55 public static final int AP_OPTS_RESERVED = 0;
56 public static final int AP_OPTS_USE_SESSION_KEY = 1;
57 public static final int AP_OPTS_MUTUAL_REQUIRED = 2;
58 public static final int AP_OPTS_MAX = 31;
59
60 //Ticket Flags
61
62 public static final int TKT_OPTS_RESERVED = 0;
63 public static final int TKT_OPTS_FORWARDABLE = 1;
64 public static final int TKT_OPTS_FORWARDED = 2;
65 public static final int TKT_OPTS_PROXIABLE = 3;
66 public static final int TKT_OPTS_PROXY = 4;
67 public static final int TKT_OPTS_MAY_POSTDATE = 5;
68 public static final int TKT_OPTS_POSTDATED = 6;
69 public static final int TKT_OPTS_INVALID = 7;
70 public static final int TKT_OPTS_RENEWABLE = 8;
71 public static final int TKT_OPTS_INITIAL = 9;
72 public static final int TKT_OPTS_PRE_AUTHENT = 10;
73 public static final int TKT_OPTS_HW_AUTHENT = 11;
74 public static final int TKT_OPTS_DELEGATE = 13;
75 public static final int TKT_OPTS_MAX = 31;
76
77 // KDC Options
78 // (option values defined in KDCOptions.java)
79 public static final int KDC_OPTS_MAX = 31;
80
81 // KerberosFlags
82 public static final int KRB_FLAGS_MAX = 31;
83
84 //Last Request types
85
86 public static final int LRTYPE_NONE = 0;
87 public static final int LRTYPE_TIME_OF_INITIAL_TGT = 1;
88 public static final int LRTYPE_TIME_OF_INITIAL_REQ = 2;
89 public static final int LRTYPE_TIME_OF_NEWEST_TGT = 3;
90 public static final int LRTYPE_TIME_OF_LAST_RENEWAL = 4;
91 public static final int LRTYPE_TIME_OF_LAST_REQ = 5;
92
93 //Host address lengths
94
148
149 public static final int KEYTYPE_DES3 = 2;
150 public static final int KEYTYPE_AES = 3;
151 public static final int KEYTYPE_ARCFOUR_HMAC = 4;
152
153
154 //----------------------------------------+-----------------
155 // padata type |padata-type value
156 //----------------------------------------+-----------------
157 public static final int PA_TGS_REQ = 1;
158 public static final int PA_ENC_TIMESTAMP = 2;
159 public static final int PA_PW_SALT = 3;
160
161 // new preauth types
162 public static final int PA_ETYPE_INFO = 11;
163 public static final int PA_ETYPE_INFO2 = 19;
164
165 // S4U2user info
166 public static final int PA_FOR_USER = 129;
167
168 //-------------------------------+-------------
169 //authorization data type |ad-type value
170 //-------------------------------+-------------
171 //reserved values 0-63
172 public static final int OSF_DCE = 64;
173 public static final int SESAME = 65;
174
175 //----------------------------------------------+-----------------
176 //alternate authentication type |method-type value
177 //----------------------------------------------+-----------------
178 // reserved values 0-63
179 public static final int ATT_CHALLENGE_RESPONSE = 64;
180
181 //--------------------------------------------+-------------
182 //transited encoding type |tr-type value
183 //--------------------------------------------+-------------
184 public static final int DOMAIN_X500_COMPRESS = 1;
185 // reserved values all others
186
187 //----------------------------+-------+-----------------------------------------
250 public static final int KRB_AP_ERR_TKT_NYV = 33; //Ticket not yet valid
251 public static final int KRB_AP_ERR_REPEAT = 34; //Request is a replay
252 public static final int KRB_AP_ERR_NOT_US = 35; //The ticket isn't for us
253 public static final int KRB_AP_ERR_BADMATCH = 36; //Ticket and authenticator don't match
254 public static final int KRB_AP_ERR_SKEW = 37; //Clock skew too great
255 public static final int KRB_AP_ERR_BADADDR = 38; //Incorrect net address
256 public static final int KRB_AP_ERR_BADVERSION = 39; //Protocol version mismatch
257 public static final int KRB_AP_ERR_MSG_TYPE = 40; //Invalid msg type
258 public static final int KRB_AP_ERR_MODIFIED = 41; //Message stream modified
259 public static final int KRB_AP_ERR_BADORDER = 42; //Message out of order
260 public static final int KRB_AP_ERR_BADKEYVER = 44; //Specified version of key is not available
261 public static final int KRB_AP_ERR_NOKEY = 45; //Service key not available
262 public static final int KRB_AP_ERR_MUT_FAIL = 46; //Mutual authentication failed
263 public static final int KRB_AP_ERR_BADDIRECTION = 47; //Incorrect message direction
