@Override public JsonElement serialize(EncryptionKey encryptionKey, Type type, JsonSerializationContext jsonSerializationContext) { JsonObject jsonObject = new JsonObject(); jsonObject.addProperty("kvno", encryptionKey.getKvno()); try { jsonObject.addProperty("key", HexUtil.bytesToHex(KrbCodec.encode(encryptionKey))); } catch (KrbException e) { throw new RuntimeException(e); } return jsonObject; } }
@Override public JsonElement serialize(EncryptionKey encryptionKey, Type type, JsonSerializationContext jsonSerializationContext) { JsonObject jsonObject = new JsonObject(); jsonObject.addProperty("kvno", encryptionKey.getKvno()); try { jsonObject.addProperty("key", HexUtil.bytesToHex(KrbCodec.encode(encryptionKey))); } catch (KrbException e) { throw new RuntimeException(e); } return jsonObject; } }
KeysInfo(KrbIdentity identity) throws KrbException { Map<EncryptionType, EncryptionKey> keymap = identity.getKeys(); this.etypes = new String[keymap.size()]; this.keys = new byte[keymap.size()][]; this.kvnos = new String[keymap.size()]; int i = 0; for (Map.Entry<EncryptionType, EncryptionKey> entryKey : keymap.entrySet()) { etypes[i] = entryKey.getKey().getValue() + ""; try { keys[i] = entryKey.getValue().encode(); } catch (IOException e) { throw new KrbException("encode key failed", e); } kvnos[i] = entryKey.getValue().getKvno() + ""; i++; } }
KeysInfo(KrbIdentity identity) throws KrbException { Map<EncryptionType, EncryptionKey> keymap = identity.getKeys(); this.etypes = new String[keymap.size()]; this.keys = new byte[keymap.size()][]; this.kvnos = new String[keymap.size()]; int i = 0; for (Map.Entry<EncryptionType, EncryptionKey> entryKey : keymap.entrySet()) { etypes[i] = entryKey.getKey().getValue() + ""; try { keys[i] = entryKey.getValue().encode(); } catch (IOException e) { throw new KrbException("encode key failed", e); } kvnos[i] = entryKey.getValue().getKvno() + ""; i++; } }
protected void testGet(IdentityBackend backend) throws KrbException { KrbIdentity kid = BackendTestUtil.createOneIdentity(TEST_PRINCIPAL); backend.addIdentity(kid); // clear the identity cache. backend.release(); KrbIdentity identity = backend.getIdentity(TEST_PRINCIPAL); assertThat(identity).isNotNull(); assertThat(identity.getExpireTime()).isEqualTo(kid.getExpireTime()); assertThat(identity.isDisabled()).isEqualTo(kid.isDisabled()); assertThat(identity.getKeyVersion()).isEqualTo(kid.getKeyVersion()); for (EncryptionKey expectedKey : kid.getKeys().values()) { EncryptionType actualType = EncryptionType.fromValue(expectedKey.getKeyType().getValue()); EncryptionKey actualKey = identity.getKey(actualType); assertThat(actualKey.getKeyType().getValue()).isEqualTo(expectedKey.getKeyType().getValue()); assertThat(actualKey.getKeyData()).isEqualTo(expectedKey.getKeyData()); assertThat(actualKey.getKvno()).isEqualTo(expectedKey.getKvno()); } //tearDown backend.deleteIdentity(TEST_PRINCIPAL); }
/** * Export all the keys of the specified identity into the keytab. * * @param keytab The keytab * @param identity The identity * @throws KrbException If there is a problem exporting the identity to the keytab */ public static void exportToKeytab(Keytab keytab, KrbIdentity identity) throws KrbException { //Add principal to keytab. PrincipalName principal = identity.getPrincipal(); KerberosTime timestamp = KerberosTime.now(); for (EncryptionType encType : identity.getKeys().keySet()) { EncryptionKey ekey = identity.getKeys().get(encType); int keyVersion = ekey.getKvno(); keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey)); } }
/** * Export all the keys of the specified identity into the keytab. * * @param keytab The keytab * @param identity The identity * @throws KrbException If there is a problem exporting the identity to the keytab */ public static void exportToKeytab(Keytab keytab, KrbIdentity identity) throws KrbException { //Add principal to keytab. PrincipalName principal = identity.getPrincipal(); KerberosTime timestamp = KerberosTime.now(); for (EncryptionType encType : identity.getKeys().keySet()) { EncryptionKey ekey = identity.getKeys().get(encType); int keyVersion = ekey.getKvno(); keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey)); } }
