List of usage examples for org.bouncycastle.asn1 DERApplicationSpecific isConstructed
public boolean isConstructed()
From source file:jcifs.pac.kerberos.KerberosApRequest.java
License:Open Source License
public KerberosApRequest(byte[] token, KerberosKey[] keys) throws PACDecodingException { if (token.length <= 0) throw new PACDecodingException("Empty kerberos ApReq"); DLSequence sequence;/*from ww w. j a va2 s .c o m*/ try { try (ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token))) { sequence = ASN1Util.as(DLSequence.class, stream); } } catch (IOException e) { throw new PACDecodingException("Malformed Kerberos Ticket", e); } Enumeration<?> fields = sequence.getObjects(); while (fields.hasMoreElements()) { ASN1TaggedObject tagged = ASN1Util.as(ASN1TaggedObject.class, fields.nextElement()); switch (tagged.getTagNo()) { case 0: ASN1Integer pvno = ASN1Util.as(ASN1Integer.class, tagged); if (!pvno.getValue().equals(new BigInteger(KerberosConstants.KERBEROS_VERSION))) { throw new PACDecodingException("Invalid kerberos version"); } break; case 1: ASN1Integer msgType = ASN1Util.as(ASN1Integer.class, tagged); if (!msgType.getValue().equals(new BigInteger(KerberosConstants.KERBEROS_AP_REQ))) throw new PACDecodingException("Invalid kerberos request"); break; case 2: DERBitString bitString = ASN1Util.as(DERBitString.class, tagged); this.apOptions = bitString.getBytes()[0]; break; case 3: DERApplicationSpecific derTicket = ASN1Util.as(DERApplicationSpecific.class, tagged); if (!derTicket.isConstructed()) throw new PACDecodingException("Malformed Kerberos Ticket"); this.ticket = new KerberosTicket(derTicket.getContents(), this.apOptions, keys); break; case 4: // Let's ignore this for now break; default: throw new PACDecodingException("Invalid field in kerberos ticket"); } } }
From source file:jcifs.pac.kerberos.KerberosEncData.java
License:Open Source License
public KerberosEncData(byte[] token, Key key) throws PACDecodingException { ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)); DERApplicationSpecific derToken; try {// www. j av a 2s. c o m derToken = ASN1Util.as(DERApplicationSpecific.class, stream); if (!derToken.isConstructed()) throw new PACDecodingException("Malformed kerberos ticket"); stream.close(); } catch (IOException e) { throw new PACDecodingException("Malformed kerberos ticket", e); } stream = new ASN1InputStream(new ByteArrayInputStream(derToken.getContents())); DLSequence sequence; try { sequence = ASN1Util.as(DLSequence.class, stream); stream.close(); } catch (IOException e) { throw new PACDecodingException("Malformed kerberos ticket", e); } Enumeration<?> fields = sequence.getObjects(); while (fields.hasMoreElements()) { ASN1TaggedObject tagged = ASN1Util.as(ASN1TaggedObject.class, fields); switch (tagged.getTagNo()) { case 0: // Ticket Flags break; case 1: // Key break; case 2: // Realm DERGeneralString derRealm = ASN1Util.as(DERGeneralString.class, tagged); this.userRealm = derRealm.getString(); break; case 3: // Principal DLSequence principalSequence = ASN1Util.as(DLSequence.class, tagged); DLSequence nameSequence = ASN1Util.as(DLSequence.class, ASN1Util.as(DERTaggedObject.class, principalSequence, 1)); StringBuilder nameBuilder = new StringBuilder(); Enumeration<?> parts = nameSequence.getObjects(); while (parts.hasMoreElements()) { Object part = parts.nextElement(); DERGeneralString stringPart = ASN1Util.as(DERGeneralString.class, part); nameBuilder.append(stringPart.getString()); if (parts.hasMoreElements()) nameBuilder.append('/'); } this.userPrincipalName = nameBuilder.toString(); break; case 4: // Transited Encoding break; case 5: // Kerberos Time // DERGeneralizedTime derTime = KerberosUtil.readAs(tagged, // DERGeneralizedTime.class); break; case 6: // Kerberos Time // DERGeneralizedTime derTime = KerberosUtil.readAs(tagged, // DERGeneralizedTime.class); break; case 7: // Kerberos Time // DERGeneralizedTime derTime = KerberosUtil.readAs(tagged, // DERGeneralizedTime.class); break; case 8: // Kerberos Time // DERGeneralizedTime derTime = KerberosUtil.readAs(tagged, // DERGeneralizedTime.class); break; case 9: // Host Addresses DLSequence adressesSequence = ASN1Util.as(DLSequence.class, tagged); Enumeration<?