Package org.apache.directory.shared.kerberos.components

Examples of org.apache.directory.shared.kerberos.components.PaEncTsEnc


    protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal,
        String passPhrase, KerberosTime timeStamp ) throws Exception
    {
        PaData[] paData = new PaData[1];

        PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );

        EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );

        EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
View Full Code Here


            PaData paData = new PaData();

            if ( clientOptions.isUsePaEncTimestamp() )
            {

                PaEncTsEnc paEncTimeStamp = new PaEncTsEnc( new KerberosTime(), 0 );

                EncryptedData encryptedData = null;

                try
                {
View Full Code Here

    private PaData[] getPreAuthPublicKey( KerberosPrincipal clientPrincipal, String passPhrase,
        KerberosTime timeStamp ) throws Exception
    {
        PaData[] paData = new PaData[1];

        PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );

        EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );

        EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
View Full Code Here

                    LOG_KRB.debug( "PRE_AUTH required..." );
                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
                        preparePreAuthenticationError( authContext.getEncryptionType(), config.getEncryptionTypes() ) );
                }

                PaEncTsEnc timestamp = null;

                for ( PaData paData : preAuthData )
                {
                    if ( paData.getPaDataType().equals( PaDataType.PA_ENC_TIMESTAMP ) )
                    {
                        EncryptedData dataValue = KerberosDecoder.decodeEncryptedData( paData.getPaDataValue() );
                        byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue,
                            KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
                        timestamp = KerberosDecoder.decodePaEncTsEnc( decryptedData );
                    }
                }

                if ( timestamp == null )
                {
                    LOG_KRB.error( "No timestamp found" );
                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
                        preparePreAuthenticationError( authContext.getEncryptionType(), config.getEncryptionTypes() ) );
                }

                if ( !timestamp.getPaTimestamp().isInClockSkew( config.getAllowableClockSkew() ) )
                {
                    LOG_KRB.error( "Timestamp not in delay" );

                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_FAILED );
                }
View Full Code Here

        AsReq req = new AsReq();
        req.setKdcReqBody( body );

        if ( clientTgtReq.isPreAuthEnabled() )
        {
            PaEncTsEnc tmstmp = new PaEncTsEnc();
            tmstmp.setPaTimestamp( new KerberosTime() );
           
            EncryptedData paDataValue = cipherTextHandler.encrypt( clientKey, getEncoded( tmstmp ), KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
           
            PaData paEncTstmp = new PaData();
            paEncTstmp.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
View Full Code Here

        EncryptedData data = new EncryptedData( EncryptionType.DES_CBC_MD5, 0, DES_ENCRYPTED_TIME_STAMP );

        try
        {
            byte[] paEncTsEncData = lockBox.decrypt( key, data, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
            PaEncTsEnc object = KerberosDecoder.decodePaEncTsEnc( paEncTsEncData );
            assertEquals( "TimeStamp", "20070322233107Z", object.getPaTimestamp().toString() );
            assertEquals( "MicroSeconds", 291067, object.getPausec() );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }
View Full Code Here

        EncryptedData data = new EncryptedData( EncryptionType.DES3_CBC_SHA1_KD, 0, TRIPLE_DES_ENCRYPTED_TIME_STAMP );

        try
        {
            byte[] paEncTsEncData = lockBox.decrypt( key, data, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
            PaEncTsEnc object = KerberosDecoder.decodePaEncTsEnc( paEncTsEncData );
            assertEquals( "TimeStamp", "20070410190400Z", object.getPaTimestamp().toString() );
            assertEquals( "MicroSeconds", 460450, object.getPausec() );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }
View Full Code Here

        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), algorithm );
        EncryptionKey key = new EncryptionKey( EncryptionType.DES3_CBC_SHA1_KD, kerberosKey.getEncoded() );

        String zuluTime = "20070410190400Z";
        int microSeconds = 460450;
        PaEncTsEnc encryptedTimeStamp = getEncryptedTimeStamp( zuluTime, microSeconds );

        EncryptedData encryptedData = null;

        try
        {
            encryptedData = lockBox.seal( key, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }

        try
        {
            byte[] paEncTsEncData = lockBox.decrypt( key, encryptedData, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
            PaEncTsEnc object = KerberosDecoder.decodePaEncTsEnc( paEncTsEncData );
            assertEquals( "TimeStamp", zuluTime, object.getPaTimestamp().toString() );
            assertEquals( "MicroSeconds", microSeconds, object.getPausec() );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }
View Full Code Here

        EncryptedData data = new EncryptedData( EncryptionType.AES128_CTS_HMAC_SHA1_96, 0, AES128_ENCRYPTED_TIME_STAMP );

        try
        {
            byte[] paEncTsEncData = lockBox.decrypt( key, data, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
            PaEncTsEnc object = KerberosDecoder.decodePaEncTsEnc( paEncTsEncData );
            assertEquals( "TimeStamp", "20070410212557Z", object.getPaTimestamp().toString() );
            assertEquals( "MicroSeconds", 379386, object.getPausec() );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }
View Full Code Here

        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES128" );
        EncryptionKey key = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, kerberosKey.getEncoded() );

        String zuluTime = "20070410190400Z";
        int microSeconds = 460450;
        PaEncTsEnc encryptedTimeStamp = getEncryptedTimeStamp( zuluTime, microSeconds );

        EncryptedData encryptedData = null;

        try
        {
            encryptedData = lockBox.seal( key, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }

        try
        {
            byte[] paEncTsEncData = lockBox.decrypt( key, encryptedData, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
            PaEncTsEnc object = KerberosDecoder.decodePaEncTsEnc( paEncTsEncData );
            assertEquals( "TimeStamp", "20070410190400Z", object.getPaTimestamp().toString() );
            assertEquals( "MicroSeconds", 460450, object.getPausec() );
        }
        catch ( KerberosException ke )
        {
            fail( "Should not have caught exception." );
        }
View Full Code Here

TOP

Related Classes of org.apache.directory.shared.kerberos.components.PaEncTsEnc

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.