com.ibm.security.krb5

Class Checksum

  1. java.lang.Object
  2. extended bycom.ibm.security.krb5.Checksum

  1. public class Checksum
  2. extends java.lang.Object
This class encapsulates the concept of a Kerberos checksum.

Field Summary

Modifier and Type Field and Description
  1. static
  2. int
CKSUMTYPE_CRC32
  1. static
  2. int
CKSUMTYPE_DEFAULT
The default checksum type.
  1. static
  2. int
CKSUMTYPE_DES_MAC
  1. static
  2. int
CKSUMTYPE_DES_MAC_K
  1. static
  2. int
CKSUMTYPE_HMAC_MD5
Checksum type used in the RC4-HMAC encryption system.
  1. static
  2. int
CKSUMTYPE_HMAC_SHA1_96_AES128
  1. static
  2. int
CKSUMTYPE_HMAC_SHA1_96_AES256
  1. static
  2. int
CKSUMTYPE_HMAC_SHA1_DES3
  1. static
  2. int
CKSUMTYPE_NULL
  1. static
  2. int
CKSUMTYPE_RSA_MD4
  1. static
  2. int
CKSUMTYPE_RSA_MD4_DES
  1. static
  2. int
CKSUMTYPE_RSA_MD4_DES_K
  1. static
  2. int
CKSUMTYPE_RSA_MD5
  1. static
  2. int
CKSUMTYPE_RSA_MD5_DES
  1. static
  2. int
SAFECKSUMTYPE_DEFAULT
The default safe checksum type.

Constructor Summary

Constructor and Description
Checksum(byte[] data,int new_cksumType)
Constructs a new Checksum using the raw data and type.
Checksum(com.ibm.security.util.DerValue encoding)
Constructs an instance of Checksum from an ASN.1 encoded representation.
Checksum(int new_cksumType,byte[] data)
Constructs a new Checksum by calculating the checksum over the data using specified checksum type.
Checksum(int new_cksumType,byte[] data,EncryptionKey key)
Constructs a new Checksum by calculating the keyed checksum over the data using specified checksum type.
Checksum(int cksumType,byte[] data,EncryptionKey key,int usage)
Creates a new HMAC MD5 or SHA1 checksum calculated over the specified data using the specified key and message type.

Method Summary

Modifier and Type Method and Description
  1. byte[]
asn1Encode()
Encodes a Checksum object.
  1. static
  2. java.lang.String
checksumTypeToString(int type)
Returns a string representation of the specified checksum type.
  1. byte[]
getBytes()
Returns the raw bytes of the checksum, not in ASN.1 encoded form.
  1. static
  2. int[]
getSupportedTypes()
  1. int
getType()
  1. boolean
isCollisionProofType()
  1. static
  2. boolean
isCollisionProofType(int type)
  1. boolean
isEqual(Checksum cksum)
  1. boolean
isSafeType()
  1. static
  2. boolean
isSafeType(int type)
  1. static
  2. boolean
isSupportedType(int type)
  1. static
  2. boolean
isValidType(int type)
  1. static
  2. Checksum
parse(com.ibm.security.util.DerInputStream data,byte explicitTag,boolean optional)
Parse (unmarshal) a checksum object from a DER input stream.
  1. static
  2. int
stringToChecksumType(java.lang.String checksumTypeString)
Converts the specified checksum type string to its integer representation.
  1. boolean
verifyKeyedChecksum(byte[] data,EncryptionKey key)
Verifies the keyed checksum over the data passed in.
  1. boolean
verifyKeyedChecksum(byte[] data,EncryptionKey key,int usage)
Verifies the RC4 HMAC and DES3 keyed checksum over the data passed in.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CKSUMTYPE_NULL

  1. public static final int CKSUMTYPE_NULL
See Also:

CKSUMTYPE_CRC32

  1. public static final int CKSUMTYPE_CRC32
See Also:

CKSUMTYPE_RSA_MD4

  1. public static final int CKSUMTYPE_RSA_MD4
See Also:

CKSUMTYPE_RSA_MD4_DES

  1. public static final int CKSUMTYPE_RSA_MD4_DES
See Also:

CKSUMTYPE_DES_MAC

  1. public static final int CKSUMTYPE_DES_MAC
See Also:

CKSUMTYPE_DES_MAC_K

  1. public static final int CKSUMTYPE_DES_MAC_K
See Also:

CKSUMTYPE_RSA_MD4_DES_K

  1. public static final int CKSUMTYPE_RSA_MD4_DES_K
See Also:

CKSUMTYPE_RSA_MD5

  1. public static final int CKSUMTYPE_RSA_MD5
See Also:

CKSUMTYPE_RSA_MD5_DES

  1. public static final int CKSUMTYPE_RSA_MD5_DES
See Also:

CKSUMTYPE_HMAC_SHA1_DES3

  1. public static final int CKSUMTYPE_HMAC_SHA1_DES3
See Also:

CKSUMTYPE_HMAC_SHA1_96_AES128

  1. public static final int CKSUMTYPE_HMAC_SHA1_96_AES128
See Also:

CKSUMTYPE_HMAC_SHA1_96_AES256

  1. public static final int CKSUMTYPE_HMAC_SHA1_96_AES256
See Also:

CKSUMTYPE_HMAC_MD5

  1. public static final int CKSUMTYPE_HMAC_MD5
Checksum type used in the RC4-HMAC encryption system.
See Also:

CKSUMTYPE_DEFAULT

  1. public static int CKSUMTYPE_DEFAULT
The default checksum type. It is read from the default_checksum entry in the Kerberos configuration file. If the entry cannot be read or an error occurs when reading it, the default checksum type is set to CHECKSUMTYPE_RSA_MD5.

