sun.security.krb5.KrbException Java Examples
The following examples show how to use
sun.security.krb5.KrbException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source Project: jdk8u_jdk Author: JetBrains File: Krb5Util.java License: GNU General Public License v2.0 | 6 votes |
|
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
throws KrbException, IOException {
KerberosPrincipal clientAlias = KerberosSecrets
.getJavaxSecurityAuthKerberosAccess()
.kerberosTicketGetClientAlias(kerbTicket);
KerberosPrincipal serverAlias = KerberosSecrets
.getJavaxSecurityAuthKerberosAccess()
.kerberosTicketGetServerAlias(kerbTicket);
return new Credentials(
kerbTicket.getEncoded(),
kerbTicket.getClient().getName(),
(clientAlias != null ? clientAlias.getName() : null),
kerbTicket.getServer().getName(),
(serverAlias != null ? serverAlias.getName() : null),
kerbTicket.getSessionKey().getEncoded(),
kerbTicket.getSessionKeyType(),
kerbTicket.getFlags(),
kerbTicket.getAuthTime(),
kerbTicket.getStartTime(),
kerbTicket.getEndTime(),
kerbTicket.getRenewTill(),
kerbTicket.getClientAddresses());
}
Example #2
| Source Project: jdk8u-jdk Author: lambdalab-mirror File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #3
| Source Project: hottub Author: dsrg-uoft File: EType.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Retrieves the default etypes from the configuration file, or
* if that's not available, return the built-in list of default etypes.
* This result is always non-empty. If no etypes are found,
* an exception is thrown.
*/
public static int[] getDefaults(String configName)
throws KrbException {
Config config = null;
try {
config = Config.getInstance();
} catch (KrbException exc) {
if (DEBUG) {
System.out.println("Exception while getting " +
configName + exc.getMessage());
System.out.println("Using default builtin etypes");
}
return getBuiltInDefaults();
}
return config.defaultEtype(configName);
}
Example #4
| Source Project: hottub Author: dsrg-uoft File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #5
| Source Project: dragonwell8_jdk Author: alibaba File: EType.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Retrieves the default etypes from the configuration file, or
* if that's not available, return the built-in list of default etypes.
* This result is always non-empty. If no etypes are found,
* an exception is thrown.
*/
public static int[] getDefaults(String configName)
throws KrbException {
Config config = null;
try {
config = Config.getInstance();
} catch (KrbException exc) {
if (DEBUG) {
System.out.println("Exception while getting " +
configName + exc.getMessage());
System.out.println("Using default builtin etypes");
}
return getBuiltInDefaults();
}
return config.defaultEtype(configName);
}
Example #6
| Source Project: dragonwell8_jdk Author: alibaba File: DNS.java License: GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
System.setProperty("java.security.krb5.conf",
System.getProperty("test.src", ".") +"/no-such-file.conf");
Config config = Config.getInstance();
try {
String r = config.getDefaultRealm();
throw new Exception("What? There is a default realm " + r + "?");
} catch (KrbException ke) {
ke.printStackTrace();
if (ke.getCause() != null) {
throw new Exception("There should be no cause. Won't try DNS");
}
}
String kdcs = config.getKDCList("X");
if (!kdcs.equals("a.com.:88 b.com.:99") &&
!kdcs.equals("a.com. b.com.:99")) {
throw new Exception("Strange KDC: [" + kdcs + "]");
};
}
Example #7
| Source Project: TencentKona-8 Author: Tencent File: Krb5ProxyCredential.java License: GNU General Public License v2.0 | 6 votes |
|
static Krb5CredElement tryImpersonation(GSSCaller caller,
Krb5InitCredential initiator) throws GSSException {
try {
KerberosTicket proxy = initiator.proxyTicket;
if (proxy != null) {
Credentials proxyCreds = Krb5Util.ticketToCreds(proxy);
return new Krb5ProxyCredential(initiator,
Krb5NameElement.getInstance(proxyCreds.getClient()),
