Java Code Examples for javax.security.auth.kerberos.KerberosTicket#getSessionKeyType()

The following examples show how to use javax.security.auth.kerberos.KerberosTicket#getSessionKeyType() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: KerberosClientKeyExchangeImpl.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 2
Source File: Krb5Util.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    KerberosPrincipal clientAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetClientAlias(kerbTicket);
    KerberosPrincipal serverAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetServerAlias(kerbTicket);
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        (clientAlias != null ? clientAlias.getName() : null),
        kerbTicket.getServer().getName(),
        (serverAlias != null ? serverAlias.getName() : null),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 3
Source File: Krb5Util.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    KerberosPrincipal clientAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetClientAlias(kerbTicket);
    KerberosPrincipal serverAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetServerAlias(kerbTicket);
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        (clientAlias != null ? clientAlias.getName() : null),
        kerbTicket.getServer().getName(),
        (serverAlias != null ? serverAlias.getName() : null),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 4
Source File: KerberosClientKeyExchangeImpl.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 5
Source File: KerberosClientKeyExchangeImpl.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 6
Source File: KerberosClientKeyExchangeImpl.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 7
Source File: KerberosClientKeyExchangeImpl.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 8
Source File: KerberosClientKeyExchangeImpl.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 9
Source File: KerberosClientKeyExchangeImpl.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 10
Source File: Krb5Util.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    KerberosPrincipal clientAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetClientAlias(kerbTicket);
    KerberosPrincipal serverAlias = KerberosSecrets
            .getJavaxSecurityAuthKerberosAccess()
            .kerberosTicketGetServerAlias(kerbTicket);
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        (clientAlias != null ? clientAlias.getName() : null),
        kerbTicket.getServer().getName(),
        (serverAlias != null ? serverAlias.getName() : null),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 11
Source File: Krb5KeyExchangeService.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
ExchangerImpl(String serverName, AccessControlContext acc,
        ProtocolVersion protocolVersion, SecureRandom rand) throws IOException {

    // Get service ticket
    KerberosTicket ticket = getServiceTicket(serverName, acc);
    encodedTicket = ticket.getEncoded();

    // Record the Kerberos principals
    peerPrincipal = ticket.getServer();
    localPrincipal = ticket.getClient();

    // Optional authenticator, encrypted using session key,
    // currently ignored

    // Generate premaster secret and encrypt it using session key
    EncryptionKey sessionKey = new EncryptionKey(
            ticket.getSessionKeyType(),
            ticket.getSessionKey().getEncoded());

    preMaster = new KerberosPreMasterSecret(protocolVersion,
            rand, sessionKey);
}
 
Example 12
Source File: KerberosClientKeyExchangeImpl.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of KerberosClientKeyExchange consisting of the
 * Kerberos service ticket, authenticator and encrypted premaster secret.
 * Called by client handshaker.
 *
 * @param serverName name of server with which to do handshake;
 *             this is used to get the Kerberos service ticket
 * @param protocolVersion Maximum version supported by client (i.e,
 *          version it requested in client hello)
 * @param rand random number generator to use for generating pre-master
 *          secret
 */
@Override
public void init(String serverName,
    AccessControlContext acc, ProtocolVersion protocolVersion,
    SecureRandom rand) throws IOException {

     // Get service ticket
     KerberosTicket ticket = getServiceTicket(serverName, acc);
     encodedTicket = ticket.getEncoded();

     // Record the Kerberos principals
     peerPrincipal = ticket.getServer();
     localPrincipal = ticket.getClient();

     // Optional authenticator, encrypted using session key,
     // currently ignored

     // Generate premaster secret and encrypt it using session key
     EncryptionKey sessionKey = new EncryptionKey(
                                    ticket.getSessionKeyType(),
                                    ticket.getSessionKey().getEncoded());

     preMaster = new KerberosPreMasterSecret(protocolVersion,
         rand, sessionKey);
}
 
Example 13
Source File: Krb5Util.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 14
Source File: Krb5Util.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 15
Source File: Krb5Util.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 16
Source File: Krb5Util.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 17
Source File: Krb5InitCredential.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
static Krb5InitCredential getInstance(GSSCaller caller, Krb5NameElement name,
                               int initLifetime)
    throws GSSException {

    KerberosTicket tgt = getTgt(caller, name, initLifetime);
    if (tgt == null)
        throw new GSSException(GSSException.NO_CRED, -1,
                               "Failed to find any Kerberos tgt");

    if (name == null) {
        String fullName = tgt.getClient().getName();
        name = Krb5NameElement.getInstance(fullName,
                                   Krb5MechFactory.NT_GSS_KRB5_PRINCIPAL);
    }

    return new Krb5InitCredential(name,
                                  tgt.getEncoded(),
                                  tgt.getClient(),
                                  tgt.getServer(),
                                  tgt.getSessionKey().getEncoded(),
                                  tgt.getSessionKeyType(),
                                  tgt.getFlags(),
                                  tgt.getAuthTime(),
                                  tgt.getStartTime(),
                                  tgt.getEndTime(),
                                  tgt.getRenewTill(),
                                  tgt.getClientAddresses());
}
 
Example 18
Source File: Krb5Util.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 19
Source File: Krb5Util.java    From jdk8u60 with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}
 
Example 20
Source File: Krb5Util.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
        throws KrbException, IOException {
    return new Credentials(
        kerbTicket.getEncoded(),
        kerbTicket.getClient().getName(),
        kerbTicket.getServer().getName(),
        kerbTicket.getSessionKey().getEncoded(),
        kerbTicket.getSessionKeyType(),
        kerbTicket.getFlags(),
        kerbTicket.getAuthTime(),
        kerbTicket.getStartTime(),
        kerbTicket.getEndTime(),
        kerbTicket.getRenewTill(),
        kerbTicket.getClientAddresses());
}