예제 #1
0
  public void refresh() throws RefreshFailedException {

    checkState();

    if (!flags[RENEWABLE]) {
      throw new RefreshFailedException(Messages.getString("auth.44")); // $NON-NLS-1$
    }

    if (System.currentTimeMillis() > this.renewTill.getTime()) {
      throw new RefreshFailedException(Messages.getString("auth.45")); // $NON-NLS-1$
    }

    try {
      KrbClient.doTGS();
    } catch (KerberosException e) {
      throw new RefreshFailedException(e.getMessage());
    }
  }
 public ACTION checkLogin() throws LoginException {
   switch (phase) {
     case uninitialized:
       throw new LoginException(Messages.getString("auth.60"));
     case initialized:
       return ACTION.login;
     default:
       return ACTION.no_action;
   }
 }
예제 #3
0
  private void writeObject(ObjectOutputStream s) throws IOException {

    if (destroyed) {
      throw new IOException(Messages.getString("auth.48")); // $NON-NLS-1$
    }
    s.defaultWriteObject();

    byte[] enc = EncryptionKey.ASN1.encode(new EncryptionKey(keyType, keyBytes));
    s.writeObject(enc);
  }
  public AppConfigurationEntry(
      String loginModuleName,
      AppConfigurationEntry.LoginModuleControlFlag controlFlag,
      Map<String, ?> options) {

    if (loginModuleName == null || loginModuleName.length() == 0) {
      throw new IllegalArgumentException(Messages.getString("auth.26")); // $NON-NLS-1$
    }

    if (controlFlag == null) {
      throw new IllegalArgumentException(Messages.getString("auth.27")); // $NON-NLS-1$
    }

    if (options == null) {
      throw new IllegalArgumentException(Messages.getString("auth.1A")); // $NON-NLS-1$
    }

    this.loginModuleName = loginModuleName;
    this.controlFlag = controlFlag;
    this.options = Collections.unmodifiableMap(options);
  }
예제 #5
0
  @Override
  public String toString() {
    checkState();
    StringBuilder sb = new StringBuilder();
    sb.append("Ticket = ")
        .append(Array.toString(asn1Encoding, "(hex) ") + LF); // $NON-NLS-1$ //$NON-NLS-2$
    sb.append("Client Principal = ").append(client.getName() + LF); // $NON-NLS-1$
    sb.append("Server Principal = ").append(server.getName() + LF); // $NON-NLS-1$
    // TODO: append session key
    sb.append("Session Key = ").append(sessionKey.toString() + LF); // $NON-NLS-1$
    sb.append("Forwardable Ticket = ").append(flags[FORWARDABLE] + LF); // $NON-NLS-1$
    sb.append("Forwarded Ticket = ").append(flags[FORWARDED] + LF); // $NON-NLS-1$
    sb.append("Proxiable Ticket = ").append(flags[PROXIABLE] + LF); // $NON-NLS-1$
    sb.append("Proxy Ticket = ").append(flags[PROXY] + LF); // $NON-NLS-1$
    sb.append("Postdated Ticket = ").append(flags[POSTDATED] + LF); // $NON-NLS-1$
    sb.append("Renewable Ticket = ").append(flags[RENEWABLE] + LF); // $NON-NLS-1$
    sb.append("Initial Ticket = ").append(flags[INITIAL] + LF); // $NON-NLS-1$
    sb.append("Auth Time = ").append(this.authTime.toString() + LF); // $NON-NLS-1$
    sb.append("Start Time = ").append(this.startTime.toString() + LF); // $NON-NLS-1$
    sb.append("End Time = ").append(this.endTime.toString() + LF); // $NON-NLS-1$
    sb.append("Renew Till = ").append(this.renewTill.toString() + LF); // $NON-NLS-1$
    sb.append("Client Addresses "); // $NON-NLS-1$
    if (clientAddresses != null) {
      for (int i = 0; i < clientAddresses.length; i++) {
        if (clientAddresses[i] == null) {
          throw new NullPointerException(Messages.getString("auth.46")); // $NON-NLS-1$
        }
        sb.append("clientAddresses[" + i + "] = ")
            .append(
                clientAddresses[i].toString()
                    + LF
                    + "\t\t"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
      }
    } else {
      sb.append("null"); // $NON-NLS-1$
    }

    return sb.toString();
  }
예제 #6
0
 /** if a key is destroyed then IllegalStateException should be thrown */
 private void checkState() {
   if (destroyed) {
     throw new IllegalStateException(Messages.getString("auth.48")); // $NON-NLS-1$
   }
 }
예제 #7
0
  /**
   * creates a secret key from a given password
   *
   * @param principal
   * @param password
   * @param algorithm
   */
  public KeyImpl(KerberosPrincipal principal, char[] password, String algorithm) {

    //
    // See http://www.ietf.org/rfc/rfc3961.txt for algorithm description
    //

    if (principal == null || password == null) {
      throw new NullPointerException();
    }

    if (algorithm != null && "DES".compareTo(algorithm) != 0) { // $NON-NLS-1$
      throw new IllegalArgumentException(Messages.getString("auth.49")); // $NON-NLS-1$
    }

    keyType = 3; // DES algorithm
    keyBytes = new byte[8];

    String realm = principal.getRealm();
    String pname = principal.getName();

