1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.shared.kerberos.components;
21
22
23 import java.nio.BufferOverflowException;
24 import java.nio.ByteBuffer;
25
26 import org.apache.directory.api.asn1.Asn1Object;
27 import org.apache.directory.api.asn1.EncoderException;
28 import org.apache.directory.api.asn1.ber.tlv.BerValue;
29 import org.apache.directory.api.asn1.ber.tlv.TLV;
30 import org.apache.directory.api.asn1.ber.tlv.UniversalTag;
31 import org.apache.directory.api.util.Strings;
32 import org.apache.directory.server.i18n.I18n;
33 import org.apache.directory.shared.kerberos.KerberosConstants;
34 import org.apache.directory.shared.kerberos.KerberosTime;
35 import org.apache.directory.shared.kerberos.flags.TicketFlags;
36 import org.slf4j.Logger;
37 import org.slf4j.LoggerFactory;
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63 public class EncKdcRepPart implements Asn1Object
64 {
65
66 private static final Logger log = LoggerFactory.getLogger( EncKdcRepPart.class );
67
68
69 private static final boolean IS_DEBUG = log.isDebugEnabled();
70
71
72 private EncryptionKey key;
73
74
75 private LastReq lastReq;
76
77
78 private int nonce;
79
80
81 private KerberosTime keyExpiration;
82
83
84 private TicketFlagsd/kerberos/flags/TicketFlags.html#TicketFlags">TicketFlags flags = new TicketFlags();
85
86
87 private KerberosTime authTime;
88
89
90 private KerberosTime startTime;
91
92
93 private KerberosTime endTime;
94
95
96 private KerberosTime renewTill;
97
98
99 private String srealm;
100
101
102 private PrincipalName sname;
103
104
105 private HostAddresses caddr;
106
107
108 private int keyLength;
109 private int lastReqLength;
110 private int nonceLength;
111 private int flagsLength;
112 private byte[] srealmBytes;
113 private int srealmLength;
114 private int snameLength;
115 private int caddrLength;
116 private int encKdcRepPartSeqLength;
117
118
119
120
121
122 public EncKdcRepPart()
123 {
124 }
125
126
127
128
129
130
131
132 public KerberosTime getAuthTime()
133 {
134 return authTime;
135 }
136
137
138
139
140
141
142
143 public void setAuthTime( KerberosTime time )
144 {
145 authTime = time;
146 }
147
148
149
150
151
152
153
154 public HostAddresses getClientAddresses()
155 {
156 return caddr;
157 }
158
159
160
161
162
163
164
165 public void setClientAddresses( HostAddresses caddr )
166 {
167 this.caddr = caddr;
168 }
169
170
171
172
173
174
175
176 public KerberosTime getEndTime()
177 {
178 return endTime;
179 }
180
181
182
183
184
185
186
187 public void setEndTime( KerberosTime time )
188 {
189 endTime = time;
190 }
191
192
193
194
195
196
197
198 public TicketFlags getFlags()
199 {
200 return flags;
201 }
202
203
204
205
206
207
208
209 public void setFlags( TicketFlags flags )
210 {
211 this.flags = flags;
212 }
213
214
215
216
217
218
219
220 public EncryptionKey getKey()
221 {
222 return key;
223 }
224
225
226
227
228
229
230
231 public void setKey( EncryptionKey key )
232 {
233 this.key = key;
234 }
235
236
237
238
239
240
241
242 public KerberosTime getKeyExpiration()
243 {
244 return keyExpiration;
245 }
246
247
248
249
250
251
252
253 public void setKeyExpiration( KerberosTime expiration )
254 {
255 keyExpiration = expiration;
256 }
257
258
259
260
261
262
263
264 public LastReq getLastReq()
265 {
266 return lastReq;
267 }
268
269
270
271
272
273
274
275 public void setLastReq( LastReq lastReq )
276 {
277 this.lastReq = lastReq;
278 }
279
280
281
282
283
284
285
286 public int getNonce()
287 {
288 return nonce;
289 }
290
291
292
293
294
295
296
297 public void setNonce( int nonce )
