Search in sources :

Example 11 with KerberosKey

use of javax.security.auth.kerberos.KerberosKey in project jdk8u_jdk by JetBrains.

the class Context method status.

/**
     * Prints status of GSSContext and Subject
     * @throws java.lang.Exception
     */
public void status() throws Exception {
    System.out.println("STATUS OF " + name.toUpperCase());
    try {
        StringBuffer sb = new StringBuffer();
        if (x.getAnonymityState()) {
            sb.append("anon, ");
        }
        if (x.getConfState()) {
            sb.append("conf, ");
        }
        if (x.getCredDelegState()) {
            sb.append("deleg, ");
        }
        if (x.getIntegState()) {
            sb.append("integ, ");
        }
        if (x.getMutualAuthState()) {
            sb.append("mutual, ");
        }
        if (x.getReplayDetState()) {
            sb.append("rep det, ");
        }
        if (x.getSequenceDetState()) {
            sb.append("seq det, ");
        }
        if (x instanceof ExtendedGSSContext) {
            if (((ExtendedGSSContext) x).getDelegPolicyState()) {
                sb.append("deleg policy, ");
            }
        }
        System.out.println("Context status of " + name + ": " + sb.toString());
        System.out.println(x.getSrcName() + " -> " + x.getTargName());
    } catch (Exception e) {
        // Don't care
        ;
    }
    if (s != null) {
        System.out.println("====== START SUBJECT CONTENT =====");
        for (Principal p : s.getPrincipals()) {
            System.out.println("    Principal: " + p);
        }
        for (Object o : s.getPublicCredentials()) {
            System.out.println("    " + o.getClass());
            System.out.println("        " + o);
        }
        System.out.println("====== Private Credentials Set ======");
        for (Object o : s.getPrivateCredentials()) {
            System.out.println("    " + o.getClass());
            if (o instanceof KerberosTicket) {
                KerberosTicket kt = (KerberosTicket) o;
                System.out.println("        " + kt.getServer() + " for " + kt.getClient());
            } else if (o instanceof KerberosKey) {
                KerberosKey kk = (KerberosKey) o;
                System.out.print("        " + kk.getKeyType() + " " + kk.getVersionNumber() + " " + kk.getAlgorithm() + " ");
                for (byte b : kk.getEncoded()) {
                    System.out.printf("%02X", b & 0xff);
                }
                System.out.println();
            } else if (o instanceof Map) {
                Map map = (Map) o;
                for (Object k : map.keySet()) {
                    System.out.println("        " + k + ": " + map.get(k));
                }
            } else {
                System.out.println("        " + o);
            }
        }
        System.out.println("====== END SUBJECT CONTENT =====");
    }
    if (x != null && x instanceof ExtendedGSSContext) {
        if (x.isEstablished()) {
            ExtendedGSSContext ex = (ExtendedGSSContext) x;
            Key k = (Key) ex.inquireSecContext(InquireType.KRB5_GET_SESSION_KEY);
            if (k == null) {
                throw new Exception("Session key cannot be null");
            }
            System.out.println("Session key is: " + k);
            boolean[] flags = (boolean[]) ex.inquireSecContext(InquireType.KRB5_GET_TKT_FLAGS);
            if (flags == null) {
                throw new Exception("Ticket flags cannot be null");
            }
            System.out.println("Ticket flags is: " + Arrays.toString(flags));
            String authTime = (String) ex.inquireSecContext(InquireType.KRB5_GET_AUTHTIME);
            if (authTime == null) {
                throw new Exception("Auth time cannot be null");
            }
            System.out.println("AuthTime is: " + authTime);
            if (!x.isInitiator()) {
                AuthorizationDataEntry[] ad = (AuthorizationDataEntry[]) ex.inquireSecContext(InquireType.KRB5_GET_AUTHZ_DATA);
                System.out.println("AuthzData is: " + Arrays.toString(ad));
            }
        }
    }
}
Also used : ExtendedGSSContext(com.sun.security.jgss.ExtendedGSSContext) KerberosTicket(javax.security.auth.kerberos.KerberosTicket) AuthorizationDataEntry(com.sun.security.jgss.AuthorizationDataEntry) PrivilegedActionException(java.security.PrivilegedActionException) GSSException(org.ietf.jgss.GSSException) InvocationTargetException(java.lang.reflect.InvocationTargetException) KerberosKey(javax.security.auth.kerberos.KerberosKey) HashMap(java.util.HashMap) Map(java.util.Map) Principal(java.security.Principal) KerberosKey(javax.security.auth.kerberos.KerberosKey) Key(java.security.Key)

Example 12 with KerberosKey

use of javax.security.auth.kerberos.KerberosKey in project zm-mailbox by Zimbra.

the class Krb5Keytab method readEntry.

private void readEntry(FileChannel fc) throws IOException {
    int size = readInt(fc);
    if (size < 0) {
        // Skip deleted entry
        long newPos = fc.position() + -size;
        if (newPos >= fc.size()) {
            throw new EOFException();
        }
        fc.position(newPos);
        return;
    }
    ByteBuffer bb = readBytes(fc, size);
    try {
        KerberosPrincipal kp = getPrincipal(bb);
        KerberosKey key = getKey(bb, kp);
        addKey(kp, key);
    } catch (ArrayIndexOutOfBoundsException e) {
        throw formatError("Invalid entry size " + size);
    }
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) KerberosKey(javax.security.auth.kerberos.KerberosKey) EOFException(java.io.EOFException) ByteBuffer(java.nio.ByteBuffer)

Example 13 with KerberosKey

use of javax.security.auth.kerberos.KerberosKey in project zm-mailbox by Zimbra.

the class Krb5Keytab method dump.

/**
     * Prints contents of keytab to specified stream.
     *
     * @param ps The PrintStream to which the keytab contents are written
     */
public void dump(PrintStream ps) {
    ps.printf("Keytab name: %s\n", file);
    ps.printf("Keytab version: 0x%x\n", version);
    ps.printf("KVNO Principal\n");
    ps.print("---- ");
    for (int i = 0; i < 75; i++) ps.print('-');
    ps.println();
    for (KerberosPrincipal kp : keyMap.keySet()) {
        for (KerberosKey key : keyMap.get(kp)) {
            ps.printf("%4d %s (%s) (0x%x)\n", key.getVersionNumber(), kp.getName(), getKeyTypeName(key.getKeyType()), new BigInteger(1, key.getEncoded()));
        }
    }
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) KerberosKey(javax.security.auth.kerberos.KerberosKey) BigInteger(java.math.BigInteger)

Aggregations

KerberosKey (javax.security.auth.kerberos.KerberosKey)13 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)9 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)5 PrivilegedActionException (java.security.PrivilegedActionException)3 Subject (javax.security.auth.Subject)3 KeyTab (javax.security.auth.kerberos.KeyTab)2 GSSException (org.ietf.jgss.GSSException)2 GSSManager (org.ietf.jgss.GSSManager)2 EncryptionKey (sun.security.krb5.EncryptionKey)2 AuthorizationDataEntry (com.sun.security.jgss.AuthorizationDataEntry)1 ExtendedGSSContext (com.sun.security.jgss.ExtendedGSSContext)1 EOFException (java.io.EOFException)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 BigInteger (java.math.BigInteger)1 InetAddress (java.net.InetAddress)1 ByteBuffer (java.nio.ByteBuffer)1 Key (java.security.Key)1 Principal (java.security.Principal)1