proxyCreds.getTicket());
} else {
return initiator;
}
} catch (KrbException | IOException e) {
throw new GSSException(GSSException.DEFECTIVE_CREDENTIAL, -1,
"Cannot create proxy credential");
}
}
Example #8
| Source Project: TencentKona-8 Author: Tencent File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #9
| Source Project: TencentKona-8 Author: Tencent File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #10
| Source Project: TencentKona-8 Author: Tencent File: HostAddresses.java License: GNU General Public License v2.0 | 6 votes |
|
public HostAddresses(PrincipalName serverPrincipal)
throws UnknownHostException, KrbException {
String[] components = serverPrincipal.getNameStrings();
if (serverPrincipal.getNameType() != PrincipalName.KRB_NT_SRV_HST ||
components.length < 2)
throw new KrbException(Krb5.KRB_ERR_GENERIC, "Bad name");
String host = components[1];
InetAddress addr[] = InetAddress.getAllByName(host);
HostAddress hAddrs[] = new HostAddress[addr.length];
for (int i = 0; i < addr.length; i++) {
hAddrs[i] = new HostAddress(addr[i]);
}
addresses = hAddrs;
}
Example #11
| Source Project: openjdk-8 Author: bpupadhyaya File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #12
| Source Project: jdk8u-jdk Author: lambdalab-mirror File: EType.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Retrieves the default etypes from the configuration file, or
* if that's not available, return the built-in list of default etypes.
* This result is always non-empty. If no etypes are found,
* an exception is thrown.
*/
public static int[] getDefaults(String configName)
throws KrbException {
Config config = null;
try {
config = Config.getInstance();
} catch (KrbException exc) {
if (DEBUG) {
System.out.println("Exception while getting " +
configName + exc.getMessage());
System.out.println("Using default builtin etypes");
}
return getBuiltInDefaults();
}
return config.defaultEtype(configName);
}
Example #13
| Source Project: TencentKona-8 Author: Tencent File: BasicKrb5Test.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* @param args empty or etype
*/
public static void main(String[] args)
throws Exception {
String etype = null;
for (String arg: args) {
if (arg.equals("-s")) Context.usingStream = true;
else if (arg.equals("-C")) conf = false;
else etype = arg;
}
// Creates and starts the KDC. This line must be put ahead of etype check
// since the check needs a krb5.conf.
try {
new OneKDC(etype).writeJAASConf();
} catch (KrbException ke) {
System.out.println("Testing etype " + etype + "Not supported.");
return;
}
new BasicKrb5Test().go(OneKDC.SERVER, OneKDC.BACKEND);
}
Example #14
| Source Project: openjdk-8-source Author: keerath File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #15
| Source Project: jdk8u_jdk Author: JetBrains File: Krb5ProxyCredential.java License: GNU General Public License v2.0 | 6 votes |
|
static Krb5CredElement tryImpersonation(GSSCaller caller,
Krb5InitCredential initiator) throws GSSException {
try {
KerberosTicket proxy = initiator.proxyTicket;
if (proxy != null) {
Credentials proxyCreds = Krb5Util.ticketToCreds(proxy);
return new Krb5ProxyCredential(initiator,
Krb5NameElement.getInstance(proxyCreds.getClient()),
proxyCreds.getTicket());
} else {
return initiator;
}
} catch (KrbException | IOException e) {
throw new GSSException(GSSException.DEFECTIVE_CREDENTIAL, -1,
"Cannot create proxy credential");
}
}
Example #16
| Source Project: jdk8u60 Author: chenghanpeng File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #17
| Source Project: jdk8u60 Author: chenghanpeng File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #18
| Source Project: openjdk-8 Author: bpupadhyaya File: EType.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Retrieves the default etypes from the configuration file, or
* if that's not available, return the built-in list of default etypes.
* This result is always non-empty. If no etypes are found,
* an exception is thrown.
