Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/org/ietf/jgss/GSSContext.java
38829 views
/*1* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package org.ietf.jgss;2627import sun.security.jgss.spi.*;28import java.io.InputStream;29import java.io.OutputStream;3031/**32* This interface encapsulates the GSS-API security context and provides33* the security services that are available over the context. Security34* contexts are established between peers using locally acquired35* credentials. Multiple contexts may exist simultaneously between a pair36* of peers, using the same or different set of credentials. GSS-API37* functions in a manner independent of the underlying transport protocol38* and depends on its calling application to transport the tokens that are39* generated by the security context between the peers.<p>40*41* If the caller instantiates the context using the default42* <code>GSSManager</code> instance, then the Kerberos v5 GSS-API mechanism43* is guaranteed to be available for context establishment. This mechanism44* is identified by the Oid "1.2.840.113554.1.2.2" and is defined in RFC45* 1964.<p>46*47* Before the context establishment phase is initiated, the context48* initiator may request specific characteristics desired of the49* established context. Not all underlying mechanisms support all50* characteristics that a caller might desire. After the context is51* established, the caller can check the actual characteristics and services52* offered by that context by means of various query methods. When using53* the Kerberos v5 GSS-API mechanism offered by the default54* <code>GSSManager</code> instance, all optional services will be55* available locally. They are mutual authentication, credential56* delegation, confidentiality and integrity protection, and per-message57* replay detection and sequencing. Note that in the GSS-API, message integrity58* is a prerequisite for message confidentiality.<p>59*60* The context establishment occurs in a loop where the61* initiator calls {@link #initSecContext(byte[], int, int) initSecContext}62* and the acceptor calls {@link #acceptSecContext(byte[], int, int)63* acceptSecContext} until the context is established. While in this loop64* the <code>initSecContext</code> and <code>acceptSecContext</code>65* methods produce tokens that the application sends over to the peer. The66* peer passes any such token as input to its <code>acceptSecContext</code>67* or <code>initSecContext</code> as the case may be.<p>68*69* During the context establishment phase, the {@link70* #isProtReady() isProtReady} method may be called to determine if the71* context can be used for the per-message operations of {@link72* #wrap(byte[], int, int, MessageProp) wrap} and {@link #getMIC(byte[],73* int, int, MessageProp) getMIC}. This allows applications to use74* per-message operations on contexts which aren't yet fully75* established.<p>76*77* After the context has been established or the <code>isProtReady</code>78* method returns <code>true</code>, the query routines can be invoked to79* determine the actual characteristics and services of the established80* context. The application can also start using the per-message methods81* of {@link #wrap(byte[], int, int, MessageProp) wrap} and82* {@link #getMIC(byte[], int, int, MessageProp) getMIC} to obtain83* cryptographic operations on application supplied data.<p>84*85* When the context is no longer needed, the application should call86* {@link #dispose() dispose} to release any system resources the context87* may be using.<p>88*89* A security context typically maintains sequencing and replay detection90* information about the tokens it processes. Therefore, the sequence in91* which any tokens are presented to this context for processing can be92* important. Also note that none of the methods in this interface are93* synchronized. Therefore, it is not advisable to share a94* <code>GSSContext</code> among several threads unless some application95* level synchronization is in place.<p>96*97* Finally, different mechanism providers might place different security98* restrictions on using GSS-API contexts. These will be documented by the99* mechanism provider. The application will need to ensure that it has the100* appropriate permissions if such checks are made in the mechanism layer.<p>101*102* The example code presented below demonstrates the usage of the103* <code>GSSContext</code> interface for the initiating peer. Different104* operations on the <code>GSSContext</code> object are presented,105* including: object instantiation, setting of desired flags, context106* establishment, query of actual context flags, per-message operations on107* application data, and finally context deletion.<p>108*109* <pre>110* // Create a context using default credentials111* // and the implementation specific default mechanism112* GSSManager manager ...113* GSSName targetName ...114* GSSContext context = manager.createContext(targetName, null, null,115* GSSContext.INDEFINITE_LIFETIME);116*117* // set desired context options prior to context establishment118* context.requestConf(true);119* context.requestMutualAuth(true);120* context.requestReplayDet(true);121* context.requestSequenceDet(true);122*123* // establish a context between peers124*125* byte []inToken = new byte[0];126*127* // Loop while there still is a token to be processed128*129* while (!context.isEstablished()) {130*131* byte[] outToken132* = context.initSecContext(inToken, 0, inToken.length);133*134* // send the output token if generated135* if (outToken != null)136* sendToken(outToken);137*138* if (!context.isEstablished()) {139* inToken = readToken();140* }141*142* // display context information143* System.out.println("Remaining lifetime in seconds = "144* + context.getLifetime());145* System.out.println("Context mechanism = " + context.getMech());146* System.out.println("Initiator = " + context.getSrcName());147* System.out.println("Acceptor = " + context.getTargName());148*149* if (context.getConfState())150* System.out.println("Confidentiality (i.e., privacy) is available");151*152* if (context.getIntegState())153* System.out.println("Integrity is available");154*155* // perform wrap on an application supplied message, appMsg,156* // using QOP = 0, and requesting privacy service157* byte [] appMsg ...158*159* MessageProp mProp = new MessageProp(0, true);160*161* byte []tok = context.wrap(appMsg, 0, appMsg.length, mProp);162*163* sendToken(tok);164*165* // release the local-end of the context166* context.dispose();167*168* </pre>169*170* @author Mayank Upadhyay171* @since 1.4172*/173public interface GSSContext {174175/**176* A lifetime constant representing the default context lifetime. This177* value is set to 0.178*/179public static final int DEFAULT_LIFETIME = 0;180181/**182* A lifetime constant representing indefinite context lifetime.183* This value must is set to the maximum integer value in Java -184* {@link java.lang.Integer#MAX_VALUE Integer.MAX_VALUE}.185*/186public static final int INDEFINITE_LIFETIME = Integer.MAX_VALUE;187188/**189* Called by the context initiator to start the context creation190* phase and process any tokens generated191* by the peer's <code>acceptSecContext</code> method.192* This method may return an output token which the application will need193* to send to the peer for processing by its <code>acceptSecContext</code>194* method. The application can call {@link #isEstablished()195* isEstablished} to determine if the context establishment phase is196* complete on this side of the context. A return value of197* <code>false</code> from <code>isEstablished</code> indicates that198* more tokens are expected to be supplied to199* <code>initSecContext</code>. Upon completion of the context200* establishment, the available context options may be queried through201* the get methods.