| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| * |
| */ |
| package org.apache.directory.server.kerberos.protocol; |
| |
| |
| import java.net.InetSocketAddress; |
| import java.net.SocketAddress; |
| import java.security.SecureRandom; |
| |
| import javax.security.auth.kerberos.KerberosKey; |
| import javax.security.auth.kerberos.KerberosPrincipal; |
| |
| import junit.framework.TestCase; |
| |
| import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler; |
| import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType; |
| import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage; |
| import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedDataEncoder; |
| import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData; |
| import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp; |
| import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey; |
| import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime; |
| import org.apache.directory.server.kerberos.shared.messages.value.PaData; |
| import org.apache.directory.server.kerberos.shared.messages.value.PrincipalName; |
| import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType; |
| import org.apache.directory.server.kerberos.shared.messages.value.types.PrincipalNameType; |
| import org.apache.mina.common.IoFilterChain; |
| import org.apache.mina.common.IoHandler; |
| import org.apache.mina.common.IoService; |
| import org.apache.mina.common.IoServiceConfig; |
| import org.apache.mina.common.IoSessionConfig; |
| import org.apache.mina.common.TransportType; |
| import org.apache.mina.common.WriteFuture; |
| import org.apache.mina.common.support.BaseIoSession; |
| |
| |
| /** |
| * Abstract base class for Authentication Service (AS) tests, with utility methods |
| * for generating message components. |
| * |
| * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> |
| * @version $Rev$, $Date$ |
| */ |
| public abstract class AbstractAuthenticationServiceTest extends TestCase |
| { |
| protected CipherTextHandler lockBox; |
| protected static final SecureRandom random = new SecureRandom(); |
| |
| |
| protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, String passPhrase ) |
| throws Exception |
| { |
| KerberosTime timeStamp = new KerberosTime(); |
| |
| return getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp ); |
| } |
| |
| |
| protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, |
| String passPhrase, KerberosTime timeStamp ) throws Exception |
| { |
| PaData[] paData = new PaData[1]; |
| |
| EncryptedTimeStamp encryptedTimeStamp = new EncryptedTimeStamp( timeStamp, 0 ); |
| |
| EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase ); |
| |
| EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.NUMBER1 ); |
| |
| byte[] encodedEncryptedData = EncryptedDataEncoder.encode( encryptedData ); |
| |
| PaData preAuth = new PaData(); |
| preAuth.setPaDataType( PaDataType.PA_ENC_TIMESTAMP ); |
| preAuth.setPaDataValue( encodedEncryptedData ); |
| |
| paData[0] = preAuth; |
| |
| return paData; |
| } |
| |
| |
| protected PrincipalName getPrincipalName( String name ) |
| { |
| PrincipalName principalName = new PrincipalName(); |
| principalName.addName( name ); |
| principalName.setNameType( PrincipalNameType.KRB_NT_PRINCIPAL ); |
| |
| return principalName; |
| } |
| |
| |
| /** |
| * Returns an encryption key derived from a principal name and passphrase. |
| * |
| * @param principal |
| * @param passPhrase |
| * @return The server's {@link EncryptionKey}. |
| */ |
| protected EncryptionKey getEncryptionKey( KerberosPrincipal principal, String passPhrase ) |
| { |
| KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), "DES" ); |
| byte[] keyBytes = kerberosKey.getEncoded(); |
| EncryptionKey key = new EncryptionKey( EncryptionType.DES_CBC_MD5, keyBytes ); |
| |
| return key; |
| } |
| |
| protected static class DummySession extends BaseIoSession |
| { |
| Object message; |
| |
| |
| @Override |
| public WriteFuture write( Object message ) |
| { |
| this.message = message; |
| |
| return super.write( message ); |
| } |
| |
| |
| protected Object getMessage() |
| { |
| return message; |
| } |
| |
| |
| protected void updateTrafficMask() |
| { |
| // Do nothing. |
| } |
| |
| |
| public IoService getService() |
| { |
| return null; |
| } |
| |
| |
| public IoHandler getHandler() |
| { |
| return null; |
| } |
| |
| |
| public IoFilterChain getFilterChain() |
| { |
| return null; |
| } |
| |
| |
| public TransportType getTransportType() |
| { |
| return null; |
| } |
| |
| |
| public SocketAddress getRemoteAddress() |
| { |
| return new InetSocketAddress( 10088 ); |
| } |
| |
| |
| public SocketAddress getLocalAddress() |
| { |
| return null; |
| } |
| |
| |
| public IoSessionConfig getConfig() |
| { |
| return null; |
| } |
| |
| |
| public int getScheduledWriteRequests() |
| { |
| return 0; |
| } |
| |
| |
| public SocketAddress getServiceAddress() |
| { |
| return null; |
| } |
| |
| |
| public IoServiceConfig getServiceConfig() |
| { |
| return null; |
| } |
| |
| |
| public int getScheduledWriteBytes() |
| { |
| return 0; |
| } |
| } |
| } |