directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r578743 [3/12] - in /directory/apacheds/branches/apacheds-kerberos: kerberos-shared/ kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/ kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto...
Date Mon, 24 Sep 2007 10:18:45 GMT
Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/TicketEncoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/TicketEncoder.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/TicketEncoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/TicketEncoder.java Mon Sep 24 03:18:05 2007
@@ -22,8 +22,11 @@
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.text.ParseException;
+import java.util.List;
 
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
+import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
 import org.apache.directory.shared.asn1.der.ASN1OutputStream;
 import org.apache.directory.shared.asn1.der.DERApplicationSpecific;
 import org.apache.directory.shared.asn1.der.DERGeneralString;
@@ -71,7 +74,17 @@
 
         vector.add( new DERTaggedObject( 0, DERInteger.valueOf( ticket.getVersionNumber() ) ) );
         vector.add( new DERTaggedObject( 1, DERGeneralString.valueOf( ticket.getRealm() ) ) );
-        vector.add( new DERTaggedObject( 2, PrincipalNameEncoder.encode( ticket.getServerPrincipal() ) ) );
+        
+        try
+        {
+            vector.add( new DERTaggedObject( 2, PrincipalNameEncoder.encode( 
+                new PrincipalName( ticket.getServerPrincipal().getName(), ticket.getServerPrincipal().getNameType() ) ) ) );
+        }
+        catch ( ParseException pe )
+        {
+            pe.printStackTrace();
+        }
+        
         vector.add( new DERTaggedObject( 3, EncryptedDataEncoder.encodeSequence( ticket.getEncPart() ) ) );
 
         DERApplicationSpecific ticketSequence = null;
@@ -98,6 +111,20 @@
             DERSequence vector = new DERSequence();
             vector.add( encode( tickets[ii] ) );
             outerVector.add( vector );
+        }
+
+        return outerVector;
+    }
+
+    protected static DERSequence encodeSequence( List<Ticket> tickets )
+    {
+        DERSequence outerVector = new DERSequence();
+
+        for ( Ticket ticket:tickets )
+        {
+            //DERSequence vector = new DERSequence();
+            //vector.add( encode( ticket ) );
+            outerVector.add( encode( ticket ) );
         }
 
         return outerVector;

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerReply.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerReply.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerReply.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerReply.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,70 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+
+import java.util.List;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
+
+
+/**
+ * This class implements the AP-REP message.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * AS-REP          ::= [APPLICATION 11] KDC-REP
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class AuthServerReply extends KdcReply
+{
+    /**
+     * Creates a new instance of AuthServerReply.
+     */
+    public AuthServerReply()
+    {
+        super( MessageType.KRB_AS_REP );
+    }
+
+
+    /**
+     * Creates a new instance of AuthServerReply.
+     *
+     * @param paData
+     * @param clientPrincipal
+     * @param ticket
+     * @param encPart
+     */
+    public AuthServerReply( List<PreAuthenticationData> paData, KerberosPrincipal clientPrincipal, Ticket ticket,
+        EncryptedData encPart )
+    {
+        super( MessageType.KRB_AS_REP );
+        super.setPaData( paData );
+        super.setClientPrincipal( clientPrincipal );
+        super.setTicket( ticket );
+        super.setEncPart( encPart );
+    }
+}

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerRequest.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerRequest.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthServerRequest.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,150 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.util.List;
+
+import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosRequestBody;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * This class implements the AS-REQ message.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * AS-REQ          ::= [APPLICATION 10] KDC-REQ
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class AuthServerRequest extends KdcRequest
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( AuthServerRequest.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    // Storage for computed lengths
+    private transient int asReqAppLength;
+    
+    /**
+     * Creates a new instance of AuthServerRequest.
+     *
+     * @param paData
+     * @param clientPrincipal
+     * @param ticket
+     * @param encPart
+     */
+    public AuthServerRequest( List<PreAuthenticationData> paData, KerberosRequestBody requestBody )
+    {
+        super( MessageType.KRB_AS_REQ, paData, requestBody );
+    }
+    
+    /**
+     * Return the length of a AS-REQ message .
+     * 
+     * 0x6A L1
+     *  |
+     *  +--> 0x30 L2 KDC-REQ
+     */
+    public int computeLength()
+    {
+        // Compute the KDC-REQ length
+        asReqAppLength = super.computeLength();
+        
+        return 1 + TLV.getNbBytes( asReqAppLength ) + asReqAppLength;
+    }
+
+    /**
+     * Encode the AS-REQ message to a PDU. 
+     * 
+     * AS-REQ :
+     * 
+     * 0x6A LL
+     *   0x30 LL KDC-REQ 
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            buffer = ByteBuffer.allocate( computeLength() );
+        }
+
+        try
+        {
+            // The AS-REQ application Tag
+            buffer.put( (byte)0x6A );
+            buffer.put( TLV.getBytes( asReqAppLength ) );
+            
+            // Encode the requestBody
+            super.encode( buffer );
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the AS-REQ object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( asReqAppLength ) + asReqAppLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "AS-REQ encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "AS-REQ initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+    /**
+     * @see Object#toString()
+     */
+public String toString( String tabs )
+    {
+        StringBuilder sb = new StringBuilder();
+        
+        sb.append( tabs ).append( "AS-REQ\n" );
+        sb.append( super.toString( tabs + "    " ) );
+        
+        return sb.toString();
+    }
+    
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
+    }
+}

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java Mon Sep 24 03:18:05 2007
@@ -20,6 +20,11 @@
 package org.apache.directory.server.kerberos.shared.messages;
 
 
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.directory.server.kerberos.shared.messages.components.EncKdcRepPart;
@@ -30,22 +35,63 @@
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
 import org.apache.directory.server.kerberos.shared.messages.value.LastRequest;
 import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
-import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.KerberosFlags;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 
 /**
+ * Implements the KDC-REP message.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * KDC-REP         ::= SEQUENCE {
+ *         pvno            [0] INTEGER (5),
+ *         msg-type        [1] INTEGER (11 -- AS -- | 13 -- TGS --),
+ *         padata          [2] SEQUENCE OF PA-DATA OPTIONAL
+ *                                 -- NOTE: not empty --,
+ *         crealm          [3] Realm,
+ *         cname           [4] PrincipalName,
+ *         ticket          [5] Ticket,
+ *         enc-part        [6] EncryptedData
+ *                                 -- EncASRepPart or EncTGSRepPart,
+ *                                 -- as appropriate
+ * }
+ * 
+ 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public class KdcReply extends KerberosMessage implements Encodable
 {
-    private PreAuthenticationData[] paData; //optional
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KdcReply.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    
+    private List<PreAuthenticationData> paData; //optional
+    
+    /** The client principalName */
+    private PrincipalName cName;
+    
+    /** The client principalName */
     private KerberosPrincipal clientPrincipal;
+    
+    /** The client realm */
+    private String cRealm;
+    
+    /** The newly issued ticket */
     private Ticket ticket;
 
-    private EncKdcRepPart encKDCRepPart = new EncKdcRepPart();
+    /** the encrypted part of a message */
     private EncryptedData encPart;
 
+    //private EncKdcRepPart encKDCRepPart = new EncKdcRepPart();
+
 
     /**
      * Creates a new instance of KdcReply.
@@ -59,33 +105,24 @@
 
 
     /**
-     * Creates a new instance of KdcReply.
+     * Returns the client {@link KerberosPrincipal}.
      *
-     * @param paData
-     * @param clientPrincipal
-     * @param ticket
-     * @param encPart
-     * @param msgType
+     * @return The client {@link KerberosPrincipal}.
      */
-    public KdcReply( PreAuthenticationData[] paData, KerberosPrincipal clientPrincipal, Ticket ticket,
-        EncryptedData encPart, MessageType msgType )
+    public KerberosPrincipal getClientPrincipal()
     {
-        this( msgType );
-        this.paData = paData;
-        this.clientPrincipal = clientPrincipal;
-        this.ticket = ticket;
-        this.encPart = encPart;
+        return clientPrincipal;
     }
 
