harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ndbe...@apache.org
Subject svn commit: r451520 - /incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/
Date Sat, 30 Sep 2006 02:18:11 GMT
Author: ndbeyer
Date: Fri Sep 29 19:18:11 2006
New Revision: 451520

URL: http://svn.apache.org/viewvc?view=rev&rev=451520
Log:
Code cleanup -
* Pull classes into their own files (KeyImpl.java, KrbDelegationPermissionCollection.java, KrbServicePermissionCollection.java)
* Add missing annotations
* Generification
* Add if/else braces

Added:
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java   (with props)
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java   (with props)
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java   (with props)
Modified:
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/DelegationPermission.java
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosKey.java
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosPrincipal.java
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosTicket.java
    incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/ServicePermission.java

Modified: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/DelegationPermission.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/DelegationPermission.java?view=diff&rev=451520&r1=451519&r2=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/DelegationPermission.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/DelegationPermission.java Fri Sep 29 19:18:11 2006
@@ -15,37 +15,20 @@
  *  limitations under the License.
  */
 
-/**
-* @author Maxim V. Makarov
-* @version $Revision$
-*/
-
 package javax.security.auth.kerberos;
 
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
-import java.io.ObjectStreamField;
 import java.io.Serializable;
 import java.security.BasicPermission;
 import java.security.Permission;
 import java.security.PermissionCollection;
-import java.util.Enumeration;
-import java.util.NoSuchElementException;
-import java.util.Vector;
 
 import org.apache.harmony.auth.internal.nls.Messages;
 
-/**
- * @com.intel.drl.spec_ref
- */
-
-public final class DelegationPermission extends BasicPermission implements
-        Serializable {
-
-    /**
-     * @com.intel.drl.spec_ref
-     */
+public final class DelegationPermission extends BasicPermission implements Serializable {
+
     private static final long serialVersionUID = 883133252142523922L;
 
     // initialization of a target name
@@ -56,41 +39,29 @@
         int length = trName.length();
         // length MUST be at least 7 characters
         if (length < 7) {
-            throw new IllegalArgumentException(
-                    Messages.getString("auth.20")); //$NON-NLS-1$
+            throw new IllegalArgumentException(Messages.getString("auth.20")); //$NON-NLS-1$
 
         }
 
         int index = name.indexOf('"', 2);
 
-        if (trName.charAt(0) != '"' || index == -1
-                || (index + 6) > trName.length()
-                || trName.charAt(index + 1) != ' '
-                || trName.charAt(index + 2) != '"'
+        if (trName.charAt(0) != '"' || index == -1 || (index + 6) > trName.length()
+                || trName.charAt(index + 1) != ' ' || trName.charAt(index + 2) != '"'
                 || trName.charAt(trName.length() - 1) != '"') {
-            throw new IllegalArgumentException(
-                    Messages.getString("auth.20")); //$NON-NLS-1$
+            throw new IllegalArgumentException(Messages.getString("auth.20")); //$NON-NLS-1$
         }
         return trName;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public DelegationPermission(String principals) {
         super(init(principals));
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public DelegationPermission(String principals, String action) {
         super(init(principals), action);
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public boolean equals(Object obj) {
         if (obj == this) {
             return true;
@@ -103,152 +74,27 @@
         return this.getName().equals(((DelegationPermission) obj).getName());
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public boolean implies(Permission permission) {
         return equals(permission);
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public int hashCode() {
         return getName().hashCode();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public PermissionCollection newPermissionCollection() {
         return new KrbDelegationPermissionCollection();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
-    private void writeObject(ObjectOutputStream s) throws IOException,
-            ClassNotFoundException {
+    private void writeObject(ObjectOutputStream s) throws IOException, ClassNotFoundException {
         s.defaultWriteObject();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
-    private void readObject(ObjectInputStream s) throws IOException,
-            ClassNotFoundException {
+    private void readObject(ObjectInputStream s) throws IOException, ClassNotFoundException {
         s.defaultReadObject();
         init(getName());
     }
-
 }
-
-/**
- * Specific PermissionCollection for storing DelegationPermissions
- * 
- */
-
-class KrbDelegationPermissionCollection extends PermissionCollection implements
-        Serializable {
-
-    private static final long serialVersionUID = -3383936936589966948L;
-
-    private transient DelegationPermission[] items = new DelegationPermission[10];
-
-    private transient int offset;
-
-    private static final ObjectStreamField[] serialPersistentFields = { new ObjectStreamField(
-            "permissions", Vector.class) }; //$NON-NLS-1$
-
-    //initialization of a collection
-    KrbDelegationPermissionCollection() {
-    }
-
-    /**
-     * Adds a ServicePermission to the collection.
-     */
-    public void add(Permission permission) {
-
-        if (isReadOnly()) {
-            throw new SecurityException(Messages.getString("auth.21")); //$NON-NLS-1$
-        }
-
-        if (permission == null || !(permission instanceof DelegationPermission)) {
-            throw new IllegalArgumentException(Messages.getString("auth.22", permission)); //$NON-NLS-1$
-        }
-        synchronized (this) {
-            if (offset == items.length) {
-                DelegationPermission[] dp = new DelegationPermission[items.length * 2];
-                System.arraycopy(items, 0, dp, 0, offset);
-                items = dp;
-            }
-            items[offset++] = (DelegationPermission) permission;
-        }
-    }
-
-    /**
-     * Returns enumeration of the collection.
-     */
-    public Enumeration elements() {
-        return new Enumeration() {
-            private int index = 0;
-
-            public boolean hasMoreElements() {
-                return index < offset;
-            }
-
-            public Object nextElement() {
-                if (index == offset) {
-                    throw new NoSuchElementException();
-                }
-                return items[index++];
-            }
-        };
-    }
-
-    /**
-     * Returns true if this collection implies the specified permission. 
-     */
-    public boolean implies(Permission permission) {
-        if (permission == null || !(permission instanceof DelegationPermission)) {
-            return false;
-        }
-
-        synchronized (this) {
-            for (int i = 0; i < offset; i++) {
-                if (items[i].implies(permission)) {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
-    // white a collection to stream
-    private void writeObject(java.io.ObjectOutputStream out) throws IOException {
-        Vector permissions;
-        synchronized (this) {
-            permissions = new Vector(offset);
-            for (int i = 0; i < offset; permissions.add(items[i++])) {
-            }
-        }
-        ObjectOutputStream.PutField fields = out.putFields();
-        fields.put("permissions", permissions); //$NON-NLS-1$
-        out.writeFields();
-    }
-
-    // read a collection from stream
-    private void readObject(java.io.ObjectInputStream in) throws IOException,
-            ClassNotFoundException {
-        ObjectInputStream.GetField fields = in.readFields();
-        Vector permissions = (Vector) fields.get("permissions", null); //$NON-NLS-1$
-        items = new DelegationPermission[permissions.size() * 2];
-        for (offset = 0; offset < items.length / 2;) {
-            Object obj = permissions.get(offset);
-            if (obj == null || !(obj instanceof DelegationPermission)) {
-                throw new IllegalArgumentException(Messages.getString("auth.22", obj)); //$NON-NLS-1$
-            }
-            items[offset++] = (DelegationPermission) obj;
-        }
-    }
-}
\ No newline at end of file

