directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r541561 - in /directory/apacheds/trunk/kerberos-shared/src: main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/
Date Fri, 25 May 2007 06:10:40 GMT
Author: erodriguez
Date: Thu May 24 23:10:37 2007
New Revision: 541561

URL: http://svn.apache.org/viewvc?view=rev&rev=541561
Log:
Added checks based on installed JRE to selectively skip various kerberos-shared encryption
type-related tests.

Added:
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java
  (with props)
Modified:
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java

Modified: directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
Thu May 24 23:10:37 2007
@@ -105,7 +105,9 @@
             }
             catch ( IllegalArgumentException iae )
             {
-                // Algorithm AES256 not enabled
+                // Algorithm AES256 not enabled by policy.
+                // Algorithm ArcFourHmac not supported by IBM JREs.
+                // Algorithm DESede not supported by IBM JREs.
             }
         }
 

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
Thu May 24 23:10:37 2007
@@ -62,6 +62,11 @@
      */
     public void testFirstAesVector()
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         byte[] input =
             { ( byte ) 0x49, ( byte ) 0x20, ( byte ) 0x77, ( byte ) 0x6f, ( byte ) 0x75,
( byte ) 0x6c, ( byte ) 0x64,
                 ( byte ) 0x20, ( byte ) 0x6c, ( byte ) 0x69, ( byte ) 0x6b, ( byte ) 0x65,
( byte ) 0x20,
@@ -85,6 +90,11 @@
      */
     public void testLastAesVector()
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         byte[] input =
             { ( byte ) 0x49, ( byte ) 0x20, ( byte ) 0x77, ( byte ) 0x6f, ( byte ) 0x75,
( byte ) 0x6c, ( byte ) 0x64,
                 ( byte ) 0x20, ( byte ) 0x6c, ( byte ) 0x69, ( byte ) 0x6b, ( byte ) 0x65,
( byte ) 0x20,

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
Thu May 24 23:10:37 2007
@@ -183,7 +183,8 @@
         CipherTextHandler lockBox = new CipherTextHandler();
         Class hint = EncryptedTimeStamp.class;
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "DESede"
);
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), algorithm
);
         EncryptionKey key = new EncryptionKey( EncryptionType.DES3_CBC_SHA1_KD, kerberosKey.getEncoded()
);
         EncryptedData data = new EncryptedData( EncryptionType.DES3_CBC_SHA1_KD, 0, tripleDesEncryptedTimeStamp
);
 
@@ -211,7 +212,8 @@
     {
         CipherTextHandler lockBox = new CipherTextHandler();
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "DESede"
);
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), algorithm
);
         EncryptionKey key = new EncryptionKey( EncryptionType.DES3_CBC_SHA1_KD, kerberosKey.getEncoded()
);
 
         String zuluTime = "20070410190400Z";
@@ -252,6 +254,11 @@
      */
     public void testAes128GoodPasswordDecrypt()
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         CipherTextHandler lockBox = new CipherTextHandler();
         Class hint = EncryptedTimeStamp.class;
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
@@ -281,6 +288,11 @@
      */
     public void testAes128GoodPasswordEncrypt() throws ParseException
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         CipherTextHandler lockBox = new CipherTextHandler();
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
         KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES128"
);
@@ -324,6 +336,11 @@
      */
     public void testAes256GoodPasswordDecrypt()
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         CipherTextHandler lockBox = new CipherTextHandler();
         Class hint = EncryptedTimeStamp.class;
 
@@ -365,6 +382,11 @@
      */
     public void testAes256GoodPasswordEncrypt() throws ParseException
     {
+        if ( !VendorHelper.isCtsSupported() )
+        {
+            return;
+        }
+
         CipherTextHandler lockBox = new CipherTextHandler();
 
         KerberosKey kerberosKey;

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
Thu May 24 23:10:37 2007
@@ -137,7 +137,8 @@
                 ( byte ) 0x37, ( byte ) 0xDC, ( byte ) 0xF7, ( byte ) 0x2C, ( byte ) 0x3E
};
 
