1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.apache.directory.shared.kerberos.components;
22
23
24 import java.nio.BufferOverflowException;
25 import java.nio.ByteBuffer;
26
27 import org.apache.directory.api.asn1.Asn1Object;
28 import org.apache.directory.api.asn1.EncoderException;
29 import org.apache.directory.api.asn1.ber.tlv.BerValue;
30 import org.apache.directory.api.asn1.ber.tlv.TLV;
31 import org.apache.directory.api.asn1.ber.tlv.UniversalTag;
32 import org.apache.directory.api.util.Strings;
33 import org.apache.directory.server.i18n.I18n;
34 import org.apache.directory.shared.kerberos.KerberosConstants;
35 import org.apache.directory.shared.kerberos.KerberosTime;
36 import org.apache.directory.shared.kerberos.flags.TicketFlags;
37 import org.slf4j.Logger;
38 import org.slf4j.LoggerFactory;
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58 public class KrbCredInfo implements Asn1Object
59 {
60
61 private static final Logger log = LoggerFactory.getLogger( KrbCredInfo.class );
62
63
64 private static final boolean IS_DEBUG = log.isDebugEnabled();
65
66
67 private EncryptionKey key;
68
69
70 private String pRealm;
71
72
73 private PrincipalName pName;
74
75
76 private TicketFlags ticketFlags;
77
78
79 private KerberosTime authTime;
80
81
82 private KerberosTime startTime;
83
84
85 private KerberosTime endTime;
86
87
88 private KerberosTime renewtill;
89
90
91 private String sRealm;
92
93
94 private PrincipalName sName;
95
96
97 private HostAddresses clientAddresses;
98
99 private int keyLen;
100 private int pRealmLen;
101 private byte[] pRealmBytes;
102 private int pNameLen;
103 private int ticketFlagsLen;
104 private int authTimeLen;
105 private byte[] authTimeBytes;
106 private int startTimeLen;
107 private byte[] startTimeBytes;
108 private int endTimeLen;
109 private byte[] endTimeBytes;
110 private int renewtillLen;
111 private byte[] renewtillBytes;
112 private int sRealmLen;
113 private byte[] sRealmBytes;
114 private int sNameLen;
115 private int clientAddressesLen;
116 private int krbKredInfoSeqLen;
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171 @Override
172 public int computeLength()
173 {
174 keyLen = key.computeLength();
175 krbKredInfoSeqLen = 1 + TLV.getNbBytes( keyLen ) + keyLen;
176
177 if ( pRealm != null )
178 {
179 pRealmBytes = Strings.getBytesUtf8( pRealm );
180 pRealmLen = 1 + TLV.getNbBytes( pRealmBytes.length ) + pRealmBytes.length;
181 krbKredInfoSeqLen += 1 + TLV.getNbBytes( pRealmLen ) + pRealmLen;
182 }
183
184 if ( pName != null )
185 {
186 pNameLen = pName.computeLength();
187 krbKredInfoSeqLen += 1 + TLV.getNbBytes( pNameLen ) + pNameLen;
188 }
189
190 if ( ticketFlags != null )
191 {
192 ticketFlagsLen = ticketFlags.getData().length;
193 ticketFlagsLen = 1 + TLV.getNbBytes( ticketFlagsLen ) + ticketFlagsLen;
194 krbKredInfoSeqLen += 1 + TLV.getNbBytes( ticketFlagsLen ) + ticketFlagsLen;
195 }
196
197 if ( authTime != null )
198 {
199 authTimeBytes = authTime.getBytes();
200 authTimeLen = 1 + TLV.getNbBytes( authTimeBytes.length ) + authTimeBytes.length;
201 krbKredInfoSeqLen += 1 + TLV.getNbBytes( authTimeLen ) + authTimeLen;
202 }
203
204 if ( startTime != null )
205 {
206 startTimeBytes = startTime.getBytes();
207 startTimeLen = 1 + TLV.getNbBytes( startTimeBytes.length ) + startTimeBytes.length;
208 krbKredInfoSeqLen += 1 + TLV.getNbBytes( startTimeLen ) + startTimeLen;
209 }
210
211 if ( endTime != null )
212 {
213 endTimeBytes = endTime.getBytes();
214 endTimeLen = 1 + TLV.getNbBytes( endTimeBytes.length ) + endTimeBytes.length;
215 krbKredInfoSeqLen += 1 + TLV.getNbBytes( endTimeLen ) + endTimeLen;
216 }
217
218 if ( renewtill != null )
219 {
220 renewtillBytes = renewtill.getBytes();
221 renewtillLen = 1 + TLV.getNbBytes( renewtillBytes.length ) + renewtillBytes.length;
222 krbKredInfoSeqLen += 1 + TLV.getNbBytes( renewtillLen ) + renewtillLen;
223 }
224
225 if ( sRealm != null )