Modified: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosKey.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosKey.java?view=diff&rev=451520&r1=451519&r2=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosKey.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosKey.java Fri Sep 29 19:18:11 2006
@@ -15,57 +15,35 @@
  *  limitations under the License.
  */
 
-/**
-* @author Maxim V. Makarov
-* @version $Revision$
-*/
-
 package javax.security.auth.kerberos;
 
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.Serializable;
-import java.util.Arrays;
-
-import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
 import javax.security.auth.DestroyFailedException;
 import javax.security.auth.Destroyable;
 
 import org.apache.harmony.auth.internal.nls.Messages;
-import org.apache.harmony.security.utils.Array;
 
 /**
- * @com.intel.drl.spec_ref
- * 
  * @see http://www.ietf.org/rfc/rfc3961.txt
  */
 public class KerberosKey implements SecretKey, Destroyable {
 
     private static final long serialVersionUID = -4625402278148246993L;
-    
+
     //principal    
     private KerberosPrincipal principal;
 
     //key version number
     private int versionNum;
-    
-    //raw bytes for the sicret key
+
+    //raw bytes for the secret key
     private KeyImpl key;
-    
+
     // indicates the ticket state
     private transient boolean destroyed;
-    
-    
-    
-    /**
-     * @com.intel.drl.spec_ref
-     */
-    public KerberosKey(KerberosPrincipal principal, byte[] keyBytes,
-                       int keyType, int versionNumber) {
+
+    public KerberosKey(KerberosPrincipal principal, byte[] keyBytes, int keyType,
+            int versionNumber) {
 
         if (keyBytes == null) {
             throw new NullPointerException(Messages.getString("auth.47")); //$NON-NLS-1$
@@ -73,68 +51,44 @@
 
         this.principal = principal;
         this.versionNum = versionNumber;
-        
+
         this.key = new KeyImpl(keyBytes, keyType);
-        
+
     }
-    
-    /**
-     * @com.intel.drl.spec_ref
-     */
-    public KerberosKey(KerberosPrincipal principal, char[] password,
-                       String algorithm) {
-        
+
+    public KerberosKey(KerberosPrincipal principal, char[] password, String algorithm) {
+
         this.principal = principal;
 
