directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject [5/7] directory-kerby git commit: Refactored kerb-core packages
Date Fri, 20 Mar 2015 23:35:08 GMT
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/AuthToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/AuthToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/AuthToken.java
new file mode 100644
index 0000000..982f0c4
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/AuthToken.java
@@ -0,0 +1,96 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * This is the token definition API according to TokenPreauth draft.
+ */
+public interface AuthToken {
+
+    /**
+     * Get the token subject
+     * @return token subject
+     */
+    public String getSubject();
+
+    /**
+     * Get the token issuer
+     * @return token issuer
+     */
+    public String getIssuer();
+
+    /**
+     * Get token audiences
+     * @return token audiences
+     */
+    public List<String> getAudiences();
+
+    /**
+     * Is an Identity Token ?
+     * @return true if it's an identity token, false otherwise
+     */
+    public boolean isIdToken();
+
+    /**
+     * Is an Access Token ?
+     * @return true if it's an access token, false otherwise
+     */
+    public boolean isAcToken();
+
+    /**
+     * Is a Bearer Token ?
+     * @return true if it's an bearer token, false otherwise
+     */
+    public boolean isBearerToken();
+
+    /**
+     * Is an Holder-of-Key Token (HOK) ?
+     * @return true if it's a HOK token, false otherwise
+     */
+    public boolean isHolderOfKeyToken();
+
+    /**
+     * Get token expired data time.
+     * @return expired time
+     */
+    public Date getExpiredTime();
+
+    /**
+     * Get token not before time.
+     * @return not before time
+     */
+    public Date getNotBeforeTime();
+
+    /**
+     * Get token issued at time when the token is issued.
+     * @return issued at time
+     */
+    public Date getIssuedAtTime();
+
+    /**
+     * Get token attributes.
+     * @return token attributes
+     */
+    public Map<String, String> getAttributes();
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSum.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSum.java
new file mode 100644
index 0000000..060d537
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSum.java
@@ -0,0 +1,101 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ Checksum        ::= SEQUENCE {
+ cksumtype       [0] Int32,
+ checksum        [1] OCTET STRING
+ }
+ */
+public class CheckSum extends KrbSequenceType {
+    private static int CKSUM_TYPE = 0;
+    private static int CHECK_SUM = 1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+        new Asn1FieldInfo(CKSUM_TYPE, 0, Asn1Integer.class),
+        new Asn1FieldInfo(CHECK_SUM, 1, Asn1OctetString.class)
+    };
+
+    public CheckSum() {
+        super(fieldInfos);
+    }
+
+    public CheckSum(CheckSumType cksumType, byte[] checksum) {
+        this();
+
+        setCksumtype(cksumType);
+        setChecksum(checksum);
+    }
+
+    public CheckSum(int cksumType, byte[] checksum) {
+        this(CheckSumType.fromValue(cksumType), checksum);
+    }
+
+    public CheckSumType getCksumtype() {
+        Integer value = getFieldAsInteger(CKSUM_TYPE);
+        return CheckSumType.fromValue(value);
+    }
+
+    public void setCksumtype(CheckSumType cksumtype) {
+        setFieldAsInt(CKSUM_TYPE, cksumtype.getValue());
+    }
+
+    public byte[] getChecksum() {
+        return getFieldAsOctets(CHECK_SUM);
+    }
+
+    public void setChecksum(byte[] checksum) {
+        setFieldAsOctets(CHECK_SUM, checksum);
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (this == other) {
+            return true;
+        }
+        if (other == null || getClass() != other.getClass()) {
+            return false;
+        }
+
+        CheckSum that = (CheckSum) other;
+
+        if (getCksumtype() != that.getCksumtype()) {
+            return false;
+        }
+
+        return Arrays.equals(getChecksum(), that.getChecksum());
+    }
+
+    public boolean isEqual(CheckSum other) {
+        return this.equals(other);
+    }
+
+    public boolean isEqual(byte[] cksumBytes) {
+        return Arrays.equals(getChecksum(), cksumBytes);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSumType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSumType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSumType.java
new file mode 100644
index 0000000..c6386fa
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/CheckSumType.java
@@ -0,0 +1,123 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum CheckSumType implements KrbEnum {
+    NONE(0, "none", "None checksum type"),
+
+    CRC32(0x0001, "crc32", "CRC-32"),
+
+    RSA_MD4(0x0002, "md4", "RSA-MD4"),
+
+    RSA_MD4_DES(0x0003, "md4-des", "RSA-MD4 with DES cbc mode"),
+
+    DES_CBC(0x0004, "des-cbc", "DES cbc mode"),
+    DES_MAC(0x0004, "des-mac", "DES cbc mode"),
+
+    //des-mac-k
+
+    //rsa-md4-des-k
+
+    RSA_MD5(0x0007, "md5", "RSA-MD5"),
+
+    RSA_MD5_DES(0x0008, "md5-des", "RSA-MD5 with DES cbc mode"),
+
+    NIST_SHA(0x0009, "sha", "NIST-SHA"),
+
+    HMAC_SHA1_DES3(0x000c, "hmac-sha1-des3", "HMAC-SHA1 DES3 key"),
+    HMAC_SHA1_DES3_KD(0x000c, "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key"),
+
+    ////RFC 3962. Used with ENCTYPE_AES128_CTS_HMAC_SHA1_96
+    HMAC_SHA1_96_AES128(0x000f, "hmac-sha1-96-aes128", "HMAC-SHA1 AES128 key"),
+
+    //RFC 3962. Used with ENCTYPE_AES256_CTS_HMAC_SHA1_96
+    HMAC_SHA1_96_AES256(0x0010, "hmac-sha1-96-aes256", "HMAC-SHA1 AES256 key"),
+
+    //RFC 6803
+    CMAC_CAMELLIA128(0x0011, "cmac-camellia128", "CMAC Camellia128 key"),
+
+    //RFC 6803
+    CMAC_CAMELLIA256(0x0012, "cmac-camellia256", "CMAC Camellia256 key"),
+
+    //Microsoft netlogon cksumtype
+    MD5_HMAC_ARCFOUR(-137, "md5-hmac-rc4", "Microsoft MD5 HMAC"),
+
+    //Microsoft md5 hmac cksumtype
+    HMAC_MD5_ARCFOUR(-138, "hmac-md5-arcfour", "Microsoft HMAC MD5"),
+    HMAC_MD5_ENC(-138, "hmac-md5-enc", "Microsoft HMAC MD5"),
+    HMAC_MD5_RC4(-138, "hmac-md5-rc4", "Microsoft HMAC MD5");
+
+    private final int value;
+
+    private final String name;
+
+    private final String displayName;
+
+    private CheckSumType(int value, String name, String displayName) {
+        this.value = value;
+        this.name = name;
+        this.displayName = displayName;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getDisplayName() {
+        return displayName;
+    }
+
+    /**
+     * Is the type uses AES256 or not
+     * @return true if uses AES256, false otherwise.