 
     /**
-     * Returns the client {@link KerberosPrincipal}.
+     * Returns the client {@link PrincipalName}.
      *
-     * @return The client {@link KerberosPrincipal}.
+     * @return The client {@link PrincipalName}.
      */
-    public KerberosPrincipal getClientPrincipal()
+    public PrincipalName getClientPrincipalName()
     {
-        return clientPrincipal;
+        return cName;
     }
 
 
@@ -96,7 +133,7 @@
      */
     public String getClientRealm()
     {
-        return clientPrincipal.getRealm();
+        return cRealm;
     }
 
 
@@ -116,7 +153,7 @@
      *
      * @return The array of {@link PreAuthenticationData}s.
      */
-    public PreAuthenticationData[] getPaData()
+    public List<PreAuthenticationData> getPaData()
     {
         return paData;
     }
@@ -138,9 +175,28 @@
      *
      * @param clientPrincipal
      */
+    public void setCName( PrincipalName cName )
+    {
+        this.cName = cName;
+    }
+
+    /**
+     * Sets the client {@link KerberosPrincipal}.
+     *
+     * @param clientPrincipal
+     */
     public void setClientPrincipal( KerberosPrincipal clientPrincipal )
     {
         this.clientPrincipal = clientPrincipal;
+        
+        try
+        {
+            this.cName = new PrincipalName( clientPrincipal.getName(), clientPrincipal.getNameType() );
+        }
+        catch ( ParseException pe )
+        {
+            this.cName = null;
+        }
     }
 
 
@@ -160,9 +216,9 @@
      *
      * @param part
      */
-    public void setEncPart( EncryptedData part )
+    public void setEncPart( EncryptedData encPart )
     {
-        encPart = part;
+        this.encPart = encPart;
     }
 
 
@@ -173,9 +229,36 @@
      */
     public void setPaData( PreAuthenticationData[] data )
     {
+        paData = Arrays.asList( data );
+    }
+
+    
+    /**
+     * Sets the array of {@link PreAuthenticationData}s.
+     *
+     * @param data
+     */
+    public void setPaData( List<PreAuthenticationData> data )
+    {
         paData = data;
     }
 
+    
+    /**
+     * Sets the array of {@link PreAuthenticationData}s.
+     *
+     * @param data
+     */
+    public void addPaData( PreAuthenticationData data )
+    {
+        if ( paData == null )
+        {
+            paData = new ArrayList<PreAuthenticationData>();
+        }
+        
+        paData.add( data );
+    }
+
 
     /**
      * Sets the {@link Ticket}.
@@ -228,7 +311,7 @@
      *
      * @return The {@link TicketFlags}.
      */
-    public TicketFlags getFlags()
+    public int getFlags()
     {
         return encKDCRepPart.getFlags();
     }
@@ -301,6 +384,17 @@
 
 
     /**
+     * Returns the server {@link PrincipalName}.
+     *
+     * @return The server {@link PrincipalName}.
+     */
+    public PrincipalName getServerPrincipalName()
+    {
+        return encKDCRepPart.getServerPrincipalName();
+    }
+
+
+    /**
      * Return the server realm.
      *
      * @return The server realm.
@@ -362,7 +456,7 @@
      *
      * @param flags
      */
-    public void setFlags( TicketFlags flags )
+    public void setFlags( KerberosFlags flags )
     {
         encKDCRepPart.setFlags( flags );
     }

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java Mon Sep 24 03:18:05 2007
@@ -20,29 +20,77 @@
 package org.apache.directory.server.kerberos.shared.messages;
 
 
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.util.List;
+
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
 import org.apache.directory.server.kerberos.shared.messages.value.HostAddresses;
-import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
 import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
-import org.apache.directory.server.kerberos.shared.messages.value.RequestBody;
+import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosRequestBody;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.KdcOption;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.KdcOptions;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.KerberosFlag;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.codec.DecoderException;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 
 /**
+ * Implements the KDC-REQ message.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * KDC-REQ         ::= SEQUENCE {
+ *        -- NOTE: first tag is [1], not [0]
+ *        pvno            [1] INTEGER (5) ,
+ *        msg-type        [2] INTEGER (10 -- AS -- | 12 -- TGS --),
+ *        padata          [3] SEQUENCE OF PA-DATA OPTIONAL
+ *                            -- NOTE: not empty --,
+ *        req-body        [4] KDC-REQ-BODY
+ * }
+ * 
+ * The pvno and msg-type are handled by the KerberosMessage inherited class
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public class KdcRequest extends KerberosMessage
 {
-    private PreAuthenticationData[] preAuthData; //optional
-    private RequestBody requestBody;
-    private byte[] bodyBytes;
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KdcRequest.class );
 
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
 
+    /** The pre-authentication data */
+    private List<PreAuthenticationData> paData; //optional
+    
+    /** The request body */
+    private KerberosRequestBody reqBody;
+    
+    /** A byte[] representing the request body */
+    private byte[] reqBodyBytes;
+
+
+    // Storage for computed lengths
+    private transient int kdcReqSeqLength;
+    
+    private transient int paDataTagLength;
+    private transient int paDataSeqLength;
+    
+    private transient int reqBodyTagLength;
+    
     /**
      * Creates a new instance of KdcRequest.
      *
@@ -51,14 +99,13 @@
      * @param preAuthData
      * @param requestBody
      */
-    public KdcRequest( int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody )
+    public KdcRequest( int pvno, MessageType messageType, List<PreAuthenticationData> paData, KerberosRequestBody reqBody )
     {
         super( pvno, messageType );
-        this.preAuthData = preAuthData;
-        this.requestBody = requestBody;
+        this.paData = paData;
+        this.reqBody = reqBody;
     }
 
-
     /**
      * Creates a new instance of KdcRequest.
      *
@@ -66,35 +113,22 @@
      * @param messageType
      * @param preAuthData
      * @param requestBody
-     * @param bodyBytes
      */
-    public KdcRequest( int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody,
-        byte[] bodyBytes )
+    public KdcRequest( MessageType messageType, List<PreAuthenticationData> paData, KerberosRequestBody reqBody )
     {
-        this( pvno, messageType, preAuthData, requestBody );
-        this.bodyBytes = bodyBytes;
+        super( messageType );
+        this.paData = paData;
+        this.reqBody = reqBody;
     }
 
-
     /**
      * Returns an array of {@link PreAuthenticationData}s.
      *
      * @return The array of {@link PreAuthenticationData}s.
      */
-    public PreAuthenticationData[] getPreAuthData()
-    {
-        return preAuthData;
-    }
-
-
-    /**
-     * Returns the request body.
-     * 
-     * @return The request body.
-     */
-    public RequestBody getRequestBody()
+    public List<PreAuthenticationData> getPreAuthData()
     {
-        return requestBody;
+        return paData;
     }
 
 
@@ -106,7 +140,7 @@
      */
     public byte[] getBodyBytes()
     {
-        return bodyBytes;
+        return reqBodyBytes;
     }
 
 
@@ -117,9 +151,9 @@
      *
      * @return The {@link Ticket}s.
      */
-    public Ticket[] getAdditionalTickets()
+    public List<Ticket> getAdditionalTickets()
     {
-        return requestBody.getAdditionalTickets();
+        return reqBody.getAdditionalTickets();
     }
 
