View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.directory.shared.kerberos.codec;
21  
22  
23  import java.nio.ByteBuffer;
24  import java.nio.InvalidMarkException;
25  
26  import org.apache.directory.api.asn1.DecoderException;
27  import org.apache.directory.api.asn1.ber.Asn1Decoder;
28  import org.apache.directory.api.asn1.ber.grammar.AbstractGrammar;
29  import org.apache.directory.api.asn1.ber.grammar.Grammar;
30  import org.apache.directory.api.asn1.ber.grammar.GrammarAction;
31  import org.apache.directory.api.asn1.ber.grammar.GrammarTransition;
32  import org.apache.directory.api.asn1.ber.tlv.TLV;
33  import org.apache.directory.shared.kerberos.KerberosConstants;
34  import org.apache.directory.shared.kerberos.codec.apRep.ApRepContainer;
35  import org.apache.directory.shared.kerberos.codec.apReq.ApReqContainer;
36  import org.apache.directory.shared.kerberos.codec.asRep.AsRepContainer;
37  import org.apache.directory.shared.kerberos.codec.asReq.AsReqContainer;
38  import org.apache.directory.shared.kerberos.codec.krbCred.KrbCredContainer;
39  import org.apache.directory.shared.kerberos.codec.krbError.KrbErrorContainer;
40  import org.apache.directory.shared.kerberos.codec.krbPriv.KrbPrivContainer;
41  import org.apache.directory.shared.kerberos.codec.krbSafe.KrbSafeContainer;
42  import org.apache.directory.shared.kerberos.codec.tgsRep.TgsRepContainer;
43  import org.apache.directory.shared.kerberos.codec.tgsReq.TgsReqContainer;
44  import org.apache.directory.shared.kerberos.messages.KerberosMessage;
45  import org.slf4j.Logger;
46  import org.slf4j.LoggerFactory;
47  
48  
49  /**
50   * This class implements the KerberosMessage message. All the actions are declared
51   * in this class. As it is a singleton, these declaration are only done once. If
52   * an action is to be added or modified, this is where the work is to be done !
53   *
54   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
55   */
56  public final class KerberosMessageGrammar extends AbstractGrammar<KerberosMessageContainer>
57  {
58      /** The logger */
59      static final Logger LOG = LoggerFactory.getLogger( KerberosMessageGrammar.class );
60  
61      /** A speedup for logger */
62      static final boolean IS_DEBUG = LOG.isDebugEnabled();
63  
64      /** The instance of grammar. KerberosMessageGrammar is a singleton */
65      private static Grammar<KerberosMessageContainer> instance = new KerberosMessageGrammar();
66  
67      private class DecodeKerberosMessage extends GrammarAction<KerberosMessageContainer>
68      {
69          public void action( KerberosMessageContainer kerberosMessageContainer ) throws DecoderException
70          {
71              ByteBuffer stream = kerberosMessageContainer.getStream();
72  
73              try
74              {
75                  stream.reset();
76              }
77              catch ( InvalidMarkException ime )
78              {
79                  stream.rewind();
80              }
81  
82              TLV tlv = kerberosMessageContainer.getCurrentTLV();
83              kerberosMessageContainer.setGrammarEndAllowed( true );
84  
85              // Now, depending on the T, call the inner decoder
86              switch ( tlv.getTag() )
87              {
88                  case KerberosConstants.AS_REQ_TAG:
89                      AsReqContainerodec/asReq/AsReqContainer.html#AsReqContainer">AsReqContainer asReqContainer = new AsReqContainer( stream );
90  
91                      // Decode the AS_REQ PDU
92                      Asn1Decoder.decode( stream, asReqContainer );
93  
94                      KerberosMessage asReq = asReqContainer.getAsReq();
95                      kerberosMessageContainer.setMessage( asReq );
96  
97                      break;
98  
99                  case KerberosConstants.AS_REP_TAG:
100                     AsRepContainerodec/asRep/AsRepContainer.html#AsRepContainer">AsRepContainer asRepContainer = new AsRepContainer( stream );
101 
102                     // Decode the AS-REP PDU
103                     Asn1Decoder.decode( stream, asRepContainer );
104 
105                     KerberosMessage asRep = asRepContainer.getAsRep();
106                     kerberosMessageContainer.setMessage( asRep );
107 
108                     break;
109 
110                 case KerberosConstants.TGS_REQ_TAG:
111                     TgsReqContainerec/tgsReq/TgsReqContainer.html#TgsReqContainer">TgsReqContainer tgsReqContainer = new TgsReqContainer( stream );
