Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CB7DC187D6 for ; Sat, 26 Dec 2015 20:34:56 +0000 (UTC) Received: (qmail 89553 invoked by uid 500); 26 Dec 2015 20:34:56 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 89426 invoked by uid 500); 26 Dec 2015 20:34:56 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 89392 invoked by uid 99); 26 Dec 2015 20:34:56 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 26 Dec 2015 20:34:56 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 73445DFC8E; Sat, 26 Dec 2015 20:34:56 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: drankye@apache.org To: commits@directory.apache.org Date: Sat, 26 Dec 2015 20:34:57 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [2/2] directory-kerby git commit: PKINIT. Simpilified some codes around object identifier PKINIT. Simpilified some codes around object identifier Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/15bb462e Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/15bb462e Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/15bb462e Branch: refs/heads/master Commit: 15bb462ee131a43b7121fd1c42f51a4b44e5a8bf Parents: 5ad7d3e Author: Kai Zheng Authored: Sun Dec 27 04:34:41 2015 +0800 Committer: Kai Zheng Committed: Sun Dec 27 04:34:41 2015 +0800 ---------------------------------------------------------------------- .../kerb/client/preauth/pkinit/PkinitPreauth.java | 6 +++--- .../kerberos/kerb/preauth/pkinit/PkinitCrypto.java | 14 +++++++------- .../kerberos/kerb/preauth/pkinit/PluginOpts.java | 2 +- .../kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java | 8 ++++---- .../kerb/codec/TestPkinitAnonymousAsReqCodec.java | 15 ++++++++------- .../kerb/server/preauth/pkinit/PkinitPreauth.java | 6 +++--- .../apache/kerby/x509/type/AlgorithmIdentifier.java | 8 ++++---- .../java/org/apache/kerby/x509/type/DHParameter.java | 8 ++++---- 8 files changed, 34 insertions(+), 33 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java index d178d03..26b7203 100644 --- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java +++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java @@ -50,7 +50,7 @@ import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PaPkAsReq; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PkAuthenticator; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.TrustedCertifiers; import org.apache.kerby.x509.type.AlgorithmIdentifier; -import org.apache.kerby.x509.type.DHParameter; +import org.apache.kerby.x509.type.DhParameter; import org.apache.kerby.x509.type.SubjectPublicKeyInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -241,7 +241,7 @@ public class PkinitPreauth extends AbstractPreauthPlugin { String content = "0x06 07 2A 86 48 ce 3e 02 01"; Asn1ObjectIdentifier dhOid = PkinitCrypto.createOid(content); AlgorithmIdentifier dhAlg = new AlgorithmIdentifier(); - dhAlg.setAlgorithm(dhOid); + dhAlg.setAlgorithm(dhOid.getValue()); DhClient client = new DhClient(); @@ -256,7 +256,7 @@ public class PkinitPreauth extends AbstractPreauthPlugin { DHParameterSpec type = clientPubKey.getParams(); BigInteger q = type.getP().shiftRight(1); - DHParameter dhParameter = new DHParameter(); + DhParameter dhParameter = new DhParameter(); dhParameter.setP(type.getP()); dhParameter.setG(type.getG()); dhParameter.setQ(q); http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java index 389f29c..ac082fa 100644 --- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java +++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PkinitCrypto.java @@ -31,7 +31,7 @@ import org.apache.kerby.kerberos.kerb.KrbErrorCode; import org.apache.kerby.kerberos.kerb.KrbException; import org.apache.kerby.kerberos.kerb.type.base.PrincipalName; import org.apache.kerby.x509.type.Certificate; -import org.apache.kerby.x509.type.DHParameter; +import org.apache.kerby.x509.type.DhParameter; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -117,10 +117,10 @@ public class PkinitCrypto { * KDC check the key parameter * @param pluginOpts The PluginOpts * @param cryptoctx The PkinitPlgCryptoContext - * @param dhParameter The DHParameter + * @param dhParameter The DhParameter */ public static void serverCheckDH(PluginOpts pluginOpts, PkinitPlgCryptoContext cryptoctx, - DHParameter dhParameter) throws KrbException { + DhParameter dhParameter) throws KrbException { /* KDC SHOULD check to see if the key parameters satisfy its policy */ int dhPrimeBits = dhParameter.getP().bitLength(); if (dhPrimeBits < pluginOpts.dhMinBits) { @@ -135,12 +135,12 @@ public class PkinitCrypto { /** * Check DH wellknown * @param cryptoctx The PkinitPlgCryptoContext - * @param dhParameter The DHParameter + * @param dhParameter The DhParameter * @param dhPrimeBits The dh prime bits * @return boolean */ public static boolean checkDHWellknown(PkinitPlgCryptoContext cryptoctx, - DHParameter dhParameter, int dhPrimeBits) throws KrbException { + DhParameter dhParameter, int dhPrimeBits) throws KrbException { boolean valid = false; switch (dhPrimeBits) { case 1024: @@ -161,9 +161,9 @@ public class PkinitCrypto { * Check parameters against a well-known DH group * * @param dh1 The DHParameterSpec - * @param dh2 The DHParameter + * @param dh2 The DhParameter */ - public static boolean pkinitCheckDhParams(DHParameterSpec dh1, DHParameter dh2) { + public static boolean pkinitCheckDhParams(DHParameterSpec dh1, DhParameter dh2) { if (!dh1.getP().equals(dh2.getP())) { LOG.error("p is not well-known group dhparameter"); http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java index dcb55bd..c347a5b 100644 --- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java +++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/preauth/pkinit/PluginOpts.java @@ -49,7 +49,7 @@ public class PluginOpts { /* krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" };*/ String content = "0x06 08 2A 86 48 86 F7 0D 03 07"; Asn1ObjectIdentifier des3Oid = PkinitCrypto.createOid(content); - des3Alg.setAlgorithm(des3Oid); + des3Alg.setAlgorithm(des3Oid.getValue()); cmsAlgorithms.add(des3Alg); http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java index 176382f..4dd44ee 100644 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java +++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/KDFAlgorithmId.java @@ -54,11 +54,11 @@ public class KdfAlgorithmId extends KrbSequenceType { super(fieldInfos); } - public Asn1ObjectIdentifier getKdfId() { - return getFieldAs(KdfAlgorithmIdField.KDF_ID, Asn1ObjectIdentifier.class); + public String getKdfId() { + return getFieldAsObjId(KdfAlgorithmIdField.KDF_ID); } - public void setKdfId(Asn1ObjectIdentifier kdfId) { - setFieldAs(KdfAlgorithmIdField.KDF_ID, kdfId); + public void setKdfId(String kdfId) { + setFieldAsObjId(KdfAlgorithmIdField.KDF_ID, kdfId); } } http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java index f5a2de8..1b9a80b 100644 --- a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java +++ b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java @@ -34,7 +34,7 @@ import org.apache.kerby.kerberos.kerb.type.pa.PaDataEntry; import org.apache.kerby.kerberos.kerb.type.pa.PaDataType; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.AuthPack; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PaPkAsReq; -import org.apache.kerby.x509.type.DHParameter; +import org.apache.kerby.x509.type.DhParameter; import org.apache.kerby.x509.type.SubjectPublicKeyInfo; import org.junit.Test; @@ -130,21 +130,22 @@ public class TestPkinitAnonymousAsReqCodec { Asn1.parseAndDump(signedData.getEncapContentInfo().getContent()); authPack.decode(signedData.getEncapContentInfo().getContent()); assertThat(authPack.getsupportedCmsTypes().getElements().size()).isEqualTo(1); - assertThat(authPack.getsupportedCmsTypes().getElements().get(0).getAlgorithm().getValue()) + assertThat(authPack.getsupportedCmsTypes().getElements().get(0).getAlgorithm()) .isEqualTo("1.2.840.113549.3.7"); SubjectPublicKeyInfo subjectPublicKeyInfo = authPack.getClientPublicValue(); - assertThat(subjectPublicKeyInfo.getAlgorithm().getAlgorithm().getValue()) + assertThat(subjectPublicKeyInfo.getAlgorithm().getAlgorithm()) .isEqualTo("1.2.840.10046.2.1"); - DHParameter dhParameter = subjectPublicKeyInfo.getAlgorithm().getParametersAs(DHParameter.class); + DhParameter dhParameter = + subjectPublicKeyInfo.getAlgorithm().getParametersAs(DhParameter.class); assertThat(dhParameter.getG()).isEqualTo(BigInteger.valueOf(2)); assertThat(authPack.getsupportedKDFs().getElements().size()).isEqualTo(3); - assertThat(authPack.getsupportedKDFs().getElements().get(0).getKdfId().getValue()) + assertThat(authPack.getsupportedKDFs().getElements().get(0).getKdfId()) .isEqualTo("1.3.6.1.5.2.3.6.2"); - assertThat(authPack.getsupportedKDFs().getElements().get(1).getKdfId().getValue()) + assertThat(authPack.getsupportedKDFs().getElements().get(1).getKdfId()) .isEqualTo("1.3.6.1.5.2.3.6.1"); - assertThat(authPack.getsupportedKDFs().getElements().get(2).getKdfId().getValue()) + assertThat(authPack.getsupportedKDFs().getElements().get(2).getKdfId()) .isEqualTo("1.3.6.1.5.2.3.6.3"); } } http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java index ac512ac..a34ac42 100644 --- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java +++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/pkinit/PkinitPreauth.java @@ -57,7 +57,7 @@ import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PaPkAsRep; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PaPkAsReq; import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PkAuthenticator; import org.apache.kerby.x509.type.Certificate; -import org.apache.kerby.x509.type.DHParameter; +import org.apache.kerby.x509.type.DhParameter; import org.apache.kerby.x509.type.SubjectPublicKeyInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -212,9 +212,9 @@ public class PkinitPreauth extends AbstractPreauthPlugin { SubjectPublicKeyInfo publicKeyInfo = authPack.getClientPublicValue(); - DHParameter dhParameter; + DhParameter dhParameter; if (publicKeyInfo.getSubjectPubKey() != null) { - dhParameter = authPack.getClientPublicValue().getAlgorithm().getParametersAs(DHParameter.class); + dhParameter = authPack.getClientPublicValue().getAlgorithm().getParametersAs(DhParameter.class); PkinitCrypto.serverCheckDH(pkinitContext.pluginOpts, pkinitContext.cryptoctx, dhParameter); byte[] clientSubjectPubKey = publicKeyInfo.getSubjectPubKey().getValue(); http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AlgorithmIdentifier.java ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AlgorithmIdentifier.java b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AlgorithmIdentifier.java index 913768a..97623a2 100644 --- a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AlgorithmIdentifier.java +++ b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AlgorithmIdentifier.java @@ -60,12 +60,12 @@ public class AlgorithmIdentifier extends Asn1SequenceType { super(fieldInfos); } - public Asn1ObjectIdentifier getAlgorithm() { - return getFieldAs(ALGORITHM, Asn1ObjectIdentifier.class); + public String getAlgorithm() { + return getFieldAsObjId(ALGORITHM); } - public void setAlgorithm(Asn1ObjectIdentifier algorithm) { - setFieldAs(ALGORITHM, algorithm); + public void setAlgorithm(String algorithm) { + setFieldAsObjId(ALGORITHM, algorithm); } public T getParametersAs(Class t) { http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/15bb462e/kerby-pkix/src/main/java/org/apache/kerby/x509/type/DHParameter.java ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/DHParameter.java b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/DHParameter.java index 551c0c3..af319ce 100644 --- a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/DHParameter.java +++ b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/DHParameter.java @@ -7,10 +7,10 @@ import org.apache.kerby.asn1.type.Asn1SequenceType; import java.math.BigInteger; -import static org.apache.kerby.x509.type.DHParameter.MyEnum.*; +import static org.apache.kerby.x509.type.DhParameter.MyEnum.*; -public class DHParameter extends Asn1SequenceType { - protected static enum MyEnum implements EnumType { +public class DhParameter extends Asn1SequenceType { + protected enum MyEnum implements EnumType { P, G, Q; @@ -32,7 +32,7 @@ public class DHParameter extends Asn1SequenceType { new Asn1FieldInfo(Q, Asn1Integer.class), }; - public DHParameter() { + public DhParameter() { super(fieldInfos); }