         KerberosPrincipal principal = new KerberosPrincipal( "raeburn@ATHENA.MIT.EDU" );
-        KerberosKey key = new KerberosKey( principal, "password".toCharArray(), "DESede"
);
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "password".toCharArray(), algorithm
);
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
         assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
@@ -156,7 +157,8 @@
                 ( byte ) 0xC1, ( byte ) 0xF7, ( byte ) 0x4F, ( byte ) 0x37, ( byte ) 0x7A
};
 
         KerberosPrincipal principal = new KerberosPrincipal( "danny@WHITEHOUSE.GOV" );
-        KerberosKey key = new KerberosKey( principal, "potatoe".toCharArray(), "DESede" );
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "potatoe".toCharArray(), algorithm
);
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
         assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
@@ -175,7 +177,8 @@
                 ( byte ) 0xB6, ( byte ) 0x9D, ( byte ) 0x5D, ( byte ) 0x9D, ( byte ) 0x4A
};
 
         KerberosPrincipal principal = new KerberosPrincipal( "buckaroo@EXAMPLE.COM" );
-        KerberosKey key = new KerberosKey( principal, "penny".toCharArray(), "DESede" );
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "penny".toCharArray(), algorithm );
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
         assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
@@ -187,6 +190,11 @@
      */
     public void testTestVectorsTripleDesKerberosKey4()
     {
+        if ( VendorHelper.isIbm() )
+        {
+            return;
+        }
+
         byte[] expectedKey =
             { ( byte ) 0x16, ( byte ) 0xD5, ( byte ) 0xA4, ( byte ) 0x0E, ( byte ) 0x1C,
( byte ) 0xE3, ( byte ) 0xBA,
                 ( byte ) 0xCB, ( byte ) 0x61, ( byte ) 0xB9, ( byte ) 0xDC, ( byte ) 0xE0,
( byte ) 0x04,
@@ -194,7 +202,8 @@
                 ( byte ) 0xA7, ( byte ) 0xB9, ( byte ) 0x52, ( byte ) 0xFE, ( byte ) 0xB0
};
 
         KerberosPrincipal principal = new KerberosPrincipal( "Juri\u0161i\u0107@ATHENA.MIT.EDU"
);
-        KerberosKey key = new KerberosKey( principal, "\u00DF".toCharArray(), "DESede" );
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "\u00DF".toCharArray(), algorithm );
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
         assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
@@ -206,6 +215,11 @@
      */
     public void testTestVectorsTripleDesKerberosKey5()
     {
+        if ( VendorHelper.isIbm() )
+        {
+            return;
+        }
+
         byte[] expectedKey =
             { ( byte ) 0x85, ( byte ) 0x76, ( byte ) 0x37, ( byte ) 0x26, ( byte ) 0x58,
( byte ) 0x5D, ( byte ) 0xBC,
                 ( byte ) 0x1C, ( byte ) 0xCE, ( byte ) 0x6E, ( byte ) 0xC4, ( byte ) 0x3E,
( byte ) 0x1F,
@@ -213,7 +227,8 @@
                 ( byte ) 0xB0, ( byte ) 0x98, ( byte ) 0xF4, ( byte ) 0x0B, ( byte ) 0x19
};
 
         KerberosPrincipal principal = new KerberosPrincipal( "pianist@EXAMPLE.COM" );
-        KerberosKey key = new KerberosKey( principal, "\uD834\uDD1E".toCharArray(), "DESede"
);
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "\uD834\uDD1E".toCharArray(), algorithm
);
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
         assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
Thu May 24 23:10:37 2007
@@ -60,7 +60,8 @@
     public void testTripleDesKerberosKey()
     {
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "DESede" );
+        String algorithm = VendorHelper.getTripleDesAlgorithm();
+        KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), algorithm );
 
         assertEquals( "DESede key length", 24, key.getEncoded().length );
     }
@@ -71,6 +72,11 @@
      */
     public void testArcFourHmacKerberosKey()
     {
+        if ( !VendorHelper.isArcFourHmacSupported() )
+        {
+            return;
+        }
+
         KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
         KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "ArcFourHmac"
);
 
