Package org.apache.directory.shared.kerberos.components

Examples of org.apache.directory.shared.kerberos.components.PaEncTsEnc

299
300
301
302
303
304
305
306
307
308
309
    private PaData[] getPreAuthPublicKey( KerberosPrincipal clientPrincipal, String passPhrase,
        KerberosTime timeStamp ) throws Exception
    {
        PaData[] paData = new PaData[1];

        PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );

        EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );

        EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp,
            KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
View Full Code Here
314
315
316
317
318
319
320
321
322
323
324
    protected PaData[] getPreAuthEncryptedTimeStamp( EncryptionKey clientKey, KerberosTime timeStamp )
        throws Exception
    {
        PaData[] paData = new PaData[1];

        PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );

        EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );

        ByteBuffer buffer = ByteBuffer.allocate( encryptedData.computeLength() );
        byte[] encodedEncryptedData = encryptedData.encode( buffer ).array();
View Full Code Here
193
194
195
196
197
198
199
200
201
        {
            throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
        }

        // get the decoded PaEncTsEnc
        PaEncTsEnc paEncTsEnc = ( ( PaEncTsEncContainer ) paEncTsEncContainer ).getPaEncTsEnc();

        return paEncTsEnc;
    }
View Full Code Here
264
265
266
267
268
269
270
271
272
273
274
275
        AsReq req = new AsReq();
        req.setKdcReqBody( body );

        if ( clientTgtReq.isPreAuthEnabled() )
        {
            PaEncTsEnc tmstmp = new PaEncTsEnc();
            tmstmp.setPaTimestamp( new KerberosTime() );
           
            EncryptedData paDataValue = cipherTextHandler.encrypt( clientKey, getEncoded( tmstmp ), KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
           
            PaData paEncTstmp = new PaData();
            paEncTstmp.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
View Full Code Here
71
72
73
74
75
76
77
78
79
80
81
    protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal,
        String passPhrase, KerberosTime timeStamp ) throws Exception
    {
        PaData[] paData = new PaData[1];

        PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );

        EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );

        EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp,
            KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
View Full Code Here
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
                    LOG_KRB.debug( "PRE_AUTH required..." );
                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
                        preparePreAuthenticationError( authContext.getEncryptionType(), config.getEncryptionTypes() ) );
                }

                PaEncTsEnc timestamp = null;

                for ( PaData paData : preAuthData )
                {
                    if ( paData.getPaDataType().equals( PaDataType.PA_ENC_TIMESTAMP ) )
                    {
                        EncryptedData dataValue = KerberosDecoder.decodeEncryptedData( paData.getPaDataValue() );
                        byte[] decryptedData = cipherTextHandler.decrypt( clientKey, dataValue,
                            KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
                        timestamp = KerberosDecoder.decodePaEncTsEnc( decryptedData );
                    }
                }

                if ( timestamp == null )
                {
                    LOG_KRB.error( "No timestamp found" );
                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
                        preparePreAuthenticationError( authContext.getEncryptionType(), config.getEncryptionTypes() ) );
                }

                if ( !timestamp.getPaTimestamp().isInClockSkew( config.getAllowableClockSkew() ) )
                {
                    LOG_KRB.error( "Timestamp not in delay" );

                    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_FAILED );
                }
View Full Code Here
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
        catch ( DecoderException de )
        {
            fail( de.getMessage() );
        }

        PaEncTsEnc paEncTsEnc = paEncTsEncContainer.getPaEncTsEnc();

        assertEquals( "20101010234545Z", paEncTsEnc.getPaTimestamp().toString() );
        assertEquals( 1, paEncTsEnc.getPausec() );

        ByteBuffer bb = ByteBuffer.allocate( paEncTsEnc.computeLength() );

        try
        {
            bb = paEncTsEnc.encode( bb );

            // Check the length
            assertEquals( 0x1A, bb.limit() );

            String encodedPdu = Strings.dumpBytes( bb.array() );
View Full Code Here
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
        catch ( DecoderException de )
        {
            fail( de.getMessage() );
        }

        PaEncTsEnc paEncTsEnc = paEncTsEncContainer.getPaEncTsEnc();

        assertEquals( "20101010234545Z", paEncTsEnc.getPaTimestamp().toString() );
        assertEquals( -1, paEncTsEnc.getPausec() );

        ByteBuffer bb = ByteBuffer.allocate( paEncTsEnc.computeLength() );

        try
        {
            bb = paEncTsEnc.encode( bb );

            // Check the length
            assertEquals( 0x15, bb.limit() );

            String encodedPdu = Strings.dumpBytes( bb.array() );
View Full Code Here
67
68
69
70
71
72
73
74
75
76
77
            // This will generate a PROTOCOL_ERROR
            throw new DecoderException( I18n.err( I18n.ERR_04067 ) );
        }

        PaEncTsEnc paEncTsEnc = new PaEncTsEnc();
        paEncTsEncContainer.setPaEncTsEnc( paEncTsEnc );

        if ( IS_DEBUG )
        {
            LOG.debug( "PaEncTsEnc created" );
View Full Code Here
211
212
213
214
215
216
217
218
219
        {
            throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY, de );
        }

        // get the decoded PaEncTsEnc
        PaEncTsEnc paEncTsEnc = ( ( PaEncTsEncContainer ) paEncTsEncContainer ).getPaEncTsEnc();

        return paEncTsEnc;
    }
View Full Code Here
TOP

Related Classes of org.apache.directory.shared.kerberos.components.PaEncTsEnc

  • org.apache.directory.kerberos.client.KdcConnection
  • org.apache.directory.kerberos.client.KerberosConnection
  • org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService
  • org.apache.directory.server.kerberos.protocol.AbstractAuthenticationServiceTest
  • org.apache.directory.server.kerberos.protocol.AuthenticationEncryptionTypeTest
  • org.apache.directory.server.kerberos.protocol.codec.KerberosDecoder
  • org.apache.directory.server.kerberos.protocol.KerberosDecoder
  • org.apache.directory.server.kerberos.protocol.PreAuthenticationTest
  • org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandlerTest
  • org.apache.directory.shared.kerberos.codec.paEncTsEnc.actions.PaEncTsEncInit
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.