trunk/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java - directory-server - Git at Google

 /*
  *  Licensed to the Apache Software Foundation (ASF) under one
  *  or more contributor license agreements.  See the NOTICE file
  *  distributed with this work for additional information
  *  regarding copyright ownership.  The ASF licenses this file
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License.
  *
  */

 package org.apache.directory.server.kerberos.shared.crypto.encryption;


 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;

 import javax.security.auth.kerberos.KerberosKey;
 import javax.security.auth.kerberos.KerberosPrincipal;

 import org.apache.directory.shared.kerberos.KerberosUtils;
 import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
 import org.apache.directory.shared.kerberos.components.EncryptionKey;


 /**
  * A factory class for producing {@link KerberosKey}'s.  For a list of desired cipher
  * types, Kerberos string-to-key functions are used to derive keys for DES-, DES3-, AES-,
  * and RC4-based encryption types.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 public class KerberosKeyFactory
 {
     /** A map of default encryption types mapped to cipher names. */
     public static final Map<EncryptionType, String> DEFAULT_CIPHERS;

     static
     {
         Map<EncryptionType, String> map = new HashMap<EncryptionType, String>();

         map.put( EncryptionType.DES_CBC_MD5, "DES" );
         map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
         map.put( EncryptionType.RC4_HMAC, "ArcFourHmac" );
         map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES128" );
         map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES256" );

         DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
     }


     /**
      * Get a map of KerberosKey's for a given principal name and passphrase.  The default set
      * of encryption types is used.
      *
      * @param principalName The principal name to use for key derivation.
      * @param passPhrase The passphrase to use for key derivation.
      * @return The map of KerberosKey's.
      */
     public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase )
     {
         return getKerberosKeys( principalName, passPhrase, DEFAULT_CIPHERS.keySet() );
     }


     /**
      * Get a list of KerberosKey's for a given principal name and passphrase and list of cipher
      * types to derive keys for.
      *
      * @param principalName The principal name to use for key derivation.
      * @param passPhrase The passphrase to use for key derivation.
      * @param ciphers The set of ciphers to derive keys for.
      * @return The list of KerberosKey's.
      */
     // This will suppress PMD.EmptyCatchBlock warnings in this method
     @SuppressWarnings("PMD.EmptyCatchBlock")
     public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase,
         Set<EncryptionType> ciphers )
     {
         Map<EncryptionType, EncryptionKey> kerberosKeys = new HashMap<EncryptionType, EncryptionKey>();

         for ( EncryptionType encryptionType : ciphers )
         {
             try
             {
                 kerberosKeys.put( encryptionType, string2Key( principalName, passPhrase, encryptionType ) );
             }
             catch ( IllegalArgumentException iae )
             {
                 // Algorithm AES256 not enabled by policy.
                 // Algorithm ArcFourHmac not supported by IBM JREs.
                 // Algorithm DESede not supported by IBM JREs.
             }
         }

         return kerberosKeys;
     }


     public static EncryptionKey string2Key( String principalName, String passPhrase, EncryptionType encryptionType )
     {
         KerberosPrincipal principal = new KerberosPrincipal( principalName );
         KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(),
             KerberosUtils.getAlgoNameFromEncType( encryptionType ) );
         EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(), kerberosKey
             .getVersionNumber() );

         return encryptionKey;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/

	package org.apache.directory.server.kerberos.shared.crypto.encryption;


	import java.util.Collections;
	import java.util.HashMap;
	import java.util.Map;
	import java.util.Set;

	import javax.security.auth.kerberos.KerberosKey;
	import javax.security.auth.kerberos.KerberosPrincipal;

	import org.apache.directory.shared.kerberos.KerberosUtils;
	import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
	import org.apache.directory.shared.kerberos.components.EncryptionKey;


	/**
	* A factory class for producing {@link KerberosKey}'s. For a list of desired cipher
	* types, Kerberos string-to-key functions are used to derive keys for DES-, DES3-, AES-,
	* and RC4-based encryption types.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	public class KerberosKeyFactory
	{
	/** A map of default encryption types mapped to cipher names. */
	public static final Map<EncryptionType, String> DEFAULT_CIPHERS;

	static
	{
	Map<EncryptionType, String> map = new HashMap<EncryptionType, String>();

	map.put( EncryptionType.DES_CBC_MD5, "DES" );
	map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
	map.put( EncryptionType.RC4_HMAC, "ArcFourHmac" );
	map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES128" );
	map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES256" );

	DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
	}


	/**
	* Get a map of KerberosKey's for a given principal name and passphrase. The default set
	* of encryption types is used.
	*
	* @param principalName The principal name to use for key derivation.
	* @param passPhrase The passphrase to use for key derivation.
	* @return The map of KerberosKey's.
	*/
	public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase )
	{
	return getKerberosKeys( principalName, passPhrase, DEFAULT_CIPHERS.keySet() );
	}


	/**
	* Get a list of KerberosKey's for a given principal name and passphrase and list of cipher
	* types to derive keys for.
	*
	* @param principalName The principal name to use for key derivation.
	* @param passPhrase The passphrase to use for key derivation.
	* @param ciphers The set of ciphers to derive keys for.
	* @return The list of KerberosKey's.
	*/
	// This will suppress PMD.EmptyCatchBlock warnings in this method
	@SuppressWarnings("PMD.EmptyCatchBlock")
	public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase,
	Set<EncryptionType> ciphers )
	{
	Map<EncryptionType, EncryptionKey> kerberosKeys = new HashMap<EncryptionType, EncryptionKey>();

	for ( EncryptionType encryptionType : ciphers )
	{
	try
	{
	kerberosKeys.put( encryptionType, string2Key( principalName, passPhrase, encryptionType ) );
	}
	catch ( IllegalArgumentException iae )
	{
	// Algorithm AES256 not enabled by policy.
	// Algorithm ArcFourHmac not supported by IBM JREs.
	// Algorithm DESede not supported by IBM JREs.
	}
	}

	return kerberosKeys;
	}


	public static EncryptionKey string2Key( String principalName, String passPhrase, EncryptionType encryptionType )
	{
	KerberosPrincipal principal = new KerberosPrincipal( principalName );
	KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(),
	KerberosUtils.getAlgoNameFromEncType( encryptionType ) );
	EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(), kerberosKey
	.getVersionNumber() );

	return encryptionKey;
	}
	}