1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.apache.directory.server.kerberos.shared.crypto.encryption;
22
23
24 import java.util.Collections;
25 import java.util.EnumMap;
26 import java.util.Map;
27 import java.util.Set;
28
29 import javax.security.auth.kerberos.KerberosKey;
30 import javax.security.auth.kerberos.KerberosPrincipal;
31
32 import org.apache.directory.shared.kerberos.KerberosUtils;
33 import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
34 import org.apache.directory.shared.kerberos.components.EncryptionKey;
35
36
37
38
39
40
41
42
43
44 public class KerberosKeyFactory
45 {
46
47 public static final Map<EncryptionType, String> DEFAULT_CIPHERS;
48
49 static
50 {
51 EnumMap<EncryptionType, String> map = new EnumMap<>( EncryptionType.class );
52
53 map.put( EncryptionType.DES_CBC_MD5, "DES" );
54 map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
55 map.put( EncryptionType.RC4_HMAC, "ArcFourHmac" );
56 map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES128" );
57 map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES256" );
58
59 DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
60 }
61
62
63
64
65
66
67
68
69
70
71 public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase )
72 {
73 return getKerberosKeys( principalName, passPhrase, DEFAULT_CIPHERS.keySet() );
74 }
75
76
77
78
79
80
81
82
83
84
85
86
87 public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase,
88 Set<EncryptionType> ciphers )
89 {
90 EnumMap<EncryptionType, EncryptionKey> kerberosKeys = new EnumMap<>( EncryptionType.class );
91
92 for ( EncryptionType encryptionType : ciphers )
93 {
94 try
95 {
96 kerberosKeys.put( encryptionType, string2Key( principalName, passPhrase, encryptionType ) );
97 }
98 catch ( IllegalArgumentException iae )
99 {
100
101
102
103 }
104 }
105
106 return kerberosKeys;
107 }
108
109
110 public static EncryptionKey string2Key( String principalName, String passPhrase, EncryptionType encryptionType )
111 {
112 KerberosPrincipal principal = new KerberosPrincipal( principalName );
113 KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(),
114 KerberosUtils.getAlgoNameFromEncType( encryptionType ) );
115
116 return new EncryptionKey( encryptionType, kerberosKey.getEncoded(), kerberosKey.getVersionNumber() );
117 }
118 }