         this.key = new KeyImpl(principal, password, algorithm);
     }
-    
-    /**
-     * @com.intel.drl.spec_ref
-     */
+
     public final KerberosPrincipal getPrincipal() {
         checkState();
         return principal;
     }
-    
-    /**
-     * @com.intel.drl.spec_ref
-     */
+
     public final String getAlgorithm() {
         return key.getAlgorithm();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final String getFormat() {
         return key.getFormat();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final int getKeyType() {
         return key.getKeyType();
-    }  
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    }
+
     public final byte[] getEncoded() {
         return key.getEncoded();
     }
-    
-    /**
-     * @com.intel.drl.spec_ref
-     */
-    public final int getVersionNumber()  {
+
+    public final int getVersionNumber() {
         checkState();
         return versionNum;
-    } 
+    }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public void destroy() throws DestroyFailedException {
         if (!destroyed) {
             this.principal = null;
@@ -143,304 +97,24 @@
         }
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public boolean isDestroyed() {
         return destroyed;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public String toString() {
         checkState();
-        StringBuffer sb = new StringBuffer();
+        StringBuilder sb = new StringBuilder();
         sb.append("KerberosPrincipal ").append(principal.getName()).append("\n"); //$NON-NLS-1$ //$NON-NLS-2$
         sb.append("KeyVersion ").append(versionNum).append("\n"); //$NON-NLS-1$ //$NON-NLS-2$
         sb.append(key.toString());
         return sb.toString();
-    } 
-    
+    }
+
     // if a key is destroyed then IllegalStateException must be thrown 
     private void checkState() {
         if (destroyed) {
-            throw new IllegalStateException (Messages.getString("auth.48")); //$NON-NLS-1$
+            throw new IllegalStateException(Messages.getString("auth.48")); //$NON-NLS-1$
         }
     }
 }
-
-/**
- * This class encapsulates a Kerberos encryption key.
- * 
- */
-class KeyImpl implements SecretKey, Destroyable, Serializable {
-
-    private static final long serialVersionUID = -7889313790214321193L;
-    
-    private transient byte[] keyBytes;
-
-    private transient int keyType;
-    
-    //  indicates the ticket state
-    private transient boolean destroyed;
-
-    // Pre-calculated parity values 
-    // TODO the alternative for boolean table - any acceptable algorithm?
-    private final static boolean[] PARITY = new boolean[] { false, true, true,
-            false, true, false, false, true, true, false, false, true, false,
-            true, true, false, true, false, false, true, false, true, true,
-            false, false, true, true, false, true, false, false, true, true,
-            false, false, true, false, true, true, false, false, true, true,
-            false, true, false, false, true, false, true, true, false, true,
-            false, false, true, true, false, false, true, false, true, true,
-            false, true, false, false, true, false, true, true, false, false,
-            true, true, false, true, false, false, true, false, true, true,
-            false, true, false, false, true, true, false, false, true, false,
-            true, true, false, false, true, true, false, true, false, false,
-            true, true, false, false, true, false, true, true, false, true,
-            false, false, true, false, true, true, false, false, true, true,
-            false, true, false, false, true, true, false, false, true, false,
-            true, true, false, false, true, true, false, true, false, false,
-            true, false, true, true, false, true, false, false, true, true,
-            false, false, true, false, true, true, false, false, true, true,
-            false, true, false, false, true, true, false, false, true, false,
-            true, true, false, true, false, false, true, false, true, true,
-            false, false, true, true, false, true, false, false, true, false,
-            true, true, false, true, false, false, true, true, false, false,
-            true, false, true, true, false, true, false, false, true, false,
-            true, true, false, false, true, true, false, true, false, false,
-            true, true, false, false, true, false, true, true, false, false,
-            true, true, false, true, false, false, true, false, true, true,
-            false, true, false, false, true, true, false, false, true, false,
-            true, true, false };
-
-    // Pre-calculated reversed values 
-    // TODO any acceptable alternative algorithm instead of table?
-    private static final byte[] REVERSE = new byte[] { 0, 64, 32, 96, 16, 80,
-            48, 112, 8, 72, 40, 104, 24, 88, 56, 120, 4, 68, 36, 100, 20, 84,
-            52, 116, 12, 76, 44, 108, 28, 92, 60, 124, 2, 66, 34, 98, 18, 82,
-            50, 114, 10, 74, 42, 106, 26, 90, 58, 122, 6, 70, 38, 102, 22, 86,
-            54, 118, 14, 78, 46, 110, 30, 94, 62, 126, 1, 65, 33, 97, 17, 81,
-            49, 113, 9, 73, 41, 105, 25, 89, 57, 121, 5, 69, 37, 101, 21, 85,
-            53, 117, 13, 77, 45, 109, 29, 93, 61, 125, 3, 67, 35, 99, 19, 83,
-            51, 115, 11, 75, 43, 107, 27, 91, 59, 123, 7, 71, 39, 103, 23, 87,
-            55, 119, 15, 79, 47, 111, 31, 95, 63, 127 };
-
-    /**
-     * creates a secret key from a given raw bytes
-     * 
-     * @param keyBytes
-     * @param keyType
-     */
-    public KeyImpl(byte[] keyBytes, int keyType) {
-        this.keyBytes = new byte[keyBytes.length];
-        System.arraycopy(keyBytes , 0, this.keyBytes, 0, this.keyBytes.length); 
-        this.keyType = keyType;
-    }
-    /**
-     * creates a secret key from a given password
-     * 
-     * @param principal
-     * @param password
-     * @param algorithm
-     */
-    public KeyImpl(KerberosPrincipal principal, char[] password, String algorithm) {
-
-        //
-        // See http://www.ietf.org/rfc/rfc3961.txt for algorithm description
-        //
-        
-        if (principal == null || password == null) {
-            throw new NullPointerException();
-        }
-
-        if (algorithm != null && "DES".compareTo(algorithm) != 0) { //$NON-NLS-1$
-            throw new IllegalArgumentException(Messages.getString("auth.49")); //$NON-NLS-1$
-        }
-
-        keyType = 3; // DES algorithm
-        keyBytes = new byte[8];
-        
-        String realm = principal.getRealm();
-        String pname = principal.getName();
-
-        StringBuffer buf = new StringBuffer();
-        buf.append(password);
-        buf.append(realm);
-        buf.append(pname.substring(0, pname.length() - realm.length() - 1));
-
-        byte[] tmp = buf.toString().getBytes();
-
-        // pad with 0x00 to 8 byte boundary
-        byte[] raw = new byte[tmp.length
-                + ((tmp.length % 8) == 0 ? 0 : (8 - tmp.length % 8))];
-        System.arraycopy(tmp, 0, raw, 0, tmp.length);
-
-        long k1, k2 = 0;
-        boolean isOdd = false;
-        // for each 8-byte block in raw byte array
-        for (int i = 0; i < raw.length; i = i + 8, isOdd = !isOdd) {
-
-            k1 = 0;
-            if (isOdd) {
-                //reverse
-                for (int j = 7; j > -1; j--) {
-                    k1 = (k1 << 7) + REVERSE[raw[i + j] & 0x7F];
-                }
-            } else {
-                for (int j = 0; j < 8; j++) {
-                    k1 = (k1 << 7) + (raw[i + j] & 0x7F);
-                }
-            }
-            k2 = k2 ^ k1;
-        }
-        
-        // 56-bit long to byte array (8 bytes)
-        for (int i = 7; i > -1; i--) {
-            keyBytes[i] = (byte) k2;
-            keyBytes[i] = (byte) (keyBytes[i] << 1);
-            k2 = k2 >> 7;
-        }
-        keyCorrection(keyBytes);
-
-        // calculate DES-CBC check sum
-        try {
-            Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding"); //$NON-NLS-1$
-
-            // use tmp key as IV
-            IvParameterSpec IV = new IvParameterSpec(keyBytes);
-
-            // do DES encryption 
-            SecretKey secretKey = new SecretKeySpec(keyBytes, "DES"); //$NON-NLS-1$
-            cipher.init(Cipher.ENCRYPT_MODE, secretKey, IV);
-            byte[] enc = cipher.doFinal(raw);
-
-            // final last block is check sum
-            System.arraycopy(enc, enc.length - 8, keyBytes, 0, 8);
-            
-            keyCorrection(keyBytes);
-
-        } catch (Exception e) {
-            throw new RuntimeException(
-                    Messages.getString("auth.4A"), e); //$NON-NLS-1$
-        }
-    }
-
-    private void keyCorrection(byte[] key) {
-        
-        // fix parity
-        for (int i = 0; i < 8; i++) {
-            if (!PARITY[key[i] & 0xFF]) {
-                if ((key[i] & 0x01) == 0) {
-                    key[i]++;
-                } else {
-                    key[i]--;
-                }
-            }
-        }
-        
-        // TODO if is week do XOR
-        //if(DESKeySpec.isWeak(keyBytes,0)){
-        //}
-    }
-
-    /**
-     * Method is described in 
-     * <code>getAlgorithm</code> in interface <code>Key</code>
-     */
-    public final String getAlgorithm() {
-        checkState();
-        if (keyType == 0) {
-            return "NULL"; //$NON-NLS-1$
-        }
-        return "DES"; //$NON-NLS-1$
-    }
-    
-    /**
-     * Method is described in
-     * <code>getFormat</code> in interface <code>Key</code>
-     */
-    public final String getFormat() {
-        checkState();
-        return "RAW"; //$NON-NLS-1$
-    }
-   
-    /**
-     * Method is described in
-     * <code>getEncoded</code> in interface <code>Key</code>
-     */
-    public final byte[] getEncoded() {
-        checkState();
-        byte[] tmp = new byte[keyBytes.length];
-        System.arraycopy(keyBytes, 0, tmp, 0, tmp.length);
-        return tmp;
-    }
-
-    /**
-     * Returns the key type for this key
-     */
-    public final int getKeyType() {
-        checkState();
-        return keyType;
-    }
-
-    /**
-     * Destroys this key
-     */
-    public void destroy() throws DestroyFailedException {
-        if (!destroyed) {
-            Arrays.fill(keyBytes, (byte) 0); 
-            destroyed = true;
-        }
-        
-    }
-    /**
-     * Determines if this key has been destroyed 
-     */
-   public boolean isDestroyed() {
-        return destroyed;
-    }
-
-   /**
-    * A string representation of this key
-    */
-   public String toString() {
-       String s_key = null;
-       StringBuffer sb = new StringBuffer();
-       
-       if (keyBytes.length == 0) {
-           s_key = "Empty Key"; //$NON-NLS-1$
-       } else {
-           s_key = Array.toString(keyBytes," "); //$NON-NLS-1$
-       }
-       sb.append("EncryptionKey: ").append("KeyType = ").append(keyType); //$NON-NLS-1$ //$NON-NLS-2$
-       sb.append("KeyBytes (Hex dump) = ").append(s_key); //$NON-NLS-1$
-       return sb.toString();
-   }
-   
-   /**
-    * if a key is destroyed then IllegalStateException should be thrown
-    */  
-   private void checkState() {
-       if (destroyed) {
-           throw new IllegalStateException (Messages.getString("auth.48")); //$NON-NLS-1$
-       }
-   }
-
-   // TODO: read a object from a stream
-   private void readObject(ObjectInputStream s) throws IOException,
-       ClassNotFoundException {
-       s.defaultReadObject();
-   }
-
-   // TODO: write a object to a stream
-   private void writeObject(ObjectOutputStream s) throws IOException {
-       
-       if(destroyed){
-           throw new IOException(Messages.getString("auth.48")); //$NON-NLS-1$
-       }
-       s.defaultWriteObject();
-   }
-
-}
\ No newline at end of file

Modified: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosPrincipal.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosPrincipal.java?view=diff&rev=451520&r1=451519&r2=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosPrincipal.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosPrincipal.java Fri Sep 29 19:18:11 2006
@@ -14,10 +14,6 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-/**
- * @author Maxim V. Makarov, Stepan M. Mishura
- * @version $Revision$
- */
 
 package javax.security.auth.kerberos;
 
@@ -32,44 +28,20 @@
 import org.apache.harmony.auth.internal.nls.Messages;
 import org.apache.harmony.security.asn1.ASN1StringType;
 
-/**
- * @com.intel.drl.spec_ref
- */
 public final class KerberosPrincipal implements Principal, Serializable {
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     private static final long serialVersionUID = -7374788026156829911L;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_UNKNOWN = 0;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_PRINCIPAL = 1;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_SRV_INST = 2;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_SRV_HST = 3;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_SRV_XHST = 4;
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public static final int KRB_NT_UID = 5;
 
