//*************************************************************************** // (c) Copyright IBM Corp. 2007 All rights reserved. // // The following sample of source code ("Sample") is owned by International // Business Machines Corporation or one of its subsidiaries ("IBM") and is // copyrighted and licensed, not sold. You may use, copy, modify, and // distribute the Sample in any form without payment to IBM, for the purpose of // assisting you in the development of your applications. // // The Sample code is provided to you on an "AS IS" basis, without warranty of // any kind. IBM HEREBY EXPRESSLY DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR // IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do // not allow for the exclusion or limitation of implied warranties, so the above // limitations or exclusions may not apply to you. IBM shall not be liable for // any damages you suffer as a result of using, copying, modifying or // distributing the Sample, even if IBM has been advised of the possibility of // such damages. //*************************************************************************** // // SOURCE FILE NAME: JCCSimpleGSSContext.java // // SAMPLE: This file is used by JCCSimpleGSSPlugin to implement a JCC // GSS-API plugin sample // // None //*************************************************************************** // // For more information on the sample programs, see the README file. // // For information on developing Java applications see the Developing Java Applications book. // // For information on using SQL statements, see the SQL Reference. // // For the latest information on programming, compiling, and running DB2 // applications, visit the DB2 Information Center at // http://publib.boulder.ibm.com/infocenter/db2luw/v9r7/index.jsp //**************************************************************************/ import java.io.InputStream; import java.io.OutputStream; import org.ietf.jgss.*; public class JCCSimpleGSSContext implements org.ietf.jgss.GSSContext { private JCCSimpleGSSCredential source_; private JCCSimpleGSSName target_; private int ctxCount_; private boolean anonymity_; private boolean dataConfidentiality_; private boolean credentialDelegation_; private boolean dataIntegrity_; private int lifetime_; private boolean mutualAuth_; private boolean replayDetection_; private boolean sequenceChecking_; public JCCSimpleGSSContext(JCCSimpleGSSCredential source, JCCSimpleGSSName target, int ctxCount) { source_ = source; target_ = target; ctxCount_ = ctxCount; } public JCCSimpleGSSCredential getSource() { return source_; } public JCCSimpleGSSName getTarget() { return target_; } public int getctxCount() { return ctxCount_; } public void setSource(JCCSimpleGSSCredential source) { source_ = source; } public void setTarget(JCCSimpleGSSName target) { target_ = target; } public void setctxCount(int count) { ctxCount_ = count; } /** * * @return a byte[] containing the token to be sent to the * peer. <code>null</code> indicates that no token is generated. * @param byteArray token generated by the peer. This parameter is ignored * on the first call since no token has been received from the peer. * @param start the offset within the inputBuf where the token begins. * @param len the length of the token. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#NO_CRED GSSException.NO_CRED}, * {@link GSSException#CREDENTIALS_EXPIRED * GSSException.CREDENTIALS_EXPIRED}, * {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS}, * {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN}, * {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN}, * {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE}, * {@link GSSException#BAD_MECH GSSException.BAD_MECH}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte[] initSecContext(byte[] byteArray, int start, int len) throws GSSException { if (this.ctxCount_ ==0) { if (byteArray == null) { int useridlen = source_.getUserid().length(); int pwdlen = source_.getPassword().length(); int targetlen = target_.getUserid().length(); /* Format of the token in gssapi_simple.c on server side #define TOKEN_MAX_STRLEN 64 typedef struct _token{ int useridLen; char userid[TOKEN_MAX_STRLEN]; int pwdLen; char pwd[TOKEN_MAX_STRLEN]; int targetLen; char target[TOKEN_MAX_STRLEN]; OM_uint32 retFlags; } TOKEN_T; So the length of the token is 4 + 64 + 4 + 64 + 4 + 64 + 4 = 208 */ int tokenLength = 208; byte[] tokenb = new byte[tokenLength]; int offset = 0; //4 byte userid length tokenb[offset++] = (byte) ( (useridlen >>> 24) & 0xff); tokenb[offset++] = (byte) ( (useridlen >>> 16) & 0xff); tokenb[offset++] = (byte) ( (useridlen >>> 8) & 0xff); tokenb[offset++] = (byte) (useridlen & 0xff); //userid in byte format byte[] useridb = source_.getUserid().getBytes(); for (int i = offset; i < offset + useridb.length; i++) tokenb[i] = useridb[i - offset]; offset += useridb.length; //pad with blank 0x20 if the length of userid is