org.apache.directory.server.kerberos.sam
Class TimestampChecker

java.lang.Object
  extended by org.apache.directory.server.kerberos.sam.TimestampChecker
All Implemented Interfaces:
KeyIntegrityChecker

public class TimestampChecker
extends java.lang.Object
implements KeyIntegrityChecker


Constructor Summary
TimestampChecker()
           
 
Method Summary
 boolean checkKeyIntegrity(byte[] encryptedData, javax.security.auth.kerberos.KerberosKey kerberosKey)
          Checks the integrity of a KerberosKey to decrypt-decode and compare an encrypted encoded generalized timestamp representing the preauth data.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TimestampChecker

public TimestampChecker()
Method Detail

checkKeyIntegrity

public boolean checkKeyIntegrity(byte[] encryptedData,
                                 javax.security.auth.kerberos.KerberosKey kerberosKey)
Description copied from interface: KeyIntegrityChecker
Checks the integrity of a KerberosKey to decrypt-decode and compare an encrypted encoded generalized timestamp representing the preauth data.

Specified by:
checkKeyIntegrity in interface KeyIntegrityChecker
Parameters:
encryptedData - the generalized timestamp encrypted with client hotp generated KerberosKey
kerberosKey - the KerberosKey generated from server side hotp value
Returns:
true if the key can decrypt-decode and make sense out of the timestamp verifying that it is in skew, false otherwise