com.ibm.security.krb5

Class EncryptedData

  1. java.lang.Object
  2. extended bycom.ibm.security.krb5.EncryptedData
All implemented interfaces:
java.lang.Cloneable

  1. public class EncryptedData
  2. extends java.lang.Object
  3. implements java.lang.Cloneable
This class encapsulates Kerberos encrypted data. It allows callers access to both the ASN.1 encoded form of the EncryptedData type as well as the raw cipher text.

Field Summary

Modifier and Type Field and Description
  1. static
  2. int
ETYPE_DES_CBC_CRC
  1. static
  2. int
ETYPE_DES_CBC_MD4
  1. static
  2. int
ETYPE_DES_CBC_MD5
  1. static
  2. int
ETYPE_DES3_CBC_SHA1
  1. static
  2. int
ETYPE_NULL
  1. static
  2. int
KERB_ETYPE_AES_HMAC_SHA1_128
  1. static
  2. int
KERB_ETYPE_AES_HMAC_SHA1_256
  1. static
  2. int
KERB_ETYPE_RC4_HMAC
  1. static
  2. int
KERB_ETYPE_RC4_HMAC_EXP

Constructor Summary

Constructor and Description
EncryptedData(com.ibm.security.util.DerValue encoding)
Constructs an instance of EncryptedData type.
EncryptedData(EncryptionKey key,byte[] plaintext)
EncryptedData(EncryptionKey key,byte[] ivec,byte[] plaintext)
EncryptedData(EncryptionKey key,byte[] plaintext,byte[] iv,int usage)
Encrypts the specified plaintext using the algorithm specified by the key type.
EncryptedData(EncryptionKey key,byte[] plaintext,int usage)
Encrypts the specified plaintext using the algorithm specified by the key type.
EncryptedData(int new_eType,java.lang.Integer new_kvno,byte[] new_cipher)

Method Summary

Modifier and Type Method and Description
  1. byte[]
asn1Encode()
Returns an ASN.1 encoded EncryptedData type.
  1. java.lang.Object
clone()
  1. byte[]
decrypt(EncryptionKey key)
  1. byte[]
decrypt(EncryptionKey key,byte[] ivec)
  1. byte[]
decrypt(EncryptionKey key,int usage)
Deciphers the encrypted text contained in an instance of EncryptedData using the algorithm specified by the key type.
  1. byte[]
decryptedData()
  1. java.lang.String
encTypeToString()
  1. static
  2. java.lang.String
encTypeToString(int enctype)
Converts the specified integer encryption type to string.
  1. byte[]
getBytes()
Returns the raw cipher text bytes, not in ASN.1 encoding.
  1. int
getEType()
  1. java.lang.Integer
getKeyVersionNumber()
  1. boolean
isAES128EncType()
  1. static
  2. boolean
isAES128EncType(int encryptionType)
  1. boolean
isAES256EncType()
  1. static
  2. boolean
isAES256EncType(int encryptionType)
  1. static
  2. boolean
isDes3EncType(int enctype)
  1. boolean
isDesEncType()
  1. static
  2. boolean
isDesEncType(int enctype)
  1. boolean
isRc4HMacEncType()
  1. static
  2. boolean
isRc4HMacEncType(int encryptionType)
  1. boolean
isSupportedEncType()
  1. static
  2. boolean
isSupportedEncType(int encType)
Returns true if the specified encryption type is supported, otherwise it returns false.
  1. static
  2. EncryptedData
parse(com.ibm.security.util.DerInputStream data,byte explicitTag,boolean optional)
Parse (unmarshal) an EncryptedData from a DER input stream.
  1. byte[]
reset(byte[] data,boolean encoded)
Reset data stream after decryption, remove redundant bytes.
  1. static
  2. int
stringToEncType(java.lang.String encTypeString)
Converts the specified encryption type string to its integer representation.
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ETYPE_NULL

  1. public static final int ETYPE_NULL
See Also:

ETYPE_DES_CBC_CRC

  1. public static final int ETYPE_DES_CBC_CRC
See Also:

ETYPE_DES_CBC_MD4

  1. public static final int ETYPE_DES_CBC_MD4
See Also:

ETYPE_DES_CBC_MD5

  1. public static final int ETYPE_DES_CBC_MD5
See Also:

ETYPE_DES3_CBC_SHA1

  1. public static final int ETYPE_DES3_CBC_SHA1
See Also:

KERB_ETYPE_AES_HMAC_SHA1_128

  1. public static final int KERB_ETYPE_AES_HMAC_SHA1_128
See Also:

KERB_ETYPE_AES_HMAC_SHA1_256

  1. public static final int KERB_ETYPE_AES_HMAC_SHA1_256
See Also:

KERB_ETYPE_RC4_HMAC

  1. public static final int KERB_ETYPE_RC4_HMAC
See Also:

KERB_ETYPE_RC4_HMAC_EXP

  1. public static final int KERB_ETYPE_RC4_HMAC_EXP
See Also:

Constructor Detail

EncryptedData

  1. public EncryptedData(int new_eType,
  2. java.lang.Integer new_kvno,
  3. byte[] new_cipher)

EncryptedData

  1. public EncryptedData(EncryptionKey key,
  2. byte[] plaintext)
  3. throws KdcErrException
  4. KrbCryptoException
Throws:

EncryptedData

  1. public EncryptedData(EncryptionKey key,
  2. byte[] plaintext,
  3. int usage)
  4. throws KdcErrException
  5. KrbCryptoException
Encrypts the specified plaintext using the algorithm specified by the key type. The specified key is the base key from which a specific key is derived with the usage as an input. The derived specific key is used for the encryption.
Parameters:
key - the base encryption key
plaintext - the text to be encrypted
usage - the constant to be used as input for key derivation.
Throws:

EncryptedData

  1. public EncryptedData(EncryptionKey key,
  2. byte[] plaintext,
  3. byte[] iv,
  4. int usage)
  5. throws KdcErrException
  6. KrbCryptoException
Encrypts the specified plaintext using the algorithm specified by the key type. The specified key is the base key from which a specific key is derived with the usage as an input. The derived specific key is used for the encryption.
Parameters:
key - the base encryption key
plaintext - the text to be encrypted
iv - initialization vector
usage - the constant to be used as input for key derivation.
Throws:

EncryptedData

  1. public EncryptedData(EncryptionKey key,
  2. byte[] ivec,
  3. byte[] plaintext)
  4. throws KdcErrException
  5. KrbCryptoException
Throws:

EncryptedData

  1. public EncryptedData(com.ibm.security.util.DerValue encoding)
  2. throws Asn1Exception
  3. java.io.IOException
Constructs an instance of EncryptedData type.
Parameters:
encoding - a single DER-encoded value.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

Method Detail

clone

  1. public java.lang.Object clone()
Overrides:
clone in class java.lang.Object

decrypt

  1. public byte[] decrypt(EncryptionKey key)
  2. throws KdcErrException
  3. KrbApErrException
  4. KrbCryptoException
Throws:

decrypt

  1. public byte[] decrypt(EncryptionKey key,
  2. int usage)
  3. throws KdcErrException
  4. KrbApErrException
  5. KrbCryptoException
Deciphers the encrypted text contained in an instance of EncryptedData using the algorithm specified by the key type. The specified key is the base key from which a specific key is derived with the usage as an input. The derived specific key is used for the encryption.
Parameters:
key - the base encryption key
usage - the constant to be used as input for key derivation.
Throws:

decrypt

  1. public byte[] decrypt(EncryptionKey key,
  2. byte[] ivec)
  3. throws KdcErrException
  4. KrbApErrException
  5. KrbCryptoException
Throws:

decryptedData

  1. public byte[] decryptedData()
  2. throws KdcErrException
Throws:

asn1Encode

  1. public byte[] asn1Encode()
  2. throws Asn1Exception
  3. java.io.IOException
Returns an ASN.1 encoded EncryptedData type. EncryptedData ::= SEQUENCE { etype[0] INTEGER, -- EncryptionType kvno[1] INTEGER OPTIONAL, cipher[2] OCTET STRING -- ciphertext }

This definition reflects the Network Working Group RFC 1510 specifications dated September 1993 and available at http://www.ietf.org/rfc/rfc1510.txt.

Returns:
byte array of encoded EncryptedData object.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

parse

  1. public static EncryptedData parse( com.ibm.security.util.DerInputStream data,
  2. byte explicitTag,
  3. boolean optional)
  4. throws Asn1Exception
  5. java.io.IOException
Parse (unmarshal) an EncryptedData from a DER input stream. This form parsing might be used when expanding a value which is part of a constructed sequence and uses explicitly tagged type.
Parameters:
data - the Der input stream value, which contains one or more marshaled value.
explicitTag - tag number.
optional - indicate if this data field is optional
Returns:
an instance of EncryptedData.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

reset

  1. public byte[] reset(byte[] data,
  2. boolean encoded)
Reset data stream after decryption, remove redundant bytes.
Parameters:
data - the decrypted data from decrypt().
encoded - true if the encrypted data is ASN1 encoded data, false if the encrypted data is not ASN1 encoded data.
Returns:
the reset byte array which holds exactly one asn1 datum including its tag and length.

getEType

  1. public int getEType()

getKeyVersionNumber

  1. public java.lang.Integer getKeyVersionNumber( )

getBytes

  1. public byte[] getBytes()
Returns the raw cipher text bytes, not in ASN.1 encoding.

stringToEncType

  1. public static int stringToEncType( java.lang.String encTypeString)
  2. throws java.lang.Exception
Converts the specified encryption type string to its integer representation. Throws exception if the input is null or is not a valid encryption type.
Throws:
java.lang.Exception

isSupportedEncType

  1. public boolean isSupportedEncType( )

isSupportedEncType

  1. public static boolean isSupportedEncType( int encType)
Returns true if the specified encryption type is supported, otherwise it returns false.

encTypeToString

  1. public java.lang.String encTypeToString( )

encTypeToString

  1. public static java.lang.String encTypeToString( int enctype)
Converts the specified integer encryption type to string.

isDesEncType

  1. public boolean isDesEncType()

isDes3EncType

  1. public static boolean isDes3EncType( int enctype)

isDesEncType

  1. public static boolean isDesEncType( int enctype)

isRc4HMacEncType

  1. public boolean isRc4HMacEncType( )

isRc4HMacEncType

  1. public static boolean isRc4HMacEncType( int encryptionType)

isAES128EncType

  1. public boolean isAES128EncType( )

isAES128EncType

  1. public static boolean isAES128EncType( int encryptionType)

isAES256EncType

  1. public boolean isAES256EncType( )

isAES256EncType

  1. public static boolean isAES256EncType( int encryptionType)