<p>202*203* Note that it is possible that the <code>initSecContext</code> method204* return a token for the peer, and <code>isEstablished</code> return205* <code>true</code> also. This indicates that the token needs to be sent206* to the peer, but the local end of the context is now fully207* established.<p>208*209* Some mechanism providers might require that the caller be granted210* permission to initiate a security context. A failed permission check211* might cause a {@link java.lang.SecurityException SecurityException}212* to be thrown from this method.<p>213*214* @return a byte[] containing the token to be sent to the215* peer. <code>null</code> indicates that no token is generated.216* @param inputBuf token generated by the peer. This parameter is ignored217* on the first call since no token has been received from the peer.218* @param offset the offset within the inputBuf where the token begins.219* @param len the length of the token.220*221* @throws GSSException containing the following222* major error codes:223* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},224* {@link GSSException#BAD_MIC GSSException.BAD_MIC},225* {@link GSSException#NO_CRED GSSException.NO_CRED},226* {@link GSSException#CREDENTIALS_EXPIRED227* GSSException.CREDENTIALS_EXPIRED},228* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},229* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},230* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},231* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},232* {@link GSSException#BAD_MECH GSSException.BAD_MECH},233* {@link GSSException#FAILURE GSSException.FAILURE}234*/235public byte[] initSecContext(byte inputBuf[], int offset, int len)236throws GSSException;237238/**239* Called by the context initiator to start the context creation240* phase and process any tokens generated241* by the peer's <code>acceptSecContext</code> method using242* streams. This method may write an output token to the243* <code>OutpuStream</code>, which the application will244* need to send to the peer for processing by its245* <code>acceptSecContext</code> call. Typically, the application would246* ensure this by calling the {@link java.io.OutputStream#flush() flush}247* method on an <code>OutputStream</code> that encapsulates the248* connection between the two peers. The application can249* determine if a token is written to the OutputStream from the return250* value of this method. A return value of <code>0</code> indicates that251* no token was written. The application can call252* {@link #isEstablished() isEstablished} to determine if the context253* establishment phase is complete on this side of the context. A254* return value of <code>false</code> from <code>isEstablished</code>255* indicates that more tokens are expected to be supplied to256* <code>initSecContext</code>.257* Upon completion of the context establishment, the available context258* options may be queried through the get methods.<p>259*260* Note that it is possible that the <code>initSecContext</code> method261* return a token for the peer, and <code>isEstablished</code> return262* <code>true</code> also. This indicates that the token needs to be sent263* to the peer, but the local end of the context is now fully264* established.<p>265*266* The GSS-API authentication tokens contain a definitive start and267* end. This method will attempt to read one of these tokens per268* invocation, and may block on the stream if only part of the token is269* available. In all other respects this method is equivalent to the270* byte array based {@link #initSecContext(byte[], int, int)271* initSecContext}.<p>272*273* Some mechanism providers might require that the caller be granted274* permission to initiate a security context. A failed permission check275* might cause a {@link java.lang.SecurityException SecurityException}276* to be thrown from this method.<p>277*278* The following example code demonstrates how this method might be279* used:<p>280* <pre>281* InputStream is ...282* OutputStream os ...283* GSSContext context ...284*285* // Loop while there is still a token to be processed286*287* while (!context.isEstablished()) {288*289* context.initSecContext(is, os);290*291* // send output token if generated292* os.flush();293* }294* </pre>295*296*297* @return the number of bytes written to the OutputStream as part of the298* token to be sent to the peer. A value of 0 indicates that no token299* needs to be sent.300* @param inStream an InputStream that contains the token generated by301* the peer. This parameter is ignored on the first call since no token302* has been or will be received from the peer at that point.303* @param outStream an OutputStream where the output token will be304* written. During the final stage of context establishment, there may be305* no bytes written.306*307* @throws GSSException containing the following308* major error codes:309* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},310* {@link GSSException#BAD_MIC GSSException.BAD_MIC},311* {@link GSSException#NO_CRED GSSException.NO_CRED},312* {@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED},313* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},314* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},315* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},316* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},317* {@link GSSException#BAD_MECH GSSException.BAD_MECH},318* {@link GSSException#FAILURE GSSException.FAILURE}319*/320public int initSecContext(InputStream inStream,321OutputStream outStream) throws GSSException;322323/**324* Called by the context acceptor upon receiving a token from the325* peer. This method may return an output token which the application326* will need to send to the peer for further processing by its327* <code>initSecContext</code> call.<p>328*329* The application can call {@link #isEstablished() isEstablished} to330* determine if the context establishment phase is complete for this331* peer. A return value of <code>false</code> from332* <code>isEstablished</code> indicates that more tokens are expected to333* be supplied to this method. Upon completion of the context334* establishment, the available context options may be queried through335* the get methods.<p>336*337* Note that it is possible that <code>acceptSecContext</code> return a338* token for the peer, and <code>isEstablished</code> return339* <code>true</code> also. This indicates that the token needs to be340* sent to the peer, but the local end of the context is now fully341* established.<p>342*343* Some mechanism providers might require that the caller be granted344* permission to accept a security context. A failed permission check345* might cause a {@link java.lang.SecurityException SecurityException}346* to be thrown from this method.