Java Code Examples for sun.security.krb5.internal.ktab.KeyTab#getInstance()
The following examples show how to use
sun.security.krb5.internal.ktab.KeyTab#getInstance() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: KtabCheck.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 2
| Source File: KtabCheck.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 3
| Source File: KtabCheck.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 4
| Source File: KDC.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Writes or appends keys into a keytab.
* <p>
* Attention: This is the most basic one of a series of methods below on
* keytab creation or modification. All these methods reference krb5.conf
* settings. If you need to modify krb5.conf or switch to another krb5.conf
* later, please call <code>Config.refresh()</code> again. For example:
* <pre>
* kdc.writeKtab("/etc/kdc/ktab", true); // Config is initialized,
* System.setProperty("java.security.krb5.conf", "/home/mykrb5.conf");
* Config.refresh();
* </pre>
* Inside this method there are 2 places krb5.conf is used:
* <ol>
* <li> (Fatal) Generating keys: EncryptionKey.acquireSecretKeys
* <li> (Has workaround) Creating PrincipalName
* </ol>
* @param tab the keytab file name
* @param append true if append, otherwise, overwrite.
* @param names the names to write into, write all if names is empty
*/
public void writeKtab(String tab, boolean append, String... names)
throws IOException, KrbException {
KeyTab ktab = append ? KeyTab.getInstance(tab) : KeyTab.create(tab);
Iterable<String> entries =
(names.length != 0) ? Arrays.asList(names): passwords.keySet();
for (String name : entries) {
char[] pass = passwords.get(name);
int kvno = 0;
if (Character.isDigit(pass[pass.length-1])) {
kvno = pass[pass.length-1] - '0';
}
PrincipalName pn = new PrincipalName(name,
name.indexOf('/') < 0 ?
PrincipalName.KRB_NT_UNKNOWN :
PrincipalName.KRB_NT_SRV_HST);
ktab.addEntry(pn,
getSalt(pn),
pass,
kvno,
true);
}
ktab.save();
}
Example 5
| Source File: KtabCheck.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 6
| Source File: KtabCheck.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 7
| Source File: KtabCheck.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Checks if a keytab contains exactly the keys (kvno and etype)
* @param args keytabname kvno etype...
*/
public static void main(String[] args) throws Exception {
System.out.println("Checking " + Arrays.toString(args));
KeyTab ktab = KeyTab.getInstance(args[0]);
Set<String> expected = new HashSet<>();
for (int i=1; i<args.length; i += 2) {
expected.add(args[i]+":"+args[i+1]);
}
for (KeyTabEntry e: ktab.getEntries()) {
// KVNO and etype
String vne = e.getKey().getKeyVersionNumber() + ":" +
e.getKey().getEType();
if (!expected.contains(vne)) {
throw new Exception("No " + vne + " in expected");
}
expected.remove(vne);
}
if (!expected.isEmpty()) {
throw new Exception("Extra elements in expected");
}
}
Example 8
| Source File: EncryptionKey.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains all versions of the secret key of the principal from a
* keytab.
*
* @Param princ the principal whose secret key is desired
* @param keytab the path to the keytab file. A value of null
* will be accepted to indicate that the default path should be
* searched.
* @returns an array of secret keys or null if none were found.
*/
public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
String keytab) {
if (princ == null)
throw new IllegalArgumentException(
"Cannot have null pricipal name to look in keytab.");
// KeyTab getInstance(keytab) will call KeyTab.getInstance()
// if keytab is null
KeyTab ktab = KeyTab.getInstance(keytab);
return ktab.readServiceKeys(princ);
}
Example 9
| Source File: FileKeyTab.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
static void check(String file) throws Exception {
System.out.println("Checking for " + file + "...");
KeyTab kt2 = KeyTab.getInstance(file);
if (kt2.isMissing()) {
throw new Exception("FILE:ktab cannot be loaded");
}
}
Example 10
| Source File: KDC.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Writes or appends keys into a keytab.