+     */
+    public boolean usesAES256() {
+        return name.contains("aes256");
+    }
+
+    public static CheckSumType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value) {
+                    return (CheckSumType) e;
+                }
+            }
+        }
+        return NONE;
+    }
+
+    public static CheckSumType fromName(String name) {
+        if (name != null) {
+            for (CheckSumType cs : values()) {
+                if (cs.getName() == name) {
+                    return (CheckSumType) cs;
+                }
+            }
+        }
+        return NONE;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptedData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptedData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptedData.java
new file mode 100644
index 0000000..755a9a1
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptedData.java
@@ -0,0 +1,102 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptedData   ::= SEQUENCE {
+ etype   [0] Int32 -- EncryptionType --,
+ kvno    [1] UInt32 OPTIONAL,
+ cipher  [2] OCTET STRING -- ciphertext
+ }
+ */
+public class EncryptedData extends KrbSequenceType {
+    private static int ETYPE = 0;
+    private static int KVNO = 1;
+    private static int CIPHER = 2;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(KVNO, 1, Asn1Integer.class),
+            new Asn1FieldInfo(CIPHER, 2, Asn1OctetString.class)
+    };
+
+    public EncryptedData() {
+        super(fieldInfos);
+    }
+
+    public EncryptionType getEType() {
+        Integer value = getFieldAsInteger(ETYPE);
+        return EncryptionType.fromValue(value);
+    }
+
+    public void setEType(EncryptionType eType) {
+        setFieldAsInt(ETYPE, eType.getValue());
+    }
+
+    public int getKvno() {
+        Integer value = getFieldAsInteger(KVNO);
+        if (value != null) {
+            return value.intValue();
+        }
+        return -1;
+    }
+
+    public void setKvno(int kvno) {
+        setFieldAsInt(KVNO, kvno);
+    }
+
+    public byte[] getCipher() {
+        return getFieldAsOctets(CIPHER);
+    }
+
+    public void setCipher(byte[] cipher) {
+        setFieldAsOctets(CIPHER, cipher);
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+
+        EncryptedData that = (EncryptedData) o;
+
+        /*
+        if (getKvno() != -1 && that.getKvno() != -1 &&
+                getKvno() != that.getKvno()) return false;
+        */
+
+        if (getEType() != that.getEType()) {
+            return false;
+        }
+
+        return Arrays.equals(getCipher(), that.getCipher());
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionKey.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionKey.java
new file mode 100644
index 0000000..1f25eec
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionKey.java
@@ -0,0 +1,115 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+
+/**
+ EncryptionKey   ::= SEQUENCE {
+ keytype         [0] Int32 -- actually encryption type --,
+ keyvalue        [1] OCTET STRING
+ }
+ */
+public class EncryptionKey extends KrbSequenceType {
+    private static int KEY_TYPE = 0;
+    private static int KEY_VALUE = 1;
+
+    private int kvno = -1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(KEY_TYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(KEY_VALUE, 1, Asn1OctetString.class)
+    };
+
+    public EncryptionKey() {
+        super(fieldInfos);
+    }
+
+    public EncryptionKey(int keyType, byte[] keyData) {
+        this(keyType, keyData, -1);
+    }
+
+    public EncryptionKey(int keyType, byte[] keyData, int kvno) {
+        this(EncryptionType.fromValue(keyType), keyData, kvno);
+    }
+
+    public EncryptionKey(EncryptionType keyType, byte[] keyData) {
+        this(keyType, keyData, -1);
+    }
+
+    public EncryptionKey(EncryptionType keyType, byte[] keyData, int kvno) {
+        this();
+        setKeyType(keyType);
+        setKeyData(keyData);
+        setKvno(kvno);
+    }
+
+    public EncryptionType getKeyType() {
+        Integer value = getFieldAsInteger(KEY_TYPE);
+        return EncryptionType.fromValue(value);
+    }
+
+    public void setKeyType(EncryptionType keyType) {
+        setFieldAsInt(KEY_TYPE, keyType.getValue());
+    }
+
+    public byte[] getKeyData() {
+        return getFieldAsOctets(KEY_VALUE);
+    }
+
+    public void setKeyData(byte[] keyData) {
+        setFieldAsOctets(KEY_VALUE, keyData);
+    }
+
+    public void setKvno(int kvno) {
+        this.kvno = kvno;
+    }
+
+    public int getKvno() {
+        return kvno;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+
+        EncryptionKey that = (EncryptionKey) o;
+
+        if (kvno != -1 && that.kvno != -1 && kvno != that.kvno) {
+            return false;
+        }
+
+        if (getKeyType() != that.getKeyType()) {
+            return false;
+        }
+
+        return Arrays.equals(getKeyData(), that.getKeyData());
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionType.java
new file mode 100644
index 0000000..fda305b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EncryptionType.java
@@ -0,0 +1,140 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * According to krb5.hin
+ */
+public enum EncryptionType implements KrbEnum {
+
+    NONE(0, "none", "None encryption type"),
+
+    DES_CBC_CRC(0x0001, "des-cbc-crc", "DES cbc mode with CRC-32"),
+
+    DES_CBC_MD4(0x0002, "des-cbc-md4", "DES cbc mode with RSA-MD4"),
+
+    DES_CBC_MD5(0x0003, "des-cbc-md5", "DES cbc mode with RSA-MD5"),
+    DES(0x0003, "des", "DES cbc mode with RSA-MD5"),
+
+    DES_CBC_RAW(0x0004, "des-cbc-raw", "DES cbc mode raw"),
+
+    DES3_CBC_SHA(0x0005, "des3-cbc-sha", "DES-3 cbc with SHA1"),
+
+    DES3_CBC_RAW(0x0006, "des3-cbc-raw", "Triple DES cbc mode raw"),
+
+    DES_HMAC_SHA1(0x0008, "des-hmac-sha1", "DES with HMAC/sha1"),
+
+    DSA_SHA1_CMS(0x0009, "dsa-sha1-cms", "DSA with SHA1, CMS signature"),
+
+    MD5_RSA_CMS(0x000a, "md5-rsa-cms", "MD5 with RSA, CMS signature"),
+
+    SHA1_RSA_CMS(0x000b, "sha1-rsa-cms", "SHA1 with RSA, CMS signature"),
+
+    RC2_CBC_ENV(0x000c, "rc2-cbc-env", "RC2 cbc mode, CMS enveloped data"),
+
+    RSA_ENV(0x000d, "rsa-env", "RSA encryption, CMS enveloped data"),
+
+    RSA_ES_OAEP_ENV(0x000e, "rsa-es-oaep-env", "RSA w/OEAP encryption, CMS enveloped data"),
+
+    DES3_CBC_ENV(0x000f, "des3-cbc-env", "DES-3 cbc mode, CMS enveloped data"),
+
+    DES3_CBC_SHA1(0x0010, "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1"),