<p>347*348* The following example code demonstrates how this method might be349* used:<p>350* <pre>351* byte[] inToken;352* byte[] outToken;353* GSSContext context ...354*355* // Loop while there is still a token to be processed356*357* while (!context.isEstablished()) {358* inToken = readToken();359* outToken = context.acceptSecContext(inToken, 0,360* inToken.length);361* // send output token if generated362* if (outToken != null)363* sendToken(outToken);364* }365* </pre>366*367*368* @return a byte[] containing the token to be sent to the369* peer. <code>null</code> indicates that no token is generated.370* @param inToken token generated by the peer.371* @param offset the offset within the inToken where the token begins.372* @param len the length of the token.373*374* @throws GSSException containing the following375* major error codes:376* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},377* {@link GSSException#BAD_MIC GSSException.BAD_MIC},378* {@link GSSException#NO_CRED GSSException.NO_CRED},379* {@link GSSException#CREDENTIALS_EXPIRED380* GSSException.CREDENTIALS_EXPIRED},381* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},382* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},383* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},384* {@link GSSException#BAD_MECH GSSException.BAD_MECH},385* {@link GSSException#FAILURE GSSException.FAILURE}386*/387public byte[] acceptSecContext(byte inToken[], int offset, int len)388throws GSSException;389390/**391* Called by the context acceptor to process a token from the peer using392* streams. It may write an output token to the393* <code>OutputStream</code>, which the application394* will need to send to the peer for processing by its395* <code>initSecContext</code> method. Typically, the application would396* ensure this by calling the {@link java.io.OutputStream#flush() flush}397* method on an <code>OutputStream</code> that encapsulates the398* connection between the two peers. The application can call399* {@link #isEstablished() isEstablished} to determine if the context400* establishment phase is complete on this side of the context. A401* return value of <code>false</code> from <code>isEstablished</code>402* indicates that more tokens are expected to be supplied to403* <code>acceptSecContext</code>.404* Upon completion of the context establishment, the available context405* options may be queried through the get methods.<p>406*407* Note that it is possible that <code>acceptSecContext</code> return a408* token for the peer, and <code>isEstablished</code> return409* <code>true</code> also. This indicates that the token needs to be410* sent to the peer, but the local end of the context is now fully411* established.<p>412*413* The GSS-API authentication tokens contain a definitive start and414* end. This method will attempt to read one of these tokens per415* invocation, and may block on the stream if only part of the token is416* available. In all other respects this method is equivalent to the byte417* array based {@link #acceptSecContext(byte[], int, int)418* acceptSecContext}.<p>419*420* Some mechanism providers might require that the caller be granted421* permission to accept a security context. A failed permission check422* might cause a {@link java.lang.SecurityException SecurityException}423* to be thrown from this method.<p>424*425* The following example code demonstrates how this method might be426* used:<p>427* <pre>428* InputStream is ...429* OutputStream os ...430* GSSContext context ...431*432* // Loop while there is still a token to be processed433*434* while (!context.isEstablished()) {435*436* context.acceptSecContext(is, os);437*438* // send output token if generated439* os.flush();440* }441* </pre>442*443*444* @param inStream an InputStream that contains the token generated by445* the peer.446* @param outStream an OutputStream where the output token will be447* written. During the final stage of context establishment, there may be448* no bytes written.449*450* @throws GSSException containing the following451* major error codes:452* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},453* {@link GSSException#BAD_MIC GSSException.BAD_MIC},454* {@link GSSException#NO_CRED GSSException.NO_CRED},455* {@link GSSException#CREDENTIALS_EXPIRED456* GSSException.CREDENTIALS_EXPIRED},457* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},458* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},459* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},460* {@link GSSException#BAD_MECH GSSException.BAD_MECH},461* {@link GSSException#FAILURE GSSException.FAILURE}462*/463/* Missing return value in RFC. int should have been returned.464* -----------------------------------------------------------465*466* The application can determine if a token is written to the467* OutputStream from the return value of this method. A return value of468* <code>0</code> indicates that no token was written.469*470* @return <strong>the number of bytes written to the471* OutputStream as part of the token to be sent to the peer. A value of472* 0 indicates that no token needs to be473* sent.</strong>474*/475public void acceptSecContext(InputStream inStream,476OutputStream outStream) throws GSSException;477478/**479* Used during context establishment to determine the state of the480* context.481*482* @return <code>true</code> if this is a fully established context on483* the caller's side and no more tokens are needed from the peer.484*/485public boolean isEstablished();486487/**488* Releases any system resources and cryptographic information stored in489* the context object and invalidates the context.490*491*492* @throws GSSException containing the following493* major error codes:494* {@link GSSException#FAILURE GSSException.FAILURE}495*/496public void dispose() throws GSSException;497498/**499* Used to determine limits on the size of the message500* that can be passed to <code>wrap</code>. Returns the maximum501* message size that, if presented to the <code>wrap</code> method with502* the same <code>confReq</code> and <code>qop</code> parameters, will503* result in an output token containing no more504* than <code>maxTokenSize</code> bytes.<p>505*506* This call is intended for use by applications that communicate over507* protocols that impose a maximum message size. It enables the508* application to fragment messages prior to applying protection.<p>509*510* GSS-API implementations are recommended but not required to detect511* invalid QOP values when <code>getWrapSizeLimit</code> is called.512* This routine guarantees only a maximum message size, not the513* availability of specific QOP values for message protection.<p>514*515* @param qop the level of protection wrap will be asked to provide.516* @param confReq <code>true</code> if wrap will be asked to provide517* privacy, <code>false</code> otherwise.518* @param maxTokenSize the desired maximum size of the token emitted by519* wrap.520* @return the maximum size of the input token for the given output521* token size522*523* @throws GSSException containing the following524* major error codes:525* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},526* {@link GSSException#BAD_QOP GSSException.BAD_QOP},527* {@link GSSException#FAILURE GSSException.FAILURE}528*/529public int getWrapSizeLimit(int qop, boolean confReq,530int maxTokenSize) throws GSSException;531532/**533* Applies per-message security services over the established security534* context. The method will return a token with the535* application supplied data and a cryptographic MIC over it.536* The data may be encrypted if confidentiality (privacy) was537* requested.