Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 93536 invoked from network); 19 Nov 2010 14:35:06 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 19 Nov 2010 14:35:06 -0000 Received: (qmail 58442 invoked by uid 500); 19 Nov 2010 14:35:38 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 58385 invoked by uid 500); 19 Nov 2010 14:35:37 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 58378 invoked by uid 99); 19 Nov 2010 14:35:36 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Nov 2010 14:35:36 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Nov 2010 14:35:33 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id DCC132388A2C; Fri, 19 Nov 2010 14:34:17 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1036875 - /directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java Date: Fri, 19 Nov 2010 14:34:17 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101119143417.DCC132388A2C@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: elecharny Date: Fri Nov 19 14:34:17 2010 New Revision: 1036875 URL: http://svn.apache.org/viewvc?rev=1036875&view=rev Log: Added the Authenticator class Added: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java - copied, changed from r1036811, directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/Authenticator.java Copied: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java (from r1036811, directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/Authenticator.java) URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java?p2=directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java&p1=directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/Authenticator.java&r1=1036811&r2=1036875&rev=1036875&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/Authenticator.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Authenticator.java Fri Nov 19 14:34:17 2010 @@ -17,17 +17,23 @@ * under the License. * */ -package org.apache.directory.shared.kerberos.components; +package org.apache.directory.shared.kerberos.messages; import java.nio.BufferOverflowException; import java.nio.ByteBuffer; import org.apache.directory.server.i18n.I18n; -import org.apache.directory.shared.asn1.AbstractAsn1Object; import org.apache.directory.shared.asn1.ber.tlv.TLV; +import org.apache.directory.shared.asn1.ber.tlv.UniversalTag; +import org.apache.directory.shared.asn1.ber.tlv.Value; import org.apache.directory.shared.asn1.codec.EncoderException; import org.apache.directory.shared.kerberos.KerberosConstants; +import org.apache.directory.shared.kerberos.KerberosMessageType; import org.apache.directory.shared.kerberos.KerberosTime; +import org.apache.directory.shared.kerberos.components.AuthorizationData; +import org.apache.directory.shared.kerberos.components.Checksum; +import org.apache.directory.shared.kerberos.components.EncryptionKey; +import org.apache.directory.shared.kerberos.components.PrincipalName; import org.apache.directory.shared.ldap.util.StringTools; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -53,7 +59,7 @@ import org.slf4j.LoggerFactory; * * @author Apache Directory Project */ -public class Authenticator extends AbstractAsn1Object +public class Authenticator extends KerberosMessage { /** The logger */ private static final Logger LOG = LoggerFactory.getLogger( Authenticator.class ); @@ -61,11 +67,6 @@ public class Authenticator extends Abstr /** Speedup for logs */ private static final boolean IS_DEBUG = LOG.isDebugEnabled(); - /** - * Constant for the authenticator version number. - */ - public static final int AUTHENTICATOR_VNO = KerberosConstants.KERBEROS_V5; - /** The authenticator version number */ private int versionNumber; @@ -88,19 +89,33 @@ public class Authenticator extends Abstr private EncryptionKey subKey; /** The sequence number */ - private int seqNumber; + private Integer seqNumber; /** The authorization Data */ private AuthorizationData authorizationData; // Storage for computed lengths + private transient int authenticatorVnoLength; + private transient int crealmLength; + private transient byte[] crealmBytes; + private transient int cnameLength; + private transient int cksumLength; + private transient int cusecLength; + private transient int ctimeLength; + private transient int subkeyLength; + private transient int seqNumberLength; + private transient int authorizationDataLength; + private transient int authenticatorSeqLength; + private transient int authenticatorLength; + /** * Creates a new instance of Authenticator. */ public Authenticator() { + super( KerberosMessageType.AUTHENTICATOR ); } @@ -228,7 +243,7 @@ public class Authenticator extends Abstr */ public void setSeqNumber( int seqNumber ) { - this.seqNumber = seqNumber; + this.seqNumber = Integer.valueOf( seqNumber ); } @@ -270,22 +285,254 @@ public class Authenticator extends Abstr } + /** + * Compute the Authenticator length + * 
