Old test/sun/security/krb5/auto/NewInquireTypes.java

   1 /*
   2  * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 8043071
  27  * @summary Expose session key and KRB_CRED through extended GSS-API
  28  * @compile -XDignore.symbol.file NewInquireTypes.java
  29  * @run main/othervm NewInquireTypes
  30  */
  31 
  32 import com.sun.security.jgss.ExtendedGSSContext;
  33 import com.sun.security.jgss.InquireType;
  34 import sun.security.jgss.GSSUtil;
  35 import sun.security.krb5.internal.KRBCred;
  36 import sun.security.krb5.internal.crypto.KeyUsage;
  37 
  38 import javax.security.auth.kerberos.KerberosCredMessage;
  39 import javax.security.auth.kerberos.EncryptionKey;
  40 
  41 public class NewInquireTypes {
  42 
  43     public static void main(String[] args) throws Exception {
  44 
  45         new OneKDC(null).writeJAASConf();
  46 
  47         Context c, s;
  48         c = Context.fromJAAS("client");
  49         s = Context.fromJAAS("server");
  50 
  51         c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
  52         s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
  53 
  54         Context.handshake(c, s);
  55 
  56         ExtendedGSSContext ctxt = (ExtendedGSSContext)c.x();
  57         EncryptionKey key = (EncryptionKey)
  58                 ctxt.inquireSecContext(InquireType.KRB5_GET_SESSION_KEY_EX);
  59         KerberosCredMessage cred = (KerberosCredMessage)
  60                 ctxt.inquireSecContext(InquireType.KRB5_GET_KRB_CRED);
  61         c.status();
  62 
  63         // Confirm the KRB_CRED message is encrypted with the session key.
  64         new KRBCred(cred.getEncoded()).encPart.decrypt(
  65                 new sun.security.krb5.EncryptionKey(key.getKeyType(), key.getEncoded()),
  66                 KeyUsage.KU_ENC_KRB_CRED_PART);
  67     }
  68 }