<p>538*539* The MessageProp object is instantiated by the application and used540* to specify a QOP value which selects cryptographic algorithms, and a541* privacy service to optionally encrypt the message. The underlying542* mechanism that is used in the call may not be able to provide the543* privacy service. It sets the actual privacy service that it does544* provide in this MessageProp object which the caller should then545* query upon return. If the mechanism is not able to provide the546* requested QOP, it throws a GSSException with the BAD_QOP code.<p>547*548* Since some application-level protocols may wish to use tokens549* emitted by wrap to provide "secure framing", implementations should550* support the wrapping of zero-length messages.<p>551*552* The application will be responsible for sending the token to the553* peer.554*555* @param inBuf application data to be protected.556* @param offset the offset within the inBuf where the data begins.557* @param len the length of the data558* @param msgProp instance of MessageProp that is used by the559* application to set the desired QOP and privacy state. Set the560* desired QOP to 0 to request the default QOP. Upon return from this561* method, this object will contain the the actual privacy state that562* was applied to the message by the underlying mechanism.563* @return a byte[] containing the token to be sent to the peer.564*565* @throws GSSException containing the following major error codes:566* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},567* {@link GSSException#BAD_QOP GSSException.BAD_QOP},568* {@link GSSException#FAILURE GSSException.FAILURE}569*/570public byte[] wrap(byte inBuf[], int offset, int len,571MessageProp msgProp) throws GSSException;572573/**574* Applies per-message security services over the established security575* context using streams. The method will return a576* token with the application supplied data and a cryptographic MIC over it.577* The data may be encrypted if confidentiality578* (privacy) was requested. This method is equivalent to the byte array579* based {@link #wrap(byte[], int, int, MessageProp) wrap} method.<p>580*581* The application will be responsible for sending the token to the582* peer. Typically, the application would583* ensure this by calling the {@link java.io.OutputStream#flush() flush}584* method on an <code>OutputStream</code> that encapsulates the585* connection between the two peers.<p>586*587* The MessageProp object is instantiated by the application and used588* to specify a QOP value which selects cryptographic algorithms, and a589* privacy service to optionally encrypt the message. The underlying590* mechanism that is used in the call may not be able to provide the591* privacy service. It sets the actual privacy service that it does592* provide in this MessageProp object which the caller should then593* query upon return. If the mechanism is not able to provide the594* requested QOP, it throws a GSSException with the BAD_QOP code.<p>595*596* Since some application-level protocols may wish to use tokens597* emitted by wrap to provide "secure framing", implementations should598* support the wrapping of zero-length messages.<p>599*600* @param inStream an InputStream containing the application data to be601* protected. All of the data that is available in602* inStream is used.603* @param outStream an OutputStream to write the protected message604* to.605* @param msgProp instance of MessageProp that is used by the606* application to set the desired QOP and privacy state. Set the607* desired QOP to 0 to request the default QOP. Upon return from this608* method, this object will contain the the actual privacy state that609* was applied to the message by the underlying mechanism.610*611* @throws GSSException containing the following612* major error codes:613* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},614* {@link GSSException#BAD_QOP GSSException.BAD_QOP},615* {@link GSSException#FAILURE GSSException.FAILURE}616*/617public void wrap(InputStream inStream, OutputStream outStream,618MessageProp msgProp) throws GSSException;619620/**621* Used to process tokens generated by the <code>wrap</code> method on622* the other side of the context. The method will return the message623* supplied by the peer application to its wrap call, while at the same624* time verifying the embedded MIC for that message.<p>625*626* The MessageProp object is instantiated by the application and is627* used by the underlying mechanism to return information to the caller628* such as the QOP, whether confidentiality was applied to the message,629* and other supplementary message state information.<p>630*631* Since some application-level protocols may wish to use tokens632* emitted by wrap to provide "secure framing", implementations should633* support the wrapping and unwrapping of zero-length messages.<p>634*635* @param inBuf a byte array containing the wrap token received from636* peer.637* @param offset the offset where the token begins.638* @param len the length of the token639* @param msgProp upon return from the method, this object will contain640* the applied QOP, the privacy state of the message, and supplementary641* information stating if the token was a duplicate, old, out of642* sequence or arriving after a gap.643* @return a byte[] containing the message unwrapped from the input644* token.645*646* @throws GSSException containing the following647* major error codes:648* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},649* {@link GSSException#BAD_MIC GSSException.BAD_MIC},650* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},651* {@link GSSException#FAILURE GSSException.FAILURE}652*/653public byte [] unwrap(byte[] inBuf, int offset, int len,654MessageProp msgProp) throws GSSException;655656/**657* Uses streams to process tokens generated by the <code>wrap</code>658* method on the other side of the context. The method will return the659* message supplied by the peer application to its wrap call, while at660* the same time verifying the embedded MIC for that message.<p>661*662* The MessageProp object is instantiated by the application and is663* used by the underlying mechanism to return information to the caller664* such as the QOP, whether confidentiality was applied to the message,665* and other supplementary message state information.<p>666*667* Since some application-level protocols may wish to use tokens668* emitted by wrap to provide "secure framing", implementations should669* support the wrapping and unwrapping of zero-length messages.<p>670*671* The format of the input token that this method672* reads is defined in the specification for the underlying mechanism that673* will be used. This method will attempt to read one of these tokens per674* invocation. If the mechanism token contains a definitive start and675* end this method may block on the <code>InputStream</code> if only676* part of the token is available. If the start and end of the token677* are not definitive then the method will attempt to treat all678* available bytes as part of the token.