients credentials have been revoked.
+     */
     public static final ErrorType KDC_ERR_CLIENT_REVOKED = new ErrorType( 18, "Clients credentials have been revoked" );
+
+    /**
+     * Credentials for server have been revoked.
+     */
     public static final ErrorType KDC_ERR_SERVICE_REVOKED = new ErrorType( 19,
         "Credentials for server have been revoked" );
+
+    /**
+     * TGT has been revoked.
+     */
     public static final ErrorType KDC_ERR_TGT_REVOKED = new ErrorType( 20, "TGT has been revoked" );
+
+    /**
+     * Client not yet valid - try again later.
+     */
     public static final ErrorType KDC_ERR_CLIENT_NOTYET = new ErrorType( 21, "Client not yet valid - try again later" );
+
+    /**
+     * Server not yet valid - try again later.
+     */
     public static final ErrorType KDC_ERR_SERVICE_NOTYET = new ErrorType( 22, "Server not yet valid - try again later" );
+
+    /**
+     * Password has expired - change password to reset.
+     */
     public static final ErrorType KDC_ERR_KEY_EXPIRED = new ErrorType( 23,
         "Password has expired - change password to reset" );
+
+    /**
+     * Pre-authentication information was invalid.
+     */
     public static final ErrorType KDC_ERR_PREAUTH_FAILED = new ErrorType( 24,
         "Pre-authentication information was invalid" );
+
+    /**
+     * Additional pre-authentication required.
+     */
     public static final ErrorType KDC_ERR_PREAUTH_REQUIRED = new ErrorType( 25,
         "Additional pre-authentication required" );
+
+    /**
+     * Requested server and ticket don't match.
+     */
     public static final ErrorType KDC_ERR_SERVER_NOMATCH = new ErrorType( 26, "Requested server and ticket don't match" );
+
+    /**
+     * Server valid for user2user only.
+     */
     public static final ErrorType KDC_ERR_MUST_USE_USER2USER = new ErrorType( 27, "Server valid for user2user only" );
+
+    /**
+     * KDC Policy rejects transitedEncoding path.
+     */
     public static final ErrorType KDC_ERR_PATH_NOT_ACCEPTED = new ErrorType( 28,
         "KDC Policy rejects transitedEncoding path" );
+
+    /**
+     * A service is not available.
+     */
     public static final ErrorType KDC_ERR_SVC_UNAVAILABLE = new ErrorType( 29, "A service is not available" );
+
+    /**
+     * Integrity check on decrypted field failed.
+     */
     public static final ErrorType KRB_AP_ERR_BAD_INTEGRITY = new ErrorType( 31,
         "Integrity check on decrypted field failed" );
+
+    /**
+     * Ticket expired.
+     */
     public static final ErrorType KRB_AP_ERR_TKT_EXPIRED = new ErrorType( 32, "Ticket expired" );
+
+    /**
+     * Ticket not yet valid.
+     */
     public static final ErrorType KRB_AP_ERR_TKT_NYV = new ErrorType( 33, "Ticket not yet valid" );
+
+    /**
+     * Request is a replay.
+     */
     public static final ErrorType KRB_AP_ERR_REPEAT = new ErrorType( 34, "Request is a replay" );
+
+    /**
+     * The ticket isn't for us.
+     */
     public static final ErrorType KRB_AP_ERR_NOT_US = new ErrorType( 35, "The ticket isn't for us" );
+
+    /**
+     * Ticket and authenticator don't match.
+     */
     public static final ErrorType KRB_AP_ERR_BADMATCH = new ErrorType( 36, "Ticket and authenticator don't match" );
+
+    /**
+     * Clock skew too great.
+     */
     public static final ErrorType KRB_AP_ERR_SKEW = new ErrorType( 37, "Clock skew too great" );
+
+    /**
+     * Incorrect net address.
+     */
     public static final ErrorType KRB_AP_ERR_BADADDR = new ErrorType( 38, "Incorrect net address" );
+
+    /**
+     * Protocol version mismatch.
+     */
     public static final ErrorType KRB_AP_ERR_BADVERSION = new ErrorType( 39, "Protocol version mismatch" );
+
+    /**
+     * Invalid msg type.
+     */
     public static final ErrorType KRB_AP_ERR_MSG_TYPE = new ErrorType( 40, "Invalid msg type" );
+
+    /**
+     * Message stream modified.
+     */
     public static final ErrorType KRB_AP_ERR_MODIFIED = new ErrorType( 41, "Message stream modified" );
+
+    /**
+     * Message out of order.
+     */
     public static final ErrorType KRB_AP_ERR_BADORDER = new ErrorType( 42, "Message out of order" );