     // the full name of principal
@@ -102,16 +74,11 @@
 
         // verify realm name according to RFC 1964(2.1.1 (2))
         // check invalid chars '/', ':' and null
-        if (realm.indexOf('/') != -1 || realm.indexOf(':') != -1
-                || realm.indexOf(0) != -1) {
-            throw new IllegalArgumentException(
-                    Messages.getString("auth.24")); //$NON-NLS-1$
+        if (realm.indexOf('/') != -1 || realm.indexOf(':') != -1 || realm.indexOf(0) != -1) {
+            throw new IllegalArgumentException(Messages.getString("auth.24")); //$NON-NLS-1$
         }
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public KerberosPrincipal(String name) {
         // TODO: If principal name does't specify then a default realm
         // should be read from krb.conf file else IllegalArgumentException
@@ -120,9 +87,6 @@
         type = KRB_NT_PRINCIPAL;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public KerberosPrincipal(String name, int type) {
         // TODO: If principal name does't specify then a default realm
         // should be read from krb.conf file else IllegalArgumentException
@@ -135,39 +99,24 @@
         this.type = type;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     * 
-     * <code>toString</code> in interface <code>Principal</code>
-     */
     public String getName() {
         return name;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public String getRealm() {
         return realm;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public int getNameType() {
         return type;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public int hashCode() {
         return getName().hashCode();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public boolean equals(Object obj) {
         if (obj == this) {
             return true;
@@ -181,22 +130,18 @@
         return (that.name.equals(this.name) && that.type == this.type);
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public String toString() {
         return super.toString();
     }
 
-    private void readObject(ObjectInputStream s) throws IOException,
-            ClassNotFoundException {
+    private void readObject(ObjectInputStream s) throws IOException, ClassNotFoundException {
 
         s.defaultReadObject();
 
-        PrincipalName principalName = (PrincipalName) PrincipalName.ASN1
-                .decode((byte[]) s.readObject());
-        realm = (String) ASN1StringType.GENERALSTRING.decode((byte[]) s
+        PrincipalName principalName = (PrincipalName) PrincipalName.ASN1.decode((byte[]) s
                 .readObject());
+        realm = (String) ASN1StringType.GENERALSTRING.decode((byte[]) s.readObject());
 
         String[] nameString = principalName.getName();
         StringBuilder buf = new StringBuilder();
@@ -238,11 +183,10 @@
             }
         }
 
-        byte[] enc = PrincipalName.ASN1.encode(new PrincipalName(type,
-                nameString));
+        byte[] enc = PrincipalName.ASN1.encode(new PrincipalName(type, nameString));
         s.writeObject(enc);
 
         enc = ASN1StringType.GENERALSTRING.encode(realm);
         s.writeObject(enc);
     }
-}
\ No newline at end of file
+}

Modified: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosTicket.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosTicket.java?view=diff&rev=451520&r1=451519&r2=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosTicket.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KerberosTicket.java Fri Sep 29 19:18:11 2006
@@ -15,11 +15,6 @@
  *  limitations under the License.
  */
 
-/**
-* @author Maxim V. Makarov
-* @version $Revision$
-*/
-
 package javax.security.auth.kerberos;
 
 import java.io.Serializable;
@@ -35,18 +30,11 @@
 import org.apache.harmony.auth.internal.nls.Messages;
 import org.apache.harmony.security.utils.Array;
 
-
-/**
- * @com.intel.drl.spec_ref
- */
 public class KerberosTicket implements Destroyable, Refreshable, Serializable {
 
     private static final long serialVersionUID = 7395334370157380539L;
 
-    // The description of these falgs defines in the Kerberos Protocol Specification (RFC 1510).
-    
-    // reserved flag for future expansion
-    private static final int RESERVED = 0;
+    // The description of these flags defines in the Kerberos Protocol Specification (RFC 1510).
 
     // FORWARDABLE flag 
     private static final int FORWARDABLE = 1;
@@ -60,33 +48,21 @@
     // PROXY flag
     private static final int PROXY = 4;
 
-    // MAY_POSTDATE flag, while unuses
-    private static final int MAY_POSTDATE = 5;
-
     // POSTDATED flag
     private static final int POSTDATED = 6;
 
-    // INVALID flag, while unuses
-    private static final int INVALID = 7;
-
     // RENEWABLE flag
     private static final int RENEWABLE = 8;
 
     // INITIAL flag
     private static final int INITIAL = 9;
 
-    // PRE_AUTHENT flag, while unuses
-    private static final int PRE_AUTHENT = 10;
-
-    // HW_AUTHENT flag, while unuses
-    private static final int HW_AUTHENT = 11;
-
     // UNUSED flag, 12 - 32 bit reserved
-    private static final int UNUSED = 31; 
+    private static final int UNUSED = 31;
 
     // line feed 
     private static final String LF = "\n"; //$NON-NLS-1$
-    
+
     //ASN.1 encoding of the ticket
     private byte[] asn1Encoding;
 
@@ -119,20 +95,14 @@
 
     // indicates the ticket state
     private transient boolean destroyed;
-    
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public KerberosTicket(byte[] asn1Encoding, KerberosPrincipal client,
-                          KerberosPrincipal server, byte[] keyBytes,
-                          int keyType, boolean[] flags, Date authTime,
-                          Date startTime, Date endTime, Date renewTill,
-                          InetAddress[] clientAddresses) {
+            KerberosPrincipal server, byte[] keyBytes, int keyType, boolean[] flags,
+            Date authTime, Date startTime, Date endTime, Date renewTill,
+            InetAddress[] clientAddresses) {
 
         if (asn1Encoding == null) {
-            throw new IllegalArgumentException(
-                Messages.getString("auth.3B")); //$NON-NLS-1$
+            throw new IllegalArgumentException(Messages.getString("auth.3B")); //$NON-NLS-1$
         }
         if (client == null) {
             throw new IllegalArgumentException(Messages.getString("auth.3C")); //$NON-NLS-1$
@@ -155,8 +125,7 @@
         }
 
         this.asn1Encoding = new byte[asn1Encoding.length];
-        System.arraycopy(asn1Encoding, 0, this.asn1Encoding, 0,
-                         this.asn1Encoding.length);
+        System.arraycopy(asn1Encoding, 0, this.asn1Encoding, 0, this.asn1Encoding.length);
 
         this.client = client;
         this.server = server;
@@ -177,8 +146,7 @@
         }
 
         if (flags[RENEWABLE] && renewTill == null) {
-            throw new IllegalArgumentException(
-                Messages.getString("auth.41")); //$NON-NLS-1$
+            throw new IllegalArgumentException(Messages.getString("auth.41")); //$NON-NLS-1$
         }
 
         this.renewTill = renewTill;
@@ -186,60 +154,44 @@
         if (startTime != null) {
             this.startTime = startTime;
         } else {
-            this.startTime = authTime; 
+            this.startTime = authTime;
         }
-        
+
         if (startTime.getTime() > endTime.getTime()) {
-            //TODO: make correct description of the exception  
             throw new IllegalArgumentException(Messages.getString("auth.42")); //$NON-NLS-1$
         }
-        
+
         this.authTime = authTime;
         this.endTime = endTime;
-        
+
         if (clientAddresses != null) {
             this.clientAddresses = new InetAddress[clientAddresses.length];
             System.arraycopy(clientAddresses, 0, this.clientAddresses, 0,
-                             this.clientAddresses.length);
+                    this.clientAddresses.length);
         }
 