less than 64 for (int i = offset; i < 68; i++) tokenb[i] = 0x20; offset = 68; //4 byte password length tokenb[offset++] = (byte) ( (pwdlen >>> 24) & 0xff); tokenb[offset++] = (byte) ( (pwdlen >>> 16) & 0xff); tokenb[offset++] = (byte) ( (pwdlen >>> 8) & 0xff); tokenb[offset++] = (byte) (pwdlen & 0xff); //password in byte format byte[] pwdb = source_.getPassword().getBytes(); for (int i = offset; i < offset + pwdb.length; i++) tokenb[i] = pwdb[i - offset]; offset += pwdb.length; //pad with blank 0x20 if the passwor is less than 64 for (int i = offset; i < 68 * 2; i++) tokenb[i] = 0x20; offset = 136; //4 byte server principal name length tokenb[offset++] = (byte) ( (targetlen >>> 24) & 0xff); tokenb[offset++] = (byte) ( (targetlen >>> 16) & 0xff); tokenb[offset++] = (byte) ( (targetlen >>> 8) & 0xff); tokenb[offset++] = (byte) (targetlen & 0xff); //server principal name in byte format byte[] targetb = target_.getUserid().getBytes(); for (int i = offset; i < offset + targetb.length; i++) tokenb[i] = targetb[i - offset]; offset += targetb.length; //pad with blank 0x20 if server principal is less than 64 for (int i = offset; i < 68 * 3; i++) tokenb[i] = 0x20; offset = 68 * 3; //retFlags tokenb[offset++] = 0; tokenb[offset++] = 0; tokenb[offset++] = 0; tokenb[offset++] = 1; ctxCount_++; return tokenb; } else { //consistant with gssapi_simple.c, if input_token != GSS_C_NO_BUFFER, throw error throw new JCCSimpleGSSException(0,"bad input token"); } } else if (this.ctxCount_ == 1) { //second invokation //sanity check ctxCount_++; if (len != 208) throw new JCCSimpleGSSException(0,"bad input token"); else { return null; //don't send more token to server } } else throw new JCCSimpleGSSException(0,"context count too high"); } /** * * @return the number of bytes written to the OutputStream as part of the * token to be sent to the peer. A value of 0 indicates that no token * needs to be sent. * @param inStream an InputStream that contains the token generated by * the peer. This parameter is ignored on the first call since no token * has been or will be received from the peer at that point. * @param outStream an OutputStream where the output token will be * written. During the final stage of context establishment, there may be * no bytes written. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#NO_CRED GSSException.NO_CRED}, * {@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED}, * {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS}, * {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN}, * {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN}, * {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE}, * {@link GSSException#BAD_MECH GSSException.BAD_MECH}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public int initSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException { throw new JCCSimpleGSSException(0,"initSecContext(InputStream inputStream, OutputStream outputStream) is not implemented"); } /* * @return a byte[] containing the token to be sent to the * peer. <code>null</code> indicates that no token is generated. * @param inToken token generated by the peer. * @param offset the offset within the inToken where the token begins. * @param len the length of the token. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#NO_CRED GSSException.NO_CRED}, * {@link GSSException#CREDENTIALS_EXPIRED * GSSException.CREDENTIALS_EXPIRED}, * {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS}, * {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN}, * {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN}, * {@link GSSException#BAD_MECH GSSException.BAD_MECH}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte[] acceptSecContext(byte[] inToken, int offset, int len) throws GSSException { throw new JCCSimpleGSSException(0,"acceptSecContext(byte[] inToken, int offset, int len) is not implemented"); } /* * @param inputStream an InputStream that contains the token generated by * the peer. * @param outStream an OutputStream where the output token will be * written. During the final stage of context establishment, there may be * no bytes written. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#NO_CRED GSSException.NO_CRED}, * {@link GSSException#CREDENTIALS_EXPIRED * GSSException.CREDENTIALS_EXPIRED}, * {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS}, * {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN}, * {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN}, * {@link GSSException#BAD_MECH GSSException.BAD_MECH}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public void acceptSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException { throw new JCCSimpleGSSException(0,"acceptSecContext(InputStream inputStream, OutputStream outputStream) is not implemented."); } /** * Used during context establishment to determine the state of the * context. * * @return <code>true</code> if this is a fully established context on * the