private Authenticator makeAuthenticator() throws KrbException { Authenticator authenticator = new Authenticator(); authenticator.setAuthenticatorVno(5); authenticator.setCname(clientPrincipal); authenticator.setCrealm(sgtTicket.getRealm()); long millis = System.currentTimeMillis(); int usec = (int) (millis % 1000) * 1000; millis -= millis % 1000; authenticator.setCtime(new KerberosTime(millis)); authenticator.setCusec(usec); if (flags.contains(ApOption.USE_SESSION_KEY)) { authenticator.setSubKey(sgtTicket.getSessionKey()); } return authenticator; }
private Authenticator makeAuthenticator() throws KrbException { Authenticator authenticator = new Authenticator(); authenticator.setAuthenticatorVno(5); authenticator.setCname(clientPrincipal); authenticator.setCrealm(sgtTicket.getRealm()); long millis = System.currentTimeMillis(); int usec = (int) (millis % 1000) * 1000; millis -= millis % 1000; authenticator.setCtime(new KerberosTime(millis)); authenticator.setCusec(usec); if (flags.contains(ApOption.USE_SESSION_KEY)) { authenticator.setSubKey(sgtTicket.getSessionKey()); } return authenticator; }
private Authenticator makeAuthenticator() throws KrbException { Authenticator authenticator = new Authenticator(); authenticator.setAuthenticatorVno(5); authenticator.setCname(clientPrincipal); authenticator.setCrealm(sgtTicket.getRealm()); long millis = System.currentTimeMillis(); int usec = (int) (millis % 1000) * 1000; millis -= millis % 1000; authenticator.setCtime(new KerberosTime(millis)); authenticator.setCusec(usec); if (flags.contains(ApOption.USE_SESSION_KEY)) { authenticator.setSubKey(sgtTicket.getSessionKey()); } return authenticator; }
private ApReq makeApReq() throws KrbException { ApReq apReq = new ApReq(); Authenticator authenticator = makeAuthenticator(); EncryptionKey sessionKey = sgtTicket.getSessionKey(); EncryptedData authData = EncryptionUtil.seal(authenticator, sessionKey, KeyUsage.AP_REQ_AUTH); apReq.setEncryptedAuthenticator(authData); apReq.setAuthenticator(authenticator); apReq.setTicket(sgtTicket.getTicket()); ApOptions apOptions = new ApOptions(); for (ApOption flag : flags) { apOptions.setFlag(flag); } apReq.setApOptions(apOptions); return apReq; }
private ApReq makeApReq() throws KrbException { ApReq apReq = new ApReq(); Authenticator authenticator = makeAuthenticator(); EncryptionKey sessionKey = sgtTicket.getSessionKey(); EncryptedData authData = EncryptionUtil.seal(authenticator, sessionKey, KeyUsage.AP_REQ_AUTH); apReq.setEncryptedAuthenticator(authData); apReq.setAuthenticator(authenticator); apReq.setTicket(sgtTicket.getTicket()); ApOptions apOptions = new ApOptions(); for (ApOption flag : flags) { apOptions.setFlag(flag); } apReq.setApOptions(apOptions); return apReq; }
private ApReq makeApReq() throws KrbException { ApReq apReq = new ApReq(); Authenticator authenticator = makeAuthenticator(); EncryptionKey sessionKey = sgtTicket.getSessionKey(); EncryptedData authData = EncryptionUtil.seal(authenticator, sessionKey, KeyUsage.AP_REQ_AUTH); apReq.setEncryptedAuthenticator(authData); apReq.setAuthenticator(authenticator); apReq.setTicket(sgtTicket.getTicket()); ApOptions apOptions = new ApOptions(); for (ApOption flag : flags) { apOptions.setFlag(flag); } apReq.setApOptions(apOptions); return apReq; }
this.key = sgt.getSessionKey();
private void setupInitiatorContext(SgtTicket sgt, ApRequest apRequest) throws GSSException { EncKdcRepPart encKdcRepPart = sgt.getEncKdcRepPart(); TicketFlags ticketFlags = encKdcRepPart.getFlags(); setTicketFlags(ticketFlags); setAuthTime(encKdcRepPart.getAuthTime().toString()); Authenticator auth; try { auth = apRequest.getApReq().getAuthenticator(); } catch (KrbException e) { throw new GSSException(GSSException.FAILURE, -1, "ApReq failed in Initiator"); } setMySequenceNumber(auth.getSeqNumber()); EncryptionKey subKey = auth.getSubKey(); if (subKey != null) { setSessionKey(subKey, GssContext.INITIATOR_SUBKEY); } else { setSessionKey(sgt.getSessionKey(), GssContext.SESSION_KEY); } if (!getMutualAuthState()) { setPeerSequenceNumber(0); } }