Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/jgss/spi/GSSContextSpi.java
38922 views
/*1* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425/*26*27* (C) Copyright IBM Corp. 1999 All Rights Reserved.28* Copyright 1997 The Open Group Research Institute. All rights reserved.29*/30package sun.security.jgss.spi;3132import org.ietf.jgss.*;33import java.io.InputStream;34import java.io.OutputStream;35import java.security.Provider;36import com.sun.security.jgss.*;3738/**39* This interface is implemented by a mechanism specific instance of a GSS40* security context.41* A GSSContextSpi object can be thought of having 3 states:42* -before initialization43* -during initialization with its peer44* -after it is established45* <p>46* The context options can only be requested in state 1. In state 3,47* the per message operations are available to the callers. The get48* methods for the context options will return the requested options49* while in state 1 and 2, and the established values in state 3.50* Some mechanisms may allow the access to the per-message operations51* and the context flags before the context is fully established. The52* isProtReady method is used to indicate that these services are53* available.54* <p>55* <strong>56* Context establishment tokens are defined in a mechanism independent57* format in section 3.1 of RFC 2743. The GSS-Framework will add58* and remove the mechanism independent header portion of this token format59* depending on whether a token is received or is being sent. The mechanism60* should only generate or expect to read the inner-context token portion.61* <br>62* On the other hands, tokens used for per-message calls are generated63* entirely by the mechanism. It is possible that the mechanism chooses to64* encase inner-level per-message tokens in a header similar to that used65* for initial tokens, however, this is upto the mechanism to do. The token66* to/from the per-message calls are opaque to the GSS-Framework.67* </strong>68* <p>69* An attempt has been made to allow for reading the peer's tokens from an70* InputStream and writing tokens for the peer to an OutputStream. This71* allows applications to pass in streams that are obtained from their network72* connections and thus minimize the buffer copies that will happen. This73* is especially important for tokens generated by wrap() which are74* proportional in size to the length of the application data being75* wrapped, and are probably also the most frequently used type of tokens.76* <p>77* It is anticipated that most applications will want to use wrap() in a78* fashion where they obtain the application bytes to wrap from a byte[]79* but want to output the wrap token straight to an80* OutputStream. Similarly, they will want to use unwrap() where they read81* the token directly form an InputStream but output it to some byte[] for82* the application to process. Unfortunately the high level GSS bindings83* do not contain overloaded forms of wrap() and unwrap() that do just84* this, however we have accomodated those cases here with the expectation85* that this will be rolled into the high level bindings sooner or later.86*87* @author Mayank Upadhyay88*/8990public interface GSSContextSpi {9192public Provider getProvider();9394// The specification for the following methods mirrors the95// specification of the same methods in the GSSContext interface, as96// defined in RFC 2853.9798public void requestLifetime(int lifetime) throws GSSException;99100public void requestMutualAuth(boolean state) throws GSSException;101102public void requestReplayDet(boolean state) throws GSSException;103104public void requestSequenceDet(boolean state) throws GSSException;105106public void requestCredDeleg(boolean state) throws GSSException;107108public void requestAnonymity(boolean state) throws GSSException;109110public void requestConf(boolean state) throws GSSException;111112public void requestInteg(boolean state) throws GSSException;113114public void requestDelegPolicy(boolean state) throws GSSException;115116public void setChannelBinding(ChannelBinding cb) throws GSSException;117118public boolean getCredDelegState();119120public boolean getMutualAuthState();121122public boolean getReplayDetState();123124public boolean getSequenceDetState();125126public boolean getAnonymityState();127128public boolean getDelegPolicyState();129130public boolean isTransferable() throws GSSException;131132public boolean isProtReady();133134public boolean isInitiator();135136public boolean getConfState();137138public boolean getIntegState();139140public int getLifetime();141142public boolean isEstablished();143144public GSSNameSpi getSrcName() throws GSSException;145146public GSSNameSpi getTargName() throws GSSException;147148public Oid getMech() throws