298 {
299 this.nonce = nonce;
300 }
301
302
303
304
305
306
307
308 public KerberosTime getRenewTill()
309 {
310 return renewTill;
311 }
312
313
314
315
316
317
318
319 public void setRenewTill( KerberosTime till )
320 {
321 renewTill = till;
322 }
323
324
325
326
327
328
329
330 public PrincipalName getSName()
331 {
332 return sname;
333 }
334
335
336
337
338
339
340
341 public void setSName( PrincipalName sname )
342 {
343 this.sname = sname;
344 }
345
346
347
348
349
350
351
352 public String getSRealm()
353 {
354 return srealm;
355 }
356
357
358
359
360
361
362
363 public void setSRealm( String srealm )
364 {
365 this.srealm = srealm;
366 }
367
368
369
370
371
372
373
374 public KerberosTime getStartTime()
375 {
376 return startTime;
377 }
378
379
380
381
382
383
384
385 public void setStartTime( KerberosTime time )
386 {
387 startTime = time;
388 }
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447 public int computeLength()
448 {
449
450 keyLength = key.computeLength();
451 encKdcRepPartSeqLength = 1 + TLV.getNbBytes( keyLength ) + keyLength;
452
453
454 lastReqLength = lastReq.computeLength();
455 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( lastReqLength ) + lastReqLength;
456
457
458 nonceLength = BerValue.getNbBytes( nonce );
459 nonceLength = 1 + TLV.getNbBytes( nonceLength ) + nonceLength;
460 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( nonceLength ) + nonceLength;
461
462
463 if ( keyExpiration != null )
464 {
465 encKdcRepPartSeqLength += 1 + 1 + 0x11;
466 }
467
468
469 flagsLength = 1 + 1 + 5;
470 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( flagsLength ) + flagsLength;
471
472
473 encKdcRepPartSeqLength += 1 + 1 + 0x11;
474
475
476 if ( startTime != null )
477 {
478 encKdcRepPartSeqLength += 1 + 1 + 0x11;
479 }
480
481
482 encKdcRepPartSeqLength += 1 + 1 + 0x11;
483
484
485 if ( renewTill != null )
486 {
487 encKdcRepPartSeqLength += 1 + 1 + 0x11;
488 }
489
490
491 srealmBytes = Strings.getBytesUtf8( srealm );
492 srealmLength = 1 + TLV.getNbBytes( srealmBytes.length ) + srealmBytes.length;
493 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( srealmLength ) + srealmLength;
494
495
496 snameLength = sname.computeLength();
497 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( snameLength ) + snameLength;
498
499
500 if ( caddr != null )
501 {
502 caddrLength = caddr.computeLength();
503 encKdcRepPartSeqLength += 1 + TLV.getNbBytes( caddrLength ) + caddrLength;
504 }
505
506 return 1 + TLV.getNbBytes( encKdcRepPartSeqLength ) + encKdcRepPartSeqLength;
507 }
508
509
510
511
512
513
514
515
516
517 public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
518 {
519 if ( buffer == null )
520 {
521 throw new EncoderException( I18n.err( I18n.ERR_148 ) );
522 }
523
524 try
525 {
526
527 buffer.put( UniversalTag.SEQUENCE.getValue() );
528 buffer.put( TLV.getBytes( encKdcRepPartSeqLength ) );
529
530
531 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_KEY_TAG );
532 buffer.put( TLV.getBytes( keyLength ) );
533 key.encode( buffer );
534
535
536 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_LAST_REQ_TAG );
537 buffer.put( TLV.getBytes( lastReqLength ) );
538 lastReq.encode( buffer );
539
540
541 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_NONCE_TAG );
542 buffer.put( TLV.getBytes( nonceLength ) );
543 BerValue.encode( buffer, nonce );
544
545
546 if ( keyExpiration != null )
547 {
548 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_KEY_EXPIRATION_TAG );
549 buffer.put( TLV.getBytes( 0x11 ) );
550
