| java.lang.Object | |
| ↳ | sun.security.krb5.EncryptionKey |
Class Overview
This class encapsulates the concept of an EncryptionKey. An encryption key is defined in RFC 4120 as: EncryptionKey ::= SEQUENCE { keytype [0] Int32 -- actually encryption type --, keyvalue [1] OCTET STRING } keytype This field specifies the encryption type of the encryption key that follows in the keyvalue field. Although its name is "keytype", it actually specifies an encryption type. Previously, multiple cryptosystems that performed encryption differently but were capable of using keys with the same characteristics were permitted to share an assigned number to designate the type of key; this usage is now deprecated. keyvalue This field contains the key itself, encoded as an octet string.
Summary
| Fields | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| NULL_KEY | |||||||||||
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Constructs an EncryptionKey by using the specified key type and key
value.
| |||||||||||
Constructs an instance of EncryptionKey type.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Obtains all versions of the secret key of the principal from a
keytab.
| |||||||||||
Generates a list of keys using the given principal, password,
and the pre-authentication values.
| |||||||||||
Generate a list of keys using the given principal and password.
| |||||||||||
Returns the ASN.1 encoding of this EncryptionKey.
| |||||||||||
Creates and returns a copy of this object.
| |||||||||||
Returns the raw key bytes, not in any ASN.1 encoding.
| |||||||||||
Parse (unmarshal) an Encryption key from a DER input stream.
| |||||||||||
Returns a string representation of the object.
| |||||||||||
Writes key value in FCC format to a
CCacheOutputStream. | |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Fields
Public Constructors
public EncryptionKey (int keyType, byte[] keyValue)
Constructs an EncryptionKey by using the specified key type and key value. It is used to recover the key when retrieving data from credential cache file.
public EncryptionKey (DerValue encoding)
Constructs an instance of EncryptionKey type.
Parameters
| encoding | a single DER-encoded value. |
|---|
Throws
| Asn1Exception | if an error occurs while decoding an ASN1 encoded data. |
|---|---|
| IOException | if an I/O error occurs while reading encoded data. |
Public Methods
public static EncryptionKey[] acquireSecretKeys (PrincipalName princ, String keytab)
Obtains all versions of the secret key of the principal from a keytab.
Parameters
| keytab | the path to the keytab file. A value of null will be accepted to indicate that the default path should be searched. |
|---|
Throws
| IOException | |
|---|---|
| KrbException |
public static EncryptionKey[] acquireSecretKeys (char[] password, String salt, boolean pa_exists, int pa_etype, byte[] pa_s2kparams)
Generates a list of keys using the given principal, password, and the pre-authentication values.
Throws
| KrbException |
|---|
public static EncryptionKey[] acquireSecretKeys (char[] password, String salt)
Generate a list of keys using the given principal and password. Construct a key for each configured etype. Caller is responsible for clearing password.
Throws
| KrbException |
|---|
public synchronized byte[] asn1Encode ()
Returns the ASN.1 encoding of this EncryptionKey.
This definition reflects the Network Working Group RFC 4120 specification available at http://www.ietf.org/rfc/rfc4120.txt.
Returns
- byte array of encoded EncryptionKey object.
Throws
| Asn1Exception | if an error occurs while decoding an ASN1 encoded data. |
|---|---|
| IOException | if an I/O error occurs while reading encoded data. |
public synchronized Object clone ()
Creates and returns a copy of this object. The precise meaning of "copy" may depend on the class of the object. The general intent is that, for any object x, the expression:
will be true, and that the expression:x.clone() != x
will be true, but these are not absolute requirements. While it is typically the case that:x.clone().getClass() == x.getClass()
will be true, this is not an absolute requirement.x.clone().equals(x)
By convention, the returned object should be obtained by calling super.clone. If a class and all of its superclasses (except Object) obey this convention, it will be the case that x.clone().getClass() == x.getClass().
By convention, the object returned by this method should be independent of this object (which is being cloned). To achieve this independence, it may be necessary to modify one or more fields of the object returned by super.clone before returning it. Typically, this means copying any mutable objects that comprise the internal "deep structure" of the object being cloned and replacing the references to these objects with references to the copies. If a class contains only primitive fields or references to immutable objects, then it is usually the case that no fields in the object returned by super.clone need to be modified.
The method clone for class Object performs a specific cloning operation. First, if the class of this object does not implement the interface Cloneable, then a CloneNotSupportedException is thrown. Note that all arrays are considered to implement the interface Cloneable. Otherwise, this method creates a new instance of the class of this object and initializes all its fields with exactly the contents of the corresponding fields of this object, as if by assignment; the contents of the fields are not themselves cloned. Thus, this method performs a "shallow copy" of this object, not a "deep copy" operation.
The class Object does not itself implement the interface Cloneable, so calling the clone method on an object whose class is Object will result in throwing an exception at run time.
Returns
- a clone of this instance.
public synchronized void destroy ()
public final byte[] getBytes ()
Returns the raw key bytes, not in any ASN.1 encoding.
public synchronized int getEType ()
public static EncryptionKey parse (DerInputStream data, byte explicitTag, boolean optional)
Parse (unmarshal) an Encryption key from a DER input stream. This form parsing might be used when expanding a value which is part of a constructed sequence and uses explicitly tagged type.
Parameters
| data | the Der input stream value, which contains one or more marshaled value. |
|---|---|
| explicitTag | tag number. |
| optional | indicate if this data field is optional |
Returns
- an instance of EncryptionKey.
Throws
| Asn1Exception | if an error occurs while decoding an ASN1 encoded data. |
|---|---|
| IOException | if an I/O error occurs while reading encoded data. |
public String toString ()
Returns a string representation of the object. In general, the
toString method returns a string that
"textually represents" this object. The result should
be a concise but informative representation that is easy for a
person to read.
It is recommended that all subclasses override this method.
The toString method for class Object
returns a string consisting of the name of the class of which the
object is an instance, the at-sign character `@', and
the unsigned hexadecimal representation of the hash code of the
object. In other words, this method returns a string equal to the
value of:
getClass().getName() + '@' + Integer.toHexString(hashCode())
Returns
- a string representation of the object.
public synchronized void writeKey (CCacheOutputStream cos)
Writes key value in FCC format to a CCacheOutputStream.
Parameters
| cos | a CCacheOutputStream to be written to. |
|---|
Throws
| IOException | if an I/O exception occurs. |
|---|
See Also
- sun.security.krb5.internal.ccache.CCacheOutputStream