< prev index next >

src/java.security.jgss/share/classes/sun/security/krb5/internal/Krb5.java

Print this page


   1 /*
   2  * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  55     public static final int AP_OPTS_RESERVED        = 0;
  56     public static final int AP_OPTS_USE_SESSION_KEY = 1;
  57     public static final int AP_OPTS_MUTUAL_REQUIRED = 2;
  58     public static final int AP_OPTS_MAX             = 31;
  59 
  60     //Ticket Flags
  61 
  62     public static final int TKT_OPTS_RESERVED     = 0;
  63     public static final int TKT_OPTS_FORWARDABLE  = 1;
  64     public static final int TKT_OPTS_FORWARDED    = 2;
  65     public static final int TKT_OPTS_PROXIABLE    = 3;
  66     public static final int TKT_OPTS_PROXY        = 4;
  67     public static final int TKT_OPTS_MAY_POSTDATE = 5;
  68     public static final int TKT_OPTS_POSTDATED    = 6;
  69     public static final int TKT_OPTS_INVALID      = 7;
  70     public static final int TKT_OPTS_RENEWABLE    = 8;
  71     public static final int TKT_OPTS_INITIAL      = 9;
  72     public static final int TKT_OPTS_PRE_AUTHENT  = 10;
  73     public static final int TKT_OPTS_HW_AUTHENT   = 11;
  74     public static final int TKT_OPTS_DELEGATE     = 13;
  75     public static final int TKT_OPTS_ENC_PA_REP   = 15;
  76     public static final int TKT_OPTS_MAX          = 31;
  77 
  78     // KDC Options
  79     // (option values defined in KDCOptions.java)
  80     public static final int KDC_OPTS_MAX          = 31;
  81 
  82     // KerberosFlags
  83     public static final int KRB_FLAGS_MAX         = 31;
  84 
  85     //Last Request types
  86 
  87     public static final int LRTYPE_NONE                 = 0;
  88     public static final int LRTYPE_TIME_OF_INITIAL_TGT  = 1;
  89     public static final int LRTYPE_TIME_OF_INITIAL_REQ  = 2;
  90     public static final int LRTYPE_TIME_OF_NEWEST_TGT   = 3;
  91     public static final int LRTYPE_TIME_OF_LAST_RENEWAL = 4;
  92     public static final int LRTYPE_TIME_OF_LAST_REQ     = 5;
  93 
  94     //Host address lengths
  95 


 149 
 150     public static final int KEYTYPE_DES3 = 2;
 151     public static final int KEYTYPE_AES  = 3;
 152     public static final int KEYTYPE_ARCFOUR_HMAC = 4;
 153 
 154 
 155     //----------------------------------------+-----------------
 156     //                      padata type       |padata-type value
 157     //----------------------------------------+-----------------
 158     public static final int PA_TGS_REQ       = 1;
 159     public static final int PA_ENC_TIMESTAMP = 2;
 160     public static final int PA_PW_SALT       = 3;
 161 
 162     // new preauth types
 163     public static final int PA_ETYPE_INFO    = 11;
 164     public static final int PA_ETYPE_INFO2   = 19;
 165 
 166     // S4U2user info
 167     public static final int PA_FOR_USER      = 129;
 168 
 169     // FAST (RFC 6806)
 170     public static final int PA_REQ_ENC_PA_REP = 149;
 171 
 172     //-------------------------------+-------------
 173     //authorization data type        |ad-type value
 174     //-------------------------------+-------------
 175     //reserved values                 0-63
 176     public static final int OSF_DCE = 64;
 177     public static final int SESAME  = 65;
 178 
 179     //----------------------------------------------+-----------------
 180     //alternate authentication type                 |method-type value
 181     //----------------------------------------------+-----------------
 182     //                      reserved values          0-63
 183     public static final int ATT_CHALLENGE_RESPONSE = 64;
 184 
 185     //--------------------------------------------+-------------
 186     //transited encoding type                     |tr-type value
 187     //--------------------------------------------+-------------
 188     public static final int DOMAIN_X500_COMPRESS = 1;
 189     //                      reserved values        all others
 190 
 191     //----------------------------+-------+-----------------------------------------