caller's side and no more tokens are needed from the peer. */ public boolean isEstablished() { return false; //not used by jcc. always return false } /** * Releases any system resources and cryptographic information stored in * the context object and invalidates the context. * * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void dispose() throws GSSException //gss_delete_sec_context { source_ = null; target_ = null; ctxCount_ = 0; } /** * Used to determine limits on the size of the message * that can be passed to <code>wrap</code>. Returns the maximum * message size that, if presented to the <code>wrap</code> method with * the same <code>confReq</code> and <code>qop</code> parameters, will * result in an output token containing no more * than <code>maxTokenSize</code> bytes.<p> * * This call is intended for use by applications that communicate over * protocols that impose a maximum message size. It enables the * application to fragment messages prior to applying protection.<p> * * GSS-API implementations are recommended but not required to detect * invalid QOP values when <code>getWrapSizeLimit</code> is called. * This routine guarantees only a maximum message size, not the * availability of specific QOP values for message protection.<p> * * @param qop the level of protection wrap will be asked to provide. * @param confReq <code>true</code> if wrap will be asked to provide * privacy, <code>false</code> otherwise. * @param maxTokenSize the desired maximum size of the token emitted by * wrap. * @return the maximum size of the input token for the given output * token size * * @throws GSSException containing the following * major error codes: * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#BAD_QOP GSSException.BAD_QOP}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) throws GSSException { throw new JCCSimpleGSSException(0,"getWrapSizeLimit(int qop, boolean confReq,int maxTokenSize) is not implmented."); } /** * Applies per-message security services over the established security * context. The method will return a token with the * application supplied data and a cryptographic MIC over it. * The data may be encrypted if confidentiality (privacy) was * requested.<p> * * The MessageProp object is instantiated by the application and used * to specify a QOP value which selects cryptographic algorithms, and a * privacy service to optionally encrypt the message. The underlying * mechanism that is used in the call may not be able to provide the * privacy service. It sets the actual privacy service that it does * provide in this MessageProp object which the caller should then * query upon return. If the mechanism is not able to provide the * requested QOP, it throws a GSSException with the BAD_QOP code.<p> * * Since some application-level protocols may wish to use tokens * emitted by wrap to provide "secure framing", implementations should * support the wrapping of zero-length messages.<p> * * The application will be responsible for sending the token to the * peer. * * @param inBuf application data to be protected. * @param offset the offset within the inBuf where the data begins. * @param len the length of the data * @param msgProp instance of MessageProp that is used by the * application to set the desired QOP and privacy state. Set the * desired QOP to 0 to request the default QOP. Upon return from this * method, this object will contain the the actual privacy state that * was applied to the message by the underlying mechanism. * @return a byte[] containing the token to be sent to the peer. * * @throws GSSException containing the following major error codes: * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#BAD_QOP GSSException.BAD_QOP}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte[] wrap(byte inBuf[], int offset, int len, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"wrap(byte inBuf[], int offset, int len, MessageProp msgProp) is not implmented."); } /** * Applies per-message security services over the established security * context using streams. The method will return a * token with the application supplied data and a cryptographic MIC over it. * The data may be encrypted if confidentiality * (privacy) was requested. This method is equivalent to the byte array * based {@link #wrap(byte[], int, int, MessageProp) wrap} method.<p> * * The application will be responsible for sending the token to the * peer. Typically, the application would * ensure this by calling the {@link java.io.OutputStream#flush() flush} * method on an <code>OutputStream</code> that encapsulates the * connection between the two peers.<p> * * The MessageProp object is instantiated by the application and used * to specify a QOP value which selects cryptographic algorithms, and a * privacy service to optionally encrypt the message. The underlying * mechanism that is used in the call may not be able to provide the * privacy service. It sets the actual privacy service that it does * provide in this MessageProp object which the caller should then * query upon return. If the mechanism is not able to provide the * requested QOP, it throws a GSSException with the BAD_QOP code.