1 /*
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
3 *
4 * This code is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License version 2 only, as
6 * published by the Free Software Foundation. Oracle designates this
7 * particular file as subject to the "Classpath" exception as provided
8 * by Oracle in the LICENSE file that accompanied this code.
9 *
10 * This code is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
23 */
24
25 /*
26 *
27 * (C) Copyright IBM Corp. 1999 All Rights Reserved.
28 * Copyright 1997 The Open Group Research Institute. All rights reserved.
29 */
30
31 package sun.security.krb5.internal;
32
33 import sun.security.krb5.Asn1Exception;
34 import sun.security.krb5.internal.util.KerberosFlags;
35 import sun.security.util.*;
36 import java.io.IOException;
37
38 /**
39 * Implements the ASN.1TicketFlags type.
40 *
41 * TicketFlags ::= BIT STRING
42 * {
43 * reserved(0),
44 * forwardable(1),
45 * forwarded(2),
46 * proxiable(3),
47 * proxy(4),
48 * may-postdate(5),
49 * postdated(6),
50 * invalid(7),
51 * renewable(8),
52 * initial(9),
53 * pre-authent(10),
54 * hw-authent(11)
55 * }
56 */
57 public class TicketFlags extends KerberosFlags {
58 public TicketFlags() {
59 super(Krb5.TKT_OPTS_MAX + 1);
60 }
61
62 public TicketFlags (boolean[] flags) throws Asn1Exception {
63 super(flags);
64 if (flags.length > Krb5.TKT_OPTS_MAX + 1) {
65 throw new Asn1Exception(Krb5.BITSTRING_BAD_LENGTH);
66 }
67 }
68
69 public TicketFlags(int size, byte[] data) throws Asn1Exception {
70 super(size, data);
71 if ((size > data.length * BITS_PER_UNIT) || (size > Krb5.TKT_OPTS_MAX + 1))
72 throw new Asn1Exception(Krb5.BITSTRING_BAD_LENGTH);
73 }
74
75 public TicketFlags(DerValue encoding) throws IOException, Asn1Exception {
76 this(encoding.getUnalignedBitString(true).toBooleanArray());
77 }
78
79 /**
80 * Parse (unmarshal) a ticket flag from a DER input stream. This form
81 * parsing might be used when expanding a value which is part of
82 * a constructed sequence and uses explicitly tagged type.
83 *
84 * @exception Asn1Exception on error.
85 * @param data the Der input stream value, which contains one or more marshaled value.
86 * @param explicitTag tag number.
87 * @param optional indicate if this data field is optional
88 * @return an instance of TicketFlags.
89 *
90 */
91 public static TicketFlags parse(DerInputStream data, byte explicitTag, boolean optional) throws Asn1Exception, IOException {
92 if ((optional) && (((byte)data.peekByte() & (byte)0x1F) != explicitTag))
93 return null;
94 DerValue der = data.getDerValue();
95 if (explicitTag != (der.getTag() & (byte)0x1F)) {
96 throw new Asn1Exception(Krb5.ASN1_BAD_ID);
97 }
98 else {
99 DerValue subDer = der.getData().getDerValue();
100 return new TicketFlags(subDer);
101 }
102 }
103
104 public Object clone() {
105 try {
106 return new TicketFlags(this.toBooleanArray());
107 }
108 catch (Exception e) {
109 return null;
110 }
111 }
112
113 public boolean match(LoginOptions options) {
114 boolean matched = false;
115 //We currently only consider if forwardable renewable and proxiable are match
116 if (this.get(Krb5.TKT_OPTS_FORWARDABLE) == (options.get(KDCOptions.FORWARDABLE))) {
117 if (this.get(Krb5.TKT_OPTS_PROXIABLE) == (options.get(KDCOptions.PROXIABLE))) {
118 if (this.get(Krb5.TKT_OPTS_RENEWABLE) == (options.get(KDCOptions.RENEWABLE))) {
119 matched = true;
120 }
121 }
122 }
123 return matched;
124 }
125 public boolean match(TicketFlags flags) {
126 boolean matched = true;
127 for (int i = 0; i <= Krb5.TKT_OPTS_MAX; i++) {
128 if (this.get(i) != flags.get(i)) {
129 return false;
130 }
131 }
132 return matched;
133 }
134
135
136 /**
137 * Returns the string representative of ticket flags.
138 */
139 public String toString() {
140 StringBuilder sb = new StringBuilder();
141 boolean[] flags = toBooleanArray();
142 for (int i = 0; i < flags.length; i++) {
143 if (flags[i] == true) {
144 switch (i) {
145 case 0:
146 sb.append("RESERVED;");
147 break;
148 case 1:
149 sb.append("FORWARDABLE;");
150 break;
151 case 2:
152 sb.append("FORWARDED;");
153 break;
154 case 3:
155 sb.append("PROXIABLE;");
156 break;
157 case 4:
158 sb.append("PROXY;");
159 break;
160 case 5:
161 sb.append("MAY-POSTDATE;");
162 break;
163 case 6:
164 sb.append("POSTDATED;");
165 break;
166 case 7:
167 sb.append("INVALID;");
168 break;
169 case 8:
170 sb.append("RENEWABLE;");
171 break;
172 case 9:
173 sb.append("INITIAL;");
174 break;
175 case 10:
176 sb.append("PRE-AUTHENT;");
177 break;
178 case 11:
179 sb.append("HW-AUTHENT;");
180 break;
181 }
182 }
183 }
184 String result = sb.toString();
185 if (result.length() > 0) {
186 result = result.substring(0, result.length() - 1);
187 }
188 return result;
189 }
190 }