| /* |
| * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package sun.security.jgss.krb5; |
| |
| import org.ietf.jgss.*; |
| import sun.security.jgss.*; |
| import java.io.InputStream; |
| import java.io.OutputStream; |
| import java.io.IOException; |
| import java.io.ByteArrayOutputStream; |
| import java.util.Arrays; |
| import sun.security.krb5.Confounder; |
| |
| /** |
| * This class represents the new format of GSS tokens, as specified in RFC |
| * 4121, emitted by the GSSContext.wrap() call. It is a MessageToken except |
| * that it also contains plaintext or encrypted data at the end. A WrapToken |
| * has certain other rules that are peculiar to it and different from a |
| * MICToken, which is another type of MessageToken. All data in a WrapToken is |
| * prepended by a random confounder of 16 bytes. Thus, all application data |
| * is replaced by (confounder || data || tokenHeader || checksum). |
| * |
| * @author Seema Malkani |
| */ |
| class WrapToken_v2 extends MessageToken_v2 { |
| |
| // Accessed by CipherHelper |
| byte[] confounder = null; |
| |
| private final boolean privacy; |
| |
| /** |
| * Constructs a WrapToken from token bytes obtained from the |
| * peer. |
| * @param context the mechanism context associated with this |
| * token |
| * @param tokenBytes the bytes of the token |
| * @param tokenOffset the offset of the token |
| * @param tokenLen the length of the token |
| * @param prop the MessageProp into which characteristics of the |
| * parsed token will be stored. |
| * @throws GSSException if the token is defective |
| */ |
| public WrapToken_v2(Krb5Context context, |
| byte[] tokenBytes, int tokenOffset, int tokenLen, |
| MessageProp prop) throws GSSException { |
| |
| super(Krb5Token.WRAP_ID_v2, context, |
| tokenBytes, tokenOffset, tokenLen, prop); |
| this.privacy = prop.getPrivacy(); |
| } |
| |
| /** |
| * Constructs a WrapToken from token bytes read on the fly from |
| * an InputStream. |
| * @param context the mechanism context associated with this |
| * token |
| * @param is the InputStream containing the token bytes |
| * @param prop the MessageProp into which characteristics of the |
| * parsed token will be stored. |
| * @throws GSSException if the token is defective or if there is |
| * a problem reading from the InputStream |
| */ |
| public WrapToken_v2(Krb5Context context, |
| InputStream is, MessageProp prop) |
| throws GSSException { |
| |
| super(Krb5Token.WRAP_ID_v2, context, is, prop); |
| this.privacy = prop.getPrivacy(); |
| } |
| |
| /** |
| * Obtains the application data that was transmitted in this |
| * WrapToken. |
| * @return a byte array containing the application data |
| * @throws GSSException if an error occurs while decrypting any |
| * cipher text and checking for validity |
| */ |
| public byte[] getData() throws GSSException { |
| |
| byte[] temp = new byte[tokenDataLen]; |
| int len = getData(temp, 0); |
| return Arrays.copyOf(temp, len); |
| } |
| |
| /** |
| * Obtains the application data that was transmitted in this |
| * WrapToken, writing it into an application provided output |
| * array. |
| * @param dataBuf the output buffer into which the data must be |
| * written |
| * @param dataBufOffset the offset at which to write the data |
| * @return the size of the data written |
| * @throws GSSException if an error occurs while decrypting any |
| * cipher text and checking for validity |
| */ |
| public int getData(byte[] dataBuf, int dataBufOffset) |
| throws GSSException { |
| |