<p> * * Since some application-level protocols may wish to use tokens * emitted by wrap to provide "secure framing", implementations should * support the wrapping of zero-length messages.<p> * * @param inStream an InputStream containing the application data to be * protected. All of the data that is available in * inStream is used. * @param outStream an OutputStream to write the protected message * to. * @param msgProp instance of MessageProp that is used by the * application to set the desired QOP and privacy state. Set the * desired QOP to 0 to request the default QOP. Upon return from this * method, this object will contain the the actual privacy state that * was applied to the message by the underlying mechanism. * * @throws GSSException containing the following * major error codes: * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#BAD_QOP GSSException.BAD_QOP}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public void wrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"wrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) is not implmented."); } /** * Used to process tokens generated by the <code>wrap</code> method on * the other side of the context. The method will return the message * supplied by the peer application to its wrap call, while at the same * time verifying the embedded MIC for that message.<p> * * The MessageProp object is instantiated by the application and is * used by the underlying mechanism to return information to the caller * such as the QOP, whether confidentiality was applied to the message, * and other supplementary message state information.<p> * * Since some application-level protocols may wish to use tokens * emitted by wrap to provide "secure framing", implementations should * support the wrapping and unwrapping of zero-length messages.<p> * * @param inBuf a byte array containing the wrap token received from * peer. * @param offset the offset where the token begins. * @param len the length of the token * @param msgProp upon return from the method, this object will contain * the applied QOP, the privacy state of the message, and supplementary * information stating if the token was a duplicate, old, out of * sequence or arriving after a gap. * @return a byte[] containing the message unwrapped from the input * token. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte [] unwrap(byte[] inBuf, int offset, int len, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"unwrap(byte[] inBuf, int offset, int len, MessageProp msgProp) is not implmented."); } /** * Uses streams to process tokens generated by the <code>wrap</code> * method on the other side of the context. The method will return the * message supplied by the peer application to its wrap call, while at * the same time verifying the embedded MIC for that message.<p> * * The MessageProp object is instantiated by the application and is * used by the underlying mechanism to return information to the caller * such as the QOP, whether confidentiality was applied to the message, * and other supplementary message state information.<p> * * Since some application-level protocols may wish to use tokens * emitted by wrap to provide "secure framing", implementations should * support the wrapping and unwrapping of zero-length messages.<p> * * The format of the input token that this method * reads is defined in the specification for the underlying mechanism that * will be used. This method will attempt to read one of these tokens per * invocation. If the mechanism token contains a definitive start and * end this method may block on the <code>InputStream</code> if only * part of the token is available. If the start and end of the token * are not definitive then the method will attempt to treat all * available bytes as part of the token.<p> * * Other than the possible blocking behaviour described above, this * method is equivalent to the byte array based {@link #unwrap(byte[], * int, int, MessageProp) unwrap} method.<p> * * @param inStream an InputStream that contains the wrap token generated * by the peer. * @param outStream an OutputStream to write the application message * to. * @param msgProp upon return from the method, this object will contain * the applied QOP, the privacy state of the message, and supplementary * information stating if the token was a duplicate, old, out of * sequence or arriving after a gap. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}, * {@link GSSException#BAD_MIC GSSException.BAD_MIC}, * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public void unwrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"public void unwrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) is not implmented."); } /** * Returns a token containing a cryptographic Message Integrity Code * (MIC) for the supplied message, for transfer to the peer * application. Unlike wrap, which encapsulates the user message in the * returned token, only the message MIC is returned in the output * token.