+    DES3_HMAC_SHA1(0x0010, "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1"),
+    DES3_CBC_SHA1_KD(0x0010, "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1"),
+
+    AES128_CTS_HMAC_SHA1_96 (0x0011, "aes128-cts-hmac-sha1-96", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+    AES128_CTS (0x0011, "aes128-cts", "AES-128 CTS mode with 96-bit SHA-1 HMAC"),
+
+    AES256_CTS_HMAC_SHA1_96(0x0012, "aes256-cts-hmac-sha1-96", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+    AES256_CTS(0x0012, "aes256-cts", "AES-256 CTS mode with 96-bit SHA-1 HMAC"),
+
+    ARCFOUR_HMAC(0x0017, "arcfour-hmac", "ArcFour with HMAC/md5"),
+    RC4_HMAC(0x0017, "rc4-hmac", "ArcFour with HMAC/md5"),
+    ARCFOUR_HMAC_MD5(0x0017, "arcfour-hmac-md5", "ArcFour with HMAC/md5"),
+
+    ARCFOUR_HMAC_EXP(0x0018, "arcfour-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+    RC4_HMAC_EXP(0x0018, "rc4-hmac-exp", "Exportable ArcFour with HMAC/md5"),
+    ARCFOUR_HMAC_MD5_EXP(0x0018, "arcfour-hmac-md5-exp", "Exportable ArcFour with HMAC/md5"),
+
+    CAMELLIA128_CTS_CMAC(0x0019, "camellia128-cts-cmac", "Camellia-128 CTS mode with CMAC"),
+    CAMELLIA128_CTS(0x0019, "camellia128-cts", "Camellia-128 CTS mode with CMAC"),
+
+    CAMELLIA256_CTS_CMAC(0x001a, "camellia256-cts-cmac", "Camellia-256 CTS mode with CMAC"),
+    CAMELLIA256_CTS(0x001a, "camellia256-cts", "Camellia-256 CTS mode with CMAC");
+
+    //UNKNOWN(0x01ff, "UNKNOWN", "Unknown encryption type");
+
+    private final int value;
+
+    private final String name;
+
+    private final String displayName;
+
+    private EncryptionType(int value, String name, String displayName) {
+        this.value = value;
+        this.name = name;
+        this.displayName = displayName;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public String getDisplayName() {
+        return displayName;
+    }
+
+    /**
+     * Is the type uses AES256 or not
+     * @return true if uses AES256, false otherwise.
+     */
+    public boolean usesAES256() {
+        return name.contains("aes256");
+    }
+
+    public static EncryptionType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value) {
+                    return (EncryptionType) e;
+                }
+            }
+        }
+        return NONE;
+    }
+
+    public static EncryptionType fromName(String name) {
+        if (name != null) {
+            for (EncryptionType e : values()) {
+                if (e.getName().equals(name)) {
+                    return (EncryptionType) e;
+                }
+            }
+        }
+        return NONE;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo.java
new file mode 100644
index 0000000..76abe24
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo.java
@@ -0,0 +1,29 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO              ::= SEQUENCE OF ETYPE-INFO-ENTRY
+ */
+public class EtypeInfo extends KrbSequenceOfType<EtypeInfoEntry> {
+
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2.java
new file mode 100644
index 0000000..47013aa
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2.java
@@ -0,0 +1,29 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ ETYPE-INFO2             ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY
+ */
+public class EtypeInfo2 extends KrbSequenceOfType<EtypeInfo2Entry> {
+
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2Entry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2Entry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2Entry.java
new file mode 100644
index 0000000..25cffc4
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfo2Entry.java
@@ -0,0 +1,73 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO2-ENTRY       ::= SEQUENCE {
+ etype           [0] Int32,
+ salt            [1] KerberosString OPTIONAL,
+ s2kparams       [2] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfo2Entry extends KrbSequenceType {
+    private static int ETYPE = 0;
+    private static int SALT = 1;
+    private static int S2KPARAMS = 2;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(SALT, 1, KerberosString.class),
+            new Asn1FieldInfo(S2KPARAMS, 2, Asn1OctetString.class)
+    };
+
+    public EtypeInfo2Entry() {
+        super(fieldInfos);
+    }
+
+    public EncryptionType getEtype() {
+        return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+    }
+
+    public void setEtype(EncryptionType etype) {
+        setField(ETYPE, etype);
+    }
+
+    public String getSalt() {
+        return getFieldAsString(SALT);
+    }
+
+    public void setSalt(String salt) {
+        setFieldAsString(SALT, salt);
+    }
+
+    public byte[] getS2kParams() {
+        return getFieldAsOctets(S2KPARAMS);
+    }
+
+    public void setS2kParams(byte[] s2kParams) {
+        setFieldAsOctets(S2KPARAMS, s2kParams);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfoEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfoEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfoEntry.java
new file mode 100644
index 0000000..716f4b9
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/EtypeInfoEntry.java
@@ -0,0 +1,61 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ ETYPE-INFO-ENTRY        ::= SEQUENCE {
+ etype           [0] Int32,
+ salt            [1] OCTET STRING OPTIONAL
+ }
+ */
+public class EtypeInfoEntry extends KrbSequenceType {
+    private static int ETYPE = 0;
+    private static int SALT = 1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(ETYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(SALT, 1, Asn1OctetString.class)
+    };
+
+    public EtypeInfoEntry() {
+        super(fieldInfos);
+    }
+
+    public EncryptionType getEtype() {
+        return EncryptionType.fromValue(getFieldAsInt(ETYPE));
+    }
+
+    public void setEtype(EncryptionType etype) {
+        setField(ETYPE, etype);
+    }
+
+    public byte[] getSalt() {
+        return getFieldAsOctets(SALT);
+    }
+
+    public void setSalt(byte[] salt) {
+        setFieldAsOctets(SALT, salt);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddrType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddrType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddrType.java
new file mode 100644
index 0000000..db7ced3
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddrType.java
@@ -0,0 +1,100 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum HostAddrType implements KrbEnum {
+    /**
+     * Constant for the "null" host address type.