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final KerberosPrincipal getClient() {
         checkState();
         return client;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final KerberosPrincipal getServer() {
         checkState();
         return server;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final SecretKey getSessionKey() {
         checkState();
         return sessionKey;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final int getSessionKeyType() {
         checkState();
         return sessionKey.getKeyType();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final byte[] getEncoded() {
         checkState();
         byte[] tmp = new byte[this.asn1Encoding.length];
@@ -247,66 +199,42 @@
         return tmp;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isForwardable() {
         checkState();
         return flags[FORWARDABLE];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isForwarded() {
         checkState();
         //TODO: was based on authentication involving a forwarde TGT ?
         return flags[FORWARDED];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isProxiable() {
         checkState();
         return flags[PROXIABLE];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isProxy() {
         checkState();
         return flags[PROXY];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isPostdated() {
         checkState();
         return flags[POSTDATED];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isRenewable() {
         checkState();
         return flags[RENEWABLE];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean isInitial() {
         checkState();
         return flags[INITIAL];
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final boolean[] getFlags() {
         checkState();
         boolean[] tmp = new boolean[flags.length];
@@ -315,41 +243,26 @@
 
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final Date getAuthTime() {
         checkState();
         return authTime;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final Date getStartTime() {
         checkState();
         return startTime;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final Date getEndTime() {
         checkState();
         return endTime;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final Date getRenewTill() {
         checkState();
         return renewTill;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public final InetAddress[] getClientAddresses() {
         checkState();
         if (this.clientAddresses != null) {
@@ -360,12 +273,9 @@
         return null;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public void destroy() throws DestroyFailedException {
         if (!destroyed) {
-            Arrays.fill(this.asn1Encoding, (byte)0);
+            Arrays.fill(this.asn1Encoding, (byte) 0);
             this.client = null;
             this.server = null;
             this.sessionKey.destroy();
@@ -377,57 +287,45 @@
             this.clientAddresses = null;
             destroyed = true;
         } else {
-            throw new DestroyFailedException(Messages.getString("auth.43"));  //$NON-NLS-1$
+            throw new DestroyFailedException(Messages.getString("auth.43")); //$NON-NLS-1$
         }
 
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public boolean isDestroyed() {
         return destroyed;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public void refresh() throws RefreshFailedException {
 
         checkState();
-        
+
         if (!flags[RENEWABLE]) {
             throw new RefreshFailedException(Messages.getString("auth.44")); //$NON-NLS-1$
         }
 
         if (System.currentTimeMillis() > this.renewTill.getTime()) {
-            throw new RefreshFailedException(
-                Messages.getString("auth.45")); //$NON-NLS-1$
+            throw new RefreshFailedException(Messages.getString("auth.45")); //$NON-NLS-1$
         }
-        
+
         //TODO: need access to a KDC server          
-        throw new UnsupportedOperationException(); 
+        throw new UnsupportedOperationException();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public boolean isCurrent() {
         checkState();
         if (this.getStartTime().getTime() <= System.currentTimeMillis()
-            && System.currentTimeMillis() <= this.getEndTime().getTime()) {
+                && System.currentTimeMillis() <= this.getEndTime().getTime()) {
             return true;
         }
         return false;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public String toString() {
         checkState();
-        StringBuffer sb = new StringBuffer();
-        sb.append("Ticket = ").append(Array.toString(asn1Encoding,"(hex) ") + LF); //$NON-NLS-1$ //$NON-NLS-2$
+        StringBuilder sb = new StringBuilder();
+        sb.append("Ticket = ").append(Array.toString(asn1Encoding, "(hex) ") + LF); //$NON-NLS-1$ //$NON-NLS-2$
         sb.append("Client Principal = ").append(client.getName() + LF); //$NON-NLS-1$
         sb.append("Server Principal = ").append(server.getName() + LF); //$NON-NLS-1$
         //TODO: append session key
@@ -449,12 +347,13 @@
                 if (clientAddresses[i] == null) {
                     throw new NullPointerException(Messages.getString("auth.46")); //$NON-NLS-1$
                 }
-                sb.append("clientAddresses[" + i + "] = ").append(clientAddresses[i].toString() + LF +"\t\t"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+                sb
+                        .append("clientAddresses[" + i + "] = ").append(clientAddresses[i].toString() + LF + "\t\t"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
             }
         } else {
             sb.append("null"); //$NON-NLS-1$
         }
-        
+
         return sb.toString();
     }
 
@@ -466,4 +365,4 @@
             throw new IllegalStateException(Messages.getString("auth.43")); //$NON-NLS-1$
         }
     }
-}
\ No newline at end of file
+}