551 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
552 buffer.put( ( byte ) 0x0F );
553 buffer.put( keyExpiration.getBytes() );
554 }
555
556
557 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_FLAGS_TAG );
558 buffer.put( TLV.getBytes( 0x07 ) );
559 BerValue.encode( buffer, flags );
560
561
562 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_AUTH_TIME_TAG );
563 buffer.put( TLV.getBytes( 0x11 ) );
564 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
565 buffer.put( ( byte ) 0x0F );
566 buffer.put( authTime.getBytes() );
567
568
569 if ( startTime != null )
570 {
571 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_START_TIME_TAG );
572 buffer.put( TLV.getBytes( 0x11 ) );
573 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
574 buffer.put( ( byte ) 0x0F );
575 buffer.put( startTime.getBytes() );
576 }
577
578
579 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_END_TIME_TAG );
580 buffer.put( TLV.getBytes( 0x11 ) );
581 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
582 buffer.put( ( byte ) 0x0F );
583 buffer.put( endTime.getBytes() );
584
585
586 if ( renewTill != null )
587 {
588 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_RENEW_TILL_TAG );
589 buffer.put( TLV.getBytes( 0x11 ) );
590 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
591 buffer.put( ( byte ) 0x0F );
592 buffer.put( renewTill.getBytes() );
593 }
594
595
596 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_SREALM_TAG );
597 buffer.put( TLV.getBytes( srealmLength ) );
598 buffer.put( UniversalTag.GENERAL_STRING.getValue() );
599 buffer.put( TLV.getBytes( srealmBytes.length ) );
600 buffer.put( srealmBytes );
601
602
603 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_SNAME_TAG );
604 buffer.put( TLV.getBytes( snameLength ) );
605 sname.encode( buffer );
606
607
608 if ( caddr != null )
609 {
610 buffer.put( ( byte ) KerberosConstants.ENC_KDC_REP_PART_CADDR_TAG );
611 buffer.put( TLV.getBytes( caddrLength ) );
612 caddr.encode( buffer );
613 }
614 }
615 catch ( BufferOverflowException boe )
616 {
617 log.error( I18n.err( I18n.ERR_140, 1 + TLV.getNbBytes( 0 ) + 0,
618 buffer.capacity() ) );
619 throw new EncoderException( I18n.err( I18n.ERR_138 ), boe );
620 }
621
622 if ( IS_DEBUG )
623 {
624 log.debug( "EncKdcRepPart encoding : {}", Strings.dumpBytes( buffer.array() ) );
625 log.debug( "EncKdcRepPart initial value : {}", this );
626 }
627
628 return buffer;
629 }
630
631
632
633
634
635 public String toString()
636 {
637 StringBuilder sb = new StringBuilder();
638
639 sb.append( "EncKdcRepPart : \n" );
640 sb.append( " key : " ).append( key ).append( "\n" );
641 sb.append( " last-req : " ).append( lastReq ).append( "\n" );
642 sb.append( " nonce : " ).append( nonce ).append( "\n" );
643
644 if ( keyExpiration != null )
645 {
646 sb.append( " key-expiration : " ).append( keyExpiration ).append( "\n" );
647 }
648
649 sb.append( " flags : " ).append( flags ).append( "\n" );
650 sb.append( " authtime : " ).append( authTime ).append( "\n" );
651
652 if ( startTime != null )
653 {
654 sb.append( " starttime : " ).append( startTime ).append( "\n" );
655 }
656
657 sb.append( " endtime : " ).append( endTime ).append( "\n" );
658
659 if ( renewTill != null )
660 {
661 sb.append( " renew-till : " ).append( renewTill ).append( "\n" );
662 }
663
664 sb.append( " srealm : " ).append( srealm ).append( "\n" );
665 sb.append( " sname : " ).append( sname ).append( "\n" );
666
667 if ( caddr != null )
668 {
669 sb.append( " caddr : " ).append( caddr ).append( "\n" );
670 }
671
672 return sb.toString();
673 }
674 }