 
@@ -130,7 +164,18 @@
      */
     public HostAddresses getAddresses()
     {
-        return requestBody.getAddresses();
+        return reqBody.getAddresses();
+    }
+
+
+    /**
+     * Returns the client {@link PrincipalName}.
+     *
+     * @return The client {@link PrincipalName}.
+     */
+    public PrincipalName getClientPrincipalName()
+    {
+        return reqBody.getClientPrincipalName();
     }
 
 
@@ -141,7 +186,7 @@
      */
     public KerberosPrincipal getClientPrincipal()
     {
-        return requestBody.getClientPrincipal();
+        return reqBody.getClientPrincipal();
     }
 
 
@@ -152,7 +197,7 @@
      */
     public String getRealm()
     {
-        return requestBody.getServerPrincipal().getRealm();
+        return reqBody.getRealm();
     }
 
 
@@ -163,7 +208,7 @@
      */
     public EncryptedData getEncAuthorizationData()
     {
-        return requestBody.getEncAuthorizationData();
+        return reqBody.getEncAuthorizationData();
     }
 
 
@@ -172,9 +217,9 @@
      *
      * @return The array of {@link EncryptionType}s.
      */
-    public EncryptionType[] getEType()
+    public List<EncryptionType> getEType()
     {
-        return requestBody.getEType();
+        return reqBody.getEType();
     }
 
 
@@ -185,7 +230,7 @@
      */
     public KerberosTime getFrom()
     {
-        return requestBody.getFrom();
+        return reqBody.getFrom();
     }
 
 
@@ -196,7 +241,7 @@
      */
     public KdcOptions getKdcOptions()
     {
-        return requestBody.getKdcOptions();
+        return reqBody.getKdcOptions();
     }
 
 
@@ -207,18 +252,18 @@
      */
     public int getNonce()
     {
-        return requestBody.getNonce();
+        return reqBody.getNonce();
     }
 
 
     /**
-     * Returns the "R" {@link KerberosTime}.
+     * Returns the renew-till" {@link KerberosTime}.
      *
-     * @return The "R" {@link KerberosTime}.
+     * @return The renew-till" {@link KerberosTime}.
      */
-    public KerberosTime getRtime()
+    public KerberosTime getRenewtime()
     {
-        return requestBody.getRtime();
+        return reqBody.getRenewtime();
     }
 
 
@@ -229,9 +274,18 @@
      */
     public KerberosPrincipal getServerPrincipal()
     {
-        return requestBody.getServerPrincipal();
+        return reqBody.getServerPrincipal();
     }
 
+    /**
+     * Returns the server {@link PrincipalName}.
+     *
+     * @return The server {@link PrincipalName}.
+     */
+    public PrincipalName getServerPrincipalName()
+    {
+        return reqBody.getServerPrincipalName();
+    }
 
     /**
      * Returns the till {@link KerberosTime}.
@@ -240,7 +294,7 @@
      */
     public KerberosTime getTill()
     {
-        return requestBody.getTill();
+        return reqBody.getTill();
     }
 
 
@@ -254,7 +308,25 @@
      */
     public boolean getOption( int option )
     {
-        return requestBody.getKdcOptions().get( option );
+        try
+        {
+            return reqBody.getKdcOptions().getBit( option );
+        }
+        catch ( DecoderException de )
+        {
+            return false;
+        }
+    }
+
+    /**
+     * Returns the option for the specified flag
+     *
+     * @param option
+     * @return The option.
+     */
+    public boolean getOption( KerberosFlag option )
+    {
+        return reqBody.getKdcOptions().isFlagSet( option );
     }
 
 
@@ -265,7 +337,18 @@
      */
     public void setOption( int option )
     {
-        requestBody.getKdcOptions().set( option );
+        reqBody.getKdcOptions().setBit( option );
+    }
+
+
+    /**
+     * Sets the option at the specified index.
+     *
+     * @param option
+     */
+    public void setOption( KdcOption option )
+    {
+        reqBody.getKdcOptions().setFlag( option );
     }
 
 
@@ -276,6 +359,171 @@
      */
     public void clearOption( int option )
     {
-        requestBody.getKdcOptions().clear( option );
+        reqBody.getKdcOptions().clearBit( option );
+    }
+
+    /**
+     * Return the length of a KdcRequest message .
+     * 
+     * 0x30 L1
+     *  |
+     *  +--> 0xA1 0x03
+     *  |     |
+     *  |     +--> 0x02 0x01 pvno (integer)
+     *  |
+     *  +--> 0xA2 0x03
+     *  |     |
+     *  |     +--> 0x02 0x01 msg-type (integer)
+     *  |
+     *  +--> [0xA3 L2
+     *  |     |
+     *  |     +--> 0x30 L3-1 padata
+     *  |           |
+     *  |           +--> 0x30 L2-1-1 padata (PA-DATA)
+     *  |           |
+     *  |           +--> ...
+     *  |           |
+     *  |           +--> 0x61 L2-1-N padata ]
+     *  |
+     *  +--> 0xA4 L4 
+     *        | 
+     *        +--> 0x30 L4-1 req-body (KDC-REQ-BODY)
+     */
+    public int computeLength()
+    {
+        // First compute the KerberosMessage length
+        kdcReqSeqLength = super.computeLength();
+        
+        // The pa-data length
+        if ( paData == null )
+        {
+            return -1;
+        }
+        
+        paDataSeqLength = 0;
+        
+        for ( PreAuthenticationData data:paData )
+        {
+            paDataSeqLength += data.computeLength();
+        }
+        
+        paDataTagLength = 1 + TLV.getNbBytes( paDataSeqLength ) + paDataSeqLength;
+        kdcReqSeqLength += 1 + TLV.getNbBytes( paDataTagLength ) + paDataTagLength;
+        
+        // The request body data length
+        if ( reqBody == null )
+        {
+            return -1;
+        }
+        
+        reqBodyTagLength = reqBody.computeLength();
+        
+        kdcReqSeqLength += 
+            1 + TLV.getNbBytes( reqBodyTagLength ) + reqBodyTagLength;
+
+
+        return 1 + TLV.getNbBytes( kdcReqSeqLength ) + kdcReqSeqLength;
+    }
+    
+    /**
+     * Encode the KdcRequest message to a PDU. 
+     * 
+     * KdcRequest :
+     * 
+     * 0x30 LL
+     *   0xA1 LL pvno 
+     *   0xA2 LL msg-type
+     *   0xA3 LL pa-datas
+     *     0x30 LL 
+     *       0x30 LL pa-data
+     *       ...
+     *       0x30 LL pa-data
+     *   0xA4 LL req-body
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The kdcRequest SEQUENCE Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( kdcReqSeqLength ) );
+            
+            // As the first tag is not 0xA0, we have to inform the super class.
+            setStartingTag( (byte)0xA1 );
+
+            // The pvno and msg-type Tag and value
+            super.encode(  buffer );
+            
+            // The padata, if any
+            buffer.put( (byte)0xA3 );
+            buffer.put( TLV.getBytes( paDataTagLength ) );
+            
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( paDataSeqLength ) );
+
+            if ( paData != null )
+            {
+                for ( PreAuthenticationData pa:paData )
+                {
+                    pa.encode( buffer );
+                }
+            }
+            
+            // REQ-BODY encoding
+            buffer.put( (byte)0xA4 );
+            buffer.put( TLV.getBytes( reqBodyTagLength ) );
+            
+            if ( reqBody != null )
+            {
+                reqBody.encode( buffer );
+            }
+            else
+            {
+                log.error( "Null REQ-BODY part" );
+                throw new EncoderException( "The REQ-BODY must not be null" );
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the KRB-CRED object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( kdcReqSeqLength ) + kdcReqSeqLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KdcRequest encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KdcRequest initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+    public String toString( String tabs )
+    {
+        StringBuilder sb = new StringBuilder();
+        
+        sb.append( tabs ).append( "NYI\n" );
+        sb.append( super.toString( tabs + "    " ) );
+        
+        return sb.toString();
+    }
+    
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
     }
 }