@@ -111,10 +117,198 @@
 
 
     /**
-     * Tests that key derivation can be performed by the factory for multiple cipher types.
+     * Tests that key derivation can be performed by the factory for the des-cbc-md5 encryption
type.
+     */
+    public void testKerberosKeyFactoryOnlyDes()
+    {
+        String principalName = "hnelson@EXAMPLE.COM";
+        String passPhrase = "secret";
+
+        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+        encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
+
+        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
+            encryptionTypes );
+
+        assertEquals( "List length", 1, map.values().size() );
+
+        EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+        EncryptionType keyType = kerberosKey.getKeyType();
+        int keyLength = kerberosKey.getKeyValue().length;
+        byte[] keyBytes = kerberosKey.getKeyValue();
+
+        assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
+        assertEquals( keyLength, 8 );
+        byte[] expectedBytes = new byte[]
+            { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A,
( byte ) 0x61, ( byte ) 0xCE,
+                ( byte ) 0x5B };
+        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+    }
+
+
+    /**
+     * Tests that key derivation can be performed by the factory for the des3-cbc-sha1-kd
encryption type.
+     */
+    public void testKerberosKeyFactoryOnlyTripleDes()
+    {
+        if ( !VendorHelper.isTripleDesSupported() )
+        {
+            return;
+        }
+
+        String principalName = "hnelson@EXAMPLE.COM";
+        String passPhrase = "secret";
+
+        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+        encryptionTypes.add( EncryptionType.DES3_CBC_SHA1_KD );
+
+        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
+            encryptionTypes );
+
+        assertEquals( "List length", 1, map.values().size() );
+
+        EncryptionKey kerberosKey = map.get( EncryptionType.DES3_CBC_SHA1_KD );
+
+        EncryptionType keyType = kerberosKey.getKeyType();
+        int keyLength = kerberosKey.getKeyValue().length;
+        byte[] keyBytes = kerberosKey.getKeyValue();
+
+        assertEquals( keyType, EncryptionType.DES3_CBC_SHA1_KD );
+        assertEquals( keyLength, 24 );
+        byte[] expectedBytes = new byte[]
+            { ( byte ) 0x57, ( byte ) 0x07, ( byte ) 0xCE, ( byte ) 0x29, ( byte ) 0x52,
( byte ) 0x92, ( byte ) 0x2C,
+                ( byte ) 0x1C, ( byte ) 0x8C, ( byte ) 0xBF, ( byte ) 0x43, ( byte ) 0xC2,
( byte ) 0x3D,
+                ( byte ) 0x8F, ( byte ) 0x8C, ( byte ) 0x5E, ( byte ) 0x9E, ( byte ) 0x8C,
( byte ) 0xF7,
+                ( byte ) 0x5D, ( byte ) 0x3E, ( byte ) 0x4A, ( byte ) 0x5E, ( byte ) 0x25
};
+        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+    }
+
+
+    /**
+     * Tests that key derivation can be performed by the factory for the rc4-hmac encryption
type.
+     */
+    public void testKerberosKeyFactoryOnlyArcFourHmac()
+    {
+        if ( !VendorHelper.isArcFourHmacSupported() )
+        {
+            return;
+        }
+
+        String principalName = "hnelson@EXAMPLE.COM";
+        String passPhrase = "secret";
+
+        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+        encryptionTypes.add( EncryptionType.RC4_HMAC );
+
+        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
+            encryptionTypes );
+
+        assertEquals( "List length", 1, map.values().size() );
+
+        EncryptionKey kerberosKey = map.get( EncryptionType.RC4_HMAC );
+
+        EncryptionType keyType = kerberosKey.getKeyType();
+        int keyLength = kerberosKey.getKeyValue().length;
+        byte[] keyBytes = kerberosKey.getKeyValue();
+
+        assertEquals( keyType, EncryptionType.RC4_HMAC );
+        assertEquals( keyLength, 16 );
+        byte[] expectedBytes = new byte[]
