001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.shared.kerberos.codec.authenticator; 021 022 023import org.apache.directory.api.asn1.actions.CheckNotNullLength; 024import org.apache.directory.api.asn1.ber.grammar.AbstractGrammar; 025import org.apache.directory.api.asn1.ber.grammar.Grammar; 026import org.apache.directory.api.asn1.ber.grammar.GrammarTransition; 027import org.apache.directory.api.asn1.ber.tlv.UniversalTag; 028import org.apache.directory.shared.kerberos.KerberosConstants; 029import org.apache.directory.shared.kerberos.codec.authenticator.actions.AuthenticatorInit; 030import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreAuthenticatorVno; 031import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreAuthorizationData; 032import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCName; 033import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCRealm; 034import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCTime; 035import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreChecksum; 036import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreCusec; 037import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreSeqNumber; 038import org.apache.directory.shared.kerberos.codec.authenticator.actions.StoreSubKey; 039import org.slf4j.Logger; 040import org.slf4j.LoggerFactory; 041 042 043/** 044 * This class implements the Authenticator structure. All the actions are declared 045 * in this class. As it is a singleton, these declaration are only done once. If 046 * an action is to be added or modified, this is where the work is to be done ! 047 * 048 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 049 */ 050public final class AuthenticatorGrammar extends AbstractGrammar<AuthenticatorContainer> 051{ 052 /** The logger */ 053 static final Logger LOG = LoggerFactory.getLogger( AuthenticatorGrammar.class ); 054 055 /** A speedup for logger */ 056 static final boolean IS_DEBUG = LOG.isDebugEnabled(); 057 058 /** The instance of grammar. AuthenticatorGrammar is a singleton */ 059 private static Grammar<AuthenticatorContainer> instance = new AuthenticatorGrammar(); 060 061 062 /** 063 * Creates a new AuthenticatorGrammar object. 064 */ 065 @SuppressWarnings("unchecked") 066 private AuthenticatorGrammar() 067 { 068 setName( AuthenticatorGrammar.class.getName() ); 069 070 // Create the transitions table 071 super.transitions = new GrammarTransition[AuthenticatorStatesEnum.LAST_AUTHENTICATOR_STATE.ordinal()][256]; 072 073 // ============================================================================================ 074 // Authenticator 075 // ============================================================================================ 076 // -------------------------------------------------------------------------------------------- 077 // Transition from START to Authenticator init 078 // -------------------------------------------------------------------------------------------- 079 // Authenticator ::= [APPLICATION 2] 080 super.transitions[AuthenticatorStatesEnum.START_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_TAG] = 081 new GrammarTransition<AuthenticatorContainer>( 082 AuthenticatorStatesEnum.START_STATE, 083 AuthenticatorStatesEnum.AUTHENTICATOR_STATE, 084 KerberosConstants.AUTHENTICATOR_TAG, 085 new AuthenticatorInit() ); 086 087 // -------------------------------------------------------------------------------------------- 088 // Transition from Authenticator init to Authenticator SEQ 089 // -------------------------------------------------------------------------------------------- 090 // Authenticator ::= [APPLICATION 2] SEQUENCE { 091 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_STATE.ordinal()][UniversalTag.SEQUENCE.getValue()] = 092 new GrammarTransition<AuthenticatorContainer>( 093 AuthenticatorStatesEnum.AUTHENTICATOR_STATE, 094 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE, 095 UniversalTag.SEQUENCE, 096 new CheckNotNullLength<AuthenticatorContainer>() ); 097 098 // -------------------------------------------------------------------------------------------- 099 // Transition from Authenticator SEQ to authenticator-vno tag 100 // -------------------------------------------------------------------------------------------- 101 // Authenticator ::= [APPLICATION 2] SEQUENCE { 102 // authenticator-vno [0] 103 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG] = 104 new GrammarTransition<AuthenticatorContainer>( 105 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_STATE, 106 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE, 107 KerberosConstants.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG, 108 new CheckNotNullLength<AuthenticatorContainer>() ); 109 110 // -------------------------------------------------------------------------------------------- 111 // Transition from authenticator-vno tag to authenticator-vno value 112 // -------------------------------------------------------------------------------------------- 113 // Authenticator ::= [APPLICATION 2] SEQUENCE { 114 // authenticator-vno [0] INTEGER (5), 115 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE.ordinal()][UniversalTag.INTEGER 116 .getValue()] = 117 new GrammarTransition<AuthenticatorContainer>( 118 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_TAG_STATE, 119 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE, 120 UniversalTag.INTEGER, 121 new StoreAuthenticatorVno() ); 122 123 // -------------------------------------------------------------------------------------------- 124 // Transition from authenticator-vno value to crealm tag 125 // -------------------------------------------------------------------------------------------- 126 // Authenticator ::= [APPLICATION 2] SEQUENCE { 127 // ... 