Example 6 with PrincipalName
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class ServiceCreds method getEKeys.
/**
* Gets EKeys for a principal.
* @param princ the target name initiator requests. Not null.
* @return keys for the princ, never null, might be empty
*/
public EncryptionKey[] getEKeys(PrincipalName princ) {
if (destroyed) {
throw new IllegalStateException("This object is destroyed");
}
KerberosKey[] kkeys = getKKeys(new KerberosPrincipal(princ.getName()));
if (kkeys.length == 0) {
// Fallback: old JDK does not perform real name checking. If the
// acceptor has host.sun.com but initiator requests for host,
// as long as their keys match (i.e. keys for one can decrypt
// the other's service ticket), the authentication is OK.
// There are real customers depending on this to use different
// names for a single service.
kkeys = getKKeys();
}
EncryptionKey[] ekeys = new EncryptionKey[kkeys.length];
for (int i = 0; i < ekeys.length; i++) {
ekeys[i] = new EncryptionKey(kkeys[i].getEncoded(), kkeys[i].getKeyType(), new Integer(kkeys[i].getVersionNumber()));
}
return ekeys;
}
Also used :
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
KerberosKey(javax.security.auth.kerberos.KerberosKey)
EncryptionKey(sun.security.krb5.EncryptionKey)
Example 7 with PrincipalName
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class PrincipalName method asn1Encode.
/**
* Encodes a <code>PrincipalName</code> object. Note that only the type and
* names are encoded. To encode the realm, call getRealm().asn1Encode().
* @return the byte array of the encoded PrncipalName object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
public byte[] asn1Encode() throws Asn1Exception, IOException {
DerOutputStream bytes = new DerOutputStream();
DerOutputStream temp = new DerOutputStream();
BigInteger bint = BigInteger.valueOf(this.nameType);
temp.putInteger(bint);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
temp = new DerOutputStream();
DerValue[] der = new DerValue[nameStrings.length];
for (int i = 0; i < nameStrings.length; i++) {
der[i] = new KerberosString(nameStrings[i]).toDerValue();
}
temp.putSequence(der);
bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
temp = new DerOutputStream();
temp.write(DerValue.tag_Sequence, bytes);
return temp.toByteArray();
}
Also used :
BigInteger(java.math.BigInteger)
KerberosString(sun.security.krb5.internal.util.KerberosString)
Example 8 with PrincipalName
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class Krb5ProxyImpl method getPrincipalHostName.
@Override
public String getPrincipalHostName(Principal principal) {
if (principal == null) {
return null;
}
String hostName = null;
try {
PrincipalName princName = new PrincipalName(principal.getName(), PrincipalName.KRB_NT_SRV_HST);
String[] nameParts = princName.getNameStrings();
if (nameParts.length >= 2) {
hostName = nameParts[1];
}
} catch (Exception e) {
// ignore
}
return hostName;
}
Also used :
PrincipalName(sun.security.krb5.PrincipalName)
LoginException(javax.security.auth.login.LoginException)
Example 9 with PrincipalName
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class KerberosPrincipal method readObject.
/**
* Reads this object from a stream (i.e., deserializes it)
*/
private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
byte[] asn1EncPrincipal = (byte[]) ois.readObject();
byte[] encRealm = (byte[]) ois.readObject();
try {
Realm realmObject = new Realm(new DerValue(encRealm));
PrincipalName krb5Principal = new PrincipalName(new DerValue(asn1EncPrincipal), realmObject);
realm = realmObject.toString();
fullName = krb5Principal.toString();
nameType = krb5Principal.getNameType();
} catch (Exception e) {
throw new IOException(e);
}
}
Also used :
PrincipalName(sun.security.krb5.PrincipalName)
Realm(sun.security.krb5.Realm)
KrbException(sun.security.krb5.KrbException)
Example 10 with PrincipalName
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class KerberosPrincipal method writeObject.
/**
* Save the KerberosPrincipal object to a stream
*
* @serialData this {@code KerberosPrincipal} is serialized
* by writing out the PrincipalName and the
* realm in their DER-encoded form as specified in Section 5.2.2 of
* <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>.
*/
private void writeObject(ObjectOutputStream oos) throws IOException {
PrincipalName krb5Principal;
try {
krb5Principal = new PrincipalName(fullName, nameType);
oos.writeObject(krb5Principal.asn1Encode());
oos.writeObject(krb5Principal.getRealm().asn1Encode());
} catch (Exception e) {
throw new IOException(e);
}
}
Also used :
PrincipalName(sun.security.krb5.PrincipalName)
KrbException(sun.security.krb5.KrbException)
Aggregations
PrincipalName (sun.security.krb5.PrincipalName)17
KeyTab (sun.security.krb5.internal.ktab.KeyTab)7
KrbException (sun.security.krb5.KrbException)6
EncryptionKey (sun.security.krb5.EncryptionKey)3
CredentialsCache (sun.security.krb5.internal.ccache.CredentialsCache)3
File (java.io.File)2
IOException (java.io.IOException)2
PrivilegedActionException (java.security.PrivilegedActionException)2
KerberosKey (javax.security.auth.kerberos.KerberosKey)2
KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2
KerberosTicket (javax.security.auth.kerberos.KerberosTicket)2
ServicePermission (javax.security.auth.kerberos.ServicePermission)2
Realm (sun.security.krb5.Realm)2
RealmException (sun.security.krb5.RealmException)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
BigInteger (java.math.BigInteger)1
UnknownHostException (java.net.UnknownHostException)1
LoginException (javax.security.auth.login.LoginException)1
GSSException (org.ietf.jgss.GSSException)1
ServiceCreds (sun.security.jgss.krb5.ServiceCreds)1