+            { ( byte ) 0x87, ( byte ) 0x8D, ( byte ) 0x80, ( byte ) 0x14, ( byte ) 0x60,
( byte ) 0x6C, ( byte ) 0xDA,
+                ( byte ) 0x29, ( byte ) 0x67, ( byte ) 0x7A, ( byte ) 0x44, ( byte ) 0xEF,
( byte ) 0xA1,
+                ( byte ) 0x35, ( byte ) 0x3F, ( byte ) 0xC7 };
+        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+    }
+
+
+    /**
+     * Tests that key derivation can be performed by the factory for the aes128-cts-hmac-sha1-96
encryption type.
+     */
+    public void testKerberosKeyFactoryOnlyAes128()
+    {
+        if ( VendorHelper.isIbm() )
+        {
+            return;
+        }
+
+        String principalName = "hnelson@EXAMPLE.COM";
+        String passPhrase = "secret";
+
+        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+        encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+
+        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
+            encryptionTypes );
+
+        assertEquals( "List length", 1, map.values().size() );
+
+        EncryptionKey kerberosKey = map.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+
+        EncryptionType keyType = kerberosKey.getKeyType();
+        int keyLength = kerberosKey.getKeyValue().length;
+        byte[] keyBytes = kerberosKey.getKeyValue();
+
+        assertEquals( keyType, EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+        assertEquals( keyLength, 16 );
+        byte[] expectedBytes = new byte[]
+            { ( byte ) 0xAD, ( byte ) 0x21, ( byte ) 0x4B, ( byte ) 0x38, ( byte ) 0xB6,
( byte ) 0x9D, ( byte ) 0xFC,
+                ( byte ) 0xCA, ( byte ) 0xAC, ( byte ) 0xF1, ( byte ) 0x5F, ( byte ) 0x34,
( byte ) 0x6D,
+                ( byte ) 0x41, ( byte ) 0x7B, ( byte ) 0x90 };
+
+        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+    }
+
+
+    /**
+     * Tests that key derivation can be performed by the factory for the aes256-cts-hmac-sha1-96
encryption type.
+     */
+    public void testKerberosKeyFactoryOnlyAes256()
+    {
+        if ( VendorHelper.isIbm() )
+        {
+            return;
+        }
+
+        String principalName = "hnelson@EXAMPLE.COM";
+        String passPhrase = "secret";
+
+        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+        encryptionTypes.add( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+
+        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
+            encryptionTypes );
+
+        assertEquals( "List length", 1, map.values().size() );
+
+        EncryptionKey kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+
+        EncryptionType keyType = kerberosKey.getKeyType();
+        int keyLength = kerberosKey.getKeyValue().length;
+        byte[] keyBytes = kerberosKey.getKeyValue();
+
+        assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+        assertEquals( keyLength, 32 );
+        byte[] expectedBytes = new byte[]
+            { ( byte ) 0x3D, ( byte ) 0x33, ( byte ) 0x31, ( byte ) 0x8F, ( byte ) 0xBE,
( byte ) 0x47, ( byte ) 0xE5,
+                ( byte ) 0x2A, ( byte ) 0x21, ( byte ) 0x50, ( byte ) 0x77, ( byte ) 0xA4,
( byte ) 0x15,
+                ( byte ) 0x58, ( byte ) 0xCA, ( byte ) 0xE7, ( byte ) 0x36, ( byte ) 0x50,
( byte ) 0x1F,
+                ( byte ) 0xA7, ( byte ) 0xA4, ( byte ) 0x85, ( byte ) 0x82, ( byte ) 0x05,
( byte ) 0xF6,
+                ( byte ) 0x8F, ( byte ) 0x67, ( byte ) 0xA2, ( byte ) 0xB5, ( byte ) 0xEA,
( byte ) 0x0E, ( byte ) 0xBF };
+        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+    }
+
+
+    /**
+     * Tests that key derivation can be performed by the factory for multiple encryption
types.
      */
     public void testKerberosKeyFactory()
     {
+        if ( VendorHelper.isIbm() )
+        {
+            return;
+        }
+
         String principalName = "hnelson@EXAMPLE.COM";
         String passPhrase = "secret";
 
