Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B9D31177A5 for ; Thu, 22 Jan 2015 00:56:29 +0000 (UTC) Received: (qmail 26164 invoked by uid 500); 22 Jan 2015 00:56:29 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 25995 invoked by uid 500); 22 Jan 2015 00:56:29 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 23694 invoked by uid 99); 22 Jan 2015 00:56:27 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Jan 2015 00:56:27 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 282C2E0EF3; Thu, 22 Jan 2015 00:56:26 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: drankye@apache.org To: commits@directory.apache.org Date: Thu, 22 Jan 2015 00:57:01 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [37/50] [abbrv] directory-kerberos git commit: Many changes with newname http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java deleted file mode 100644 index 6484015..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Md5Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.cksum.provider; - -public class Md5Provider extends MessageDigestHashProvider { - - public Md5Provider() { - super(16, 64, "MD5"); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java deleted file mode 100644 index bbd8ddf..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/MessageDigestHashProvider.java +++ /dev/null @@ -1,56 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.cksum.provider; - -import org.apache.kerberos.kerb.KrbException; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MessageDigestHashProvider extends AbstractHashProvider { - private String algorithm; - protected MessageDigest messageDigest; - - public MessageDigestHashProvider(int hashSize, int blockSize, String algorithm) { - super(hashSize, blockSize); - this.algorithm = algorithm; - - init(); - } - - @Override - protected void init() { - try { - messageDigest = MessageDigest.getInstance(algorithm); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException("Failed to init JCE provider", e); - } - } - - @Override - public void hash(byte[] data, int start, int len) throws KrbException { - messageDigest.update(data, start, len); - } - - @Override - public byte[] output() { - return messageDigest.digest(); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java deleted file mode 100644 index b547501..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/cksum/provider/Sha1Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.cksum.provider; - -public class Sha1Provider extends MessageDigestHashProvider { - - public Sha1Provider() { - super(20, 64, "SHA1"); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java deleted file mode 100644 index 3aab860..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java +++ /dev/null @@ -1,160 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.AbstractCryptoTypeHandler; -import org.apache.kerberos.kerb.crypto.EncTypeHandler; -import org.apache.kerberos.kerb.crypto.cksum.HashProvider; -import org.apache.kerberos.kerb.crypto.key.KeyMaker; -import org.apache.kerberos.kerb.KrbException; - -public abstract class AbstractEncTypeHandler - extends AbstractCryptoTypeHandler implements EncTypeHandler { - - private KeyMaker keyMaker; - - public AbstractEncTypeHandler(EncryptProvider encProvider, - HashProvider hashProvider) { - super(encProvider, hashProvider); - } - - protected void keyMaker(KeyMaker keyMaker) { - this.keyMaker = keyMaker; - } - - protected KeyMaker keyMaker() { - return keyMaker; - } - - @Override - public String name() { - return eType().getName(); - } - - @Override - public String displayName() { - return eType().getDisplayName(); - } - - protected int paddingLength(int inputLen) { - int payloadLen = confounderSize() + checksumSize() + inputLen; - int padding = paddingSize(); - - if (padding == 0 || (payloadLen % padding) == 0) { - return 0; - } - - return padding - (payloadLen % padding); - } - - @Override - public int keyInputSize() { - return encProvider().keyInputSize(); - } - - @Override - public int keySize() { - return encProvider().keySize(); - } - - @Override - public int confounderSize() { - return encProvider().blockSize(); - } - - @Override - public int checksumSize() { - return hashProvider().hashSize(); - } - - @Override - public int paddingSize() { - return encProvider().blockSize(); - } - - @Override - public byte[] str2key(String string, String salt, byte[] param) throws KrbException { - return keyMaker.str2key(string, salt, param); - } - - @Override - public byte[] random2Key(byte[] randomBits) throws KrbException { - return keyMaker.random2Key(randomBits); - } - - @Override - public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException { - byte[] iv = new byte[encProvider().blockSize()]; - return encrypt(data, key, iv, usage); - } - - @Override - public byte[] encrypt(byte[] data, byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = confounderSize(); - int