directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r578743 [6/12] - in /directory/apacheds/branches/apacheds-kerberos: kerberos-shared/ kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/ kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto...
Date Mon, 24 Sep 2007 10:18:45 GMT
Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosRequestBody.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosRequestBody.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosRequestBody.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosRequestBody.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,859 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value;
+
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
+import org.apache.directory.server.kerberos.shared.messages.value.flags.KdcOptions;
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * The Request Body is used into KDC-REQ, which is either an AS-REQ or a TGS-REQ.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * KDC-REQ-BODY    ::= SEQUENCE {
+ *        kdc-options             [0] KDCOptions,
+ *        cname                   [1] PrincipalName OPTIONAL
+ *                                    -- Used only in AS-REQ --,
+ *        realm                   [2] Realm
+ *                                    -- Server's realm
+ *                                    -- Also client's in AS-REQ --,
+ *        sname                   [3] PrincipalName OPTIONAL,
+ *        from                    [4] KerberosTime OPTIONAL,
+ *        till                    [5] KerberosTime,
+ *        rtime                   [6] KerberosTime OPTIONAL,
+ *        nonce                   [7] UInt32,
+ *        etype                   [8] SEQUENCE OF Int32 -- EncryptionType
+ *                                    -- in preference order --,
+ *        addresses               [9] HostAddresses OPTIONAL,
+ *        enc-authorization-data  [10] EncryptedData OPTIONAL
+ *                                    -- AuthorizationData --,
+ *        additional-tickets      [11] SEQUENCE OF Ticket OPTIONAL
+ *                                        -- NOTE: not empty
+ * }
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class KerberosRequestBody extends AbstractAsn1Object
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( KerberosRequestBody.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+    
+    /** The options */
+    private KdcOptions kdcOptions;
+    
+    /** The client principalName */
+    private PrincipalName cName; //optional in TgsReq only
+    
+    /** The client KerberosPrincipal */
+    private KerberosPrincipal clientPrincipal;
+    
+    /** The server realm */ 
+    private String realm;
+    
+    /** A byte array to store the server realm */
+    private transient byte[] realmBytes;
+    
+    /** The server principal Name */
+    private PrincipalName sName; // optional
+    
+    /** The server kerberosPrincipal */
+    private KerberosPrincipal serverPrincipal;
+    
+    /** the desired starttime for the requested ticket */
+    private KerberosTime from; //optional
+    
+    /** the expiration date requested by the client */
+    private KerberosTime till;
+    
+    /** the requested renew-till time sent from a client to a KDC */
+    private KerberosTime rTime; //optional
+    
+    /** random number generated by the client */
+    private int nonce;
+    
+    /** the desired encryption algorithm to be used in the response */
+    private List<EncryptionType> eType;
+    
+    /** the addresses from which the requested ticket is to be valid */
+    private HostAddresses addresses; //optional
+    
+    /** encoding of the desired authorization-data encrypted */
+    private EncryptedData encAuthorizationData; //optional
+    
+    /** Additional tickets */
+    private List<Ticket> additionalTickets; //optional
+
+    // Storage for computed lengths
+    private transient int kdcOptionsTagLength;
+    private transient int kdcOptionsLength;
+    
+    private transient int cNameTagLength;
+    
+    private transient int realmTagLength;
+    
+    private transient int sNameTagLength;
+    
+    private transient int fromTagLength;
+    private transient int fromLength;
+
+    private transient int tillTagLength;
+    private transient int tillLength;
+
+    private transient int rTimeTagLength;
+    private transient int rTimeLength;
+
+    private transient int nonceTagLength;
+    
+    private transient int eTypeTagLength;
+    private transient int eTypeSeqLength;
+    
+    private transient int addressesTagLength;
+
+    private transient int encAuthorizationDataTagLength;
+    
+    private transient int additionalTicketsTagLength;
+    private transient int additionalTicketsSeqLength;
+
+    private transient int requestBodySeqLength;
+
+    
+    /**
+     * Creates a new instance of KerberosRequestBody.
+     **/
+    public KerberosRequestBody()
+    {
+        cName = null; // Optional
+        sName = null; // Optional
+        from = null; // Optional
+        rTime = null; // Optional
+        addresses = null; // Optional
+        encAuthorizationData = null; // Optional
+        additionalTickets = null; // Optional
+        eType = new ArrayList<EncryptionType>();
+    }
+    
+    /**
+     * Returns the additional {@link Ticket}s.
+     *
+     * @return The additional {@link Ticket}s.
+     */
+    public List<Ticket> getAdditionalTickets()
+    {
+        return additionalTickets;
+    }
+
+    /**
+     * Set the additional Tickets list
+     * @param additionalTickets The ticket list
+     */
+    public void setAdditionalTickets( List<Ticket> additionalTickets )
+    {
+        this.additionalTickets = additionalTickets;
+    }
+
+    /**
+     * Set the additional Tickets list
+     * @param additionalTickets The ticket list
+     */
+    public void addAdditionalTicket( Ticket additionalTicket )
+    {
+        if ( additionalTickets == null )
+        {
+            additionalTickets = new ArrayList<Ticket>();
+        }
+        
+        additionalTickets.add( additionalTicket );
+    }
+
+
+    /**
+     * Returns the {@link HostAddresses}.
+     *
+     * @return The {@link HostAddresses}.
+     */
+    public HostAddresses getAddresses()
+    {
+        return addresses;
+    }
+
+    /**
+     * Set the host addresses
+     * 
+     * @param addresses The host addresses structure
+     */
+    public void setAddresses( HostAddresses addresses )
+    {
+        this.addresses = addresses;
+    }
+
+
+    /**
+     * Returns the client {@link KerberosPrincipal}.
+     *
+     * @return The client {@link KerberosPrincipal}.
+     */
+    public KerberosPrincipal getClientPrincipal()
+    {
+        return clientPrincipal;
+    }
+    
+    
+    /**
+     * Set the client KerberosPrincipal 
+     * @param clientPrincipal the client KerberosPrincipal
+     */
+    public void setClientPrincipal( KerberosPrincipal clientPrincipal )
+    {
+        this.clientPrincipal = clientPrincipal;
+        
+        try
+        {
+            cName = new PrincipalName( clientPrincipal.getName(), clientPrincipal.getNameType() );
+        }
+        catch ( ParseException pe )
+        {
+            log.error( "The KerberosPrincipal is invalid : {}", clientPrincipal );
+            cName = null;
+        }
+    }
+
+
+    /**
+     * Returns the server {@link PrincipalName}.
+     *
+     * @return The server {@link PrincipalName}.
+     */
+    public PrincipalName getServerPrincipalName()
+    {
+        return sName;
+    }
+
+
+    /**
+     * Returns the server {@link KerberosPrincipal}.
+     *
+     * @return The server {@link KerberosPrincipal}.
+     */
+    public KerberosPrincipal getServerPrincipal()
+    {
+        return serverPrincipal;
+    }
+
+
+    /**
+     * Returns the encrypted {@link AuthorizationData} as {@link EncryptedData}.
+     *
+     * @return The encrypted {@link AuthorizationData} as {@link EncryptedData}.
+     */
+    public EncryptedData getEncAuthorizationData()
+    {
+        return encAuthorizationData;
+    }
+
+    /**
+     * Set the encrypted {@link AuthorizationData} as {@link EncryptedData}.
+     * @param encAuthorizationData the encrypted {@link AuthorizationData} as {@link EncryptedData}.