<p> * * Note that privacy can only be applied through the wrap call.<p> * * Since some application-level protocols may wish to use tokens emitted * by getMIC to provide "secure framing", implementations should support * derivation of MICs from zero-length messages. * * @param inMsg the message to generate the MIC over. * @param offset offset within the inMsg where the message begins. * @param len the length of the message * @param msgProp an instance of <code>MessageProp</code> that is used * by the application to set the desired QOP. Set the desired QOP to * <code>0</code> in <code>msgProp</code> to request the default * QOP. Alternatively pass in <code>null</code> for <code>msgProp</code> * to request the default QOP. * @return a byte[] containing the token to be sent to the peer. * * @throws GSSException containing the following * major error codes: * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#BAD_QOP GSSException.BAD_QOP}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte[] getMIC(byte []inMsg, int offset, int len, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"getMIC(byte []inMsg, int offset, int len, MessageProp msgProp) is not implmented."); } /** * Uses streams to produce a token containing a cryptographic MIC for * the supplied message, for transfer to the peer application. * Unlike wrap, which encapsulates the user message in the returned * token, only the message MIC is produced in the output token. This * method is equivalent to the byte array based {@link #getMIC(byte[], * int, int, MessageProp) getMIC} method. * * Note that privacy can only be applied through the wrap call.<p> * * Since some application-level protocols may wish to use tokens emitted * by getMIC to provide "secure framing", implementations should support * derivation of MICs from zero-length messages. * * @param inStream an InputStream containing the message to generate the * MIC over. All of the data that is available in * inStream is used. * @param outStream an OutputStream to write the output token to. * @param msgProp an instance of <code>MessageProp</code> that is used * by the application to set the desired QOP. Set the desired QOP to * <code>0</code> in <code>msgProp</code> to request the default * QOP. Alternatively pass in <code>null</code> for <code>msgProp</code> * to request the default QOP. * * @throws GSSException containing the following * major error codes: * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#BAD_QOP GSSException.BAD_QOP}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public void getMIC(InputStream inStream, OutputStream outStream, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"getMIC(InputStream inStream, OutputStream outStream, MessageProp msgProp) is not implmented."); } /** * Verifies the cryptographic MIC, contained in the token parameter, * over the supplied message.<p> * * The MessageProp object is instantiated by the application and is used * by the underlying mechanism to return information to the caller such * as the QOP indicating the strength of protection that was applied to * the message and other supplementary message state information.<p> * * Since some application-level protocols may wish to use tokens emitted * by getMIC to provide "secure framing", implementations should support * the calculation and verification of MICs over zero-length messages. * * @param inToken the token generated by peer's getMIC method. * @param tokOffset the offset within the inToken where the token * begins. * @param tokLen the length of the token. * @param inMsg the application message to verify the cryptographic MIC * over. * @param msgOffset the offset in inMsg where the message begins. * @param msgLen the length of the message. * @param msgProp upon return from the method, this object will contain * the applied QOP and supplementary information stating if the token * was a duplicate, old, out of sequence or arriving after a gap. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN} * {@link GSSException#BAD_MIC GSSException.BAD_MIC} * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED} * {@link GSSException#FAILURE GSSException.FAILURE} */ public void verifyMIC(byte[] inToken, int tokOffset, int tokLen, byte[] inMsg, int msgOffset, int msgLen, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"verifyMIC(byte[] inToken, int tokOffset, int tokLen, byte[] inMsg, int msgOffset, int msgLen, MessageProp msgProp) is not implmented."); } /** * Uses streams to verify the cryptographic MIC, contained in the token * parameter, over the supplied message. This method is equivalent to * the byte array based {@link #verifyMIC(byte[], int, int, byte[], int, * int, MessageProp) verifyMIC} method. * * The MessageProp object is instantiated by the application and is used * by the underlying mechanism to return information to the caller such * as the QOP indicating the strength of protection that was applied to * the message and other supplementary message state information.