* <p>
* Attention: This is the most basic one of a series of methods below on
* keytab creation or modification. All these methods reference krb5.conf
* settings. If you need to modify krb5.conf or switch to another krb5.conf
* later, please call <code>Config.refresh()</code> again. For example:
* <pre>
* kdc.writeKtab("/etc/kdc/ktab", true); // Config is initialized,
* System.setProperty("java.security.krb5.conf", "/home/mykrb5.conf");
* Config.refresh();
* </pre>
* Inside this method there are 2 places krb5.conf is used:
* <ol>
* <li> (Fatal) Generating keys: EncryptionKey.acquireSecretKeys
* <li> (Has workaround) Creating PrincipalName
* </ol>
* @param tab the keytab file name
* @param append true if append, otherwise, overwrite.
* @param names the names to write into, write all if names is empty
*/
public void writeKtab(String tab, boolean append, String... names)
throws IOException, KrbException {
KeyTab ktab = null;
if (nativeKdc == null) {
ktab = append ? KeyTab.getInstance(tab) : KeyTab.create(tab);
}
Iterable<String> entries =
(names.length != 0) ? Arrays.asList(names): passwords.keySet();
for (String name : entries) {
if (name.indexOf('@') < 0) {
name = name + "@" + realm;
}
if (nativeKdc == null) {
char[] pass = passwords.get(name);
int kvno = 0;
if (Character.isDigit(pass[pass.length - 1])) {
kvno = pass[pass.length - 1] - '0';
}
PrincipalName pn = new PrincipalName(name,
name.indexOf('/') < 0 ?
PrincipalName.KRB_NT_UNKNOWN :
PrincipalName.KRB_NT_SRV_HST);
ktab.addEntry(pn,
getSalt(pn),
pass,
kvno,
true);
} else {
nativeKdc.ktadd(name, tab);
}
}
if (nativeKdc == null) {
ktab.save();
}
}
Example 11
| Source File: W83.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
W83 x = new W83();
// Cannot use OneKDC. kinit command cannot resolve
// hostname kdc.rabbit.hole
KDC kdc = new KDC(OneKDC.REALM, "127.0.0.1", 0, true);
kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
Config.refresh();
kdc.writeKtab(OneKDC.KTAB);
KeyTab ktab = KeyTab.getInstance(OneKDC.KTAB);
for (int etype: EType.getBuiltInDefaults()) {
if (etype != EncryptedData.ETYPE_ARCFOUR_HMAC) {
ktab.deleteEntries(new PrincipalName(OneKDC.USER), etype, -1);
}
}
ktab.save();
if (System.getProperty("6932525") != null) {
// For 6932525 and 6951366, make sure the etypes sent in 2nd AS-REQ
// is not restricted to that of preauth
kdc.setOption(KDC.Option.ONLY_RC4_TGT, true);
}
if (System.getProperty("6959292") != null) {
// For 6959292, make sure that when etype for enc-part in 2nd AS-REQ
// is different from that of preauth, client can still decrypt it
kdc.setOption(KDC.Option.RC4_FIRST_PREAUTH, true);
}
x.go();
}
Example 12
| Source File: KtabZero.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
static void check(boolean showBeMissing) throws Exception {
KeyTab kt = KeyTab.getInstance(NAME);
if (kt.isMissing() != showBeMissing) {
throw new Exception("isMissing is not " + showBeMissing);
}
Field f = KeyTab.class.getDeclaredField("kt_vno");
f.setAccessible(true);
if (f.getInt(kt) != KeyTabConstants.KRB5_KT_VNO) {
throw new Exception("kt_vno is " + f.getInt(kt));
}
}
Example 13
| Source File: FileKeyTab.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
static void check(String file) throws Exception {
System.out.println("Checking for " + file + "...");
KeyTab kt2 = KeyTab.getInstance(file);
if (kt2.isMissing()) {
throw new Exception("FILE:ktab cannot be loaded");
}
}
Example 14
| Source File: FileKeyTab.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
static void check(String file) throws Exception {
System.out.println("Checking for " + file + "...");
KeyTab kt2 = KeyTab.getInstance(file);
if (kt2.isMissing()) {
throw new Exception("FILE:ktab cannot be loaded");
}
}
Example 15
| Source File: KtabZero.java From hottub with GNU General Public License v2.0 | 5 votes |
|
static void check(boolean showBeMissing) throws Exception {
KeyTab kt = KeyTab.getInstance(NAME);
if (kt.isMissing() != showBeMissing) {
throw new Exception("isMissing is not " + showBeMissing);
}
Field f = KeyTab.class.getDeclaredField("kt_vno");
f.setAccessible(true);
if (f.getInt(kt) != KeyTabConstants.KRB5_KT_VNO) {
throw new Exception("kt_vno is " + f.getInt(kt));
}
}
Example 16
| Source File: EncryptionKey.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains all versions of the secret key of the principal from a
* keytab.
