1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 *
19 */
20 package org.apache.directory.shared.kerberos.codec.authenticator;
21
22
23 import org.apache.directory.api.asn1.actions.CheckNotNullLength;
24 import org.apache.directory.api.asn1.ber.grammar.AbstractGrammar;
25 import org.apache.directory.api.asn1.ber.grammar.Grammar;
26 import org.apache.directory.api.asn1.ber.grammar.GrammarTransition;
27 import org.apache.directory.api.asn1.ber.tlv.UniversalTag;
28 import org.apache.directory.shared.kerberos.KerberosConstants;
29 import org.apache.directory.shared.kerberos.codec.authenticator.actions.AuthenticatorInit;
30 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreAuthenticatorVno;
31 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreAuthorizationData;
32 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCName;
33 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCRealm;
34 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCTime;
35 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreChecksum;
36 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCusec;
37 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreSeqNumber;
38 import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreSubKey;
39 import org.slf4j.Logger;
40 import org.slf4j.LoggerFactory;
41
42
43 /**
44 * This class implements the Authenticator structure. All the actions are declared
45 * in this class. As it is a singleton, these declaration are only done once. If
46 * an action is to be added or modified, this is where the work is to be done !
47 *
48 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
49 */
50 public final class AuthenticatorGrammar extends AbstractGrammar<AuthenticatorContainer>
51 {
52 /** The logger */
53 static final Logger LOG = LoggerFactory.getLogger( AuthenticatorGrammar.class );
54
55 /** A speedup for logger */
56 static final boolean IS_DEBUG = LOG.isDebugEnabled();
57
58 /** The instance of grammar. AuthenticatorGrammar is a singleton */
59 private static Grammar<AuthenticatorContainer> instance = new AuthenticatorGrammar();
60
61
62 /**
63 * Creates a new AuthenticatorGrammar object.
64 */
65 @SuppressWarnings("unchecked")
66 private AuthenticatorGrammar()
67 {
68 setName( AuthenticatorGrammar.class.getName() );
69
70 // Create the transitions table
71 super.transitions = new GrammarTransition[AuthenticatorStatesEnum.LAST_AUTHENTICATOR_STATE.ordinal()][256];
72
73 // ============================================================================================
74 // Authenticator
75 // ============================================================================================
76 // --------------------------------------------------------------------------------------------
77 // Transition from START to Authenticator init
78 // --------------------------------------------------------------------------------------------
79 // Authenticator ::= [APPLICATION 2]
80 super.transitions[AuthenticatorStatesEnum.START_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_TAG] =
81 new GrammarTransition<AuthenticatorContainer>(
82 AuthenticatorStatesEnum.START_STATE,
83 AuthenticatorStatesEnum.AUTHENTICATOR_STATE,
84 KerberosConstants.AUTHENTICATOR_TAG,
85 new AuthenticatorInit() );
86
87 // --------------------------------------------------------------------------------------------
88 // Transition from Authenticator init to Authenticator SEQ
89 // --------------------------------------------------------------------------------------------
90 // Authenticator ::= [APPLICATION 2] SEQUENCE {
91 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_STATE.ordinal()][UniversalTag.SEQUENCE.getValue()] =
92 new GrammarTransition<AuthenticatorContainer>(
93 AuthenticatorStatesEnum.AUTHENTICATOR_STATE,
94 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE,
95 UniversalTag.SEQUENCE,
96 new CheckNotNullLength<AuthenticatorContainer>() );
97
98 // --------------------------------------------------------------------------------------------
99 // Transition from Authenticator SEQ to authenticator-vno tag
100 // --------------------------------------------------------------------------------------------
101 // Authenticator ::= [APPLICATION 2] SEQUENCE {
102 // authenticator-vno [0]
103 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG] =
104 new GrammarTransition<AuthenticatorContainer>(
105 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE,
106 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE,
107 KerberosConstants.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG,
108 new CheckNotNullLength<AuthenticatorContainer>() );
109
110 // --------------------------------------------------------------------------------------------
111 // Transition from authenticator-vno tag to authenticator-vno value
112 // --------------------------------------------------------------------------------------------
113 // Authenticator ::= [APPLICATION 2] SEQUENCE {
114 // authenticator-vno [0] INTEGER (5),
115 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE.ordinal()][UniversalTag.INTEGER
116 .getValue()] =
117 new GrammarTransition<AuthenticatorContainer>(
118 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE,
119 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE,
120 UniversalTag.INTEGER,
121 new StoreAuthenticatorVno() );
122
123 // --------------------------------------------------------------------------------------------
124 // Transition from authenticator-vno value to crealm tag
125 // --------------------------------------------------------------------------------------------
126 // Authenticator ::= [APPLICATION 2] SEQUENCE {
127 // ...