+     */
+    public void setEncAuthorizationData( EncryptedData encAuthorizationData )
+    {
+        this.encAuthorizationData = encAuthorizationData;
+    }
+
+
+    /**
+     * Returns the requested {@link EncryptionType}s.
+     *
+     * @return The requested {@link EncryptionType}s.
+     */
+    public List<EncryptionType> getEType()
+    {
+        return eType;
+    }
+
+
+    /**
+     * Returns the from {@link KerberosTime}.
+     *
+     * @return The from {@link KerberosTime}.
+     */
+    public KerberosTime getFrom()
+    {
+        return from;
+    }
+
+    /**
+     * Set the from date
+     * @param from The from date
+     */
+    public void setFrom( KerberosTime from )
+    {
+        this.from = from;
+    }
+
+
+    /**
+     * Returns the {@link KdcOptions}.
+     *
+     * @return The {@link KdcOptions}.
+     */
+    public KdcOptions getKdcOptions()
+    {
+        return kdcOptions;
+    }
+
+    /** 
+     * Set the KdcOptions
+     * @param kdcOptions The KdcOptions
+     */
+    public void setKdcOptions( KdcOptions kdcOptions )
+    {
+        this.kdcOptions = kdcOptions;
+    }
+    
+
+    /**
+     * Returns the nonce.
+     *
+     * @return The nonce.
+     */
+    public int getNonce()
+    {
+        return nonce;
+    }
+
+    /**
+     * Set the nonce
+     * @param nonce The nonce
+     */
+    public void setNonce( int nonce )
+    {
+        this.nonce = nonce;
+    }
+
+    /**
+     * Returns the renew-time {@link KerberosTime}.
+     *
+     * @return The renew-time {@link KerberosTime}.
+     */
+    public KerberosTime getRenewtime()
+    {
+        return rTime;
+    }
+
+    /**
+     * Set the renew-till time sent from a client to
+     * the KDC
+     * @param rtime the renew-till time sent from a client to
+     *  the KDC
+     */
+    public void setRenewtime( KerberosTime rtime )
+    {
+        this.rTime = rtime;
+    }
+
+    /**
+     * Returns the till {@link KerberosTime}.
+     *
+     * @return The till {@link KerberosTime}.
+     */
+    public KerberosTime getTill()
+    {
+        return till;
+    }
+
+    /**
+     * Set the expiration date requested by the client
+     * @param till Expiration date requested by the client
+     */
+    public void setTill( KerberosTime till )
+    {
+        this.till = till;
+    }
+
+    /**
+     * @return The client principalName
+     */
+    public PrincipalName getClientPrincipalName()
+    {
+        return cName;
+    }
+
+    /**
+     * Set the server PrincipalName
+     * @param name the server PrincipalName
+     */
+    public void setServerPrincipalName( PrincipalName sName )
+    {
+        this.sName = sName;
+        serverPrincipal = new KerberosPrincipal( sName.getNameComponent(), sName.getNameType().getOrdinal() );
+    }
+
+    /**
+     * Set the server {@link KerberosPrincipal}
+     * @param name the server {@link KerberosPrincipal}
+     */
+    public void setServerPrincipal( KerberosPrincipal serverPrincipal )
+    {
+        this.serverPrincipal = serverPrincipal;
+
+        try
+        {
+            sName = new PrincipalName( serverPrincipal.getName(), serverPrincipal.getNameType() );
+        }
+        catch ( ParseException pe )
+        {
+            log.error( "The KerberosPrincipal is invalid : {}", serverPrincipal );
+            sName = null;
+        }
+    }
+
+    /**
+     * @return The server realm
+     */
+    public String getRealm()
+    {
+        return realm;
+    }
+
+    /**
+     * Set the server realm
+     * @param realm The server realm
+     */
+    public void setRealm( String realm )
+    {
+        this.realm = realm;
+    }
+
+    /**
+     * Set the list of Encryption types
+     * @param type the list of Encryption types
+     */
+    public void setEncryptionType( List<EncryptionType> eType )
+    {
+        this.eType = eType;
+    }
+    
+    /**
+     * Add a new Encryption type to the eType list
+     * @param eType The EncryptionType to add
+     */
+    public void addEncryptionType( EncryptionType eType )
+    {
+        this.eType.add( eType );
+    }
+
+    /**
+     * Compute the KDC-REQ-BODY length
+     * 
+     * KerberosRequestBody :
+     * 
+     * 0x30 L1 KerberosRequestBody sequence
+     *  |
+     *  +--> 0xA0 L2 kdc-options tag
+     *  |     |
+     *  |     +--> 0x02 L2-1 kdc-options (BIT STRING)
+     *  |
+     *  +--> [0xA1 L3 cname tag
+     *  |     |
+     *  |     +--> 0x30 L3-1 cname (PrincipalName)] (optional)
+     *  |
+     *  +--> 0xA2 L4 realm tag
+     *  |     |
+     *  |     +--> 0x04 L4-1 realm (String)
+     *  |
+     *  +--> [0xA3 L5 sname tag
+     *  |     |
+     *  |     +--> 0x02 L5-1 sname (PrincipalName)] (optional)
+     *  |
+     *  +--> [0xA4 L6 from tag
+     *  |     |
+     *  |     +--> 0x02 L6-1 from (KerberosTime)] (optional)
+     *  |
+     *  +--> 0xA5 L7 till tag
+     *  |     |
+     *  |     +--> 0x02 L7-1 till (KerberosTime)
+     *  |
+     *  +--> [0xA6 L8 rtime tag
+     *  |     |
+     *  |     +--> 0x02 L8-1 kdc-options (KerberosTime)] (optional)
+     *  |
+     *  +--> 0xA7 L9 nonce tag
+     *  |     |
+     *  |     +--> 0x02 L9-1 nonce (int)
+     *  |
+     *  +--> 0xA8 L10 kdc-options tag
+     *  |     |
+     *  |     +--> 0x30 L10-1
+     *  |           |
+     *  |           +--> 0x02 L10-2 etype (int)
+     *  |           |
+     *  |           +--> ...
+     *  |           |
+     *  |           +--> 0x02 L10-N etype (int)
+     *  |
+     *  +--> [0xA9 L11 hostAdresses tag
+     *  |     |
+     *  |     +--> 0x30 L11-1 hostAdresses (HostAddresses)] (optional)
+     *  |
+     *  +--> [0xAA L12 enc-authorization-data tag
+     *  |     |
+     *  |     +--> 0x30 L12-1 enc-authorization-data (EncryptedData)] (optional)
+     *  |
+     *  +--> [0xAB L13 additional-tickets tag
+     *        |
+     *        +--> 0x30 L13-1 additional-tickets (Ticket)
+     *              |
+     *              +--> 0x61 L13-2 Ticket
+     *              |
+     *              +--> ...
+     *              |
+     *              +--> 0x61 L13-N Ticket](optional)
+     */
+    public int computeLength()
+    {
+        requestBodySeqLength = 0;
+
+        // Compute the kdc-options length
+        kdcOptionsLength = 1 + kdcOptions.getData().length;
+        kdcOptionsTagLength = 1 + TLV.getNbBytes( kdcOptionsLength ) + kdcOptionsLength;
+        requestBodySeqLength = 1 + TLV.getNbBytes( kdcOptionsTagLength ) + kdcOptionsTagLength; 
+
+        // Compute the clientPrincipalName if any
+        if ( cName != null )
+        {
+            cNameTagLength = cName.computeLength();
+            requestBodySeqLength += 1 + TLV.getNbBytes( cNameTagLength ) + cNameTagLength;
+        }
+        
+        // Compute the server Realm
+        realmBytes = StringTools.getBytesUtf8( realm );
+        realmTagLength = 1 + TLV.getNbBytes( realmBytes.length ) + realmBytes.length;
+        requestBodySeqLength += 1 + TLV.getNbBytes( realmTagLength ) + realmTagLength;
+        
+        // Compute the serverPrincipalName if any
+        if ( sName != null )
+        {
+            sNameTagLength = sName.computeLength();
+            requestBodySeqLength += 1 + TLV.getNbBytes( sNameTagLength ) + sNameTagLength;
+        }
+        
+        // Compute the from KerberosTime length, if any
+        if ( from != null )
+        {
+            fromLength = 15; 
+            fromTagLength = 1 + 1 + fromLength; 
+            
+            requestBodySeqLength += 
+                1 + TLV.getNbBytes( fromTagLength ) + fromTagLength;
+        }
+
+        // Compute the till KerberosTime length
+        tillLength = 15; 
+        tillTagLength = 1 + 1 + tillLength; 
+        
+        requestBodySeqLength += 
+            1 + TLV.getNbBytes( tillTagLength ) + tillTagLength;
+
+        // Compute the renew KerberosTime length, if any
+        if ( rTime != null )
+        {
+            rTimeLength = 15; 
+            rTimeTagLength = 1 + 1 + rTimeLength; 
+            
+            requestBodySeqLength += 
+                1 + TLV.getNbBytes( rTimeTagLength ) + rTimeTagLength;
+        }
+
+        // Compute the nonce length
+        int nonceLength = Value.getNbBytes( nonce );
