View Javadoc
1   /*
2    *   Licensed to the Apache Software Foundation (ASF) under one
3    *   or more contributor license agreements.  See the NOTICE file
4    *   distributed with this work for additional information
5    *   regarding copyright ownership.  The ASF licenses this file
6    *   to you under the Apache License, Version 2.0 (the
7    *   "License"); you may not use this file except in compliance
8    *   with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *   Unless required by applicable law or agreed to in writing,
13   *   software distributed under the License is distributed on an
14   *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *   KIND, either express or implied.  See the License for the
16   *   specific language governing permissions and limitations
17   *   under the License.
18   *
19   */
20  
21  package org.apache.directory.shared.kerberos.messages;
22  
23  
24  import java.nio.BufferOverflowException;
25  import java.nio.ByteBuffer;
26  import java.util.ArrayList;
27  import java.util.List;
28  
29  import org.apache.directory.api.asn1.EncoderException;
30  import org.apache.directory.api.asn1.ber.tlv.BerValue;
31  import org.apache.directory.api.asn1.ber.tlv.TLV;
32  import org.apache.directory.api.asn1.ber.tlv.UniversalTag;
33  import org.apache.directory.api.util.Strings;
34  import org.apache.directory.server.i18n.I18n;
35  import org.apache.directory.shared.kerberos.KerberosConstants;
36  import org.apache.directory.shared.kerberos.KerberosMessageType;
37  import org.apache.directory.shared.kerberos.components.EncryptedData;
38  import org.slf4j.Logger;
39  import org.slf4j.LoggerFactory;
40  
41  
42  /**
43   * KRB-CRED        ::= [APPLICATION 22] SEQUENCE {
44   *         pvno            [0] INTEGER (5),
45   *         msg-type        [1] INTEGER (22),
46   *         tickets         [2] SEQUENCE OF Ticket,
47   *         enc-part        [3] EncryptedData -- EncKrbCredPart
48   * }
49   *
50   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
51   */
52  public class KrbCred extends KerberosMessage
53  {
54      /** The logger */
55      private static final Logger log = LoggerFactory.getLogger( KrbCred.class );
56  
57      /** Speedup for logs */
58      private static final boolean IS_DEBUG = log.isDebugEnabled();
59  
60      /** list of tickets */
61      private List<Ticket> tickets;
62  
63      /** encrypted part of the message */
64      private EncryptedData encPart;
65  
66      private int pvnoLen;
67      private int msgTypeLen;
68      private int ticketsSeqLen;
69      private int ticketsLen;
70      private int encPartLen;
71      private int krbCredSeqLen;
72      private int krbCredLen;
73  
74  
75      /**
76       * Creates a new instance of KrbCred.
77       */
78      public KrbCred()
79      {
80          super( 5, KerberosMessageType.KRB_CRED );
81      }
82  
83  
84      /**
85       * Compute the KRB-CRED length
86       * <pre>
87       * KRB-CRED :
88       * 
89       * 0x76 L1 KRB-CRED APPLICATION[22]
90       *  |
91       *  +--&gt; 0x30 L2 KRB-CRED sequence
92       *        |
93       *        +--&gt; 0xA0 0x03 pvno tag
94       *        |     |
95       *        |     +--&gt; 0x02 0x01 0x05 pvno (5)
96       *        |
97       *        +--&gt; 0xA1 0x03 msg-type tag
98       *        |     |
99       *        |     +--&gt; 0x02 0x01 0x16 msg-type (22)
100      *        |     
101      *        +--&gt; 0xA2 L3 tickets tag
102      *        |     |
103      *        |     +--&gt; 0x30 LL tickets seq tag
104      *        |           |
105      *        |           +--&gt; 0x30 LL1 ticket (Ticket)
106      *        |           .         ...