<p>679*680* Other than the possible blocking behavior described above, this681* method is equivalent to the byte array based {@link #unwrap(byte[],682* int, int, MessageProp) unwrap} method.<p>683*684* @param inStream an InputStream that contains the wrap token generated685* by the peer.686* @param outStream an OutputStream to write the application message687* to.688* @param msgProp upon return from the method, this object will contain689* the applied QOP, the privacy state of the message, and supplementary690* information stating if the token was a duplicate, old, out of691* sequence or arriving after a gap.692*693* @throws GSSException containing the following694* major error codes:695* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},696* {@link GSSException#BAD_MIC GSSException.BAD_MIC},697* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},698* {@link GSSException#FAILURE GSSException.FAILURE}699*/700public void unwrap(InputStream inStream, OutputStream outStream,701MessageProp msgProp) throws GSSException;702703/**704* Returns a token containing a cryptographic Message Integrity Code705* (MIC) for the supplied message, for transfer to the peer706* application. Unlike wrap, which encapsulates the user message in the707* returned token, only the message MIC is returned in the output708* token.<p>709*710* Note that privacy can only be applied through the wrap call.<p>711*712* Since some application-level protocols may wish to use tokens emitted713* by getMIC to provide "secure framing", implementations should support714* derivation of MICs from zero-length messages.715*716* @param inMsg the message to generate the MIC over.717* @param offset offset within the inMsg where the message begins.718* @param len the length of the message719* @param msgProp an instance of <code>MessageProp</code> that is used720* by the application to set the desired QOP. Set the desired QOP to721* <code>0</code> in <code>msgProp</code> to request the default722* QOP. Alternatively pass in <code>null</code> for <code>msgProp</code>723* to request the default QOP.724* @return a byte[] containing the token to be sent to the peer.725*726* @throws GSSException containing the following727* major error codes:728* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},729* {@link GSSException#BAD_QOP GSSException.BAD_QOP},730* {@link GSSException#FAILURE GSSException.FAILURE}731*/732public byte[] getMIC(byte []inMsg, int offset, int len,733MessageProp msgProp) throws GSSException;734735/**736* Uses streams to produce a token containing a cryptographic MIC for737* the supplied message, for transfer to the peer application.738* Unlike wrap, which encapsulates the user message in the returned739* token, only the message MIC is produced in the output token. This740* method is equivalent to the byte array based {@link #getMIC(byte[],741* int, int, MessageProp) getMIC} method.742*743* Note that privacy can only be applied through the wrap call.<p>744*745* Since some application-level protocols may wish to use tokens emitted746* by getMIC to provide "secure framing", implementations should support747* derivation of MICs from zero-length messages.748*749* @param inStream an InputStream containing the message to generate the750* MIC over. All of the data that is available in751* inStream is used.752* @param outStream an OutputStream to write the output token to.753* @param msgProp an instance of <code>MessageProp</code> that is used754* by the application to set the desired QOP. Set the desired QOP to755* <code>0</code> in <code>msgProp</code> to request the default756* QOP. Alternatively pass in <code>null</code> for <code>msgProp</code>757* to request the default QOP.758*759* @throws GSSException containing the following760* major error codes:761* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},762* {@link GSSException#BAD_QOP GSSException.BAD_QOP},763* {@link GSSException#FAILURE GSSException.FAILURE}764*/765public void getMIC(InputStream inStream, OutputStream outStream,766MessageProp msgProp) throws GSSException;767768/**769* Verifies the cryptographic MIC, contained in the token parameter,770* over the supplied message.<p>771*772* The MessageProp object is instantiated by the application and is used773* by the underlying mechanism to return information to the caller such774* as the QOP indicating the strength of protection that was applied to775* the message and other supplementary message state information.<p>776*777* Since some application-level protocols may wish to use tokens emitted778* by getMIC to provide "secure framing", implementations should support779* the calculation and verification of MICs over zero-length messages.780*781* @param inToken the token generated by peer's getMIC method.782* @param tokOffset the offset within the inToken where the token783* begins.784* @param tokLen the length of the token.785* @param inMsg the application message to verify the cryptographic MIC786* over.787* @param msgOffset the offset in inMsg where the message begins.788* @param msgLen the length of the message.789* @param msgProp upon return from the method, this object will contain790* the applied QOP and supplementary information stating if the token791* was a duplicate, old, out of sequence or arriving after a gap.792*793* @throws GSSException containing the following794* major error codes:795* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}796* {@link GSSException#BAD_MIC GSSException.BAD_MIC}797* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}798* {@link GSSException#FAILURE GSSException.FAILURE}799*/800public void verifyMIC(byte[] inToken, int tokOffset, int tokLen,801byte[] inMsg, int msgOffset, int msgLen,802MessageProp msgProp) throws GSSException;803804/**805* Uses streams to verify the cryptographic MIC, contained in the token806* parameter, over the supplied message. This method is equivalent to807* the byte array based {@link #verifyMIC(byte[], int, int, byte[], int,808* int, MessageProp) verifyMIC} method.809*810* The MessageProp object is instantiated by the application and is used811* by the underlying mechanism to return information to the caller such812* as the QOP indicating the strength of protection that was applied to813* the message and other supplementary message state information.<p>814*815* Since some application-level protocols may wish to use tokens emitted816* by getMIC to provide "secure framing", implementations should support817* the calculation and verification of MICs over zero-length messages.<p>818*819* The format of the input token that this method820* reads is defined in the specification for the underlying mechanism that821* will be used. This method will attempt to read one of these tokens per822* invocation. If the mechanism token contains a definitive start and823* end this method may block on the <code>InputStream</code> if only824* part of the token is available. If the start and end of the token825* are not definitive then the method will attempt to treat all826* available bytes as part of the token.<p>827*828* Other than the possible blocking behavior described above, this829* method is equivalent to the byte array based {@link #verifyMIC(byte[],830* int, int, byte[], int, int, MessageProp) verifyMIC} method.