Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.security.jgss/share/classes/sun/security/krb5/internal/KDCReqBody.java
41161 views
1
/*

2
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

3
 *

4
 * This code is free software; you can redistribute it and/or modify it

5
 * under the terms of the GNU General Public License version 2 only, as

6
 * published by the Free Software Foundation.  Oracle designates this

7
 * particular file as subject to the "Classpath" exception as provided

8
 * by Oracle in the LICENSE file that accompanied this code.

9
 *

10
 * This code is distributed in the hope that it will be useful, but WITHOUT

11
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

12
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

13
 * version 2 for more details (a copy is included in the LICENSE file that

14
 * accompanied this code).

15
 *

16
 * You should have received a copy of the GNU General Public License version

17
 * 2 along with this work; if not, write to the Free Software Foundation,

18
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

19
 *

20
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

21
 * or visit www.oracle.com if you need additional information or have any

22
 * questions.

23
 */

24


25
/*

26
 *

27
 *  (C) Copyright IBM Corp. 1999 All Rights Reserved.

28
 *  Copyright 1997 The Open Group Research Institute.  All rights reserved.

29
 */

30


31
package sun.security.krb5.internal;

32


33
import sun.security.krb5.*;

34
import sun.security.util.*;

35
import java.util.Vector;

36
import java.io.IOException;

37
import java.math.BigInteger;

38


39
/**

40
 * Implements the ASN.1 KDC-REQ-BODY type.

41
 *

42
 * <pre>{@code

43
 * KDC-REQ-BODY ::= SEQUENCE {

44
 *      kdc-options             [0] KDCOptions,

45
 *      cname                   [1] PrincipalName OPTIONAL

46
 *                                    -- Used only in AS-REQ --,

47
 *      realm                   [2] Realm

48
 *                                    -- Server's realm

49
 *                                    -- Also client's in AS-REQ --,

50
 *      sname                   [3] PrincipalName OPTIONAL,

51
 *      from                    [4] KerberosTime OPTIONAL,

52
 *      till                    [5] KerberosTime,

53
 *      rtime                   [6] KerberosTime OPTIONAL,

54
 *      nonce                   [7] UInt32,

55
 *      etype                   [8] SEQUENCE OF Int32 -- EncryptionType

56
 *                                    -- in preference order --,

57
 *      addresses               [9] HostAddresses OPTIONAL,

58
 *      enc-authorization-data  [10] EncryptedData OPTIONAL

59
 *                                    -- AuthorizationData --,

60
 *      additional-tickets      [11] SEQUENCE OF Ticket OPTIONAL

61
 *                                       -- NOTE: not empty

62
 * }

63
 * }</pre>

64
 *

65
 * <p>

66
 * This definition reflects the Network Working Group RFC 4120

67
 * specification available at

68
 * <a href="http://www.ietf.org/rfc/rfc4120.txt">

69
 * http://www.ietf.org/rfc/rfc4120.txt</a>.

70
 */

71


72
public class KDCReqBody {

73
    public KDCOptions kdcOptions;

74
    public PrincipalName cname; //optional in ASReq only

75
    public PrincipalName sname; //optional

76
    public KerberosTime from; //optional

77
    public KerberosTime till;

78
    public KerberosTime rtime; //optional

79
    public HostAddresses addresses; //optional

80


81
    private int nonce;

82
    private int[] eType = null; //a sequence; not optional

83
    private EncryptedData encAuthorizationData; //optional

84
    private Ticket[] additionalTickets; //optional

85


86
    public KDCReqBody(

87
            KDCOptions new_kdcOptions,

88
            PrincipalName new_cname, //optional in ASReq only

89
            PrincipalName new_sname, //optional

90
            KerberosTime new_from, //optional

91
            KerberosTime new_till,

92
            KerberosTime new_rtime, //optional

93
            int new_nonce,

94
            int[] new_eType, //a sequence; not optional

95
            HostAddresses new_addresses, //optional

96
            EncryptedData new_encAuthorizationData, //optional

97
            Ticket[] new_additionalTickets //optional

98
            ) throws IOException {

99
        kdcOptions = new_kdcOptions;