107      *        |           +--&gt; 0x30 LLn ticket (Ticket)
108      *        |
109      *        +--&gt; 0xA3 L4 enc-part tag
110      *              |
111      *              +--&gt; 0x30 L4-2 enc-part (EncryptedData)
112      * </pre>
113      */
114     @Override
115     public int computeLength()
116     {
117         pvnoLen = 1 + 1 + 1;
118         krbCredSeqLen = 1 + TLV.getNbBytes( pvnoLen ) + pvnoLen;
119 
120         msgTypeLen = 1 + 1 + BerValue.getNbBytes( getMessageType().getValue() );
121         krbCredSeqLen += 1 + TLV.getNbBytes( msgTypeLen ) + msgTypeLen;
122 
123         for ( Ticket t : tickets )
124         {
125             ticketsSeqLen += t.computeLength();
126         }
127 
128         ticketsLen = 1 + TLV.getNbBytes( ticketsSeqLen ) + ticketsSeqLen;
129 
130         krbCredSeqLen += 1 + TLV.getNbBytes( ticketsLen ) + ticketsLen;
131 
132         encPartLen = encPart.computeLength();
133         krbCredSeqLen += 1 + TLV.getNbBytes( encPartLen ) + encPartLen;
134 
135         krbCredLen = 1 + TLV.getNbBytes( krbCredSeqLen ) + krbCredSeqLen;
136 
137         return 1 + TLV.getNbBytes( krbCredLen ) + krbCredLen;
138     }
139 
140 
141     public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
142     {
143         if ( buffer == null )
144         {
145             throw new EncoderException( I18n.err( I18n.ERR_148 ) );
146         }
147 
148         try
149         {
150             // The KRB-CRED APPLICATION tag
151             buffer.put( ( byte ) KerberosConstants.KRB_CRED_TAG );
152             buffer.put( TLV.getBytes( krbCredLen ) );
153 
154             // The KRB-CRED sequence
155             buffer.put( UniversalTag.SEQUENCE.getValue() );
156             buffer.put( TLV.getBytes( krbCredSeqLen ) );
157 
158             // pvno tag and value
159             buffer.put( ( byte ) KerberosConstants.KRB_CRED_PVNO_TAG );
160             buffer.put( TLV.getBytes( pvnoLen ) );
161             BerValue.encode( buffer, getProtocolVersionNumber() );
162 
163             // msg-type tag and value
164             buffer.put( ( byte ) KerberosConstants.KRB_CRED_MSGTYPE_TAG );
165             buffer.put( TLV.getBytes( msgTypeLen ) );
166             BerValue.encode( buffer, getMessageType().getValue() );
167 
168             // tickets tag and value
169             buffer.put( ( byte ) KerberosConstants.KRB_CRED_TICKETS_TAG );
170             buffer.put( TLV.getBytes( ticketsLen ) );
171 
172             buffer.put( UniversalTag.SEQUENCE.getValue() );
173             buffer.put( TLV.getBytes( ticketsSeqLen ) );
174 
175             for ( Ticket t : tickets )
176             {
177                 t.encode( buffer );
178             }
179 
180             // enc-part tag and value
181             buffer.put( ( byte ) KerberosConstants.KRB_CRED_ENCPART_TAG );
182             buffer.put( TLV.getBytes( encPartLen ) );
183             encPart.encode( buffer );
184         }
185         catch ( BufferOverflowException boe )
186         {
187             log.error( I18n.err( I18n.ERR_741_CANNOT_ENCODE_KRB_CRED, 1 + TLV.getNbBytes( krbCredLen )
188                 + krbCredLen, buffer.capacity() ) );
189             throw new EncoderException( I18n.err( I18n.ERR_138 ), boe );
190         }
191 
192         if ( IS_DEBUG )
193         {
194             log.debug( "KrbCred encoding : {}", Strings.dumpBytes( buffer.array() ) );
195             log.debug( "KrbCred initial value : {}", this );
196         }
197 
198         return buffer;
199     }
200 
201 
202     /**
203      * @return the tickets
204      */
205     public List<Ticket> getTickets()
206     {
207         return tickets;
208     }
209 
210 
211     /**
212      * @param tickets the tickets to set
213      */
214     public void setTickets( List<Ticket> tickets )
215     {
216         this.tickets = tickets;
217     }
218 
219 
220     /**
221      * @return the encPart
222      */
223     public EncryptedData getEncPart()
224     {
225         return encPart;
226     }
227 
228 
229     /**
230      * @param encPart the encPart to set
231      */
232     public void setEncPart( EncryptedData encPart )
233     {
234         this.encPart = encPart;
235     }
236 
237 
238     /**
239      * adds a Ticket to the ticket list
240      * 
241      * @param ticket the Ticket to be added
242      */
243     public void addTicket( Ticket ticket )
244     {
245         if ( ticket == null )
246         {
247             throw new IllegalArgumentException( "null ticket cannot be added" );
248         }
249 
250         if ( tickets == null )
251         {
252             tickets = new ArrayList<>();
253         }
254 
255         tickets.add( ticket );
256     }
257 
258 
259     /**
260      * @see Object#toString()
261      */
262     public String toString()
263     {
264         StringBuilder sb = new StringBuilder();
265 
266         sb.append( "KRB-CRED : {\n" );
267         sb.append( "    pvno: " ).append( getProtocolVersionNumber() ).append( '\n' );
268         sb.append( "    msg-type: " ).append( getMessageType() ).append( '\n' );
269         sb.append( "    tickets: " ).append( tickets ).append( '\n' );
270         sb.append( "    en-part: " ).append( encPart ).append( '\n' );
271 
272         sb.append( "}\n" );
273 
274         return sb.toString();
275     }
276 }