GSSException;149150public GSSCredentialSpi getDelegCred() throws GSSException;151152/**153* Initiator context establishment call. This method may be154* required to be called several times. A CONTINUE_NEEDED return155* call indicates that more calls are needed after the next token156* is received from the peer.157* <p>158* This method is called by the GSS-Framework when the application159* calls the initSecContext method on the GSSContext implementation160* that it has a reference to.161* <p>162* All overloaded forms of GSSContext.initSecContext() can be handled163* with this mechanism level initSecContext. Since the output token164* from this method is a fixed size, not exeedingly large, and a one165* time deal, an overloaded form that takes an OutputStream has not166* been defined. The GSS-Framwork can write the returned byte[] to any167* application provided OutputStream. Similarly, any application input168* int he form of byte arrays will be wrapped in an input stream by the169* GSS-Framework and then passed here.170* <p>171* <strong>172* The GSS-Framework will strip off the leading mechanism independent173* GSS-API header. In other words, only the mechanism specific174* inner-context token of RFC 2743 section 3.1 will be available on the175* InputStream.176* </strong>177*178* @param is contains the inner context token portion of the GSS token179* received from the peer. On the first call to initSecContext, there180* will be no token hence it will be ignored.181* @param mechTokenSize the size of the inner context token as read by182* the GSS-Framework from the mechanism independent GSS-API level183* header.184* @return any inner-context token required to be sent to the peer as185* part of a GSS token. The mechanism should not add the mechanism186* independent part of the token. The GSS-Framework will add that on187* the way out.188* @exception GSSException may be thrown189*/190public byte[] initSecContext(InputStream is, int mechTokenSize)191throws GSSException;192193/**194* Acceptor's context establishment call. This method may be195* required to be called several times. A CONTINUE_NEEDED return196* call indicates that more calls are needed after the next token197* is received from the peer.198* <p>199* This method is called by the GSS-Framework when the application200* calls the acceptSecContext method on the GSSContext implementation201* that it has a reference to.202* <p>203* All overloaded forms of GSSContext.acceptSecContext() can be handled204* with this mechanism level acceptSecContext. Since the output token205* from this method is a fixed size, not exeedingly large, and a one206* time deal, an overloaded form that takes an OutputStream has not207* been defined. The GSS-Framwork can write the returned byte[] to any208* application provided OutputStream. Similarly, any application input209* int he form of byte arrays will be wrapped in an input stream by the210* GSS-Framework and then passed here.211* <p>212* <strong>213* The GSS-Framework will strip off the leading mechanism independent214* GSS-API header. In other words, only the mechanism specific215* inner-context token of RFC 2743 section 3.1 will be available on the216* InputStream.217* </strong>218*219* @param is contains the inner context token portion of the GSS token220* received from the peer.221* @param mechTokenSize the size of the inner context token as read by222* the GSS-Framework from the mechanism independent GSS-API level223* header.224* @return any inner-context token required to be sent to the peer as225* part of a GSS token. The mechanism should not add the mechanism226* independent part of the token. The GSS-Framework will add that on227* the way out.228* @exception GSSException may be thrown229*/230public byte[] acceptSecContext(InputStream is, int mechTokenSize)231throws GSSException;232233/**234* Queries the context for largest data size to accommodate235* the specified protection and for the token to remain less then236* maxTokSize.237*238* @param qop the quality of protection that the context will be239* asked to provide.240* @param confReq a flag indicating whether confidentiality will be241* requested or not242* @param maxTokSize the maximum size of the output token243* @return the maximum size for the input message that can be244* provided to the wrap() method in order to guarantee that these245* requirements are met.246* @exception GSSException may be thrown247*/248public int getWrapSizeLimit(int qop, boolean confReq, int maxTokSize)249throws GSSException;250251/**252* Provides per-message token encapsulation.253*254* @param is the user-provided message to be protected255* @param os the token to be sent to the peer. It includes256* the message from <i>is</i> with the requested protection.257* @param msgProp on