1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.apache.directory.server.kerberos.shared.crypto.encryption;
22
23
24 import java.util.Collections;
25 import java.util.HashMap;
26 import java.util.Iterator;
27 import java.util.Map;
28 import java.util.Set;
29
30 import javax.security.auth.kerberos.KerberosKey;
31 import javax.security.auth.kerberos.KerberosPrincipal;
32
33 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
34
35
36
37
38
39
40
41
42
43
44 public class KerberosKeyFactory
45 {
46
47 private static final Map<EncryptionType, String> DEFAULT_CIPHERS;
48
49 static
50 {
51 Map<EncryptionType, String> map = new HashMap<EncryptionType, String>();
52
53 map.put( EncryptionType.DES_CBC_MD5, "DES" );
54 map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
55 map.put( EncryptionType.RC4_HMAC, "ArcFourHmac" );
56 map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES128" );
57 map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES256" );
58
59 DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
60 }
61
62
63
64
65
66
67
68
69
70
71 public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase )
72 {
73 return getKerberosKeys( principalName, passPhrase, DEFAULT_CIPHERS.keySet() );
74 }
75
76
77
78
79
80
81
82
83
84
85
86 public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase,
87 Set<EncryptionType> ciphers )
88 {
89 KerberosPrincipal principal = new KerberosPrincipal( principalName );
90 Map<EncryptionType, EncryptionKey> kerberosKeys = new HashMap<EncryptionType, EncryptionKey>();
91
92 Iterator<EncryptionType> it = ciphers.iterator();
93 while ( it.hasNext() )
94 {
95 EncryptionType encryptionType = it.next();
96 String algorithm = DEFAULT_CIPHERS.get( encryptionType );
97
98 try
99 {
100 KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), algorithm );
101 EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(), kerberosKey
102 .getVersionNumber() );
103
104 kerberosKeys.put( encryptionType, encryptionKey );
105 }
106 catch ( IllegalArgumentException iae )
107 {
108
109
110
111 }
112 }
113
114 return kerberosKeys;
115 }
116 }