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosCred.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosCred.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosCred.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosCred.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,286 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The KRB-CRED message. The ASN.1 grammar is the following :
+ * 
+ * KRB-CRED        ::= [APPLICATION 22] SEQUENCE {
+ *        pvno            [0] INTEGER (5),
+ *        msg-type        [1] INTEGER (22),
+ *        tickets         [2] SEQUENCE OF Ticket,
+ *        enc-part        [3] EncryptedData -- EncKrbCredPart
+ * }
+ *  
+ * pvno and msg-type are inherited from KerberosMessage
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class KerberosCred extends KerberosMessage
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KerberosCred.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+    
+    /** The ticket list */
+    private List<Ticket> tickets;
+    
+    /** The encrypted part */
+    private EncryptedData encPart;
+
+    // Storage for computed lengths
+    private transient int encPartTagLength = 0;
+    
+    private transient int ticketsTagLength = 0;
+    private transient int ticketsSeqLength = 0;
+
+    private transient int kerberosCredSeqLength;
+    private transient int kerberosCredApplLength;
+    
+    /**
+     * Creates a new instance of KerberosCred.
+     */
+    public KerberosCred()
+    {
+        super( MessageType.KRB_CRED );
+        encPart = null;
+        tickets = new ArrayList<Ticket>();
+    }
+
+    /**
+     * @return The encrypted part
+     */
+    public EncryptedData getEncPart()
+    {
+        return encPart;
+    }
+
+    /**
+     * Set the encrypted part
+     * @param encPart The encrypted part
+     */
+    public void setEncPart( EncryptedData encPart )
+    {
+        this.encPart = encPart;
+    }
+    
+    /**
+     * @return The ticket list
+     */
+    public List<Ticket> getTickets()
+    {
+        return tickets;
+    }
+    
+    /**
+     * Set a ticket list
+     * @param tickets The ticket list
+     */
+    public void setTickets( List<Ticket> tickets )
+    {
+        this.tickets = tickets;
+    }
+    
+    /**
+     * Add a ticket to the KRB-CRED
+     * @param ticket The added ticket
+     */
+    public void addTicket( Ticket ticket )
+    {
+        tickets.add( ticket );
+    }
+    
+    
+    /**
+     * Return the length of a Kerberos Cred message .
+     * 
+     * 0x72 L1
+     *  |
+     *  +--> 0x30 L2
+     *        |
+     *        +--> 0xA0 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 pvno (integer)
+     *        |
+     *        +--> 0xA1 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 msg-type (integer)
+     *        |
+     *        +--> 0xA2 L3
+     *        |     |
+     *        |     +--> 0x30 L3-1 tickets
+     *        |           |
+     *        |           +--> 0x61 L3-1-1 ticket
+     *        |           |
+     *        |           +--> ...
+     *        |           |
+     *        |           +--> 0x61 L3-1-N ticket
+     *        |
+     *        +--> 0xA3 L4
+     *              | 
+     *              +--> 0x02 L4-1 enc-part (EncryptedData)
+     */
+    public int computeLength()
+    {
+        // First compute the KerberosMessage length
+        kerberosCredSeqLength = super.computeLength();
+        
+        // The tickets length
+        if ( tickets == null )
+        {
+            return -1;
+        }
+        
+        ticketsSeqLength = 0;
+        
+        for ( Ticket ticket:tickets )
+        {
+            ticketsSeqLength += ticket.computeLength();
+        }
+        
+        ticketsTagLength = 1 + TLV.getNbBytes( ticketsSeqLength ) + ticketsSeqLength;
+        kerberosCredSeqLength += 1 + TLV.getNbBytes( ticketsTagLength ) + ticketsTagLength;
+        
+        // The encrypted data length
+        if ( encPart == null )
+        {
+            return -1;
+        }
+        
+        encPartTagLength = encPart.computeLength();
+        
+        kerberosCredSeqLength += 
+            1 + TLV.getNbBytes( encPartTagLength ) + encPartTagLength;
+
+
+        kerberosCredApplLength = 1 + TLV.getNbBytes( kerberosCredSeqLength ) + kerberosCredSeqLength;
+        return 1 + TLV.getNbBytes( kerberosCredApplLength ) + kerberosCredApplLength;
+    }
+    
+    /**
+     * Encode the KerberosCred message to a PDU. 
+     * 
+     * KRB-Cred :
+     * 
+     * 0x72 LL
+     *   0x30 LL
+     *     0xA0 LL pvno 
+     *     0xA1 LL msg-type
+     *     0xA2 LL tickets
+     *       0x30 LL 
+     *         0x61 LL ticket
+     *         ...
+     *         0x61 LL ticket
+     *     0xA3 LL enc-part
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            int bufferCapacity = computeLength();
+            
+            if ( bufferCapacity == -1 )
+            {
+                log.error( "Cannot compute the buffer size" );
+                throw new EncoderException( "Cannot compute the buffer size" );
+            }
+            
+            buffer = ByteBuffer.allocate( bufferCapacity );
+        }
+
+        try
+        {
+            // The KerberosCred APPLICATION Tag
+            buffer.put( (byte)0x72 );
+            buffer.put( TLV.getBytes( kerberosCredApplLength ) );
+
+            // The KerberosCred SEQUENCE Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( kerberosCredSeqLength ) );
+
+            // The pvno and msg-type Tag and value
+            super.encode(  buffer );
+
+            // The tickets
+            buffer.put( (byte)0xA2 );
+            buffer.put( TLV.getBytes( ticketsTagLength ) );
+            
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( ticketsSeqLength ) );
+
+            if ( tickets != null )
+            {
+                for ( Ticket ticket:tickets )
+                {
+                    ticket.encode( buffer );
+                }
+            }
+            
+            // Encrypted Data encoding
+            buffer.put( (byte)0xA3 );
+            buffer.put( TLV.getBytes( encPartTagLength ) );
+            
+            if ( encPart != null )
+            {
+                encPart.encode( buffer );
+            }
+            else
+            {
+                log.error( "Null Encrypted Data part" );
+                throw new EncoderException( "The encrypted Data must not be null" );
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the KRB-CRED object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( kerberosCredApplLength ) + kerberosCredApplLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KRB-CRED encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KRB-CRED initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+}