Added: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java?view=auto&rev=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java (added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java Fri Sep 29 19:18:11 2006
@@ -0,0 +1,310 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package javax.security.auth.kerberos;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.Serializable;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.security.auth.DestroyFailedException;
+import javax.security.auth.Destroyable;
+
+import org.apache.harmony.auth.internal.nls.Messages;
+import org.apache.harmony.security.utils.Array;
+
+/**
+ * This class encapsulates a Kerberos encryption key.
+ * 
+ */
+class KeyImpl implements SecretKey, Destroyable, Serializable {
+
+    private static final long serialVersionUID = -7889313790214321193L;
+    
+    private transient byte[] keyBytes;
+
+    private transient int keyType;
+    
+    //  indicates the ticket state
+    private transient boolean destroyed;
+
+    // Pre-calculated parity values 
+    // TODO the alternative for boolean table - any acceptable algorithm?
+    private final static boolean[] PARITY = new boolean[] { false, true, true,
+            false, true, false, false, true, true, false, false, true, false,
+            true, true, false, true, false, false, true, false, true, true,
+            false, false, true, true, false, true, false, false, true, true,
+            false, false, true, false, true, true, false, false, true, true,
+            false, true, false, false, true, false, true, true, false, true,
+            false, false, true, true, false, false, true, false, true, true,
+            false, true, false, false, true, false, true, true, false, false,
+            true, true, false, true, false, false, true, false, true, true,
+            false, true, false, false, true, true, false, false, true, false,
+            true, true, false, false, true, true, false, true, false, false,
+            true, true, false, false, true, false, true, true, false, true,
+            false, false, true, false, true, true, false, false, true, true,
+            false, true, false, false, true, true, false, false, true, false,
+            true, true, false, false, true, true, false, true, false, false,
+            true, false, true, true, false, true, false, false, true, true,
+            false, false, true, false, true, true, false, false, true, true,
+            false, true, false, false, true, true, false, false, true, false,
+            true, true, false, true, false, false, true, false, true, true,
+            false, false, true, true, false, true, false, false, true, false,
+            true, true, false, true, false, false, true, true, false, false,
+            true, false, true, true, false, true, false, false, true, false,
+            true, true, false, false, true, true, false, true, false, false,
+            true, true, false, false, true, false, true, true, false, false,
+            true, true, false, true, false, false, true, false, true, true,
+            false, true, false, false, true, true, false, false, true, false,
+            true, true, false };
+
+    // Pre-calculated reversed values 
+    // TODO any acceptable alternative algorithm instead of table?
+    private static final byte[] REVERSE = new byte[] { 0, 64, 32, 96, 16, 80,
+            48, 112, 8, 72, 40, 104, 24, 88, 56, 120, 4, 68, 36, 100, 20, 84,
+            52, 116, 12, 76, 44, 108, 28, 92, 60, 124, 2, 66, 34, 98, 18, 82,
+            50, 114, 10, 74, 42, 106, 26, 90, 58, 122, 6, 70, 38, 102, 22, 86,
+            54, 118, 14, 78, 46, 110, 30, 94, 62, 126, 1, 65, 33, 97, 17, 81,
+            49, 113, 9, 73, 41, 105, 25, 89, 57, 121, 5, 69, 37, 101, 21, 85,
+            53, 117, 13, 77, 45, 109, 29, 93, 61, 125, 3, 67, 35, 99, 19, 83,
+            51, 115, 11, 75, 43, 107, 27, 91, 59, 123, 7, 71, 39, 103, 23, 87,
+            55, 119, 15, 79, 47, 111, 31, 95, 63, 127 };
+
+    /**
+     * creates a secret key from a given raw bytes
+     * 
+     * @param keyBytes
+     * @param keyType
+     */
+    public KeyImpl(byte[] keyBytes, int keyType) {
+        this.keyBytes = new byte[keyBytes.length];
+        System.arraycopy(keyBytes , 0, this.keyBytes, 0, this.keyBytes.length); 
+        this.keyType = keyType;
+    }
+    /**
+     * creates a secret key from a given password
+     * 
+     * @param principal
+     * @param password
+     * @param algorithm
+     */
+    public KeyImpl(KerberosPrincipal principal, char[] password, String algorithm) {
+
+        //
+        // See http://www.ietf.org/rfc/rfc3961.txt for algorithm description
+        //
+        
+        if (principal == null || password == null) {
+            throw new NullPointerException();
+        }
+
+        if (algorithm != null && "DES".compareTo(algorithm) != 0) { //$NON-NLS-1$
+            throw new IllegalArgumentException(Messages.getString("auth.49")); //$NON-NLS-1$
+        }
+
+        keyType = 3; // DES algorithm
+        keyBytes = new byte[8];
+        
+        String realm = principal.getRealm();
+        String pname = principal.getName();
+
+        StringBuilder buf = new StringBuilder();
+        buf.append(password);
+        buf.append(realm);
+        buf.append(pname.substring(0, pname.length() - realm.length() - 1));
+
+        byte[] tmp = buf.toString().getBytes();
+
+        // pad with 0x00 to 8 byte boundary
+        byte[] raw = new byte[tmp.length
+                + ((tmp.length % 8) == 0 ? 0 : (8 - tmp.length % 8))];
+        System.arraycopy(tmp, 0, raw, 0, tmp.length);
+
+        long k1, k2 = 0;
+        boolean isOdd = false;
+        // for each 8-byte block in raw byte array
+        for (int i = 0; i < raw.length; i = i + 8, isOdd = !isOdd) {
+
+            k1 = 0;
+            if (isOdd) {
+                //reverse
+                for (int j = 7; j > -1; j--) {
+                    k1 = (k1 << 7) + REVERSE[raw[i + j] & 0x7F];
+                }
+            } else {
+                for (int j = 0; j < 8; j++) {
+                    k1 = (k1 << 7) + (raw[i + j] & 0x7F);
+                }
+            }
+            k2 = k2 ^ k1;
+        }
+        
+        // 56-bit long to byte array (8 bytes)
+        for (int i = 7; i > -1; i--) {
+            keyBytes[i] = (byte) k2;
+            keyBytes[i] = (byte) (keyBytes[i] << 1);
+            k2 = k2 >> 7;
+        }
+        keyCorrection(keyBytes);
+
+        // calculate DES-CBC check sum
+        try {
+            Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding"); //$NON-NLS-1$
+
+            // use tmp key as IV
+            IvParameterSpec IV = new IvParameterSpec(keyBytes);
+
+            // do DES encryption 
+            SecretKey secretKey = new SecretKeySpec(keyBytes, "DES"); //$NON-NLS-1$
+            cipher.init(Cipher.ENCRYPT_MODE, secretKey, IV);
+            byte[] enc = cipher.doFinal(raw);
+
+            // final last block is check sum
+            System.arraycopy(enc, enc.length - 8, keyBytes, 0, 8);
+            
+            keyCorrection(keyBytes);
+
+        } catch (Exception e) {
+            throw new RuntimeException(
+                    Messages.getString("auth.4A"), e); //$NON-NLS-1$
+        }
+    }
+
+    private void keyCorrection(byte[] key) {
+        
+        // fix parity
+        for (int i = 0; i < 8; i++) {
+            if (!PARITY[key[i] & 0xFF]) {
+                if ((key[i] & 0x01) == 0) {
+                    key[i]++;
+                } else {
+                    key[i]--;
+                }
+            }
+        }
+        
+        // TODO if is week do XOR
+        //if(DESKeySpec.isWeak(keyBytes,0)){
+        //}
+    }
+
+    /**
+     * Method is described in 
+     * <code>getAlgorithm</code> in interface <code>Key</code>
+     */
+    public final String getAlgorithm() {
+        checkState();
+        if (keyType == 0) {
+            return "NULL"; //$NON-NLS-1$
+        }
+        return "DES"; //$NON-NLS-1$
+    }
+    
+    /**
+     * Method is described in
+     * <code>getFormat</code> in interface <code>Key</code>
+     */
+    public final String getFormat() {
+        checkState();
+        return "RAW"; //$NON-NLS-1$
+    }
+   
+    /**
+     * Method is described in
+     * <code>getEncoded</code> in interface <code>Key</code>
+     */
+    public final byte[] getEncoded() {
+        checkState();
+        byte[] tmp = new byte[keyBytes.length];
+        System.arraycopy(keyBytes, 0, tmp, 0, tmp.length);
+        return tmp;
+    }
+
+    /**
+     * Returns the key type for this key
+     */
+    public final int getKeyType() {
+        checkState();
+        return keyType;
+    }
+
+    /**
+     * Destroys this key
+     */
+    public void destroy() throws DestroyFailedException {
+        if (!destroyed) {
+            Arrays.fill(keyBytes, (byte) 0); 
+            destroyed = true;
+        }
+        
+    }
+    /**
+     * Determines if this key has been destroyed 
+     */
+   public boolean isDestroyed() {
+        return destroyed;
+    }
+
+   /**
+    * A string representation of this key
+    */
+   @Override
+public String toString() {
+       String s_key = null;
+       StringBuilder sb = new StringBuilder();
+       
+       if (keyBytes.length == 0) {
+           s_key = "Empty Key"; //$NON-NLS-1$
+       } else {
+           s_key = Array.toString(keyBytes," "); //$NON-NLS-1$
+       }
+       sb.append("EncryptionKey: ").append("KeyType = ").append(keyType); //$NON-NLS-1$ //$NON-NLS-2$
+       sb.append("KeyBytes (Hex dump) = ").append(s_key); //$NON-NLS-1$
+       return sb.toString();
+   }
+   
+   /**
+    * if a key is destroyed then IllegalStateException should be thrown
+    */  
+   private void checkState() {
+       if (destroyed) {
+           throw new IllegalStateException (Messages.getString("auth.48")); //$NON-NLS-1$
+       }
+   }
+
+   // TODO: read a object from a stream
+   private void readObject(ObjectInputStream s) throws IOException,
+       ClassNotFoundException {
+       s.defaultReadObject();
+   }
+
+   // TODO: write a object to a stream
+   private void writeObject(ObjectOutputStream s) throws IOException {
+       
+       if(destroyed){
+           throw new IOException(Messages.getString("auth.48")); //$NON-NLS-1$
+       }
+       s.defaultWriteObject();
+   }
+
+}
\ No newline at end of file