checksumLen = checksumSize(); - int headerLen = confounderLen + checksumLen; - int inputLen = data.length; - int paddingLen = paddingLength(inputLen); - - /** - * E(Confounder | Checksum | Plaintext | Padding), or - * header | data | padding | trailer, where trailer may be absent - */ - - int workLength = headerLen + inputLen + paddingLen; - - byte[] workBuffer = new byte[workLength]; - System.arraycopy(data, 0, workBuffer, headerLen, data.length); - - int [] workLens = new int[] {confounderLen, checksumLen, - inputLen, paddingLen}; - - encryptWith(workBuffer, workLens, key, iv, usage); - return workBuffer; - } - - protected void encryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - - } - - public byte[] decrypt(byte[] cipher, byte[] key, int usage) - throws KrbException { - byte[] iv = new byte[encProvider().blockSize()]; - return decrypt(cipher, key, iv, usage); - } - - public byte[] decrypt(byte[] cipher, byte[] key, byte[] iv, int usage) - throws KrbException { - - int totalLen = cipher.length; - int confounderLen = confounderSize(); - int checksumLen = checksumSize(); - int dataLen = totalLen - (confounderLen + checksumLen); - - int[] workLens = new int[] {confounderLen, checksumLen, dataLen}; - return decryptWith(cipher, workLens, key, iv, usage); - } - - protected byte[] decryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - return null; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java deleted file mode 100644 index f435d0f..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes128CtsHmacSha1Enc.java +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.Aes128Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider; -import org.apache.kerberos.kerb.crypto.key.AesKeyMaker; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Aes128CtsHmacSha1Enc extends KeKiHmacSha1Enc { - - public Aes128CtsHmacSha1Enc() { - super(new Aes128Provider(), new Sha1Provider()); - keyMaker(new AesKeyMaker((AesProvider) encProvider())); - } - - @Override - public int checksumSize() { - return 96 / 8; - } - - public EncryptionType eType() { - return EncryptionType.AES128_CTS_HMAC_SHA1_96; - } - - public CheckSumType checksumType() { - return CheckSumType.HMAC_SHA1_96_AES128; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java deleted file mode 100644 index 31b5efd..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Aes256CtsHmacSha1Enc.java +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.Aes256Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider; -import org.apache.kerberos.kerb.crypto.key.AesKeyMaker; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Aes256CtsHmacSha1Enc extends KeKiHmacSha1Enc { - - public Aes256CtsHmacSha1Enc() { - super(new Aes256Provider(), new Sha1Provider()); - keyMaker(new AesKeyMaker((AesProvider) encProvider())); - } - - public EncryptionType eType() { - return EncryptionType.AES256_CTS_HMAC_SHA1_96; - } - - public CheckSumType checksumType() { - return CheckSumType.HMAC_SHA1_96_AES256; - } - - @Override - public int checksumSize() { - return 96 / 8; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java deleted file mode 100644 index d726391..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia128CtsCmacEnc.java +++ /dev/null @@ -1,41 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.enc.provider.Camellia128Provider; -import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Camellia128CtsCmacEnc extends KeKiCmacEnc { - - public Camellia128CtsCmacEnc() { - super(new Camellia128Provider()); - keyMaker(new CamelliaKeyMaker((Camellia128Provider) encProvider())); - } - - public EncryptionType eType() { - return EncryptionType.CAMELLIA128_CTS_CMAC; - } - - public CheckSumType checksumType() { - return CheckSumType.CMAC_CAMELLIA128; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java deleted file mode 100644 index 41afe1b..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Camellia256CtsCmacEnc.java +++ /dev/null @@ -1,41 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.enc.provider.Camellia256Provider; -import org.apache.kerberos.kerb.crypto.key.CamelliaKeyMaker; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Camellia256CtsCmacEnc extends KeKiCmacEnc { - - public Camellia256CtsCmacEnc() { - super(new Camellia256Provider()); - keyMaker(new CamelliaKeyMaker((Camellia256Provider) encProvider())); - } - - public EncryptionType eType() { - return EncryptionType.CAMELLIA256_CTS_CMAC; - } - - public CheckSumType checksumType() { - return CheckSumType.CMAC_CAMELLIA256; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java deleted file mode 100644 index d461047..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Des3CbcSha1Enc.