+        nonceTagLength = 1 + TLV.getNbBytes( nonceLength ) + nonceLength;
+        requestBodySeqLength += 1 + TLV.getNbBytes( nonceTagLength ) + nonceTagLength;
+        
+        // Compute the EncryptionType length
+        if ( ( eType == null ) || ( eType.size() == 0 ) )
+        {
+            return -1;
+        }
+        
+        for ( EncryptionType type:eType )
+        {
+            int eTypeLength = Value.getNbBytes( type.getOrdinal() );
+            eTypeSeqLength += 1 + TLV.getNbBytes( eTypeLength ) + eTypeLength;
+        }
+        
+        eTypeTagLength = 1 +TLV.getNbBytes( eTypeSeqLength ) + eTypeSeqLength;
+        requestBodySeqLength += 1 + TLV.getNbBytes( eTypeTagLength ) + eTypeTagLength;
+        
+        // Compute the addresses length, if any
+        if ( addresses != null )
+        {
+            addressesTagLength = addresses.computeLength();
+            requestBodySeqLength += 1 + TLV.getNbBytes( addressesTagLength ) + addressesTagLength;
+        }
+        
+        // Compute the encAuthorizationData length
+        if ( encAuthorizationData != null )
+        {
+            encAuthorizationDataTagLength = encAuthorizationData.computeLength();
+            requestBodySeqLength += 1 + TLV.getNbBytes( encAuthorizationDataTagLength ) + encAuthorizationDataTagLength;
+        }
+        
+        if ( additionalTickets != null )
+        {
+            additionalTicketsSeqLength = 0;
+            
+            for ( Ticket ticket:additionalTickets )
+            {
+                additionalTicketsSeqLength += ticket.computeLength();
+            }
+            
+            additionalTicketsTagLength = 1 + TLV.getNbBytes( additionalTicketsSeqLength ) + additionalTicketsSeqLength;
+            requestBodySeqLength += 1 + TLV.getNbBytes( additionalTicketsTagLength ) + additionalTicketsTagLength;
+            
+        }
+        
+        // Compute the whole sequence length
+        return 1 + TLV.getNbBytes( requestBodySeqLength ) + requestBodySeqLength;
+    }
+    
+    /**
+     * Encode the KRB-REQ-BODY message to a PDU. 
+     * 
+     * KRB-REQ-BODY :
+     * 
+     * 0x30 LL
+     *   0xA0 LL 
+     *     0x03 LL kdc-options (BIT STRING)
+     *   [0xA1 LL
+     *     0x30 LL cname (PrincipalName) (optional)]
+     *   0xA2 LL
+     *     0x1B LL realm (KerberosString)
+     *   [0xA3 LL
+     *     0x30 LL sname (PrincipalName) (optional)]
+     *   [0xA4 LL
+     *     0x18 0x0F from (KerberosTime) (optional)]
+     *   0xA5 LL
+     *     0x18 0x0F till (KerberosTime)
+     *   [0xA6 LL
+     *     0x18 0x0F renew (KerberosTime) (optional)]
+     *   0xA7 LL
+     *     0x02 LL nounce (int)
+     *   0xA8 LL
+     *     0x30 LL
+     *       0x02 LL etype
+     *       ...
+     *       0x02 LL etype
+     *   [0xA9 LL
+     *     0x30 LL addresses (HostAddresses) (optional)]
+     *   [0xAA LL
+     *     0x30 LL enc-authorization-data (EncryptedData) (optional)]
+     *   [0xAB LL
+     *     0x30 LL additional-tickets
+     *       0x61 LL Ticket
+     *       ...
+     *       0x61 LL Ticket (optional)]
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The RequestBody SEQ Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( requestBodySeqLength ) );
+
+            // The kdc-options, first the tag, then the value
+            buffer.put( ( byte ) 0xA0 );
+            buffer.put( TLV.getBytes( kdcOptionsTagLength ) );
+
+            Value.encode( buffer, kdcOptions );
+            
+            // The clientprincipalName, if any
+            if ( cName != null )
+            {
+                buffer.put( (byte)0xA1 );
+                buffer.put( TLV.getBytes( cNameTagLength ) );
+                cName.encode( buffer );
+            }
+            
+            // The server realm
+            buffer.put( (byte)0xA2 );
+            buffer.put( TLV.getBytes( realmTagLength ) );
+            
+            buffer.put( UniversalTag.GENERALIZED_STRING_TAG );
+            buffer.put( TLV.getBytes( realmBytes.length ) );
+            buffer.put( realmBytes );
+
+            // The serverprincipalName, if any
+            if ( sName != null )
+            {
+                buffer.put( (byte)0xA3 );
+                buffer.put( TLV.getBytes( sNameTagLength ) );
+                sName.encode( buffer );
+            }
+            
+            // The from KerberosTime Tag and value, if any
+            if ( from != null )
+            {
+                buffer.put( (byte)0xA4 );
+                buffer.put( TLV.getBytes( fromTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+                buffer.put( TLV.getBytes( fromLength ) );
+                buffer.put( StringTools.getBytesUtf8( from.toString() ) );
+            }
+            
+            // The till KerberosTime Tag and value, if any
+            buffer.put( (byte)0xA5 );
+            buffer.put( TLV.getBytes( tillTagLength ) );
+            buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+            buffer.put( TLV.getBytes( tillLength ) );
+            buffer.put( StringTools.getBytesUtf8( till.toString() ) );
+            
+            // The from KerberosTime Tag and value, if any
+            if ( rTime != null )
+            {
+                buffer.put( (byte)0xA6 );
+                buffer.put( TLV.getBytes( rTimeTagLength ) );
+                buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+                buffer.put( TLV.getBytes( rTimeLength ) );
+                buffer.put( StringTools.getBytesUtf8( rTime.toString() ) );
+            }
+            
+            // The nonce, first the tag, then the value
+            buffer.put( ( byte ) 0xA7 );
+            buffer.put( TLV.getBytes( nonceTagLength ) );
+            Value.encode( buffer, nonce );
+            
+            // The EncryptionTypes
+            if ( ( eType == null ) || ( eType.size() == 0 ) )
+            {
+                log.error( "We should have at least one encryption type" );
+                throw new EncoderException( "No encryptionType available" );
+            }
+            
+            // Fisrt, the tag
+            buffer.put( (byte)0xA8 );
+            buffer.put( TLV.getBytes( eTypeTagLength ) );
+            
+            // Then the sequence
+            buffer.put( (byte)0x30 );
+            buffer.put( TLV.getBytes( eTypeSeqLength ) );
+
+            // Now, the eTypes
+            for ( EncryptionType type:eType )
+            {
+                Value.encode( buffer, type.getOrdinal() );
+            }
+            
+            // The addresses
+            if ( addresses != null )
+            {
+                buffer.put( (byte)0xA9 );
+                buffer.put( TLV.getBytes( addressesTagLength ) );
+                addresses.encode( buffer );
+            }
+            
+            // The enc-authorization-data
+            if ( encAuthorizationData != null )
+            {
+                buffer.put( (byte)0xAA );
+                buffer.put( TLV.getBytes( encAuthorizationDataTagLength ) );
+                encAuthorizationData.encode( buffer );
+            }
+            
+            // The additional tickets
+            if ( additionalTickets != null )
+            {
+                buffer.put( (byte)0xAB );
+                buffer.put( TLV.getBytes( additionalTicketsTagLength ) );
+                
+                buffer.put( UniversalTag.SEQUENCE_TAG );
+                buffer.put( TLV.getBytes( additionalTicketsSeqLength ) );
+                
+                for ( Ticket ticket:additionalTickets )
+                {
+                    ticket.encode( buffer );
+                }
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error(
+                "Cannot encode the KerberosRequestBody object, the PDU size is {} when only {} bytes has been allocated", 1
+                    + TLV.getNbBytes( requestBodySeqLength ) + requestBodySeqLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "KerberosRequestBody encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "KerberosRequestBody initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString( String tabs )
+    {
+        return tabs + "NYI";
+    }
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
+    }
+}

