Google Git
Sign in
apache / directory-server / refs/heads/apacheds-kerberos / . / kerberos-shared / src / main / java / org / apache / directory / server / kerberos / shared / messages / value / EncryptedData.java
blob: 42a799f2b8577dc5ab806c39fbf18834ac40b9c1 [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.server.kerberos.shared.messages.value;
import java.nio.BufferOverflowException;
import java.nio.ByteBuffer;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.shared.asn1.AbstractAsn1Object;
import org.apache.directory.shared.asn1.ber.tlv.TLV;
import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
import org.apache.directory.shared.asn1.ber.tlv.Value;
import org.apache.directory.shared.asn1.codec.EncoderException;
import org.apache.directory.shared.ldap.util.StringTools;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* A structure storing an encrypted data element. The ASN.1 grammar is :
*
* EncryptedData ::= SEQUENCE {
* etype [0] Int32 -- EncryptionType --,
* kvno [1] UInt32 OPTIONAL,
* cipher [2] OCTET STRING -- ciphertext
* }
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public class EncryptedData extends AbstractAsn1Object
{
/** The logger */
private static final Logger log = LoggerFactory.getLogger( EncryptedData.class );
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
/** The used encryption algorithm */
private EncryptionType eType;
/** Version number of the key under which data is encrypted */
private int kvno;
/** A flag used to tell if a kvno has been added, as the kvno is optional. */
private boolean hasKvno;
/** The field containing the enciphered text */
private byte[] cipher;
/** A constant used when the key is not present */
public static final boolean HAS_KVNO = true;
// Storage for computed lengths
private transient int eTypeTagLength;
private transient int kvnoTagLength;
private transient int cipherTagLength;
private transient int encryptedDataSeqLength;
/**
* Creates a new instance of EncryptedData.
*/
public EncryptedData()
{
hasKvno = !HAS_KVNO;
}
/**
* Creates a new instance of EncryptedData.
*
* @param etype The encription algorithm
* @param kvno The key version
* @param cipher the encrypted text
*/
public EncryptedData( EncryptionType eType, int kvno, byte[] cipher )
{
this.eType = eType;
this.hasKvno = kvno > 0;
this.kvno = kvno;
this.cipher = cipher;
}
/**
* Creates a new instance of EncryptedData.
*
* @param etype The encription algorithm
* @param cipher the encrypted text
*/
public EncryptedData( EncryptionType eType, byte[] cipher )
{
this.eType = eType;
this.hasKvno = !HAS_KVNO;
kvno = -1;
this.cipher = cipher;
}
/**
* Returns the {@link EncryptionType}.
*
* @return The {@link EncryptionType}.
*/
public EncryptionType getEncryptionType()
{
return eType;
}
/**
* Set the EncryptionType
* @param eType the EncryptionType
*/
public void setEncryptionType( EncryptionType eType )
{
this.eType = eType;
}
/**
* Returns the key version.
*
* @return The key version.
*/
public int getKeyVersion()
{
return hasKvno ? kvno : -1;
}
/**
* Set the key version
* @param kvno The key version
*/
public void setKeyVersion( int kvno )
{
this.kvno = kvno;
}
/**
* Tells if there is a key version.
*
* @return <code>true</code> if there is a key version.
*/
public boolean hasKeyVersion()
{
return hasKvno;
}
/**
* Returns the raw cipher text.
*
* @return The raw cipher text.