100
        cname = new_cname;

101
        sname = new_sname;

102
        from = new_from;

103
        till = new_till;

104
        rtime = new_rtime;

105
        nonce = new_nonce;

106
        if (new_eType != null) {

107
            eType = new_eType.clone();

108
        }

109
        addresses = new_addresses;

110
        encAuthorizationData = new_encAuthorizationData;

111
        if (new_additionalTickets != null) {

112
            additionalTickets = new Ticket[new_additionalTickets.length];

113
            for (int i = 0; i < new_additionalTickets.length; i++) {

114
                if (new_additionalTickets[i] == null) {

115
                    throw new IOException("Cannot create a KDCReqBody");

116
                } else {

117
                    additionalTickets[i] = (Ticket)new_additionalTickets[i].clone();

118
                }

119
            }

120
        }

121
    }

122


123
    /**

124
     * Constructs a KDCReqBody object.

125
     * @param encoding a DER-encoded data.

126
     * @param msgType an int indicating whether it's KRB_AS_REQ or KRB_TGS_REQ type.

127
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.

128
     * @exception IOException if an I/O error occurs while reading encoded data.

129
     * @exception RealmException if an error occurs while constructing a Realm object from the encoded data.

130
     *

131
     */

132
    public KDCReqBody(DerValue encoding, int msgType)

133
            throws Asn1Exception, RealmException, KrbException, IOException {

134
        DerValue der, subDer;

135
        addresses = null;

136
        encAuthorizationData = null;

137
        additionalTickets = null;

138
        if (encoding.getTag() != DerValue.tag_Sequence) {

139
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);

140
        }

141
        kdcOptions = KDCOptions.parse(encoding.getData(), (byte)0x00, false);

142


143
        // cname only appears in AS-REQ and it shares the realm field with

144
        // sname. This is the only place where realm comes after the name.

145
        // We first give cname a fake realm and reassign it the correct

146
        // realm after the realm field is read.

147
        cname = PrincipalName.parse(encoding.getData(), (byte)0x01, true,

148
                new Realm("PLACEHOLDER"));

149
        if ((msgType != Krb5.KRB_AS_REQ) && (cname != null)) {

150
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);

151
        }

152
        Realm realm = Realm.parse(encoding.getData(), (byte)0x02, false);

153
        if (cname != null) {

154
            cname = new PrincipalName(

155
                    cname.getNameType(), cname.getNameStrings(), realm);

156
        }

157
        sname = PrincipalName.parse(encoding.getData(), (byte)0x03, true, realm);

158
        from = KerberosTime.parse(encoding.getData(), (byte)0x04, true);

159
        till = KerberosTime.parse(encoding.getData(), (byte)0x05, false);

160
        rtime = KerberosTime.parse(encoding.getData(), (byte)0x06, true);

161
        der = encoding.getData().getDerValue();

162
        if ((der.getTag() & (byte)0x1F) == (byte)0x07) {

163
            nonce = der.getData().getBigInteger().intValue();

164
        } else {

165
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);

166
        }

167
        der = encoding.getData().getDerValue();

168
        Vector<Integer> v = new Vector<>();

169
        if ((der.getTag() & (byte)0x1F) == (byte)0x08) {

170
            subDer = der.getData().getDerValue();

171


172
            if (subDer.getTag() == DerValue.tag_SequenceOf) {

173
                while(subDer.getData().available() > 0) {

174
                    v.addElement(subDer.getData().getBigInteger().intValue());

175
                }

176
                eType = new int[v.size()];

177
                for (int i = 0; i < v.size(); i++) {

178
                    eType[i] = v.elementAt(i);

179
                }

180
            } else {

181
                throw new Asn1Exception(Krb5.ASN1_BAD_ID);

182
            }

183
        } else {

184
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);

185
        }

186
        if (encoding.getData().available() > 0) {

187
            addresses = HostAddresses.parse(encoding.getData(), (byte)0x09, true);