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosError.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosError.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosError.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosError.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,760 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.text.ParseException;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
+import org.apache.directory.server.kerberos.shared.messages.value.types.KerberosErrorType;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * The KRB-ERROR message. The ASN.1 grammar is the following :
+ * 
+ * KRB-ERROR       ::= [APPLICATION 30] SEQUENCE {
+ *       pvno            [0] INTEGER (5),
+ *       msg-type        [1] INTEGER (30),
+ *       ctime           [2] KerberosTime OPTIONAL,
+ *       cusec           [3] Microseconds OPTIONAL,
+ *       stime           [4] KerberosTime,
+ *       susec           [5] Microseconds,
+ *       error-code      [6] Int32,
+ *       crealm          [7] Realm OPTIONAL,
+ *       cname           [8] PrincipalName OPTIONAL,
+ *       realm           [9] Realm -- service realm --,
+ *       sname           [10] PrincipalName -- service name --,
+ *       e-text          [11] KerberosString OPTIONAL,
+ *       e-data          [12] OCTET STRING OPTIONAL
+ * }
+ * 
+ * pvno and msg-type are inherited from KerberosMessage
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class KerberosError extends KerberosMessage
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KerberosError.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+    
+    /** The client time */
+    private KerberosTime cTime; //optional
+    
+    /** The client microSecond */
+    private int cusec; //optional : from 0 to 999. -1 means unknown
+    
+    /** The server time */
+    private KerberosTime sTime;
+    
+    /** The server microseconds */
+    private int susec;
+    
+    /** The error code */
+    private KerberosErrorType errorCode;
+    
+    /** The client principal */    
+    private PrincipalName cName; //optional
+    
+    /** The server principal */
+    private PrincipalName sName;
+    
+    /** Explanatory text */
+    private String explanatoryText; //optional
+    private byte[] explanatoryTextBytes; //optional
+
+    /** Explanatory data */
+    private byte[] explanatoryData; //optional
+    
+    /** The server realm*/ 
+    private String realm;
+    private byte[] realmBytes;
+    
+    /** The client realm */
+    private String cRealm;
+    private byte[] cRealmBytes;
+
+    // Storage for computed lengths
+    private transient int cTimeTagLength = 0; // optionnal
+    private transient int cTimeLength = 0; // optionnal
+    
+    private transient int cusecTagLength = 0; // optionnal
+    private transient int cusecLength = 0; // optionnal
+    
+    private transient int sTimeTagLength;
+    private transient int sTimeLength;
+    
+    private transient int susecTagLength;
+
+    private transient int errorCodeTagLength;
+    private transient int errorCodeLength;
+    
+    private transient int cRealmTagLength = 0; // optionnal
+    private transient int cRealmLength = 0; // optionnal
+    
+    private transient int cNameTagLength = 0; // optionnal
+    
+    private transient int realmTagLength;
+    private transient int realmLength;
+    
+    private transient int sNameTagLength;
+    
+    private transient int explanatoryTextTagLength;
+    private transient int explanatoryTextLength;
+    
+    private transient int explanatoryDataTagLength;
+    private transient int explanatoryDataLength;
+    
+    private transient int kerberosErrorSeqLength;
+    private transient int kerberosErrorApplLength;
+
+    /**
+     * Creates a new instance of ErrorMessage.
+     */
+    public KerberosError()
+    {
+        super( MessageType.KRB_ERROR );
+
+        // Nullify optionnal data
+        cTime = null;
+        cusec = KerberosUtils.NULL;
+        cRealm = null;
+        cName = null;
+        explanatoryText = null;
+        explanatoryData = null;
+    }
+
+    /**
+     * Creates a new instance of ErrorMessage.
+     *
+     * @param clientTime
+     * @param clientMicroSecond
+     * @param serverTime
+     * @param serverMicroSecond
+     * @param errorCode
+     * @param cname
+     * @param serverPrincipal
+     * @param explanatoryText
+     * @param explanatoryData
+     */
+    public KerberosError( KerberosTime cTime, int cusec, KerberosTime sTime,
+        int susec, KerberosErrorType errorCode, KerberosPrincipal cName, KerberosPrincipal sName,
+        String explanatoryText, byte[] explanatoryData ) throws ParseException
+    {
+        super( MessageType.KRB_ERROR );
+
+        this.cTime = cTime;
+        this.cusec = cusec;
+        this.sTime = sTime;
+        this.susec = susec;
+        this.errorCode = errorCode;
+        this.cName = new PrincipalName( cName );
+        this.cRealm = cName.getRealm();
+        this.sName = new PrincipalName( sName );
+        this.realm = sName.getRealm();
+        this.explanatoryText = explanatoryText;
+        this.explanatoryData = explanatoryData;
+    }
+
+
+    /**
+     * Returns the client {@link KerberosPrincipal}.
+     *
+     * @return The client {@link KerberosPrincipal}.
+     */
+    public PrincipalName getClientPrincipal()
+    {
+        return cName;
+    }
+
+    /**
+     * Set the client principal
+     * @param name Set the client principal
+     */
+    public void setClientPrincipal( KerberosPrincipal cName )
+    {
+        try
+        {
+            this.cName = new PrincipalName( cName );
+        }
+        catch ( ParseException pe )
+        {
+            this.cName = null;
+        }
+    }
+
+    /**
+     * Set the client principal
+     * @param name Set the client principal
+     */
+    public void setClientPrincipal( PrincipalName cName )
+    {
+        this.cName = cName;
+    }
+
+
+    /**
+     * Returns the client {@link KerberosTime}.
+     *
+     * @return The client {@link KerberosTime}.
+     */
+    public KerberosTime getClientTime()
+    {
+        return cTime;
+    }
+
+    /**
+     * Set the client time
+     * @param cTime the client time
+     */
+    public void setClientTime( KerberosTime cTime )
+    {
+        this.cTime = cTime;
+    }
+
+    /**
+     * Returns the client microsecond.
+     *
+     * @return The client microsecond.
+     */
+    public int getClientMicroSecond()
+    {
+        return cusec;
+    }
+
+    /**
+     * Set the client Microseconds
+     * @param cusec the cllient Microseconds
+     */
+    public void setClientMicroSecond( int cusec )
+    {
+        this.cusec = cusec;
+    }
+    
+
+    /**
+     * Returns the explanatory data.
+     *
+     * @return The explanatory data.
+     */
+    public byte[] getExplanatoryData()
+    {
+        return explanatoryData;
+    }
+
+    /**
+     * Set the explanatory data
+     * @param explanatoryData The data
+     */
+    public void setExplanatoryData( byte[] explanatoryData )
+    {
+        this.explanatoryData = explanatoryData;
+    }
+
+    /**
+     * Returns the error code.
+     *
+     * @return The error code.
+     */
+    public KerberosErrorType getErrorCode()
+    {
+        return errorCode;
+    }
+
+    /**
+     * Set the error code
+     * @param errorCode The error code
+     */
+    public void setErrorCode( KerberosErrorType errorCode )
+    {
+        this.errorCode = errorCode;
+    }
+
+    /**
+     * Returns the explanatory text.
+     *
+     * @return The explanatory text.
+     */
+    public String getExplanatoryText()
+    {
+        return explanatoryText;
+    }
+
+    /**
+     * Set the explanatory text
+     * @param explanatoryText
+     */
+    public void setExplanatoryText( String explanatoryText )
+    {
+        this.explanatoryText = explanatoryText;
+    }
+
+    /**
+     * Returns the server {@link KerberosPrincipal}.
+     *
+     * @return The server {@link KerberosPrincipal}.
+     */
+    public PrincipalName getServerPrincipal()
+    {
+        return sName;
+    }
+
+    /**
+     * Set the server principal
+     * @param sName The server principal
+     */
+    public void setServerPrincipal( KerberosPrincipal sName )
+    {
+        try
+        {
+            this.sName = new PrincipalName( sName );
+        }
+        catch ( ParseException pe )
+        {
+            this.sName = null;
+        }
+    }
+    
+    /**
+     * Set the server principal
+     * @param sName The server principal
+     */
+    public void setServerPrincipal( PrincipalName sName )
+    {
+        this.sName = sName;
+    }
+
+    /**
+     * Returns the server {@link KerberosTime}.
+     *
+     * @return The server {@link KerberosTime}.
+     */
+    public KerberosTime getServerTime()
+    {
+        return sTime;
+    }
+
+    /**
+     * Set the server time
+     * @param time The server time
+     */
+    public void setServerTime( KerberosTime sTime )
+    {
+        this.sTime = sTime;
+    }
+
+    /**
+     * Returns the server microsecond.
+     *
+     * @return The server microsecond.
+     */
+    public int getServerMicroSecond()
+    {
+        return susec;
+    }
+
+    /**
+     * Get the microsecond part of the server's
+     * timestamp
+     * @return the microsecond part of the server's
+     * timestamp
+     */
+    public int getServerMicroseconds()
+    {
+        return susec;
+    }
+
+    /**
+     * Set the microsecond part of the server's
+     * timestamp
+     * @susec the microsecond part of the server's
+     * timestamp
+     */
+    public void setServerMicroseconds( int susec )
+    {
+        this.susec = susec;
+    }
+
+    /**
+     * Get the client realm
+     * @return the client realm
+     */
+    public String getClientRealm()
+    {
+        return cRealm;
+    }
+
+    /**
+     * Set the client realm
+     * @param realm The client realm
+     */
+    public void setClientRealm( String realm )
+    {
+        cRealm = realm;
+    }
+
+    /**
+     * Get the server realm
+     * @return the server realm
+     */
+    public String getServerRealm()
+    {
+        return realm;
+    }
+
+    /**
+     * Set the server realm
+     * @param realm The server realm
+     */
+    public void setServerRealm( String realm )
+    {
+        this.realm = realm;
+    }
+    
+    /**
+     * Return the length of a kerberos error message .
