Esempio n. 1
0
 /*     */ private static void checkPermittedEType(int paramInt) /*     */ throws KrbException
       /*     */ {
   /* 497 */ int[] arrayOfInt = EType.getDefaults("permitted_enctypes");
   /* 498 */ if (arrayOfInt == null) {
     /* 499 */ throw new KrbException(
         "No supported encryption types listed in permitted_enctypes");
     /*     */ }
   /*     */
   /* 502 */ if (!EType.isSupported(paramInt, arrayOfInt))
     /* 503 */ throw new KrbException(
         EType.toString(paramInt) + " encryption type not in permitted_enctypes list");
   /*     */ }
Esempio n. 2
0
 /*     */ public boolean findServiceEntry(PrincipalName paramPrincipalName) /*     */ {
   /* 349 */ for (int i = 0; i < this.entries.size(); i++) {
     /* 350 */ KeyTabEntry localKeyTabEntry = (KeyTabEntry) this.entries.elementAt(i);
     /* 351 */ if (localKeyTabEntry.service.match(paramPrincipalName)) {
       /* 352 */ if (EType.isSupported(localKeyTabEntry.keyType)) /* 353 */ return true;
       /* 354 */ if (DEBUG) {
         /* 355 */ System.out.println(
             "Found unsupported keytype ("
                 + localKeyTabEntry.keyType
                 + ") for "
                 + paramPrincipalName);
         /*     */ }
       /*     */ }
     /*     */ }
   /*     */
   /* 360 */ return false;
   /*     */ }
Esempio n. 3
0
 /*     */ private void authenticate(
     EncryptionKey[] paramArrayOfEncryptionKey, InetAddress paramInetAddress)
     throws KrbException, IOException
       /*     */ {
   /* 268 */ int i = this.apReqMessg.ticket.encPart.getEType();
   /* 269 */ Integer localInteger = this.apReqMessg.ticket.encPart.getKeyVersionNumber();
   /* 270 */ EncryptionKey localEncryptionKey =
       EncryptionKey.findKey(i, localInteger, paramArrayOfEncryptionKey);
   /*     */
   /* 272 */ if (localEncryptionKey == null) {
     /* 273 */ throw new KrbException(
         400, "Cannot find key of appropriate type to decrypt AP REP - " + EType.toString(i));
     /*     */ }
   /*     */
   /* 278 */ byte[] arrayOfByte1 = this.apReqMessg.ticket.encPart.decrypt(localEncryptionKey, 2);
   /*     */
   /* 280 */ byte[] arrayOfByte2 = this.apReqMessg.ticket.encPart.reset(arrayOfByte1);
   /* 281 */ EncTicketPart localEncTicketPart = new EncTicketPart(arrayOfByte2);
   /*     */
   /* 283 */ checkPermittedEType(localEncTicketPart.key.getEType());
   /*     */
   /* 285 */ byte[] arrayOfByte3 =
       this.apReqMessg.authenticator.decrypt(localEncTicketPart.key, 11);
   /*     */
   /* 287 */ byte[] arrayOfByte4 = this.apReqMessg.authenticator.reset(arrayOfByte3);
   /* 288 */ this.authenticator = new Authenticator(arrayOfByte4);
   /* 289 */ this.ctime = this.authenticator.ctime;
   /* 290 */ this.cusec = this.authenticator.cusec;
   /* 291 */ this.authenticator.ctime.setMicroSeconds(this.authenticator.cusec);
   /* 292 */ this.authenticator.cname.setRealm(this.authenticator.crealm);
   /* 293 */ this.apReqMessg.ticket.sname.setRealm(this.apReqMessg.ticket.realm);
   /* 294 */ localEncTicketPart.cname.setRealm(localEncTicketPart.crealm);
   /*     */
   /* 296 */ if (!this.authenticator.cname.equals(localEncTicketPart.cname)) {
     /* 297 */ throw new KrbApErrException(36);
     /*     */ }
   /* 299 */ KerberosTime localKerberosTime = new KerberosTime(true);
   /* 300 */ if (!this.authenticator.ctime.inClockSkew(localKerberosTime)) {
     /* 301 */ throw new KrbApErrException(37);
     /*     */ }
   /*     */
   /* 304 */ AuthTime localAuthTime =
       new AuthTime(this.authenticator.ctime.getTime(), this.authenticator.cusec);
   /*     */
   /* 306 */ String str = this.authenticator.cname.toString();
   /* 307 */ if (table.get(localAuthTime, this.authenticator.cname.toString()) != null) {
     /* 308 */ throw new KrbApErrException(34);
     /*     */ }
   /* 310 */ table.put(str, localAuthTime, localKerberosTime.getTime());
   /*     */
   /* 313 */ if (paramInetAddress != null)
   /*     */ {
     /* 315 */ localObject = new HostAddress(paramInetAddress);
     /* 316 */ if ((localEncTicketPart.caddr != null)
         && (!localEncTicketPart.caddr.inList((HostAddress) localObject)))
     /*     */ {
       /* 318 */ if (DEBUG) {
         /* 319 */ System.out.println(
             ">>> KrbApReq: initiator is "
                 + ((HostAddress) localObject).getInetAddress()
                 + ", but caddr is "