> adresses = adressesSequence.getObjects(); while (adresses.hasMoreElements()) { DLSequence addressSequence = ASN1Util.as(DLSequence.class, adresses); ASN1Integer addressType = ASN1Util.as(ASN1Integer.class, addressSequence, 0); DEROctetString addressOctets = ASN1Util.as(DEROctetString.class, addressSequence, 1); this.userAddresses = new ArrayList<>(); if (addressType.getValue().intValue() == KerberosConstants.AF_INTERNET) { InetAddress userAddress = null; try { userAddress = InetAddress.getByAddress(addressOctets.getOctets()); } catch (UnknownHostException e) { } this.userAddresses.add(userAddress); } } break; case 10: // Authorization Data DLSequence authSequence = ASN1Util.as(DLSequence.class, tagged); this.userAuthorizations = new ArrayList<>(); Enumeration<?> authElements = authSequence.getObjects(); while (authElements.hasMoreElements()) { DLSequence authElement = ASN1Util.as(DLSequence.class, authElements); ASN1Integer authType = ASN1Util.as(ASN1Integer.class, ASN1Util.as(DERTaggedObject.class, authElement, 0)); DEROctetString authData = ASN1Util.as(DEROctetString.class, ASN1Util.as(DERTaggedObject.class, authElement, 1)); this.userAuthorizations.addAll( KerberosAuthData.parse(authType.getValue().intValue(), authData.getOctets(), key)); } break; default: throw new PACDecodingException("Unknown field " + tagged.getTagNo()); } } }
From source file:jcifs.pac.kerberos.KerberosToken.java
License:Open Source License
public KerberosToken(byte[] token, KerberosKey[] keys) throws PACDecodingException { if (token.length <= 0) throw new PACDecodingException("Empty kerberos token"); try {/* w w w. j a v a 2 s . c o m*/ ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)); DERApplicationSpecific derToken = ASN1Util.as(DERApplicationSpecific.class, stream); if (derToken == null || !derToken.isConstructed()) throw new PACDecodingException("Malformed kerberos token"); stream.close(); stream = new ASN1InputStream(new ByteArrayInputStream(derToken.getContents())); ASN1ObjectIdentifier kerberosOid = ASN1Util.as(ASN1ObjectIdentifier.class, stream); if (!kerberosOid.getId().equals(KerberosConstants.KERBEROS_OID)) throw new PACDecodingException("Not a kerberos token"); int read = 0; int readLow = stream.read() & 0xff; int readHigh = stream.read() & 0xff; read = (readHigh << 8) + readLow; if (read != 0x01) throw new PACDecodingException("Malformed kerberos token"); DERApplicationSpecific krbToken = ASN1Util.as(DERApplicationSpecific.class, stream); if (krbToken == null || !krbToken.isConstructed()) throw new PACDecodingException("Malformed kerberos token"); stream.close(); this.apRequest = new KerberosApRequest(krbToken.getContents(), keys); } catch (IOException e) { throw new PACDecodingException("Malformed kerberos token", e); } }
From source file:jcifs.spnego.NegTokenInit.java
License:Open Source License
@Override protected void parse(byte[] token) throws IOException { try (ASN1InputStream is = new ASN1InputStream(token)) { DERApplicationSpecific constructed = (DERApplicationSpecific) is.readObject(); if (constructed == null || !constructed.isConstructed()) throw new IOException("Malformed SPNEGO token " + constructed + (constructed != null ? " " + constructed.isConstructed() + " " + constructed.getApplicationTag() : "")); try (ASN1InputStream der = new ASN1InputStream(constructed.getContents())) { ASN1ObjectIdentifier spnego = (ASN1ObjectIdentifier) der.readObject(); if (!SPNEGO_OID.equals(spnego)) { throw new IOException("Malformed SPNEGO token, OID " + spnego); }/*w w w .j ava 2 s . c o m*/ ASN1TaggedObject tagged = (ASN1TaggedObject) der.readObject(); if (tagged.getTagNo() != 0) { throw new IOException("Malformed SPNEGO token: tag " + tagged.getTagNo() + " " + tagged); } ASN1Sequence sequence = ASN1Sequence.getInstance(tagged, true); Enumeration<ASN1Object> fields = sequence.getObjects(); while (fields.hasMoreElements()) { tagged = (ASN1TaggedObject) fields.nextElement(); switch (tagged.getTagNo()) { case 0: sequence = ASN1Sequence.getInstance(tagged, true); Oid[] mechs = new Oid[sequence.size()]; for (int i = mechs.length - 1; i >= 0; i--) { ASN1ObjectIdentifier mechanism = (ASN1ObjectIdentifier) sequence.getObjectAt(i); mechs[i] = new Oid(mechanism.getId()); } setMechanisms(mechs); break; case 1: DERBitString ctxFlags = DERBitString.getInstance(tagged, true); setContextFlags(ctxFlags.getBytes()[0] & 0xff); break; case 2: ASN1OctetString mechanismToken = ASN1OctetString.getInstance(tagged, true); setMechanismToken(mechanismToken.getOctets()); break; case 3: if (!(tagged.getObject() instanceof DEROctetString)) { break; } case 4: ASN1OctetString mechanismListMIC = ASN1OctetString.getInstance(tagged, true); setMechanismListMIC(mechanismListMIC.getOctets()); break; default: throw new IOException("Malformed token field."); } } } catch (GSSException e) { throw new IOException("Failed to read OID", e); } } }