+     */
+    NULL(0),
+
+    /**
+     * Constant for the "Internet" host address type.
+     */
+    ADDRTYPE_INET(2),
+
+    /**
+     * Constant for the "Arpanet" host address type.
+     */
+    ADDRTYPE_IMPLINK(3),
+
+    /**
+     * Constant for the "CHAOS" host address type.
+     */
+    ADDRTYPE_CHAOS(5),
+
+    /**
+     * Constant for the "XEROX Network Services" host address type.
+     */
+    ADDRTYPE_XNS(6),
+
+    /**
+     * Constant for the "OSI" host address type.
+     */
+    ADDRTYPE_OSI(7),
+
+    /**
+     * Constant for the "DECnet" host address type.
+     */
+    ADDRTYPE_DECNET(12),
+
+    /**
+     * Constant for the "AppleTalk" host address type.
+     */
+    ADDRTYPE_APPLETALK(16),
+
+    /**
+     * Constant for the "NetBios" host address type.
+     *
+     * Not in RFC
+     */
+    ADDRTYPE_NETBIOS(20),
+
+    /**
+     * Constant for the "Internet Protocol V6" host address type.
+     */
+    ADDRTYPE_INET6(24);
+
+
+    private final int value;
+
+    private HostAddrType(int value) {
+        this.value = value;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public static HostAddrType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value.intValue()) {
+                    return (HostAddrType) e;
+                }
+            }
+        }
+
+        return NULL;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddress.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddress.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddress.java
new file mode 100644
index 0000000..e02901d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddress.java
@@ -0,0 +1,109 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.net.InetAddress;
+import java.util.Arrays;
+
+/*
+HostAddress     ::= SEQUENCE  {
+        addr-type       [0] Int32,
+        address         [1] OCTET STRING
+}
+ */
+public class HostAddress extends KrbSequenceType {
+    private static int ADDR_TYPE = 0;
+    private static int ADDRESS = 1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(ADDR_TYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(ADDRESS, 1, Asn1OctetString.class)
+    };
+
+    public HostAddress() {
+        super(fieldInfos);
+    }
+
+    public HostAddress(InetAddress inetAddress) {
+        this();
+
+        setAddrType(HostAddrType.ADDRTYPE_INET);
+        setAddress(inetAddress.getAddress());
+    }
+
+    public HostAddrType getAddrType() {
+        Integer value = getFieldAsInteger(ADDR_TYPE);
+        return HostAddrType.fromValue(value);
+    }
+
+    public void setAddrType(HostAddrType addrType) {
+        setField(ADDR_TYPE, addrType);
+    }
+
+    public byte[] getAddress() {
+        return getFieldAsOctets(ADDRESS);
+    }
+
+    public void setAddress(byte[] address) {
+        setFieldAsOctets(ADDRESS, address);
+    }
+
+    public boolean equalsWith(InetAddress address) {
+        if (address == null) {
+            return false;
+        }
+        HostAddress that = new HostAddress(address);
+        return that.equals(this);
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (other == null) {
+            return false;
+        }
+        if (other == this) {
+            return true;
+        } else if (! (other instanceof HostAddress)) {
+            return false;
+        }
+
+        HostAddress that = (HostAddress) other;
+        if (getAddrType() == that.getAddrType() &&
+                Arrays.equals(getAddress(), that.getAddress())) {
+            return true;
+        }
+        return false;
+    }
+
+    @Override
+    public int hashCode() {
+        int result = getAddrType().getValue();
+        if (getAddress() != null) {
+            result = 31 * result + getAddress().hashCode();
+        }
+
+        return result;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddresses.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddresses.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddresses.java
new file mode 100644
index 0000000..a704d8b
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/HostAddresses.java
@@ -0,0 +1,43 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+import java.net.InetAddress;
+
+/**
+ -- NOTE: HostAddresses is always used as an OPTIONAL field and
+ -- should not be empty.
+ HostAddresses   -- NOTE: subtly different from rfc1510,
+ -- but has a value mapping and encodes the same
+ ::= SEQUENCE OF HostAddress
+ */
+public class HostAddresses extends KrbSequenceOfType<HostAddress> {
+
+    public boolean contains(InetAddress address) {
+        for (HostAddress hostAddress : getElements()) {
+            if (hostAddress.equalsWith(address)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KeyUsage.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KeyUsage.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KeyUsage.java
new file mode 100644
index 0000000..7f5a492
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KeyUsage.java
@@ -0,0 +1,128 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+/**
+ * From krb5.hin
+ */
+public enum KeyUsage implements KrbEnum
+{
+    UNKNOWN(-1),
+    NONE(0),
+    //AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key
+    AS_REQ_PA_ENC_TS(1),
+    //AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key),
+    //encrypted with the service key (Section 5.3)
+    KDC_REP_TICKET(2),
+    //AS-REP encrypted part (includes TGS session key or application session key),
+    //encrypted with the client key (Section 5.4.2)
+    AS_REP_ENCPART(3),
+    //TGS-REQ KDC-REQ-BODY AuthorizationData,
+    //encrypted with the TGS session key (Section 5.4.1)
+    TGS_REQ_AD_SESSKEY(4),
+    //TGS-REQ KDC-REQ-BODY AuthorizationData,
+    //encrypted with the TGS authenticator subkey (Section 5.4.1)
+    TGS_REQ_AD_SUBKEY(5),
+    //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum,
+    //keyed with the TGS session key (Section 5.5.1)
+    TGS_REQ_AUTH_CKSUM(6),
+    //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey),
+    //encrypted with the TGS session key (Section 5.5.1)
+    TGS_REQ_AUTH(7),
+    //TGS-REP encrypted part (includes application session key),
+    //encrypted with the TGS session key (Section 5.4.2)
+    TGS_REP_ENCPART_SESSKEY(8),
+    //TGS-REP encrypted part (includes application session key),
+    //encrypted with the TGS authenticator subkey (Section 5.4.2)
+    TGS_REP_ENCPART_SUBKEY(9),
+    //AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
+    AP_REQ_AUTH_CKSUM(10),
+    //AP-REQ Authenticator (includes application authenticator subkey),