| // debug("WrapToken cons: data is token is [" + |
| // getHexBytes(tokenBytes, tokenOffset, tokenLen) + "]\n"); |
| |
| // Do decryption if this token was privacy protected. |
| if (privacy) { |
| |
| // decrypt data |
| cipherHelper.decryptData(this, tokenData, 0, tokenDataLen, |
| dataBuf, dataBufOffset, getKeyUsage()); |
| |
| return tokenDataLen - CONFOUNDER_SIZE - |
| TOKEN_HEADER_SIZE - cipherHelper.getChecksumLength(); |
| } else { |
| |
| // Token data is in cleartext |
| // debug("\t\tNo encryption was performed by peer.\n"); |
| |
| // data |
| int data_length = tokenDataLen - cipherHelper.getChecksumLength(); |
| System.arraycopy(tokenData, 0, |
| dataBuf, dataBufOffset, |
| data_length); |
| // debug("\t\tData is: " + getHexBytes(dataBuf, data_length)); |
| |
| /* |
| * Make sure checksum is not corrupt |
| */ |
| if (!verifySign(dataBuf, dataBufOffset, data_length)) { |
| throw new GSSException(GSSException.BAD_MIC, -1, |
| "Corrupt checksum in Wrap token"); |
| } |
| return data_length; |
| } |
| } |
| |
| /** |
| * Writes a WrapToken_v2 object |
| */ |
| public WrapToken_v2(Krb5Context context, MessageProp prop, |
| byte[] dataBytes, int dataOffset, int dataLen) |
| throws GSSException { |
| |
| super(Krb5Token.WRAP_ID_v2, context); |
| |
| confounder = Confounder.bytes(CONFOUNDER_SIZE); |
| |
| // debug("\nWrapToken cons: data to wrap is [" + |
| // getHexBytes(confounder) + " " + |
| // getHexBytes(dataBytes, dataOffset, dataLen) + "]\n"); |
| |
| genSignAndSeqNumber(prop, dataBytes, dataOffset, dataLen); |
| |
| /* |
| * If the application decides to ask for privacy when the context |
| * did not negotiate for it, do not provide it. The peer might not |
| * have support for it. The app will realize this with a call to |
| * pop.getPrivacy() after wrap(). |
| */ |
| if (!context.getConfState()) |
| prop.setPrivacy(false); |
| |
| privacy = prop.getPrivacy(); |
| |
| if (!privacy) { |
| // Wrap Tokens (without confidentiality) = |
| // { 16 byte token_header | plaintext | 12-byte HMAC } |
| // where HMAC is on { plaintext | token_header } |
| |
| tokenData = new byte[dataLen + checksum.length]; |
| System.arraycopy(dataBytes, dataOffset, tokenData, 0, dataLen); |
| System.arraycopy(checksum, 0, tokenData, dataLen, checksum.length); |
| } else { |
| // Wrap Tokens (with confidentiality) = |
| // { 16 byte token_header | |
| // Encrypt(16-byte confounder | plaintext | token_header) | |
| // 12-byte HMAC } |
| |
| tokenData = cipherHelper.encryptData(this, confounder, getTokenHeader(), |
| dataBytes, dataOffset, dataLen, getKeyUsage()); |
| } |
| } |
| |
| public void encode(OutputStream os) throws IOException { |
| encodeHeader(os); |
| os.write(tokenData); |
| } |
| |
| public byte[] encode() throws IOException { |
| ByteArrayOutputStream bos = new ByteArrayOutputStream( |
| MessageToken_v2.TOKEN_HEADER_SIZE + tokenData.length); |
| encode(bos); |
| return bos.toByteArray(); |
| } |
| |
| public int encode(byte[] outToken, int offset) throws IOException { |
| byte[] token = encode(); |
| System.arraycopy(token, 0, outToken, offset, token.length); |
| return token.length; |
| } |
| |
| // This implementation is way to conservative. And it certainly |
| // doesn't return the maximum limit. |
| static int getSizeLimit(int qop, boolean confReq, int maxTokenSize, |
| CipherHelper ch) throws GSSException { |
| return (GSSHeader.getMaxMechTokenSize(OID, maxTokenSize) - |
| (TOKEN_HEADER_SIZE + ch.getChecksumLength() + CONFOUNDER_SIZE) |
| - 8 /* safety */); |
| } |
| } |