+
+    /**
+     * Specified version of key is not available.
+     */
     public static final ErrorType KRB_AP_ERR_BADKEYVER = new ErrorType( 44, "Specified version of key is not available" );
+
+    /**
+     * Service key not available.
+     */
     public static final ErrorType KRB_AP_ERR_NOKEY = new ErrorType( 45, "Service key not available" );
+
+    /**
+     * Mutual authentication failed.
+     */
     public static final ErrorType KRB_AP_ERR_MUT_FAIL = new ErrorType( 46, "Mutual authentication failed" );
+
+    /**
+     * Incorrect message direction.
+     */
     public static final ErrorType KRB_AP_ERR_BADDIRECTION = new ErrorType( 47, "Incorrect message direction" );
+
+    /**
+     * Alternative authentication method required.
+     */
     public static final ErrorType KRB_AP_ERR_METHOD = new ErrorType( 48, "Alternative authentication method required" );
+
+    /**
+     * Incorrect sequence number in message.
+     */
     public static final ErrorType KRB_AP_ERR_BADSEQ = new ErrorType( 49, "Incorrect sequence number in message" );
+
+    /**
+     * Inappropriate type of checksum in message.
+     */
     public static final ErrorType KRB_AP_ERR_INAPP_CKSUM = new ErrorType( 50,
         "Inappropriate type of checksum in message" );
+
+    /**
+     * Generic error (description in e-text).
+     */
     public static final ErrorType KRB_ERR_GENERIC = new ErrorType( 60, "Generic error (description in e-text)" );
+
+    /**
+     * Field is too long for this implementation.
+     */
     public static final ErrorType KRB_ERR_FIELD_TOOLONG = new ErrorType( 61,
         "Field is too long for this implementation" );
+
+    /**
+     * Client is not trusted.
+     */
     public static final ErrorType KRB_ERR_CLIENT_NOT_TRUSTED = new ErrorType( 62, "Client is not trusted" );
+
+    /**
+     * KDC is not trusted.
+     */
     public static final ErrorType KRB_ERR_KDC_NOT_TRUSTED = new ErrorType( 63, "KDC is not trusted" );
+
+    /**
+     * Signature is invalid.
+     */
     public static final ErrorType KRB_ERR_INVALID_SIG = new ErrorType( 64, "Signature is invalid" );
+
+    /**
+     * Key too weak.
+     */
     public static final ErrorType KRB_ERR_KEY_TOO_WEAK = new ErrorType( 65, "Key too weak" );
+
+    /**
+     * Certificates do not match.
+     */
     public static final ErrorType KRB_ERR_CERTIFICATE_MISMATCH = new ErrorType( 66, "Certificates do not match" );
+
+    /**
+     * No tgt for user-to-user authentication.
+     */
     public static final ErrorType KRB_AP_ERR_NO_TGT = new ErrorType( 67, "No tgt for user-to-user authentication" );
+
+    /**
+     * Wrong realm.
+     */
     public static final ErrorType KRB_ERR_WRONG_REALM = new ErrorType( 68, "Wrong realm" );
+
+    /**
+     * User-to-user authentication required.
+     */
     public static final ErrorType KRB_AP_ERR_USER_TO_USER_REQUIRED = new ErrorType( 69,
         "User-to-user authentication required" );
+
+    /**
+     * Can't verify certificate.
+     */
     public static final ErrorType KRB_ERR_CANT_VERIFY_CERTIFICATE = new ErrorType( 70, "Can't verify certificate" );
+
+    /**
+     * Invalid certificate.
+     */
     public static final ErrorType KRB_ERR_INVALID_CERTIFICATE = new ErrorType( 71, "Invalid certificate" );
+
+    /**
+     * Revoked certificate.
+     */
     public static final ErrorType KRB_ERR_REVOKED_CERTIFICATE = new ErrorType( 72, "Revoked certificate" );
+
+    /**
+     * Revocation status unknown.
+     */
     public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNKNOWN = new ErrorType( 73, "Revocation status unknown" );
+
+    /**
+     * Revocation status unavailable.
+     */
     public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNAVAILABLE = new ErrorType( 74,
         "Revocation status unavailable" );
+
+    /**
+     * Client names do not match.
+     */
     public static final ErrorType KRB_ERR_CLIENT_NAME_MISMATCH = new ErrorType( 75, "Client names do not match" );
+
+    /**
+     * KDC names do not match.
+     */
     public static final ErrorType KRB_ERR_KDC_NAME_MISMATCH = new ErrorType( 76, "KDC names do not match" );
 