                 + Arrays.toString(localEncTicketPart.caddr.getInetAddresses()));
         /*     */ }
       /*     */
       /* 325 */ throw new KrbApErrException(38);
       /*     */ }
     /*     */
     /*     */ }
   /*     */
   /* 335 */ Object localObject = new KerberosTime(true);
   /*     */
   /* 337 */ if (((localEncTicketPart.starttime != null)
           && (localEncTicketPart.starttime.greaterThanWRTClockSkew((KerberosTime) localObject)))
       || (localEncTicketPart.flags.get(7)))
   /*     */ {
     /* 340 */ throw new KrbApErrException(33);
     /*     */ }
   /*     */
   /* 344 */ if ((localEncTicketPart.endtime != null)
       && (((KerberosTime) localObject).greaterThanWRTClockSkew(localEncTicketPart.endtime)))
   /*     */ {
     /* 346 */ throw new KrbApErrException(32);
     /*     */ }
   /*     */
   /* 349 */ this.creds =
       new Credentials(
           this.apReqMessg.ticket,
           this.authenticator.cname,
           this.apReqMessg.ticket.sname,
           localEncTicketPart.key,
           localEncTicketPart.flags,
           localEncTicketPart.authtime,
           localEncTicketPart.starttime,
           localEncTicketPart.endtime,
           localEncTicketPart.renewTill,
           localEncTicketPart.caddr,
           localEncTicketPart.authorizationData);
   /*     */
   /* 361 */ if (DEBUG) /* 362 */ System.out.println(">>> KrbApReq: authenticate succeed.");
   /*     */ }
Esempio n. 4
0
 /*     */ public EncryptionKey[] readServiceKeys(PrincipalName paramPrincipalName) /*     */ {
   /* 278 */ int i = this.entries.size();
   /* 279 */ ArrayList localArrayList = new ArrayList(i);
   /* 280 */ for (int j = i - 1; j >= 0; j--) {
     /* 281 */ KeyTabEntry localKeyTabEntry = (KeyTabEntry) this.entries.elementAt(j);
     /* 282 */ if (localKeyTabEntry.service.match(paramPrincipalName)) {
       /* 283 */ if (EType.isSupported(localKeyTabEntry.keyType)) {
         /* 284 */ EncryptionKey localEncryptionKey =
             new EncryptionKey(
                 localKeyTabEntry.keyblock,
                 localKeyTabEntry.keyType,
                 new Integer(localKeyTabEntry.keyVersion));
         /*     */
         /* 287 */ localArrayList.add(localEncryptionKey);
         /* 288 */ if (DEBUG) {
           /* 289 */ System.out.println(
               "Added key: "
                   + localKeyTabEntry.keyType
                   + "version: "
                   + localKeyTabEntry.keyVersion);
           /*     */ }
         /*     */ }
       /* 292 */ else if (DEBUG) {
         /* 293 */ System.out.println(
             "Found unsupported keytype ("
                 + localKeyTabEntry.keyType
                 + ") for "
                 + paramPrincipalName);
         /*     */ }
       /*     */ }
     /*     */ }
   /*     */
   /* 298 */ i = localArrayList.size();
   /* 299 */ EncryptionKey[] arrayOfEncryptionKey =
       (EncryptionKey[]) localArrayList.toArray(new EncryptionKey[i]);
   /*     */
   /* 302 */ if (DEBUG) {
     /* 303 */ System.out.println("Ordering keys wrt default_tkt_enctypes list");
     /*     */ }
   /*     *//* 306 */ final int[] arrayOfInt = EType.getDefaults("default_tkt_enctypes");
   /*     */
   /* 311 */ Arrays.sort(
       arrayOfEncryptionKey,
       new Comparator()
       /*     */ {
         /*     */ public int compare(
             EncryptionKey paramAnonymousEncryptionKey1,
             EncryptionKey paramAnonymousEncryptionKey2) {
           /* 314 */ if (arrayOfInt != null) {
             /* 315 */ int i = paramAnonymousEncryptionKey1.getEType();
             /* 316 */ int j = paramAnonymousEncryptionKey2.getEType();
             /* 317 */ if (i != j) {
               /* 318 */ for (int k = 0; k < arrayOfInt.length; k++) {
                 /* 319 */ if (arrayOfInt[k] == i) /* 320 */ return -1;
                 /* 321 */ if (arrayOfInt[k] == j) {
                   /* 322 */ return 1;
                   /*     */ }
                 /*     */ }
               /*     */
               /*     */ }
             /*     */
             /*     */ }
           /*     */
           /* 330 */ return paramAnonymousEncryptionKey2.getKeyVersionNumber().intValue()
               - paramAnonymousEncryptionKey1.getKeyVersionNumber().intValue();
           /*     */ }
         /*     */ });
   /* 335 */ return arrayOfEncryptionKey;
   /*     */ }