@@ -192,36 +386,5 @@
                     ( byte ) 0x0E, ( byte ) 0xBF };
             assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
         }
-    }
-
-
-    /**
-     * Tests that key derivation can be performed by the factory for a specified cipher type.
-     */
-    public void testKerberosKeyFactoryOnlyDes()
-    {
-        String principalName = "hnelson@EXAMPLE.COM";
-        String passPhrase = "secret";
-
-        Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
-        encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
-
-        Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys(
principalName, passPhrase,
-            encryptionTypes );
-
-        assertEquals( "List length", 1, map.values().size() );
-
-        EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
-
-        EncryptionType keyType = kerberosKey.getKeyType();
-        int keyLength = kerberosKey.getKeyValue().length;
-        byte[] keyBytes = kerberosKey.getKeyValue();
-
-        assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
-        assertEquals( keyLength, 8 );
-        byte[] expectedBytes = new byte[]
-            { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A,
( byte ) 0x61, ( byte ) 0xCE,
-                ( byte ) 0x5B };
-        assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
     }
 }

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
Thu May 24 23:10:37 2007
@@ -21,6 +21,7 @@
 
 
 import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
 import java.security.Provider;
 import java.security.Security;
 import java.util.Arrays;
@@ -184,9 +185,16 @@
 
         SecretKey key = keyGenerator.generateKey();
 
-        Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
-        ecipher.init( Cipher.ENCRYPT_MODE, key );
-        assertEquals( "Block size", 16, ecipher.getBlockSize() );
+        try
+        {
+            Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+            ecipher.init( Cipher.ENCRYPT_MODE, key );
+            assertEquals( "Block size", 16, ecipher.getBlockSize() );
+        }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            // Without CTS mode this will throw an Exception.
+        }
     }
 
 
@@ -213,6 +221,10 @@
         {
             // Without unlimited-strength crypto this will throw an exception.
         }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            // Without CTS mode this will throw an Exception.
+        }
     }
 
 
@@ -283,6 +295,7 @@
                 }
             }
         }
+
         return ( String[] ) result.toArray( new String[result.size()] );
     }
 }

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java?view=diff&rev=541561&r1=541560&r2=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
Thu May 24 23:10:37 2007
@@ -104,6 +104,11 @@
      */
     public void testGenerateArcFourKey() throws Exception
     {
+        if ( !VendorHelper.isArcFourHmacSupported() )
+        {
+            return;
+        }
+
         KeyGenerator keygen = KeyGenerator.getInstance( "ARCFOUR" );
         SecretKey key = keygen.generateKey();
         assertEquals( "ARCFOUR key size", 16, key.getEncoded().length );
@@ -117,6 +122,11 @@
      */
     public void testGenerateRc4Key() throws Exception
     {
+        if ( !VendorHelper.isArcFourHmacSupported() )
+        {
+            return;
+        }
+
         KeyGenerator keygen = KeyGenerator.getInstance( "RC4" );
         SecretKey key = keygen.generateKey();
         assertEquals( "RC4 key size", 16, key.getEncoded().length );
@@ -151,8 +161,11 @@
         keyType = kerberosKey.getKeyType();
         keyLength = kerberosKey.getKeyValue().length;
 
-        assertEquals( keyType, EncryptionType.RC4_HMAC );
-        assertEquals( keyLength, 16 );
+        if ( VendorHelper.isArcFourHmacSupported() )
+        {
+            assertEquals( keyType, EncryptionType.RC4_HMAC );
+            assertEquals( keyLength, 16 );
+        }
 
         kerberosKey = map.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
         keyType = kerberosKey.getKeyType();

Added: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java?view=auto&rev=541561
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java
(added)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java
Thu May 24 23:10:37 2007
@@ -0,0 +1,70 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+/**
+ * Helper for determining whether various ciphers are supported by the JRE.  For now
+ * determinations are based solely on JRE vendor.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class VendorHelper
+{
+    private static final String vendor = System.getProperty( "java.vendor" ).toLowerCase();
+
+
+    static String getTripleDesAlgorithm()
+    {
+        if ( isIbm() )
+        {
+            return "3DES";
+        }
+        else
+        {
+            return "DESede";
+        }
+    }
+
+
+    static boolean isCtsSupported()
+    {
+        return vendor.contains( "sun" );
+    }
+
+
+    static boolean isArcFourHmacSupported()
+    {
+        return vendor.contains( "sun" );
+    }
+
+
+    static boolean isTripleDesSupported()
+    {
+        return vendor.contains( "sun" );
+    }
+
+
+    static boolean isIbm()
+    {
+        return vendor.contains( "ibm" );
+    }
+}

Propchange: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/VendorHelper.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message