directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r541574 - in /directory/apacheds/trunk: kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/
Date Fri, 25 May 2007 07:46:10 GMT
Author: erodriguez
Date: Fri May 25 00:46:09 2007
New Revision: 541574

URL: http://svn.apache.org/viewvc?view=rev&rev=541574
Log:
Removed unused checksum code based on better understanding of real-world behavior.

Removed:
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
Modified:
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
    directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java

Modified: directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java?view=diff&rev=541574&r1=541573&r2=541574
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
Fri May 25 00:46:09 2007
@@ -30,7 +30,7 @@
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class Crc32Checksum implements ChecksumEngine
+class Crc32Checksum implements ChecksumEngine
 {
     public ChecksumType checksumType()
     {

Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?view=diff&rev=541574&r1=541573&r2=541574
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
(original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
Fri May 25 00:46:09 2007
@@ -20,13 +20,7 @@
 package org.apache.directory.server.kerberos.kdc.ticketgrant;
 
 
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
 import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.messages.value.Checksum;
 import org.apache.mina.common.IoSession;
@@ -47,22 +41,6 @@
     private ChecksumHandler checksumHandler = new ChecksumHandler();
     private String contextKey = "context";
 
-    /** a map of the default encryption types to the encryption engine class names */
-    private static final Map<EncryptionType, ChecksumType> DEFAULT_CHECKSUMS;
-
-    static
-    {
-        Map<EncryptionType, ChecksumType> map = new HashMap<EncryptionType, ChecksumType>();
-
-        map.put( EncryptionType.DES_CBC_MD5, ChecksumType.RSA_MD5 );
-        map.put( EncryptionType.DES3_CBC_SHA1_KD, ChecksumType.HMAC_SHA1_DES3_KD );
-        map.put( EncryptionType.RC4_HMAC, ChecksumType.HMAC_MD5 );
-        map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES128
);
-        map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES256
);
-
-        DEFAULT_CHECKSUMS = Collections.unmodifiableMap( map );
-    }
-
 
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
@@ -70,14 +48,7 @@
         byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
         Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
 
-        EncryptionType encryptionType = tgsContext.getEncryptionType();
-        ChecksumType allowedChecksumType = DEFAULT_CHECKSUMS.get( encryptionType );
-
-        if ( !allowedChecksumType.equals( authenticatorChecksum.getChecksumType() ) )
-        {
-            log.warn( "Allowed checksum type '" + allowedChecksumType + "' did not match
authenticator checksum type '"
-                + authenticatorChecksum.getChecksumType() + "'." );
-        }
+        log.debug( "Verifying body checksum type '" + authenticatorChecksum.getChecksumType()
+ "'." );
 
         checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8
);
 



Mime
View raw message