 254     public static final int KRB_AP_ERR_TKT_NYV           = 33;   //Ticket not yet valid
 255     public static final int KRB_AP_ERR_REPEAT            = 34;   //Request is a replay
 256     public static final int KRB_AP_ERR_NOT_US            = 35;   //The ticket isn't for us
 257     public static final int KRB_AP_ERR_BADMATCH          = 36;   //Ticket and authenticator don't match
 258     public static final int KRB_AP_ERR_SKEW              = 37;   //Clock skew too great
 259     public static final int KRB_AP_ERR_BADADDR           = 38;   //Incorrect net address
 260     public static final int KRB_AP_ERR_BADVERSION        = 39;   //Protocol version mismatch
 261     public static final int KRB_AP_ERR_MSG_TYPE          = 40;   //Invalid msg type
 262     public static final int KRB_AP_ERR_MODIFIED          = 41;   //Message stream modified
 263     public static final int KRB_AP_ERR_BADORDER          = 42;   //Message out of order
 264     public static final int KRB_AP_ERR_BADKEYVER         = 44;   //Specified version of key is not available
 265     public static final int KRB_AP_ERR_NOKEY             = 45;   //Service key not available
 266     public static final int KRB_AP_ERR_MUT_FAIL          = 46;   //Mutual authentication failed
 267     public static final int KRB_AP_ERR_BADDIRECTION      = 47;   //Incorrect message direction
 268     public static final int KRB_AP_ERR_METHOD            = 48;   //Alternative authentication method required
 269     public static final int KRB_AP_ERR_BADSEQ            = 49;   //Incorrect sequence number in message
 270     public static final int KRB_AP_ERR_INAPP_CKSUM       = 50;   //Inappropriate type of checksum in message
 271     public static final int KRB_ERR_RESPONSE_TOO_BIG     = 52;   //Response too big for UDP, retry with TCP
 272     public static final int KRB_ERR_GENERIC              = 60;   //Generic error (description in e-text)
 273     public static final int KRB_ERR_FIELD_TOOLONG        = 61;   //Field is too long for this implementation
 274     public static final int KRB_ERR_WRONG_REALM          = 68;   //Wrong realm
 275     public static final int KRB_CRYPTO_NOT_SUPPORT      = 100;    //Client does not support this crypto type
 276     public static final int KRB_AP_ERR_NOREALM          = 62;
 277     public static final int KRB_AP_ERR_GEN_CRED         = 63;
 278     //  public static final int KRB_AP_ERR_CKSUM_NOKEY          =101;    //Lack of the key to generate the checksum
 279     // error codes specific to this implementation
 280     public static final int KRB_AP_ERR_REQ_OPTIONS = 101; //Invalid TGS_REQ
 281     public static final int API_INVALID_ARG               = 400;  //Invalid argument
 282 
 283     public static final int BITSTRING_SIZE_INVALID        = 500;  //BitString size does not match input byte array
 284     public static final int BITSTRING_INDEX_OUT_OF_BOUNDS = 501;  //BitString bit index does not fall within size
 285     public static final int BITSTRING_BAD_LENGTH          = 502;  //BitString length is wrong for the expected type
 286 
 287     public static final int REALM_ILLCHAR                 = 600;  //Illegal character in realm name; one of: '/', ':', '\0'
 288     public static final int REALM_NULL                    = 601;  //Null realm name
 289 
 290     public static final int ASN1_BAD_TIMEFORMAT           = 900;  //Input not in GeneralizedTime format
 291     public static final int ASN1_MISSING_FIELD            = 901;  //Structure is missing a required field
 292     public static final int ASN1_MISPLACED_FIELD          = 902;  //Unexpected field number
 293     public static final int ASN1_TYPE_MISMATCH            = 903;  //Type numbers are inconsistent
 294     public static final int ASN1_OVERFLOW                 = 904;  //Value too large