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java Mon Sep 24 03:18:05 2007
@@ -22,9 +22,13 @@
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+import java.util.Calendar;
 import java.util.Date;
+import java.util.GregorianCalendar;
 import java.util.TimeZone;
 
+import org.apache.directory.shared.ldap.util.StringTools;
+
 
 /**
  * Implementation of the time object for Kerberos.
@@ -48,6 +52,7 @@
 
     private static final TimeZone UTC_TIME_ZONE = TimeZone.getTimeZone( "UTC" );
     private static final SimpleDateFormat dateFormat = new SimpleDateFormat( "yyyyMMddHHmmss'Z'" );
+    private static final Calendar CALENDAR = new GregorianCalendar( UTC_TIME_ZONE );
 
     static
     {
@@ -95,13 +100,133 @@
      * @return The {@link KerberosTime}.
      * @throws ParseException
      */
-    public static KerberosTime getTime( String zuluTime ) throws ParseException
+    /*public static KerberosTime getTime( String zuluTime ) throws ParseException
     {
         Date date = null;
         synchronized ( dateFormat )
         {
             date = dateFormat.parse( zuluTime );
         }
+        return new KerberosTime( date );
+    }*/
+    
+    private static int[] DAYS_PER_MONTH = new int[]{ 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31};
+    private static int FEBRUARY = 2;
+    
+    /**
+     * Parse a KerberosTime
+     * @param zuluTime The time to parse
+     * @return A valid KzerberosTime, containing the Date
+     * @exception ParseException If the time is not a KerberosTime
+     */
+    public static KerberosTime getTime( String zuluTime ) throws ParseException
+    {
+        Date date = null;
+        
+        if ( ( zuluTime == null ) || ( zuluTime.length() != 15 ) )
+        {
+            throw new ParseException( "Invalid KerberosTime : it should not be null", 0 );
+        }
+        
+        char[] zTime = zuluTime.toCharArray();
+
+        for ( int i = 0; i < zTime.length; i++ )
+        {
+            if ( !StringTools.isDigit( zTime[i] ) )
+            {
+                if ( ( i == 14 ) && ( ( zTime[i] == 'Z' ) || ( zTime[i] == 'z' ) ) )
+                {
+                    break;
+                }
+                else
+                {
+                    throw new ParseException( "Invalid KerberosTime", i );
+                }
+            }
+        }
+        
+        // compute the numbers
+        int year =  ( ( zTime[0] - '0' ) * 1000 ) +
+                    ( ( zTime[1] - '0' ) * 100 ) +
+                    ( ( zTime[2] - '0' ) * 10 ) +
+                    ( zTime[3] - '0' );
+        
+        int month = ( ( zTime[4] - '0' ) * 10 ) +
+                    ( zTime[5] - '0' );
+
+        int day =   ( ( zTime[6] - '0' ) * 10 ) +
+                    ( zTime[7] - '0' );
+
+        int hour =  ( ( zTime[8] - '0' ) * 10 ) +
+                    ( zTime[9] - '0' );
+
+        int min =   ( ( zTime[10] - '0' ) * 10 ) +
+                    ( zTime[11] - '0' );
+
+        int sec =   ( ( zTime[12] - '0' ) * 10 ) +
+                    ( zTime[13] - '0' );
+        
+        // Now test the values
+        if ( ( month == 0 ) || ( month > 12 ) ) 
+        {
+            throw new ParseException( "Invalid KerberosTime : month is invalid", 5 );
+        }
+
+        if ( day == 0 )
+        {
+            throw new ParseException( "Invalid KerberosTime : day is invalid", 7 );
+        }
+        
+        if ( month == FEBRUARY )
+        {
+            // Check for leap years
+            if ( ( year & 0x0003 ) == 0 )
+            {
+                // evey 400 years, we have a leap year, otherwise it's not
+                if ( year % 400 == 0 )
+                {
+                    if ( day > 29 )
+                    {
+                        throw new ParseException( "Invalid KerberosTime : day is invalid", 7 );
+                    }
+                }
+                else
+                {
+                    if ( day > 28 )
+                    {
+                        throw new ParseException( "Invalid KerberosTime : day is invalid for february", 7 );
+                    }
+                }
+            }
+            else
+            {
+                if ( day > 28 )
+                {
+                    // We don't have a leap year, so we should have only 28 days
+                    throw new ParseException( "Invalid KerberosTime : day is invalid for a non leap year", 7 );
+                }
+            }
+        }
+        else
+        {
+            if ( day > DAYS_PER_MONTH[month] )
+            {
+                throw new ParseException( "Invalid KerberosTime : day is invalid for this month", 7 );
+            }
+        }
+        
+        if ( ( hour > 23 ) || ( min > 59 ) || ( sec > 59 ) ) 
+        {
+            throw new ParseException( "Invalid KerberosTime : time is invalid", 9 );
+       }
+        
+        synchronized( CALENDAR )
+        {
+            CALENDAR.clear();
+            CALENDAR.set( year, month - 1, day, hour, min, sec );
+            date = CALENDAR.getTime();
+        }
+        
         return new KerberosTime( date );
     }
 

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java Mon Sep 24 03:18:05 2007
@@ -22,6 +22,8 @@
 
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;
+
 
 /**
  * Kerberos credential information.

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java Mon Sep 24 03:18:05 2007
@@ -20,6 +20,9 @@
 package org.apache.directory.server.kerberos.shared.messages.value;
 
 
+import org.apache.directory.server.kerberos.shared.messages.value.types.LastRequestType;
+
+
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java Mon Sep 24 03:18:05 2007
@@ -20,6 +20,9 @@
 package org.apache.directory.server.kerberos.shared.messages.value;
 