*/
public byte[] getCipher()
{
return cipher;
}
/**
* Set the cipher text
* @param cipher The cipher text
*/
public void setCipherText( byte[] cipher )
{
this.cipher = cipher;
}
/**
* Compute the EncryptedData length
*
* EncryptedData :
*
* 0x30 L1 EncryptedData sequence
* |
* +--> 0xA1 L2 etype tag
* | |
* | +--> 0x02 L2-1 etype (int)
* |
* +--> [0xA2 L3 kvno tag
* | |
* | +--> 0x30 L3-1 kvno (int)] (optional)
* |
* +--> 0xA2 L4 cipher tag
* |
* +--> 0x04 L4-1 cipher (OCTET STRING)
*/
public int computeLength()
{
encryptedDataSeqLength = 0;
// Compute the encryption Type length
int eTypeLength = Value.getNbBytes( eType.getOrdinal() );
eTypeTagLength = 1 + TLV.getNbBytes( eTypeLength ) + eTypeLength;
encryptedDataSeqLength = 1 + TLV.getNbBytes( eTypeTagLength ) + eTypeTagLength;
// Compute the kvno length if any
if ( hasKvno )
{
int kvnoLength = Value.getNbBytes( kvno );
kvnoTagLength = 1 + TLV.getNbBytes( kvnoLength ) + kvnoLength;
encryptedDataSeqLength += 1 + TLV.getNbBytes( kvnoTagLength ) + kvnoTagLength;
}
else
{
kvnoTagLength = 0;
}
// Compute the cipher
if ( ( cipher == null ) || ( cipher.length == 0 ) )
{
cipherTagLength = 1 + 1;
}
else
{
cipherTagLength = 1 + TLV.getNbBytes( cipher.length ) + cipher.length;
}
encryptedDataSeqLength += 1 + TLV.getNbBytes( cipherTagLength ) + cipherTagLength;
// Compute the whole sequence length
return 1 + TLV.getNbBytes( encryptedDataSeqLength ) + encryptedDataSeqLength;
}
/**
* Encode the EncryptedData message to a PDU.
*
* EncryptedData :
*
* 0x30 LL
* 0xA0 LL
* 0x02 0x01 etype (integer)
* [0xA1 LL
* 0x02 0x01 kvno (integer)] (optional)
* 0xA2 LL
* 0x04 LL cipher (OCTET STRING)
*
* @param buffer The buffer where to put the PDU. It should have been allocated
* before, with the right size.
* @return The constructed PDU.
*/
public ByteBuffer encode( ByteBuffer buffer ) throws EncoderException
{
if ( buffer == null )
{
throw new EncoderException( "Cannot put a PDU in a null buffer !" );
}
try
{
// The EncryptedData SEQ Tag
buffer.put( UniversalTag.SEQUENCE_TAG );
buffer.put( TLV.getBytes( encryptedDataSeqLength ) );
// The etype, first the tag, then the value
buffer.put( ( byte ) 0xA0 );
buffer.put( TLV.getBytes( eTypeTagLength ) );
Value.encode( buffer, eType.getOrdinal() );
// The kvno, if any, first the tag, then the value
if ( hasKvno )
{
buffer.put( ( byte ) 0xA1 );
buffer.put( TLV.getBytes( kvnoTagLength ) );
Value.encode( buffer, kvno );
}
// The cipher tag
buffer.put( ( byte ) 0xA2 );
buffer.put( TLV.getBytes( cipherTagLength ) );
Value.encode( buffer, cipher );
}
catch ( BufferOverflowException boe )
{
log.error(
"Cannot encode the EncryptedData object, the PDU size is {} when only {} bytes has been allocated", 1
+ TLV.getNbBytes( encryptedDataSeqLength ) + encryptedDataSeqLength, buffer.capacity() );
throw new EncoderException( "The PDU buffer size is too small !" );
}
if ( IS_DEBUG )
{
log.debug( "EncryptedData encoding : {}", StringTools.dumpBytes( buffer.array() ) );
log.debug( "EncryptedData initial value : {}", toString() );
}
return buffer;
}
/**
* @see Object#toString()
*/
public String toString()
{
StringBuilder sb = new StringBuilder();
sb.append( "EncryptedData : {\n" );
sb.append( " etype: " ).append( eType ).append( '\n' );
if ( hasKvno )
{
sb.append( " kvno: " ).append( kvno ).append( '\n' );
}
sb.append( " cipher: " ).append( StringTools.dumpBytes( cipher ) ).append( "\n}\n" );
return sb.toString();
}
}