1 /* 2 * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 /* 27 * 28 * (C) Copyright IBM Corp. 1999 All Rights Reserved. 29 * Copyright 1997 The Open Group Research Institute. All rights reserved. 30 */ 31 32 package sun.security.krb5; 33 34 import sun.security.krb5.internal.*; 35 import sun.security.krb5.internal.crypto.*; 36 import sun.security.util.*; 37 import java.io.IOException; 38 39 /** XXX This class does not appear to be used. **/ 40 41 class KrbPriv extends KrbAppMessage { 42 private byte[] obuf; 43 private byte[] userData; 44 KrbPriv(byte[] userData, Credentials creds, EncryptionKey subKey, KerberosTime timestamp, SeqNumber seqNumber, HostAddress saddr, HostAddress raddr )45 private KrbPriv(byte[] userData, 46 Credentials creds, 47 EncryptionKey subKey, 48 KerberosTime timestamp, 49 SeqNumber seqNumber, 50 HostAddress saddr, 51 HostAddress raddr 52 ) throws KrbException, IOException { 53 EncryptionKey reqKey = null; 54 if (subKey != null) 55 reqKey = subKey; 56 else 57 reqKey = creds.key; 58 59 obuf = mk_priv( 60 userData, 61 reqKey, 62 timestamp, 63 seqNumber, 64 saddr, 65 raddr 66 ); 67 } 68 KrbPriv(byte[] msg, Credentials creds, EncryptionKey subKey, SeqNumber seqNumber, HostAddress saddr, HostAddress raddr, boolean timestampRequired, boolean seqNumberRequired )69 private KrbPriv(byte[] msg, 70 Credentials creds, 71 EncryptionKey subKey, 72 SeqNumber seqNumber, 73 HostAddress saddr, 74 HostAddress raddr, 75 boolean timestampRequired, 76 boolean seqNumberRequired 77 ) throws KrbException, IOException { 78 79 KRBPriv krb_priv = new KRBPriv(msg); 80 EncryptionKey reqKey = null; 81 if (subKey != null) 82 reqKey = subKey; 83 else 84 reqKey = creds.key; 85 userData = rd_priv(krb_priv, 86 reqKey, 87 seqNumber, 88 saddr, 89 raddr, 90 timestampRequired, 91 seqNumberRequired, 92 creds.client 93 ); 94 } 95 getMessage()96 public byte[] getMessage() throws KrbException { 97 return obuf; 98 } 99 getData()100 public byte[] getData() { 101 return userData; 102 } 103 mk_priv(byte[] userData, EncryptionKey key, KerberosTime timestamp, SeqNumber seqNumber, HostAddress sAddress, HostAddress rAddress )104 private byte[] mk_priv(byte[] userData, 105 EncryptionKey key, 106 KerberosTime timestamp, 107 SeqNumber seqNumber, 108 HostAddress sAddress, 109 HostAddress rAddress 110 ) throws Asn1Exception, IOException, 111 KdcErrException, KrbCryptoException { 112 113 Integer usec = null; 114 Integer seqno = null; 115 116 if (timestamp != null) 117 usec = timestamp.getMicroSeconds(); 118 119 if (seqNumber != null) { 120 seqno = seqNumber.current(); 121 seqNumber.step(); 122 } 123 124 EncKrbPrivPart unenc_encKrbPrivPart = 125 new EncKrbPrivPart(userData, 126 timestamp, 127 usec, 128 seqno, 129 sAddress, 130 rAddress 131 ); 132 133 byte[] temp = unenc_encKrbPrivPart.asn1Encode(); 134 135 EncryptedData encKrbPrivPart = 136 new EncryptedData(key, temp, 137 KeyUsage.KU_ENC_KRB_PRIV_PART); 138 139 KRBPriv krb_priv = new KRBPriv(encKrbPrivPart); 140 141 temp = krb_priv.asn1Encode(); 142 143 return krb_priv.asn1Encode(); 144 } 145 rd_priv(KRBPriv krb_priv, EncryptionKey key, SeqNumber seqNumber, HostAddress sAddress, HostAddress rAddress, boolean timestampRequired, boolean seqNumberRequired, PrincipalName cname )146 private byte[] rd_priv(KRBPriv krb_priv, 147 EncryptionKey key, 148 SeqNumber seqNumber, 149 HostAddress sAddress, 150 HostAddress rAddress, 151 boolean timestampRequired, 152 boolean seqNumberRequired, 153 PrincipalName cname 154 ) throws Asn1Exception, KdcErrException, 155 KrbApErrException, IOException, KrbCryptoException { 156 157 byte[] bytes = krb_priv.encPart.decrypt(key, 158 KeyUsage.KU_ENC_KRB_PRIV_PART); 159 byte[] temp = krb_priv.encPart.reset(bytes); 160 DerValue ref = new DerValue(temp); 161 EncKrbPrivPart enc_part = new EncKrbPrivPart(ref); 162 163 check(enc_part.timestamp, 164 enc_part.usec, 165 enc_part.seqNumber, 166 enc_part.sAddress, 167 enc_part.rAddress, 168 seqNumber, 169 sAddress, 170 rAddress, 171 timestampRequired, 172 seqNumberRequired, 173 cname 174 ); 175 176 return enc_part.userData; 177 } 178 } 179