javax.security.auth.kerberos

Class KerberosKey

java.lang.Object

javax.security.auth.kerberos.KerberosKey

All Implemented Interfaces:

java.io.Serializable, java.security.Key, javax.crypto.SecretKey, javax.security.auth.Destroyable

public class KerberosKey
extends java.lang.Object
implements javax.crypto.SecretKey, javax.security.auth.Destroyable

This class encapsulates a long term secret key for a Kerberos principal.

All Kerberos JAAS login modules that obtain a principal's password and generate the secret key from it should use this class. Where available, the login module might even read this secret key directly from a Kerberos "keytab". Sometimes, such as when authenticating a server in the absence of user-to-user authentication, the login module will store an instance of this class in the private credential set of a Subject during the commit phase of the authentication process.

It might be necessary for the application to be granted a PrivateCredentialPermission if it needs to access the KerberosKey instance from a Subject. This permission is not needed when the application depends on the default JGSS Kerberos mechanism to access the KerberosKey. In that case, however, the application will need an appropriate ServicePermission.

Since:

1.4

Version:

1.12, 12/03/01

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
KerberosKey(KerberosPrincipal principal, byte[] keyBytes, int keyType, int versionNum) Constructs a KerberosKey from the given bytes when the key type and key version number are known.
KerberosKey(KerberosPrincipal principal, char[] password, java.lang.String algorithm) Constructs a KerberosKey from a principal's password.

Method Summary

Modifier and Type	Method and Description
void	destroy() Destroys this key.
boolean	equals(java.lang.Object other) Compares the specified Object with this KerberosKey for equality.
java.lang.String	getAlgorithm() Returns the standard algorithm name for this key.
byte[]	getEncoded() Returns the key material of this secret key.
java.lang.String	getFormat() Returns the name of the encoding format for this secret key.
int	getKeyType() Returns the key type for this long-term key.
KerberosPrincipal	getPrincipal() Returns the principal that this key belongs to.
int	getVersionNumber() Returns the key version number.
int	hashCode() Returns a hashcode for this KerberosKey.
boolean	isDestroyed() Determines if this key has been destroyed.
java.lang.String	toString() DOCUMENT ME!

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

KerberosKey

public KerberosKey(KerberosPrincipal principal,
                   byte[] keyBytes,
                   int keyType,
                   int versionNum)

Constructs a KerberosKey from the given bytes when the key type and key version number are known. This can used when reading the secret key information from a Kerberos "keytab".

Parameters:

principal - the principal that this secret key belongs to

keyBytes - the raw bytes for the secret key

keyType - the key type for the secret key as defined by the Kerberos protocol specification.

versionNum - the version number of this secret key

KerberosKey

public KerberosKey(KerberosPrincipal principal,
                   char[] password,
                   java.lang.String algorithm)

Constructs a KerberosKey from a principal's password.

Parameters:

principal - the principal that this password belongs to

password - the password that should be used to compute the key

algorithm - the name for the algorithm that this key wil be used for. This parameter may be null in which case "DES" will be assumed.

Method Detail

getPrincipal

public final KerberosPrincipal getPrincipal()

Returns the principal that this key belongs to.

Returns:

the principal this key belongs to.

getVersionNumber

public final int getVersionNumber()

Returns the key version number.

Returns:

the key version number.

getKeyType

public final int getKeyType()

Returns the key type for this long-term key.

Returns:

the key type.

getAlgorithm

public final java.lang.String getAlgorithm()

Returns the standard algorithm name for this key.

Specified by:

getAlgorithm in interface java.security.Key

Returns:

the name of the algorithm associated with this key.

getFormat

public final java.lang.String getFormat()

Returns the name of the encoding format for this secret key.

Specified by:

getFormat in interface java.security.Key

Returns:

the String "RAW"

getEncoded

public final byte[] getEncoded()

Returns the key material of this secret key.

Specified by:

getEncoded in interface java.security.Key

Returns:

the key material

destroy

public void destroy()
             throws javax.security.auth.DestroyFailedException

Destroys this key. A call to any of its other methods after this will cause an IllegalStateException to be thrown.

Specified by:

destroy in interface javax.security.auth.Destroyable

Throws:

javax.security.auth.DestroyFailedException - if some error occurs while destorying this key.

isDestroyed

public boolean isDestroyed()

Determines if this key has been destroyed.

Specified by:

isDestroyed in interface javax.security.auth.Destroyable

Returns:

DOCUMENT ME!

toString

public java.lang.String toString()

DOCUMENT ME!

Overrides:

toString in class java.lang.Object

Returns:

DOCUMENT ME!

hashCode

public int hashCode()

Returns a hashcode for this KerberosKey.

Overrides:

hashCode in class java.lang.Object

Returns:

a hashCode() for the KerberosKey

Since:

1.6

equals

public boolean equals(java.lang.Object other)

Compares the specified Object with this KerberosKey for equality. Returns true if the given object is also a KerberosKey and the two KerberosKey instances are equivalent.

Overrides:

equals in class java.lang.Object

Parameters:

other - the Object to compare to

Returns:

true if the specified object is equal to this KerberosKey, false otherwise. NOTE: Returns false if either of the KerberosKey objects has been destroyed.

Since:

1.6