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Sha1Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.Des3Provider; -import org.apache.kerberos.kerb.crypto.key.Des3KeyMaker; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Des3CbcSha1Enc extends KeKiHmacSha1Enc { - - public Des3CbcSha1Enc() { - super(new Des3Provider(), new Sha1Provider()); - keyMaker(new Des3KeyMaker(this.encProvider())); - } - - public EncryptionType eType() { - return EncryptionType.DES3_CBC_SHA1; - } - - public CheckSumType checksumType() { - return CheckSumType.HMAC_SHA1_DES3; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java deleted file mode 100644 index 5fdfd9b..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcCrcEnc.java +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Crc32Provider; -import org.apache.kerberos.kerb.KrbException; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class DesCbcCrcEnc extends DesCbcEnc { - - public DesCbcCrcEnc() { - super(new Crc32Provider()); - } - - public EncryptionType eType() { - return EncryptionType.DES_CBC_CRC; - } - - public CheckSumType checksumType() { - return CheckSumType.CRC32; - } - - @Override - public byte[] encrypt(byte[] data, byte[] key, int usage) throws KrbException { - byte[] iv = new byte[encProvider().blockSize()]; - System.arraycopy(key, 0, iv, 0, key.length); - return encrypt(data, key, iv, usage); - } - - @Override - public byte[] decrypt(byte[] cipher, byte[] key, int usage) - throws KrbException { - byte[] iv = new byte[encProvider().blockSize()]; - System.arraycopy(key, 0, iv, 0, key.length); - return decrypt(cipher, key, iv, usage); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java deleted file mode 100644 index cbca17f..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcEnc.java +++ /dev/null @@ -1,88 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.KrbErrorCode; -import org.apache.kerberos.kerb.crypto.Confounder; -import org.apache.kerberos.kerb.crypto.cksum.HashProvider; -import org.apache.kerberos.kerb.crypto.enc.provider.DesProvider; -import org.apache.kerberos.kerb.crypto.key.DesKeyMaker; -import org.apache.kerberos.kerb.KrbException; - -abstract class DesCbcEnc extends AbstractEncTypeHandler { - - public DesCbcEnc(HashProvider hashProvider) { - super(new DesProvider(), hashProvider); - keyMaker(new DesKeyMaker(this.encProvider())); - } - - @Override - protected void encryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int dataLen = workLens[2]; - int paddingLen = workLens[3]; - - // confounder - byte[] confounder = Confounder.makeBytes(confounderLen); - System.arraycopy(confounder, 0, workBuffer, 0, confounderLen); - - // padding - for (int i = confounderLen + checksumLen + dataLen; i < paddingLen; ++i) { - workBuffer[i] = 0; - } - - // checksum - hashProvider().hash(workBuffer); - byte[] cksum = hashProvider().output(); - System.arraycopy(cksum, 0, workBuffer, confounderLen, checksumLen); - - encProvider().encrypt(key, iv, workBuffer); - } - - @Override - protected byte[] decryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int dataLen = workLens[2]; - - encProvider().decrypt(key, iv, workBuffer); - - byte[] checksum = new byte[checksumLen]; - for (int i = 0; i < checksumLen; i++) { - checksum[i] = workBuffer[confounderLen + i]; - workBuffer[confounderLen + i] = 0; - } - - hashProvider().hash(workBuffer); - byte[] newChecksum = hashProvider().output(); - if (! checksumEqual(checksum, newChecksum)) { - throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY); - } - - byte[] data = new byte[dataLen]; - System.arraycopy(workBuffer, confounderLen + checksumLen, - data, 0, dataLen); - - return data; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java deleted file mode 100644 index 494091e..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd4Enc.java +++ /dev/null @@ -1,39 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Md4Provider; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class DesCbcMd4Enc extends DesCbcEnc { - - public DesCbcMd4Enc() { - super(new Md4Provider()); - } - - public EncryptionType eType() { - return EncryptionType.DES_CBC_MD4; - } - - public CheckSumType checksumType() { - return CheckSumType.RSA_MD4_DES; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java deleted file mode 100644 index fb5ec2b..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/DesCbcMd5Enc.java +++ /dev/null @@ -1,39 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class DesCbcMd5Enc extends DesCbcEnc { - - public DesCbcMd5Enc() { - super(new Md5Provider()); - } - - public EncryptionType eType() { - return EncryptionType.DES_CBC_MD5; - } - - public CheckSumType checksumType() { - return CheckSumType.RSA_MD5_DES; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java deleted file mode 100644 index 5dc1f18..