-    /** Array for building a List of VALUES. */
+    /**
+     * Array for building a List of VALUES.
+     */
     private static final ErrorType[] values =
         { KDC_ERR_NONE, KDC_ERR_NAME_EXP, KDC_ERR_SERVICE_EXP, KDC_ERR_BAD_PVNO, KDC_ERR_C_OLD_MAST_KVNO,
             KDC_ERR_S_OLD_MAST_KVNO, KDC_ERR_C_PRINCIPAL_UNKNOWN, KDC_ERR_S_PRINCIPAL_UNKNOWN,
@@ -142,20 +403,26 @@
             KRB_ERR_REVOCATION_STATUS_UNKNOWN, KRB_ERR_REVOCATION_STATUS_UNAVAILABLE, KRB_ERR_CLIENT_NAME_MISMATCH,
             KRB_ERR_KDC_NAME_MISMATCH };
 
-    /** a list of all the error type constants */
+    /**
+     * A List of all the error type constants.
+     */
     public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
 
-    /** the name of the error type */
+    /**
+     * The name of the error type.
+     */
     private final String name;
 
-    /** the value/code for the error type */
+    /**
+     * The value/code for the error type.
+     */
     private final int ordinal;
 
 
     /**
      * Private constructor prevents construction outside of this class.
      */
-    private ErrorType(int ordinal, String name)
+    private ErrorType( int ordinal, String name )
     {
         this.ordinal = ordinal;
         this.name = name;

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java Wed May 23 17:26:40 2007
@@ -41,6 +41,13 @@
  */
 public class ApplicationRequestDecoder
 {
+    /**
+     * Decodes a byte array into an {@link ApplicationRequest}.
+     *
+     * @param encodedAuthHeader
+     * @return The {@link ApplicationRequest}.
+     * @throws IOException
+     */
     public ApplicationRequest decode( byte[] encodedAuthHeader ) throws IOException
     {
         ASN1InputStream ais = new ASN1InputStream( encodedAuthHeader );

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java Wed May 23 17:26:40 2007
@@ -42,6 +42,8 @@
      *          cksumtype[0]   INTEGER,
      *          checksum[1]    OCTET STRING
      * }
+     * @param sequence 
+     * @return The {@link Checksum}.
      */
     public static Checksum decode( DERSequence sequence )
     {