112 
113                     // Decode the TGS-REQ PDU
114                     Asn1Decoder.decode( stream, tgsReqContainer );
115 
116                     KerberosMessage tgsReq = tgsReqContainer.getTgsReq();
117                     kerberosMessageContainer.setMessage( tgsReq );
118 
119                     break;
120 
121                 case KerberosConstants.TGS_REP_TAG:
122                     TgsRepContainerec/tgsRep/TgsRepContainer.html#TgsRepContainer">TgsRepContainer tgsRepContainer = new TgsRepContainer( stream );
123 
124                     // Decode the TGS-REP PDU
125                     Asn1Decoder.decode( stream, tgsRepContainer );
126 
127                     KerberosMessage tgsRep = tgsRepContainer.getTgsRep();
128                     kerberosMessageContainer.setMessage( tgsRep );
129 
130                     break;
131 
132                 case KerberosConstants.AP_REQ_TAG:
133                     ApReqContainerodec/apReq/ApReqContainer.html#ApReqContainer">ApReqContainer apReqContainer = new ApReqContainer( stream );
134 
135                     // Decode the AP-REQ PDU
136                     Asn1Decoder.decode( stream, apReqContainer );
137 
138                     KerberosMessage apReq = apReqContainer.getApReq();
139                     kerberosMessageContainer.setMessage( apReq );
140                     break;
141 
142                 case KerberosConstants.AP_REP_TAG:
143                     ApRepContainerodec/apRep/ApRepContainer.html#ApRepContainer">ApRepContainer apRepContainer = new ApRepContainer( stream );
144 
145                     // Decode the AP-REP PDU
146                     Asn1Decoder.decode( stream, apRepContainer );
147 
148                     KerberosMessage apRep = apRepContainer.getApRep();
149                     kerberosMessageContainer.setMessage( apRep );
150                     break;
151 
152                 case KerberosConstants.KRB_SAFE_TAG:
153                     KrbSafeContainer/krbSafe/KrbSafeContainer.html#KrbSafeContainer">KrbSafeContainer krbSafeContainer = new KrbSafeContainer( stream );
154 
155                     // Decode the KRB-SAFE PDU
156                     Asn1Decoder.decode( stream, krbSafeContainer );
157 
158                     KerberosMessage krbSafe = krbSafeContainer.getKrbSafe();
159                     kerberosMessageContainer.setMessage( krbSafe );
160                     break;
161 
162                 case KerberosConstants.KRB_PRIV_TAG:
163                     KrbPrivContainer/krbPriv/KrbPrivContainer.html#KrbPrivContainer">KrbPrivContainer krbPrivContainer = new KrbPrivContainer( stream );
164 
165                     // Decode the KRB-PRIV PDU
166                     Asn1Decoder.decode( stream, krbPrivContainer );
167 
168                     KerberosMessage krbPriv = krbPrivContainer.getKrbPriv();
169                     kerberosMessageContainer.setMessage( krbPriv );
170                     break;
171 
172                 case KerberosConstants.KRB_CRED_TAG:
173                     KrbCredContainer/krbCred/KrbCredContainer.html#KrbCredContainer">KrbCredContainer krbCredContainer = new KrbCredContainer( stream );
174 
175                     // Decode the KRB-CRED PDU
176                     Asn1Decoder.decode( stream, krbCredContainer );
177 
178                     KerberosMessage krbCred = krbCredContainer.getKrbCred();
179                     kerberosMessageContainer.setMessage( krbCred );
180                     break;
181 
182                 case KerberosConstants.KRB_ERROR_TAG:
183                     KrbErrorContainerrbError/KrbErrorContainer.html#KrbErrorContainer">KrbErrorContainer krbErrorContainer = new KrbErrorContainer( stream );
184 
185                     // Decode the KRB-ERROR PDU
186                     Asn1Decoder.decode( stream, krbErrorContainer );
187 
188                     KerberosMessage krbError = krbErrorContainer.getKrbError();
189                     kerberosMessageContainer.setMessage( krbError );
190                     break;
191             }
192 
193             // We are done, get out
194             if ( IS_DEBUG )
195             {
196                 LOG.debug( "Decoded KerberosMessage {}", kerberosMessageContainer.getMessage() );
197             }
198         }
199     }
200 
201 
202     /**
203      * Creates a new KerberosMessageGrammar object.
