View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.kerberos.shared.io.decoder;
21  
22  
23  import java.io.IOException;
24  import java.util.Enumeration;
25  
26  import org.apache.directory.server.kerberos.shared.messages.Encodable;
27  import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPart;
28  import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPartModifier;
29  import org.apache.directory.server.kerberos.shared.messages.value.TransitedEncoding;
30  import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;
31  import org.apache.directory.server.kerberos.shared.messages.value.types.TransitedEncodingType;
32  import org.apache.directory.shared.asn1.der.ASN1InputStream;
33  import org.apache.directory.shared.asn1.der.DERApplicationSpecific;
34  import org.apache.directory.shared.asn1.der.DERBitString;
35  import org.apache.directory.shared.asn1.der.DEREncodable;
36  import org.apache.directory.shared.asn1.der.DERGeneralString;
37  import org.apache.directory.shared.asn1.der.DERGeneralizedTime;
38  import org.apache.directory.shared.asn1.der.DERInteger;
39  import org.apache.directory.shared.asn1.der.DEROctetString;
40  import org.apache.directory.shared.asn1.der.DERSequence;
41  import org.apache.directory.shared.asn1.der.DERTaggedObject;
42  
43  
44  /**
45   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
46   * @version $Rev: 591019 $, $Date: 2007-11-01 15:16:34 +0100 (Do, 01 Nov 2007) $
47   */
48  public class EncTicketPartDecoder implements Decoder, DecoderFactory
49  {
50      public Decoder getDecoder()
51      {
52          return new EncTicketPartDecoder();
53      }
54  
55  
56      public Encodable decode( byte[] encodedTicket ) throws IOException
57      {
58          ASN1InputStream ais = new ASN1InputStream( encodedTicket );
59  
60          DERApplicationSpecific app = ( DERApplicationSpecific ) ais.readObject();
61  
62          DERSequence sequence = ( DERSequence ) app.getObject();
63  
64          return decodeEncTicketPartSequence( sequence );
65      }
66  
67  
68      /*
69       -- Encrypted part of ticket
70       EncTicketPart ::=     [APPLICATION 3] SEQUENCE {
71       flags[0]             TicketFlags,
72       key[1]               EncryptionKey,
73       crealm[2]            Realm,
74       cname[3]             PrincipalName,
75       transited[4]         TransitedEncoding,
76       authtime[5]          KerberosTime,
77       starttime[6]         KerberosTime OPTIONAL,
78       endtime[7]           KerberosTime,
79       renew-till[8]        KerberosTime OPTIONAL,
80       caddr[9]             HostAddresses OPTIONAL,
81       authorization-data[10]   AuthorizationData OPTIONAL
82       }*/
83      private EncTicketPart decodeEncTicketPartSequence( DERSequence sequence )
84      {
85          EncTicketPartModifier modifier = new EncTicketPartModifier();
86  
87          for ( Enumeration<DEREncodable> e = sequence.getObjects(); e.hasMoreElements(); )
88          {
89              DERTaggedObject object = ( DERTaggedObject ) e.nextElement();
90              int tag = object.getTagNo();
91              DEREncodable derObject = object.getObject();
92  
93              switch ( tag )
94              {
95                  case 0:
96                      DERBitString tag0 = ( DERBitString ) derObject;
97                      modifier.setFlags( new TicketFlags( tag0.getOctets() ) );
98                      break;
99                      
100                 case 1:
101                     DERSequence tag1 = ( DERSequence ) derObject;
102                     modifier.setSessionKey( EncryptionKeyDecoder.decode( tag1 ) );
103                     break;
104                     
105                 case 2:
106                     DERGeneralString tag2 = ( DERGeneralString ) derObject;
107                     modifier.setClientRealm( tag2.getString() );
108                     break;
109                     
110                 case 3:
111                     DERSequence tag3 = ( DERSequence ) derObject;
112                     modifier.setClientName( PrincipalNameDecoder.decode( tag3 ) );
113                     break;
114                     
115                 case 4:
116                     DERSequence tag4 = ( DERSequence ) derObject;
117                     modifier.setTransitedEncoding( decodeTransitedEncoding( tag4 ) );
118                     break;
119                     
120                 case 5:
121                     DERGeneralizedTime tag5 = ( DERGeneralizedTime ) derObject;
122                     modifier.setAuthTime( KerberosTimeDecoder.decode( tag5 ) );
123                     break;
124                     
125                 case 6:
126                     DERGeneralizedTime tag6 = ( DERGeneralizedTime ) derObject;
127                     modifier.setStartTime( KerberosTimeDecoder.decode( tag6 ) );
128                     break;
129                     
130                 case 7:
131                     DERGeneralizedTime tag7 = ( DERGeneralizedTime ) derObject;
132                     modifier.setEndTime( KerberosTimeDecoder.decode( tag7 ) );
133                     break;
134                     
135                 case 8:
136                     DERGeneralizedTime tag8 = ( DERGeneralizedTime ) derObject;
137                     modifier.setRenewTill( KerberosTimeDecoder.decode( tag8 ) );
138                     break;
139                     
140                 case 9:
141                     DERSequence tag9 = ( DERSequence ) derObject;
142                     modifier.setClientAddresses( HostAddressDecoder.decodeSequence( tag9 ) );
143                     break;
144                     
145                 case 10:
146                     DERSequence tag10 = ( DERSequence ) derObject;
147                     modifier.setAuthorizationData( AuthorizationDataDecoder.decodeSequence( tag10 ) );
148                     break;
149             }
150         }
151         return modifier.getEncTicketPart();
152     }
153 
154 
155     /*
156      * TransitedEncoding ::= SEQUENCE {
157      *   tr-type[0] INTEGER, -- must be
158      *   registered contents[1] OCTET STRING
159      * }
160      */
161     protected TransitedEncoding decodeTransitedEncoding( DERSequence sequence )
162     {
163         TransitedEncodingType type = TransitedEncodingType.NULL;
164         byte[] contents = null;
165 
166         for ( Enumeration<DEREncodable> e = sequence.getObjects(); e.hasMoreElements(); )
167         {
168             DERTaggedObject object = ( DERTaggedObject ) e.nextElement();
169             int tag = object.getTagNo();
170             DEREncodable derObject = object.getObject();
171 
172             switch ( tag )
173             {
174                 case 0:
175                     DERInteger tag0 = ( DERInteger ) derObject;
176                     type = TransitedEncodingType.getTypeByOrdinal( tag0.intValue() );
177                     break;
178                     
179                 case 1:
180                     DEROctetString tag1 = ( DEROctetString ) derObject;
181                     contents = tag1.getOctets();
182                     break;
183             }
184         }
185 
186         return new TransitedEncoding( type, contents );
187     }
188 }