protected void testGet(IdentityBackend backend) throws KrbException { KrbIdentity kid = BackendTestUtil.createOneIdentity(TEST_PRINCIPAL); backend.addIdentity(kid); // clear the identity cache. backend.release(); KrbIdentity identity = backend.getIdentity(TEST_PRINCIPAL); assertThat(identity).isNotNull(); assertThat(identity.getExpireTime()).isEqualTo(kid.getExpireTime()); assertThat(identity.isDisabled()).isEqualTo(kid.isDisabled()); assertThat(identity.getKeyVersion()).isEqualTo(kid.getKeyVersion()); for (EncryptionKey expectedKey : kid.getKeys().values()) { EncryptionType actualType = EncryptionType.fromValue(expectedKey.getKeyType().getValue()); EncryptionKey actualKey = identity.getKey(actualType); assertThat(actualKey.getKeyType().getValue()).isEqualTo(expectedKey.getKeyType().getValue()); assertThat(actualKey.getKeyData()).isEqualTo(expectedKey.getKeyData()); assertThat(actualKey.getKvno()).isEqualTo(expectedKey.getKvno()); } //tearDown backend.deleteIdentity(TEST_PRINCIPAL); }
try (PreparedStatement preKey = connection.prepareStatement(stmKey)) { preKey.setString(1, entry.getKey().getName()); preKey.setInt(2, entry.getValue().getKvno()); preKey.setBlob(3, new SerialBlob(entry.getValue().getKeyData())); preKey.setString(4, principalName);
try (PreparedStatement preKey = connection.prepareStatement(stmKey)) { preKey.setString(1, entry.getKey().getName()); preKey.setInt(2, entry.getValue().getKvno()); preKey.setBlob(3, new SerialBlob(entry.getValue().getKeyData())); preKey.setString(4, principalName);
public void setKeys(Map<EncryptionType, EncryptionKey> keys) throws KeeperException, IOException { if (ZKUtil.checkExists(this.zk, IdentityZNodeHelper.getKeysZNode(this.identityName)) == -1) { ZKUtil.createWithParents(this.zk, IdentityZNodeHelper.getKeysZNode(this.identityName)); } Iterator<Map.Entry<EncryptionType, EncryptionKey>> it = keys.entrySet().iterator(); while (it.hasNext()) { Map.Entry<EncryptionType, EncryptionKey> pair = it.next(); EncryptionType key = (EncryptionType) pair.getKey(); ZKUtil.createWithParents(this.zk, IdentityZNodeHelper.getKeyTypeZNode(this.identityName, key.getName())); EncryptionKey value = (EncryptionKey) pair.getValue(); ZKUtil.createSetData(this.zk, IdentityZNodeHelper.getEncryptionKeyZNode(this.identityName, key.getName()), value.encode()); ZKUtil.createSetData(this.zk, IdentityZNodeHelper.getEncryptionKeyNoZNode(this.identityName, key.getName()), BytesUtil.int2bytes(value.getKvno(), true)); } }
/** * Encrypt with the encryption key and key usage. * * @param plainText The plain test * @param key The encryption key * @param usage The key usage * @return The encrypted data * @throws KrbException e */ public static EncryptedData encrypt(byte[] plainText, EncryptionKey key, KeyUsage usage) throws KrbException { EncTypeHandler handler = getEncHandler(key.getKeyType()); byte[] cipher = handler.encrypt(plainText, key.getKeyData(), usage.getValue()); EncryptedData ed = new EncryptedData(); ed.setCipher(cipher); ed.setEType(key.getKeyType()); if (key.getKvno() > 0) { ed.setKvno(key.getKvno()); } return ed; }
/** * Encrypt with the encryption key and key usage. * * @param plainText The plain test * @param key The encryption key * @param usage The key usage * @return The encrypted data * @throws KrbException e */ public static EncryptedData encrypt(byte[] plainText, EncryptionKey key, KeyUsage usage) throws KrbException { EncTypeHandler handler = getEncHandler(key.getKeyType()); byte[] cipher = handler.encrypt(plainText, key.getKeyData(), usage.getValue()); EncryptedData ed = new EncryptedData(); ed.setCipher(cipher); ed.setEType(key.getKeyType()); if (key.getKvno() > 0) { ed.setKvno(key.getKvno()); } return ed; }