Search in sources :

Example 6 with KrbApErrException

use of sun.security.krb5.internal.KrbApErrException in project jdk8u_jdk by JetBrains.

the class KRBError method init.

/**
     * Initializes a KRBError object.
     * @param encoding a DER-encoded data.
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
     * @exception IOException if an I/O error occurs while reading encoded data.
     * @exception KrbApErrException if the value read from the DER-encoded data
     *  stream does not match the pre-defined value.
     * @exception RealmException if an error occurs while parsing a Realm object.
     */
private void init(DerValue encoding) throws Asn1Exception, RealmException, KrbApErrException, IOException {
    DerValue der, subDer;
    if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x1E) || (encoding.isApplication() != true) || (encoding.isConstructed() != true)) {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    der = encoding.getData().getDerValue();
    if (der.getTag() != DerValue.tag_Sequence) {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x00) {
        pvno = subDer.getData().getBigInteger().intValue();
        if (pvno != Krb5.PVNO)
            throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
    } else {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x01) {
        msgType = subDer.getData().getBigInteger().intValue();
        if (msgType != Krb5.KRB_ERROR) {
            throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
        }
    } else {
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    }
    cTime = KerberosTime.parse(der.getData(), (byte) 0x02, true);
    if ((der.getData().peekByte() & 0x1F) == 0x03) {
        subDer = der.getData().getDerValue();
        cuSec = new Integer(subDer.getData().getBigInteger().intValue());
    } else
        cuSec = null;
    sTime = KerberosTime.parse(der.getData(), (byte) 0x04, false);
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x05) {
        suSec = new Integer(subDer.getData().getBigInteger().intValue());
    } else
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x06) {
        errorCode = subDer.getData().getBigInteger().intValue();
    } else
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    Realm crealm = Realm.parse(der.getData(), (byte) 0x07, true);
    cname = PrincipalName.parse(der.getData(), (byte) 0x08, true, crealm);
    Realm realm = Realm.parse(der.getData(), (byte) 0x09, false);
    sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false, realm);
    eText = null;
    eData = null;
    eCksum = null;
    if (der.getData().available() > 0) {
        if ((der.getData().peekByte() & 0x1F) == 0x0B) {
            subDer = der.getData().getDerValue();
            eText = new KerberosString(subDer.getData().getDerValue()).toString();
        }
    }
    if (der.getData().available() > 0) {
        if ((der.getData().peekByte() & 0x1F) == 0x0C) {
            subDer = der.getData().getDerValue();
            eData = subDer.getData().getOctetString();
        }
    }
    if (der.getData().available() > 0) {
        eCksum = Checksum.parse(der.getData(), (byte) 0x0D, true);
    }
    if (der.getData().available() > 0)
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}
Also used : BigInteger(java.math.BigInteger) KerberosString(sun.security.krb5.internal.util.KerberosString) Asn1Exception(sun.security.krb5.Asn1Exception) Realm(sun.security.krb5.Realm)

Example 7 with KrbApErrException

use of sun.security.krb5.internal.KrbApErrException in project jdk8u_jdk by JetBrains.

the class AuthList method put.

/**
     * Puts the authenticator timestamp into the cache in descending order,
     * and throw an exception if it's already there.
     */
public void put(AuthTimeWithHash t, KerberosTime currentTime) throws KrbApErrException {
    if (entries.isEmpty()) {
        entries.addFirst(t);
    } else {
        AuthTimeWithHash temp = entries.getFirst();
        int cmp = temp.compareTo(t);
        if (cmp < 0) {
            // This is the most common case, newly received authenticator
            // has larger timestamp.
            entries.addFirst(t);
        } else if (cmp == 0) {
            throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
        } else {
            //unless client clock being re-adjusted.
            ListIterator<AuthTimeWithHash> it = entries.listIterator(1);
            boolean found = false;
            while (it.hasNext()) {
                temp = it.next();
                cmp = temp.compareTo(t);
                if (cmp < 0) {
                    // Find an older one, put in front of it
                    entries.add(entries.indexOf(temp), t);
                    found = true;
                    break;
                } else if (cmp == 0) {
                    throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
                }
            }
            if (!found) {
                // All is newer than the newcomer. Sigh.
                entries.addLast(t);
            }
        }
    }
    // let us cleanup while we are here
    long timeLimit = currentTime.getSeconds() - lifespan;
    ListIterator<AuthTimeWithHash> it = entries.listIterator(0);
    AuthTimeWithHash temp = null;
    int index = -1;
    while (it.hasNext()) {
        // search expired timestamps.
        temp = it.next();
        if (temp.ctime < timeLimit) {
            index = entries.indexOf(temp);
            break;
        }
    }
    // It would be nice if LinkedList has a method called truncate(index).
    if (index > -1) {
        do {
            // remove expired timestamps from the list.
            entries.removeLast();
        } while (entries.size() > index);
    }
}
Also used : ListIterator(java.util.ListIterator) KrbApErrException(sun.security.krb5.internal.KrbApErrException)

Aggregations

Asn1Exception (sun.security.krb5.Asn1Exception)4 Realm (sun.security.krb5.Realm)2 BigInteger (java.math.BigInteger)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 ListIterator (java.util.ListIterator)1 KrbCryptoException (sun.security.krb5.KrbCryptoException)1 KrbApErrException (sun.security.krb5.internal.KrbApErrException)1 AuthTimeWithHash (sun.security.krb5.internal.rcache.AuthTimeWithHash)1 KerberosString (sun.security.krb5.internal.util.KerberosString)1