public static void initStatic() {
String temp = null;
Config cfg = null;
try {
cfg = Config.getInstance();
temp = cfg.get("libdefaults", "default_checksum");
if (temp != null) {
CKSUMTYPE_DEFAULT = Config.getType(temp);
} else {
/*
* If the default checksum is not
* specified in the configuration we
* set it to RSA_MD5. We follow the MIT and
* SEAM implementation.
*/
CKSUMTYPE_DEFAULT = CKSUMTYPE_RSA_MD5;
}
} catch (Exception exc) {
if (DEBUG) {
System.out.println(
"Exception in getting default checksum "
+ "value from the configuration "
+ "Setting default checksum to be RSA-MD5");
exc.printStackTrace();
}
CKSUMTYPE_DEFAULT = CKSUMTYPE_RSA_MD5;
}
try {
temp = cfg.get("libdefaults", "safe_checksum_type");
if (temp != null) {
SAFECKSUMTYPE_DEFAULT = Config.getType(temp);
} else {
SAFECKSUMTYPE_DEFAULT = CKSUMTYPE_RSA_MD5_DES;
}
} catch (Exception exc) {
if (DEBUG) {
System.out.println(
"Exception in getting safe default "
+ "checksum value "
+ "from the configuration Setting "
+ "safe default checksum to be RSA-MD5");
exc.printStackTrace();
}
SAFECKSUMTYPE_DEFAULT = CKSUMTYPE_RSA_MD5_DES;
}
}
// Can be null? has default?
public KrbAsReq(
EncryptionKey pakey, // ok
KDCOptions options, // ok, new KDCOptions()
PrincipalName cname, // NO and must have realm
PrincipalName sname, // ok, krgtgt@CREALM
KerberosTime from, // ok
KerberosTime till, // ok, will use
KerberosTime rtime, // ok
int[] eTypes, // NO
HostAddresses addresses // ok
) throws KrbException, IOException {
if (options == null) {
options = new KDCOptions();
}
// check if they are valid arguments. The optional fields should be
// consistent with settings in KDCOptions. Mar 17 2000
if (options.get(KDCOptions.FORWARDED)
|| options.get(KDCOptions.PROXY)
|| options.get(KDCOptions.ENC_TKT_IN_SKEY)
|| options.get(KDCOptions.RENEW)
|| options.get(KDCOptions.VALIDATE)) {
// this option is only specified in a request to the
// ticket-granting server
throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
}
if (options.get(KDCOptions.POSTDATED)) {
// if (from == null)
// throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (from != null) from = null;
}
if (options.get(KDCOptions.RENEWABLE)) {
// if (rtime == null)
// throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
} else {
if (rtime != null) rtime = null;
}
PAData[] paData = null;
if (pakey != null) {
PAEncTSEnc ts = new PAEncTSEnc();
byte[] temp = ts.asn1Encode();
EncryptedData encTs = new EncryptedData(pakey, temp, KeyUsage.KU_PA_ENC_TS);
paData = new PAData[1];
paData[0] = new PAData(Krb5.PA_ENC_TIMESTAMP, encTs.asn1Encode());
}
if (cname.getRealm() == null) {
throw new RealmException(Krb5.REALM_NULL, "default realm not specified ");
}
if (DEBUG) {
System.out.println(">>> KrbAsReq creating message");
}
// check to use addresses in tickets
if (addresses == null && Config.getInstance().useAddresses()) {
addresses = HostAddresses.getLocalAddresses();
}
if (sname == null) {
String realm = cname.getRealmAsString();
sname = PrincipalName.tgsService(realm, realm);
}
if (till == null) {
till = new KerberosTime(0); // Choose KDC maximum allowed
}
// enc-authorization-data and additional-tickets never in AS-REQ
KDCReqBody kdc_req_body =
new KDCReqBody(
options, cname, sname, from, till, rtime, Nonce.value(), eTypes, addresses, null, null);
asReqMessg = new ASReq(paData, kdc_req_body);
}