204      */
205     @SuppressWarnings("unchecked")
206     private KerberosMessageGrammar()
207     {
208         setName( KerberosMessageGrammar.class.getName() );
209 
210         // Create the transitions table
211         super.transitions = new GrammarTransition[KerberosMessageStatesEnum.LAST_KERBEROS_MESSAGE_STATE.ordinal()][256];
212 
213         // ============================================================================================
214         // Ticket
215         // ============================================================================================
216         // --------------------------------------------------------------------------------------------
217         // Transition from START to Ticket
218         // --------------------------------------------------------------------------------------------
219         // This is the starting state :
220         // Ticket          ::= [APPLICATION 1] ...
221         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.AS_REQ_TAG] =
222             new GrammarTransition<KerberosMessageContainer>(
223                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.AS_REQ_STATE,
224                 KerberosConstants.AS_REQ_TAG,
225                 new DecodeKerberosMessage() );
226 
227         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.AS_REP_TAG] =
228             new GrammarTransition<KerberosMessageContainer>(
229                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.AS_REP_TAG_STATE,
230                 KerberosConstants.AS_REP_TAG,
231                 new DecodeKerberosMessage() );
232 
233         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.TGS_REQ_TAG] =
234             new GrammarTransition<KerberosMessageContainer>(
235                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.TGS_REQ_TAG_STATE,
236                 KerberosConstants.TGS_REQ_TAG,
237                 new DecodeKerberosMessage() );
238 
239         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.TGS_REP_TAG] =
240             new GrammarTransition<KerberosMessageContainer>(
241                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.TGS_REP_TAG_STATE,
242                 KerberosConstants.TGS_REP_TAG,
243                 new DecodeKerberosMessage() );
244 
245         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.AP_REQ_TAG] =
246             new GrammarTransition<KerberosMessageContainer>(
247                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.AP_REQ_TAG_STATE,
248                 KerberosConstants.AP_REQ_TAG,
249                 new DecodeKerberosMessage() );
250 
251         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.AP_REP_TAG] =
252             new GrammarTransition<KerberosMessageContainer>(
253                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.AP_REP_TAG_STATE,
254                 KerberosConstants.AP_REP_TAG,
255                 new DecodeKerberosMessage() );
256 
257         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.KRB_SAFE_TAG] =
258             new GrammarTransition<KerberosMessageContainer>(
259                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.KRB_SAFE_STATE,
260                 KerberosConstants.KRB_SAFE_TAG,
261                 new DecodeKerberosMessage() );
262 
263         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.KRB_PRIV_TAG] =
264             new GrammarTransition<KerberosMessageContainer>(
265                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.KRB_PRIV_STATE,
266                 KerberosConstants.KRB_PRIV_TAG,
267                 new DecodeKerberosMessage() );
268 
269         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.KRB_CRED_TAG] =
270             new GrammarTransition<KerberosMessageContainer>(
271                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.KRB_CRED_STATE,
272                 KerberosConstants.KRB_CRED_TAG,
273                 new DecodeKerberosMessage() );
274 
275         super.transitions[KerberosMessageStatesEnum.START_STATE.ordinal()][KerberosConstants.KRB_ERROR_TAG] =
276             new GrammarTransition<KerberosMessageContainer>(
277                 KerberosMessageStatesEnum.START_STATE, KerberosMessageStatesEnum.KRB_ERROR_STATE,
278                 KerberosConstants.KRB_ERROR_TAG,
279                 new DecodeKerberosMessage() );
280     }
281 
282 
283     /**
284      * Get the instance of this grammar
285      *
286      * @return An instance on the KerberosMessage Grammar
287      */
288     public static Grammar<KerberosMessageContainer> getInstance()
289     {
290         return instance;
291     }
292 }