188
        }

189
        if (encoding.getData().available() > 0) {

190
            encAuthorizationData = EncryptedData.parse(encoding.getData(), (byte)0x0A, true);

191
        }

192
        if (encoding.getData().available() > 0) {

193
            Vector<Ticket> tempTickets = new Vector<>();

194
            der = encoding.getData().getDerValue();

195
            if ((der.getTag() & (byte)0x1F) == (byte)0x0B) {

196
                subDer = der.getData().getDerValue();

197
                if (subDer.getTag() == DerValue.tag_SequenceOf) {

198
                    while (subDer.getData().available() > 0) {

199
                        tempTickets.addElement(new Ticket(subDer.getData().getDerValue()));

200
                    }

201
                } else {

202
                    throw new Asn1Exception(Krb5.ASN1_BAD_ID);

203
                }

204
                if (tempTickets.size() > 0) {

205
                    additionalTickets = new Ticket[tempTickets.size()];

206
                    tempTickets.copyInto(additionalTickets);

207
                }

208
            } else {

209
                throw new Asn1Exception(Krb5.ASN1_BAD_ID);

210
            }

211
        }

212
        if (encoding.getData().available() > 0) {

213
            throw new Asn1Exception(Krb5.ASN1_BAD_ID);

214
        }

215
    }

216


217
    /**

218
     * Encodes this object to an OutputStream.

219
     *

220
     * @return an byte array of encoded data.

221
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.

222
     * @exception IOException if an I/O error occurs while reading encoded data.

223
     *

224
     */

225
    public byte[] asn1Encode(int msgType) throws Asn1Exception, IOException {

226
        Vector<DerValue> v = new Vector<>();

227
        v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), kdcOptions.asn1Encode()));

228
        if (msgType == Krb5.KRB_AS_REQ) {

229
            if (cname != null) {

230
                v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), cname.asn1Encode()));

231
            }

232
        }

233
        if (sname != null) {

234
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), sname.getRealm().asn1Encode()));

235
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x03), sname.asn1Encode()));

236
        } else if (cname != null) {

237
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x02), cname.getRealm().asn1Encode()));

238
        }

239
        if (from != null) {

240
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x04), from.asn1Encode()));

241
        }

242
        v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x05), till.asn1Encode()));

243
        if (rtime != null) {

244
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x06), rtime.asn1Encode()));

245
        }

246
        DerOutputStream temp = new DerOutputStream();

247
        temp.putInteger(BigInteger.valueOf(nonce));

248
        v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x07), temp.toByteArray()));

249
        //revisit, if empty eType sequences are allowed

250
        temp = new DerOutputStream();

251
        for (int i = 0; i < eType.length; i++) {

252
            temp.putInteger(BigInteger.valueOf(eType[i]));

253
        }

254
        DerOutputStream eTypetemp = new DerOutputStream();

255
        eTypetemp.write(DerValue.tag_SequenceOf, temp);

256
        v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x08), eTypetemp.toByteArray()));

257
        if (addresses != null) {

258
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x09), addresses.asn1Encode()));

259
        }

260
        if (encAuthorizationData != null) {

261
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0A), encAuthorizationData.asn1Encode()));

262
        }

263
        if (additionalTickets != null && additionalTickets.length > 0) {

264
            temp = new DerOutputStream();

265
            for (int i = 0; i < additionalTickets.length; i++) {

266
                temp.write(additionalTickets[i].asn1Encode());

267
            }

268
            DerOutputStream ticketsTemp = new DerOutputStream();

269
            ticketsTemp.write(DerValue.tag_SequenceOf, temp);

270
            v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x0B), ticketsTemp.toByteArray()));

271
        }

272
        DerValue[] der = new DerValue[v.size()];

273
        v.copyInto(der);

274
        temp = new DerOutputStream();

275
        temp.putSequence(der);

276
        return temp.toByteArray();

277
    }

278


279
    public int getNonce() {

280
        return nonce;

281
    }

282
}

283


284