Propchange: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KeyImpl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java?view=auto&rev=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java (added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java Fri Sep 29 19:18:11 2006
@@ -0,0 +1,140 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package javax.security.auth.kerberos;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.ObjectStreamField;
+import java.io.Serializable;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
+import java.util.Vector;
+
+import org.apache.harmony.auth.internal.nls.Messages;
+
+/**
+ * Specific PermissionCollection for storing DelegationPermissions
+ * 
+ */
+class KrbDelegationPermissionCollection extends PermissionCollection implements Serializable {
+
+    private static final long serialVersionUID = -3383936936589966948L;
+    
+    private static final ObjectStreamField[] serialPersistentFields = { new ObjectStreamField(
+            "permissions", Vector.class) }; //$NON-NLS-1$
+
+    private transient DelegationPermission[] items = new DelegationPermission[10];
+
+    private transient int offset;
+
+    //initialization of a collection
+    KrbDelegationPermissionCollection() {
+        super();
+    }
+
+    /**
+     * Adds a ServicePermission to the collection.
+     */
+    @Override
+    public void add(Permission permission) {
+
+        if (isReadOnly()) {
+            throw new SecurityException(Messages.getString("auth.21")); //$NON-NLS-1$
+        }
+
+        if (permission == null || !(permission instanceof DelegationPermission)) {
+            throw new IllegalArgumentException(Messages.getString("auth.22", permission)); //$NON-NLS-1$
+        }
+        synchronized (this) {
+            if (offset == items.length) {
+                DelegationPermission[] dp = new DelegationPermission[items.length * 2];
+                System.arraycopy(items, 0, dp, 0, offset);
+                items = dp;
+            }
+            items[offset++] = (DelegationPermission) permission;
+        }
+    }
+
+    /**
+     * Returns enumeration of the collection.
+     */
+    @Override
+    public Enumeration<Permission> elements() {
+        return new Enumeration<Permission>() {
+            private int index;
+
+            public boolean hasMoreElements() {
+                return index < offset;
+            }
+
+            public DelegationPermission nextElement() {
+                if (index == offset) {
+                    throw new NoSuchElementException();
+                }
+                return items[index++];
+            }
+        };
+    }
+
+    /**
+     * Returns true if this collection implies the specified permission. 
+     */
+    @Override
+    public boolean implies(Permission permission) {
+        if (permission == null || !(permission instanceof DelegationPermission)) {
+            return false;
+        }
+
+        synchronized (this) {
+            for (int i = 0; i < offset; i++) {
+                if (items[i].implies(permission)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+    // white a collection to stream
+    private void writeObject(ObjectOutputStream out) throws IOException {
+        Vector<DelegationPermission> permissions;
+        permissions = new Vector<DelegationPermission>(offset);
+        for (int i = 0; i < offset; permissions.add(items[i++])) {
+        }
+        ObjectOutputStream.PutField fields = out.putFields();
+        fields.put("permissions", permissions); //$NON-NLS-1$
+        out.writeFields();
+    }
+
+    // read a collection from stream
+    private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
+        ObjectInputStream.GetField fields = in.readFields();
+        Vector<?> permissions = (Vector<?>) fields.get("permissions", null); //$NON-NLS-1$
+        items = new DelegationPermission[permissions.size() * 2];
+        for (offset = 0; offset < items.length / 2;) {
+            Object obj = permissions.get(offset);
+            if (obj == null || !(obj instanceof DelegationPermission)) {
+                throw new IllegalArgumentException(Messages.getString("auth.22", obj)); //$NON-NLS-1$
+            }
+            items[offset++] = (DelegationPermission) obj;
+        }
+    }
+}

Propchange: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbDelegationPermissionCollection.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java?view=auto&rev=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java (added)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java Fri Sep 29 19:18:11 2006
@@ -0,0 +1,144 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package javax.security.auth.kerberos;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.ObjectStreamField;
+import java.io.Serializable;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
+import java.util.Vector;
+
+import org.apache.harmony.auth.internal.nls.Messages;
+
+/**
+ * Specific PermissionCollection for storing ServicePermissions
+ * 
+ */
+
+final class KrbServicePermissionCollection extends PermissionCollection
+        implements Serializable {
+
+    private static final long serialVersionUID = -4118834211490102011L;
+
+    private static final ObjectStreamField[] serialPersistentFields = { new ObjectStreamField(
+            "permissions", Vector.class) }; //$NON-NLS-1$
+
+    private transient ServicePermission[] items = new ServicePermission[10];
+
+    private transient int offset;
+
+    // initialization of a collection
+    KrbServicePermissionCollection() {
+    }
+
+    /**
+     * Adds a ServicePermission to the collection.
+     */
+    @Override
+    public void add(Permission permission) {
+
+        if (isReadOnly()) {
+            throw new SecurityException(Messages.getString("auth.21")); //$NON-NLS-1$
+        }
+
+        if (permission == null || !(permission instanceof ServicePermission)) {
+            throw new IllegalArgumentException(Messages.getString("auth.22",permission)); //$NON-NLS-1$
+        }
+        synchronized (this) {
+            if (offset == items.length) {
+                ServicePermission[] sp = new ServicePermission[items.length * 2];
+                System.arraycopy(items, 0, sp, 0, offset);
+                items = sp;
+            }
+            items[offset++] = (ServicePermission) permission;
+        }
+    }
+
+    /**
+     * Returns enumeration of the collection.
+     */
+    @Override
+    public Enumeration<Permission> elements() {
+        return new Enumeration<Permission>() {
+            private int index = 0;
+
+            public boolean hasMoreElements() {
+                return index < offset;
+            }
+
+            public Permission nextElement() {
+                if (index == offset) {
+                    throw new NoSuchElementException();
+                }
+                return items[index++];
+            }
+        };
+    }
+
+    /**
+     * Returns true if this collection implies the specified permission. 
+     */
+    @Override
+    public boolean implies(Permission permission) {
+
+        if (permission == null || !(permission instanceof ServicePermission)) {
+            return false;
+        }
+
+        synchronized (this) {
+            for (int i = 0; i < offset; i++) {
+                if (items[i].implies(permission)) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    // white collection to stream
+    private void writeObject(java.io.ObjectOutputStream out) throws IOException {
+        Vector<ServicePermission> permissions;
+        permissions = new Vector<ServicePermission>(offset);
+        for (int i = 0; i < offset; permissions.add(items[i++])) {
+        }
+        ObjectOutputStream.PutField fields = out.putFields();
+        fields.put("permissions", permissions); //$NON-NLS-1$
+        out.writeFields();
+    }
+
+    // read collection from stream
+    private void readObject(java.io.ObjectInputStream in) throws IOException,
+            ClassNotFoundException {
+        ObjectInputStream.GetField fields = in.readFields();
+        Vector<?> permissions = (Vector<?>) fields.get("permissions", null); //$NON-NLS-1$
+        items = new ServicePermission[permissions.size() * 2];
+        for (offset = 0; offset < items.length / 2;) {
+            Object obj = permissions.get(offset);
+            if (obj == null || !(obj instanceof ServicePermission)) {
+                throw new IllegalArgumentException(Messages.getString("auth.22", obj)); //$NON-NLS-1$
+            }
+            items[offset++] = (ServicePermission) obj;
+        }
+    }
+}