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/EncryptProvider.java +++ /dev/null @@ -1,43 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.KrbException; - -/** - * krb5_enc_provider - */ -public interface EncryptProvider { - - public int keyInputSize(); //input size to make key - public int keySize(); //output key size - public int blockSize(); //crypto block size - - public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException; - public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException; - public void encrypt(byte[] key, byte[] data) throws KrbException; - public void decrypt(byte[] key, byte[] data) throws KrbException; - public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException; - public boolean supportCbcMac(); - - public byte[] initState(byte[] key, int keyUsage); - public void cleanState(); - public void cleanKey(); -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java deleted file mode 100644 index f4ad9be..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiCmacEnc.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.Cmac; -import org.apache.kerberos.kerb.KrbException; - -public abstract class KeKiCmacEnc extends KeKiEnc { - - public KeKiCmacEnc(EncryptProvider encProvider) { - super(encProvider, null); - } - - @Override - public int paddingSize() { - return 0; - } - - @Override - public int checksumSize() { - return encProvider().blockSize(); - } - - @Override - protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize) - throws KrbException { - - // generate hash - byte[] hash = Cmac.cmac(encProvider(), key, data); - - // truncate hash - byte[] output = new byte[hashSize]; - System.arraycopy(hash, 0, output, 0, hashSize); - return output; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java deleted file mode 100644 index faaeb38..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiEnc.java +++ /dev/null @@ -1,129 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.KrbErrorCode; -import org.apache.kerberos.kerb.crypto.BytesUtil; -import org.apache.kerberos.kerb.crypto.Confounder; -import org.apache.kerberos.kerb.crypto.cksum.HashProvider; -import org.apache.kerberos.kerb.crypto.key.DkKeyMaker; -import org.apache.kerberos.kerb.KrbException; - -public abstract class KeKiEnc extends AbstractEncTypeHandler { - - public KeKiEnc(EncryptProvider encProvider, - HashProvider hashProvider) { - super(encProvider, hashProvider); - } - - @Override - public int paddingSize() { - return 0; - } - - - @Override - protected void encryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int inputLen = workLens[2]; - int paddingLen = workLens[3]; - - byte[] Ke, Ki; - byte[] constant = new byte[5]; - constant[0] = (byte) ((usage>>24)&0xff); - constant[1] = (byte) ((usage>>16)&0xff); - constant[2] = (byte) ((usage>>8)&0xff); - constant[3] = (byte) (usage&0xff); - constant[4] = (byte) 0xaa; - Ke = ((DkKeyMaker) keyMaker()).dk(key, constant); - constant[4] = (byte) 0x55; - Ki = ((DkKeyMaker) keyMaker()).dk(key, constant); - - /** - * Instead of E(Confounder | Checksum | Plaintext | Padding), - * E(Confounder | Plaintext | Padding) | Checksum, - * so need to adjust the workBuffer arrangement - */ - - byte[] tmpEnc = new byte[confounderLen + inputLen + paddingLen]; - // confounder - byte[] confounder = Confounder.makeBytes(confounderLen); - System.arraycopy(confounder, 0, tmpEnc, 0, confounderLen); - - // data - System.arraycopy(workBuffer, confounderLen + checksumLen, - tmpEnc, confounderLen, inputLen); - - // padding - for (int i = confounderLen + inputLen; i < paddingLen; ++i) { - tmpEnc[i] = 0; - } - - // checksum & encrypt - byte[] checksum; - checksum = makeChecksum(Ki, tmpEnc, checksumLen); - encProvider().encrypt(Ke, iv, tmpEnc); - - System.arraycopy(tmpEnc, 0, workBuffer, 0, tmpEnc.length); - System.arraycopy(checksum, 0, workBuffer, tmpEnc.length, checksum.length); - } - - @Override - protected byte[] decryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int dataLen = workLens[2]; - - byte[] Ke, Ki; - byte[] constant = new byte[5]; - BytesUtil.int2bytes(usage, constant, 0, true); - constant[4] = (byte) 0xaa; - Ke = ((DkKeyMaker) keyMaker()).dk(key, constant); - constant[4] = (byte) 0x55; - Ki = ((DkKeyMaker) keyMaker()).dk(key, constant); - - // decrypt and verify checksum - - byte[] tmpEnc = new byte[confounderLen + dataLen]; - System.arraycopy(workBuffer, 0, - tmpEnc, 0, confounderLen + dataLen); - byte[] checksum = new byte[checksumLen]; - System.arraycopy(workBuffer, confounderLen + dataLen, - checksum, 0, checksumLen); - - byte[] newChecksum; - encProvider().decrypt(Ke, iv, tmpEnc); - newChecksum = makeChecksum(Ki, tmpEnc, checksumLen); - - if (! checksumEqual(checksum, newChecksum)) { - throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY); - } - - byte[] data = new byte[dataLen]; - System.arraycopy(tmpEnc, confounderLen, data, 0, dataLen); - return data; - } - - protected abstract byte[] makeChecksum(byte[] key, byte[] data, int hashSize) - throws KrbException; -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java deleted file mode 100644 index c731248..