264 public static final int KRB_AP_ERR_METHOD = 48; //Alternative authentication method required
265 public static final int KRB_AP_ERR_BADSEQ = 49; //Incorrect sequence number in message
266 public static final int KRB_AP_ERR_INAPP_CKSUM = 50; //Inappropriate type of checksum in message
267 public static final int KRB_ERR_RESPONSE_TOO_BIG = 52; //Response too big for UDP, retry with TCP
268 public static final int KRB_ERR_GENERIC = 60; //Generic error (description in e-text)
269 public static final int KRB_ERR_FIELD_TOOLONG = 61; //Field is too long for this implementation
270 public static final int KRB_CRYPTO_NOT_SUPPORT = 100; //Client does not support this crypto type
271 public static final int KRB_AP_ERR_NOREALM = 62;
272 public static final int KRB_AP_ERR_GEN_CRED = 63;
273 // public static final int KRB_AP_ERR_CKSUM_NOKEY =101; //Lack of the key to generate the checksum
274 // error codes specific to this implementation
275 public static final int KRB_AP_ERR_REQ_OPTIONS = 101; //Invalid TGS_REQ
276 public static final int API_INVALID_ARG = 400; //Invalid argument
277
278 public static final int BITSTRING_SIZE_INVALID = 500; //BitString size does not match input byte array
279 public static final int BITSTRING_INDEX_OUT_OF_BOUNDS = 501; //BitString bit index does not fall within size
280 public static final int BITSTRING_BAD_LENGTH = 502; //BitString length is wrong for the expected type
281
282 public static final int REALM_ILLCHAR = 600; //Illegal character in realm name; one of: '/', ':', '\0'
283 public static final int REALM_NULL = 601; //Null realm name
284
285 public static final int ASN1_BAD_TIMEFORMAT = 900; //Input not in GeneralizedTime format
286 public static final int ASN1_MISSING_FIELD = 901; //Structure is missing a required field
287 public static final int ASN1_MISPLACED_FIELD = 902; //Unexpected field number
288 public static final int ASN1_TYPE_MISMATCH = 903; //Type numbers are inconsistent
289 public static final int ASN1_OVERFLOW = 904; //Value too large
|
55 public static final int AP_OPTS_RESERVED = 0;
56 public static final int AP_OPTS_USE_SESSION_KEY = 1;
57 public static final int AP_OPTS_MUTUAL_REQUIRED = 2;
58 public static final int AP_OPTS_MAX = 31;
59
60 //Ticket Flags
61
62 public static final int TKT_OPTS_RESERVED = 0;
63 public static final int TKT_OPTS_FORWARDABLE = 1;
64 public static final int TKT_OPTS_FORWARDED = 2;
65 public static final int TKT_OPTS_PROXIABLE = 3;
66 public static final int TKT_OPTS_PROXY = 4;
67 public static final int TKT_OPTS_MAY_POSTDATE = 5;
68 public static final int TKT_OPTS_POSTDATED = 6;
69 public static final int TKT_OPTS_INVALID = 7;
70 public static final int TKT_OPTS_RENEWABLE = 8;
71 public static final int TKT_OPTS_INITIAL = 9;
72 public static final int TKT_OPTS_PRE_AUTHENT = 10;
73 public static final int TKT_OPTS_HW_AUTHENT = 11;
74 public static final int TKT_OPTS_DELEGATE = 13;
75 public static final int TKT_OPTS_ENC_PA_REP = 15;
76 public static final int TKT_OPTS_MAX = 31;
77
78 // KDC Options
79 // (option values defined in KDCOptions.java)
80 public static final int KDC_OPTS_MAX = 31;
81
82 // KerberosFlags
83 public static final int KRB_FLAGS_MAX = 31;
84
85 //Last Request types
86
87 public static final int LRTYPE_NONE = 0;
88 public static final int LRTYPE_TIME_OF_INITIAL_TGT = 1;
89 public static final int LRTYPE_TIME_OF_INITIAL_REQ = 2;
90 public static final int LRTYPE_TIME_OF_NEWEST_TGT = 3;
91 public static final int LRTYPE_TIME_OF_LAST_RENEWAL = 4;
92 public static final int LRTYPE_TIME_OF_LAST_REQ = 5;
93
94 //Host address lengths
95
149
150 public static final int KEYTYPE_DES3 = 2;
151 public static final int KEYTYPE_AES = 3;
152 public static final int KEYTYPE_ARCFOUR_HMAC = 4;
153
154
155 //----------------------------------------+-----------------
156 // padata type |padata-type value
157 //----------------------------------------+-----------------
158 public static final int PA_TGS_REQ = 1;
159 public static final int PA_ENC_TIMESTAMP = 2;
160 public static final int PA_PW_SALT = 3;
161
162 // new preauth types
163 public static final int PA_ETYPE_INFO = 11;
164 public static final int PA_ETYPE_INFO2 = 19;
165
166 // S4U2user info
167 public static final int PA_FOR_USER = 129;