   1 /*
   2  * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  55     public static final int AP_OPTS_RESERVED        = 0;
  56     public static final int AP_OPTS_USE_SESSION_KEY = 1;
  57     public static final int AP_OPTS_MUTUAL_REQUIRED = 2;
  58     public static final int AP_OPTS_MAX             = 31;
  59 
  60     //Ticket Flags
  61 
  62     public static final int TKT_OPTS_RESERVED     = 0;
  63     public static final int TKT_OPTS_FORWARDABLE  = 1;
  64     public static final int TKT_OPTS_FORWARDED    = 2;
  65     public static final int TKT_OPTS_PROXIABLE    = 3;
  66     public static final int TKT_OPTS_PROXY        = 4;
  67     public static final int TKT_OPTS_MAY_POSTDATE = 5;
  68     public static final int TKT_OPTS_POSTDATED    = 6;
  69     public static final int TKT_OPTS_INVALID      = 7;
  70     public static final int TKT_OPTS_RENEWABLE    = 8;
  71     public static final int TKT_OPTS_INITIAL      = 9;
  72     public static final int TKT_OPTS_PRE_AUTHENT  = 10;
  73     public static final int TKT_OPTS_HW_AUTHENT   = 11;
  74     public static final int TKT_OPTS_DELEGATE     = 13;

  75     public static final int TKT_OPTS_MAX          = 31;
  76 
  77     // KDC Options
  78     // (option values defined in KDCOptions.java)
  79     public static final int KDC_OPTS_MAX          = 31;
  80 
  81     // KerberosFlags
  82     public static final int KRB_FLAGS_MAX         = 31;
  83 
  84     //Last Request types
  85 
  86     public static final int LRTYPE_NONE                 = 0;
  87     public static final int LRTYPE_TIME_OF_INITIAL_TGT  = 1;
  88     public static final int LRTYPE_TIME_OF_INITIAL_REQ  = 2;
  89     public static final int LRTYPE_TIME_OF_NEWEST_TGT   = 3;
  90     public static final int LRTYPE_TIME_OF_LAST_RENEWAL = 4;
  91     public static final int LRTYPE_TIME_OF_LAST_REQ     = 5;
  92 
  93     //Host address lengths
  94 


 148 
 149     public static final int KEYTYPE_DES3 = 2;
 150     public static final int KEYTYPE_AES  = 3;
 151     public static final int KEYTYPE_ARCFOUR_HMAC = 4;
 152 
 153 
 154     //----------------------------------------+-----------------
 155     //                      padata type       |padata-type value
 156     //----------------------------------------+-----------------
 157     public static final int PA_TGS_REQ       = 1;
 158     public static final int PA_ENC_TIMESTAMP = 2;
 159     public static final int PA_PW_SALT       = 3;
 160 
 161     // new preauth types
 162     public static final int PA_ETYPE_INFO    = 11;
 163     public static final int PA_ETYPE_INFO2   = 19;
 164 
 165     // S4U2user info
 166     public static final int PA_FOR_USER      = 129;
 167 



 168     //-------------------------------+-------------
 169     //authorization data type        |ad-type value
 170     //-------------------------------+-------------
 171     //reserved values                 0-63
 172     public static final int OSF_DCE = 64;
 173     public static final int SESAME  = 65;
 174 
 175     //----------------------------------------------+-----------------
 176     //alternate authentication type                 |method-type value
 177     //----------------------------------------------+-----------------
 178     //                      reserved values          0-63
 179     public static final int ATT_CHALLENGE_RESPONSE = 64;
 180 
 181     //--------------------------------------------+-------------
 182     //transited encoding type                     |tr-type value
 183     //--------------------------------------------+-------------
 184     public static final int DOMAIN_X500_COMPRESS = 1;
 185     //                      reserved values        all others
 186 
 187     //----------------------------+-------+-----------------------------------------


