src/share/classes/sun/security/krb5/internal/crypto/EType.java

Print this page
rev 7199 : 8014310: JAAS/Krb5LoginModule using des encytypes failure with NPE after JDK-8012679


 213             allowed = Cipher.getMaxAllowedKeyLength("AES");
 214         } catch (Exception e) {
 215             // should not happen
 216         }
 217         int[] result;
 218         if (allowed < 256) {
 219             result = BUILTIN_ETYPES_NOAES256;
 220         } else {
 221             result = BUILTIN_ETYPES;
 222         }
 223         if (!allowWeakCrypto) {
 224             // The last 2 etypes are now weak ones
 225             return Arrays.copyOfRange(result, 0, result.length - 2);
 226         }
 227         return result;
 228     }
 229 
 230     /**
 231      * Retrieves the default etypes from the configuration file, or
 232      * if that's not available, return the built-in list of default etypes.


 233      */
 234     // used in KrbAsReq, KeyTab
 235     public static int[] getDefaults(String configName) {

 236         try {
 237             return Config.getInstance().defaultEtype(configName);
 238         } catch (KrbException exc) {
 239             if (DEBUG) {
 240                 System.out.println("Exception while getting " +
 241                     configName + exc.getMessage());
 242                 System.out.println("Using default builtin etypes");
 243             }
 244             return getBuiltInDefaults();
 245         }

 246     }
 247 
 248     /**
 249      * Retrieve the default etypes from the configuration file for
 250      * those etypes for which there are corresponding keys.
 251      * Used in scenario we have some keys from a keytab with etypes
 252      * different from those named in configName. Then, in order
 253      * to decrypt an AS-REP, we should only ask for etypes for which
 254      * we have keys.
 255      */
 256     public static int[] getDefaults(String configName, EncryptionKey[] keys)
 257         throws KrbException {
 258         int[] answer = getDefaults(configName);
 259         if (answer == null) {
 260             throw new KrbException("No supported encryption types listed in "
 261                 + configName);
 262         }
 263 
 264         List<Integer> list = new ArrayList<>(answer.length);
 265         for (int i = 0; i < answer.length; i++) {
 266             if (EncryptionKey.findKey(answer[i], keys) != null) {
 267                 list.add(answer[i]);
 268             }
 269         }
 270         int len = list.size();
 271         if (len <= 0) {
 272             StringBuffer keystr = new StringBuffer();
 273             for (int i = 0; i < keys.length; i++) {
 274                 keystr.append(toString(keys[i].getEType()));
 275                 keystr.append(" ");
 276             }
 277             throw new KrbException(
 278                 "Do not have keys of types listed in " + configName +
 279                 " available; only have keys of following type: " +
 280                 keystr.toString());
 281         } else {
 282             answer = new int[len];




 213             allowed = Cipher.getMaxAllowedKeyLength("AES");
 214         } catch (Exception e) {
 215             // should not happen
 216         }
 217         int[] result;
 218         if (allowed < 256) {
 219             result = BUILTIN_ETYPES_NOAES256;
 220         } else {
 221             result = BUILTIN_ETYPES;
 222         }
 223         if (!allowWeakCrypto) {
 224             // The last 2 etypes are now weak ones
 225             return Arrays.copyOfRange(result, 0, result.length - 2);
 226         }
 227         return result;
 228     }
 229 
 230     /**
 231      * Retrieves the default etypes from the configuration file, or
 232      * if that's not available, return the built-in list of default etypes.
 233      * This result is always non-empty. If no etypes are found,
 234      * an exception is thrown.
 235      */
 236     public static int[] getDefaults(String configName)
 237             throws KrbException {
 238         Config config = null;
 239         try {
 240             config = Config.getInstance();
 241         } catch (KrbException exc) {
 242             if (DEBUG) {
 243                 System.out.println("Exception while getting " +
 244                     configName + exc.getMessage());
 245                 System.out.println("Using default builtin etypes");
 246             }
 247             return getBuiltInDefaults();
 248         }
 249         return config.defaultEtype(configName);
 250     }
 251 
 252     /**
 253      * Retrieve the default etypes from the configuration file for
 254      * those etypes for which there are corresponding keys.
 255      * Used in scenario we have some keys from a keytab with etypes
 256      * different from those named in configName. Then, in order
 257      * to decrypt an AS-REP, we should only ask for etypes for which
 258      * we have keys.
 259      */
 260     public static int[] getDefaults(String configName, EncryptionKey[] keys)
 261             throws KrbException {
 262         int[] answer = getDefaults(configName);




 263 
 264         List<Integer> list = new ArrayList<>(answer.length);
 265         for (int i = 0; i < answer.length; i++) {
 266             if (EncryptionKey.findKey(answer[i], keys) != null) {
 267                 list.add(answer[i]);
 268             }
 269         }
 270         int len = list.size();
 271         if (len <= 0) {
 272             StringBuffer keystr = new StringBuffer();
 273             for (int i = 0; i < keys.length; i++) {
 274                 keystr.append(toString(keys[i].getEType()));
 275                 keystr.append(" ");
 276             }
 277             throw new KrbException(
 278                 "Do not have keys of types listed in " + configName +
 279                 " available; only have keys of following type: " +
 280                 keystr.toString());
 281         } else {
 282             answer = new int[len];