*
* @param princ the principal whose secret key is desired
* @param keytab the path to the keytab file. A value of null
* will be accepted to indicate that the default path should be
* searched.
* @return an array of secret keys or null if none were found.
*/
public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
String keytab) {
if (princ == null)
throw new IllegalArgumentException(
"Cannot have null pricipal name to look in keytab.");
// KeyTab getInstance(keytab) will call KeyTab.getInstance()
// if keytab is null
KeyTab ktab = KeyTab.getInstance(keytab);
return ktab.readServiceKeys(princ);
}
Example 17
| Source File: FileKeyTab.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
static void check(String file) throws Exception {
System.out.println("Checking for " + file + "...");
KeyTab kt2 = KeyTab.getInstance(file);
if (kt2.isMissing()) {
throw new Exception("FILE:ktab cannot be loaded");
}
}
Example 18
| Source File: W83.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
W83 x = new W83();
// Cannot use OneKDC. kinit command cannot resolve
// hostname kdc.rabbit.hole
KDC kdc = new KDC(OneKDC.REALM, "127.0.0.1", 0, true);
kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
Config.refresh();
kdc.writeKtab(OneKDC.KTAB);
KeyTab ktab = KeyTab.getInstance(OneKDC.KTAB);
for (int etype: EType.getBuiltInDefaults()) {
if (etype != EncryptedData.ETYPE_ARCFOUR_HMAC) {
ktab.deleteEntries(new PrincipalName(OneKDC.USER), etype, -1);
}
}
ktab.save();
if (System.getProperty("6932525") != null) {
// For 6932525 and 6951366, make sure the etypes sent in 2nd AS-REQ
// is not restricted to that of preauth
kdc.setOption(KDC.Option.ONLY_RC4_TGT, true);
}
if (System.getProperty("6959292") != null) {
// For 6959292, make sure that when etype for enc-part in 2nd AS-REQ
// is different from that of preauth, client can still decrypt it
kdc.setOption(KDC.Option.RC4_FIRST_PREAUTH, true);
}
x.go();
}
Example 19
| Source File: KtabZero.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
static void check(boolean showBeMissing) throws Exception {
KeyTab kt = KeyTab.getInstance(NAME);
if (kt.isMissing() != showBeMissing) {
throw new Exception("isMissing is not " + showBeMissing);
}
Field f = KeyTab.class.getDeclaredField("kt_vno");
f.setAccessible(true);
if (f.getInt(kt) != KeyTabConstants.KRB5_KT_VNO) {
throw new Exception("kt_vno is " + f.getInt(kt));
}
}
Example 20
| Source File: EncryptionKey.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Obtains all versions of the secret key of the principal from a
* keytab.
*
* @Param princ the principal whose secret key is desired
* @param keytab the path to the keytab file. A value of null
* will be accepted to indicate that the default path should be
* searched.
* @returns an array of secret keys or null if none were found.
*/
public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
String keytab) {
if (princ == null)
throw new IllegalArgumentException(
"Cannot have null pricipal name to look in keytab.");
// KeyTab getInstance(keytab) will call KeyTab.getInstance()
// if keytab is null
KeyTab ktab = KeyTab.getInstance(keytab);
return ktab.readServiceKeys(princ);
}