<p>831*832* @param tokStream an InputStream containing the token generated by the833* peer's getMIC method.834* @param msgStream an InputStream containing the application message to835* verify the cryptographic MIC over. All of the data836* that is available in msgStream is used.837* @param msgProp upon return from the method, this object will contain838* the applied QOP and supplementary information stating if the token839* was a duplicate, old, out of sequence or arriving after a gap.840*841* @throws GSSException containing the following842* major error codes:843* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}844* {@link GSSException#BAD_MIC GSSException.BAD_MIC}845* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}846* {@link GSSException#FAILURE GSSException.FAILURE}847*/848public void verifyMIC(InputStream tokStream, InputStream msgStream,849MessageProp msgProp) throws GSSException;850851/**852* Exports this context so that another process may853* import it.. Provided to support the sharing of work between854* multiple processes. This routine will typically be used by the855* context-acceptor, in an application where a single process receives856* incoming connection requests and accepts security contexts over857* them, then passes the established context to one or more other858* processes for message exchange.<p>859*860* This method deactivates the security context and creates an861* interprocess token which, when passed to {@link862* GSSManager#createContext(byte[]) GSSManager.createContext} in863* another process, will re-activate the context in the second process.864* Only a single instantiation of a given context may be active at any865* one time; a subsequent attempt by a context exporter to access the866* exported security context will fail.<p>867*868* The implementation may constrain the set of processes by which the869* interprocess token may be imported, either as a function of local870* security policy, or as a result of implementation decisions. For871* example, some implementations may constrain contexts to be passed872* only between processes that run under the same account, or which are873* part of the same process group.<p>874*875* The interprocess token may contain security-sensitive information876* (for example cryptographic keys). While mechanisms are encouraged877* to either avoid placing such sensitive information within878* interprocess tokens, or to encrypt the token before returning it to879* the application, in a typical GSS-API implementation this may not be880* possible. Thus the application must take care to protect the881* interprocess token, and ensure that any process to which the token882* is transferred is trustworthy. <p>883*884* Implementations are not required to support the inter-process885* transfer of security contexts. Calling the {@link #isTransferable()886* isTransferable} method will indicate if the context object is887* transferable.<p>888*889* Calling this method on a context that890* is not exportable will result in this exception being thrown with891* the error code {@link GSSException#UNAVAILABLE892* GSSException.UNAVAILABLE}.893*894* @return a byte[] containing the exported context895* @see GSSManager#createContext(byte[])896*897* @throws GSSException containing the following898* major error codes:899* {@link GSSException#UNAVAILABLE GSSException.UNAVAILABLE},900* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},901* {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT},902* {@link GSSException#FAILURE GSSException.FAILURE}903*/904public byte [] export() throws GSSException;905906/**907* Requests that mutual authentication be done during908* context establishment. This request can only be made on the context909* initiator's side and it has to be done prior to the first call to910* <code>initSecContext</code>.<p>911*912* Not all mechanisms support mutual authentication and some mechanisms913* might require mutual authentication even if the application914* doesn't. Therefore, the application should check to see if the915* request was honored with the {@link #getMutualAuthState()916* getMutualAuthState} method.<p>917*918* @param state a boolean value indicating whether mutual919* authentication should be used or not.920* @see #getMutualAuthState()921*922* @throws GSSException containing the following923* major error codes:924* {@link GSSException#FAILURE GSSException.FAILURE}925*/926public void requestMutualAuth(boolean state) throws GSSException;927928/**929* Requests that replay detection be enabled for the930* per-message security services after context establishment. This931* request can only be made on the context initiator's side and it has932* to be done prior to the first call to933* <code>initSecContext</code>. During context establishment replay934* detection is not an option and is a function of the underlying935* mechanism's capabilities.<p>936*937* Not all mechanisms support replay detection and some mechanisms938* might require replay detection even if the application939* doesn't. Therefore, the application should check to see if the940* request was honored with the {@link #getReplayDetState()941* getReplayDetState} method. If replay detection is enabled then the942* {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken} and {@link943* MessageProp#isOldToken() MessageProp.isOldToken} methods will return944* valid results for the <code>MessageProp</code> object that is passed945* in to the <code>unwrap</code> method or the <code>verifyMIC</code>946* method.<p>947*948* @param state a boolean value indicating whether replay detection949* should be enabled over the established context or not.950* @see #getReplayDetState()951*952* @throws GSSException containing the following953* major error codes:954* {@link GSSException#FAILURE GSSException.FAILURE}955*/956public void requestReplayDet(boolean state) throws GSSException;957958/**959* Requests that sequence checking be enabled for the960* per-message security services after context establishment. This961* request can only be made on the context initiator's side and it has962* to be done prior to the first call to963* <code>initSecContext</code>. During context establishment sequence964* checking is not an option and is a function of the underlying965* mechanism's capabilities.<p>966*967* Not all mechanisms support sequence checking and some mechanisms968* might require sequence checking even if the application969* doesn't. Therefore, the application should check to see if the970* request was honored with the {@link #getSequenceDetState()971* getSequenceDetState} method. If sequence checking is enabled then the972* {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken},973* {@link MessageProp#isOldToken() MessageProp.isOldToken},974* {@link MessageProp#isUnseqToken() MessageProp.isUnseqToken}, and975* {@link MessageProp#isGapToken() MessageProp.isGapToken} methods will return976* valid results for the <code>MessageProp</code> object that is passed977* in to the <code>unwrap</code> method or the <code>verifyMIC</code>978* method.