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/KeKiHmacSha1Enc.java +++ /dev/null @@ -1,50 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.crypto.Hmac; -import org.apache.kerberos.kerb.crypto.cksum.HashProvider; -import org.apache.kerberos.kerb.KrbException; - -public abstract class KeKiHmacSha1Enc extends KeKiEnc { - - public KeKiHmacSha1Enc(EncryptProvider encProvider, - HashProvider hashProvider) { - super(encProvider, hashProvider); - } - - @Override - public int paddingSize() { - return 0; - } - - @Override - protected byte[] makeChecksum(byte[] key, byte[] data, int hashSize) - throws KrbException { - - // generate hash - byte[] hash = Hmac.hmac(hashProvider(), key, data); - - // truncate hash - byte[] output = new byte[hashSize]; - System.arraycopy(hash, 0, output, 0, hashSize); - return output; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java deleted file mode 100644 index 27d660c..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacEnc.java +++ /dev/null @@ -1,149 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.KrbErrorCode; -import org.apache.kerberos.kerb.crypto.BytesUtil; -import org.apache.kerberos.kerb.crypto.Confounder; -import org.apache.kerberos.kerb.crypto.Rc4; -import org.apache.kerberos.kerb.crypto.Hmac; -import org.apache.kerberos.kerb.crypto.cksum.provider.Md5Provider; -import org.apache.kerberos.kerb.crypto.enc.provider.Rc4Provider; -import org.apache.kerberos.kerb.crypto.key.Rc4KeyMaker; -import org.apache.kerberos.kerb.KrbException; -import org.apache.kerberos.kerb.spec.common.CheckSumType; -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Rc4HmacEnc extends AbstractEncTypeHandler { - private boolean exportable; - - public Rc4HmacEnc() { - this(false); - } - - public Rc4HmacEnc(boolean exportable) { - super(new Rc4Provider(), new Md5Provider()); - keyMaker(new Rc4KeyMaker(this.encProvider())); - this.exportable = exportable; - } - - public EncryptionType eType() { - return EncryptionType.ARCFOUR_HMAC; - } - - @Override - public int confounderSize() { - return 8; - } - - @Override - public int paddingSize() { - return 0; - } - - public CheckSumType checksumType() { - return CheckSumType.HMAC_MD5_ARCFOUR; - } - - protected void encryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int dataLen = workLens[2]; - - /** - * Instead of E(Confounder | Checksum | Plaintext | Padding), - * Checksum | E(Confounder | Plaintext) - */ - - // confounder - byte[] confounder = Confounder.makeBytes(confounderLen); - System.arraycopy(confounder, 0, workBuffer, checksumLen, confounderLen); - - // no padding - - /* checksum and encryption */ - byte[] usageKey = makeUsageKey(key, usage); - - byte[] checksum = Hmac.hmac(hashProvider(), usageKey, workBuffer, - checksumLen, confounderLen + dataLen); - - byte[] encKey = makeEncKey(usageKey, checksum); - - byte[] tmpEnc = new byte[confounderLen + dataLen]; - System.arraycopy(workBuffer, checksumLen, - tmpEnc, 0, confounderLen + dataLen); - encProvider().encrypt(encKey, iv, tmpEnc); - System.arraycopy(checksum, 0, workBuffer, 0, checksumLen); - System.arraycopy(tmpEnc, 0, workBuffer, checksumLen, tmpEnc.length); - } - - protected byte[] makeUsageKey(byte[] key, int usage) throws KrbException { - byte[] salt = Rc4.getSalt(usage, exportable); - byte[] usageKey = Hmac.hmac(hashProvider(), key, salt); - return usageKey; - } - - protected byte[] makeEncKey(byte[] usageKey, byte[] checksum) throws KrbException { - byte[] tmpKey = usageKey; - - if (exportable) { - tmpKey = BytesUtil.duplicate(usageKey); - for (int i = 0; i < 9; ++i) { - tmpKey[i + 7] = (byte) 0xab; - } - } - - byte[] encKey = Hmac.hmac(hashProvider(), tmpKey, checksum); - return encKey; - } - - @Override - protected byte[] decryptWith(byte[] workBuffer, int[] workLens, - byte[] key, byte[] iv, int usage) throws KrbException { - int confounderLen = workLens[0]; - int checksumLen = workLens[1]; - int dataLen = workLens[2]; - - /* checksum and decryption */ - byte[] usageKey = makeUsageKey(key, usage); - - byte[] checksum = new byte[checksumLen]; - System.arraycopy(workBuffer, 0, checksum, 0, checksumLen); - - byte[] encKey = makeEncKey(usageKey, checksum); - - byte[] tmpEnc = new byte[confounderLen + dataLen]; - System.arraycopy(workBuffer, checksumLen, - tmpEnc, 0, confounderLen + dataLen); - encProvider().decrypt(encKey, iv, tmpEnc); - - byte[] newChecksum = Hmac.hmac(hashProvider(), usageKey, tmpEnc); - if (! checksumEqual(checksum, newChecksum)) { - throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY); - } - - byte[] data = new byte[dataLen]; - System.arraycopy(tmpEnc, confounderLen, - data, 0, dataLen); - - return data; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java deleted file mode 100644 index 63ea752..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/Rc4HmacExpEnc.java +++ /dev/null @@ -1,33 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc; - -import org.apache.kerberos.kerb.spec.common.EncryptionType; - -public class Rc4HmacExpEnc extends Rc4HmacEnc { - - public Rc4HmacExpEnc() { - super(true); - } - - public EncryptionType eType() { - return EncryptionType.ARCFOUR_HMAC_EXP; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java deleted file mode 100644 index 8d2a693..