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java Wed May 23 17:26:40 2007
@@ -32,5 +32,12 @@
  */
 public interface Decoder
 {
+    /**
+     * Decodes the byte array into an {@link Encodable} object.
+     *
+     * @param object
+     * @return The {@link Encodable} object.
+     * @throws IOException
+     */
     public Encodable decode( byte[] object ) throws IOException;
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java Wed May 23 17:26:40 2007
@@ -27,5 +27,10 @@
  */
 public interface DecoderFactory
 {
+    /**
+     * Returns the {@link Decoder}.
+     *
+     * @return The {@link Decoder}.
+     */
     public Decoder getDecoder();
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java Wed May 23 17:26:40 2007
@@ -40,6 +40,13 @@
  */
 public class EncryptedDataDecoder
 {
+    /**
+     * Decodes a byte array into an {@link EncryptedData}.
+     *
+     * @param encodedEncryptedData
+     * @return The {@link EncryptedData}.
+     * @throws IOException
+     */
     public static EncryptedData decode( byte[] encodedEncryptedData ) throws IOException
     {
         ASN1InputStream ais = new ASN1InputStream( encodedEncryptedData );
@@ -51,11 +58,16 @@
 
 
     /**
+     * Decodes a {@link DERSequence} into an {@link EncryptedData}.
+     * 
      * EncryptedData ::=   SEQUENCE {
      *             etype[0]     INTEGER, -- EncryptionEngine
      *             kvno[1]      INTEGER OPTIONAL,
      *             cipher[2]    OCTET STRING -- ciphertext
      * }
+     * 
+     * @param sequence 
+     * @return The {@link EncryptedData}.
      */
     public static EncryptedData decode( DERSequence sequence )
     {

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java Wed May 23 17:26:40 2007
@@ -20,10 +20,12 @@
 package org.apache.directory.server.kerberos.shared.io.decoder;
 
 
+import java.io.IOException;
 import java.util.Enumeration;
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.shared.asn1.der.ASN1InputStream;
 import org.apache.directory.shared.asn1.der.DEREncodable;
 import org.apache.directory.shared.asn1.der.DERInteger;
 import org.apache.directory.shared.asn1.der.DEROctetString;
@@ -37,6 +39,23 @@
  */
 public class EncryptionKeyDecoder
 {
+    /**
+     * Decodes a byte array into an {@link EncryptionKey}.
+     *
+     * @param encodedEncryptionKey
+     * @return The {@link EncryptionKey}.
+     * @throws IOException
+     */
+    public static EncryptionKey decode( byte[] encodedEncryptionKey ) throws IOException
+    {
+        ASN1InputStream ais = new ASN1InputStream( encodedEncryptionKey );
+
+        DERSequence sequence = ( DERSequence ) ais.readObject();
+
+        return decode( sequence );
+    }
+
+
     /**
      * EncryptionKey ::=   SEQUENCE {
      *     keytype[0]    INTEGER,

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java Wed May 23 17:26:40 2007
@@ -47,6 +47,13 @@
  */
 public class KdcRequestDecoder
 {
+    /**
+     * Decodes a {@link ByteBuffer} into a {@link KdcRequest}.
+     *
+     * @param in
+     * @return The {@link KdcRequest}.
+     * @throws IOException
+     */
     public KdcRequest decode( ByteBuffer in ) throws IOException
     {
         ASN1InputStream ais = new ASN1InputStream( in );

Modified: directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java Wed May 23 17:26:40 2007
@@ -40,6 +40,13 @@
  */
 public class PreAuthenticationDataDecoder
 {
+    /**
+     * Decodes a byte array into {@link PreAuthenticationData}.
+     *
+     * @param encodedPreAuthData
+     * @return The {@link PreAuthenticationData}.
+     * @throws IOException
+     */
     public PreAuthenticationData decode( byte[] encodedPreAuthData ) throws IOException
     {
         ASN1InputStream ais = new ASN1InputStream( encodedPreAuthData );



Mime
View raw message