128 // crealm [1] 129 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CREALM_TAG] = 130 new GrammarTransition<AuthenticatorContainer>( 131 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHENTICATOR_VNO_STATE, 132 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE, 133 KerberosConstants.AUTHENTICATOR_CREALM_TAG, 134 new CheckNotNullLength<AuthenticatorContainer>() ); 135 136 // -------------------------------------------------------------------------------------------- 137 // Transition from crealm tag to crealm value 138 // -------------------------------------------------------------------------------------------- 139 // Authenticator ::= [APPLICATION 2] SEQUENCE { 140 // ... 141 // crealm [1] Realm, 142 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE.ordinal()][UniversalTag.GENERAL_STRING 143 .getValue()] = 144 new GrammarTransition<AuthenticatorContainer>( 145 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_TAG_STATE, 146 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE, 147 UniversalTag.GENERAL_STRING, 148 new StoreCRealm() ); 149 150 // -------------------------------------------------------------------------------------------- 151 // Transition from crealm value cname 152 // -------------------------------------------------------------------------------------------- 153 // Authenticator ::= [APPLICATION 2] SEQUENCE { 154 // ... 155 // cname [2] PrincipalName, 156 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CNAME_TAG] = 157 new GrammarTransition<AuthenticatorContainer>( 158 AuthenticatorStatesEnum.AUTHENTICATOR_CREALM_STATE, 159 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE, 160 KerberosConstants.AUTHENTICATOR_CNAME_TAG, 161 new StoreCName() ); 162 163 // -------------------------------------------------------------------------------------------- 164 // Transition from cname to cksum 165 // -------------------------------------------------------------------------------------------- 166 // Authenticator ::= [APPLICATION 2] SEQUENCE { 167 // ... 168 // cksum [3] Checksum OPTIONAL, 169 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CKSUM_TAG] = 170 new GrammarTransition<AuthenticatorContainer>( 171 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE, 172 AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE, 173 KerberosConstants.AUTHENTICATOR_CKSUM_TAG, 174 new StoreChecksum() ); 175 176 // -------------------------------------------------------------------------------------------- 177 // Transition from cname to cusec tag 178 // -------------------------------------------------------------------------------------------- 179 // Authenticator ::= [APPLICATION 2] SEQUENCE { 180 // ... 181 // cusec [4] 182 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CUSEC_TAG] = 183 new GrammarTransition<AuthenticatorContainer>( 184 AuthenticatorStatesEnum.AUTHENTICATOR_CNAME_STATE, 185 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE, 186 KerberosConstants.AUTHENTICATOR_CUSEC_TAG, 187 new CheckNotNullLength<AuthenticatorContainer>() ); 188 189 // -------------------------------------------------------------------------------------------- 190 // Transition from cksum to cusec tag 191 // -------------------------------------------------------------------------------------------- 192 // Authenticator ::= [APPLICATION 2] SEQUENCE { 193 // ... 194 // cusec [4] 195 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CUSEC_TAG] = 196 new GrammarTransition<AuthenticatorContainer>( 197 AuthenticatorStatesEnum.AUTHENTICATOR_CKSUM_STATE, 198 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE, 199 KerberosConstants.AUTHENTICATOR_CUSEC_TAG, 200 new CheckNotNullLength<AuthenticatorContainer>() ); 201 202 // -------------------------------------------------------------------------------------------- 203 // Transition from cusec tag to cusec value 204 // -------------------------------------------------------------------------------------------- 205 // Authenticator ::= [APPLICATION 2] SEQUENCE { 206 // ... 207 // cusec [4] Microseconds, 208 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE.ordinal()][UniversalTag.INTEGER 209 .getValue()] = 210 new GrammarTransition<AuthenticatorContainer>( 211 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_TAG_STATE, 212 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE, 213 UniversalTag.INTEGER, 214 new StoreCusec() ); 215 216 // -------------------------------------------------------------------------------------------- 217 // Transition from cusec value to ctime tag 218 // -------------------------------------------------------------------------------------------- 219 // Authenticator ::= [APPLICATION 2] SEQUENCE { 220 // ... 221 // ctime [5] 222 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_CTIME_TAG] = 223 new GrammarTransition<AuthenticatorContainer>( 224 AuthenticatorStatesEnum.AUTHENTICATOR_CUSEC_STATE, 225 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE, 226 KerberosConstants.AUTHENTICATOR_CTIME_TAG, 227 new CheckNotNullLength<AuthenticatorContainer>() ); 228 229 // -------------------------------------------------------------------------------------------- 230 // Transition from ctime tag to ctime value 231 // -------------------------------------------------------------------------------------------- 232 // Authenticator ::= [APPLICATION 2] SEQUENCE { 233 // ... 