168
169 // FAST (RFC 6806)
170 public static final int PA_REQ_ENC_PA_REP = 149;
171
172 //-------------------------------+-------------
173 //authorization data type |ad-type value
174 //-------------------------------+-------------
175 //reserved values 0-63
176 public static final int OSF_DCE = 64;
177 public static final int SESAME = 65;
178
179 //----------------------------------------------+-----------------
180 //alternate authentication type |method-type value
181 //----------------------------------------------+-----------------
182 // reserved values 0-63
183 public static final int ATT_CHALLENGE_RESPONSE = 64;
184
185 //--------------------------------------------+-------------
186 //transited encoding type |tr-type value
187 //--------------------------------------------+-------------
188 public static final int DOMAIN_X500_COMPRESS = 1;
189 // reserved values all others
190
191 //----------------------------+-------+-----------------------------------------
254 public static final int KRB_AP_ERR_TKT_NYV = 33; //Ticket not yet valid
255 public static final int KRB_AP_ERR_REPEAT = 34; //Request is a replay
256 public static final int KRB_AP_ERR_NOT_US = 35; //The ticket isn't for us
257 public static final int KRB_AP_ERR_BADMATCH = 36; //Ticket and authenticator don't match
258 public static final int KRB_AP_ERR_SKEW = 37; //Clock skew too great
259 public static final int KRB_AP_ERR_BADADDR = 38; //Incorrect net address
260 public static final int KRB_AP_ERR_BADVERSION = 39; //Protocol version mismatch
261 public static final int KRB_AP_ERR_MSG_TYPE = 40; //Invalid msg type
262 public static final int KRB_AP_ERR_MODIFIED = 41; //Message stream modified
263 public static final int KRB_AP_ERR_BADORDER = 42; //Message out of order
264 public static final int KRB_AP_ERR_BADKEYVER = 44; //Specified version of key is not available
265 public static final int KRB_AP_ERR_NOKEY = 45; //Service key not available
266 public static final int KRB_AP_ERR_MUT_FAIL = 46; //Mutual authentication failed
267 public static final int KRB_AP_ERR_BADDIRECTION = 47; //Incorrect message direction
268 public static final int KRB_AP_ERR_METHOD = 48; //Alternative authentication method required
269 public static final int KRB_AP_ERR_BADSEQ = 49; //Incorrect sequence number in message
270 public static final int KRB_AP_ERR_INAPP_CKSUM = 50; //Inappropriate type of checksum in message
271 public static final int KRB_ERR_RESPONSE_TOO_BIG = 52; //Response too big for UDP, retry with TCP
272 public static final int KRB_ERR_GENERIC = 60; //Generic error (description in e-text)
273 public static final int KRB_ERR_FIELD_TOOLONG = 61; //Field is too long for this implementation
274 public static final int KRB_ERR_WRONG_REALM = 68; //Wrong realm
275 public static final int KRB_CRYPTO_NOT_SUPPORT = 100; //Client does not support this crypto type
276 public static final int KRB_AP_ERR_NOREALM = 62;
277 public static final int KRB_AP_ERR_GEN_CRED = 63;
278 // public static final int KRB_AP_ERR_CKSUM_NOKEY =101; //Lack of the key to generate the checksum
279 // error codes specific to this implementation
280 public static final int KRB_AP_ERR_REQ_OPTIONS = 101; //Invalid TGS_REQ
281 public static final int API_INVALID_ARG = 400; //Invalid argument
282
283 public static final int BITSTRING_SIZE_INVALID = 500; //BitString size does not match input byte array
284 public static final int BITSTRING_INDEX_OUT_OF_BOUNDS = 501; //BitString bit index does not fall within size
285 public static final int BITSTRING_BAD_LENGTH = 502; //BitString length is wrong for the expected type
286
287 public static final int REALM_ILLCHAR = 600; //Illegal character in realm name; one of: '/', ':', '\0'
288 public static final int REALM_NULL = 601; //Null realm name
289
290 public static final int ASN1_BAD_TIMEFORMAT = 900; //Input not in GeneralizedTime format
291 public static final int ASN1_MISSING_FIELD = 901; //Structure is missing a required field
292 public static final int ASN1_MISPLACED_FIELD = 902; //Unexpected field number
293 public static final int ASN1_TYPE_MISMATCH = 903; //Type numbers are inconsistent
294 public static final int ASN1_OVERFLOW = 904; //Value too large
|