+    //encrypted with the application session key (Section 5.5.1)
+    AP_REQ_AUTH(11),
+    //AP-REP encrypted part (includes application session subkey),
+    //encrypted with the application session key (Section 5.5.2)
+    AP_REP_ENCPART(12),
+    //KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
+    KRB_PRIV_ENCPART(13),
+    KRB_CRED_ENCPART(14),
+    KRB_SAFE_CKSUM(15),
+    APP_DATA_ENCRYPT(16),
+    APP_DATA_CKSUM(17),
+    KRB_ERROR_CKSUM(18),
+    AD_KDCISSUED_CKSUM(19),
+    AD_MTE(20),
+    AD_ITE(21),
+    GSS_TOK_MIC(22),
+    GSS_TOK_WRAP_INTEG(23),
+    GSS_TOK_WRAP_PRIV(24),
+    //Defined in Integrating SAM Mechanisms with Kerberos draft
+    PA_SAM_CHALLENGE_CKSUM(25),
+    //Note conflict with @ref PA_S4U_X509_USER_REQUEST
+    PA_SAM_CHALLENGE_TRACKID(26),
+    //Note conflict with @ref PA_S4U_X509_USER_REPLY
+    PA_SAM_RESPONSE(27),
+    //Defined in [MS-SFU]
+    //Note conflict with @ref PA_SAM_CHALLENGE_TRACKID
+    PA_S4U_X509_USER_REQUEST(26),
+    //Note conflict with @ref PA_SAM_RESPONSE
+    PA_S4U_X509_USER_REPLY(27),
+    //unused
+    PA_REFERRAL(26),
+    AD_SIGNEDPATH(-21),
+    IAKERB_FINISHED(42),
+    PA_PKINIT_KX(44),
+    PA_OTP_REQUEST(45),  //See RFC 6560 section 4.2
+    //define in preauth-framework
+    FAST_REQ_CHKSUM(50),
+    FAST_ENC(51),
+    FAST_REP(52),
+    FAST_FINISHED(53),
+    ENC_CHALLENGE_CLIENT(54),
+    ENC_CHALLENGE_KDC(55),
+    AS_REQ(56);
+
+    private int value;
+
+    private KeyUsage(int value) {
+        this.value = value;
+    }
+
+    public int getValue() {
+        return value;
+    }
+
+    public static KeyUsage fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value) {
+                    return (KeyUsage) e;
+                }
+            }
+        }
+        return UNKNOWN;
+    }
+
+    public static final boolean isValid(int usage) {
+        return usage > -1;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbError.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbError.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbError.java
new file mode 100644
index 0000000..f3da55a
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbError.java
@@ -0,0 +1,166 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.KrbErrorCode;
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+
+/**
+ KRB-ERROR       ::= [APPLICATION 30] SEQUENCE {
+ pvno            [0] INTEGER (5),
+ msg-type        [1] INTEGER (30),
+ ctime           [2] KerberosTime OPTIONAL,
+ cusec           [3] Microseconds OPTIONAL,
+ stime           [4] KerberosTime,
+ susec           [5] Microseconds,
+ error-code      [6] Int32,
+ crealm          [7] Realm OPTIONAL,
+ cname           [8] PrincipalName OPTIONAL,
+ realm           [9] Realm -- service realm --,
+ sname           [10] PrincipalName -- service name --,
+ e-text          [11] KerberosString OPTIONAL,
+ e-data          [12] OCTET STRING OPTIONAL
+ }
+ */
+public class KrbError extends KrbMessage {
+    private static int CTIME = 2;
+    private static int CUSEC = 3;
+    private static int STIME = 4;
+    private static int SUSEC = 5;
+    private static int ERROR_CODE = 6;
+    private static int CREALM = 7;
+    private static int CNAME = 8;
+    private static int REALM = 9;
+    private static int SNAME = 10;
+    private static int ETEXT = 11;
+    private static int EDATA = 12;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(PVNO, Asn1Integer.class),
+            new Asn1FieldInfo(MSG_TYPE, Asn1Integer.class),
+            new Asn1FieldInfo(CTIME, KerberosTime.class),
+            new Asn1FieldInfo(CUSEC, Asn1Integer.class),
+            new Asn1FieldInfo(STIME, KerberosTime.class),
+            new Asn1FieldInfo(SUSEC, Asn1Integer.class),
+            new Asn1FieldInfo(ERROR_CODE, Asn1Integer.class),
+            new Asn1FieldInfo(CREALM, KerberosString.class),
+            new Asn1FieldInfo(CNAME, PrincipalName.class),
+            new Asn1FieldInfo(REALM, KerberosString.class),
+            new Asn1FieldInfo(SNAME, PrincipalName.class),
+            new Asn1FieldInfo(ETEXT, KerberosString.class),
+            new Asn1FieldInfo(EDATA, Asn1OctetString.class)
+    };
+
+    public KrbError() {
+        super(KrbMessageType.KRB_ERROR, fieldInfos);
+    }
+
+    public KerberosTime getCtime() {
+        return getFieldAs(CTIME, KerberosTime.class);
+    }
+
+    public void setCtime(KerberosTime ctime) {
+        setFieldAs(CTIME, ctime);
+    }
+
+    public int getCusec() {
+        return getFieldAsInt(CUSEC);
+    }
+
+    public void setCusec(int cusec) {
+        setFieldAsInt(0, cusec);
+    }
+
+    public KerberosTime getStime() {
+        return getFieldAs(STIME, KerberosTime.class);
+    }
+
+    public void setStime(KerberosTime stime) {
+        setFieldAs(STIME, stime);
+    }
+
+    public int getSusec() {
+        return getFieldAsInt(SUSEC);
+    }
+
+    public void setSusec(int susec) {
+        setFieldAsInt(0, susec);
+    }
+
+    public KrbErrorCode getErrorCode() {
+        return KrbErrorCode.fromValue(getFieldAsInt(ERROR_CODE));
+    }
+
+    public void setErrorCode(KrbErrorCode errorCode) {
+        setField(0, errorCode);
+    }
+
+    public String getCrealm() {
+        return getFieldAsString(CREALM);
+    }
+
+    public void setCrealm(String realm) {
+        setFieldAs(CREALM, new KerberosString(realm));
+    }
+
+    public PrincipalName getCname() {
+        return getFieldAs(CNAME, PrincipalName.class);
+    }
+
+    public void setCname(PrincipalName sname) {
+        setFieldAs(CNAME, sname);
+    }
+
+    public PrincipalName getSname() {
+        return getFieldAs(SNAME, PrincipalName.class);
+    }
+
+    public void setSname(PrincipalName sname) {
+        setFieldAs(SNAME, sname);
+    }
+
+    public String getRealm() {
+        return getFieldAsString(REALM);
+    }
+
+    public void setRealm(String realm) {
+        setFieldAs(REALM, new KerberosString(realm));
+    }
+
+    public String getEtext() {
+        return getFieldAsString(ETEXT);
+    }
+
+    public void setEtext(String realm) {
+        setFieldAs(ETEXT, new KerberosString(realm));
+    }
+
+    public byte[] getEdata() {
+        return getFieldAsOctetBytes(EDATA);
+    }
+
+    public void setEdata(byte[] edata) {
+        setFieldAsOctetBytes(EDATA, edata);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbFlags.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbFlags.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbFlags.java
