48 import javax.security.auth.kerberos.KerberosKey;
49 import javax.security.auth.kerberos.KerberosPrincipal;
50 import javax.security.auth.kerberos.KerberosTicket;
51 import javax.security.auth.kerberos.KeyTab;
52 import javax.security.auth.kerberos.ServicePermission;
53 import java.io.IOException;
54 import java.io.PrintStream;
55 import java.net.InetAddress;
56 import java.security.AccessControlContext;
57 import java.security.AccessController;
58 import java.security.Principal;
59 import java.security.PrivilegedAction;
60 import java.security.PrivilegedActionException;
61 import java.security.PrivilegedExceptionAction;
62 import java.security.SecureRandom;
63 import java.util.Set;
64
65 /**
66 * The provider for TLS_KRB_ cipher suites.
67 *
68 * @since 1.9
69 */
70 public class Krb5KeyExchangeService implements ClientKeyExchangeService {
71
72 public static final Debug debug = Debug.getInstance("ssl");
73
74 @Override
75 public String[] supported() {
76 return new String[] { "KRB5", "KRB5_EXPORT" };
77 }
78
79 @Override
80 public Object getServiceCreds(AccessControlContext acc) {
81 try {
82 ServiceCreds serviceCreds = AccessController.doPrivileged(
83 (PrivilegedExceptionAction<ServiceCreds>)
84 () -> Krb5Util.getServiceCreds(
85 GSSCaller.CALLER_SSL_SERVER, null, acc));
86 if (serviceCreds == null) {
87 if (debug != null && Debug.isOn("handshake")) {
88 System.out.println("Kerberos serviceCreds not available");
|
48 import javax.security.auth.kerberos.KerberosKey;
49 import javax.security.auth.kerberos.KerberosPrincipal;
50 import javax.security.auth.kerberos.KerberosTicket;
51 import javax.security.auth.kerberos.KeyTab;
52 import javax.security.auth.kerberos.ServicePermission;
53 import java.io.IOException;
54 import java.io.PrintStream;
55 import java.net.InetAddress;
56 import java.security.AccessControlContext;
57 import java.security.AccessController;
58 import java.security.Principal;
59 import java.security.PrivilegedAction;
60 import java.security.PrivilegedActionException;
61 import java.security.PrivilegedExceptionAction;
62 import java.security.SecureRandom;
63 import java.util.Set;
64
65 /**
66 * The provider for TLS_KRB_ cipher suites.
67 *
68 * @since 9
69 */
70 public class Krb5KeyExchangeService implements ClientKeyExchangeService {
71
72 public static final Debug debug = Debug.getInstance("ssl");
73
74 @Override
75 public String[] supported() {
76 return new String[] { "KRB5", "KRB5_EXPORT" };
77 }
78
79 @Override
80 public Object getServiceCreds(AccessControlContext acc) {
81 try {
82 ServiceCreds serviceCreds = AccessController.doPrivileged(
83 (PrivilegedExceptionAction<ServiceCreds>)
84 () -> Krb5Util.getServiceCreds(
85 GSSCaller.CALLER_SSL_SERVER, null, acc));
86 if (serviceCreds == null) {
87 if (debug != null && Debug.isOn("handshake")) {
88 System.out.println("Kerberos serviceCreds not available");
|