Exemple #1
0
  public int entryLength() {
    int totalPrincipalLength = 0;
    String[] names = service.getNameStrings();
    for (int i = 0; i < names.length; i++) {
      try {
        totalPrincipalLength += principalSize + names[i].getBytes("8859_1").length;
      } catch (UnsupportedEncodingException exc) {
      }
    }

    int realmLen = 0;
    try {
      realmLen = realm.toString().getBytes("8859_1").length;
    } catch (UnsupportedEncodingException exc) {
    }

    int size =
        principalComponentSize
            + realmSize
            + realmLen
            + totalPrincipalLength
            + principalTypeSize
            + timestampSize
            + keyVersionSize
            + keyTypeSize
            + keySize
            + keyblock.length;

    if (DEBUG) {
      System.out.println(">>> KeyTabEntry: key tab entry size is " + size);
    }
    return size;
  }
Exemple #2
0
  // Can be null? has default?
  public KrbAsReq(
      EncryptionKey pakey, // ok
      KDCOptions options, // ok, new KDCOptions()
      PrincipalName cname, // NO and must have realm
      PrincipalName sname, // ok, krgtgt@CREALM
      KerberosTime from, // ok
      KerberosTime till, // ok, will use
      KerberosTime rtime, // ok
      int[] eTypes, // NO
      HostAddresses addresses // ok
      ) throws KrbException, IOException {

    if (options == null) {
      options = new KDCOptions();
    }

    // check if they are valid arguments. The optional fields should be
    // consistent with settings in KDCOptions. Mar 17 2000
    if (options.get(KDCOptions.FORWARDED)
        || options.get(KDCOptions.PROXY)
        || options.get(KDCOptions.ENC_TKT_IN_SKEY)
        || options.get(KDCOptions.RENEW)
        || options.get(KDCOptions.VALIDATE)) {
      // this option is only specified in a request to the
      // ticket-granting server
      throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
    }
    if (options.get(KDCOptions.POSTDATED)) {
      //  if (from == null)
      //          throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
    } else {
      if (from != null) from = null;
    }
    if (options.get(KDCOptions.RENEWABLE)) {
      //  if (rtime == null)
      //          throw new KrbException(Krb5.KRB_AP_ERR_REQ_OPTIONS);
    } else {
      if (rtime != null) rtime = null;
    }

    PAData[] paData = null;
    if (pakey != null) {
      PAEncTSEnc ts = new PAEncTSEnc();
      byte[] temp = ts.asn1Encode();
      EncryptedData encTs = new EncryptedData(pakey, temp, KeyUsage.KU_PA_ENC_TS);
      paData = new PAData[1];
      paData[0] = new PAData(Krb5.PA_ENC_TIMESTAMP, encTs.asn1Encode());
    }

    if (cname.getRealm() == null) {
      throw new RealmException(Krb5.REALM_NULL, "default realm not specified ");
    }

    if (DEBUG) {
      System.out.println(">>> KrbAsReq creating message");
    }

    // check to use addresses in tickets
    if (addresses == null && Config.getInstance().useAddresses()) {
      addresses = HostAddresses.getLocalAddresses();
    }

    if (sname == null) {
      String realm = cname.getRealmAsString();
      sname = PrincipalName.tgsService(realm, realm);
    }

    if (till == null) {
      till = new KerberosTime(0); // Choose KDC maximum allowed
    }

    // enc-authorization-data and additional-tickets never in AS-REQ
    KDCReqBody kdc_req_body =
        new KDCReqBody(
            options, cname, sname, from, till, rtime, Nonce.value(), eTypes, addresses, null, null);

    asReqMessg = new ASReq(paData, kdc_req_body);
  }