 250     public static final int KRB_AP_ERR_TKT_NYV           = 33;   //Ticket not yet valid
 251     public static final int KRB_AP_ERR_REPEAT            = 34;   //Request is a replay
 252     public static final int KRB_AP_ERR_NOT_US            = 35;   //The ticket isn't for us
 253     public static final int KRB_AP_ERR_BADMATCH          = 36;   //Ticket and authenticator don't match
 254     public static final int KRB_AP_ERR_SKEW              = 37;   //Clock skew too great
 255     public static final int KRB_AP_ERR_BADADDR           = 38;   //Incorrect net address
 256     public static final int KRB_AP_ERR_BADVERSION        = 39;   //Protocol version mismatch
 257     public static final int KRB_AP_ERR_MSG_TYPE          = 40;   //Invalid msg type
 258     public static final int KRB_AP_ERR_MODIFIED          = 41;   //Message stream modified
 259     public static final int KRB_AP_ERR_BADORDER          = 42;   //Message out of order
 260     public static final int KRB_AP_ERR_BADKEYVER         = 44;   //Specified version of key is not available
 261     public static final int KRB_AP_ERR_NOKEY             = 45;   //Service key not available
 262     public static final int KRB_AP_ERR_MUT_FAIL          = 46;   //Mutual authentication failed
 263     public static final int KRB_AP_ERR_BADDIRECTION      = 47;   //Incorrect message direction
 264     public static final int KRB_AP_ERR_METHOD            = 48;   //Alternative authentication method required
 265     public static final int KRB_AP_ERR_BADSEQ            = 49;   //Incorrect sequence number in message
 266     public static final int KRB_AP_ERR_INAPP_CKSUM       = 50;   //Inappropriate type of checksum in message
 267     public static final int KRB_ERR_RESPONSE_TOO_BIG     = 52;   //Response too big for UDP, retry with TCP
 268     public static final int KRB_ERR_GENERIC              = 60;   //Generic error (description in e-text)
 269     public static final int KRB_ERR_FIELD_TOOLONG        = 61;   //Field is too long for this implementation

 270     public static final int KRB_CRYPTO_NOT_SUPPORT      = 100;    //Client does not support this crypto type
 271     public static final int KRB_AP_ERR_NOREALM          = 62;
 272     public static final int KRB_AP_ERR_GEN_CRED         = 63;
 273     //  public static final int KRB_AP_ERR_CKSUM_NOKEY          =101;    //Lack of the key to generate the checksum
 274     // error codes specific to this implementation
 275     public static final int KRB_AP_ERR_REQ_OPTIONS = 101; //Invalid TGS_REQ
 276     public static final int API_INVALID_ARG               = 400;  //Invalid argument
 277 
 278     public static final int BITSTRING_SIZE_INVALID        = 500;  //BitString size does not match input byte array
 279     public static final int BITSTRING_INDEX_OUT_OF_BOUNDS = 501;  //BitString bit index does not fall within size
 280     public static final int BITSTRING_BAD_LENGTH          = 502;  //BitString length is wrong for the expected type
 281 
 282     public static final int REALM_ILLCHAR                 = 600;  //Illegal character in realm name; one of: '/', ':', '\0'
 283     public static final int REALM_NULL                    = 601;  //Null realm name
 284 
 285     public static final int ASN1_BAD_TIMEFORMAT           = 900;  //Input not in GeneralizedTime format
 286     public static final int ASN1_MISSING_FIELD            = 901;  //Structure is missing a required field
 287     public static final int ASN1_MISPLACED_FIELD          = 902;  //Unexpected field number
 288     public static final int ASN1_TYPE_MISMATCH            = 903;  //Type numbers are inconsistent
 289     public static final int ASN1_OVERFLOW                 = 904;  //Value too large


< prev index next >