/** * Dump a keytab: list all principals. * * @param keytabFile the keytab file * @throws IOException IO problems */ private void dumpKeytab(File keytabFile) throws IOException { title("Examining keytab %s", keytabFile); File kt = keytabFile.getCanonicalFile(); verifyFileIsValid(kt, CAT_KERBEROS, "keytab"); Keytab loadKeytab = Keytab.loadKeytab(kt); List<PrincipalName> principals = loadKeytab.getPrincipals(); println("keytab principal count: %d", principals.size()); int entrySize = 0; for (PrincipalName princ : principals) { List<KeytabEntry> entries = loadKeytab.getKeytabEntries(princ); entrySize = entrySize + entries.size(); for (KeytabEntry entry : entries) { EncryptionKey key = entry.getKey(); println(" %s: version=%d expires=%s encryption=%s", entry.getPrincipal(), entry.getKvno(), entry.getTimestamp(), key.getKeyType()); } } println("keytab entry count: %d", entrySize); endln(); }
@Test(timeout = 60000) public void testKeytabGen() throws Exception { MiniKdc kdc = getKdc(); File workDir = getWorkDir(); kdc.createPrincipal(new File(workDir, "keytab"), "foo/bar", "bar/foo"); List<PrincipalName> principalNameList = Keytab.loadKeytab(new File(workDir, "keytab")).getPrincipals(); Set<String> principals = new HashSet<String>(); for (PrincipalName principalName : principalNameList) { principals.add(principalName.getName()); } Assert.assertEquals(new HashSet<String>(Arrays.asList( "foo/bar@" + kdc.getRealm(), "bar/foo@" + kdc.getRealm())), principals); }
/** * Load keytab from keytab file. * * @param keytabFile The keytab file * @return The keytab load from keytab file * @throws KrbException If there is a problem loading the keytab */ public static Keytab loadKeytab(File keytabFile) throws KrbException { Keytab keytab; try { keytab = Keytab.loadKeytab(keytabFile); } catch (IOException e) { throw new KrbException("Failed to load keytab", e); } return keytab; }
/** * If keytab file does not exist, create a new keytab, * otherwise load keytab from keytab file. * * @param keytabFile The keytab file * @return The keytab load from keytab file * @throws KrbException If there is a problem creating or loading the keytab */ public static Keytab createOrLoadKeytab(File keytabFile) throws KrbException { Keytab keytab; try { if (!keytabFile.exists()) { if (!keytabFile.createNewFile()) { throw new KrbException("Failed to create keytab file " + keytabFile.getAbsolutePath()); } keytab = new Keytab(); } else { keytab = Keytab.loadKeytab(keytabFile); } } catch (IOException e) { throw new KrbException("Failed to load or create keytab " + keytabFile.getAbsolutePath(), e); } return keytab; }
@Override public void removeKeytabEntries(PrincipalName principal, int kvno) { List<KeytabEntry> entries = getKeytabEntries(principal); for (KeytabEntry entry : entries) { if (entry.getKvno() == kvno) { removeKeytabEntry(entry); } } }
@Override public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType) { List<KeytabEntry> entries = getKeytabEntries(principal); for (KeytabEntry ke : entries) { if (ke.getKey().getKeyType() == keyType) { return ke.getKey(); } } // Maybe we have a key stored under a different name for the same type int keyTypeValue = keyType.getValue(); for (KeytabEntry ke : entries) { if (keyTypeValue == ke.getKey().getKeyType().getValue()) { return ke.getKey(); } } return null; }
@Override public void addKeytabEntries(List<KeytabEntry> entries) { for (KeytabEntry entry : entries) { addEntry(entry); } }
@Override public void store(File keytabFile) throws IOException { try (OutputStream outputStream = Files.newOutputStream(keytabFile.toPath())) { store(outputStream); } }
/** * Get all the unique principals present in the keytabfile. * * @param keytabFileName * Name of the keytab file to be read. * @return list of unique principals in the keytab. * @throws IOException * If keytab entries cannot be read from the file. */ static final String[] getPrincipalNames(String keytabFileName) throws IOException { Keytab keytab = Keytab.loadKeytab(new File(keytabFileName)); Set<String> principals = new HashSet<String>(); List<PrincipalName> entries = keytab.getPrincipals(); for (PrincipalName entry : entries) { principals.add(entry.getName().replace("\\", "/")); } return principals.toArray(new String[0]); }
