Example 1 with RealmException
use of sun.security.krb5.RealmException in project jdk8u_jdk by JetBrains.
the class KeyTab method getKeys.
/**
* Returns fresh keys for the given Kerberos principal.
* <p>
* Implementation of this method should make sure the returned keys match
* the latest content of the keytab file. The result is a newly created
* copy that can be modified by the caller without modifying the keytab
* object. The caller should {@link KerberosKey#destroy() destroy} the
* result keys after they are used.
* <p>
* Please note that the keytab file can be created after the
* {@code KeyTab} object is instantiated and its content may change over
* time. Therefore, an application should call this method only when it
* needs to use the keys. Any previous result from an earlier invocation
* could potentially be expired.
* <p>
* If there is any error (say, I/O error or format error)
* during the reading process of the KeyTab file, a saved result should be
* returned. If there is no saved result (say, this is the first time this
* method is called, or, all previous read attempts failed), an empty array
* should be returned. This can make sure the result is not drastically
* changed during the (probably slow) update of the keytab file.
* <p>
* Each time this method is called and the reading of the file succeeds
* with no exception (say, I/O error or file format error),
* the result should be saved for {@code principal}. The implementation can
* also save keys for other principals having keys in the same keytab object
* if convenient.
* <p>
* Any unsupported key read from the keytab is ignored and not included
* in the result.
* <p>
* If this keytab is bound to a specific principal, calling this method on
* another principal will return an empty array.
*
* @param principal the Kerberos principal, must not be null.
* @return the keys (never null, may be empty)
* @throws NullPointerException if the {@code principal}
* argument is null
* @throws SecurityException if a security manager exists and the read
* access to the keytab file is not permitted
*/
public KerberosKey[] getKeys(KerberosPrincipal principal) {
try {
if (princ != null && !principal.equals(princ)) {
return new KerberosKey[0];
}
PrincipalName pn = new PrincipalName(principal.getName());
EncryptionKey[] keys = takeSnapshot().readServiceKeys(pn);
KerberosKey[] kks = new KerberosKey[keys.length];
for (int i = 0; i < kks.length; i++) {
Integer tmp = keys[i].getKeyVersionNumber();
kks[i] = new KerberosKey(principal, keys[i].getBytes(), keys[i].getEType(), tmp == null ? 0 : tmp.intValue());
keys[i].destroy();
}
return kks;
} catch (RealmException re) {
return new KerberosKey[0];
}
}
Also used :
EncryptionKey(sun.security.krb5.EncryptionKey)
PrincipalName(sun.security.krb5.PrincipalName)
RealmException(sun.security.krb5.RealmException)
Example 2 with RealmException
use of sun.security.krb5.RealmException in project jdk8u_jdk by JetBrains.
the class KRBSafe method init.
/**
* Initializes an KRBSafe object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
*/
private void init(DerValue encoding) throws Asn1Exception, RealmException, KrbApErrException, IOException {
DerValue der, subDer;
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x14) || (encoding.isApplication() != true) || (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x1F) == 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_SAFE)
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
} else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
safeBody = KRBSafeBody.parse(der.getData(), (byte) 0x02, false);
cksum = Checksum.parse(der.getData(), (byte) 0x03, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Also used :
Asn1Exception(sun.security.krb5.Asn1Exception)
Example 3 with RealmException
use of sun.security.krb5.RealmException in project jdk8u_jdk by JetBrains.
the class Realm method parseRealmAtSeparator.
// Extract realm from a string like dummy@REALM
public static String parseRealmAtSeparator(String name) throws RealmException {
if (name == null) {
throw new IllegalArgumentException("null input name is not allowed");
}
String temp = new String(name);
String result = null;
int i = 0;
while (i < temp.length()) {
if (temp.charAt(i) == PrincipalName.NAME_REALM_SEPARATOR) {
if (i == 0 || temp.charAt(i - 1) != '\\') {
if (i + 1 < temp.length()) {
result = temp.substring(i + 1, temp.length());
} else {
throw new IllegalArgumentException("empty realm part not allowed");
}
break;
}
}
i++;
}
if (result != null) {
if (result.length() == 0)
throw new RealmException(Krb5.REALM_NULL);
if (!isValidRealmString(result))
throw new RealmException(Krb5.REALM_ILLCHAR);
}
return result;
}
Also used :
KerberosString(sun.security.krb5.internal.util.KerberosString)
Example 4 with RealmException
use of sun.security.krb5.RealmException in project jdk8u_jdk by JetBrains.
the class EncKrbCredPart method init.
/**
* Initializes an EncKrbCredPart object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception, IOException, RealmException {
DerValue der, subDer;
//may not be the correct error code for a tag
//mismatch on an encrypted structure
nonce = null;
timeStamp = null;
usec = null;
sAddress = null;
rAddress = null;
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1D) || (encoding.isApplication() != true) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
DerValue[] derValues = subDer.getData().getSequence(1);
ticketInfo = new KrbCredInfo[derValues.length];
for (int i = 0; i < derValues.length; i++) {
ticketInfo[i] = new KrbCredInfo(derValues[i]);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
subDer = der.getData().getDerValue();
nonce = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() > 0) {
timeStamp = KerberosTime.parse(der.getData(), (byte) 0x02, true);
}
if (der.getData().available() > 0) {
if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
subDer = der.getData().getDerValue();
usec = new Integer(subDer.getData().getBigInteger().intValue());
}
}
if (der.getData().available() > 0) {
sAddress = HostAddress.parse(der.getData(), (byte) 0x04, true);
}
if (der.getData().available() > 0) {
rAddress = HostAddresses.parse(der.getData(), (byte) 0x05, true);
}
if (der.getData().available() > 0) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
}
Also used :
BigInteger(java.math.BigInteger)
Asn1Exception(sun.security.krb5.Asn1Exception)
Example 5 with RealmException
use of sun.security.krb5.RealmException in project jdk8u_jdk by JetBrains.
the class Ticket method init.
/**
* Initializes a Ticket object.
* @param encoding a single DER-encoded value.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception, RealmException, KrbApErrException, IOException {
DerValue der;
DerValue subDer;
if (((encoding.getTag() & (byte) 0x1F) != Krb5.KRB_TKT) || (encoding.isApplication() != true) || (encoding.isConstructed() != true))
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) != (byte) 0x00)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
tkt_vno = subDer.getData().getBigInteger().intValue();
if (tkt_vno != Krb5.TICKET_VNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
Realm srealm = Realm.parse(der.getData(), (byte) 0x01, false);
sname = PrincipalName.parse(der.getData(), (byte) 0x02, false, srealm);
encPart = EncryptedData.parse(der.getData(), (byte) 0x03, false);
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Also used :
Asn1Exception(sun.security.krb5.Asn1Exception)
Realm(sun.security.krb5.Realm)
Aggregations
Asn1Exception (sun.security.krb5.Asn1Exception)4
Realm (sun.security.krb5.Realm)3
BigInteger (java.math.BigInteger)2
PrincipalName (sun.security.krb5.PrincipalName)2
RealmException (sun.security.krb5.RealmException)2
KerberosString (sun.security.krb5.internal.util.KerberosString)2
InetAddress (java.net.InetAddress)1
EncryptionKey (sun.security.krb5.EncryptionKey)1
sun.security.krb5.internal (sun.security.krb5.internal)1