226 {
227 sRealmBytes = Strings.getBytesUtf8( sRealm );
228 sRealmLen = 1 + TLV.getNbBytes( sRealmBytes.length ) + sRealmBytes.length;
229 krbKredInfoSeqLen += 1 + TLV.getNbBytes( sRealmLen ) + sRealmLen;
230 }
231
232 if ( sName != null )
233 {
234 sNameLen = sName.computeLength();
235 krbKredInfoSeqLen += 1 + TLV.getNbBytes( sNameLen ) + sNameLen;
236 }
237
238 if ( clientAddresses != null )
239 {
240 clientAddressesLen = clientAddresses.computeLength();
241 krbKredInfoSeqLen += 1 + TLV.getNbBytes( clientAddressesLen ) + clientAddressesLen;
242 }
243
244 return 1 + TLV.getNbBytes( krbKredInfoSeqLen ) + krbKredInfoSeqLen;
245 }
246
247
248
249
250
251 @Override
252 public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
253 {
254 if ( buffer == null )
255 {
256 throw new EncoderException( I18n.err( I18n.ERR_148 ) );
257 }
258
259 try
260 {
261 buffer.put( UniversalTag.SEQUENCE.getValue() );
262 buffer.put( TLV.getBytes( krbKredInfoSeqLen ) );
263
264
265 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_KEY_TAG );
266 buffer.put( TLV.getBytes( keyLen ) );
267 key.encode( buffer );
268
269 if ( pRealm != null )
270 {
271
272 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_PREALM_TAG );
273 buffer.put( TLV.getBytes( pRealmLen ) );
274
275 buffer.put( UniversalTag.GENERAL_STRING.getValue() );
276 buffer.put( TLV.getBytes( pRealmBytes.length ) );
277 buffer.put( pRealmBytes );
278 }
279
280 if ( pName != null )
281 {
282
283 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_PNAME_TAG );
284 buffer.put( TLV.getBytes( pNameLen ) );
285 pName.encode( buffer );
286 }
287
288 if ( ticketFlags != null )
289 {
290
291 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_FLAGS_TAG );
292 buffer.put( TLV.getBytes( ticketFlagsLen ) );
293 BerValue.encode( buffer, ticketFlags );
294 }
295
296 if ( authTime != null )
297 {
298
299 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_AUTHTIME_TAG );
300 buffer.put( TLV.getBytes( authTimeLen ) );
301
302 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
303 buffer.put( ( byte ) 0x0F );
304 buffer.put( authTimeBytes );
305 }
306
307 if ( startTime != null )
308 {
309
310 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_STARTTIME_TAG );
311 buffer.put( TLV.getBytes( startTimeLen ) );
312
313 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
314 buffer.put( ( byte ) 0x0F );
315 buffer.put( startTimeBytes );
316 }
317
318 if ( endTime != null )
319 {
320
321 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_ENDTIME_TAG );
322 buffer.put( TLV.getBytes( endTimeLen ) );
323
324 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
325 buffer.put( ( byte ) 0x0F );
326 buffer.put( endTimeBytes );
327 }
328
329 if ( renewtill != null )
330 {
331
332 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_RENEWTILL_TAG );
333 buffer.put( TLV.getBytes( renewtillLen ) );
334
335 buffer.put( UniversalTag.GENERALIZED_TIME.getValue() );
336 buffer.put( ( byte ) 0x0F );
337 buffer.put( renewtillBytes );
338 }
339
340 if ( sRealm != null )
341 {
342
343 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_SREALM_TAG );
344 buffer.put( TLV.getBytes( sRealmLen ) );
345
346 buffer.put( UniversalTag.GENERAL_STRING.getValue() );
347 buffer.put( TLV.getBytes( sRealmBytes.length ) );
348 buffer.put( sRealmBytes );
349 }
350
351 if ( sName != null )
352 {
353
354 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_SNAME_TAG );
355 buffer.put( TLV.getBytes( sNameLen ) );
356 sName.encode( buffer );
357 }
358
359 if ( clientAddresses != null )
360 {
361
362 buffer.put( ( byte ) KerberosConstants.KRB_CRED_INFO_CADDR_TAG );
363 buffer.put( TLV.getBytes( clientAddressesLen ) );
364 clientAddresses.encode( buffer );
365 }
366 }
367 catch ( BufferOverflowException boe )
368 {
369 log.error( I18n.err( I18n.ERR_739_CANNOT_ENCODE_KRB_CRED_INFO, 1 + TLV.getNbBytes( krbKredInfoSeqLen )
