Search in sources :

Example 6 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class ServiceCreds method getEKeys.

/**
     * Gets EKeys for a principal.
     * @param princ the target name initiator requests. Not null.
     * @return keys for the princ, never null, might be empty
     */
public EncryptionKey[] getEKeys(PrincipalName princ) {
    if (destroyed) {
        throw new IllegalStateException("This object is destroyed");
    }
    KerberosKey[] kkeys = getKKeys(new KerberosPrincipal(princ.getName()));
    if (kkeys.length == 0) {
        // Fallback: old JDK does not perform real name checking. If the
        // acceptor has host.sun.com but initiator requests for host,
        // as long as their keys match (i.e. keys for one can decrypt
        // the other's service ticket), the authentication is OK.
        // There are real customers depending on this to use different
        // names for a single service.
        kkeys = getKKeys();
    }
    EncryptionKey[] ekeys = new EncryptionKey[kkeys.length];
    for (int i = 0; i < ekeys.length; i++) {
        ekeys[i] = new EncryptionKey(kkeys[i].getEncoded(), kkeys[i].getKeyType(), new Integer(kkeys[i].getVersionNumber()));
    }
    return ekeys;
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) KerberosKey(javax.security.auth.kerberos.KerberosKey) EncryptionKey(sun.security.krb5.EncryptionKey)

Example 7 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class PrincipalName method asn1Encode.

/**
     * Encodes a <code>PrincipalName</code> object. Note that only the type and
     * names are encoded. To encode the realm, call getRealm().asn1Encode().
     * @return the byte array of the encoded PrncipalName object.
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
     * @exception IOException if an I/O error occurs while reading encoded data.
     *
     */
public byte[] asn1Encode() throws Asn1Exception, IOException {
    DerOutputStream bytes = new DerOutputStream();
    DerOutputStream temp = new DerOutputStream();
    BigInteger bint = BigInteger.valueOf(this.nameType);
    temp.putInteger(bint);
    bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
    temp = new DerOutputStream();
    DerValue[] der = new DerValue[nameStrings.length];
    for (int i = 0; i < nameStrings.length; i++) {
        der[i] = new KerberosString(nameStrings[i]).toDerValue();
    }
    temp.putSequence(der);
    bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
    temp = new DerOutputStream();
    temp.write(DerValue.tag_Sequence, bytes);
    return temp.toByteArray();
}
Also used : BigInteger(java.math.BigInteger) KerberosString(sun.security.krb5.internal.util.KerberosString)

Example 8 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class Krb5ProxyImpl method getPrincipalHostName.

@Override
public String getPrincipalHostName(Principal principal) {
    if (principal == null) {
        return null;
    }
    String hostName = null;
    try {
        PrincipalName princName = new PrincipalName(principal.getName(), PrincipalName.KRB_NT_SRV_HST);
        String[] nameParts = princName.getNameStrings();
        if (nameParts.length >= 2) {
            hostName = nameParts[1];
        }
    } catch (Exception e) {
    // ignore
    }
    return hostName;
}
Also used : PrincipalName(sun.security.krb5.PrincipalName) LoginException(javax.security.auth.login.LoginException)

Example 9 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class KerberosPrincipal method readObject.

/**
     * Reads this object from a stream (i.e., deserializes it)
     */
private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte[]) ois.readObject();
    byte[] encRealm = (byte[]) ois.readObject();
    try {
        Realm realmObject = new Realm(new DerValue(encRealm));
        PrincipalName krb5Principal = new PrincipalName(new DerValue(asn1EncPrincipal), realmObject);
        realm = realmObject.toString();
        fullName = krb5Principal.toString();
        nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}
Also used : PrincipalName(sun.security.krb5.PrincipalName) Realm(sun.security.krb5.Realm) KrbException(sun.security.krb5.KrbException)

Example 10 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class KerberosPrincipal method writeObject.

/**
     * Save the KerberosPrincipal object to a stream
     *
     * @serialData this {@code KerberosPrincipal} is serialized
     *          by writing out the PrincipalName and the
     *          realm in their DER-encoded form as specified in Section 5.2.2 of
     *          <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>.
     */
private void writeObject(ObjectOutputStream oos) throws IOException {
    PrincipalName krb5Principal;
    try {
        krb5Principal = new PrincipalName(fullName, nameType);
        oos.writeObject(krb5Principal.asn1Encode());
        oos.writeObject(krb5Principal.getRealm().asn1Encode());
    } catch (Exception e) {
        throw new IOException(e);
    }
}
Also used : PrincipalName(sun.security.krb5.PrincipalName) KrbException(sun.security.krb5.KrbException)

Aggregations

PrincipalName (sun.security.krb5.PrincipalName)17 KeyTab (sun.security.krb5.internal.ktab.KeyTab)7 KrbException (sun.security.krb5.KrbException)6 EncryptionKey (sun.security.krb5.EncryptionKey)3 CredentialsCache (sun.security.krb5.internal.ccache.CredentialsCache)3 File (java.io.File)2 IOException (java.io.IOException)2 PrivilegedActionException (java.security.PrivilegedActionException)2 KerberosKey (javax.security.auth.kerberos.KerberosKey)2 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)2 ServicePermission (javax.security.auth.kerberos.ServicePermission)2 Realm (sun.security.krb5.Realm)2 RealmException (sun.security.krb5.RealmException)2 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 BigInteger (java.math.BigInteger)1 UnknownHostException (java.net.UnknownHostException)1 LoginException (javax.security.auth.login.LoginException)1 GSSException (org.ietf.jgss.GSSException)1 ServiceCreds (sun.security.jgss.krb5.ServiceCreds)1