<p> * * Since some application-level protocols may wish to use tokens emitted * by getMIC to provide "secure framing", implementations should support * the calculation and verification of MICs over zero-length messages.<p> * * The format of the input token that this method * reads is defined in the specification for the underlying mechanism that * will be used. This method will attempt to read one of these tokens per * invocation. If the mechanism token contains a definitive start and * end this method may block on the <code>InputStream</code> if only * part of the token is available. If the start and end of the token * are not definitive then the method will attempt to treat all * available bytes as part of the token.<p> * * Other than the possible blocking behaviour described above, this * method is equivalent to the byte array based {@link #verifyMIC(byte[], * int, int, byte[], int, int, MessageProp) verifyMIC} method.<p> * * @param tokStream an InputStream containing the token generated by the * peer's getMIC method. * @param msgStream an InputStream containing the application message to * verify the cryptographic MIC over. All of the data * that is available in msgStream is used. * @param msgProp upon return from the method, this object will contain * the applied QOP and supplementary information stating if the token * was a duplicate, old, out of sequence or arriving after a gap. * * @throws GSSException containing the following * major error codes: * {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN} * {@link GSSException#BAD_MIC GSSException.BAD_MIC} * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED} * {@link GSSException#FAILURE GSSException.FAILURE} */ public void verifyMIC(InputStream tokStream, InputStream msgStream, MessageProp msgProp) throws GSSException { throw new JCCSimpleGSSException(0,"verifyMIC(InputStream tokStream, InputStream msgStream, MessageProp msgProp) is not implmented."); } /** * Exports this context so that another process may * import it.. Provided to support the sharing of work between * multiple processes. This routine will typically be used by the * context-acceptor, in an application where a single process receives * incoming connection requests and accepts security contexts over * them, then passes the established context to one or more other * processes for message exchange.<p> * * This method deactivates the security context and creates an * interprocess token which, when passed to {@link * GSSManager#createContext(byte[]) GSSManager.createContext} in * another process, will re-activate the context in the second process. * Only a single instantiation of a given context may be active at any * one time; a subsequent attempt by a context exporter to access the * exported security context will fail.<p> * * The implementation may constrain the set of processes by which the * interprocess token may be imported, either as a function of local * security policy, or as a result of implementation decisions. For * example, some implementations may constrain contexts to be passed * only between processes that run under the same account, or which are * part of the same process group.<p> * * The interprocess token may contain security-sensitive information * (for example cryptographic keys). While mechanisms are encouraged * to either avoid placing such sensitive information within * interprocess tokens, or to encrypt the token before returning it to * the application, in a typical GSS-API implementation this may not be * possible. Thus the application must take care to protect the * interprocess token, and ensure that any process to which the token * is transferred is trustworthy. <p> * * Implementations are not required to support the inter-process * transfer of security contexts. Calling the {@link #isTransferable() * isTransferable} method will indicate if the context object is * transferable.<p> * * Calling this method on a context that * is not exportable will result in this exception being thrown with * the error code {@link GSSException#UNAVAILABLE * GSSException.UNAVAILABLE}. * * @return a byte[] containing the exported context * @see GSSManager#createContext(byte[]) * * @throws GSSException containing the following * major error codes: * {@link GSSException#UNAVAILABLE GSSException.UNAVAILABLE}, * {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}, * {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT}, * {@link GSSException#FAILURE GSSException.FAILURE} */ public byte [] export() throws GSSException { throw new JCCSimpleGSSException(0,"export() is not implmented."); } /** * Requests that mutual authentication be done during * context establishment. This request can only be made on the context * initiator's side and it has to be done prior to the first call to * <code>initSecContext</code>.