Does anybody know how to process HTTP request with content type
"Content-Type: application/HTTP-Kerberos-session-enc" ?
I cannot decode HTTP request:
------------------------------------------------------------------------------
-- Encrypted Boundary
Content-Type: application/HTTP-Kerberos-session-encrypted
OriginalContent: type=application/soap+xml;charset=UTF-16;Length=1624
-- Encrypted Boundary
Content-Type: application/octet-stream
<octet-stream>-- Encrypted Boundary
Where <octet-stream> starts with four bytes [47, 0, 0, 0]
other bytes from <octet-stream> I am trying to decode
"context.unwrap()" method ("context" was created on previous request):
-----------------------------------------------------------------------------
GSSHeader gssHeader = new GSSHeader(new
ByteArrayInputStream(content));
log.debug("Incoming warped content length: " + content.length);
log.debug("Incoming GSS header OID: " + gssHeader.getOid());
log.debug("Incoming GSS header length: " + gssHeader.getLength());
log.debug("Incoming GSS header MechTokenLength: " +
gssHeader.getMechTokenLength());
byte[] newBytes = context.unwrap(content, 0, content.length, msgProp);
--------------------------------------------------------------------------
"content" - byte array which was created from <octet-stream> without
first four bytes (without [47, 0, 0, 0]).
"gssHeader" is created correctly because in debug log I see:
--------------------------------------------------------------------------
Incoming warped content length: 1671
Incoming GSS header OID: 1.2.840.113554.1.2.2
Incoming GSS header length: 15
Incoming GSS header MechTokenLength: 1656
--------------------------------------------------------------------------
but on "unwrap" operation I've got exception:
--------------------------------------------------------------------------
GS***ception: Defective token detected (Mechanism level: Invalid
padding on Wrap Token)
at
sun.security.jgss.krb5.CipherHelper.arcFourDecrypt(CipherHelper.java:
1226)
at sun.security.jgss.krb5.CipherHelper.decryptData(CipherHelper.java:
532)
at sun.security.jgss.krb5.WrapToken.getDataFromBuffer(WrapToken.java:
230)
at sun.security.jgss.krb5.WrapToken.getData(WrapToken.java:195)
at sun.security.jgss.krb5.WrapToken.getData(WrapToken.java:168)
at sun.security.jgss.krb5.Krb5Context.unwrap(Krb5Context.java:941)
at sun.security.jgss.GSSContextImpl.unwrap(GSSContextImpl.java:384)
at com.myproject.ws_management.WSServer$MyHandler.handle(WSServer.java:
361)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:65)
at sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:65)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:68)
at sun.net.httpserver.ServerImpl$Exchange
$LinkHandler.handle(ServerImpl.java:552)
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:65)
at sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:524)
at sun.net.httpserver.ServerImpl
$DefaultExecutor.execute(ServerImpl.java:119)
at sun.net.httpserver.ServerImpl$Dispatcher.handle(ServerImpl.java:
349)
at sun.net.httpserver.ServerImpl$Dispatcher.run(ServerImpl.java:321)
at java.lang.Thread.run(Thread.java:619)
--------------------------------------------------------------------------
It looks like [47, 0, 0, 0] (hex [2F, 0, 0, 0]) is cipher suite, but
on http://www.iana.org/assignments/tls-parameters
I fount that it is:
0x00,0x2F TLS_RSA_WITH_AES_128_CBC_SHA [RFC3268]
So... what does this bytes can mean ?
|