 
+import org.apache.directory.server.kerberos.shared.messages.value.types.LastRequestType;
+
+
 /**
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthEncryptedTimestamp.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthEncryptedTimestamp.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthEncryptedTimestamp.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthEncryptedTimestamp.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,234 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value;
+
+
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
+import org.apache.directory.server.kerberos.shared.messages.Encodable;
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * Pre-authentication encrypted timestamp.
+ * 
+ * The ASN.1 grammar is the following :
+ * 
+ * PA-ENC-TIMESTAMP        ::= EncryptedData -- PA-ENC-TS-ENC
+ * 
+ * PA-ENC-TS-ENC           ::= SEQUENCE {
+ *        patimestamp     [0] KerberosTime -- client's time --,
+ *        pausec          [1] Microseconds OPTIONAL
+ * }
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class PreAuthEncryptedTimestamp extends AbstractAsn1Object implements Encodable
+{
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( PreAuthEncryptedTimestamp.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    /** client's time */
+    private KerberosTime paTimestamp;
+    
+    /** Client's microseconds */
+    private int pausec; //optional
+
+    // Storage for computed lengths
+    private transient int preAuthEncryptedTimestampSeqLength;
+    
+    private transient int paTimestampTagLength;
+    private transient int paTimestampLength;
+    
+    private transient int pausecTagLength;
+
+    
+    /**
+     * Creates a new instance of EncryptedTimeStamp.
+     *
+     * @param timeStamp
+     * @param microSeconds
+     */
+    public PreAuthEncryptedTimestamp( KerberosTime paTimestamp, int pausec )
+    {
+        this.paTimestamp = paTimestamp;
+        this.pausec = pausec;
+    }
+
+
+    /**
+     * Returns the {@link KerberosTime}.
+     *
+     * @return The {@link KerberosTime}.
+     */
+    public KerberosTime getTimeStamp()
+    {
+        return paTimestamp;
+    }
+
+    /**
+     * Set the client timestamp
+     * @param paTimestamp The client timestamp
+     */
+    public void setTimestamp( KerberosTime paTimestamp )
+    {
+        this.paTimestamp = paTimestamp;
+    }
+
+
+    /**
+     * Returns the microseconds.
+     *
+     * @return The microseconds.
+     */
+    public int getMicroSeconds()
+    {
+        return pausec;
+    }
+
+
+    /**
+     * Set the client microseconds
+     * @param pausec The client microseconds
+     */
+    public void setPausec( int pausec )
+    {
+        this.pausec = pausec;
+    }
+    
+    /**
+     * Compute the PA-ENC-TS-ENC length
+     * 
+     * PA-ENC-TS-ENC :
+     * 
+     * 0x30 L1 PA-ENC-TS-ENC Seq
+     *  |
+     *  +--> 0xA0 L2 apatimestamp tag
+     *  |     |
+     *  |     +--> 0x18 L2-1 patimestamp (KerberosTime)
+     *  |
+     *  +--> [0xA1 L3 pausec tag
+     *        |
+     *        +--> 0x1B L3-1 pausec (optional)]
+     */
+    public int computeLength()
+    {
+        preAuthEncryptedTimestampSeqLength = 0;
+
+        // Compute the patimestamp length
+        paTimestampLength = 15; 
+        paTimestampTagLength = 1 + 1 + paTimestampLength;
+        
+        preAuthEncryptedTimestampSeqLength = 1 + TLV.getNbBytes( paTimestampTagLength ) + paTimestampTagLength;
+
+        // Compute the pausec length, if any
+        if ( pausec != KerberosUtils.NULL )
+        {
+            int pausecLength = Value.getNbBytes( pausec );
+            pausecTagLength = 1 + TLV.getNbBytes( pausecLength ) + pausecLength;
+            preAuthEncryptedTimestampSeqLength += 1 + TLV.getNbBytes( pausecTagLength ) + pausecTagLength;
+        }
+
+        // Compute the whole sequence length
+        return 1 + TLV.getNbBytes( preAuthEncryptedTimestampSeqLength ) + preAuthEncryptedTimestampSeqLength;
+    }
+    
+    /**
+     * Encode the PA-ENC-TS-ENC message to a PDU. 
+     * 
+     * PA-ENC-TS-ENC :
+     * 
+     * 0x30 LL
+     *   0xA0 0x11 
+     *     0x18 0x0F (KerberosTime)
+     *   [0xA1 LL
+     *     0x02 LL pausec (int)] (optional)
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The PA-ENC-TS-ENC SEQ Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( preAuthEncryptedTimestampSeqLength ) );
+
+            // The patimestamp encoding, first the tag, then the value
+            buffer.put( ( byte ) 0xA0 );
+            buffer.put( TLV.getBytes( paTimestampTagLength ) );
+            buffer.put( UniversalTag.GENERALIZED_TIME_TAG );
+            buffer.put( TLV.getBytes( paTimestampLength ) );
+            buffer.put( StringTools.getBytesUtf8( paTimestamp.toString() ) );
+            
+            // Client millisecond encoding, if any
+            if ( pausec != KerberosUtils.NULL )
+            {
+                buffer.put( ( byte )0xA1 );
+                buffer.put( TLV.getBytes( pausecTagLength ) );
+                Value.encode( buffer, pausec );
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error(
+                "Cannot encode the PA-ENC-TS-ENC object, the PDU size is {} when only {} bytes has been allocated", 1
+                    + TLV.getNbBytes( preAuthEncryptedTimestampSeqLength ) + preAuthEncryptedTimestampSeqLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "PA-ENC-TS-ENC encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "PA-ENC-TS-ENC initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+    
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return "NYI";
+    }
+    
+}

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java Mon Sep 24 03:18:05 2007
@@ -20,26 +20,62 @@
 package org.apache.directory.server.kerberos.shared.messages.value;
 
 
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.server.kerberos.shared.messages.value.types.PreAuthenticationDataType;
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
 /**
+ * The Pre-Authentication data. Tha ASN.1 GRAMMAR IS :
+ * 
+ * PA-DATA         ::= SEQUENCE {
+ *         -- NOTE: first tag is [1], not [0]
+ *         padata-type     [1] Int32,
+ *         padata-value    [2] OCTET STRING -- might be encoded AP-REQ
+ * }
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class PreAuthenticationData
+public class PreAuthenticationData extends AbstractAsn1Object
 {
-    private PreAuthenticationDataType dataType;
-    private byte[] dataValue;
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( PreAuthenticationData.class );
 
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    /** The Pre-authentication type */
+    private PreAuthenticationDataType paDataType;
+    
+    /** The authentication data */
+    private byte[] paDataValue;
+
+    // Storage for computed lengths
+    private transient int paDataTypeTagLength;
+    private transient int paDataValueTagLength;
+    private transient int preAuthenticationDataSeqLength;
+    
 
     /**
      * Creates a new instance of PreAuthenticationData.
      *
-     * @param dataType
+     * @param paDataType
      * @param dataValue
      */
-    public PreAuthenticationData( PreAuthenticationDataType dataType, byte[] dataValue )
+    public PreAuthenticationData( PreAuthenticationDataType paDataType, byte[] paDataValue )
     {
-        this.dataType = dataType;
-        this.dataValue = dataValue;
+        this.paDataType = paDataType;
+        this.paDataValue = paDataValue;
     }
 
 
@@ -50,7 +86,7 @@
      */
     public PreAuthenticationDataType getDataType()
     {
-        return dataType;
+        return paDataType;
     }
 
 
@@ -61,6 +97,135 @@
      */
     public byte[] getDataValue()
     {
-        return dataValue;
+        return paDataValue;
+    }
+    
+    /**
+     * Compute the PreAuthenticationData length
+     * 
+     * PreAuthenticationData :
+     * 
+     * 0x30 L1 PreAuthenticationData sequence
+     *  |
+     *  +--> 0xA0 L2 padata-type tag
+     *  |     |
+     *  |     +--> 0x02 L2-1 padata-type (int)
+     *  |
+     *  +--> 0xA1 L3 padata-value tag
+     *        |
+     *        +--> 0x04 L3-1 padata-value (OCTET STRING)
+     *        
+     *  where L1 = L2 + lenght(0xA0) + length(L2) +
+     *             L3 + lenght(0xA1) + length(L3) 
+     *  and
+     *  L2 = L2-1 + length(0x02) + length( L2-1) 
+     *  L3 = L3-1 + length(0x04) + length( L3-1) 
+     */
+    public int computeLength()
+    {
+        // Compute the paDataType. The Length will always be contained in 1 byte
+        int paDataTypeLength = Value.getNbBytes( paDataType.getOrdinal() );
+        paDataTypeTagLength = 1 + TLV.getNbBytes( paDataTypeLength ) + paDataTypeLength;
+        preAuthenticationDataSeqLength = 1 + TLV.getNbBytes( paDataTypeTagLength ) + paDataTypeTagLength;
+
+        // Compute the paDataValue
+        if ( paDataValue == null )
+        {
+            paDataValueTagLength = 1 + 1;
+        }
+        else
+        {
+            paDataValueTagLength = 1 + TLV.getNbBytes( paDataValue.length ) + paDataValue.length;
+        }
+
+        // Compute the whole sequence length
+        preAuthenticationDataSeqLength += 1 + TLV.getNbBytes( paDataValueTagLength ) + paDataValueTagLength;
+
+        return 1 + TLV.getNbBytes( preAuthenticationDataSeqLength ) + preAuthenticationDataSeqLength;
+
+    }
+
+
+    /**
+     * Encode the PreAuthenticationData message to a PDU. 
+     * 
+     * PreAuthenticationData :
+     * 
+     * 0x30 LL
+     *   0xA0 LL 
+     *     0x02 0x01 padata-type
+     *   0xA1 LL 
+     *     0x04 LL padata-value
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The Checksum SEQ Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( preAuthenticationDataSeqLength ) );
+
+            // The cksumtype, first the tag, then the value
+            buffer.put( ( byte ) 0xA1 );
+            buffer.put( TLV.getBytes( paDataTypeTagLength ) );
+            Value.encode( buffer, paDataType.getOrdinal() );
+
+            // The checksum, first the tag, then the value
+            buffer.put( ( byte ) 0xA2 );
+            buffer.put( TLV.getBytes( paDataValueTagLength ) );
+            Value.encode( buffer, paDataValue );
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error( "Cannot encode the PreAuthenticationData object, the PDU size is {} when only {} bytes has been allocated", 1
+                + TLV.getNbBytes( preAuthenticationDataSeqLength ) + preAuthenticationDataSeqLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "PreAuthenticationData encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "PreAuthenticationData initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        return toString( "" );
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString( String tabs )
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( tabs ).append( "PreAuthenticationData : {\n" );
+        sb.append( tabs ).append( "    padata-type: " ).append( paDataType ).append( '\n' );
+
+        if ( paDataValue != null )
+        {
+            sb.append( tabs + "    padata-value:" ).append( StringTools.dumpBytes( paDataValue ) ).append( '\n' );
+        }
+
+        sb.append( tabs + "}\n" );
+
+        return sb.toString();
     }
 }

