KeyUsage.java

package org.apache.kerberos.kerb.spec.common;

import org.apache.kerberos.kerb.spec.KrbEnum;

/**
 * From krb5.hin
 */
public enum KeyUsage implements KrbEnum
{
    UNKNOWN(-1),
    NONE(0),
    //AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key
    AS_REQ_PA_ENC_TS(1),
    //AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key),
    //encrypted with the service key (Section 5.3)
    KDC_REP_TICKET(2),
    //AS-REP encrypted part (includes TGS session key or application session key),
    //encrypted with the client key (Section 5.4.2)
    AS_REP_ENCPART(3),
    //TGS-REQ KDC-REQ-BODY AuthorizationData,
    //encrypted with the TGS session key (Section 5.4.1)
    TGS_REQ_AD_SESSKEY(4),
    //TGS-REQ KDC-REQ-BODY AuthorizationData,
    //encrypted with the TGS authenticator subkey (Section 5.4.1)
    TGS_REQ_AD_SUBKEY(5),
    //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum,
    //keyed with the TGS session key (Section 5.5.1)
    TGS_REQ_AUTH_CKSUM(6),
    //TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey),
    //encrypted with the TGS session key (Section 5.5.1)
    TGS_REQ_AUTH(7),
    //TGS-REP encrypted part (includes application session key),
    //encrypted with the TGS session key (Section 5.4.2)
    TGS_REP_ENCPART_SESSKEY(8),
    //TGS-REP encrypted part (includes application session key),
    //encrypted with the TGS authenticator subkey (Section 5.4.2)
    TGS_REP_ENCPART_SUBKEY(9),
    //AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
    AP_REQ_AUTH_CKSUM(10),
    //AP-REQ Authenticator (includes application authenticator subkey),
    //encrypted with the application session key (Section 5.5.1)
    AP_REQ_AUTH(11),
    //AP-REP encrypted part (includes application session subkey),
    //encrypted with the application session key (Section 5.5.2)
    AP_REP_ENCPART(12),
    //KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
    KRB_PRIV_ENCPART(13),
    KRB_CRED_ENCPART(14),
    KRB_SAFE_CKSUM(15),
    APP_DATA_ENCRYPT(16),
    APP_DATA_CKSUM(17),
    KRB_ERROR_CKSUM(18),
    AD_KDCISSUED_CKSUM(19),
    AD_MTE(20),
    AD_ITE(21),
    GSS_TOK_MIC(22),
    GSS_TOK_WRAP_INTEG(23),
    GSS_TOK_WRAP_PRIV(24),
    //Defined in Integrating SAM Mechanisms with Kerberos draft
    PA_SAM_CHALLENGE_CKSUM(25),
    //Note conflict with @ref PA_S4U_X509_USER_REQUEST
    PA_SAM_CHALLENGE_TRACKID(26),
    //Note conflict with @ref PA_S4U_X509_USER_REPLY
    PA_SAM_RESPONSE(27),
    //Defined in [MS-SFU]
    //Note conflict with @ref PA_SAM_CHALLENGE_TRACKID
    PA_S4U_X509_USER_REQUEST(26),
    //Note conflict with @ref PA_SAM_RESPONSE
    PA_S4U_X509_USER_REPLY(27),
    //unused
    PA_REFERRAL(26),
    AD_SIGNEDPATH(-21),
    IAKERB_FINISHED(42),
    PA_PKINIT_KX(44),
    PA_OTP_REQUEST(45),  //See RFC 6560 section 4.2
    //define in preauth-framework
    FAST_REQ_CHKSUM(50),
    FAST_ENC(51),
    FAST_REP(52),
    FAST_FINISHED(53),
    ENC_CHALLENGE_CLIENT(54),
    ENC_CHALLENGE_KDC(55),
    AS_REQ(56);

    private int value;

    private KeyUsage(int value) {
        this.value = value;
    }

    public int getValue() {
        return value;
    }

    public static KeyUsage fromValue(Integer value) {
        if (value != null) {
            for (KrbEnum e : values()) {
                if (e.getValue() == value) {
                    return (KeyUsage) e;
                }
            }
        }
        return UNKNOWN;
    }

    public static final boolean isValid(int usage) {
        return usage > -1;
    }
}