new file mode 100644
index 0000000..7db96f2
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbFlags.java
@@ -0,0 +1,118 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1BitString;
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+import java.io.IOException;
+
+/**
+ KrbFlags   ::= BIT STRING (SIZE (32..MAX))
+ -- minimum number of bits shall be sent,
+ -- but no fewer than 32
+ */
+public class KrbFlags extends Asn1BitString {
+    private static final int MAX_SIZE = 32;
+    private int flags;
+
+    public KrbFlags() {
+        this(0);
+    }
+
+    public KrbFlags(int value) {
+        super();
+        setFlags(value);
+    }
+
+    public void setFlags(int flags) {
+        this.flags = flags;
+        flags2Value();
+    }
+
+    public int getFlags() {
+        return flags;
+    }
+
+    public boolean isFlagSet(int flag) {
+        return (flags & (1 << flagPos(flag))) != 0;
+    }
+
+    public void setFlag(int flag)  {
+        int newFlags = flags | 1 << flagPos(flag);
+        setFlags(newFlags);
+    }
+
+    public void clearFlag(int flag) {
+        int newFlags = flags & ~(1 << flagPos(flag));
+        setFlags(newFlags);
+    }
+
+    public void clear() {
+        setFlags(0);
+    }
+
+    public boolean isFlagSet(KrbEnum flag) {
+        return isFlagSet(flag.getValue());
+    }
+
+    public void setFlag(KrbEnum flag)  {
+        setFlag(flag.getValue());
+    }
+
+    public void setFlag(KrbEnum flag, boolean isSet)  {
+        if (isSet) {
+            setFlag(flag.getValue());
+        } else {
+            clearFlag(flag);
+        }
+    }
+
+    public void clearFlag(KrbEnum flag) {
+        clearFlag(flag.getValue());
+    }
+
+    private int flagPos(int flag)  {
+        return MAX_SIZE - 1 - flag;
+    }
+
+    private void flags2Value() {
+        byte[] bytes = new byte[4];
+        bytes[0] = (byte) (flags >> 24);
+        bytes[1] = (byte) ((flags >> 16) & 0xFF);
+        bytes[2] = (byte) ((flags >> 8) & 0xFF);
+        bytes[3] = (byte) (flags & 0xFF);
+
+        setValue(bytes);
+    }
+
+    @Override
+    protected void toValue() throws IOException {
+        super.toValue();
+
+        if (getPadding() != 0 || getValue().length != 4) {
+            throw new IOException("Bad bitstring decoded as invalid krb flags");
+        }
+
+        byte[] valueBytes = getValue();
+        flags = ((valueBytes[0] & 0xFF) << 24) | ((valueBytes[1] & 0xFF) << 16) |
+                ((valueBytes[2] & 0xFF) << 8) | (0xFF & valueBytes[3]);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessage.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessage.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessage.java
new file mode 100644
index 0000000..7cc6023
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessage.java
@@ -0,0 +1,54 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.kerberos.kerb.KrbConstant;
+import org.apache.kerby.kerberos.kerb.spec.KrbAppSequenceType;
+
+public abstract class KrbMessage extends KrbAppSequenceType {
+    protected static int PVNO = 0;
+    protected static int MSG_TYPE = 1;
+
+    private final int pvno = KrbConstant.KRB_V5;
+
+    public KrbMessage(KrbMessageType msgType, Asn1FieldInfo[] fieldInfos) {
+        super(msgType.getValue(), fieldInfos);
+        setPvno(pvno);
+        setMsgType(msgType);
+    }
+
+    public int getPvno() {
+        return pvno;
+    }
+
+    protected void setPvno(int pvno) {
+        setFieldAsInt(0, pvno);
+    }
+
+    public KrbMessageType getMsgType() {
+        Integer value = getFieldAsInteger(MSG_TYPE);
+        return KrbMessageType.fromValue(value);
+    }
+
+    public void setMsgType(KrbMessageType msgType) {
+        setFieldAsInt(MSG_TYPE, msgType.getValue());
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessageType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessageType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessageType.java
new file mode 100644
index 0000000..5f99266
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbMessageType.java
@@ -0,0 +1,59 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum KrbMessageType implements KrbEnum {
+    NONE(-1),
+    AS_REQ(10),
+    AS_REP(11),
+    TGS_REQ(12),
+    TGS_REP(13),
+    AP_REQ(14),
+    AP_REP(15),
+    KRB_SAFE(20),
+    KRB_PRIV(21),
+    KRB_CRED(22),
+    KRB_ERROR(30);
+
+    private int value;
+
+    private KrbMessageType(int value) {
+        this.value = value;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public static KrbMessageType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value.intValue()) {
+                    return (KrbMessageType) e;
+                }
+            }
+        }
+
+        return NONE;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
new file mode 100644
index 0000000..4f189b5
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
@@ -0,0 +1,147 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.KrbRuntime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+/**
+ KRB-TOKEN_VALUE ::= SEQUENCE {
+    token-format [0] INTEGER,
+    token-value  [1] OCTET STRING,
+ }
+ */
+public class KrbToken extends KrbSequenceType implements AuthToken {
+    private static TokenEncoder tokenEncoder;
+
+    private static int TOKEN_FORMAT = 0;
+    private static int TOKEN_VALUE = 1;
+
+    private AuthToken innerToken = null;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(TOKEN_FORMAT, 0, Asn1Integer.class),
+            new Asn1FieldInfo(TOKEN_VALUE, 1, Asn1OctetString.class)
+    };
+
+    public KrbToken() {
+        super(fieldInfos);
+    }
+
+    @Override
+    public void encode(ByteBuffer buffer) {
+        setTokenValue(getTokenEncoder().encode(this));
+        super.encode(buffer);
+    }
+
+    @Override
+    public void decode(ByteBuffer content) throws IOException {
+        super.decode(content);
+        this.innerToken = getTokenEncoder().decode(getTokenValue());
+    }
+
+    private static TokenEncoder getTokenEncoder() {
+        if (tokenEncoder == null) {
+            tokenEncoder = KrbRuntime.getTokenProvider().createTokenEncoder();
+        }
+        return tokenEncoder;
+    }
+
+    public TokenFormat getTokenFormat() {
+        Integer value = getFieldAsInteger(TOKEN_FORMAT);
+        return TokenFormat.fromValue(value);
+    }
+
+    public void setTokenFormat(TokenFormat tokenFormat) {
+        setFieldAsInt(TOKEN_FORMAT, tokenFormat.getValue());
+    }
+
+    public byte[] getTokenValue() {
+        return getFieldAsOctets(TOKEN_VALUE);