+     * Authenticator :
+     * 
+     * 0x62 L1 Authenticator [APPLICATION 2]
+     *  |
+     *  +--> 0x30 L2 Authenticator SEQUENCE
+     *        |
+     *        +--> 0xA0 03 authenticator-vno tag
+     *        |     |
+     *        |     +--> 0x02 0x01 0x05 authenticator-vno (int, 5)
+     *        |
+     *        +--> 0xA1 L3 crealm tag
+     *        |     |
+     *        |     +--> 0x1B L3-1 crealm (KerberosString)
+     *        |
+     *        +--> 0xA2 L4 cname (PrincipalName)
+     *        |
+     *        +--> 0xA3 L5 cksum (CheckSum)
+     *        |
+     *        +--> 0xA4 L6 cusec tag
+     *        |     |
+     *        |     +--> 0x02 L6-1 nnn cusec value (Integer)
+     *        |
+     *        +--> 0xA5 0x11 ctime tag
+     *        |     |
+     *        |     +--> 0x18 0x0F ttt ctime (KerberosTime)
+     *        |
+     *        +--> 0xA6 L7 subkey (EncryptionKey)
+     *        |
+     *        +--> 0xA7 L8 seq-number tag
+     *        |     |
+     *        |     +--> 0x02 L8-1 nnn seq-number (Integer)
+     *        |
+     *        +--> 0xA8 L9 authorization-data (AuthorizationData)
+     *
+ */ + @Override public int computeLength() { - return 0; + // Compute the Authenticator version length. + authenticatorVnoLength = 1 + 1 + Value.getNbBytes( getProtocolVersionNumber() ); + + // Compute the crealm length. + crealmBytes = StringTools.getBytesUtf8( crealm ); + crealmLength = 1 + TLV.getNbBytes( crealmBytes.length ) + crealmBytes.length; + + // Compute the cname length + cnameLength = cname.computeLength(); + + // Compute the cksum length if any + if ( cksum != null ) + { + cksumLength = cksum.computeLength(); + } + + // Compute the cusec length + cusecLength = 1 + TLV.getNbBytes( cusec ) + cusec; + + // Compute the ctime length + ctimeLength = 1 + 1 + 0x0F; + + // Compute the subkey length if any + if ( subKey != null ) + { + subkeyLength = subKey.computeLength(); + } + + // Compute the seq-number length if any + if ( seqNumber != null ) + { + seqNumberLength = 1 + TLV.getNbBytes( seqNumber ) + seqNumber; + } + + // Compute the authorization-data length if any + if ( authorizationData != null ) + { + authorizationDataLength = authorizationData.computeLength(); + } + + + // Compute the sequence size + authenticatorSeqLength = + 1 + TLV.getNbBytes( authenticatorVnoLength ) + authenticatorVnoLength + + 1 + TLV.getNbBytes( crealmLength ) + crealmLength + + 1 + TLV.getNbBytes( cnameLength ) + cnameLength + + 1 + TLV.getNbBytes( cusecLength ) + cusecLength + + 1 + TLV.getNbBytes( ctimeLength ) + ctimeLength; + + // The optional fields + if ( cksum != null ) + { + authenticatorSeqLength += 1 + TLV.getNbBytes( cksumLength ) + cksumLength; + } + + if ( subKey != null ) + { + authenticatorSeqLength += 1 + TLV.getNbBytes( subkeyLength ) + subkeyLength; + } + + if ( seqNumber != null ) + { + authenticatorSeqLength += 1 + TLV.getNbBytes( seqNumberLength ) + seqNumberLength; + } + + if ( authorizationData != null ) + { + authenticatorSeqLength += 1 + TLV.getNbBytes( authorizationDataLength ) + authorizationDataLength; + } + + // compute the global size + authenticatorLength = 1 + TLV.getNbBytes( authenticatorSeqLength ) + authenticatorSeqLength; + + return 1 + TLV.getNbBytes( authenticatorLength ) + authenticatorLength; } - + + /** + * Encode the Authenticator message to a PDU. + * 
+     * Authenticator :
+     * 
+     * 0x62 LL
+     *   0x30 LL
+     *     0xA0 0x03 
+     *       0x02 0x01 0x05 authenticator-vno 
+     *     0xA1 LL 
+     *       0x1B LL abcd crealm
+     *     0xA2 LL
+     *       0x30 LL abcd cname
+     *    [0xA3 LL
