< prev index next >

src/java.security.jgss/share/classes/sun/security/krb5/internal/PAData.java

Print this page 





   1 /*
   2  * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 /*
  27  *
  28  *  (C) Copyright IBM Corp. 1999 All Rights Reserved.
  29  *  Copyright 1997 The Open Group Research Institute.  All rights reserved.
  30  */
  31 
  32 package sun.security.krb5.internal;
  33 
  34 import sun.security.krb5.internal.crypto.EType;
  35 import sun.security.util.*;
  36 import sun.security.krb5.Asn1Exception;
  37 import java.io.IOException;


  38 import sun.security.krb5.internal.util.KerberosString;
  39 
  40 /**
  41  * Implements the ASN.1 PA-DATA type.
  42  *
  43  * <pre>{@code
  44  * PA-DATA         ::= SEQUENCE {
  45  *         -- NOTE: first tag is [1], not [0]
  46  *         padata-type     [1] Int32,
  47  *         padata-value    [2] OCTET STRING -- might be encoded AP-REQ
  48  * }
  49  * }</pre>
  50  *
  51  * <p>
  52  * This definition reflects the Network Working Group RFC 4120
  53  * specification available at
  54  * <a href="http://www.ietf.org/rfc/rfc4120.txt">
  55  * http://www.ietf.org/rfc/rfc4120.txt</a>.
  56  */
  57 


 120         DerOutputStream temp = new DerOutputStream();
 121 
 122         temp.putInteger(pADataType);
 123         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_PATYPE), temp);
 124         temp = new DerOutputStream();
 125         temp.putOctetString(pADataValue);
 126         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_PAVALUE), temp);
 127 
 128         temp = new DerOutputStream();
 129         temp.write(DerValue.tag_Sequence, bytes);
 130         return temp.toByteArray();
 131     }
 132 
 133     // accessor methods
 134     public int getType() {
 135         return pADataType;
 136     }
 137 
 138     public byte[] getValue() {
 139         return ((pADataValue == null) ? null : pADataValue.clone());



































 140     }
 141 
 142     /**
 143      * Gets the preferred etype from the PAData array.
 144      * <ol>
 145      * <li>ETYPE-INFO2-ENTRY with unknown s2kparams ignored</li>
 146      * <li>ETYPE-INFO2 preferred to ETYPE-INFO</li>
 147      * <li>Multiple entries for same etype in one PA-DATA, use the first one.</li>
 148      * <li>Multiple PA-DATA with same type, choose the last one.</li>
 149      * </ol>
 150      * (This is useful when PA-DATAs from KRB-ERROR and AS-REP are combined).
 151      *
 152      * @return the etype, or defaultEType if not enough info
 153      * @throws Asn1Exception|IOException if there is an encoding error
 154      */
 155     public static int getPreferredEType(PAData[] pas, int defaultEType)
 156             throws IOException, Asn1Exception {
 157 
 158         if (pas == null) return defaultEType;
 159 




   1 /*
   2  * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 /*
  27  *
  28  *  (C) Copyright IBM Corp. 1999 All Rights Reserved.
  29  *  Copyright 1997 The Open Group Research Institute.  All rights reserved.
  30  */
  31 
  32 package sun.security.krb5.internal;
  33 
  34 import sun.security.krb5.internal.crypto.EType;
  35 import sun.security.util.*;
  36 import sun.security.krb5.Asn1Exception;
  37 import java.io.IOException;
  38 import java.util.Vector;
  39 
  40 import sun.security.krb5.internal.util.KerberosString;
  41 
  42 /**
  43  * Implements the ASN.1 PA-DATA type.
  44  *
  45  * <pre>{@code
  46  * PA-DATA         ::= SEQUENCE {
  47  *         -- NOTE: first tag is [1], not [0]
  48  *         padata-type     [1] Int32,
  49  *         padata-value    [2] OCTET STRING -- might be encoded AP-REQ
  50  * }
  51  * }</pre>
  52  *
  53  * <p>
  54  * This definition reflects the Network Working Group RFC 4120
  55  * specification available at
  56  * <a href="http://www.ietf.org/rfc/rfc4120.txt">
  57  * http://www.ietf.org/rfc/rfc4120.txt</a>.
  58  */
  59 


 122         DerOutputStream temp = new DerOutputStream();
 123 
 124         temp.putInteger(pADataType);
 125         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_PATYPE), temp);
 126         temp = new DerOutputStream();
 127         temp.putOctetString(pADataValue);
 128         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, TAG_PAVALUE), temp);
 129 
 130         temp = new DerOutputStream();
 131         temp.write(DerValue.tag_Sequence, bytes);
 132         return temp.toByteArray();
 133     }
 134 
 135     // accessor methods
 136     public int getType() {
 137         return pADataType;
 138     }
 139 
 140     public byte[] getValue() {
 141         return ((pADataValue == null) ? null : pADataValue.clone());
 142     }
 143 
 144     /**
 145      * Parse (unmarshal) a PAData from a DER input stream.  This form
 146      * parsing might be used when expanding a value which is part of
 147      * a constructed sequence and uses explicitly tagged type.
 148      *
 149      * @exception Asn1Exception if an Asn1Exception occurs.
 150      * @param data the Der input stream value, which contains one or more
 151      *        marshaled values.
 152      * @param explicitTag tag number.
 153      * @param optional indicates if this data field is optional.
 154      * @return an array of PAData.
 155      */
 156     public static PAData[] parseSequence(DerInputStream data,
 157                                       byte explicitTag, boolean optional)
 158         throws Asn1Exception, IOException {
 159         if ((optional) &&
 160                 (((byte)data.peekByte() & (byte)0x1F) != explicitTag))
 161                 return null;
 162         DerValue subDer = data.getDerValue();
 163         DerValue subsubDer = subDer.getData().getDerValue();
 164         if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
 165             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
 166         }
 167         Vector<PAData> v = new Vector<>();
 168         while (subsubDer.getData().available() > 0) {
 169             v.addElement(new PAData(subsubDer.getData().getDerValue()));
 170         }
 171         if (v.size() > 0) {
 172             PAData[] pas = new PAData[v.size()];
 173             v.copyInto(pas);
 174             return pas;
 175         }
 176         return null;
 177     }
 178 
 179     /**
 180      * Gets the preferred etype from the PAData array.
 181      * <ol>
 182      * <li>ETYPE-INFO2-ENTRY with unknown s2kparams ignored</li>
 183      * <li>ETYPE-INFO2 preferred to ETYPE-INFO</li>
 184      * <li>Multiple entries for same etype in one PA-DATA, use the first one.</li>
 185      * <li>Multiple PA-DATA with same type, choose the last one.</li>
 186      * </ol>
 187      * (This is useful when PA-DATAs from KRB-ERROR and AS-REP are combined).
 188      *
 189      * @return the etype, or defaultEType if not enough info
 190      * @throws Asn1Exception|IOException if there is an encoding error
 191      */
 192     public static int getPreferredEType(PAData[] pas, int defaultEType)
 193             throws IOException, Asn1Exception {
 194 
 195         if (pas == null) return defaultEType;
 196 







< prev index next >