Exemplo n.º 1
0
 /*     */ private void createMessage(
     APOptions paramAPOptions,
     Ticket paramTicket,
     EncryptionKey paramEncryptionKey1,
     Realm paramRealm,
     PrincipalName paramPrincipalName,
     Checksum paramChecksum,
     KerberosTime paramKerberosTime,
     EncryptionKey paramEncryptionKey2,
     SeqNumber paramSeqNumber,
     AuthorizationData paramAuthorizationData,
     int paramInt)
     /*     */ throws Asn1Exception, IOException, KdcErrException, KrbCryptoException
       /*     */ {
   /* 471 */ Integer localInteger = null;
   /*     */
   /* 473 */ if (paramSeqNumber != null) {
     /* 474 */ localInteger = new Integer(paramSeqNumber.current());
     /*     */ }
   /* 476 */ this.authenticator =
       new Authenticator(
           paramRealm,
           paramPrincipalName,
           paramChecksum,
           paramKerberosTime.getMicroSeconds(),
           paramKerberosTime,
           paramEncryptionKey2,
           localInteger,
           paramAuthorizationData);
   /*     */
   /* 486 */ byte[] arrayOfByte = this.authenticator.asn1Encode();
   /*     */
   /* 488 */ EncryptedData localEncryptedData =
       new EncryptedData(paramEncryptionKey1, arrayOfByte, paramInt);
   /*     */
   /* 491 */ this.apReqMessg = new APReq(paramAPOptions, paramTicket, localEncryptedData);
   /*     */ }
Exemplo n.º 2
0
 /*     */ private void authenticate(
     EncryptionKey[] paramArrayOfEncryptionKey, InetAddress paramInetAddress)
     throws KrbException, IOException
       /*     */ {
   /* 268 */ int i = this.apReqMessg.ticket.encPart.getEType();
   /* 269 */ Integer localInteger = this.apReqMessg.ticket.encPart.getKeyVersionNumber();
   /* 270 */ EncryptionKey localEncryptionKey =
       EncryptionKey.findKey(i, localInteger, paramArrayOfEncryptionKey);
   /*     */
   /* 272 */ if (localEncryptionKey == null) {
     /* 273 */ throw new KrbException(
         400, "Cannot find key of appropriate type to decrypt AP REP - " + EType.toString(i));
     /*     */ }
   /*     */
   /* 278 */ byte[] arrayOfByte1 = this.apReqMessg.ticket.encPart.decrypt(localEncryptionKey, 2);
   /*     */
   /* 280 */ byte[] arrayOfByte2 = this.apReqMessg.ticket.encPart.reset(arrayOfByte1);
   /* 281 */ EncTicketPart localEncTicketPart = new EncTicketPart(arrayOfByte2);
   /*     */
   /* 283 */ checkPermittedEType(localEncTicketPart.key.getEType());
   /*     */
   /* 285 */ byte[] arrayOfByte3 =
       this.apReqMessg.authenticator.decrypt(localEncTicketPart.key, 11);
   /*     */
   /* 287 */ byte[] arrayOfByte4 = this.apReqMessg.authenticator.reset(arrayOfByte3);
   /* 288 */ this.authenticator = new Authenticator(arrayOfByte4);
   /* 289 */ this.ctime = this.authenticator.ctime;
   /* 290 */ this.cusec = this.authenticator.cusec;
   /* 291 */ this.authenticator.ctime.setMicroSeconds(this.authenticator.cusec);
   /* 292 */ this.authenticator.cname.setRealm(this.authenticator.crealm);
   /* 293 */ this.apReqMessg.ticket.sname.setRealm(this.apReqMessg.ticket.realm);
   /* 294 */ localEncTicketPart.cname.setRealm(localEncTicketPart.crealm);
   /*     */
   /* 296 */ if (!this.authenticator.cname.equals(localEncTicketPart.cname)) {
     /* 297 */ throw new KrbApErrException(36);
     /*     */ }
   /* 299 */ KerberosTime localKerberosTime = new KerberosTime(true);
   /* 300 */ if (!this.authenticator.ctime.inClockSkew(localKerberosTime)) {
     /* 301 */ throw new KrbApErrException(37);
     /*     */ }
   /*     */
   /* 304 */ AuthTime localAuthTime =
       new AuthTime(this.authenticator.ctime.getTime(), this.authenticator.cusec);
   /*     */
   /* 306 */ String str = this.authenticator.cname.toString();
   /* 307 */ if (table.get(localAuthTime, this.authenticator.cname.toString()) != null) {
     /* 308 */ throw new KrbApErrException(34);
     /*     */ }
   /* 310 */ table.put(str, localAuthTime, localKerberosTime.getTime());
   /*     */
   /* 313 */ if (paramInetAddress != null)
   /*     */ {
     /* 315 */ localObject = new HostAddress(paramInetAddress);
     /* 316 */ if ((localEncTicketPart.caddr != null)
         && (!localEncTicketPart.caddr.inList((HostAddress) localObject)))
     /*     */ {
       /* 318 */ if (DEBUG) {
         /* 319 */ System.out.println(
             ">>> KrbApReq: initiator is "
                 + ((HostAddress) localObject).getInetAddress()
                 + ", but caddr is "
                 + Arrays.toString(localEncTicketPart.caddr.getInetAddresses()));
         /*     */ }
       /*     */
       /* 325 */ throw new KrbApErrException(38);
       /*     */ }
     /*     */
     /*     */ }
   /*     */
   /* 335 */ Object localObject = new KerberosTime(true);
   /*     */
   /* 337 */ if (((localEncTicketPart.starttime != null)
           && (localEncTicketPart.starttime.greaterThanWRTClockSkew((KerberosTime) localObject)))
       || (localEncTicketPart.flags.get(7)))
   /*     */ {
     /* 340 */ throw new KrbApErrException(33);
     /*     */ }
   /*     */
   /* 344 */ if ((localEncTicketPart.endtime != null)
       && (((KerberosTime) localObject).greaterThanWRTClockSkew(localEncTicketPart.endtime)))
   /*     */ {
     /* 346 */ throw new KrbApErrException(32);
     /*     */ }
   /*     */
   /* 349 */ this.creds =
       new Credentials(
           this.apReqMessg.ticket,
           this.authenticator.cname,
           this.apReqMessg.ticket.sname,
           localEncTicketPart.key,
           localEncTicketPart.flags,
           localEncTicketPart.authtime,
           localEncTicketPart.starttime,
           localEncTicketPart.endtime,
           localEncTicketPart.renewTill,
           localEncTicketPart.caddr,
           localEncTicketPart.authorizationData);
   /*     */
   /* 361 */ if (DEBUG) /* 362 */ System.out.println(">>> KrbApReq: authenticate succeed.");
   /*     */ }