*/
public static int[] getDefaults(String configName)
throws KrbException {
Config config = null;
try {
config = Config.getInstance();
} catch (KrbException exc) {
if (DEBUG) {
System.out.println("Exception while getting " +
configName + exc.getMessage());
System.out.println("Using default builtin etypes");
}
return getBuiltInDefaults();
}
return config.defaultEtype(configName);
}
Example #19
| Source Project: jdk8u_jdk Author: JetBrains File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #20
| Source Project: jdk8u60 Author: chenghanpeng File: DNS.java License: GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
System.setProperty("java.security.krb5.conf",
System.getProperty("test.src", ".") +"/no-such-file.conf");
Config config = Config.getInstance();
try {
String r = config.getDefaultRealm();
throw new Exception("What? There is a default realm " + r + "?");
} catch (KrbException ke) {
ke.printStackTrace();
if (ke.getCause() != null) {
throw new Exception("There should be no cause. Won't try DNS");
}
}
String kdcs = config.getKDCList("X");
if (!kdcs.equals("a.com.:88 b.com.:99") &&
!kdcs.equals("a.com. b.com.:99")) {
throw new Exception("Strange KDC: [" + kdcs + "]");
};
}
Example #21
| Source Project: jdk8u-jdk Author: lambdalab-mirror File: DNS.java License: GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
System.setProperty("java.security.krb5.conf",
System.getProperty("test.src", ".") +"/no-such-file.conf");
Config config = Config.getInstance();
try {
String r = config.getDefaultRealm();
throw new Exception("What? There is a default realm " + r + "?");
} catch (KrbException ke) {
ke.printStackTrace();
if (ke.getCause() != null) {
throw new Exception("There should be no cause. Won't try DNS");
}
}
String kdcs = config.getKDCList("X");
if (!kdcs.equals("a.com.:88 b.com.:99") &&
!kdcs.equals("a.com. b.com.:99")) {
throw new Exception("Strange KDC: [" + kdcs + "]");
};
}
Example #22
| Source Project: openjdk-jdk8u Author: AdoptOpenJDK File: Krb5ProxyCredential.java License: GNU General Public License v2.0 | 6 votes |
|
static Krb5CredElement tryImpersonation(GSSCaller caller,
Krb5InitCredential initiator) throws GSSException {
try {
KerberosTicket proxy = initiator.proxyTicket;
if (proxy != null) {
Credentials proxyCreds = Krb5Util.ticketToCreds(proxy);
return new Krb5ProxyCredential(initiator,
Krb5NameElement.getInstance(proxyCreds.getClient()),
proxyCreds.getTicket());
} else {
return initiator;
}
} catch (KrbException | IOException e) {
throw new GSSException(GSSException.DEFECTIVE_CREDENTIAL, -1,
"Cannot create proxy credential");
}
}
Example #23
| Source Project: openjdk-jdk8u Author: AdoptOpenJDK File: Krb5Util.java License: GNU General Public License v2.0 | 6 votes |
|
public static Credentials ticketToCreds(KerberosTicket kerbTicket)
throws KrbException, IOException {
KerberosPrincipal clientAlias = KerberosSecrets
.getJavaxSecurityAuthKerberosAccess()
.kerberosTicketGetClientAlias(kerbTicket);
KerberosPrincipal serverAlias = KerberosSecrets
.getJavaxSecurityAuthKerberosAccess()
.kerberosTicketGetServerAlias(kerbTicket);
return new Credentials(
kerbTicket.getEncoded(),
kerbTicket.getClient().getName(),
(clientAlias != null ? clientAlias.getName() : null),
kerbTicket.getServer().getName(),
(serverAlias != null ? serverAlias.getName() : null),
kerbTicket.getSessionKey().getEncoded(),
kerbTicket.getSessionKeyType(),
kerbTicket.getFlags(),
kerbTicket.getAuthTime(),
kerbTicket.getStartTime(),
kerbTicket.getEndTime(),
kerbTicket.getRenewTill(),
kerbTicket.getClientAddresses());
}
Example #24
| Source Project: openjdk-jdk8u Author: AdoptOpenJDK File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #25
| Source Project: jdk8u_jdk Author: JetBrains File: BasicKrb5Test.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* @param args empty or etype
*/
public static void main(String[] args)
throws Exception {
String etype = null;
for (String arg: args) {
if (arg.equals("-s")) Context.usingStream = true;
else if (arg.equals("-C")) conf = false;
else etype = arg;
}
// Creates and starts the KDC. This line must be put ahead of etype check
// since the check needs a krb5.conf.