input it contains the requested qop and258* confidentiality state, on output, the applied values259* @exception GSSException may be thrown260* @see unwrap261*/262public void wrap(InputStream is, OutputStream os, MessageProp msgProp)263throws GSSException;264265/**266* For apps that want simplicity and don't care about buffer copies.267*/268public byte[] wrap(byte inBuf[], int offset, int len,269MessageProp msgProp) throws GSSException;270271/**272* For apps that care about buffer copies but either cannot use streams273* or want to avoid them for whatever reason. (Say, they are using274* block ciphers.)275*276* NOTE: This method is not defined in public class org.ietf.jgss.GSSContext277*278public int wrap(byte inBuf[], int inOffset, int len,279byte[] outBuf, int outOffset,280MessageProp msgProp) throws GSSException;281282*/283284/**285* For apps that want to read from a specific application provided286* buffer but want to write directly to the network stream.287*/288/*289* Can be achieved by converting the input buffer to a290* ByteInputStream. Provided to keep the API consistent291* with unwrap.292*293* NOTE: This method is not defined in public class org.ietf.jgss.GSSContext294*295public void wrap(byte inBuf[], int offset, int len,296OutputStream os, MessageProp msgProp)297throws GSSException;298*/299300/**301* Retrieves the message token previously encapsulated in the wrap302* call.303*304* @param is the token from the peer305* @param os unprotected message data306* @param msgProp will contain the applied qop and confidentiality307* of the input token and any informatory status values308* @exception GSSException may be thrown309* @see wrap310*/311public void unwrap(InputStream is, OutputStream os,312MessageProp msgProp) throws GSSException;313314/**315* For apps that want simplicity and don't care about buffer copies.316*/317public byte[] unwrap(byte inBuf[], int offset, int len,318MessageProp msgProp) throws GSSException;319320/**321* For apps that care about buffer copies but either cannot use streams322* or want to avoid them for whatever reason. (Say, they are using323* block ciphers.)324*325* NOTE: This method is not defined in public class org.ietf.jgss.GSSContext326*327public int unwrap(byte inBuf[], int inOffset, int len,328byte[] outBuf, int outOffset,329MessageProp msgProp) throws GSSException;330331*/332333/**334* For apps that care about buffer copies and want to read335* straight from the network, but also want the output in a specific336* application provided buffer, say to reduce buffer allocation or337* subsequent copy.338*339* NOTE: This method is not defined in public class org.ietf.jgss.GSSContext340*341public int unwrap(InputStream is,342byte[] outBuf, int outOffset,343MessageProp msgProp) throws GSSException;344*/345346/**347* Applies per-message integrity services.348*349* @param is the user-provided message350* @param os the token to be sent to the peer along with the351* message token. The message token <b>is not</b> encapsulated.352* @param msgProp on input the desired QOP and output the applied QOP353* @exception GSSException354*/355public void getMIC(InputStream is, OutputStream os,356MessageProp msgProp)357throws GSSException;358359public byte[] getMIC(byte []inMsg, int offset, int len,360MessageProp msgProp) throws GSSException;361362/**363* Checks the integrity of the supplied tokens.364* This token was previously generated by getMIC.365*366* @param is token generated by getMIC367* @param msgStr the message to check integrity for368* @param mProp will contain the applied QOP and confidentiality369* states of the token as well as any informatory status codes370* @exception GSSException may be thrown371*/372public void verifyMIC(InputStream is, InputStream msgStr,373MessageProp mProp) throws GSSException;374375public void verifyMIC(byte []inTok, int tokOffset, int tokLen,376byte[] inMsg, int msgOffset, int msgLen,377MessageProp msgProp) throws GSSException;378379/**380* Produces a token representing this context. After this call381* the context will no longer be usable until an import is382* performed on the returned token.383*384* @return exported context token385* @exception GSSException may be thrown386*/387public byte[] export() throws GSSException;388389/**390* Releases context resources and terminates the391* context between 2 peer.392*393* @exception GSSException may be thrown394*/395public void dispose() throws GSSException;396397/**398* Return the mechanism-specific attribute associated with (@code type}.399*400* @param type the type of the attribute requested401* @return the attribute402* @throws GSSException see {@link ExtendedGSSContext#inquireSecContext}403* for details404*/405public Object inquireSecContext(InquireType type)406throws GSSException;407}408409410