- java.lang.Object
-
- javax.security.auth.kerberos.KerberosKey
-
- All Implemented Interfaces:
- Serializable, Key, SecretKey, Destroyable
public class KerberosKey extends Object implements SecretKey, Destroyable
This class encapsulates a long term secret key for a Kerberos principal.All Kerberos JAAS login modules that obtain a principal's password and generate the secret key from it should use this class. Sometimes, such as when authenticating a server in the absence of user-to-user authentication, the login module will store an instance of this class in the private credential set of a
Subject
during the commit phase of the authentication process.A Kerberos service using a keytab to read secret keys should use the
KeyTab
class, where latest keys can be read when needed.It might be necessary for the application to be granted a
PrivateCredentialPermission
if it needs to access the KerberosKey instance from a Subject. This permission is not needed when the application depends on the default JGSS Kerberos mechanism to access the KerberosKey. In that case, however, the application will need an appropriateServicePermission
.- Since:
- 1.4
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor and Description KerberosKey(KerberosPrincipal principal, byte[] keyBytes, int keyType, int versionNum)
Constructs a KerberosKey from the given bytes when the key type and key version number are known.KerberosKey(KerberosPrincipal principal, char[] password, String algorithm)
Constructs a KerberosKey from a principal's password.
-
Method Summary
Methods Modifier and Type Method and Description void
destroy()
Destroys this key.boolean
equals(Object other)
Compares the specified Object with this KerberosKey for equality.String
getAlgorithm()
Returns the standard algorithm name for this key.byte[]
getEncoded()
Returns the key material of this secret key.String
getFormat()
Returns the name of the encoding format for this secret key.int
getKeyType()
Returns the key type for this long-term key.KerberosPrincipal
getPrincipal()
Returns the principal that this key belongs to.int
getVersionNumber()
Returns the key version number.int
hashCode()
Returns a hashcode for this KerberosKey.boolean
isDestroyed()
Determines if this key has been destroyed.String
toString()
Returns a string representation of the object.
-
-
-
Constructor Detail
-
KerberosKey
public KerberosKey(KerberosPrincipal principal, byte[] keyBytes, int keyType, int versionNum)
Constructs a KerberosKey from the given bytes when the key type and key version number are known. This can be used when reading the secret key information from a Kerberos "keytab".- Parameters:
principal
- the principal that this secret key belongs tokeyBytes
- the raw bytes for the secret keykeyType
- the key type for the secret key as defined by the Kerberos protocol specification.versionNum
- the version number of this secret key
-
KerberosKey
public KerberosKey(KerberosPrincipal principal, char[] password, String algorithm)
Constructs a KerberosKey from a principal's password.- Parameters:
principal
- the principal that this password belongs topassword
- the password that should be used to compute the keyalgorithm
- the name for the algorithm that this key will be used for. This parameter may be null in which case the default algorithm "DES" will be assumed.- Throws:
IllegalArgumentException
- if the name of the algorithm passed is unsupported.
-
-
Method Detail
-
getPrincipal
public final KerberosPrincipal getPrincipal()
Returns the principal that this key belongs to.- Returns:
- the principal this key belongs to.
-
getVersionNumber
public final int getVersionNumber()
Returns the key version number.- Returns:
- the key version number.
-
getKeyType
public final int getKeyType()
Returns the key type for this long-term key.- Returns:
- the key type.
-
getAlgorithm
public final String getAlgorithm()
Returns the standard algorithm name for this key. For example, "DES" would indicate that this key is a DES key. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.- Specified by:
getAlgorithm
in interfaceKey
- Returns:
- the name of the algorithm associated with this key.
-
getFormat
public final String getFormat()
Returns the name of the encoding format for this secret key.
-
getEncoded
public final byte[] getEncoded()
Returns the key material of this secret key.- Specified by:
getEncoded
in interfaceKey
- Returns:
- the key material
-
destroy
public void destroy() throws DestroyFailedException
Destroys this key. A call to any of its other methods after this will cause an IllegalStateException to be thrown.- Specified by:
destroy
in interfaceDestroyable
- Throws:
DestroyFailedException
- if some error occurs while destorying this key.
-
isDestroyed
public boolean isDestroyed()
Determines if this key has been destroyed.- Specified by:
isDestroyed
in interfaceDestroyable
- Returns:
- true if this
Object
has been destroyed, false otherwise.
-
toString
public String toString()
Description copied from class:Object
Returns a string representation of the object. In general, thetoString
method returns a string that "textually represents" this object. The result should be a concise but informative representation that is easy for a person to read. It is recommended that all subclasses override this method.The
toString
method for classObject
returns a string consisting of the name of the class of which the object is an instance, the at-sign character `@
', and the unsigned hexadecimal representation of the hash code of the object. In other words, this method returns a string equal to the value of:getClass().getName() + '@' + Integer.toHexString(hashCode())
-
hashCode
public int hashCode()
Returns a hashcode for this KerberosKey.- Overrides:
hashCode
in classObject
- Returns:
- a hashCode() for the
KerberosKey
- Since:
- 1.6
- See Also:
Object.equals(java.lang.Object)
,System.identityHashCode(java.lang.Object)
-
equals
public boolean equals(Object other)
Compares the specified Object with this KerberosKey for equality. Returns true if the given object is also aKerberosKey
and the twoKerberosKey
instances are equivalent.- Overrides:
equals
in classObject
- Parameters:
other
- the Object to compare to- Returns:
- true if the specified object is equal to this KerberosKey, false otherwise. NOTE: Returns false if either of the KerberosKey objects has been destroyed.
- Since:
- 1.6
- See Also:
Object.hashCode()
,HashMap
-
-
Deutsche Übersetzung
Sie haben gebeten, diese Seite auf Deutsch zu besuchen. Momentan ist nur die Oberfläche übersetzt, aber noch nicht der gesamte Inhalt.Wenn Sie mir bei Übersetzungen helfen wollen, ist Ihr Beitrag willkommen. Alles, was Sie tun müssen, ist, sich auf der Website zu registrieren und mir eine Nachricht zu schicken, in der Sie gebeten werden, Sie der Gruppe der Übersetzer hinzuzufügen, die Ihnen die Möglichkeit gibt, die gewünschten Seiten zu übersetzen. Ein Link am Ende jeder übersetzten Seite zeigt an, dass Sie der Übersetzer sind und einen Link zu Ihrem Profil haben.
Vielen Dank im Voraus.
Dokument erstellt 11/06/2005, zuletzt geändert 04/03/2020
Quelle des gedruckten Dokuments:https://www.gaudry.be/de/java-api-rf-javax/security/auth/kerberos/kerberoskey.html
Die Infobro ist eine persönliche Seite, deren Inhalt in meiner alleinigen Verantwortung liegt. Der Text ist unter der CreativeCommons-Lizenz (BY-NC-SA) verfügbar. Weitere Informationen auf die Nutzungsbedingungen und dem Autor.
Referenzen
Diese Verweise und Links verweisen auf Dokumente, die während des Schreibens dieser Seite konsultiert wurden, oder die zusätzliche Informationen liefern können, aber die Autoren dieser Quellen können nicht für den Inhalt dieser Seite verantwortlich gemacht werden.
Der Autor Diese Website ist allein dafür verantwortlich, wie die verschiedenen Konzepte und Freiheiten, die mit den Nachschlagewerken gemacht werden, hier dargestellt werden. Denken Sie daran, dass Sie mehrere Quellinformationen austauschen müssen, um das Risiko von Fehlern zu reduzieren.