<p> * * Not all mechanisms support mutual authentication and some mechanisms * might require mutual authentication even if the application * doesn't. Therefore, the application should check to see if the * request was honored with the {@link #getMutualAuthState() * getMutualAuthState} method.<p> * * @param state a boolean value indicating whether mutual * authentication shouls be used or not. * @see #getMutualAuthState() * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestMutualAuth(boolean state) throws GSSException { mutualAuth_ = state; } /** * Requests that replay detection be enabled for the * per-message security services after context establishemnt. This * request can only be made on the context initiator's side and it has * to be done prior to the first call to * <code>initSecContext</code>. During context establishment replay * detection is not an option and is a function of the underlying * mechanism's capabilities.<p> * * Not all mechanisms support replay detection and some mechanisms * might require replay detection even if the application * doesn't. Therefore, the application should check to see if the * request was honored with the {@link #getReplayDetState() * getReplayDetState} method. If replay detection is enabled then the * {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken} and {@link * MessageProp#isOldToken() MessageProp.isOldToken} methods will return * valid results for the <code>MessageProp</code> object that is passed * in to the <code>unwrap</code> method or the <code>verifyMIC</code> * method.<p> * * @param state a boolean value indicating whether replay detection * should be enabled over the established context or not. * @see #getReplayDetState() * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestReplayDet(boolean state) throws GSSException { replayDetection_ = state; } /** * Requests that sequence checking be enabled for the * per-message security services after context establishemnt. This * request can only be made on the context initiator's side and it has * to be done prior to the first call to * <code>initSecContext</code>. During context establishment sequence * checking is not an option and is a function of the underlying * mechanism's capabilities.<p> * * Not all mechanisms support sequence checking and some mechanisms * might require sequence checking even if the application * doesn't. Therefore, the application should check to see if the * request was honored with the {@link #getSequenceDetState() * getSequenceDetState} method. If sequence checking is enabled then the * {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken}, * {@link MessageProp#isOldToken() MessageProp.isOldToken}, * {@link MessageProp#isUnseqToken() MessageProp.isUnseqToken}, and * {@link MessageProp#isGapToken() MessageProp.isGapToken} methods will return * valid results for the <code>MessageProp</code> object that is passed * in to the <code>unwrap</code> method or the <code>verifyMIC</code> * method.<p> * * @param state a boolean value indicating whether sequence checking * should be enabled over the established context or not. * @see #getSequenceDetState() * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestSequenceDet(boolean state) throws GSSException { sequenceChecking_ = state; } /** * Requests that the initiator's credentials be * delegated to the acceptor during context establishment. This * request can only be made on the context initiator's side and it has * to be done prior to the first call to * <code>initSecContext</code>. * * Not all mechanisms support credential delegation. Therefore, an * application that desires delegation should check to see if the * request was honored with the {@link #getCredDelegState() * getCredDelegState} method. If the application indicates that * delegation must not be used, then the mechanism will honor the * request and delegation will not occur. This is an exception * to the general rule that a mechanism may enable a service even if it * is not requested.<p> * * @param state a boolean value indicating whether the credentials * should be delegated or not. * @see #getCredDelegState() * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestCredDeleg(boolean state) throws GSSException { credentialDelegation_ = state; } /** * Requests that the initiator's identity not be * disclosed to the acceptor. This request can only be made on the * context initiator's side and it has to be done prior to the first * call to <code>initSecContext</code>. * * Not all mechanisms support anonymity for the initiator. Therefore, the * application should check to see if the request was honored with the * {@link #getAnonymityState() getAnonymityState} method.