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AbstractEncryptProvider.java +++ /dev/null @@ -1,99 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.crypto.enc.EncryptProvider; -import org.apache.kerberos.kerb.KrbException; - -public abstract class AbstractEncryptProvider implements EncryptProvider { - private int blockSize; - private int keyInputSize; - private int keySize; - - public AbstractEncryptProvider(int blockSize, int keyInputSize, int keySize) { - this.blockSize = blockSize; - this.keyInputSize = keyInputSize; - this.keySize = keySize; - } - - @Override - public int keyInputSize() { - return keyInputSize; - } - - @Override - public int keySize() { - return keySize; - } - - @Override - public int blockSize() { - return blockSize; - } - - @Override - public byte[] initState(byte[] key, int keyUsage) { - return new byte[0]; - } - - @Override - public void encrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException { - doEncrypt(data, key, cipherState, true); - } - - @Override - public void decrypt(byte[] key, byte[] cipherState, byte[] data) throws KrbException { - doEncrypt(data, key, cipherState, false); - } - - @Override - public void encrypt(byte[] key, byte[] data) throws KrbException { - byte[] cipherState = new byte[blockSize()]; - encrypt(key, cipherState, data); - } - - @Override - public void decrypt(byte[] key, byte[] data) throws KrbException { - byte[] cipherState = new byte[blockSize()]; - decrypt(key, cipherState, data); - } - - protected abstract void doEncrypt(byte[] data, byte[] key, byte[] cipherState, boolean encrypt) throws KrbException; - - @Override - public byte[] cbcMac(byte[] key, byte[] iv, byte[] data) throws KrbException { - throw new UnsupportedOperationException(); - } - - @Override - public boolean supportCbcMac() { - return false; - } - - @Override - public void cleanState() { - - } - - @Override - public void cleanKey() { - - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java deleted file mode 100644 index 52157e6..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes128Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -public class Aes128Provider extends AesProvider { - - public Aes128Provider() { - super(16, 16, 16); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java deleted file mode 100644 index 91c1b49..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Aes256Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -public class Aes256Provider extends AesProvider { - - public Aes256Provider() { - super(16, 32, 32); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java deleted file mode 100644 index 334f8c9..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/AesProvider.java +++ /dev/null @@ -1,62 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.KrbException; - -import javax.crypto.Cipher; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; -import java.security.GeneralSecurityException; - -public abstract class AesProvider extends AbstractEncryptProvider { - - public AesProvider(int blockSize, int keyInputSize, int keySize) { - super(blockSize, keyInputSize, keySize); - } - - @Override - protected void doEncrypt(byte[] data, byte[] key, - byte[] cipherState, boolean encrypt) throws KrbException { - Cipher cipher = null; - try { - cipher = Cipher.getInstance("AES/CTS/NoPadding"); - } catch (GeneralSecurityException e) { - KrbException ke = new KrbException("JCE provider may not be installed. " - + e.getMessage()); - ke.initCause(e); - throw ke; - } - - try { - SecretKeySpec secretKey = new SecretKeySpec(key, "AES"); - IvParameterSpec param = new IvParameterSpec(cipherState); - - cipher.init(encrypt ? - Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, param); - byte[] output = cipher.doFinal(data); - System.arraycopy(output, 0, data, 0, output.length); - } catch (GeneralSecurityException e) { - KrbException ke = new KrbException(e.getMessage()); - ke.initCause(e); - throw ke; - } - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java deleted file mode 100644 index 50096dc..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia128Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -public class Camellia128Provider extends CamelliaProvider { - - public Camellia128Provider() { - super(16, 16, 16); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java deleted file mode 100644 index 0561847..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Camellia256Provider.java +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -public class Camellia256Provider extends CamelliaProvider { - - public Camellia256Provider() { - super(16, 32, 32); - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java deleted file mode 100644 index 8c41b5e..