+    }
+
+    public void setTokenValue(byte[] tokenValue) {
+        setFieldAsOctets(TOKEN_VALUE, tokenValue);
+    }
+
+    @Override
+    public String getSubject() {
+        return innerToken.getSubject();
+    }
+
+    @Override
+    public String getIssuer() {
+        return innerToken.getIssuer();
+    }
+
+    @Override
+    public List<String> getAudiences() {
+        return innerToken.getAudiences();
+    }
+
+    @Override
+    public boolean isIdToken() {
+        return innerToken.isIdToken();
+    }
+
+    @Override
+    public boolean isAcToken() {
+        return innerToken.isAcToken();
+    }
+
+    @Override
+    public boolean isBearerToken() {
+        return innerToken.isBearerToken();
+    }
+
+    @Override
+    public boolean isHolderOfKeyToken() {
+        return innerToken.isHolderOfKeyToken();
+    }
+
+    @Override
+    public Date getExpiredTime() {
+        return innerToken.getExpiredTime();
+    }
+
+    @Override
+    public Date getNotBeforeTime() {
+        return innerToken.getNotBeforeTime();
+    }
+
+    @Override
+    public Date getIssuedAtTime() {
+        return innerToken.getIssuedAtTime();
+    }
+
+    @Override
+    public Map<String, String> getAttributes() {
+        return innerToken.getAttributes();
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReq.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReq.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReq.java
new file mode 100644
index 0000000..83f3b13
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReq.java
@@ -0,0 +1,32 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+
+/**
+ LastReq         ::=     SEQUENCE OF SEQUENCE {
+ lr-type         [0] Int32,
+ lr-value        [1] KerberosTime
+ }
+ */
+public class LastReq extends KrbSequenceOfType<LastReqEntry> {
+
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqEntry.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqEntry.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqEntry.java
new file mode 100644
index 0000000..8e9da3d
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqEntry.java
@@ -0,0 +1,62 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+/**
+ LastReq         ::=     SEQUENCE OF SEQUENCE {
+ lr-type         [0] Int32,
+ lr-value        [1] KerberosTime
+ }
+ */
+public class LastReqEntry extends KrbSequenceType {
+    private static int LR_TYPE = 0;
+    private static int LR_VALUE = 1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(LR_TYPE, 0, Asn1Integer.class),
+            new Asn1FieldInfo(LR_VALUE, 1, KerberosTime.class)
+    };
+
+    public LastReqEntry() {
+        super(fieldInfos);
+    }
+
+    public LastReqType getLrType() {
+        Integer value = getFieldAsInteger(LR_TYPE);
+        return LastReqType.fromValue(value);
+    }
+
+    public void setLrType(LastReqType lrType) {
+        setFieldAsInt(LR_TYPE, lrType.getValue());
+    }
+
+    public KerberosTime getLrValue() {
+        return getFieldAs(LR_VALUE, KerberosTime.class);
+    }
+
+    public void setLrValue(KerberosTime lrValue) {
+        setFieldAs(LR_VALUE, lrValue);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqType.java
new file mode 100644
index 0000000..ee9a7fe
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/LastReqType.java
@@ -0,0 +1,62 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum LastReqType implements KrbEnum {
+    NONE(0),
+    ALL_LAST_TGT(1),
+    THE_LAST_TGT(-1),
+    ALL_LAST_INITIAL(2),
+    THE_LAST_INITIAL(-2),
+    ALL_LAST_TGT_ISSUED(3),
+    THE_LAST_TGT_ISSUED(-3),
+    ALL_LAST_RENEWAL(4),
+    THE_LAST_RENEWAL(-4),
+    ALL_LAST_REQ(5),
+    THE_LAST_REQ(-5),
+    ALL_PW_EXPTIME(6),
+    THE_PW_EXPTIME(-6),
+    ALL_ACCT_EXPTIME(7),
+    THE_ACCT_EXPTIME(-7);
+
+    private int value;
+
+    private LastReqType(int value) {
+        this.value = value;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public static LastReqType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value) {
+                    return (LastReqType) e;
+                }
+            }
+        }
+        return NONE;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/MethodData.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/MethodData.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/MethodData.java
new file mode 100644
index 0000000..9dcb207
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/MethodData.java
@@ -0,0 +1,30 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceOfType;
+import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
+
+/**
+ METHOD-DATA     ::= SEQUENCE OF PA-DATA
+ */
+public class MethodData extends KrbSequenceOfType<PaDataEntry> {
+
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/NameType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/NameType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/NameType.java
new file mode 100644
index 0000000..9672883
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/NameType.java
@@ -0,0 +1,54 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum NameType implements KrbEnum {
+    NT_UNKNOWN(0),
+    NT_PRINCIPAL(1),
+    NT_SRV_INST(2),
+    NT_SRV_HST(3),
+    NT_SRV_XHST(4),
+    NT_UID(5);
+    
+    private int value;
+
+    private NameType(int value) {
+        this.value = value;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public static NameType fromValue(Integer value) {
+        if (value != null) {
+            for (KrbEnum e : values()) {
+                if (e.getValue() == value.intValue()) {
+                    return (NameType) e;
+                }
+            }
+        }
+
+        return NT_UNKNOWN;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/PrincipalName.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/PrincipalName.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/PrincipalName.java
new file mode 100644
index 0000000..60dffdc
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/PrincipalName.java
@@ -0,0 +1,199 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.kerberos.kerb.spec.KerberosStrings;
+import org.apache.kerby.kerberos.kerb.spec.KrbSequenceType;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ PrincipalName   ::= SEQUENCE {
+ name-type       [0] Int32,
+ name-string     [1] SEQUENCE OF KerberosString
+ }
+ */
+public class PrincipalName extends KrbSequenceType {
+    private String realm;
+
+    private static int NAME_TYPE = 0;
+    private static int NAME_STRING = 1;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(NAME_TYPE, Asn1Integer.class),
