/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
*
* (C) Copyright IBM Corp. 1999 All Rights Reserved.
* Copyright 1997 The Open Group Research Institute. All rights reserved.
*/
/**
* This class encapsulates a Kerberos principal.
*/
public class PrincipalName
implements Cloneable {
//name types
/**
* Name type not known
*/
/**
* Just the name of the principal as in DCE, or for users
*/
/**
* Service and other unique instance (krbtgt)
*/
/**
* Service with host name as instance (telnet, rcommands)
*/
/**
* Service with host as remaining components
*/
/**
* Unique ID
*/
/**
* TGS Name
*/
private int nameType;
// Note: the nameRealm is not included in the default ASN.1 encoding
// cached salt, might be changed by KDC info, not used in clone
protected PrincipalName() {
}
throws IllegalArgumentException, IOException {
throw new IllegalArgumentException("Null input not allowed");
}
}
this(nameParts, KRB_NT_UNKNOWN);
}
try {
// Re-assign mutable fields
if (nameStrings != null) {
}
}
return pName;
} catch (CloneNotSupportedException ex) {
throw new AssertionError("Should never happen");
}
}
/*
* Added to workaround a bug where the equals method that takes a
* PrincipalName is not being called but Object.equals(Object) is
* being called.
*/
if (o instanceof PrincipalName)
return equals((PrincipalName)o);
else
return false;
}
if (!equalsWithoutRealm(other)) {
return false;
}
return false;
}
return false;
}
}
return true;
}
return false;
return false;
return false;
}
return true;
}
/**
* Returns the ASN.1 encoding of the
* <xmp>
* PrincipalName ::= SEQUENCE {
* name-type [0] Int32,
* name-string [1] SEQUENCE OF KerberosString
* }
*
* KerberosString ::= GeneralString (IA5String)
* </xmp>
*
* <p>
* This definition reflects the Network Working Group RFC 4120
* specification available at
* <a href="http://www.ietf.org/rfc/rfc4120.txt">
*
* @param encoding a Der-encoded data.
* @exception Asn1Exception if an error occurs while decoding
* an ASN1 encoded data.
* @exception Asn1Exception if there is an ASN1 encoding error
* @exception IOException if an I/O error occurs
* @exception IllegalArgumentException if encoding is null
* reading encoded data.
*
*/
throws Asn1Exception, IOException {
throw new IllegalArgumentException("Null input not allowed");
}
}
} else {
}
}
}
if (v.size() > 0) {
v.copyInto(nameStrings);
} else {
}
} else {
}
}
/**
* Parse (unmarshal) a <code>PrincipalName</code> from a DER
* input stream. This form
* parsing might be used when expanding a value which is part of
* a constructed sequence and uses explicitly tagged type.
*
* @exception Asn1Exception on error.
* @param data the Der input stream value, which contains one or
* more marshaled value.
* @param explicitTag tag number.
* @param optional indicate if this data field is optional
* @return an instance of <code>PrincipalName</code>.
*
*/
byte explicitTag, boolean
throws Asn1Exception, IOException {
return null;
else {
return new PrincipalName(subDer);
}
}
// This is protected because the definition of a principal
// string is fixed
// XXX Error checkin consistent with MIT krb5_parse_name
// Code repetition, realm parsed again by class Realm
int i = 0;
int componentStart = 0;
/*
* If this separator is escaped then don't treat it
* as a separator
*/
continue;
}
else {
if (componentStart < i) {
}
componentStart = i + 1;
}
} else
/*
* If this separator is escaped then don't treat it
* as a separator
*/
continue;
} else {
if (componentStart < i) {
}
componentStart = i + 1;
break;
}
}
i++;
}
if (componentStart < i) {
}
return result;
}
throws RealmException {
throw new IllegalArgumentException("Null name not allowed");
}
if (realmString == null) {
try {
} catch (KrbException e) {
new RealmException(e.getMessage());
throw re;
}
}
if (realmString != null)
switch (type) {
case KRB_NT_SRV_HST:
try {
// RFC4120 does not recommend canonicalizing a hostname.
// However, for compatibility reason, we will try
// canonicalize it and see if the output looks better.
// Looks if canonicalized is a longer format of hostName,
// we accept cases like
// bunny -> bunny.rabbit.hole
if (canonicalized.toLowerCase()
}
} catch (UnknownHostException e) {
// no canonicalization, use old
}
}
// We will try to get realm name from the mapping in
// the configuration. If it is not specified
// we will use the default realm. This nametype does
// not allow a realm to be specified. The name string must of
// the form service@host and this is internally changed into
} else {
}
break;
case KRB_NT_UNKNOWN:
case KRB_NT_PRINCIPAL:
case KRB_NT_SRV_INST:
case KRB_NT_SRV_XHST:
case KRB_NT_UID:
break;
default:
throw new IllegalArgumentException("Illegal name type");
}
}
this(name, KRB_NT_UNKNOWN);
}
this(name, KRB_NT_UNKNOWN);
}
return getRealmString();
}
}
public int hashCode() {
}
return toString();
}
public int getNameType() {
return nameType;
}
return nameStrings.clone();
}
public byte[][] toByteArray() {
}
return result;
}
return null;
}
return nameRealm;
}
}
}
}
}
}
return salt;
}
if (i > 0)
}
}
}
if (i > 0)
}
}
/**
* Encodes a <code>PrincipalName</code> object.
* @return the byte array of the encoded PrncipalName object.
* @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
* @exception IOException if an I/O error occurs while reading encoded data.
*
*/
temp = new DerOutputStream();
}
temp = new DerOutputStream();
return temp.toByteArray();
}
/**
* Checks if two <code>PrincipalName</code> objects have identical values in their corresponding data fields.
*
* @param pname the other <code>PrincipalName</code> object.
* @return true if two have identical values, otherwise, return false.
*/
// It is used in <code>sun.security.krb5.internal.ccache</code> package.
boolean matched = true;
//name type is just a hint, no two names can be the same ignoring name type.
// if (this.nameType != pname.nameType) {
// matched = false;
// }
matched = false;
}
}
matched = false;
} else {
matched = false;
}
}
}
return matched;
}
/**
* Writes data field values of <code>PrincipalName</code> in FCC format to an output stream.
*
* @param cos a <code>CCacheOutputStream</code> for writing data.
* @exception IOException if an I/O exception occurs.
* @see sun.security.krb5.internal.ccache.CCacheOutputStream
*/
byte[] realmBytes = null;
}
}
}
/**
* Creates a KRB_NT_SRV_INST name from the supplied
* name components and realm.
* @param primary the primary component of the name
* @param instance the instance component of the name
* @param realm the realm
* @throws KrbException
*/
int type)
throws KrbException {
if (type != KRB_NT_SRV_INST) {
}
this.nameStrings = nParts;
}
/**
* Returns the instance component of a name.
* In a multi-component name such as a KRB_NT_SRV_INST
* name, the second component is returned.
* Null is returned if there are not two or more
* components in the name.
* @returns instance component of a multi-component name.
*/
{
{
}
return null;
}
try {
return result;
else {
if ((name.charAt(i) == '.') && (i != name.length() - 1)) { //mapping could be .ibm.com = AUSTIN.IBM.COM
break;
}
else {
break;
}
}
}
}
}
} catch (KrbException e) {
}
return result;
}
}