/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.server.kerberos.protocol;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.security.SecureRandom;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedDataEncoder;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.PaData;
import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType;
import org.apache.directory.server.kerberos.shared.messages.value.types.PrincipalNameType;
import org.apache.mina.core.future.WriteFuture;
import org.apache.mina.core.service.IoHandler;
import org.apache.mina.core.service.IoService;
import org.apache.mina.core.session.AbstractIoSession;
import org.apache.mina.core.session.DummySession;
import org.apache.mina.core.session.IoSessionConfig;
/**
* Abstract base class for Authentication Service (AS) tests, with utility methods
* for generating message components.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public abstract class AbstractAuthenticationServiceTest
{
protected CipherTextHandler lockBox;
protected static final SecureRandom random = new SecureRandom();
protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, String passPhrase )
throws Exception
{
KerberosTime timeStamp = new KerberosTime();
return getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp );
}
protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal,
String passPhrase, KerberosTime timeStamp ) throws Exception
{
PaData[] paData = new PaData[1];
EncryptedTimeStamp encryptedTimeStamp = new EncryptedTimeStamp( timeStamp, 0 );
EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );
EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.NUMBER1 );
byte[] encodedEncryptedData = EncryptedDataEncoder.encode( encryptedData );
PaData preAuth = new PaData();
preAuth.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
preAuth.setPaDataValue( encodedEncryptedData );
paData[0] = preAuth;
return paData;
}
protected PrincipalName getPrincipalName( String name )
{
PrincipalName principalName = new PrincipalName();
principalName.addName( name );
principalName.setNameType( PrincipalNameType.KRB_NT_PRINCIPAL );
return principalName;
}
/**
* Returns an encryption key derived from a principal name and passphrase.
*
* @param principal
* @param passPhrase
* @return The server's {@link EncryptionKey}.
*/
protected EncryptionKey getEncryptionKey( KerberosPrincipal principal, String passPhrase )
{
KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), "DES" );
byte[] keyBytes = kerberosKey.getEncoded();
EncryptionKey key = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes );
return key;
}
protected static class KrbDummySession extends DummySession
{
Object message;
public KrbDummySession()
{
super();
}
public KrbDummySession( IoService service )
{
try
{
((AbstractIoSession) this).setAttributeMap(service
.getSessionDataStructureFactory().getAttributeMap(this));
}
catch( Exception e )
{
}
}
public WriteFuture write( Object message )
{
this.message = message;
return null;
}
protected Object getMessage()
{
return message;
}
protected void updateTrafficMask()
{
// Do nothing.
}
public IoService getService()
{
return null;
}
public IoHandler getHandler()
{
return null;
}
public SocketAddress getRemoteAddress()
{
return new InetSocketAddress( 10088 );
}
public SocketAddress getLocalAddress()
{
return null;
}
public IoSessionConfig getConfig()
{
return null;
}
public int getScheduledWriteRequests()
{
return 0;
}
public SocketAddress getServiceAddress()
{
return null;
}
}
}