directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject [45/50] [abbrv] directory-kerberos git commit: Disable DES related crypto types for the moment as not complete yet
Date Mon, 12 Jan 2015 13:06:53 GMT
Disable DES related crypto types for the moment as not complete yet


Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/b6cd0ce2
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/b6cd0ce2
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/b6cd0ce2

Branch: refs/heads/master
Commit: b6cd0ce2aad25502a8a6e62110fd4f12cf242f10
Parents: 286fabe
Author: Drankye <drankye@gmail.com>
Authored: Tue Dec 30 04:32:37 2014 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Tue Dec 30 04:32:37 2014 +0800

----------------------------------------------------------------------
 .../kerberos/kerb/client/KrbConfigKey.java      |  2 +-
 .../kerberos/kerb/codec/test/TestKerberos.java  |  2 +-
 .../kerberos/kerb/crypto/EncryptionHandler.java |  9 ++++---
 .../kerberos/kerb/crypto/key/DesKeyMaker.java   | 28 +++++++++++++++++++-
 .../kerberos/kerb/server/KdcConfigKey.java      |  2 +-
 5 files changed, 36 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b6cd0ce2/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
index 2514d17..7c2f743 100644
--- a/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
+++ b/haox-kerb/kerb-client/src/main/java/org/apache/kerberos/kerb/client/KrbConfigKey.java
@@ -21,7 +21,7 @@ public enum KrbConfigKey implements ConfigKey {
     PROXIABLE_ALLOWED(true),
     RENEWABLE_ALLOWED(true),
     VERIFY_BODY_CHECKSUM(true),
-    ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96", "des-cbc-md5" });
+    ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96" });
 
     private Object defaultValue;
 

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b6cd0ce2/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
index ef1643c..c489fe5 100644
--- a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
+++ b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestKerberos.java
@@ -101,7 +101,7 @@ public class TestKerberos {
         Assert.assertEquals("DOMAIN.COM", ticket.getUserRealm());
     }
 
-    @Test
+    //@Test
     public void testDesTicket() throws Exception {
         KerberosToken token = new KerberosToken(desToken, desKey);
 

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b6cd0ce2/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
index 10af3cc..c269b36 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/EncryptionHandler.java
@@ -28,18 +28,21 @@ public class EncryptionHandler {
 
     private static EncTypeHandler getEncHandler(EncryptionType eType, boolean check) throws
KrbException {
         EncTypeHandler encHandler = null;
+        /**
+         * As it's still incomplete yet for the DesKeyMaker, commented DES_* types for now.
+         */
         switch (eType) {
             case DES_CBC_CRC:
-                encHandler = new DesCbcCrcEnc();
+                //encHandler = new DesCbcCrcEnc();
                 break;
 
             case DES_CBC_MD5:
             case DES:
-                encHandler = new DesCbcMd5Enc();
+                //encHandler = new DesCbcMd5Enc();
                 break;
 
             case DES_CBC_MD4:
-                encHandler = new DesCbcMd4Enc();
+                //encHandler = new DesCbcMd4Enc();
                 break;
 
             case DES3_CBC_SHA1:

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b6cd0ce2/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
index fb5128d..b15aea3 100644
--- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
+++ b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/DesKeyMaker.java
@@ -12,7 +12,33 @@ public class DesKeyMaker extends AbstractKeyMaker {
 
     @Override
     public byte[] str2key(String string, String salt, byte[] param) throws KrbException {
-        throw new RuntimeException("It's weak and not recommended. To be supported.");
+        String error = null;
+        int type = 0;
+
+        if (param != null) {
+            if (param.length != 1) {
+                error = "Invalid param to S2K";
+            }
+            type = param[0];
+            if (type != 0 && type != 1) {
+                error = "Invalid param to S2K";
+            }
+        }
+        if (type == 1) {
+            error = "AFS not supported yet";
+        }
+
+        if (error != null) {
+            throw new KrbException(error);
+        }
+
+        char[] passwdSalt = makePasswdSalt(string, salt);
+        byte[] key = passwd2key(passwdSalt);
+        return key;
+    }
+
+    private byte[] passwd2key(char[] passwdSalt) throws KrbException {
+        throw new KrbException("Implementation not complete yet");
     }
 
     /**

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b6cd0ce2/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
index fde73c7..f6a53dd 100644
--- a/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
+++ b/haox-kerb/kerb-server/src/main/java/org/apache/kerberos/kerb/server/KdcConfigKey.java
@@ -23,7 +23,7 @@ public enum KdcConfigKey implements ConfigKey {
     PROXIABLE_ALLOWED(true),
     RENEWABLE_ALLOWED(true),
     VERIFY_BODY_CHECKSUM(true),
-    ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96", "des-cbc-md5", "des3-cbc-sha1-kd"
});
+    ENCRYPTION_TYPES(new String[] { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd" });
 
     private Object defaultValue;
 


Mime
View raw message