+     * 
+     * 0x7E L1
+     *  |
+     *  +--> 0x30 L2
+     *        |
+     *        +--> 0xA0 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 pvno (integer)
+     *        |
+     *        +--> 0xA1 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 messageType (integer)
+     *        |
+     *       [+--> 0xA2 0x11
+     *        |     |
+     *        |     +--> 0x18 0x0F ctime (KerberosTime, optionnal)]
+     *        |
+     *       [+--> 0xA3 L3
+     *        |     | 
+     *        |     +--> 0x02 L3-1 cusec (integer, optionnal)]
+     *        |
+     *        +--> 0xA4 L4 
+     *        |     | 
+     *        |     +--> 0x18 L4-1 stime (KerberosTime)
+     *        |
+     *        +--> 0xA5 L5
+     *        |     | 
+     *        |     +--> 0x02 L5-1 susec (integer)
+     *        |
+     *        +--> 0xA6 L6
+     *        |     | 
+     *        |     +--> 0x02 L6-1 error-code (integer)
+     *        |
+     *       [+--> 0xA7 L7
+     *        |     | 
+     *        |     +--> 0x1B L7-1 crealm (String, optionnal)]
+     *        |
+     *       [+--> 0xA8 L8
+     *        |     | 
+     *        |     +--> 0x1B L8-1 cname (String, optionnal)]
+     *        |
+     *        +--> 0xA9 L9
+     *        |     | 
+     *        |     +--> 0x1B L9-1 realm (String)
+     *        |
+     *        +--> 0xAA L10
+     *        |     | 
+     *        |     +--> 0x1B L10-1 sname (String)
+     *        |
+     *       [+--> 0xAB L11
+     *        |     | 
+     *        |     +--> 0x1B L11-1 e-text (String, optionnal)]
+     *        |
+     *       [+--> 0xAC L12
+     *              | 
+     *              +--> 0x04 L12-1 e-data (OCTET-STRING, optionnal)]
+     */
+    public int computeLength()
+    {
+        // First compute the KerberosMessage length
+        kerberosErrorSeqLength = super.computeLength();
+        
+        // The clientTime (optionnal)
+        if ( cTime != null )
+        {
+            // The time length
+            cTimeLength = 15; 
+            cTimeTagLength = 1 + 1 + cTimeLength; 
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( cTimeTagLength ) + cTimeTagLength;
+        }
+        
+        if ( cusec != KerberosUtils.NULL )
+        {
+            // The cusec length
+            cusecLength = Value.getNbBytes( cusec );
+            cusecTagLength = 1 + TLV.getNbBytes( cusecLength ) + cusecLength;
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( cusecTagLength ) + cusecTagLength;
+        }
+        
+        // The serverTime length
+        sTimeLength = 15; 
+        sTimeTagLength = 1 + 1 + sTimeLength; 
+        
+        kerberosErrorSeqLength += 
+            1 + TLV.getNbBytes( sTimeTagLength ) + sTimeTagLength;
+
+        // The susec length
+        int susecLength = Value.getNbBytes( susec );
+        susecTagLength = 1 + TLV.getNbBytes( susecLength ) + susecLength;
+        
+        kerberosErrorSeqLength += 
+            1 + TLV.getNbBytes( susecTagLength ) + susecTagLength;
+        
+        // The error-code length
+        errorCodeLength = Value.getNbBytes( errorCode.getOrdinal() );
+        errorCodeTagLength = 1 + TLV.getNbBytes( errorCodeLength ) + errorCodeLength;
+        
+        kerberosErrorSeqLength += 
+            1 + TLV.getNbBytes( errorCodeTagLength ) + errorCodeTagLength;
+        
+        // The client realm length
+        if ( cRealm != null)
+        {
+            // The crealm length
+            cRealmBytes = StringTools.getBytesUtf8( cRealm );
+            cRealmLength = cRealmBytes.length; 
+            cRealmTagLength = 1 + TLV.getNbBytes( cRealmLength ) + cRealmLength;
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( cRealmTagLength ) + cRealmTagLength;
+        }
+        
+        // The client principalName, if any
+        if ( cName != null )
+        {
+            // The cname length
+            cNameTagLength = cName.computeLength(); 
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( cNameTagLength ) + cNameTagLength;
+        }
+        
+        // The realm length
+        realmBytes = StringTools.getBytesUtf8( realm );
+        realmLength = realmBytes.length; 
+        realmTagLength = 1 + TLV.getNbBytes( realmLength ) + realmLength;
+        
+        kerberosErrorSeqLength += 
+            1 + TLV.getNbBytes( realmTagLength ) + realmTagLength;
+
+        // The sname length
+        sNameTagLength = sName.computeLength();
+        
+        kerberosErrorSeqLength += 
+            1 + TLV.getNbBytes( sNameTagLength ) + sNameTagLength;
+
+        // The explanatory length, if any
+        if ( explanatoryText != null )
+        {
+            explanatoryTextBytes = StringTools.getBytesUtf8( explanatoryText );
+            explanatoryTextLength = explanatoryTextBytes.length; 
+            explanatoryTextTagLength = 1 + TLV.getNbBytes( explanatoryTextLength ) + explanatoryTextLength;
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( explanatoryTextTagLength ) + explanatoryTextTagLength;
+        }
+        
+        // The explanatoryData length, if any
+        if ( explanatoryData != null )
+        {
+            explanatoryDataLength = explanatoryData.length; 
+            explanatoryDataTagLength = 1 + TLV.getNbBytes( explanatoryDataLength ) + explanatoryDataLength;
+            
+            kerberosErrorSeqLength += 
+                1 + TLV.getNbBytes( explanatoryDataTagLength ) + explanatoryDataTagLength;
+        }
+
+        kerberosErrorApplLength = 1 + TLV.getNbBytes( kerberosErrorSeqLength ) + kerberosErrorSeqLength;
+        return 1 + TLV.getNbBytes( kerberosErrorApplLength ) + kerberosErrorApplLength;
+    }
+    
+    /**
+     * Encode the KerberosError message to a PDU. 
+     * 
+     * KRB-ERROR :
+     * 
+     * 0x7E LL
+     *   0x30 LL
+     *     0xA0 LL pvno 
+     *     0xA1 LL msg-type
+     *    [0xA2 LL ctime]
+     *    [0xA3 LL cusec]
+     *     0xA4 LL stime
+     *     0xA5 LL susec
+     *     0xA6 LL error-code
+     *    [0xA7 LL crealm]
+     *    [0xA8 LL cname]
+     *     0xA9 LL realm
+     *     0xAA LL sname
+     *    [0xAB LL e-text]
+     *    [0xAC LL e-data]
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            buffer = ByteBuffer.allocate( computeLength() );
+        }
+
+        try
+        {
+            // The KerberosError APPLICATION Tag
+            buffer.put( (byte)0x7E );
+            buffer.put( TLV.getBytes( kerberosErrorApplLength ) );
+
+            // The KerberosError SEQUENCE Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( kerberosErrorSeqLength ) );
+
+            // The pvno Tag and value
+            super.encode(  buffer );
+
+            
+            // The clientTime Tag and value, if any
+            if ( cTime != null )
+            {
+                buffer.put( ( byte )0xA2 );
+                buffer.put( TLV.getBytes( cTimeTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+                buffer.put( TLV.getBytes( cTimeLength ) );
+                buffer.put( StringTools.getBytesUtf8( cTime.toString() ) );
+            }
+
+            // The cusec Tag and value, if any
+            if ( cusec != KerberosUtils.NULL )
+            {
+                buffer.put( ( byte )0xA3 );
+                buffer.put( TLV.getBytes( cusecTagLength ) );
+                Value.encode( buffer, cusec );
+            }
+            
+            // The serverTime Tag and value, if any
+            if ( sTime != null )
+            {
+                buffer.put( ( byte )0xA4 );
+                buffer.put( TLV.getBytes( sTimeTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+                buffer.put( TLV.getBytes( sTimeLength ) );
+                buffer.put( StringTools.getBytesUtf8( sTime.toString() ) );
+            }
+
+            // Server millisecond encoding
+            buffer.put( ( byte )0xA5 );
+            buffer.put( TLV.getBytes( susecTagLength ) );
+            Value.encode( buffer, susec );
+            
+            // Error code encoding
+            buffer.put( ( byte )0xA6 );
+            buffer.put( TLV.getBytes( errorCodeTagLength ) );
+            Value.encode( buffer, errorCode.getOrdinal() );
+            
+            // Client Realm encoding, if any
+            if ( cRealm != null )
+            {
+                buffer.put( ( byte )0xA7 );
+                buffer.put( TLV.getBytes( cRealmTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_STRING_TAG );
+                buffer.put( TLV.getBytes( cRealmLength ) );
+                buffer.put( cRealmBytes );
+            }
+            
+            // ClientPrincipal encoding, if any
+            if ( cName != null )
+            {
+                buffer.put( ( byte )0xA8 );
+                buffer.put( TLV.getBytes( cNameTagLength ) );
+                cName.encode( buffer );
+            }
+
+            // ServerRealm encoding
+            buffer.put( ( byte )0xA9 );
+            buffer.put( TLV.getBytes( realmTagLength ) );
+            buffer.put( UniversalTag.GENERALIZED_STRING_TAG );
+            buffer.put( TLV.getBytes( realmLength ) );
+            buffer.put( realmBytes );
+
+            // Server principal encoding
+            buffer.put( ( byte )0xAA );
+            buffer.put( TLV.getBytes( sNameTagLength ) );
+            sName.encode( buffer );
+            
+            // Explanatory Text encoding if any
+            if ( explanatoryText != null )
+            {
+                buffer.put( ( byte )0xAB );
+                buffer.put( TLV.getBytes( explanatoryTextTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_STRING_TAG );
+                buffer.put( TLV.getBytes( explanatoryTextLength ) );
+                buffer.put( explanatoryTextBytes );
+            }
+
+            // Explanatory Data encoding if any
+            if ( explanatoryData != null )
+            {
+                buffer.put( ( byte )0xAC );
+                buffer.put( TLV.getBytes( explanatoryDataTagLength ) );
+                Value.encode( buffer, explanatoryData );
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the KRB-ERROR object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( kerberosErrorApplLength ) + kerberosErrorApplLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KRB-ERROR encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KRB-ERROR initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+}

