Example 6 with KrbApErrException
use of sun.security.krb5.internal.KrbApErrException in project jdk8u_jdk by JetBrains.
the class KRBError method init.
/**
* Initializes a KRBError object.
* @param encoding a DER-encoded data.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
* @exception KrbApErrException if the value read from the DER-encoded data
* stream does not match the pre-defined value.
* @exception RealmException if an error occurs while parsing a Realm object.
*/
private void init(DerValue encoding) throws Asn1Exception, RealmException, KrbApErrException, IOException {
DerValue der, subDer;
if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1E) || (encoding.isApplication() != true) || (encoding.isConstructed() != true)) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
der = encoding.getData().getDerValue();
if (der.getTag() != DerValue.tag_Sequence) {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
pvno = subDer.getData().getBigInteger().intValue();
if (pvno != Krb5.PVNO)
throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
msgType = subDer.getData().getBigInteger().intValue();
if (msgType != Krb5.KRB_ERROR) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
}
} else {
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
cTime = KerberosTime.parse(der.getData(), (byte) 0x02, true);
if ((der.getData().peekByte() & 0x1F) == 0x03) {
subDer = der.getData().getDerValue();
cuSec = new Integer(subDer.getData().getBigInteger().intValue());
} else
cuSec = null;
sTime = KerberosTime.parse(der.getData(), (byte) 0x04, false);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x05) {
suSec = new Integer(subDer.getData().getBigInteger().intValue());
} else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
subDer = der.getData().getDerValue();
if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x06) {
errorCode = subDer.getData().getBigInteger().intValue();
} else
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
Realm crealm = Realm.parse(der.getData(), (byte) 0x07, true);
cname = PrincipalName.parse(der.getData(), (byte) 0x08, true, crealm);
Realm realm = Realm.parse(der.getData(), (byte) 0x09, false);
sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false, realm);
eText = null;
eData = null;
eCksum = null;
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x0B) {
subDer = der.getData().getDerValue();
eText = new KerberosString(subDer.getData().getDerValue()).toString();
}
}
if (der.getData().available() > 0) {
if ((der.getData().peekByte() & 0x1F) == 0x0C) {
subDer = der.getData().getDerValue();
eData = subDer.getData().getOctetString();
}
}
if (der.getData().available() > 0) {
eCksum = Checksum.parse(der.getData(), (byte) 0x0D, true);
}
if (der.getData().available() > 0)
throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Also used :
BigInteger(java.math.BigInteger)
KerberosString(sun.security.krb5.internal.util.KerberosString)
Asn1Exception(sun.security.krb5.Asn1Exception)
Realm(sun.security.krb5.Realm)
Example 7 with KrbApErrException
use of sun.security.krb5.internal.KrbApErrException in project jdk8u_jdk by JetBrains.
the class AuthList method put.
/**
* Puts the authenticator timestamp into the cache in descending order,
* and throw an exception if it's already there.
*/
public void put(AuthTimeWithHash t, KerberosTime currentTime) throws KrbApErrException {
if (entries.isEmpty()) {
entries.addFirst(t);
} else {
AuthTimeWithHash temp = entries.getFirst();
int cmp = temp.compareTo(t);
if (cmp < 0) {
// This is the most common case, newly received authenticator
// has larger timestamp.
entries.addFirst(t);
} else if (cmp == 0) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
} else {
//unless client clock being re-adjusted.
ListIterator<AuthTimeWithHash> it = entries.listIterator(1);
boolean found = false;
while (it.hasNext()) {
temp = it.next();
cmp = temp.compareTo(t);
if (cmp < 0) {
// Find an older one, put in front of it
entries.add(entries.indexOf(temp), t);
found = true;
break;
} else if (cmp == 0) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
}
}
if (!found) {
// All is newer than the newcomer. Sigh.
entries.addLast(t);
}
}
}
// let us cleanup while we are here
long timeLimit = currentTime.getSeconds() - lifespan;
ListIterator<AuthTimeWithHash> it = entries.listIterator(0);
AuthTimeWithHash temp = null;
int index = -1;
while (it.hasNext()) {
// search expired timestamps.
temp = it.next();
if (temp.ctime < timeLimit) {
index = entries.indexOf(temp);
break;
}
}
// It would be nice if LinkedList has a method called truncate(index).
if (index > -1) {
do {
// remove expired timestamps from the list.
entries.removeLast();
} while (entries.size() > index);
}
}
Also used :
ListIterator(java.util.ListIterator)
KrbApErrException(sun.security.krb5.internal.KrbApErrException)
Aggregations
Asn1Exception (sun.security.krb5.Asn1Exception)4
Realm (sun.security.krb5.Realm)2
BigInteger (java.math.BigInteger)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
ListIterator (java.util.ListIterator)1
KrbCryptoException (sun.security.krb5.KrbCryptoException)1
KrbApErrException (sun.security.krb5.internal.KrbApErrException)1
AuthTimeWithHash (sun.security.krb5.internal.rcache.AuthTimeWithHash)1
KerberosString (sun.security.krb5.internal.util.KerberosString)1
