Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

sun.security.mule.krb5
Class EncryptionKey

java.lang.Object
  extended by sun.security.mule.krb5.EncryptionKey
All Implemented Interfaces:
Cloneable
public class EncryptionKey
extends Object
implements Cloneable

This class encapsulates the concept of an EncryptionKey. An encryption key is defined in RFC 4120 as: EncryptionKey ::= SEQUENCE { keytype [0] Int32 -- actually encryption type --, keyvalue [1] OCTET STRING } keytype This field specifies the encryption type of the encryption key that follows in the keyvalue field. Although its name is "keytype", it actually specifies an encryption type. Previously, multiple cryptosystems that performed encryption differently but were capable of using keys with the same characteristics were permitted to share an assigned number to designate the type of key; this usage is now deprecated. keyvalue This field contains the key itself, encoded as an octet string.

Field Summary
static EncryptionKey NULL_KEY
           
 
Constructor Summary
EncryptionKey(byte[] keyValue, int keyType, Integer kvno)
           
EncryptionKey(char[] password, String salt, String algorithm)
           
EncryptionKey(sun.security.util.DerValue encoding)
          Constructs an instance of EncryptionKey type.
EncryptionKey(int keyType, byte[] keyValue)
          Constructs an EncryptionKey by using the specified key type and key value.
 
Method Summary
static EncryptionKey[] acquireSecretKeys(char[] password, String salt, boolean pa_exists, int pa_etype, byte[] pa_s2kparams, Config kerberosConfig)
          Generates a list of keys using the given principal, password, and the pre-authentication values.
static EncryptionKey[] acquireSecretKeys(char[] password, String salt, Config kerberosConfig)
          Generate a list of keys using the given principal and password.
static EncryptionKey[] acquireSecretKeys(PrincipalName princ, String keytab, Config kerberosConfig)
          Obtains all versions of the secret key of the principal from a keytab.
 byte[] asn1Encode()
          Returns the ASN.1 encoding of this EncryptionKey.
 Object clone()
           
 void destroy()
           
static EncryptionKey findKey(int etype, EncryptionKey[] keys)
           
 byte[] getBytes()
          Returns the raw key bytes, not in any ASN.1 encoding.
 int getEType()
           
 Integer getKeyVersionNumber()
           
static EncryptionKey parse(sun.security.util.DerInputStream data, byte explicitTag, boolean optional)
          Parse (unmarshal) an Encryption key from a DER input stream.
 String toString()
           
 void writeKey(CCacheOutputStream cos)
          Writes key value in FCC format to a CCacheOutputStream.
 
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

NULL_KEY

public static final EncryptionKey NULL_KEY
Constructor Detail

EncryptionKey

public EncryptionKey(byte[] keyValue,
                     int keyType,
                     Integer kvno)

EncryptionKey

public EncryptionKey(int keyType,
                     byte[] keyValue)
Constructs an EncryptionKey by using the specified key type and key value. It is used to recover the key when retrieving data from credential cache file.

EncryptionKey

public EncryptionKey(char[] password,
                     String salt,
                     String algorithm)
              throws KrbCryptoException
Throws:
KrbCryptoException

EncryptionKey

public EncryptionKey(sun.security.util.DerValue encoding)
              throws Asn1Exception,
                     IOException
Constructs an instance of EncryptionKey type.

Parameters:
encoding - a single DER-encoded value.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
IOException - if an I/O error occurs while reading encoded data.
Method Detail

getEType

public int getEType()

getKeyVersionNumber

public final Integer getKeyVersionNumber()

getBytes

public final byte[] getBytes()
Returns the raw key bytes, not in any ASN.1 encoding.

clone

public Object clone()
Overrides:
clone in class Object

acquireSecretKeys

public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
                                                String keytab,
                                                Config kerberosConfig)
                                         throws KrbException,
                                                IOException
Obtains all versions of the secret key of the principal from a keytab.

Parameters:
keytab - the path to the keytab file. A value of null will be accepted to indicate that the default path should be searched.
Throws:
KrbException
IOException

acquireSecretKeys

public static EncryptionKey[] acquireSecretKeys(char[] password,
                                                String salt,
                                                Config kerberosConfig)
                                         throws KrbException
Generate a list of keys using the given principal and password. Construct a key for each configured etype. Caller is responsible for clearing password.

Throws:
KrbException

acquireSecretKeys

public static EncryptionKey[] acquireSecretKeys(char[] password,
                                                String salt,
                                                boolean pa_exists,
                                                int pa_etype,
                                                byte[] pa_s2kparams,
                                                Config kerberosConfig)
                                         throws KrbException
Generates a list of keys using the given principal, password, and the pre-authentication values.

Throws:
KrbException

asn1Encode

public byte[] asn1Encode()
                  throws Asn1Exception,
                         IOException
Returns the ASN.1 encoding of this EncryptionKey. EncryptionKey ::= SEQUENCE { keytype[0] INTEGER, keyvalue[1] OCTET STRING }

This definition reflects the Network Working Group RFC 4120 specification available at http://www.ietf.org/rfc/rfc4120.txt.

Returns:
byte array of encoded EncryptionKey object.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
IOException - if an I/O error occurs while reading encoded data.

destroy

public void destroy()

parse

public static EncryptionKey parse(sun.security.util.DerInputStream data,
                                  byte explicitTag,
                                  boolean optional)
                           throws Asn1Exception,
                                  IOException
Parse (unmarshal) an Encryption key from a DER input stream. This form parsing might be used when expanding a value which is part of a constructed sequence and uses explicitly tagged type.

Parameters:
data - the Der input stream value, which contains one or more marshaled value.
explicitTag - tag number.
optional - indicate if this data field is optional
Returns:
an instance of EncryptionKey.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
IOException - if an I/O error occurs while reading encoded data.

writeKey

public void writeKey(CCacheOutputStream cos)
              throws IOException
Writes key value in FCC format to a CCacheOutputStream.

Parameters:
cos - a CCacheOutputStream to be written to.
Throws:
IOException - if an I/O exception occurs.
See Also:
CCacheOutputStream

toString

public String toString()
Overrides:
toString in class Object

findKey

public static EncryptionKey findKey(int etype,
                                    EncryptionKey[] keys)
                             throws KrbException
Throws:
KrbException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013. All Rights Reserved.