370 + krbKredInfoSeqLen, buffer.capacity() ) );
371 throw new EncoderException( I18n.err( I18n.ERR_138 ), boe );
372 }
373
374 if ( IS_DEBUG )
375 {
376 log.debug( "KrbCredInfo encoding : {}", Strings.dumpBytes( buffer.array() ) );
377 log.debug( "KrbCredInfo initial value : {}", this );
378 }
379
380 return buffer;
381 }
382
383
384
385
386
387 public EncryptionKey getKey()
388 {
389 return key;
390 }
391
392
393
394
395
396 public void setKey( EncryptionKey key )
397 {
398 this.key = key;
399 }
400
401
402
403
404
405 public String getpRealm()
406 {
407 return pRealm;
408 }
409
410
411
412
413
414 public void setpRealm( String pRealm )
415 {
416 this.pRealm = pRealm;
417 }
418
419
420
421
422
423 public PrincipalName getpName()
424 {
425 return pName;
426 }
427
428
429
430
431
432 public void setpName( PrincipalName pName )
433 {
434 this.pName = pName;
435 }
436
437
438
439
440
441 public TicketFlags getTicketFlags()
442 {
443 return ticketFlags;
444 }
445
446
447
448
449
450 public void setTicketFlags( TicketFlags ticketFlags )
451 {
452 this.ticketFlags = ticketFlags;
453 }
454
455
456
457
458
459 public KerberosTime getAuthTime()
460 {
461 return authTime;
462 }
463
464
465
466
467
468 public void setAuthTime( KerberosTime authTime )
469 {
470 this.authTime = authTime;
471 }
472
473
474
475
476
477 public KerberosTime getStartTime()
478 {
479 return startTime;
480 }
481
482
483
484
485
486 public void setStartTime( KerberosTime startTime )
487 {
488 this.startTime = startTime;
489 }
490
491
492
493
494
495 public KerberosTime getEndTime()
496 {
497 return endTime;
498 }
499
500
501
502
503
504 public void setEndTime( KerberosTime endTime )
505 {
506 this.endTime = endTime;
507 }
508
509
510
511
512
513 public KerberosTime getRenewtill()
514 {
515 return renewtill;
516 }
517
518
519
520
521
522 public void setRenewtill( KerberosTime renewtill )
523 {
524 this.renewtill = renewtill;
525 }
526
527
528
529
530
531 public String getsRealm()
532 {
533 return sRealm;
534 }
535
536
537
538
539
540 public void setsRealm( String sRealm )
541 {
542 this.sRealm = sRealm;
543 }
544
545
546
547
548
549 public PrincipalName getsName()
550 {
551 return sName;
552 }
553
554
555
556
557
558 public void setsName( PrincipalName sName )
559 {
560 this.sName = sName;
561 }
562
563
564
565
566
567 public HostAddresses getClientAddresses()
568 {
569 return clientAddresses;
570 }
571
572
573
574
575
576 public void setClientAddresses( HostAddresses clientAddresses )
577 {
578 this.clientAddresses = clientAddresses;
579 }
580
581
582
583
584
585 public String toString()
586 {
587 StringBuilder sb = new StringBuilder();
588
589 sb.append( "KrbCredInfo : {\n" );
590 sb.append( " key: " ).append( key ).append( '\n' );
591
592 if ( pRealm != null )
593 {
594 sb.append( " pRealm: " ).append( pRealm ).append( '\n' );
595 }
596
597 if ( pName != null )
598 {
599 sb.append( " pName: " ).append( pName ).append( '\n' );
600 }
601
602 if ( ticketFlags != null )
603 {
604 sb.append( " ticketFlags: " ).append( ticketFlags ).append( '\n' );
605 }
606
607 if ( authTime != null )
608 {
609 sb.append( " authTime: " ).append( authTime ).append( '\n' );
610 }
611
612 if ( startTime != null )
613 {
614 sb.append( " startTime: " ).append( startTime ).append( '\n' );
615 }
616
617 if ( endTime != null )
618 {
619 sb.append( " endTime: " ).append( endTime ).append( '\n' );
620 }
621
622 if ( renewtill != null )
623 {
624 sb.append( " renewtill: " ).append( renewtill ).append( '\n' );
625 }
626
627 if ( sRealm != null )
628 {
629 sb.append( " sRealm: " ).append( sRealm ).append( '\n' );
630 }
631
632 if ( sName != null )
633 {
634 sb.append( " sName: " ).append( sName ).append( '\n' );
635 }
636
637 if ( clientAddresses != null )
638 {
639 sb.append( " clientAddresses: " ).append( clientAddresses ).append( '\n' );
640 }
641
642 sb.append( "}\n" );
643
644 return sb.toString();
645
646 }
647 }