    StringBuilder buf = new StringBuilder();
    buf.append(password);
    buf.append(realm);
    buf.append(pname.substring(0, pname.length() - realm.length() - 1));

    byte[] tmp = org.apache.harmony.luni.util.Util.getUTF8Bytes(buf.toString());

    // pad with 0x00 to 8 byte boundary
    byte[] raw = new byte[tmp.length + ((tmp.length % 8) == 0 ? 0 : (8 - tmp.length % 8))];
    System.arraycopy(tmp, 0, raw, 0, tmp.length);

    long k1, k2 = 0;
    boolean isOdd = false;
    // for each 8-byte block in raw byte array
    for (int i = 0; i < raw.length; i = i + 8, isOdd = !isOdd) {

      k1 = 0;
      if (isOdd) {
        // reverse
        for (int j = 7; j > -1; j--) {
          k1 = (k1 << 7) + REVERSE[raw[i + j] & 0x7F];
        }
      } else {
        for (int j = 0; j < 8; j++) {
          k1 = (k1 << 7) + (raw[i + j] & 0x7F);
        }
      }
      k2 = k2 ^ k1;
    }

    // 56-bit long to byte array (8 bytes)
    for (int i = 7; i > -1; i--) {
      keyBytes[i] = (byte) k2;
      keyBytes[i] = (byte) (keyBytes[i] << 1);
      k2 = k2 >> 7;
    }
    keyCorrection(keyBytes);

    // calculate DES-CBC check sum
    try {
      Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding"); // $NON-NLS-1$

      // use tmp key as IV
      IvParameterSpec IV = new IvParameterSpec(keyBytes);

      // do DES encryption
      SecretKey secretKey = new SecretKeySpec(keyBytes, "DES"); // $NON-NLS-1$
      cipher.init(Cipher.ENCRYPT_MODE, secretKey, IV);
      byte[] enc = cipher.doFinal(raw);

      // final last block is check sum
      System.arraycopy(enc, enc.length - 8, keyBytes, 0, 8);

      keyCorrection(keyBytes);

    } catch (Exception e) {
      throw new RuntimeException(Messages.getString("auth.4A"), e); // $NON-NLS-1$
    }
  }
예제 #8
0
  public KerberosTicket(
      byte[] asn1Encoding,
      KerberosPrincipal client,
      KerberosPrincipal server,
      byte[] keyBytes,
      int keyType,
      boolean[] flags,
      Date authTime,
      Date startTime,
      Date endTime,
      Date renewTill,
      InetAddress[] clientAddresses) {

    if (asn1Encoding == null) {
      throw new IllegalArgumentException(Messages.getString("auth.3B")); // $NON-NLS-1$
    }
    if (client == null) {
      throw new IllegalArgumentException(Messages.getString("auth.3C")); // $NON-NLS-1$
    }

    if (server == null) {
      throw new IllegalArgumentException(Messages.getString("auth.3D")); // $NON-NLS-1$
    }

    if (keyBytes == null) {
      throw new IllegalArgumentException(Messages.getString("auth.3E")); // $NON-NLS-1$
    }

    if (authTime == null) {
      throw new IllegalArgumentException(Messages.getString("auth.3F")); // $NON-NLS-1$
    }

    if (endTime == null) {
      throw new IllegalArgumentException(Messages.getString("auth.40")); // $NON-NLS-1$
    }

    this.asn1Encoding = new byte[asn1Encoding.length];
    System.arraycopy(asn1Encoding, 0, this.asn1Encoding, 0, this.asn1Encoding.length);

    this.client = client;
    this.server = server;
    this.sessionKey = new KeyImpl(keyBytes, keyType);

    if (flags == null) {
      this.flags = new boolean[FLAGS_NUM];
    } else if (flags.length > FLAGS_NUM) {
      this.flags = new boolean[flags.length];
      System.arraycopy(flags, 0, this.flags, 0, this.flags.length);
    } else {
      this.flags = new boolean[FLAGS_NUM];
      System.arraycopy(flags, 0, this.flags, 0, flags.length);
    }

    if (this.flags[RENEWABLE] && renewTill == null) {
      throw new IllegalArgumentException(Messages.getString("auth.41")); // $NON-NLS-1$
    }

    this.renewTill = renewTill;

    if (startTime != null) {
      this.startTime = startTime;
    } else {
      this.startTime = authTime;
    }

    if (this.startTime.getTime() > endTime.getTime()) {
      // TODO: make correct description of the exception
      throw new IllegalArgumentException(Messages.getString("auth.42")); // $NON-NLS-1$
    }

    this.authTime = authTime;
    this.endTime = endTime;

    if (clientAddresses != null) {
      this.clientAddresses = new InetAddress[clientAddresses.length];
      System.arraycopy(clientAddresses, 0, this.clientAddresses, 0, this.clientAddresses.length);
    }
  }
 /**
  * Creates the object using a String representation of gid.
  *
  * @param gid string representation of gid
  * @param primary shows whether the group is primary throws NullPointerException if gid is null
  */
 public UnixNumericGroupPrincipal(String gid, boolean primary) {
   if (gid == null) {
     throw new NullPointerException(Messages.getString("auth.07")); // $NON-NLS-1$
   }
   this.gid = Long.parseLong(gid);
 }