javax.security.auth.kerberos
public class: KerberosKey [javadoc |
source]
java.lang.Object
javax.security.auth.kerberos.KerberosKey
All Implemented Interfaces:
Destroyable, SecretKey
This class encapsulates a long term secret key for a Kerberos
principal.
All Kerberos JAAS login modules that obtain a principal's password and
generate the secret key from it should use this class.
Sometimes, such as when authenticating a server in
the absence of user-to-user authentication, the login module will store
an instance of this class in the private credential set of a
Subject during the commit phase of the
authentication process.
A Kerberos service using a keytab to read secret keys should use
the KeyTab class, where latest keys can be read when needed.
It might be necessary for the application to be granted a
PrivateCredentialPermission if it needs to access the KerberosKey
instance from a Subject. This permission is not needed when the
application depends on the default JGSS Kerberos mechanism to access the
KerberosKey. In that case, however, the application will need an
appropriate
ServicePermission .
- author:
Mayank - Upadhyay
- since:
1.4 -
| Constructor: |
|---|
 public KerberosKey(KerberosPrincipal principal,
char[] password,
String algorithm) {
this.principal = principal;
// Pass principal in for salt
key = new KeyImpl(principal, password, algorithm);
}
Constructs a KerberosKey from a principal's password. Parameters:
principal - the principal that this password belongs to
password - the password that should be used to compute the key
algorithm - the name for the algorithm that this key will be
used for. This parameter may be null in which case the default
algorithm "DES" will be assumed.
IllegalArgumentException - if the name of the
algorithm passed is unsupported.
|
public KerberosKey(KerberosPrincipal principal,
byte[] keyBytes,
int keyType,
int versionNum) {
this.principal = principal;
this.versionNum = versionNum;
key = new KeyImpl(keyBytes, keyType);
} Constructs a KerberosKey from the given bytes when the key type and
key version number are known. This can be used when reading the secret
key information from a Kerberos "keytab". Parameters:
principal - the principal that this secret key belongs to
keyBytes - the raw bytes for the secret key
keyType - the key type for the secret key as defined by the
Kerberos protocol specification.
versionNum - the version number of this secret key
|
| Method from javax.security.auth.kerberos.KerberosKey Summary: |
|---|
|
destroy, equals, getAlgorithm, getEncoded, getFormat, getKeyType, getPrincipal, getVersionNumber, hashCode, isDestroyed, toString |
| Methods from java.lang.Object: |
|---|
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method from javax.security.auth.kerberos.KerberosKey Detail: |
|---|
public void destroy() throws DestroyFailedException {
if (!destroyed) {
key.destroy();
principal = null;
destroyed = true;
}
} Destroys this key. A call to any of its other methods after this
will cause an IllegalStateException to be thrown. |
public boolean equals(Object other) {
if (other == this)
return true;
if (! (other instanceof KerberosKey)) {
return false;
}
KerberosKey otherKey = ((KerberosKey) other);
if (isDestroyed() || otherKey.isDestroyed()) {
return false;
}
if (versionNum != otherKey.getVersionNumber() ||
getKeyType() != otherKey.getKeyType() ||
!Arrays.equals(getEncoded(), otherKey.getEncoded())) {
return false;
}
if (principal == null) {
if (otherKey.getPrincipal() != null) {
return false;
}
} else {
if (!principal.equals(otherKey.getPrincipal())) {
return false;
}
}
return true;
} Compares the specified Object with this KerberosKey for equality.
Returns true if the given object is also a
KerberosKey and the two
KerberosKey instances are equivalent. |
public final String getAlgorithm() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return key.getAlgorithm();
} |
public final byte[] getEncoded() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return key.getEncoded();
} Returns the key material of this secret key. |
public final String getFormat() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return key.getFormat();
} Returns the name of the encoding format for this secret key. |
public final int getKeyType() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return key.getKeyType();
} Returns the key type for this long-term key. |
public final KerberosPrincipal getPrincipal() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return principal;
} Returns the principal that this key belongs to. |
public final int getVersionNumber() {
if (destroyed)
throw new IllegalStateException("This key is no longer valid");
return versionNum;
} Returns the key version number. |
public int hashCode() {
int result = 17;
if (isDestroyed()) {
return result;
}
result = 37 * result + Arrays.hashCode(getEncoded());
result = 37 * result + getKeyType();
if (principal != null) {
result = 37 * result + principal.hashCode();
}
return result * 37 + versionNum;
} Returns a hashcode for this KerberosKey. |
public boolean isDestroyed() {
return destroyed;
} Determines if this key has been destroyed. |
public String toString() {
if (destroyed) {
return "Destroyed Principal";
}
return "Kerberos Principal " + principal.toString() +
"Key Version " + versionNum +
"key " + key.toString();
} |