<p>979*980* @param state a boolean value indicating whether sequence checking981* should be enabled over the established context or not.982* @see #getSequenceDetState()983*984* @throws GSSException containing the following985* major error codes:986* {@link GSSException#FAILURE GSSException.FAILURE}987*/988public void requestSequenceDet(boolean state) throws GSSException;989990/**991* Requests that the initiator's credentials be992* delegated to the acceptor during context establishment. This993* request can only be made on the context initiator's side and it has994* to be done prior to the first call to995* <code>initSecContext</code>.996*997* Not all mechanisms support credential delegation. Therefore, an998* application that desires delegation should check to see if the999* request was honored with the {@link #getCredDelegState()1000* getCredDelegState} method. If the application indicates that1001* delegation must not be used, then the mechanism will honor the1002* request and delegation will not occur. This is an exception1003* to the general rule that a mechanism may enable a service even if it1004* is not requested.<p>1005*1006* @param state a boolean value indicating whether the credentials1007* should be delegated or not.1008* @see #getCredDelegState()1009*1010* @throws GSSException containing the following1011* major error codes:1012* {@link GSSException#FAILURE GSSException.FAILURE}1013*/1014public void requestCredDeleg(boolean state) throws GSSException;10151016/**1017* Requests that the initiator's identity not be1018* disclosed to the acceptor. This request can only be made on the1019* context initiator's side and it has to be done prior to the first1020* call to <code>initSecContext</code>.1021*1022* Not all mechanisms support anonymity for the initiator. Therefore, the1023* application should check to see if the request was honored with the1024* {@link #getAnonymityState() getAnonymityState} method.<p>1025*1026* @param state a boolean value indicating if the initiator should1027* be authenticated to the acceptor as an anonymous principal.1028* @see #getAnonymityState1029*1030* @throws GSSException containing the following1031* major error codes:1032* {@link GSSException#FAILURE GSSException.FAILURE}1033*/1034public void requestAnonymity(boolean state) throws GSSException;10351036/**1037* Requests that data confidentiality be enabled1038* for the <code>wrap</code> method. This request can only be made on1039* the context initiator's side and it has to be done prior to the1040* first call to <code>initSecContext</code>.1041*1042* Not all mechanisms support confidentiality and other mechanisms1043* might enable it even if the application doesn't request1044* it. The application may check to see if the request was honored with1045* the {@link #getConfState() getConfState} method. If confidentiality1046* is enabled, only then will the mechanism honor a request for privacy1047* in the {@link MessageProp#MessageProp(int, boolean) MessageProp}1048* object that is passed in to the <code>wrap</code> method.<p>1049*1050* Enabling confidentiality will also automatically enable1051* integrity.<p>1052*1053* @param state a boolean value indicating whether confidentiality1054* should be enabled or not.1055* @see #getConfState()1056* @see #getIntegState()1057* @see #requestInteg(boolean)1058* @see MessageProp1059*1060* @throws GSSException containing the following1061* major error codes:1062* {@link GSSException#FAILURE GSSException.FAILURE}1063*/1064public void requestConf(boolean state) throws GSSException;10651066/**1067* Requests that data integrity be enabled1068* for the <code>wrap</code> and <code>getMIC</code>methods. This1069* request can only be made on the context initiator's side and it has1070* to be done prior to the first call to <code>initSecContext</code>.1071*1072* Not all mechanisms support integrity and other mechanisms1073* might enable it even if the application doesn't request1074* it. The application may check to see if the request was honored with1075* the {@link #getIntegState() getIntegState} method.<p>1076*1077* Disabling integrity will also automatically disable1078* confidentiality.<p>1079*1080* @param state a boolean value indicating whether integrity1081* should be enabled or not.1082* @see #getIntegState()1083*1084* @throws GSSException containing the following1085* major error codes:1086* {@link GSSException#FAILURE GSSException.FAILURE}1087*/1088public void requestInteg(boolean state) throws GSSException;10891090/**1091* Requests a lifetime in seconds for the1092* context. This method can only be called on the context initiator's1093* side and it has to be done prior to the first call to1094* <code>initSecContext</code>.<p>1095*1096* The actual lifetime of the context will depend on the capabilities of1097* the underlying mechanism and the application should call the {@link1098* #getLifetime() getLifetime} method to determine this.<p>1099*1100* @param lifetime the desired context lifetime in seconds. Use1101* <code>INDEFINITE_LIFETIME</code> to request an indefinite lifetime1102* and <code>DEFAULT_LIFETIME</code> to request a default lifetime.1103* @see #getLifetime()1104*1105* @throws GSSException containing the following1106* major error codes:1107* {@link GSSException#FAILURE GSSException.FAILURE}1108*/1109public void requestLifetime(int lifetime) throws GSSException;11101111/**1112* Sets the channel bindings to be used during context1113* establishment. This method can be called on both1114* the context initiator's and the context acceptor's side, but it must1115* be called before context establishment begins. This means that an1116* initiator must call it before the first call to1117* <code>initSecContext</code> and the acceptor must call it before the1118* first call to <code>acceptSecContext</code>.1119*1120* @param cb the channel bindings to use.1121*1122* @throws GSSException containing the following1123* major error codes:1124* {@link GSSException#FAILURE GSSException.FAILURE}1125*/1126public void setChannelBinding(ChannelBinding cb) throws GSSException;11271128/**1129* Determines if credential delegation is enabled on1130* this context. It can be called by both the context initiator and the1131* context acceptor. For a definitive answer this method must be1132* called only after context establishment is complete. Note that if an1133* initiator requests that delegation not be allowed the {@link1134* #requestCredDeleg(boolean) requestCredDeleg} method will honor that1135* request and this method will return <code>false</code> on the1136* initiator's side from that point onwards. <p>1137*1138* @return true if delegation is enabled, false otherwise.1139* @see #requestCredDeleg(boolean)1140*/1141public boolean getCredDelegState();11421143/**1144* Determines if mutual authentication is enabled on1145* this context. It can be called by both the context initiator and the1146* context acceptor. For a definitive answer this method must be1147* called only after context establishment is complete. An initiator1148* that requests mutual authentication can call this method after1149* context completion and dispose the context if its request was not1150* honored.