/** * Load keytab from keytab file. * * @param keytabFile The keytab file * @return The keytab load from keytab file * @throws KrbException If there is a problem loading the keytab */ public static Keytab loadKeytab(File keytabFile) throws KrbException { Keytab keytab; try { keytab = Keytab.loadKeytab(keytabFile); } catch (IOException e) { throw new KrbException("Failed to load keytab", e); } return keytab; }
/** * If keytab file does not exist, create a new keytab, * otherwise load keytab from keytab file. * * @param keytabFile The keytab file * @return The keytab load from keytab file * @throws KrbException If there is a problem creating or loading the keytab */ public static Keytab createOrLoadKeytab(File keytabFile) throws KrbException { Keytab keytab; try { if (!keytabFile.exists()) { if (!keytabFile.createNewFile()) { throw new KrbException("Failed to create keytab file " + keytabFile.getAbsolutePath()); } keytab = new Keytab(); } else { keytab = Keytab.loadKeytab(keytabFile); } } catch (IOException e) { throw new KrbException("Failed to load or create keytab " + keytabFile.getAbsolutePath(), e); } return keytab; }
@Override public void removeKeytabEntries(PrincipalName principal, int kvno) { List<KeytabEntry> entries = getKeytabEntries(principal); for (KeytabEntry entry : entries) { if (entry.getKvno() == kvno) { removeKeytabEntry(entry); } } }
@Override public EncryptionKey getKey(PrincipalName principal, EncryptionType keyType) { List<KeytabEntry> entries = getKeytabEntries(principal); for (KeytabEntry ke : entries) { if (ke.getKey().getKeyType() == keyType) { return ke.getKey(); } } // Maybe we have a key stored under a different name for the same type int keyTypeValue = keyType.getValue(); for (KeytabEntry ke : entries) { if (keyTypeValue == ke.getKey().getKeyType().getValue()) { return ke.getKey(); } } return null; }
@Override public void addKeytabEntries(List<KeytabEntry> entries) { for (KeytabEntry entry : entries) { addEntry(entry); } }
@Override public void store(File keytabFile) throws IOException { try (OutputStream outputStream = Files.newOutputStream(keytabFile.toPath())) { store(outputStream); } }
Keytab keytab = Keytab.loadKeytab(keytabFile); List<PrincipalName> principals = keytab.getPrincipals(); for (PrincipalName principal : principals) { List<KeytabEntry> keytabEntries = keytab.getKeytabEntries(principal); for (KeytabEntry entry : keytabEntries) { StringBuilder sb = new StringBuilder();
/** * Get all the unique principals present in the keytabfile. * * @param keytabFileName * Name of the keytab file to be read. * @return list of unique principals in the keytab. * @throws IOException * If keytab entries cannot be read from the file. */ static final String[] getPrincipalNames(String keytabFileName) throws IOException { Keytab keytab = Keytab.loadKeytab(new File(keytabFileName)); Set<String> principals = new HashSet<>(); List<PrincipalName> entries = keytab.getPrincipals(); for (PrincipalName entry : entries) { principals.add(entry.getName().replace("\\", "/")); } return principals.toArray(new String[0]); }
private Keytab getKeytab() { File keytabFile = null; KOptions kOptions = getRequestOptions(); if (kOptions.contains(KrbOption.KEYTAB_FILE)) { keytabFile = kOptions.getFileOption(KrbOption.KEYTAB_FILE); } if (kOptions.contains(KrbOption.USE_DFT_KEYTAB)) { final String clientKeytabEnv = System.getenv("KRB5_CLIENT_KTNAME"); final String clientKeytabDft = getContext().getConfig().getString( "default_client_keytab_name"); if (clientKeytabEnv != null) { keytabFile = new File(clientKeytabEnv); } else if (clientKeytabDft != null) { keytabFile = new File(clientKeytabDft); } else { System.err.println("Default client keytab file not found."); } } Keytab keytab = null; try { keytab = Keytab.loadKeytab(keytabFile); } catch (IOException e) { System.err.println("Can not load keytab from file" + keytabFile.getAbsolutePath()); } return keytab; }