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java Mon Sep 24 03:18:05 2007
@@ -20,14 +20,98 @@
 package org.apache.directory.server.kerberos.shared.messages.value;
 
 
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.KerberosUtils;
+import org.apache.directory.server.kerberos.shared.messages.value.types.PrincipalNameType;
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
 /**
+ * A principal Name, componsed of a type and N names.
+ * 
+ * PrincipalName   ::= SEQUENCE {
+ *        name-type       [0] Int32,
+ *        name-string     [1] SEQUENCE OF KerberosString
+ * }
+ *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class PrincipalName
+public class PrincipalName extends AbstractAsn1Object
 {
-    private String nameComponent;
-    private int nameType;
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( PrincipalName.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    /** The type for this principal */
+    private PrincipalNameType nameType;
+
+    /** The principal name - we may have more than one - */
+    private List<String> nameString;
+    
+    /** The principal name as a byte[], for encoding purpose */
+    private transient List<byte[]> nameBytes;
+    
+    // Storage for computed lengths
+    private transient int principalNameSeqLength;
+    private transient int principalTypeTagLength;
+    private transient int principalTypeLength;
+    private transient int principalStringsTagLength;
+    private transient int principalStringsSeqLength;
+
+    /**
+     * Creates a new empty instance of PrincipalName.
+     *
+     * @param principal A Sun kerberosPrincipal instance
+     */
+    public PrincipalName()
+    {
+    }
+
+    /**
+     * Creates a new instance of PrincipalName, given a KerberosPrincipal.
+     * 
+     * We assume that a principal has only one type, even if there are
+     * more than one name component.
+     *
+     * @param principal A Sun kerberosPrincipal instance
+     */
+    public PrincipalName( KerberosPrincipal principal ) throws ParseException
+    {
+        nameString = KerberosUtils.getNames( principal );
+
+        this.nameType = PrincipalNameType.getTypeByOrdinal( principal.getNameType() );
+    }
+    
+    /**
+     * Creates a new instance of PrincipalName given a String and an 
+     * prinipal type.
+     * 
+     * @param nameString The name string, which can contains more than one nameComponent
+     * @param nameType The principal name
+     */
+    public PrincipalName( String nameString, PrincipalNameType nameType )  throws ParseException
+    {
+        this.nameString = KerberosUtils.getNames( nameString );
+        
+        this.nameType = nameType;
+    }
 
 
     /**
@@ -36,10 +120,11 @@
      * @param nameComponent
      * @param nameType
      */
-    public PrincipalName( String nameComponent, int nameType )
+    public PrincipalName( String nameString, int nameType ) throws ParseException
     {
-        this.nameComponent = nameComponent;
-        this.nameType = nameType;
+        this.nameString = KerberosUtils.getNames( nameString );
+        
+        this.nameType = PrincipalNameType.getTypeByOrdinal( nameType );
     }
 
 
@@ -48,19 +133,265 @@
      *
      * @return The type of the {@link PrincipalName}.
      */
-    public int getNameType()
+    public PrincipalNameType getNameType()
     {
         return nameType;
     }
-
+                    
+    /** 
+     * Set the Principal name Type
+     * @param nameType the Principal name Type
+     */
+    public void setNameType( PrincipalNameType nameType )
+    {
+        this.nameType = nameType;
+    }
 
     /**
      * Returns the name component.
      *
      * @return The name component.
      */
+    public List<String> getNameString()
+    {
+        return nameString;
+    }
+
+
     public String getNameComponent()
     {
-        return nameComponent;
+        if ( ( nameString != null ) || ( nameString.size() == 0 ) )
+        {
+            return "";
+        }
+        else
+        {
+            StringBuilder sb = new StringBuilder();
+            boolean isFirst = true;
+
+            for ( String name : nameString )
+            {
+                if ( isFirst )
+                {
+                    isFirst = false;
+                }
+                else
+                {
+                    sb.append( '/' );
+                }
+
+                sb.append( name );
+            }
+
+            return sb.toString();
+        }
+    }
+
+
+    /**
+     * Add a new name to the PrincipalName
+     * @param name The name to add
+     */
+    public void addNameString( String name )
+    {
+        if ( nameString == null )
+        {
+            nameString = new ArrayList<String>();
+        }
+
+        nameString.add( name );
+    }
+
+
+    /**
+     * Compute the PrincipalName length
+     * 
+     * PrincipalName :
+     * 
+     * 0x30 L1 PrincipalName sequence
+     *  |
+     *  +--> 0xA1 L2 name-type tag
+     *  |     |
+     *  |     +--> 0x02 L2-1 addressType (int)
+     *  |
+     *  +--> 0xA2 L3 name-string tag
+     *        |
+     *        +--> 0x30 L3-1 name-string (SEQUENCE OF KerberosString)
+     *              |
+     *              +--> 0x1B L4[1] value (KerberosString)
+     *              |
+     *              +--> 0x1B L4[2] value (KerberosString)
+     *              |
+     *              ...
+     *              |
+     *              +--> 0x1B L4[n] value (KerberosString)
+     */
+    public int computeLength()
+    {
+        // The principalName can't be empty.
+        principalTypeLength = Value.getNbBytes( nameType.getOrdinal() );
+        principalTypeTagLength = 1 + TLV.getNbBytes( principalTypeLength ) + principalTypeLength;
+        
+        principalNameSeqLength = 1 + TLV.getNbBytes( principalTypeTagLength ) + principalTypeTagLength;
+
+        // Compute the keyValue
+        if ( ( nameString == null ) || ( nameString.size() == 0 ) )
+        {
+            principalStringsSeqLength = 0;
+        }
+        else
+        {
+            principalStringsSeqLength = 0;
+            nameBytes = new ArrayList<byte[]>( nameString.size() );
+
+            for ( String name : nameString )
+            {
+                if ( name != null )
+                {
+                    byte[] bytes = StringTools.getBytesUtf8( name );
+                    nameBytes.add( bytes );
+                    principalStringsSeqLength += 1 + TLV.getNbBytes( bytes.length ) + bytes.length;
+                }
+                else
+                {
+                    nameBytes.add( StringTools.EMPTY_BYTES );
+                    principalStringsSeqLength += 1 + 1;
+                }
+            }
+        }
+
+        principalStringsTagLength = 1 + TLV.getNbBytes( principalStringsSeqLength ) + principalStringsSeqLength;
+        principalNameSeqLength += 1 + TLV.getNbBytes( principalStringsTagLength ) + principalStringsTagLength;
+
+        // Compute the whole sequence length
+        return 1 + TLV.getNbBytes( principalNameSeqLength ) + principalNameSeqLength;
+    }
+
+
+    /**
+     * Encode the PrincipalName message to a PDU. 
+     * 
+     * PrincipalName :
+     * 
+     * 0x30 LL
+     *   0xA0 LL 
+     *     0x02 0x01 name-type (integer)
+     *   0xA1 LL 
+     *     0x30 LL name-string (SEQUENCE OF KerberosString)
+     *       0x1B LL name-string[1]
+     *       0x1B LL name-string[2]
+     *       ...
+     *       0x1B LL name-string[n]
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The PrincipalName SEQ Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( principalNameSeqLength ) );
+
+            // The name-type, first the tag, then the value
+            buffer.put( ( byte ) 0xA0 );
+            buffer.put( TLV.getBytes( principalTypeTagLength ) );
+            Value.encode( buffer, nameType.getOrdinal() );
+
+            // The name-string tag
+            buffer.put( ( byte ) 0xA1 );
+            buffer.put( TLV.getBytes( principalStringsTagLength ) );
+
+            // The name-string sequence
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+
+            if ( ( nameString == null ) || ( nameString.size() == 0 ) )
+            {
+                buffer.put( ( byte ) 0x00 );
+            }
+            else
+            {
+                buffer.put( TLV.getBytes( principalStringsSeqLength ) );
+
+                // The kerberosStrings
+                for ( byte[] name : nameBytes )
+                {
+                    buffer.put( UniversalTag.GENERALIZED_STRING_TAG );
+
+                    if ( ( name == null ) || ( name.length == 0 ) )
+                    {
+                        buffer.put( ( byte ) 0x00 );
+                    }
+                    else
+                    {
+                        buffer.put( TLV.getBytes( name.length ) );
+                        buffer.put( name );
+                    }
+                }
+            }
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error(
+                "Cannot encode the principalName object, the PDU size is {} when only {} bytes has been allocated", 1
+                    + TLV.getNbBytes( principalNameSeqLength ) + principalNameSeqLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "PrinipalName encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "PrinipalName initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( "PincipalName : {\n" );
+
+        sb.append( "    name-type: " ).append( nameType ).append( '\n' );
+
+        if ( ( nameString != null ) && ( nameString.size() != 0 ) )
+        {
+            sb.append( "    name-string : <" );
+            boolean isFirst = true;
+
+            for ( String name : nameString )
+            {
+                if ( isFirst )
+                {
+                    isFirst = false;
+                }
+                else
+                {
+                    sb.append( ", " );
+                }
+
+                sb.append( '\'' ).append( name ).append( '\'' );
+            }
+
+            sb.append( ">\n}" );
+        }
+        else
+        {
+            sb.append( "    no name-string\n}" );
+        }
+
+        return sb.toString();
     }
 }