+            new Asn1FieldInfo(NAME_STRING, KerberosStrings.class)
+    };
+
+    public PrincipalName() {
+        super(fieldInfos);
+    }
+
+    public PrincipalName(String nameString) {
+        this();
+        setNameType(NameType.NT_PRINCIPAL);
+        fromNameString(nameString);
+    }
+
+    public PrincipalName(List<String> nameStrings, NameType type) {
+        this();
+        setNameStrings(nameStrings);
+        setNameType(type);
+    }
+
+    public NameType getNameType() {
+        Integer value = getFieldAsInteger(NAME_TYPE);
+        return NameType.fromValue(value);
+    }
+
+    public void setNameType(NameType nameType) {
+        setFieldAsInt(NAME_TYPE, nameType.getValue());
+    }
+
+    public List<String> getNameStrings() {
+        KerberosStrings krbStrings = getFieldAs(NAME_STRING, KerberosStrings.class);
+        if (krbStrings != null) {
+            return krbStrings.getAsStrings();
+        }
+        return Collections.emptyList();
+    }
+
+    public void setNameStrings(List<String> nameStrings) {
+        setFieldAs(NAME_STRING, new KerberosStrings(nameStrings));
+    }
+
+    public void setRealm(String realm) {
+        this.realm = realm;
+    }
+
+    public String getRealm() {
+        return this.realm;
+    }
+
+    public String getName() {
+        return makeSingleName();
+    }
+
+    private String makeSingleName() {
+        List<String> names = getNameStrings();
+        StringBuilder sb = new StringBuilder();
+        boolean isFirst = true;
+        for (String name : names) {
+            sb.append(name);
+            if (isFirst && names.size() > 1) {
+                sb.append('/');
+            }
+            isFirst = false;
+        }
+
+        String realm = getRealm();
+        if (realm != null && !realm.isEmpty()) {
+            sb.append('@');
+            sb.append(realm);
+        }
+
+        return sb.toString();
+    }
+
+    @Override
+    public String toString() {
+        return getName();
+    }
+
+    @Override
+    public int hashCode() {
+        return getName().hashCode();
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (other == null) {
+            return false;
+        } else if (this == other) {
+            return true;
+        } else if (other instanceof String) {
+            String otherPrincipal = (String) other;
+            String thisPrincipal = getName();
+            return thisPrincipal.equals(otherPrincipal);
+        } else if (! (other instanceof PrincipalName)) {
+            return false;
+        }
+
+        PrincipalName otherPrincipal = (PrincipalName) other;
+        if (getNameType() != ((PrincipalName) other).getNameType()) {
+            return false;
+        }
+
+        return getName().equals(otherPrincipal.getName());
+    }
+
+    private void fromNameString(String nameString) {
+        String tmpRealm = null;
+        List<String> nameStrings;
+        int pos = nameString.indexOf('@');
+        String nameParts = nameString;
+        if (pos != -1) {
+            nameParts = nameString.substring(0, pos);
+            tmpRealm = nameString.substring(pos + 1);
+        }
+        String parts[] = nameParts.split("\\/");
+        nameStrings = Arrays.asList(parts);
+
+        setNameStrings(nameStrings);
+        setRealm(tmpRealm);
+    }
+
+    public static String extractRealm(String principal) {
+        int pos = principal.indexOf('@');
+
+        if (pos > 0) {
+            return principal.substring(pos + 1);
+        }
+
+        throw new IllegalArgumentException("Not a valid principal, missing realm name");
+    }
+
+
+    public static String extractName(String principal) {
+        int pos = principal.indexOf('@');
+
+        if (pos < 0) {
+            return principal;
+        }
+
+        return principal.substring(0, pos);
+    }
+
+    public static String makeSalt(PrincipalName principalName) {
+        StringBuilder salt = new StringBuilder();
+        if (principalName.getRealm() != null) {
+            salt.append(principalName.getRealm().toString());
+        }
+        List<String> nameStrings = principalName.getNameStrings();
+        for (String ns : nameStrings) {
+            salt.append(ns);
+        }
+        return salt.toString();
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/Realm.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/Realm.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/Realm.java
new file mode 100644
index 0000000..08e7361
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/Realm.java
@@ -0,0 +1,34 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KerberosString;
+
+/**
+ * Realm           ::= KerberosString
+ */
+public class Realm extends KerberosString {
+    public Realm() {
+    }
+
+    public Realm(String value) {
+        super(value);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/92005c8a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/SamType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/SamType.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/SamType.java
new file mode 100644
index 0000000..c37dd63
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/SamType.java
@@ -0,0 +1,66 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.spec.base;
+
+import org.apache.kerby.kerberos.kerb.spec.KrbEnum;
+
+public enum SamType implements KrbEnum
+{
+    SAM_NONE(0),
+    /** safe SAM type enum for Enigma Logic */
+    SAM_TYPE_ENIGMA(1), // Enigma Logic"
+
+    /** safe SAM type enum for Digital Pathways */
+    SAM_TYPE_DIGI_PATH(2), // Digital Pathways
+
+    /** safe SAM type enum for S/key where KDC has key 0 */
+    SAM_TYPE_SKEY_K0(3), // S/key where KDC has key 0
+
+    /** safe SAM type enum for Traditional S/Key */
+    SAM_TYPE_SKEY(4), // Traditional S/Key
+
+    /** safe SAM type enum for Security Dynamics */
+    SAM_TYPE_SECURID(5), // Security Dynamics
+
+    /** safe SAM type enum for CRYPTOCard */
+    SAM_TYPE_CRYPTOCARD(6); // CRYPTOCard
+
+    private int value;
+
+    private SamType(int value) {
+        this.value = value;
+    }
+
+    @Override
+    public int getValue() {
+        return value;
+    }
+
+    public static SamType fromValue(Integer value) {
+        if (value != null) {
+            for (SamType st : SamType.values() ) {
+                if (value == st.getValue()) {
+                    return st;
+                }
+            }
+        }
+        return SAM_NONE;
+    }
+}


Mime
View raw message