View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.kerberos.shared.io.decoder;
21  
22  
23  import java.io.IOException;
24  import java.nio.ByteBuffer;
25  import java.util.Enumeration;
26  
27  import javax.security.auth.kerberos.KerberosPrincipal;
28  
29  import org.apache.directory.server.kerberos.shared.KerberosMessageType;
30  import org.apache.directory.server.kerberos.shared.messages.KdcReply;
31  import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
32  import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
33  import org.apache.directory.server.kerberos.shared.messages.value.KerberosPrincipalModifier;
34  import org.apache.directory.server.kerberos.shared.messages.value.PaData;
35  import org.apache.directory.shared.asn1.der.ASN1InputStream;
36  import org.apache.directory.shared.asn1.der.DERApplicationSpecific;
37  import org.apache.directory.shared.asn1.der.DEREncodable;
38  import org.apache.directory.shared.asn1.der.DERGeneralString;
39  import org.apache.directory.shared.asn1.der.DERInteger;
40  import org.apache.directory.shared.asn1.der.DERSequence;
41  import org.apache.directory.shared.asn1.der.DERTaggedObject;
42  
43  
44  /**
45   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
46   * @version $Rev: 540371 $, $Date: 2007-05-21 17:00:43 -0700 (Mon, 21 May 2007) $
47   */
48  public class KdcReplyDecoder
49  {
50      /**
51       * Decodes a {@link ByteBuffer} into a {@link KdcReply}.
52       * 
53       * AS-REP ::=    [APPLICATION 11] KDC-REP
54       * TGS-REP ::=   [APPLICATION 13] KDC-REP
55       *
56       * @param in
57       * @return The {@link KdcReply}.
58       * @throws IOException
59       */
60      public KdcReply decode( ByteBuffer in ) throws IOException
61      {
62          ASN1InputStream ais = new ASN1InputStream( in );
63  
64          DERApplicationSpecific app = ( DERApplicationSpecific ) ais.readObject();
65  
66          DERSequence kdcreq = ( DERSequence ) app.getObject();
67  
68          return decodeKdcReplySequence( kdcreq );
69      }
70  
71  
72      /*
73       KDC-REP ::=   SEQUENCE {
74       pvno[0]                    INTEGER,
75       msg-type[1]                INTEGER,
76       padata[2]                  SEQUENCE OF PA-DATA OPTIONAL,
77       crealm[3]                  Realm,
78       cname[4]                   PrincipalName,
79       ticket[5]                  Ticket,
80       enc-part[6]                EncryptedData
81       }*/
82      private KdcReply decodeKdcReplySequence( DERSequence sequence ) throws IOException
83      {
84          KerberosMessageType msgType = null;
85          PaData[] paData = null;
86          Ticket ticket = null;
87          EncryptedData encPart = null;
88  
89          KerberosPrincipalModifier modifier = new KerberosPrincipalModifier();
90  
91          for ( Enumeration<DEREncodable> e = sequence.getObjects(); e.hasMoreElements(); )
92          {
93              DERTaggedObject object = ( DERTaggedObject ) e.nextElement();
94              int tag = object.getTagNo();
95              DEREncodable derObject = object.getObject();
96  
97              switch ( tag )
98              {
99                  case 0:
100                     // DERInteger tag0 = ( DERInteger ) derObject;
101                     // int pvno = tag0.intValue();
102                     break;
103                     
104                 case 1:
105                     DERInteger tag1 = ( DERInteger ) derObject;
106                     msgType = KerberosMessageType.getTypeByOrdinal( tag1.intValue() );
107                     break;
108                     
109                 case 2:
110                     DERSequence tag2 = ( DERSequence ) derObject;
111                     paData = PreAuthenticationDataDecoder.decodeSequence( tag2 );
112                     break;
113                     
114                 case 3:
115                     DERGeneralString tag3 = ( DERGeneralString ) derObject;
116                     modifier.setRealm( tag3.getString() );
117                     break;
118                     
119                 case 4:
120                     DERSequence tag4 = ( DERSequence ) derObject;
121                     modifier.setPrincipalName( PrincipalNameDecoder.decode( tag4 ) );
122                     break;
123                     
124                 case 5:
125                     DERApplicationSpecific tag5 = ( DERApplicationSpecific ) derObject;
126                     ticket = TicketDecoder.decode( tag5 );
127                     break;
128                     
129                 case 6:
130                     DERSequence tag6 = ( DERSequence ) derObject;
131                     encPart = ( EncryptedDataDecoder.decode( tag6 ) );
132                     break;
133             }
134         }
135 
136         KerberosPrincipal clientPrincipal = modifier.getKerberosPrincipal();
137 
138         return new KdcReply( paData, clientPrincipal, ticket, encPart, msgType );
139     }
140 }