directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1042216 - in /directory/apacheds/branches/apacheds-kerberos-codec-2.0: kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/au...
Date Sat, 04 Dec 2010 17:54:41 GMT
Author: elecharny
Date: Sat Dec  4 17:54:40 2010
New Revision: 1042216

URL: http://svn.apache.org/viewvc?rev=1042216&view=rev
Log:
o Renamed the unseal method to decrypt
o Fixed an issue in verifyEncryptedTimestamp
o Added the decodePaEncTsEnc method

Modified:
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
(original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
Sat Dec  4 17:54:40 2010
@@ -130,7 +130,7 @@ public class CipherTextHandler
      * @return The Kerberos object resulting from a successful decrypt and decode.
      * @throws KerberosException
      */
-    public Encodable unseal( Class hint, EncryptionKey key, EncryptedData data, KeyUsage
usage )
+    public Encodable decrypt( Class hint, EncryptionKey key, EncryptedData data, KeyUsage
usage )
         throws KerberosException
     {
         try
@@ -148,7 +148,7 @@ public class CipherTextHandler
     }
 
 
-    private EncryptedData encrypt( EncryptionKey key, byte[] plainText, KeyUsage usage )
throws KerberosException
+    public EncryptedData encrypt( EncryptionKey key, byte[] plainText, KeyUsage usage ) throws
KerberosException
     {
         EncryptionEngine engine = getEngine( key );
 
@@ -156,7 +156,7 @@ public class CipherTextHandler
     }
 
 
-    private byte[] decrypt( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws
KerberosException
+    public byte[] decrypt( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws
KerberosException
     {
         EncryptionEngine engine = getEngine( key );
 

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
(original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
Sat Dec  4 17:54:40 2010
@@ -59,7 +59,6 @@ import org.apache.directory.shared.kerbe
 import org.apache.directory.shared.kerberos.components.LastReq;
 import org.apache.directory.shared.kerberos.components.MethodData;
 import org.apache.directory.shared.kerberos.components.PaData;
-import org.apache.directory.shared.kerberos.components.PaEncTimestamp;
 import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
 import org.apache.directory.shared.kerberos.components.PrincipalName;
 import org.apache.directory.shared.kerberos.components.TransitedEncoding;
@@ -277,8 +276,8 @@ public class AuthenticationService
                     if ( paData.getPaDataType().equals( PaDataType.PA_ENC_TIMESTAMP ) )
                     {
                         EncryptedData dataValue = KerberosDecoder.decodeEncryptedData( paData.getPaDataValue()
);
-                        timestamp = ( PaEncTsEnc ) cipherTextHandler.unseal( PaEncTimestamp.class,
-                            clientKey, dataValue, KeyUsage.NUMBER1 );
+                        byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue,
KeyUsage.NUMBER1 );
+                        timestamp = KerberosDecoder.decodePaEncTsEnc( decryptedData );
                     }
                 }
 

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
(original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
Sat Dec  4 17:54:40 2010
@@ -32,7 +32,9 @@ import org.apache.directory.shared.asn1.
 import org.apache.directory.shared.asn1.codec.DecoderException;
 import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
 import org.apache.directory.shared.kerberos.codec.encryptedData.EncryptedDataContainer;
+import org.apache.directory.shared.kerberos.codec.paEncTsEnc.PaEncTsEncContainer;
 import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
 import org.apache.directory.shared.kerberos.exceptions.ErrorType;
 import org.apache.directory.shared.ldap.codec.LdapDecoder;
 import org.apache.mina.core.buffer.IoBuffer;
@@ -144,4 +146,39 @@ public class KerberosDecoder extends Pro
 
         return encryptedData;
     }
+    
+    
+    /**
+     * Decode an PaEncTsEnc structure
+     * 
+     * @param data The byte array containing the data structure to decode
+     * @return An instance of PaEncTsEnc
+     * @throws KerberosException If the decoding fails
+     */
+    public static PaEncTsEnc decodePaEncTsEnc( byte[] data ) throws KerberosException
+    {
+        ByteBuffer stream = ByteBuffer.allocate( data.length );
+        stream.put( data );
+        stream.flip();
+        
+        // Allocate a PaEncTsEnc Container
+        Asn1Container paEncTsEncContainer = new PaEncTsEncContainer();
+
+        Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+        // Decode the PaEncTsEnc PDU
+        try
+        {
+            kerberosDecoder.decode( stream, paEncTsEncContainer );
+        }
+        catch ( DecoderException de )
+        {
+            throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+        }
+
+        // get the decoded EncryptedData
+        PaEncTsEnc paEncTsEnc = ( ( PaEncTsEncContainer ) paEncTsEncContainer ).getPaEncTsEnc();
+
+        return paEncTsEnc;
+    }
 }



Mime
View raw message