<p>1151*1152* @return true if mutual authentication is enabled, false otherwise.1153* @see #requestMutualAuth(boolean)1154*/1155public boolean getMutualAuthState();11561157/**1158* Determines if replay detection is enabled for the1159* per-message security services from this context. It can be called by1160* both the context initiator and the context acceptor. For a1161* definitive answer this method must be called only after context1162* establishment is complete. An initiator that requests replay1163* detection can call this method after context completion and1164* dispose the context if its request was not honored.<p>1165*1166* @return true if replay detection is enabled, false otherwise.1167* @see #requestReplayDet(boolean)1168*/1169public boolean getReplayDetState();11701171/**1172* Determines if sequence checking is enabled for the1173* per-message security services from this context. It can be called by1174* both the context initiator and the context acceptor. For a1175* definitive answer this method must be called only after context1176* establishment is complete. An initiator that requests sequence1177* checking can call this method after context completion and1178* dispose the context if its request was not honored.<p>1179*1180* @return true if sequence checking is enabled, false otherwise.1181* @see #requestSequenceDet(boolean)1182*/1183public boolean getSequenceDetState();11841185/**1186* Determines if the context initiator is1187* anonymously authenticated to the context acceptor. It can be called by1188* both the context initiator and the context acceptor, and at any1189* time. <strong>On the initiator side, a call to this method determines1190* if the identity of the initiator has been disclosed in any of the1191* context establishment tokens that might have been generated thus far1192* by <code>initSecContext</code>. An initiator that absolutely must be1193* authenticated anonymously should call this method after each call to1194* <code>initSecContext</code> to determine if the generated token1195* should be sent to the peer or the context aborted.</strong> On the1196* acceptor side, a call to this method determines if any of the tokens1197* processed by <code>acceptSecContext</code> thus far have divulged1198* the identity of the initiator.<p>1199*1200* @return true if the context initiator is still anonymous, false1201* otherwise.1202* @see #requestAnonymity(boolean)1203*/1204public boolean getAnonymityState();12051206/**1207* Determines if the context is transferable to other processes1208* through the use of the {@link #export() export} method. This call1209* is only valid on fully established contexts.1210*1211* @return true if this context can be exported, false otherwise.1212*1213* @throws GSSException containing the following1214* major error codes:1215* {@link GSSException#FAILURE GSSException.FAILURE}1216*/1217public boolean isTransferable() throws GSSException;12181219/**1220* Determines if the context is ready for per message operations to be1221* used over it. Some mechanisms may allow the usage of the1222* per-message operations before the context is fully established.1223*1224* @return true if methods like <code>wrap</code>, <code>unwrap</code>,1225* <code>getMIC</code>, and <code>verifyMIC</code> can be used with1226* this context at the current stage of context establishment, false1227* otherwise.1228*/1229public boolean isProtReady();12301231/**1232* Determines if data confidentiality is available1233* over the context. This method can be called by both the context1234* initiator and the context acceptor, but only after one of {@link1235* #isProtReady() isProtReady} or {@link #isEstablished()1236* isEstablished} return <code>true</code>. If this method returns1237* <code>true</code>, so will {@link #getIntegState()1238* getIntegState}<p>1239*1240* @return true if confidentiality services are available, false1241* otherwise.1242* @see #requestConf(boolean)1243*/1244public boolean getConfState();12451246/**1247* Determines if data integrity is available1248* over the context. This method can be called by both the context1249* initiator and the context acceptor, but only after one of {@link1250* #isProtReady() isProtReady} or {@link #isEstablished()1251* isEstablished} return <code>true</code>. This method will always1252* return <code>true</code> if {@link #getConfState() getConfState}1253* returns true.<p>1254*1255* @return true if integrity services are available, false otherwise.1256* @see #requestInteg(boolean)1257*/1258public boolean getIntegState();12591260/**1261* Determines what the remaining lifetime for this1262* context is. It can be called by both the context initiator and the1263* context acceptor, but for a definitive answer it should be called1264* only after {@link #isEstablished() isEstablished} returns1265* true.<p>1266*1267* @return the remaining lifetime in seconds1268* @see #requestLifetime(int)1269*/1270public int getLifetime();12711272/**1273* Returns the name of the context initiator. This call is valid only1274* after one of {@link #isProtReady() isProtReady} or {@link1275* #isEstablished() isEstablished} return <code>true</code>.1276*1277* @return a GSSName that is an MN containing the name of the context1278* initiator.1279* @see GSSName1280*1281* @throws GSSException containing the following1282* major error codes:1283* {@link GSSException#FAILURE GSSException.FAILURE}1284*/1285public GSSName getSrcName() throws GSSException;12861287/**1288* Returns the name of the context acceptor. This call is valid only1289* after one of {@link #isProtReady() isProtReady} or {@link1290* #isEstablished() isEstablished} return <code>true</code>.1291*1292* @return a GSSName that is an MN containing the name of the context1293* acceptor.1294*1295* @throws GSSException containing the following1296* major error codes:1297* {@link GSSException#FAILURE GSSException.FAILURE}1298*/1299public GSSName getTargName() throws GSSException;13001301/**1302* Determines what mechanism is being used for this1303* context. This method may be called before the context is fully1304* established, but the mechanism returned may change on successive1305* calls in the negotiated mechanism case.1306*1307* @return the Oid of the mechanism being used1308*1309* @throws GSSException containing the following1310* major error codes:1311* {@link GSSException#FAILURE GSSException.FAILURE}1312*/1313public Oid getMech() throws GSSException;13141315/**1316* Obtains the credentials delegated by the context1317* initiator to the context acceptor. It should be called only on the1318* context acceptor's side, and once the context is fully1319* established. The caller can use the method {@link1320* #getCredDelegState() getCredDelegState} to determine if there are1321* any delegated credentials.1322*1323* @return a GSSCredential containing the initiator's delegated1324* credentials, or <code>null</code> is no credentials1325* were delegated.1326*1327* @throws GSSException containing the following1328* major error codes:1329* {@link GSSException#FAILURE GSSException.FAILURE}1330*/1331public GSSCredential getDelegCred() throws GSSException;13321333/**1334* Determines if this is the context initiator. This1335* can be called on both the context initiator's and context acceptor's1336* side.1337*1338* @return true if this is the context initiator, false if it is the1339* context acceptor.1340*1341* @throws GSSException containing the following1342* major error codes:1343* {@link GSSException#FAILURE GSSException.FAILURE}1344*/1345public boolean isInitiator() throws GSSException;1346}134713481349