Return-Path: 
 <commits-return-29107-apmail-directory-commits-archive=directory.apache.org@directory.apache.org>
Delivered-To: apmail-directory-commits-archive@www.apache.org
Received: (qmail 82336 invoked from network); 4 Dec 2010 17:56:17 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 4 Dec 2010 17:56:17 -0000
Received: (qmail 64533 invoked by uid 500); 4 Dec 2010 17:56:17 -0000
Delivered-To: apmail-directory-commits-archive@directory.apache.org
Received: (qmail 64475 invoked by uid 500); 4 Dec 2010 17:56:17 -0000
Mailing-List: contact commits-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@directory.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@directory.apache.org>
List-Post: <mailto:commits@directory.apache.org>
List-Id: <commits.directory.apache.org>
Reply-To: dev@directory.apache.org
Delivered-To: mailing list commits@directory.apache.org
Received: (qmail 64468 invoked by uid 99); 4 Dec 2010 17:56:17 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 04 Dec 2010 17:56:17 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 04 Dec 2010 17:56:13 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id 34A8023889E3; Sat,  4 Dec 2010 17:54:41 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1042216 - in
 /directory/apacheds/branches/apacheds-kerberos-codec-2.0:
 kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/
 protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/au...
Date: Sat, 04 Dec 2010 17:54:41 -0000
To: commits@directory.apache.org
From: elecharny@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20101204175441.34A8023889E3@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: elecharny
Date: Sat Dec  4 17:54:40 2010
New Revision: 1042216

URL: http://svn.apache.org/viewvc?rev=1042216&view=rev
Log:
o Renamed the unseal method to decrypt
o Fixed an issue in verifyEncryptedTimestamp
o Added the decodePaEncTsEnc method

Modified:
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
    directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java Sat Dec  4 17:54:40 2010
@@ -130,7 +130,7 @@ public class CipherTextHandler
      * @return The Kerberos object resulting from a successful decrypt and decode.
      * @throws KerberosException
      */
-    public Encodable unseal( Class hint, EncryptionKey key, EncryptedData data, KeyUsage usage )
+    public Encodable decrypt( Class hint, EncryptionKey key, EncryptedData data, KeyUsage usage )
         throws KerberosException
     {
         try
@@ -148,7 +148,7 @@ public class CipherTextHandler
     }
 
 
-    private EncryptedData encrypt( EncryptionKey key, byte[] plainText, KeyUsage usage ) throws KerberosException
+    public EncryptedData encrypt( EncryptionKey key, byte[] plainText, KeyUsage usage ) throws KerberosException
     {
         EncryptionEngine engine = getEngine( key );
 
@@ -156,7 +156,7 @@ public class CipherTextHandler
     }
 
 
-    private byte[] decrypt( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+    public byte[] decrypt( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
     {
         EncryptionEngine engine = getEngine( key );
 

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java Sat Dec  4 17:54:40 2010
@@ -59,7 +59,6 @@ import org.apache.directory.shared.kerbe
 import org.apache.directory.shared.kerberos.components.LastReq;
 import org.apache.directory.shared.kerberos.components.MethodData;
 import org.apache.directory.shared.kerberos.components.PaData;
-import org.apache.directory.shared.kerberos.components.PaEncTimestamp;
 import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
 import org.apache.directory.shared.kerberos.components.PrincipalName;
 import org.apache.directory.shared.kerberos.components.TransitedEncoding;
@@ -277,8 +276,8 @@ public class AuthenticationService
                     if ( paData.getPaDataType().equals( PaDataType.PA_ENC_TIMESTAMP ) )
                     {
                         EncryptedData dataValue = KerberosDecoder.decodeEncryptedData( paData.getPaDataValue() );
-                        timestamp = ( PaEncTsEnc ) cipherTextHandler.unseal( PaEncTimestamp.class,
-                            clientKey, dataValue, KeyUsage.NUMBER1 );
+                        byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue, KeyUsage.NUMBER1 );
+                        timestamp = KerberosDecoder.decodePaEncTsEnc( decryptedData );
                     }
                 }
 

Modified: directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java?rev=1042216&r1=1042215&r2=1042216&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java (original)
+++ directory/apacheds/branches/apacheds-kerberos-codec-2.0/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java Sat Dec  4 17:54:40 2010
@@ -32,7 +32,9 @@ import org.apache.directory.shared.asn1.
 import org.apache.directory.shared.asn1.codec.DecoderException;
 import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
 import org.apache.directory.shared.kerberos.codec.encryptedData.EncryptedDataContainer;
+import org.apache.directory.shared.kerberos.codec.paEncTsEnc.PaEncTsEncContainer;
 import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
 import org.apache.directory.shared.kerberos.exceptions.ErrorType;
 import org.apache.directory.shared.ldap.codec.LdapDecoder;
 import org.apache.mina.core.buffer.IoBuffer;
@@ -144,4 +146,39 @@ public class KerberosDecoder extends Pro
 
         return encryptedData;
     }
+    
+    
+    /**
+     * Decode an PaEncTsEnc structure
+     * 
+     * @param data The byte array containing the data structure to decode
+     * @return An instance of PaEncTsEnc
+     * @throws KerberosException If the decoding fails
+     */
+    public static PaEncTsEnc decodePaEncTsEnc( byte[] data ) throws KerberosException
+    {
+        ByteBuffer stream = ByteBuffer.allocate( data.length );
+        stream.put( data );
+        stream.flip();
+        
+        // Allocate a PaEncTsEnc Container
+        Asn1Container paEncTsEncContainer = new PaEncTsEncContainer();
+
+        Asn1Decoder kerberosDecoder = new Asn1Decoder();
+
+        // Decode the PaEncTsEnc PDU
+        try
+        {
+            kerberosDecoder.decode( stream, paEncTsEncContainer );
+        }
+        catch ( DecoderException de )
+        {
+            throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
+        }
+
+        // get the decoded EncryptedData
+        PaEncTsEnc paEncTsEnc = ( ( PaEncTsEncContainer ) paEncTsEncContainer ).getPaEncTsEnc();
+
+        return paEncTsEnc;
+    }
 }