+     *       0x30 LL abcd] cksum
+     *     0xA4 LL
+     *       0x02 LL nnn  cusec
+     *     0xA5 0x11
+     *       0x18 0x0F ttt ctime
+     *    [0xA6 LL
+     *       0x30 LL abcd] subkey
+     *    [0xA7 LL
+     *       0x02 LL nnn] seq-number
+     *    [0xA8 LL
+     *       0x30 LL abcd] authorization-data
+     *
+ * @return The constructed PDU. + */ @Override public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException { if ( buffer == null ) { - throw new EncoderException( I18n.err( I18n.ERR_148 ) ); + buffer = ByteBuffer.allocate( computeLength() ); } try { + // The Authenticator APPLICATION Tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_TAG ); + buffer.put( TLV.getBytes( authenticatorLength ) ); + + // The Authenticator SEQUENCE Tag + buffer.put( UniversalTag.SEQUENCE.getValue() ); + buffer.put( TLV.getBytes( authenticatorSeqLength ) ); + + // The authenticator-vno ------------------------------------------ + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG ); + buffer.put( TLV.getBytes( authenticatorVnoLength ) ); + + // The value + Value.encode( buffer, getProtocolVersionNumber() ); + + // The crealm ----------------------------------------------------- + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_CREALM_TAG ); + buffer.put( TLV.getBytes( crealmLength ) ); + + // The value + buffer.put( UniversalTag.GENERAL_STRING.getValue() ); + buffer.put( TLV.getBytes( crealmBytes.length ) ); + buffer.put( crealmBytes ); + + // The cname ------------------------------------------------------ + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_CNAME_TAG ); + buffer.put( TLV.getBytes( cnameLength ) ); + + // The value + cname.encode( buffer ); + + // The cksum, if any ---------------------------------------------- + if ( cksum != null ) + { + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_CKSUM_TAG ); + buffer.put( TLV.getBytes( cksumLength ) ); + + // The value + cksum.encode( buffer ); + } + + // The cusec ------------------------------------------------------ + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_CUSEC_TAG ); + buffer.put( TLV.getBytes( cusecLength ) ); + + // The value + Value.encode( buffer, cusec ); + + // The ctime ------------------------------------------------------ + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_CTIME_TAG ); + buffer.put( TLV.getBytes( ctimeLength ) ); + + // The value + buffer.put( (byte)UniversalTag.GENERALIZED_TIME.getValue() ); + buffer.put( (byte)0x0F ); + buffer.put( ctime.getBytes() ); + + // The subkey if any --------------------------------------------------- + if ( subKey != null ) + { + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_SUBKEY_TAG ); + buffer.put( TLV.getBytes( subkeyLength ) ); + + // The value + subKey.encode( buffer ); + } + + // The seq-number, if any ----------------------------------------- + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG ); + buffer.put( TLV.getBytes( seqNumberLength ) ); + + // The value + Value.encode( buffer, seqNumber ); + + // The authorization-data, if any --------------------------------- + if ( authorizationData != null ) + { + // The tag + buffer.put( (byte)KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG ); + buffer.put( TLV.getBytes( authorizationDataLength ) ); + + // The value + authorizationData.encode( buffer ); + } } catch ( BufferOverflowException boe ) { @@ -314,6 +561,32 @@ public class Authenticator extends Abstr sb.append( "Authenticator : \n" ); + sb.append( " authenticator-vno : " ).append( getVersionNumber() ).append( '\n' ); + sb.append( " crealm : " ).append( crealm ).append( '\n' ); + sb.append( " cname : " ).append( cname ).append( '\n' ); + + if ( cksum != null ) + { + sb.append( " cksum : " ).append( cksum ).append( '\n' ); + } + + sb.append( " cusec : " ).append( cusec ).append( '\n' ); + sb.append( " ctime : " ).append( ctime ).append( '\n' ); + + if ( subKey != null ) + { + sb.append( " subkey : " ).append( subKey ).append( '\n' ); + } + + if ( seqNumber != null ) + { + sb.append( " seq-number : " ).append( seqNumber ).append( '\n' ); + } + + if ( authorizationData != null ) + { + sb.append( " authorization-data : " ).append( authorizationData ).append( '\n' ); + } return sb.toString(); }