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java Mon Sep 24 03:18:05 2007
@@ -19,21 +19,62 @@
  */
 package org.apache.directory.server.kerberos.shared.messages;
 
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 
 /**
+ * A common inherited class which contains the protocol version number and the
+ * message type.
+ * 
+ * The part of ASN.1 grammar will be something like :
+ *   pvno            [T1] INTEGER (5),
+ *   msg-type        [T2] INTEGER (11 -- AS -- | 13 -- TGS --),
+ *   
+ * where T1 and T2 can differ from one message to another. 
+ *  Encoding such a message won't be done in this upper class, but in each of
+ * the inherited class, for this reason
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class KerberosMessage
+public abstract class KerberosMessage extends AbstractAsn1Object
 {
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KerberosMessage.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
     /**
      * The Kerberos protocol version number (5).
      */
     public static final int PVNO = 5;
 
-    private int protocolVersionNumber;
+    /** The protocol version number */
+    private int pvno;
+    
+    /** The message type */
     private MessageType messageType;
-
+    
+    /** The starting tag for the encoding and decoding
+     * It can differ from one message to another. Default to 0xA0;
+     **/
+    private byte startingTag = (byte)0xA0;
+    
+    // Storage for computed lengths
+    private transient int pvnoTagLength;
+    private transient int pvnoLength;
+    private transient int msgTypeTagLength;
+    private transient int msgTypeLength;
 
     /**
      * Creates a new instance of KerberosMessage.
@@ -54,7 +95,7 @@
      */
     public KerberosMessage( int versionNumber, MessageType type )
     {
-        protocolVersionNumber = versionNumber;
+        pvno = versionNumber;
         messageType = type;
     }
 
@@ -88,7 +129,7 @@
      */
     public int getProtocolVersionNumber()
     {
-        return protocolVersionNumber;
+        return pvno;
     }
 
 
@@ -99,6 +140,115 @@
      */
     public void setProtocolVersionNumber( int versionNumber )
     {
-        protocolVersionNumber = versionNumber;
+        pvno = versionNumber;
+    }
+
+    /**
+     * Set the starting tag if different to 0xA0
+     * @param startingTag The starting tag
+     */
+    protected void setStartingTag( byte startingTag )
+    {
+        this.startingTag = startingTag;
+    }
+
+    /**
+     * Return the length of this encoded part.
+     * 
+     * Ax L1
+     *   0X02 0X01 pvno (default to 5)
+     * A(x+1) L2
+     *   0x02 0x01 messageType (Integer)
+     *   
+     * The Ax and A(x+1) can be different depending on the handled messages.
+     */
+    public int computeLength()
+    {
+        // This part's length is easy to compute :
+        // 1 for each tag
+        //   1 for each integer value
+        //   1 for each value
+        pvnoLength = Value.getNbBytes( pvno );
+        pvnoTagLength = 1 + TLV.getNbBytes( pvnoLength ) + pvnoLength;
+        
+        msgTypeLength = Value.getNbBytes( messageType.getOrdinal() );
+        msgTypeTagLength = 1 + TLV.getNbBytes( msgTypeLength ) + msgTypeLength;
+        
+        return 
+            1 + TLV.getNbBytes( pvnoTagLength ) + pvnoTagLength +
+            1 + TLV.getNbBytes( msgTypeTagLength ) + msgTypeTagLength;
+    }
+    
+    /**
+     * Encode the common KerberosMessage part.
+     * 
+     * 0xA0 L1
+     *   0X02 0X01 pvno (default to 5)
+     * 0xA1 L2
+     *   0x02 0x01 messageType (Integer)
+     * 
+     * or
+     * 0xA1 L1
+     *   0X02 0X01 pvno (default to 5)
+     * 0xA2 L2
+     *   0x02 0x01 messageType (Integer)
+     * 
+     * depending on the startingTag value.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Null buffer not allowed" );
+        }
+
+        try
+        {
+            // The pvno tag
+            buffer.put( startingTag );
+            buffer.put( TLV.getBytes( pvnoTagLength ) );
+            Value.encode( buffer, pvno );
+
+            // The Ticket SEQUENCE Tag
+            buffer.put( (byte)( startingTag + 1 ) );
+            buffer.put( TLV.getBytes( msgTypeTagLength ) );
+            Value.encode( buffer, messageType.getOrdinal() );
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the KerberosMessage object, the PDU size is {} when only {} bytes has been allocated", 
+                1 + TLV.getNbBytes( pvno ) + pvnoLength +
+                1 + TLV.getNbBytes( messageType.getOrdinal() ) + msgTypeLength );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KerberosMessage encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KerberosMessage initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString( String tabs )
+    {
+        StringBuilder sb = new StringBuilder();
+        
+        sb.append( tabs ).append( "NYI\n" );
+        
+        return sb.toString();
+    }
+    
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
     }
 }