128 // crealm [1]
129 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CREALM_TAG] =
130 new GrammarTransition<AuthenticatorContainer>(
131 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE,
132 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE,
133 KerberosConstants.AUTHENTICATOR_CREALM_TAG,
134 new CheckNotNullLength<AuthenticatorContainer>() );
135
136 // --------------------------------------------------------------------------------------------
137 // Transition from crealm tag to crealm value
138 // --------------------------------------------------------------------------------------------
139 // Authenticator ::= [APPLICATION 2] SEQUENCE {
140 // ...
141 // crealm [1] Realm,
142 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE.ordinal()][UniversalTag.GENERAL_STRING
143 .getValue()] =
144 new GrammarTransition<AuthenticatorContainer>(
145 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE,
146 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE,
147 UniversalTag.GENERAL_STRING,
148 new StoreCRealm() );
149
150 // --------------------------------------------------------------------------------------------
151 // Transition from crealm value cname
152 // --------------------------------------------------------------------------------------------
153 // Authenticator ::= [APPLICATION 2] SEQUENCE {
154 // ...
155 // cname [2] PrincipalName,
156 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CNAME_TAG] =
157 new GrammarTransition<AuthenticatorContainer>(
158 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE,
159 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE,
160 KerberosConstants.AUTHENTICATOR_CNAME_TAG,
161 new StoreCName() );
162
163 // --------------------------------------------------------------------------------------------
164 // Transition from cname to cksum
165 // --------------------------------------------------------------------------------------------
166 // Authenticator ::= [APPLICATION 2] SEQUENCE {
167 // ...
168 // cksum [3] Checksum OPTIONAL,
169 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CKSUM_TAG] =
170 new GrammarTransition<AuthenticatorContainer>(
171 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE,
172 AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE,
173 KerberosConstants.AUTHENTICATOR_CKSUM_TAG,
174 new StoreChecksum() );
175
176 // --------------------------------------------------------------------------------------------
177 // Transition from cname to cusec tag
178 // --------------------------------------------------------------------------------------------
179 // Authenticator ::= [APPLICATION 2] SEQUENCE {
180 // ...
181 // cusec [4]
182 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CUSEC_TAG] =
183 new GrammarTransition<AuthenticatorContainer>(
184 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE,
185 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE,
186 KerberosConstants.AUTHENTICATOR_CUSEC_TAG,
187 new CheckNotNullLength<AuthenticatorContainer>() );
188
189 // --------------------------------------------------------------------------------------------
190 // Transition from cksum to cusec tag
191 // --------------------------------------------------------------------------------------------
192 // Authenticator ::= [APPLICATION 2] SEQUENCE {
193 // ...
194 // cusec [4]
195 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CUSEC_TAG] =
196 new GrammarTransition<AuthenticatorContainer>(
197 AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE,
198 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE,
199 KerberosConstants.AUTHENTICATOR_CUSEC_TAG,
200 new CheckNotNullLength<AuthenticatorContainer>() );
201
202 // --------------------------------------------------------------------------------------------
203 // Transition from cusec tag to cusec value
204 // --------------------------------------------------------------------------------------------
205 // Authenticator ::= [APPLICATION 2] SEQUENCE {
206 // ...
207 // cusec [4] Microseconds,
208 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE.ordinal()][UniversalTag.INTEGER
209 .getValue()] =
210 new GrammarTransition<AuthenticatorContainer>(
211 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE,
212 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE,
213 UniversalTag.INTEGER,
214 new StoreCusec() );
215
216 // --------------------------------------------------------------------------------------------
217 // Transition from cusec value to ctime tag
218 // --------------------------------------------------------------------------------------------
219 // Authenticator ::= [APPLICATION 2] SEQUENCE {
220 // ...