Modified: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java?rev=578743&r1=578742&r2=578743&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java (original)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java Mon Sep 24 03:18:05 2007
@@ -20,22 +20,63 @@
 package org.apache.directory.server.kerberos.shared.messages.value;
 
 
+import java.nio.BufferOverflowException;
+import java.nio.ByteBuffer;
+
+import org.apache.directory.server.kerberos.shared.messages.value.types.TransitedEncodingType;
+import org.apache.directory.shared.asn1.AbstractAsn1Object;
+import org.apache.directory.shared.asn1.ber.tlv.TLV;
+import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
+import org.apache.directory.shared.asn1.ber.tlv.Value;
+import org.apache.directory.shared.asn1.codec.EncoderException;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
 /**
+ * The TransitedEncoding structure.
+ * 
+ * The ASN.1 grammar is :
+ * 
+ * -- encoded Transited field
+ * TransitedEncoding       ::= SEQUENCE {
+ *         tr-type         [0] Int32 -- must be registered --,
+ *         contents        [1] OCTET STRING
+ * }
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
-public class TransitedEncoding
+public class TransitedEncoding extends AbstractAsn1Object
 {
-    private TransitedEncodingType type;
+    /** The logger */
+    private static final Logger log = LoggerFactory.getLogger( TransitedEncoding.class );
+
+    /** Speedup for logs */
+    private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+    /** The transited type. One of :
+     * NULL
+     * DOMAIN_X500_COMPRESS
+     */
+    private TransitedEncodingType trType;
+
+    /** The transited data */
     private byte[] contents;
 
+    // Storage for computed lengths
+    private transient int trTypeLength;
+    private transient int contentsLength;
+    private transient int transitedEncodingLength;
+
 
     /**
      * Creates a new instance of TransitedEncoding.
      */
     public TransitedEncoding()
     {
-        type = TransitedEncodingType.NULL;
+        trType = TransitedEncodingType.NULL;
         contents = new byte[0];
     }
 
@@ -46,9 +87,9 @@
      * @param type
      * @param contents
      */
-    public TransitedEncoding( TransitedEncodingType type, byte[] contents )
+    public TransitedEncoding( TransitedEncodingType trType, byte[] contents )
     {
-        this.type = type;
+        this.trType = trType;
         this.contents = contents;
     }
 
@@ -71,6 +112,125 @@
      */
     public TransitedEncodingType getType()
     {
-        return type;
+        return trType;
+    }
+
+
+    /**
+     * Compute the TransitedEncoding length
+     * 
+     * TransitedEncoding :
+     * 
+     * 0x30 L1 TransitedEncoding
+     *  |
+     *  +--> 0xA0 L2 trType tag
+     *  |     |
+     *  |     +--> 0x02 L2-1 trType (int)
+     *  |
+     *  +--> 0xA1 L3 contents tag
+     *        |
+     *        +--> 0x04 L3-1 contents (OCTET STRING)
+     *        
+     *  where L1 = L2 + lenght(0xA0) + length(L2) +
+     *             L3 + lenght(0xA1) + length(L3) 
+     *  and
+     *  L2 = L2-1 + length(0x02) + length( L2-1) 
+     *  L3 = L3-1 + length(0x04) + length( L3-1) 
+     */
+    public int computeLength()
+    {
+        // Compute the trType. The Length will always be contained in 1 byte
+        trTypeLength = 1 + 1 + Value.getNbBytes( trType.getOrdinal() );
+        transitedEncodingLength = 1 + TLV.getNbBytes( trTypeLength ) + trTypeLength;
+
+        // Compute the keyValue
+        if ( contents == null )
+        {
+            contentsLength = 1 + 1;
+        }
+        else
+        {
+            contentsLength = 1 + TLV.getNbBytes( contents.length ) + contents.length;
+        }
+
+        transitedEncodingLength += 1 + TLV.getNbBytes( contentsLength ) + contentsLength;
+
+        // Compute the whole sequence length
+        int transitedEncodingSeqLength = 1 + Value.getNbBytes( transitedEncodingLength ) + transitedEncodingLength;
+
+        return transitedEncodingSeqLength;
+
+    }
+
+
+    /**
+     * Encode the TransitedEncoding message to a PDU. 
+     * 
+     * TransitedEncoding :
+     * 
+     * 0x30 LL
+     *   0xA0 LL 
+     *     0x02 0x01 trType
+     *   0xA1 LL 
+     *     0x04 LL adData
+     * 
+     * @param buffer The buffer where to put the PDU. It should have been allocated
+     * before, with the right size.
+     * @return The constructed PDU.
+     */
+    public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
+    {
+        if ( buffer == null )
+        {
+            throw new EncoderException( "Cannot put a PDU in a null buffer !" );
+        }
+
+        try
+        {
+            // The AuthorizationDataEntry SEQ Tag
+            buffer.put( UniversalTag.SEQUENCE_TAG );
+            buffer.put( TLV.getBytes( transitedEncodingLength ) );
+
+            // The tr-type, first the tag, then the value
+            buffer.put( ( byte ) 0xA0 );
+            buffer.put( TLV.getBytes( trTypeLength ) );
+            Value.encode( buffer, trType.getOrdinal() );
+
+            // The contents, first the tag, then the value
+            buffer.put( ( byte ) 0xA1 );
+            buffer.put( TLV.getBytes( contentsLength ) );
+            Value.encode( buffer, contents );
+        }
+        catch ( BufferOverflowException boe )
+        {
+            log.error(
+                "Cannot encode the TransitedEncoding object, the PDU size is {} when only {} bytes has been allocated",
+                1 + TLV.getNbBytes( transitedEncodingLength ) + transitedEncodingLength, buffer.capacity() );
+            throw new EncoderException( "The PDU buffer size is too small !" );
+        }
+
+        if ( IS_DEBUG )
+        {
+            log.debug( "TransitedEncoding encoding : {}", StringTools.dumpBytes( buffer.array() ) );
+            log.debug( "TransitedEncoding initial value : {}", toString() );
+        }
+
+        return buffer;
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( "TransitedEncoding : {\n" );
+        sb.append( "    tr-type: " ).append( trType ).append( '\n' );
+
+        sb.append( "    contents: " ).append( StringTools.dumpBytes( contents ) ).append( "\n}\n" );
+
+        return sb.toString();
     }
 }

