< prev index next >
src/java.security.jgss/share/classes/sun/security/krb5/internal/rcache/AuthTimeWithHash.java
Print this page
rev 15878 : 8168518: rcache interop with krb5-1.15
*** 23,49 ****
* questions.
*/
package sun.security.krb5.internal.rcache;
import java.util.Objects;
/**
* The class represents a new style replay cache entry. It can be either used
* inside memory or in a dfl file.
*/
public class AuthTimeWithHash extends AuthTime
implements Comparable<AuthTimeWithHash> {
final String hash;
/**
* Constructs a new <code>AuthTimeWithHash</code>.
*/
public AuthTimeWithHash(String client, String server,
! int ctime, int cusec, String hash) {
super(client, server, ctime, cusec);
this.hash = hash;
}
/**
* Compares if an object equals to an <code>AuthTimeWithHash</code> object.
--- 23,69 ----
* questions.
*/
package sun.security.krb5.internal.rcache;
+ import sun.security.action.GetPropertyAction;
+
import java.util.Objects;
/**
* The class represents a new style replay cache entry. It can be either used
* inside memory or in a dfl file.
*/
public class AuthTimeWithHash extends AuthTime
implements Comparable<AuthTimeWithHash> {
+ // The hash algorithm can be "HASH" or "SHA256".
+ public static String DEFAULT_HASH_ALG = GetPropertyAction
+ .privilegedGetProperty("jdk.krb5.rcache.hashalg", "HASH");
+
+ public static String realAlg(String alg) {
+ if (alg.equals("HASH")) {
+ return "MD5";
+ } else if (alg.equals("SHA")) {
+ return "SHA-1";
+ } else if (alg.startsWith("SHA") && !alg.startsWith("SHA-")) {
+ return "SHA-" + alg.substring(3);
+ } else {
+ return alg;
+ }
+ }
+
+ final String hashAlg;
final String hash;
/**
* Constructs a new <code>AuthTimeWithHash</code>.
*/
public AuthTimeWithHash(String client, String server,
! int ctime, int cusec, String hashAlg, String hash) {
super(client, server, ctime, cusec);
+ this.hashAlg = hashAlg;
this.hash = hash;
}
/**
* Compares if an object equals to an <code>AuthTimeWithHash</code> object.
*** 54,63 ****
--- 74,84 ----
public boolean equals(Object o) {
if (this == o) return true;
if (!(o instanceof AuthTimeWithHash)) return false;
AuthTimeWithHash that = (AuthTimeWithHash)o;
return Objects.equals(hash, that.hash)
+ && Objects.equals(hashAlg, that.hashAlg)
&& Objects.equals(client, that.client)
&& Objects.equals(server, that.server)
&& ctime == that.ctime
&& cusec == that.cusec;
}
*** 89,98 ****
--- 110,132 ----
}
/**
* Compares with a possibly old style object. Used
* in DflCache$Storage#loadAndCheck.
+ * @return true if all AuthTime fields are the same but different hash
+ */
+ public boolean sameTimeDiffHash(AuthTimeWithHash old) {
+ if (!this.isSameIgnoresHash(old)) {
+ return false;
+ }
+ return this.hashAlg.equals(old.hashAlg) &&
+ !this.hash.equals(old.hash);
+ }
+
+ /**
+ * Compares with a possibly old style object. Used
+ * in DflCache$Storage#loadAndCheck.
* @return true if all AuthTime fields are the same
*/
public boolean isSameIgnoresHash(AuthTime old) {
return client.equals(old.client) &&
server.equals(old.server) &&
*** 110,120 ****
public byte[] encode(boolean withHash) {
String cstring;
String sstring;
if (withHash) {
cstring = "";
! sstring = String.format("HASH:%s %d:%s %d:%s", hash,
client.length(), client,
server.length(), server);
} else {
cstring = client;
sstring = server;
--- 144,154 ----
public byte[] encode(boolean withHash) {
String cstring;
String sstring;
if (withHash) {
cstring = "";
! sstring = String.format("%s:%s %d:%s %d:%s", hashAlg, hash,
client.length(), client,
server.length(), server);
} else {
cstring = client;
sstring = server;
< prev index next >