001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.server.kerberos.shared.crypto.encryption;
021    
022    
023    import java.util.Arrays;
024    import java.util.Collections;
025    import java.util.List;
026    
027    import org.apache.directory.server.i18n.I18n;
028    
029    
030    /**
031     * From RFC 4120, "The Kerberos Network Authentication Service (V5)":
032     * 
033     * 7.5.1.  Key Usage Numbers
034     * 
035     * The encryption and checksum specifications in [RFC3961] require as
036     * input a "key usage number", to alter the encryption key used in any
037     * specific message in order to make certain types of cryptographic
038     * attack more difficult.  These are the key usage values assigned in
039     * [RFC 4120]:
040     * 
041     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
042     * @version $Rev$, $Date$
043     */
044    public final class KeyUsage implements Comparable<KeyUsage>
045    {
046        /**
047         * AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key (Section 5.2.7.2)
048         */
049        public static final KeyUsage NUMBER1 = new KeyUsage( 1, I18n.err( I18n.ERR_603 ) );
050    
051        /**
052         * AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key), encrypted with the service key (Section 5.3)
053         */
054        public static final KeyUsage NUMBER2 = new KeyUsage( 2, I18n.err( I18n.ERR_604 ) );
055    
056        /**
057         * AS-REP encrypted part (includes TGS session key or application session key), encrypted with the client key (Section 5.4.2)
058         */
059        public static final KeyUsage NUMBER3 = new KeyUsage( 3, I18n.err( I18n.ERR_605 ) );
060    
061        /**
062         * TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS session key (Section 5.4.1)
063         */
064        public static final KeyUsage NUMBER4 = new KeyUsage( 4, I18n.err( I18n.ERR_606 ) );
065    
066        /**
067         * TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS authenticator subkey (Section 5.4.1)
068         */
069        public static final KeyUsage NUMBER5 = new KeyUsage( 5, I18n.err( I18n.ERR_607 ) );
070    
071        /**
072         * TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the TGS session key (Section 5.5.1)
073         */
074        public static final KeyUsage NUMBER6 = new KeyUsage( 6, I18n.err( I18n.ERR_608 ) );
075    
076        /**
077         * TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey), encrypted with the TGS session key (Section 5.5.1)
078         */
079        public static final KeyUsage NUMBER7 = new KeyUsage( 7, I18n.err( I18n.ERR_609 ) );
080    
081        /**
082         * TGS-REP encrypted part (includes application session key), encrypted with the TGS session key (Section 5.4.2)
083         */
084        public static final KeyUsage NUMBER8 = new KeyUsage( 8, I18n.err( I18n.ERR_610 ) );
085    
086        /**
087         * TGS-REP encrypted part (includes application session key), encrypted with the TGS authenticator subkey (Section 5.4.2)
088         */
089        public static final KeyUsage NUMBER9 = new KeyUsage( 9, I18n.err( I18n.ERR_610 ) );
090    
091        /**
092         * AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
093         */
094        public static final KeyUsage NUMBER10 = new KeyUsage( 10, I18n.err( I18n.ERR_612 ) );
095    
096        /**
097         * AP-REQ Authenticator (includes application authenticator subkey), encrypted with the application session key (Section 5.5.1)
098         */
099        public static final KeyUsage NUMBER11 = new KeyUsage( 11, I18n.err( I18n.ERR_613 ) );
100    
101        /**
102         * AP-REP encrypted part (includes application session subkey), encrypted with the application session key (Section 5.5.2)
103         */
104        public static final KeyUsage NUMBER12 = new KeyUsage( 12, I18n.err( I18n.ERR_614 ) );
105    
106        /**
107         * KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
108         */
109        public static final KeyUsage NUMBER13 = new KeyUsage( 13, I18n.err( I18n.ERR_615 ) );
110    
111        /**
112         * These two lines are all that's necessary to export a List of VALUES.
113         */
114        private static final KeyUsage[] values =
115            { NUMBER1, NUMBER2, NUMBER3, NUMBER4, NUMBER5, NUMBER6, NUMBER7, NUMBER8, NUMBER9, NUMBER10, NUMBER11,
116                NUMBER12, NUMBER13 };
117    
118        /**
119         * VALUES needs to be located here, otherwise illegal forward reference.
120         */
121        public static final List<KeyUsage> VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
122    
123        private final int ordinal;
124        private final String name;
125    
126    
127        /**
128         * Private constructor prevents construction outside of this class.
129         */
130        private KeyUsage( int ordinal, String name )
131        {
132            this.ordinal = ordinal;
133            this.name = name;
134        }
135    
136    
137        /**
138         * Returns the key usage number type when specified by its ordinal.
139         *
140         * @param type
141         * @return The key usage number type.
142         */
143        public static KeyUsage getTypeByOrdinal( int type )
144        {
145            for ( int ii = 0; ii < values.length; ii++ )
146            {
147                if ( values[ii].ordinal == type )
148                {
149                    return values[ii];
150                }
151            }
152    
153            return NUMBER1;
154        }
155    
156    
157        /**
158         * Returns the number associated with this key usage number.
159         *
160         * @return The key usage number
161         */
162        public int getOrdinal()
163        {
164            return ordinal;
165        }
166    
167    
168        public int compareTo( KeyUsage that )
169        {
170            return ordinal - that.ordinal;
171        }
172    
173    
174        public String toString()
175        {
176            return name + " (" + ordinal + ")";
177        }
178    }