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/AbstractKerberosFlags.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/AbstractKerberosFlags.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/AbstractKerberosFlags.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/AbstractKerberosFlags.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,226 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value.flags;
+
+import org.apache.directory.shared.asn1.primitives.BitString;
+
+/**
+ * An implementation of a BitString for any KerberosFlags. The different values
+ * are stored in an int, as there can't be more than 32 flags (TicketFlag).
+ * 
+ * Some basic operations are implemented in this abstract class, like those
+ * manipulating flags.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public abstract class AbstractKerberosFlags extends BitString implements KerberosFlags
+{
+    /** The associated value */
+    protected int value;
+    
+    /**
+     * Standard constructor, which create a BitString containing 32 bits
+     */
+    public AbstractKerberosFlags()
+    {
+        super( 32 );
+    }
+
+    /**
+     * Standard constructor, taking a byte array
+     */
+    public AbstractKerberosFlags( byte[] flags )
+    {
+        super( flags );
+    }
+    
+    /**
+     * A static method to get the bayte array representation of an int
+     * @return The byte array for a list of flags.
+     */
+    public static byte[] getBytes( int flags )
+    {
+        return new byte[]{
+                (byte)( flags >>> 24), 
+                (byte)( ( flags >> 16 ) & 0x00ff ), 
+                (byte)( ( flags >> 8 ) & 0x00ff ), 
+                (byte)( flags & 0x00ff ) };
+    }
+    
+    /**
+     * @return The byte array for a KerberosFlags
+     */
+    public byte[] getBytes()
+    {
+        return getData();
+        /*new byte[]{
+                (byte)( value >>> 24), 
+                (byte)( ( value >> 16 ) & 0x00ff ), 
+                (byte)( ( value >> 8 ) & 0x00ff ), 
+                (byte)( value & 0x00ff ) };*/
+    }
+
+    /**
+     * Returns the int value associated with the flags
+     */
+    public int getIntValue()
+    {
+        return value;
+    }
+    
+    
+    
+    /**
+     * Check if a flag is set
+     * @param flags The flags to test
+     * @param flag The flag to check
+     * @return True if the flag is set in the list of flags
+     */
+    public static boolean isFlagSet( int flags, int flag )
+    {
+        return ( flags & ( 1 << flag) ) != 0;
+    }
+    
+    /**
+     * Check if a flag is set
+     * @param flags The flags to test
+     * @param flag The flag to check
+     * @return True if the flag is set in the list of flags
+     */
+    /*public static boolean isFlagSet( int flags, KerberosFlag flag )
+    {
+        return ( flags & ( 1 << flag.getOrdinal() ) ) != 0;
+    }*/
+    
+    /**
+     * Check if a flag is set for the actual value
+     * 
+     * @param flag The flag to check
+     * @return True if the flag is set in the list of flags
+     */
+    public boolean isFlagSet( KerberosFlag flag )
+    {
+        return ( value & ( 1 << flag.getOrdinal() ) ) != 0;
+    }
+    
+    /**
+     * Check if a flag is set
+     * @param flags The flags to test
+     * @return True if the flag is set in the list of flags
+     */
+    public boolean isFlagSet( int flag )
+    {
+        return ( flag & ( 1 << value ) ) != 0;
+    }
+    
+    /**
+     * Set a flag in a list of flags
+     * 
+     * @param flags The list of flags
+     * @param flag The flag to set
+     */
+    /*public static int setFlag( int flags, KerberosFlag flag )
+    {
+        flags |= 1 << flag.getOrdinal();
+        return flags;
+    }*/
+    
+    /**
+     * Set a flag in a list of flags
+     * 
+     * @param flag The flag to set
+     */
+    public void setFlag( KerberosFlag flag )
+    {
+        value |= 1 << flag.getOrdinal();
+        setBit( flag.getOrdinal() );
+    }
+    
+    /**
+     * Set a flag in a list of flags
+     * 
+     * @param flag The flag to set
+     */
+    public void setFlag( int flag )
+    {
+        value |= 1 << flag;
+        setBit( flag );
+    }
+    
+    
+    /**
+     * Modify a byte array to an integer value
+     * @param value The 4 bytes byte array to transform.
+     * @return The int which contains the bytes value.
+     */
+    public void setFlags( byte[] bytes )
+    {
+        if ( (bytes== null ) || ( bytes.length != 4 ) )
+        {
+            value = -1;
+        }
+        
+        value = ( bytes[0] << 24 ) + ( bytes[1] << 16 ) + ( bytes[2] << 8 ) + bytes[3];
+        setData( bytes );
+    }
+    
+    /**
+     * clear a flag in a list of flags
+     * 
+     * @param flags The list of flags
+     * @param flag The flag to set
+     */
+    /*public static void clearFlag( int flags, KerberosFlag flag )
+    {
+        flags &= ~( 1 << flag.getOrdinal() );
+    }*/
+
+    /**
+     * clear a flag in a list of flags
+     * 
+     * @param flag The flag to set
+     */
+    public void clearFlag( KerberosFlag flag )
+    {
+        value &= ~( 1 << flag.getOrdinal() );
+        clearBit( flag.getOrdinal() );
+    }
+    
+    /**
+     * clear a flag in a list of flags
+     * 
+     * @param flag The flag to set
+     */
+    public void clearFlag( int flag )
+    {
+        value &= ~( 1 << flag );
+        clearBit( flag );
+    }
+    
+    /**
+     * @return The hex value for this flag, in its position.
+     * For instance, getting the flag 5 will return 0x0000 0010 
+     */
+    public int getHexValue()
+    {
+        return 1 << value;
+    }
+}

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOption.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOption.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOption.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOption.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,75 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value.flags;
+
+/**
+ * An enum to describe all the ApOption possible values.
+ * 
+ *  APOptions       ::= KerberosFlags
+ *           -- reserved(0),
+ *           -- use-session-key(1),
+ *           -- mutual-required(2)
+ *
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public enum ApOption implements KerberosFlag
+{
+    /**
+     * AP Request option - reserved
+     */
+    RESERVED(0),
+
+    /**
+     * AP Request option - use session key
+     */
+    USE_SESSION_KEY(1),
+
+    /**
+     * AP Request option - mutual authentication required
+     */
+    MUTUAL_REQUIRED(2),
+
+    /**
+     * AP Request option - maximum value
+     */
+    MAX_VALUE(32);
+
+
+    // The interned value.
+    private int value;
+    
+    /**
+     * Class constructor
+     */
+    private ApOption( int value )
+    {
+        this.value = value;
+    }
+    
+    /**
+     * @return The ordinal value associated with this flag
+     */
+    public int getOrdinal()
+    {
+        return value;
+    }
+}

Added: directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOptions.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOptions.java?rev=578743&view=auto
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOptions.java (added)
+++ directory/apacheds/branches/apacheds-kerberos/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/ApOptions.java Mon Sep 24 03:18:05 2007
@@ -0,0 +1,107 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value.flags;
+
+
+/**
+ * An abstract class where are implemented the common methods described in
+ * the interface
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class ApOptions extends AbstractKerberosFlags
+{
+    public static final long serialVersionUID = 1L;
+
+    /**
+      * Basic constructor of a ApOptions BitString
+      */
+     public ApOptions()
+     {
+         super();
+     }
+     
+     /**
+      * Constructor of a ApOptions BitString with an int value
+      */
+     public ApOptions( int flags )
+     {
+         super( getBytes( flags ) );
+     }
+     
+     /**
+      * Basic constructor of a ApOptions BitString with a byte array
+      */
+     public ApOptions( byte[] flags )
+     {
+         super( flags );
+     }
+     
+     /**
+      * AP Option flag - the client requires mutual authentication
+      */
+     public boolean isMutualRequired()
+     {
+        return isFlagSet( ApOption.MUTUAL_REQUIRED );
+     }
+
+     /**
+      * AP Option flag - Reserved for future use
+      */
+     public boolean isReserved()
+     {
+        return isFlagSet( ApOption.RESERVED );
+     }
+
+     /**
+      * AP Option flag - the ticket the client is presenting to a 
+      * server is encrypted in the session key from the server's TGT
+      */
+     public boolean isUseSessionKey()
+     {
+        return isFlagSet( ApOption.USE_SESSION_KEY );
+     }
+
+     /**
+     * Converts the object to a printable string.
+     */
+    public String toString()
+    {
+        StringBuilder result = new StringBuilder();
+
+        if ( isFlagSet( ApOption.RESERVED ) )
+        {
+            result.append( "RESERVED(0) " );
+        }
+
+        if ( isFlagSet( ApOption.USE_SESSION_KEY ) )
+        {
+            result.append( "USE_SESSION_KEY(1) " );
+        }
+
+        if ( isFlagSet( ApOption.MUTUAL_REQUIRED ) )
+        {
+            result.append( "MUTUAL_REQUIRED(2) " );
+        }
+
+        return result.toString().trim();
+    }
+}



Mime
View raw message