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/CamelliaProvider.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.crypto.Camellia; -import org.apache.kerberos.kerb.KrbException; - -public abstract class CamelliaProvider extends AbstractEncryptProvider { - - public CamelliaProvider(int blockSize, int keyInputSize, int keySize) { - super(blockSize, keyInputSize, keySize); - } - - @Override - protected void doEncrypt(byte[] data, byte[] key, - byte[] cipherState, boolean encrypt) throws KrbException { - - Camellia cipher = new Camellia(); - cipher.setKey(encrypt, key); - if (encrypt) { - cipher.encrypt(data, cipherState); - } else { - cipher.decrypt(data, cipherState); - } - } - - @Override - public boolean supportCbcMac() { - return true; - } - - @Override - public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) { - Camellia cipher = new Camellia(); - cipher.setKey(true, key); - - int blocksNum = data.length / blockSize(); - cipher.cbcEnc(data, 0, blocksNum, cipherState); - return data; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java deleted file mode 100644 index 6e78d8a..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Des3Provider.java +++ /dev/null @@ -1,65 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.KrbException; - -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.DESedeKeySpec; -import javax.crypto.spec.IvParameterSpec; -import java.security.GeneralSecurityException; -import java.security.spec.KeySpec; - -public class Des3Provider extends AbstractEncryptProvider { - - public Des3Provider() { - super(8, 21, 24); - } - - @Override - protected void doEncrypt(byte[] input, byte[] key, - byte[] cipherState, boolean encrypt) throws KrbException { - - Cipher cipher = null; - try { - cipher = Cipher.getInstance("DESede/CBC/NoPadding"); - } catch (GeneralSecurityException e) { - throw new KrbException("Failed to init cipher", e); - } - - try { - IvParameterSpec params = new IvParameterSpec(cipherState); - KeySpec skSpec = new DESedeKeySpec(key, 0); - - SecretKeyFactory skf = SecretKeyFactory.getInstance("desede"); - SecretKey secretKey = skf.generateSecret(skSpec); - - cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey, params); - - byte[] output = cipher.doFinal(input); - System.arraycopy(output, 0, input, 0, output.length); - } catch (GeneralSecurityException e) { - throw new KrbException("Failed to doEncrypt", e); - } - } - -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java deleted file mode 100644 index 9caa308..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/DesProvider.java +++ /dev/null @@ -1,98 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.KrbException; - -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; -import java.security.GeneralSecurityException; - -public class DesProvider extends AbstractEncryptProvider { - - public DesProvider() { - super(8, 7, 8); - } - - @Override - protected void doEncrypt(byte[] input, byte[] key, - byte[] cipherState, boolean encrypt) throws KrbException { - - Cipher cipher = null; - try { - cipher = Cipher.getInstance("DES/CBC/NoPadding"); - } catch (GeneralSecurityException e) { - throw new KrbException("Failed to init cipher", e); - } - IvParameterSpec params = new IvParameterSpec(cipherState); - SecretKeySpec skSpec = new SecretKeySpec(key, "DES"); - try { - SecretKeyFactory skf = SecretKeyFactory.getInstance("DES"); - SecretKey sk = (SecretKey) skSpec; - - cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, sk, params); - - byte[] output = cipher.doFinal(input); - System.arraycopy(output, 0, input, 0, output.length); - } catch (GeneralSecurityException e) { - KrbException ke = new KrbException(e.getMessage()); - ke.initCause(e); - throw ke; - } - } - - @Override - public byte[] cbcMac(byte[] key, byte[] cipherState, byte[] data) throws KrbException { - Cipher cipher = null; - try { - cipher = Cipher.getInstance("DES/CBC/NoPadding"); - } catch (GeneralSecurityException e) { - throw new KrbException("Failed to init cipher", e); - } - IvParameterSpec params = new IvParameterSpec(cipherState); - SecretKeySpec skSpec = new SecretKeySpec(key, "DES"); - - byte[] output = null; - try { - SecretKeyFactory skf = SecretKeyFactory.getInstance("DES"); - // SecretKey sk = skf.generateSecret(skSpec); - SecretKey sk = (SecretKey) skSpec; - cipher.init(Cipher.ENCRYPT_MODE, sk, params); - for (int i = 0; i < data.length / 8; i++) { - output = cipher.doFinal(data, i * 8, 8); - cipher.init(Cipher.ENCRYPT_MODE, sk, (new IvParameterSpec(output))); - } - } - catch (GeneralSecurityException e) { - KrbException ke = new KrbException(e.getMessage()); - ke.initCause(e); - throw ke; - } - return output; - } - - @Override - public boolean supportCbcMac() { - return true; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java deleted file mode 100644 index 5836ad0..