Examples of org.apache.directory.shared.kerberos.components.EncryptionKey

Package org.apache.directory.shared.kerberos.components

Examples of org.apache.directory.shared.kerberos.components.EncryptionKey

org.apache.directory.shared.kerberos.components.EncryptionKey
A Kerberos symmetric encryption key, which includes metadata support for the associated key type and key version number. The ASN.1 description for this structure is :
```
 EncryptionKey   ::= SEQUENCE { keytype         [0] Int32 -- actually encryption type --, keyvalue        [1] OCTET STRING } 
```
@author Apache Directory Project


        KdcOptions kdcOptions = tgsContext.getRequest().getKdcReqBody().getKdcOptions();
        boolean isValidate = kdcOptions.get( KdcOptions.VALIDATE );


        EncryptionType encryptionType = tgt.getEncPart().getEType();
        EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getKeyMap().get( encryptionType );


        long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
        ReplayCache replayCache = tgsContext.getReplayCache();
        boolean emptyAddressesAllowed = tgsContext.getConfig().isEmptyAddressesAllowed();
        InetAddress clientAddress = tgsContext.getClientAddress();

View Full Code Here

            if ( authenticatorChecksum != null )
            {
                // we need the session key
                Ticket tgt = tgsContext.getTgt();
                EncTicketPart encTicketPart = tgt.getEncTicketPart();
                EncryptionKey sessionKey = encTicketPart.getKey();


                if ( authenticatorChecksum == null || authenticatorChecksum.getChecksumType() == null
                    || authenticatorChecksum.getChecksumValue() == null || bodyBytes == null )
                {
                    throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
                }


                LOG_KRB.debug( "Verifying body checksum type '{}'.", authenticatorChecksum.getChecksumType() );


                checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, sessionKey.getKeyValue(),
                    KeyUsage.TGS_REQ_PA_TGS_REQ_PADATA_AP_REQ_AUTHNT_CKSUM_TGS_SESS_KEY );
            }
        }
    }

View Full Code Here

        CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
        KerberosPrincipal ticketPrincipal = KerberosUtils.getKerberosPrincipal(
            request.getKdcReqBody().getSName(), request.getKdcReqBody().getRealm() );


        EncryptionType encryptionType = tgsContext.getEncryptionType();
        EncryptionKey serverKey = tgsContext.getRequestPrincipalEntry().getKeyMap().get( encryptionType );


        KerberosConfig config = tgsContext.getConfig();


        tgsContext.getRequest().getKdcReqBody().getAdditionalTickets();


        EncTicketPart newTicketPart = new EncTicketPart();


        newTicketPart.setClientAddresses( tgt.getEncTicketPart().getClientAddresses() );


        processFlags( config, request, tgt, newTicketPart );


        EncryptionKey sessionKey = RandomKeyFactory.getRandomKey( tgsContext.getEncryptionType() );
        newTicketPart.setKey( sessionKey );


        newTicketPart.setCName( tgt.getEncTicketPart().getCName() );
        newTicketPart.setCRealm( tgt.getEncTicketPart().getCRealm() );

View Full Code Here

        outAttrs.add( SchemaConstants.UID_AT, principalEntry.getUserId() );
        outAttrs.add( KerberosAttribute.APACHE_SAM_TYPE_AT, "7" );
        outAttrs.add( SchemaConstants.SN_AT, principalEntry.getUserId() );
        outAttrs.add( SchemaConstants.CN_AT, principalEntry.getCommonName() );


        EncryptionKey encryptionKey = principalEntry.getKeyMap().get( EncryptionType.DES_CBC_MD5 );


        ByteBuffer buffer = ByteBuffer.allocate( encryptionKey.computeLength() );
        outAttrs.add( KerberosAttribute.KRB5_KEY_AT, encryptionKey.encode( buffer ).array() );


        int keyVersion = encryptionKey.getKeyVersion();


        outAttrs.add( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, principalEntry.getPrincipal().toString() );
        outAttrs.add( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT, Integer.toString( keyVersion ) );


        return outAttrs;

View Full Code Here

            {
                throw new IllegalStateException( I18n.err( I18n.ERR_626 ) );
            }


            byte[] encryptionKeyBytes = val.getBytes();
            EncryptionKey encryptionKey = KerberosDecoder.decodeEncryptionKey( encryptionKeyBytes );
            map.put( encryptionKey.getKeyType(), encryptionKey );
        }


        return map;
    }

View Full Code Here

        // Make changes to test.


        // Seal the ticket for the server.
        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
        EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
        Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );


        KdcReqBody modifier = new KdcReqBody();
        modifier.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
        modifier.setRealm( "EXAMPLE.COM" );

View Full Code Here

     * Initialize name instances
     */
    @BeforeClass
    public static void initNames() throws Exception
    {
        encryptionA = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, ENCRYPTION_VALUE_A );
        encryptionACopy = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, ENCRYPTION_VALUE_A );
        encryptionB = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, ENCRYPTION_VALUE_B );
        encryptionC = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, ENCRYPTION_VALUE_C );
        encryptionD = new EncryptionKey( EncryptionType.AES256_CTS_HMAC_SHA1_96, ENCRYPTION_VALUE_A );


    }

View Full Code Here




    @Test
    public void testEncodingFast() throws Exception
    {
        EncryptionKey ec = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, new byte[]
            { 0x01, 0x02, 0x03 } );


        ByteBuffer encoded = ByteBuffer.allocate( ec.computeLength() );


        ec.encode( encoded );


        byte[] expectedResult = new byte[]
            {
                0x30, 0x0c,
                ( byte ) 0xA0, 0x03,

View Full Code Here




    @Test
    public void testEncodingNoStructureFast() throws Exception
    {
        EncryptionKey ec = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, null );


        ByteBuffer encoded = ByteBuffer.allocate( ec.computeLength() );


        ec.encode( encoded );


        byte[] expectedResult = new byte[]
            {
                0x30, 0x09,
                ( byte ) 0xA0, 0x03,

View Full Code Here

     */


    @Test
    public void testEncodingSlow() throws Exception
    {
        EncryptionKey ec = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, new byte[]
            { 0x01, 0x02, 0x03 } );


        ByteBuffer buffer = ByteBuffer.allocate( ec.computeLength() );


        ec.encode( buffer );


        byte[] expectedResult = new byte[]
            {
                0x30, 0x0c,
                ( byte ) 0xA0, 0x03,

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.directory.shared.kerberos.components.EncryptionKey

org.apache.directory.kerberos.client.KdcConnection

org.apache.directory.kerberos.credentials.cache.CacheInputStream

org.apache.directory.server.changepw.protocol.ChangepwProtocolHandlerTest

org.apache.directory.server.changepw.service.ChangePasswordService

org.apache.directory.server.kerberos.changepwd.service.ChangePasswordService

org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService

org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService

org.apache.directory.server.kerberos.KeyDerivationServiceIT

org.apache.directory.server.kerberos.protocol.AbstractAuthenticationServiceTest

org.apache.directory.server.kerberos.protocol.AbstractTicketGrantingServiceTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.