Propchange: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/KrbServicePermissionCollection.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/ServicePermission.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/ServicePermission.java?view=diff&rev=451520&r1=451519&r2=451520
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/ServicePermission.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/auth/src/main/java/common/javax/security/auth/kerberos/ServicePermission.java Fri Sep 29 19:18:11 2006
@@ -15,36 +15,17 @@
  *  limitations under the License.
  */
 
-/**
-* @author Maxim V. Makarov
-* @version $Revision$
-*/
-
 package javax.security.auth.kerberos;
 
 import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.ObjectStreamField;
 import java.io.Serializable;
 import java.security.Permission;
 import java.security.PermissionCollection;
-import java.util.Enumeration;
-import java.util.NoSuchElementException;
-import java.util.Vector;
 
 import org.apache.harmony.auth.internal.nls.Messages;
 
-/**
- * @com.intel.drl.spec_ref
- * 
- */
-
 public final class ServicePermission extends Permission implements Serializable {
 
-    /** 
-     * @com.intel.drl.spec_ref 
-     */
     private static final long serialVersionUID = -1227585031618624935L;
 
     private static final String INITIATE = "initiate"; //$NON-NLS-1$
@@ -59,8 +40,6 @@
     private static final int ACCEPT_LEN = ACCEPT.length();
     private static final int MIN_LEN = Math.min(INITIATE_LEN,ACCEPT_LEN); 
 
-    private static Class thisClass = ServicePermission.class;
-
     /** 
      * ACCEPT_MASK, INITIATE_ACCEPT or (INITIATE_ACCEPT | ACCEPT_MASK)
      */
@@ -137,9 +116,6 @@
         throw new IllegalArgumentException(Messages.getString("auth.2E")); //$NON-NLS-1$
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
     public ServicePermission(String name, String actions) {
         super(name);
 
@@ -153,15 +129,13 @@
         }
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public boolean equals(Object obj) {
         if (this == obj) {
             return true;
         }
 
-        if (obj == null || thisClass != obj.getClass()) {
+        if (obj == null || ServicePermission.class != obj.getClass()) {
             return false;
         }
         ServicePermission sp = (ServicePermission) obj;
@@ -169,29 +143,23 @@
         return actions == sp.actions && getName().equals(sp.getName());
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public int hashCode() {
         return getName().hashCode() * actions.length();
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public String getActions() {
         return actions;
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public boolean implies(Permission permission) {
         if (this == permission) {
             return true;
         }
 
-        if (permission == null || thisClass != permission.getClass()) {
+        if (permission == null || ServicePermission.class != permission.getClass()) {
             return false;
         }
 
@@ -202,138 +170,19 @@
 				&& (name.length() == 1 && name.charAt(0) == '*' || name.equals(permission.getName()));
     }
 
-    /**
-     * @com.intel.drl.spec_ref
-     */
+    @Override
     public PermissionCollection newPermissionCollection() {
         return new KrbServicePermissionCollection();
     }
 
-    /** 
-     * @com.intel.drl.spec_ref 
-     */
     private synchronized void writeObject(java.io.ObjectOutputStream s)
             throws IOException {
         s.defaultWriteObject();
     }
 
-    /** 
-     * @com.intel.drl.spec_ref 
-     */
     private synchronized void readObject(java.io.ObjectInputStream s)
             throws IOException, ClassNotFoundException {
         s.defaultReadObject();
         initActions(getActions());
     }
 }
-/**
- * Specific PermissionCollection for storing ServicePermissions
- * 
- */
-
-final class KrbServicePermissionCollection extends PermissionCollection
-        implements Serializable {
-
-    private static final long serialVersionUID = -4118834211490102011L;
-
-    private static final ObjectStreamField[] serialPersistentFields = { new ObjectStreamField(
-            "permissions", Vector.class) }; //$NON-NLS-1$
-
-    private transient ServicePermission[] items = new ServicePermission[10];
-
-    private transient int offset;
-
-    // initialization of a collection
-    KrbServicePermissionCollection() {
-    }
-
-    /**
-     * Adds a ServicePermission to the collection.
-     */
-    public void add(Permission permission) {
-
-        if (isReadOnly()) {
-            throw new SecurityException(Messages.getString("auth.21")); //$NON-NLS-1$
-        }
-
-        if (permission == null || !(permission instanceof ServicePermission)) {
-            throw new IllegalArgumentException(Messages.getString("auth.22",permission)); //$NON-NLS-1$
-        }
-        synchronized (this) {
-            if (offset == items.length) {
-                ServicePermission[] sp = new ServicePermission[items.length * 2];
-                System.arraycopy(items, 0, sp, 0, offset);
-                items = sp;
-            }
-            items[offset++] = (ServicePermission) permission;
-        }
-    }
-
-    /**
-     * Returns enumeration of the collection.
-     */
-    public Enumeration elements() {
-        return new Enumeration() {
-            private int index = 0;
-
-            public boolean hasMoreElements() {
-                return index < offset;
-            }
-
-            public Object nextElement() {
-                if (index == offset) {
-                    throw new NoSuchElementException();
-                }
-                return items[index++];
-            }
-        };
-    }
-
-    /**
-     * Returns true if this collection implies the specified permission. 
-     */
-    public boolean implies(Permission permission) {
-
-        if (permission == null || !(permission instanceof ServicePermission)) {
-            return false;
-        }
-
-        synchronized (this) {
-            for (int i = 0; i < offset; i++) {
-                if (items[i].implies(permission)) {
-                    return true;
-                }
-            }
-        }
-
-        return false;
-    }
-
-    // white collection to stream
-    private void writeObject(java.io.ObjectOutputStream out) throws IOException {
-        Vector permissions;
-        synchronized (this) {
-            permissions = new Vector(offset);
-            for (int i = 0; i < offset; permissions.add(items[i++])) {
-            }
-        }
-        ObjectOutputStream.PutField fields = out.putFields();
-        fields.put("permissions", permissions); //$NON-NLS-1$
-        out.writeFields();
-    }
-
-    // read collection from stream
-    private void readObject(java.io.ObjectInputStream in) throws IOException,
-            ClassNotFoundException {
-        ObjectInputStream.GetField fields = in.readFields();
-        Vector permissions = (Vector) fields.get("permissions", null); //$NON-NLS-1$
-        items = new ServicePermission[permissions.size() * 2];
-        for (offset = 0; offset < items.length / 2;) {
-            Object obj = permissions.get(offset);
-            if (obj == null || !(obj instanceof ServicePermission)) {
-                throw new IllegalArgumentException(Messages.getString("auth.22", obj)); //$NON-NLS-1$
-            }
-            items[offset++] = (ServicePermission) obj;
-        }
-    }
-}
\ No newline at end of file



Mime
View raw message