234 // ctime [5] KerberosTime, 235 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE.ordinal()][UniversalTag.GENERALIZED_TIME 236 .getValue()] = 237 new GrammarTransition<AuthenticatorContainer>( 238 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_TAG_STATE, 239 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE, 240 UniversalTag.GENERALIZED_TIME, 241 new StoreCTime() ); 242 243 // -------------------------------------------------------------------------------------------- 244 // Transition from ctime value to subkey 245 // -------------------------------------------------------------------------------------------- 246 // Authenticator ::= [APPLICATION 2] SEQUENCE { 247 // ... 248 // subkey [6] EncryptionKe> OPTIONAL, 249 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SUBKEY_TAG] = 250 new GrammarTransition<AuthenticatorContainer>( 251 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE, 252 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE, 253 KerberosConstants.AUTHENTICATOR_SUBKEY_TAG, 254 new StoreSubKey() ); 255 256 // -------------------------------------------------------------------------------------------- 257 // Transition from ctime value to seq-number 258 // -------------------------------------------------------------------------------------------- 259 // Authenticator ::= [APPLICATION 2] SEQUENCE { 260 // ... 261 // seq-number [7] UInt32 OPTIONAL, 262 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG] = 263 new GrammarTransition<AuthenticatorContainer>( 264 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE, 265 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE, 266 KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG, 267 new CheckNotNullLength<AuthenticatorContainer>() ); 268 269 // -------------------------------------------------------------------------------------------- 270 // Transition from ctime value to authorization-data 271 // -------------------------------------------------------------------------------------------- 272 // Authenticator ::= [APPLICATION 2] SEQUENCE { 273 // ... 274 // authorization-data [8] AuthorizationData OPTIONAL 275 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] = 276 new GrammarTransition<AuthenticatorContainer>( 277 AuthenticatorStatesEnum.AUTHENTICATOR_CTIME_STATE, 278 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE, 279 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG, 280 new StoreAuthorizationData() ); 281 282 // -------------------------------------------------------------------------------------------- 283 // Transition from subkey to seq-number 284 // -------------------------------------------------------------------------------------------- 285 // Authenticator ::= [APPLICATION 2] SEQUENCE { 286 // ... 287 // seq-number [7] UInt32 OPTIONAL, 288 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG] = 289 new GrammarTransition<AuthenticatorContainer>( 290 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE, 291 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE, 292 KerberosConstants.AUTHENTICATOR_SEQ_NUMBER_TAG, 293 new CheckNotNullLength<AuthenticatorContainer>() ); 294 295 // -------------------------------------------------------------------------------------------- 296 // Transition from subkey to authorization-data 297 // -------------------------------------------------------------------------------------------- 298 // Authenticator ::= [APPLICATION 2] SEQUENCE { 299 // ... 300 // authorization-data [8] AuthorizationData OPTIONAL 301 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] = 302 new GrammarTransition<AuthenticatorContainer>( 303 AuthenticatorStatesEnum.AUTHENTICATOR_SUBKEY_STATE, 304 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE, 305 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG, 306 new StoreAuthorizationData() ); 307 308 // -------------------------------------------------------------------------------------------- 309 // Transition from seq-number tag to seq-number value 310 // -------------------------------------------------------------------------------------------- 311 // Authenticator ::= [APPLICATION 2] SEQUENCE { 312 // ... 313 // authorization-data [8] AuthorizationData OPTIONAL 314 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE.ordinal()][UniversalTag.INTEGER 315 .getValue()] = 316 new GrammarTransition<AuthenticatorContainer>( 317 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_TAG_STATE, 318 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE, 319 UniversalTag.INTEGER, 320 new StoreSeqNumber() ); 321 322 // -------------------------------------------------------------------------------------------- 323 // Transition from seq-number value to authorization-data 324 // -------------------------------------------------------------------------------------------- 325 // Authenticator ::= [APPLICATION 2] SEQUENCE { 326 // ... 327 // authorization-data [8] AuthorizationData OPTIONAL 328 // } 329 super.transitions[AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE.ordinal()][KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG] = 330 new GrammarTransition<AuthenticatorContainer>( 331 AuthenticatorStatesEnum.AUTHENTICATOR_SEQ_NUMBER_STATE, 332 AuthenticatorStatesEnum.AUTHENTICATOR_AUTHORIZATION_DATA_STATE, 333 KerberosConstants.AUTHENTICATOR_AUTHORIZATION_DATA_TAG, 334 new StoreAuthorizationData() ); 335 } 336 337 338 /** 339 * Get the instance of this grammar 340 * 341 * @return An instance on the Authenticator Grammar 342 */ 343 public static Grammar<AuthenticatorContainer> getInstance() 344 { 345 return instance; 346 } 347}