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosPriv.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosPriv.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosPriv.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosPriv.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,204 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The KRB-PRIV message. The ASN.1 grammar is the following :
+ * 
+ * KRB-PRIV        ::= [APPLICATION 21] SEQUENCE {
+ *         pvno            [0] INTEGER (5),
+ *         msg-type        [1] INTEGER (21),
+ *                         -- NOTE: there is no [2] tag
+ *         enc-part        [3] EncryptedData -- EncKrbPrivPart
+ * }
+ *  
+ * pvno and msg-type are inherited from KerberosMessage
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class KerberosPriv extends KerberosMessage
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KerberosPriv.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+    
+    /** The encrypted data part */
+    private EncryptedData encPart;
+
+    // Storage for computed lengths
+    private transient int encPartTagLength = 0;
+    
+    private transient int kerberosPrivSeqLength;
+    private transient int kerberosPrivApplLength;
+    
+    
+    
+    /**
+     * Creates a new instance of KerberosPriv.
+     */
+    public KerberosPriv()
+    {
+        super( MessageType.KRB_PRIV );
+        encPart = null;
+    }
+
+    /**
+     * @return The encrypted part
+     */
+    public EncryptedData getEncPart()
+    {
+        return encPart;
+    }
+
+    /**
+     * Set the encrypted part
+     * @param encPart The encrypted part
+     */
+    public void setEncPart( EncryptedData encPart )
+    {
+        this.encPart = encPart;
+    }
+    
+    /**
+     * Return the length of a Kerberos Priv message .
+     * 
+     * 0x75 L1
+     *  |
+     *  +--> 0x30 L2
+     *        |
+     *        +--> 0xA0 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 pvno (integer)
+     *        |
+     *        +--> 0xA1 0x03
+     *        |     |
+     *        |     +--> 0x02 0x01 msg-type (integer)
+     *        |
+     *        +--> 0xA3 L3
+     *              | 
+     *              +--> 0x02 L3-1 enc-part (EncryptedData)
+     */
+    public int computeLength()
+    {
+        // First compute the KerberosMessage length
+        kerberosPrivSeqLength = super.computeLength();
+        
+        // The encrypted data length
+        if ( encPart == null )
+        {
+            return -1;
+        }
+        
+        encPartTagLength = encPart.computeLength();
+        
+        kerberosPrivSeqLength += 
+            1 + TLV.getNbBytes( encPartTagLength ) + encPartTagLength;
+
+
+        kerberosPrivApplLength = 1 + TLV.getNbBytes( kerberosPrivSeqLength ) + kerberosPrivSeqLength;
+        return 1 + TLV.getNbBytes( kerberosPrivApplLength ) + kerberosPrivApplLength;
+    }
+    
+    /**
+     * Encode the KerberosPriv message to a PDU. 
+     * 
+     * KRB-PRIV :
+     * 
+     * 0x75 LL
+     *   0x30 LL
+     *     0xA0 LL pvno 
+     *     0xA1 LL msg-type
+     *     0xA3 LL enc-part
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            int bufferCapacity = computeLength();
+            
+            if ( bufferCapacity == -1 )
+            {
+                log.error( "Cannot compute the buffer size" );
+                throw new EncoderException( "Cannot compute the buffer size" );
+            }
+            buffer = ByteBuffer.allocate( bufferCapacity );
+        }
+
+        try
+        {
+            // The KerberosPriv APPLICATION Tag
+            buffer.put( (byte)0x75 );
+            buffer.put( TLV.getBytes( kerberosPrivApplLength ) );
+
+            // The KerberosPriv SEQUENCE Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( kerberosPrivSeqLength ) );
+
+            // The pvno Tag and value
+            super.encode(  buffer );
+
+            // Encrypted Data encoding
+            buffer.put( ( byte )0xA3 );
+            buffer.put( TLV.getBytes( encPartTagLength ) );
+            
+            if ( encPart != null )
+            {
+                encPart.encode( buffer );
+            }
+            else
+            {
+                log.error( "Null Encrypted Data part" );
+                throw new EncoderException( "The encrypted Data must not be null" );
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the KRB-PRIV object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( kerberosPrivApplLength ) + kerberosPrivApplLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KRB-PRIV encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KRB-PRIV initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+}

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java Mon Sep 24 03:18:05 2007
@@ -20,6 +20,8 @@
 package org.apache.directory.server.kerberos.shared.messages;
 
 
+import java.util.List;
+
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
@@ -50,9 +52,12 @@
      * @param ticket
      * @param encPart
      */
-    public TicketGrantReply( PreAuthenticationData[] pAData, KerberosPrincipal clientPrincipal, Ticket ticket,
+    public TicketGrantReply( List<PreAuthenticationData> pAData, KerberosPrincipal clientPrincipal, Ticket ticket,
         EncryptedData encPart )
     {
-        super( pAData, clientPrincipal, ticket, encPart, MessageType.KRB_TGS_REP );
+        super( MessageType.KRB_TGS_REP );
+        super.setPaData( pAData );
+        super.setClientPrincipal( clientPrincipal );
+        super.setEncPart( encPart );
     }
 }

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantingServerRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantingServerRequest.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantingServerRequest.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantingServerRequest.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,150 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages;
+
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.util.List;
+
+import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosRequestBody;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * This class implements the TGS-REQ message.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * TGS-REQ         ::= [APPLICATION 12] KDC-REQ
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class TicketGrantingServerRequest extends KdcRequest
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( TicketGrantingServerRequest.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    // Storage for computed lengths
+    private transient int tgsReqAppLength;
+    
+    /**
+     * Creates a new instance of TicketGrantingServerRequest.
+     *
+     * @param paData
+     * @param clientPrincipal
+     * @param ticket
+     * @param encPart
+     */
+    public TicketGrantingServerRequest( List<PreAuthenticationData> paData, KerberosRequestBody requestBody )
+    {
+        super( MessageType.KRB_TGS_REQ, paData, requestBody );
+    }
+    
+    /**
+     * Return the length of a TGS-REQ message .
+     * 
+     * 0x6C L1
+     *  |
+     *  +--> 0x30 L2 KDC-REQ
+     */
+    public int computeLength()
+    {
+        // Compute the KDC-REQ length
+        tgsReqAppLength = super.computeLength();
+        
+        return 1 + TLV.getNbBytes( tgsReqAppLength ) + tgsReqAppLength;
+    }
+
+    /**
+     * Encode the TGS-REQ message to a PDU. 
+     * 
+     * TGS-REQ :
+     * 
+     * 0x6C LL
+     *   0x30 LL KDC-REQ 
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            buffer = ByteBuffer.allocate( computeLength() );
+        }
+
+        try
+        {
+            // The TGS-REQ application Tag
+            buffer.put( (byte)0x6C   );
+            buffer.put( TLV.getBytes( tgsReqAppLength ) );
+            
+            // Encode the requestBody
+            super.encode( buffer );
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the TGS-REQ object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( tgsReqAppLength ) + tgsReqAppLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "TGS-REQ encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "TGS-REQ initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString( String tabs )
+    {
+        StringBuilder sb = new StringBuilder();
+        
+        sb.append( tabs ).append( "TGS-REQ\n" );
+        sb.append( super.toString( tabs + "    " ) );
+        
+        return sb.toString();
+    }
+    
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
+    }
+}



Mime
View raw message