com.dstc.security.kerberos
Class KerberosKey

java.lang.Object
  |
  +--com.dstc.security.kerberos.KerberosKey

public abstract class KerberosKey
extends Object
implements EncryptionKey

An implementation of EncryptionKey for use in initial authentication. A KerberosKey can be instantiated from key material in two ways; either directly from the key value (eg. if the key is obtained from a KeyTab) or, more usually, from a user password and "mix-in" string (or salt). A default mix-in string for most Kerberos installations consists of a concatenation of the realm and each component of the PrincipalName for the user requiring authentication.

See Also:
EncryptionKey, Kerberos

Constructor Summary
protected KerberosKey(int keyType, byte[] bytes)
          Constructs a KerberosKey from a key type and the key value
protected KerberosKey(int keyType, byte[] passString, byte[] mixInString)
          Constructs a KerberosKey from a key type, a password and a mix-in string
 
Method Summary
static KerberosKey getInstance(int keyType, byte[] bytes)
          Returns a KerberosKey for a given encryption type and key value
static KerberosKey getInstance(int keyType, byte[] passString, byte[] mixInString)
          Returns a KerberosKey for a given encryption type, a password and a mix-in string
 byte[] getMixInString()
          Returns the current mix-in string
 int keyType()
          Returns the key type for this key
 byte[] keyValue()
          Returns the key bytes for this key
protected abstract  byte[] stringToKey(byte[] passString, byte[] mixInString)
          Transforms the supplied password and mix-in string to a key value in an algorithm-specific manner.
 void updateMixInString(byte[] mixInString)
          Replaces the current mix-in string with a new one
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KerberosKey

protected KerberosKey(int keyType,
                      byte[] bytes)
Constructs a KerberosKey from a key type and the key value

KerberosKey

protected KerberosKey(int keyType,
                      byte[] passString,
                      byte[] mixInString)
               throws KerberosException
Constructs a KerberosKey from a key type, a password and a mix-in string
Method Detail

getInstance

public static KerberosKey getInstance(int keyType,
                                      byte[] bytes)
                               throws KerberosException
Returns a KerberosKey for a given encryption type and key value

getInstance

public static KerberosKey getInstance(int keyType,
                                      byte[] passString,
                                      byte[] mixInString)
                               throws KerberosException
Returns a KerberosKey for a given encryption type, a password and a mix-in string

getMixInString

public byte[] getMixInString()
Returns the current mix-in string

updateMixInString

public void updateMixInString(byte[] mixInString)
                       throws KerberosException
Replaces the current mix-in string with a new one

keyType

public int keyType()
Returns the key type for this key
Specified by:
keyType in interface EncryptionKey

keyValue

public byte[] keyValue()
Returns the key bytes for this key
Specified by:
keyValue in interface EncryptionKey

stringToKey

protected abstract byte[] stringToKey(byte[] passString,
                                      byte[] mixInString)
                               throws KerberosException
Transforms the supplied password and mix-in string to a key value in an algorithm-specific manner.