1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.kerberos.protocol;
21  
22  
23  import java.net.InetSocketAddress;
24  import java.net.SocketAddress;
25  import java.security.SecureRandom;
26  
27  import javax.security.auth.kerberos.KerberosKey;
28  import javax.security.auth.kerberos.KerberosPrincipal;
29  
30  import junit.framework.TestCase;
31  
32  import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
33  import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
34  import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
35  import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedDataEncoder;
36  import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
37  import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
38  import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
39  import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
40  import org.apache.directory.server.kerberos.shared.messages.value.PaData;
41  import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName;
42  import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType;
43  import org.apache.directory.server.kerberos.shared.messages.value.types.PrincipalNameType;
44  import org.apache.mina.common.IoFilterChain;
45  import org.apache.mina.common.IoHandler;
46  import org.apache.mina.common.IoService;
47  import org.apache.mina.common.IoServiceConfig;
48  import org.apache.mina.common.IoSessionConfig;
49  import org.apache.mina.common.TransportType;
50  import org.apache.mina.common.WriteFuture;
51  import org.apache.mina.common.support.BaseIoSession;
52  
53  
54  /**
55   * Abstract base class for Authentication Service (AS) tests, with utility methods
56   * for generating message components.
57   * 
58   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
59   * @version $Rev$, $Date$
60   */
61  public abstract class AbstractAuthenticationServiceTest extends TestCase
62  {
63      protected CipherTextHandler lockBox;
64      protected static final SecureRandom random = new SecureRandom();
65  
66  
67      protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, String passPhrase )
68          throws Exception
69      {
70          KerberosTime timeStamp = new KerberosTime();
71  
72          return getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp );
73      }
74  
75  
76      protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal,
77          String passPhrase, KerberosTime timeStamp ) throws Exception
78      {
79          PaData[] paData = new PaData[1];
80  
81          EncryptedTimeStamp encryptedTimeStamp = new EncryptedTimeStamp( timeStamp, 0 );
82  
83          EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );
84  
85          EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.NUMBER1 );
86  
87          byte[] encodedEncryptedData = EncryptedDataEncoder.encode( encryptedData );
88  
89          PaData preAuth = new PaData();
90          preAuth.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
91          preAuth.setPaDataValue( encodedEncryptedData );
92  
93          paData[0] = preAuth;
94  
95          return paData;
96      }
97  
98  
99      protected PrincipalName getPrincipalName( String name )
100     {
101         PrincipalName principalName = new PrincipalName();
102         principalName.addName( name );
103         principalName.setNameType( PrincipalNameType.KRB_NT_PRINCIPAL );
104 
105         return principalName;
106     }
107 
108 
109     /**
110      * Returns an encryption key derived from a principal name and passphrase.
111      *
112      * @param principal
113      * @param passPhrase
114      * @return The server's {@link EncryptionKey}.
115      */
116     protected EncryptionKey getEncryptionKey( KerberosPrincipal principal, String passPhrase )
117     {
118         KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), "DES" );
119         byte[] keyBytes = kerberosKey.getEncoded();
120         EncryptionKey key = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes );
121 
122         return key;
123     }
124 
125     protected static class DummySession extends BaseIoSession
126     {
127         Object message;
128 
129 
130         @Override
131         public WriteFuture write( Object message )
132         {
133             this.message = message;
134 
135             return super.write( message );
136         }
137 
138 
139         protected Object getMessage()
140         {
141             return message;
142         }
143 
144 
145         protected void updateTrafficMask()
146         {
147             // Do nothing.
148         }
149 
150 
151         public IoService getService()
152         {
153             return null;
154         }
155 
156 
157         public IoHandler getHandler()
158         {
159             return null;
160         }
161 
162 
163         public IoFilterChain getFilterChain()
164         {
165             return null;
166         }
167 
168 
169         public TransportType getTransportType()
170         {
171             return null;
172         }
173 
174 
175         public SocketAddress getRemoteAddress()
176         {
177             return new InetSocketAddress( 10088 );
178         }
179 
180 
181         public SocketAddress getLocalAddress()
182         {
183             return null;
184         }
185 
186 
187         public IoSessionConfig getConfig()
188         {
189             return null;
190         }
191 
192 
193         public int getScheduledWriteRequests()
194         {
195             return 0;
196         }
197 
198 
199         public SocketAddress getServiceAddress()
200         {
201             return null;
202         }
203 
204 
205         public IoServiceConfig getServiceConfig()
206         {
207             return null;
208         }
209 
210 
211         public int getScheduledWriteBytes()
212         {
213             return 0;
214         }
215     }
216 }