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/enc/provider/Rc4Provider.java +++ /dev/null @@ -1,49 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.enc.provider; - -import org.apache.kerberos.kerb.KrbException; - -import javax.crypto.Cipher; -import javax.crypto.spec.SecretKeySpec; -import java.security.GeneralSecurityException; - -public class Rc4Provider extends AbstractEncryptProvider { - - public Rc4Provider() { - super(1, 16, 16); - } - - @Override - protected void doEncrypt(byte[] data, byte[] key, - byte[] cipherState, boolean encrypt) throws KrbException { - try { - Cipher cipher = Cipher.getInstance("ARCFOUR"); - SecretKeySpec secretKey = new SecretKeySpec(key, "ARCFOUR"); - cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, secretKey); - byte[] output = cipher.doFinal(data); - System.arraycopy(output, 0, data, 0, output.length); - } catch (GeneralSecurityException e) { - KrbException ke = new KrbException(e.getMessage()); - ke.initCause(e); - throw ke; - } - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java deleted file mode 100644 index 69b5576..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AbstractKeyMaker.java +++ /dev/null @@ -1,93 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.key; - -import org.apache.kerberos.kerb.crypto.BytesUtil; -import org.apache.kerberos.kerb.crypto.enc.EncryptProvider; -import org.apache.kerberos.kerb.KrbException; - -import java.io.UnsupportedEncodingException; - -public abstract class AbstractKeyMaker implements KeyMaker { - - protected static final byte[] KERBEROS_CONSTANT = "kerberos".getBytes(); - - private EncryptProvider encProvider; - - public AbstractKeyMaker(EncryptProvider encProvider) { - this.encProvider = encProvider; - } - - protected EncryptProvider encProvider() { - return encProvider; - } - - @Override - public byte[] random2Key(byte[] randomBits) throws KrbException { - return new byte[0]; - } - - /** - * Visible for test - */ - public static byte[] makePasswdSalt(String password, String salt) { - char[] chars = new char[password.length() + salt.length()]; - System.arraycopy(password.toCharArray(), 0, chars, 0, password.length()); - System.arraycopy(salt.toCharArray(), 0, chars, password.length(), salt.length()); - - try { - return new String(chars).getBytes("UTF-8"); - } catch (UnsupportedEncodingException e) { - throw new RuntimeException("Character decoding failed", e); - } - } - - protected static int getIterCount(byte[] param, int defCount) { - int iterCount = defCount; - - if (param != null) { - if (param.length != 4) { - throw new IllegalArgumentException("Invalid param to str2Key"); - } - iterCount = BytesUtil.bytes2int(param, 0, true); - } - - return iterCount; - } - - protected static byte[] getSaltBytes(String salt, String pepper) - throws UnsupportedEncodingException { - byte[] saltBytes = salt.getBytes("UTF-8"); - if (pepper != null && ! pepper.isEmpty()) { - byte[] pepperBytes = pepper.getBytes("UTF-8"); - int len = saltBytes.length; - len += 1 + pepperBytes.length; - byte[] results = new byte[len]; - System.arraycopy(pepperBytes, 0, results, 0, pepperBytes.length); - results[pepperBytes.length] = (byte) 0; - System.arraycopy(saltBytes, 0, - results, pepperBytes.length + 1, saltBytes.length); - - return results; - } else { - return saltBytes; - } - } -} http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java ---------------------------------------------------------------------- diff --git a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java b/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java deleted file mode 100644 index b370bfe..0000000 --- a/haox-kerb/kerb-crypto/src/main/java/org/apache/kerberos/kerb/crypto/key/AesKeyMaker.java +++ /dev/null @@ -1,65 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerberos.kerb.crypto.key; - -import org.apache.kerberos.kerb.KrbException; -import org.apache.kerberos.kerb.crypto.Pbkdf; -import org.apache.kerberos.kerb.crypto.enc.provider.AesProvider; - -import java.io.UnsupportedEncodingException; -import java.security.GeneralSecurityException; - -public class AesKeyMaker extends DkKeyMaker { - - public AesKeyMaker(AesProvider encProvider) { - super(encProvider); - } - - @Override - public byte[] random2Key(byte[] randomBits) throws KrbException { - return randomBits; - } - - @Override - public byte[] str2key(String string, String salt, byte[] param) throws KrbException { - int iterCount = getIterCount(param, 4096); - - byte[] saltBytes = null; - try { - saltBytes = getSaltBytes(salt, null); - } catch (UnsupportedEncodingException e) { - throw new RuntimeException(e); - } - - int keySize = encProvider().keySize(); - byte[] random = new byte[0]; - try { - random = Pbkdf.PBKDF2(string.toCharArray(), saltBytes, iterCount, keySize); - } catch (GeneralSecurityException e) { - throw new KrbException("PBKDF2 failed", e); - } - - byte[] tmpKey = random2Key(random); - byte[] result = dk(tmpKey, KERBEROS_CONSTANT); - - return result; - } - -}