221 // ctime [5]
222 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CTIME_TAG] =
223 new GrammarTransition<AuthenticatorContainer>(
224 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE,
225 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE,
226 KerberosConstants.AUTHENTICATOR_CTIME_TAG,
227 new CheckNotNullLength<AuthenticatorContainer>() );
228
229 // --------------------------------------------------------------------------------------------
230 // Transition from ctime tag to ctime value
231 // --------------------------------------------------------------------------------------------
232 // Authenticator ::= [APPLICATION 2] SEQUENCE {
233 // ...
234 // ctime [5] KerberosTime,
235 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE.ordinal()][UniversalTag.GENERALIZED_TIME
236 .getValue()] =
237 new GrammarTransition<AuthenticatorContainer>(
238 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE,
239 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE,
240 UniversalTag.GENERALIZED_TIME,
241 new StoreCTime() );
242
243 // --------------------------------------------------------------------------------------------
244 // Transition from ctime value to subkey
245 // --------------------------------------------------------------------------------------------
246 // Authenticator ::= [APPLICATION 2] SEQUENCE {
247 // ...
248 // subkey [6] EncryptionKe> OPTIONAL,
249 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SUBKEY_TAG] =
250 new GrammarTransition<AuthenticatorContainer>(
251 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE,
252 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE,
253 KerberosConstants.AUTHENTICATOR_SUBKEY_TAG,
254 new StoreSubKey() );
255
256 // --------------------------------------------------------------------------------------------
257 // Transition from ctime value to seq-number
258 // --------------------------------------------------------------------------------------------
259 // Authenticator ::= [APPLICATION 2] SEQUENCE {
260 // ...
261 // seq-number [7] UInt32 OPTIONAL,
262 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG] =
263 new GrammarTransition<AuthenticatorContainer>(
264 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE,
265 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE,
266 KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG,
267 new CheckNotNullLength<AuthenticatorContainer>() );
268
269 // --------------------------------------------------------------------------------------------
270 // Transition from ctime value to authorization-data
271 // --------------------------------------------------------------------------------------------
272 // Authenticator ::= [APPLICATION 2] SEQUENCE {
273 // ...
274 // authorization-data [8] AuthorizationData OPTIONAL
275 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] =
276 new GrammarTransition<AuthenticatorContainer>(
277 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE,
278 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE,
279 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG,
280 new StoreAuthorizationData() );
281
282 // --------------------------------------------------------------------------------------------
283 // Transition from subkey to seq-number
284 // --------------------------------------------------------------------------------------------
285 // Authenticator ::= [APPLICATION 2] SEQUENCE {
286 // ...
287 // seq-number [7] UInt32 OPTIONAL,
288 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG] =
289 new GrammarTransition<AuthenticatorContainer>(
290 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE,
291 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE,
292 KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG,
293 new CheckNotNullLength<AuthenticatorContainer>() );
294
295 // --------------------------------------------------------------------------------------------
296 // Transition from subkey to authorization-data
297 // --------------------------------------------------------------------------------------------
298 // Authenticator ::= [APPLICATION 2] SEQUENCE {
299 // ...
300 // authorization-data [8] AuthorizationData OPTIONAL
301 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] =
302 new GrammarTransition<AuthenticatorContainer>(
303 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE,
304 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE,
305 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG,
306 new StoreAuthorizationData() );
307
308 // --------------------------------------------------------------------------------------------
309 // Transition from seq-number tag to seq-number value
310 // --------------------------------------------------------------------------------------------
311 // Authenticator ::= [APPLICATION 2] SEQUENCE {
312 // ...
313 // authorization-data [8] AuthorizationData OPTIONAL
314 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE.ordinal()][UniversalTag.INTEGER
315 .getValue()] =
316 new GrammarTransition<AuthenticatorContainer>(
317 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE,
318 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE,
319 UniversalTag.INTEGER,
320 new StoreSeqNumber() );
321
322 // --------------------------------------------------------------------------------------------
323 // Transition from seq-number value to authorization-data
324 // --------------------------------------------------------------------------------------------
325 // Authenticator ::= [APPLICATION 2] SEQUENCE {
326 // ...
327 // authorization-data [8] AuthorizationData OPTIONAL
328 // }
329 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] =
330 new GrammarTransition<AuthenticatorContainer>(
331 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE,
332 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE,
333 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG,
334 new StoreAuthorizationData() );
335 }
336
337
338 /**
339 * Get the instance of this grammar
340 *
341 * @return An instance on the Authenticator Grammar
342 */
343 public static Grammar<AuthenticatorContainer> getInstance()
344 {
345 return instance;
346 }
347 }