DIRKRB-509 Add SupportedKDFs in AuthPack.
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/AuthPack.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/AuthPack.java
index a51499b..1e3e4fa 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/AuthPack.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/AuthPack.java
@@ -40,7 +40,8 @@
PK_AUTHENTICATOR,
CLIENT_PUBLIC_VALUE,
SUPPORTED_CMS_TYPES,
- CLIENT_DH_NONCE;
+ CLIENT_DH_NONCE,
+ SUPPORTED_KDFS;
@Override
public int getValue() {
@@ -57,7 +58,8 @@
new ExplicitField(PK_AUTHENTICATOR, PkAuthenticator.class),
new ExplicitField(CLIENT_PUBLIC_VALUE, SubjectPublicKeyInfo.class),
new ExplicitField(SUPPORTED_CMS_TYPES, AlgorithmIdentifiers.class),
- new ExplicitField(CLIENT_DH_NONCE, DHNonce.class)
+ new ExplicitField(CLIENT_DH_NONCE, DHNonce.class),
+ new ExplicitField(SUPPORTED_KDFS, SupportedKDFs.class)
};
public AuthPack() {
@@ -95,4 +97,12 @@
public void setClientDhNonce(DHNonce dhNonce) {
setFieldAs(CLIENT_DH_NONCE, dhNonce);
}
+
+ public SupportedKDFs getsupportedKDFs() {
+ return getFieldAs(SUPPORTED_KDFS, SupportedKDFs.class);
+ }
+
+ public void setsupportedKDFs(SupportedKDFs supportedKDFs) {
+ setFieldAs(SUPPORTED_KDFS, supportedKDFs);
+ }
}
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/SupportedKDFs.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/SupportedKDFs.java
new file mode 100644
index 0000000..2d1e654
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/pkinit/SupportedKDFs.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.pa.pkinit;
+
+import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceOfType;
+
+public class SupportedKDFs extends KrbSequenceOfType<Asn1ObjectIdentifier> {
+}
diff --git a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java
index 8a67c6e..8f8baed 100644
--- a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java
+++ b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/TestPkinitAnonymousAsReqCodec.java
@@ -31,10 +31,14 @@
import org.apache.kerby.kerberos.kerb.type.pa.PaData;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataEntry;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataType;
+import org.apache.kerby.kerberos.kerb.type.pa.pkinit.AuthPack;
import org.apache.kerby.kerberos.kerb.type.pa.pkinit.PaPkAsReq;
+import org.apache.kerby.x509.type.DHParameter;
+import org.apache.kerby.x509.type.SubjectPublicKeyInfo;
import org.junit.Test;
import java.io.IOException;
+import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.text.ParseException;
import java.util.Arrays;
@@ -114,6 +118,29 @@
SignedData signedData = contentInfo.getContentAs(SignedData.class);
assertThat(signedData.getCertificates().getElements().isEmpty()).isEqualTo(true);
- assertThat(signedData.getEncapContentInfo().getContentType().getValue()).isEqualTo("1.3.6.1.5.2.3.1");
+ assertThat(signedData.getEncapContentInfo().getContentType().getValue())
+ .isEqualTo("1.3.6.1.5.2.3.1");
+
+ AuthPack authPack = new AuthPack();
+ Asn1.parseAndDump(signedData.getEncapContentInfo().getContent());
+ authPack.decode(signedData.getEncapContentInfo().getContent());
+ assertThat(authPack.getsupportedCmsTypes().getElements().size()).isEqualTo(1);
+ assertThat(authPack.getsupportedCmsTypes().getElements().get(0).getAlgorithm().getValue())
+ .isEqualTo("1.2.840.113549.3.7");
+ SubjectPublicKeyInfo subjectPublicKeyInfo = authPack.getClientPublicValue();
+ assertThat(subjectPublicKeyInfo.getAlgorithm().getAlgorithm().getValue())
+ .isEqualTo("1.2.840.10046.2.1");
+ DHParameter dhParameter = subjectPublicKeyInfo.getAlgorithm().getParametersAs(DHParameter.class);
+ assertThat(dhParameter.getG()).isEqualTo(BigInteger.valueOf(2));
+
+ assertThat(authPack.getsupportedKDFs().getElements().size()).isEqualTo(3);
+
+ //TO BE FIXED
+// assertThat(authPack.getsupportedKDFs().getElements().get(0).getValue())
+// .isEqualTo("1.3.6.1.5.2.3.6.2");
+// assertThat(authPack.getsupportedKDFs().getElements().get(1).getValue())
+// .isEqualTo("1.3.6.1.5.2.3.6.1");
+// assertThat(authPack.getsupportedKDFs().getElements().get(2).getValue())
+// .isEqualTo("1.3.6.1.5.2.3.6.3");
}
}