SAFECKSUMTYPE_DEFAULT

  1. public static int SAFECKSUMTYPE_DEFAULT
The default safe checksum type. It is read from the default_safe_checksum entry in the Kerberos configuration file. If the entry cannot be read or an error occurs when reading it, the default checksum type is set to CHECKSUMTYPE_RSA_MD5_DES.

Constructor Detail

Checksum

  1. public Checksum(byte[] data,
  2. int new_cksumType)
Constructs a new Checksum using the raw data and type.

Checksum

  1. public Checksum(int new_cksumType,
  2. byte[] data)
  3. throws KdcErrException
  4. KrbCryptoException
Constructs a new Checksum by calculating the checksum over the data using specified checksum type.
Throws:

Checksum

  1. public Checksum(int new_cksumType,
  2. byte[] data,
  3. EncryptionKey key)
  4. throws KdcErrException
  5. KrbApErrException
  6. KrbCryptoException
Constructs a new Checksum by calculating the keyed checksum over the data using specified checksum type.
Throws:

Checksum

  1. public Checksum(int cksumType,
  2. byte[] data,
  3. EncryptionKey key,
  4. int usage)
  5. throws KdcErrException
  6. KrbApErrException
  7. KrbCryptoException
Creates a new HMAC MD5 or SHA1 checksum calculated over the specified data using the specified key and message type.
Parameters:
key - the encryption key.
usage - the key derivation message type/usage constant.
data - the data over which the checksum is to be calculated.
Throws:

Checksum

  1. public Checksum(com.ibm.security.util.DerValue encoding)
  2. throws Asn1Exception
  3. java.io.IOException
Constructs an instance of Checksum from an ASN.1 encoded representation.
Parameters:
encoding - a single DER-encoded value.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

Method Detail

verifyKeyedChecksum

  1. public boolean verifyKeyedChecksum( byte[] data,
  2. EncryptionKey key)
  3. throws KdcErrException
  4. KrbApErrException
  5. KrbCryptoException
Verifies the keyed checksum over the data passed in.
Throws:

verifyKeyedChecksum

  1. public boolean verifyKeyedChecksum( byte[] data,
  2. EncryptionKey key,
  3. int usage)
  4. throws KdcErrException
  5. KrbApErrException
  6. KrbCryptoException
Verifies the RC4 HMAC and DES3 keyed checksum over the data passed in.
Throws:

isEqual

  1. public boolean isEqual(Checksum cksum)
  2. throws KdcErrException
Throws:

asn1Encode

  1. public byte[] asn1Encode()
  2. throws Asn1Exception
  3. java.io.IOException
Encodes a Checksum object. Checksum ::= SEQUENCE { cksumtype[0] INTEGER, checksum[1] OCTET STRING }

This definition reflects the Network Working Group RFC 1510 specifications dated September 1993 and available at http://www.ietf.org/rfc/rfc1510.txt.

Returns:
byte array of enocded Checksum.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

parse

  1. public static Checksum parse(com.ibm.security.util.DerInputStream data,
  2. byte explicitTag,
  3. boolean optional)
  4. throws Asn1Exception
  5. java.io.IOException
Parse (unmarshal) a checksum object from a DER input stream. This form parsing might be used when expanding a value which is part of a constructed sequence and uses explicitly tagged type.
Parameters:
data - the Der input stream value, which contains one or more marshaled value.
explicitTag - tag number.
optional - indicates if this data field is optional
Returns:
an instance of Checksum.
Throws:
Asn1Exception - if an error occurs while decoding an ASN1 encoded data.
java.io.IOException - if an I/O error occurs while reading encoded data.

getBytes

  1. public final byte[] getBytes()
Returns the raw bytes of the checksum, not in ASN.1 encoded form.

getType

  1. public final int getType()

isSupportedType

  1. public static boolean isSupportedType( int type)

isValidType

  1. public static boolean isValidType( int type)

isCollisionProofType

  1. public boolean isCollisionProofType( )

isCollisionProofType

  1. public static boolean isCollisionProofType( int type)

getSupportedTypes

  1. public static int[] getSupportedTypes( )

isSafeType

  1. public boolean isSafeType()

isSafeType

  1. public static boolean isSafeType( int type)

stringToChecksumType

  1. public static int stringToChecksumType( java.lang.String checksumTypeString)
  2. throws java.lang.Exception
Converts the specified checksum type string to its integer representation. Throws exception if the input is null or is not a valid checksum type.
Throws:
java.lang.Exception

checksumTypeToString

  1. public static java.lang.String checksumTypeToString( int type)
Returns a string representation of the specified checksum type. For recognized types, the string returned is one of those used in kerberos configuration and is not internationalized. For an unrecognixed type, an internationalized error message is returned.