try {
new OneKDC(etype).writeJAASConf();
} catch (KrbException ke) {
System.out.println("Testing etype " + etype + "Not supported.");
return;
}
new BasicKrb5Test().go(OneKDC.SERVER, OneKDC.BACKEND);
}
Example #26
| Source Project: openjdk-8 Author: bpupadhyaya File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #27
| Source Project: jdk8u_jdk Author: JetBrains File: HostAddresses.java License: GNU General Public License v2.0 | 6 votes |
|
public HostAddresses(PrincipalName serverPrincipal)
throws UnknownHostException, KrbException {
String[] components = serverPrincipal.getNameStrings();
if (serverPrincipal.getNameType() != PrincipalName.KRB_NT_SRV_HST ||
components.length < 2)
throw new KrbException(Krb5.KRB_ERR_GENERIC, "Bad name");
String host = components[1];
InetAddress addr[] = InetAddress.getAllByName(host);
HostAddress hAddrs[] = new HostAddress[addr.length];
for (int i = 0; i < addr.length; i++) {
hAddrs[i] = new HostAddress(addr[i]);
}
addresses = hAddrs;
}
Example #28
| Source Project: openjdk-jdk8u-backup Author: AdoptOpenJDK File: KerberosPreMasterSecret.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Constructor used by client to generate premaster secret.
*
* Client randomly creates a pre-master secret and encrypts it
* using the Kerberos session key; only the server can decrypt
* it, using the session key available in the service ticket.
*
* @param protocolVersion used to set preMaster[0,1]
* @param generator random number generator for generating premaster secret
* @param sessionKey Kerberos session key for encrypting premaster secret
*/
KerberosPreMasterSecret(ProtocolVersion protocolVersion,
SecureRandom generator, EncryptionKey sessionKey) throws IOException {
if (sessionKey.getEType() ==
EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD) {
throw new IOException(
"session keys with des3-cbc-hmac-sha1-kd encryption type " +
"are not supported for TLS Kerberos cipher suites");
}
this.protocolVersion = protocolVersion;
preMaster = generatePreMaster(generator, protocolVersion);
// Encrypt premaster secret
try {
EncryptedData eData = new EncryptedData(sessionKey, preMaster,
KeyUsage.KU_UNKNOWN);
encrypted = eData.getBytes(); // not ASN.1 encoded.
} catch (KrbException e) {
throw (SSLKeyException)new SSLKeyException
("Kerberos premaster secret error").initCause(e);
}
}
Example #29
| Source Project: openjdk-jdk8u-backup Author: AdoptOpenJDK File: KerberosTime.java License: GNU General Public License v2.0 | 6 votes |
|
public static int getDefaultSkew() {
int tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
try {
if ((tdiff = Config.getInstance().getIntValue(
"libdefaults", "clockskew"))
== Integer.MIN_VALUE) { //value is not defined
tdiff = Krb5.DEFAULT_ALLOWABLE_CLOCKSKEW;
}
} catch (KrbException e) {
if (DEBUG) {
System.out.println("Exception in getting clockskew from " +
"Configuration " +
"using default value " +
e.getMessage());
}
}
return tdiff;
}
Example #30
| Source Project: openjdk-jdk8u-backup Author: AdoptOpenJDK File: CksumType.java License: GNU General Public License v2.0 | 6 votes |
|
/**
* Returns default checksum type.
*/
public static CksumType getInstance() throws KdcErrException {
// this method provided for Kerberos applications.
int cksumType = Checksum.CKSUMTYPE_RSA_MD5; // default
try {
Config c = Config.getInstance();
if ((cksumType = (Config.getType(c.get("libdefaults",
"ap_req_checksum_type")))) == - 1) {
if ((cksumType = Config.getType(c.get("libdefaults",
"checksum_type"))) == -1) {
cksumType = Checksum.CKSUMTYPE_RSA_MD5; // default
}
}
} catch (KrbException e) {
}
return getInstance(cksumType);
}