<p> * * @param state a boolean value indicating if the initiator should * be authenticated to the acceptor as an anonymous principal. * @see #getAnonymityState * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestAnonymity(boolean state) throws GSSException { anonymity_ = state; } /** * Requests that data confidentiality be enabled * for the <code>wrap</code> method. This request can only be made on * the context initiator's side and it has to be done prior to the * first call to <code>initSecContext</code>. * * Not all mechanisms support confidentiality and other mechanisms * might enable it even if the application doesn't request * it. The application may check to see if the request was honored with * the {@link #getConfState() getConfState} method. If confidentiality * is enabled, only then will the mechanism honor a request for privacy * in the {@link MessageProp#MessageProp(int, boolean) MessageProp} * object that is passed in to the <code>wrap</code> method.<p> * * Enabling confidentiality will also automatically enable * integrity.<p> * * @param state a boolean value indicating whether confidentiality * should be enabled or not. * @see #getConfState() * @see #getIntegState() * @see #requestInteg(boolean) * @see MessageProp * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestConf(boolean state) throws GSSException { dataConfidentiality_ = state; } /** * Requests that data confidentiality be enabled * for the <code>wrap</code> method. This request can only be made on * the context initiator's side and it has to be done prior to the * first call to <code>initSecContext</code>. * * Not all mechanisms support confidentiality and other mechanisms * might enable it even if the application doesn't request * it. The application may check to see if the request was honored with * the {@link #getConfState() getConfState} method. If confidentiality * is enabled, only then will the mechanism honor a request for privacy * in the {@link MessageProp#MessageProp(int, boolean) MessageProp} * object that is passed in to the <code>wrap</code> method.<p> * * Enabling confidentiality will also automatically enable * integrity.<p> * * @param state a boolean value indicating whether confidentiality * should be enabled or not. * @see #getConfState() * @see #getIntegState() * @see #requestInteg(boolean) * @see MessageProp * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestInteg(boolean state) throws GSSException { dataIntegrity_ = state; } /** * Requests a lifetime in seconds for the * context. This method can only be called on the context initiator's * side and it has to be done prior to the first call to * <code>initSecContext</code>.<p> * * The actual lifetime of the context will depend on the capabilites of * the underlying mechanism and the application should call the {@link * #getLifetime() getLifetime} method to determine this.<p> * * @param lifetime the desired context lifetime in seconds. Use * <code>INDEFINITE_LIFETIME</code> to request an indefinite lifetime * and <code>DEFAULT_LIFETIME</code> to request a default lifetime. * @see #getLifetime() * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void requestLifetime(int lifetime) throws GSSException { lifetime_ = lifetime; } /** * Sets the channel bindings to be used during context * establishment. This method can be called on both * the context initiator's and the context acceptor's side, but it must * be called before context establishment begins. This means that an * initiator must call it before the first call to * <code>initSecContext</code> and the acceptor must call it before the * first call to <code>acceptSecContext</code>. * * @param cb the channel bindings to use. * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public void setChannelBinding(ChannelBinding channelBinding) throws GSSException { throw new JCCSimpleGSSException(0,"setChannelBinding(ChannelBinding channelBinding) is not implmented."); } /** * Determines if credential delegation is enabled on * this context. It can be called by both the context initiator and the * context acceptor. For a definitive answer this method must be * called only after context establishment is complete. Note that if an * initiator requests that delegation not be allowed the {@link * #requestCredDeleg(boolean) requestCredDeleg} method will honor that * request and this method will return <code>false</code> on the * initiator's side from that point onwards. <p> * * @return true if delegation is enabled, false otherwise. * @see #requestCredDeleg(boolean) */ public boolean getCredDelegState() { return credentialDelegation_; } /** * Determines if mutual authentication is enabled on * this context. It can be called by both the context initiator and the * context acceptor. For a definitive answer this method must be * called only after context establishment is complete. An initiator * that requests mutual authentication can call this method after * context completion and dispose the context if its request was not * honored.<p> * * @return true if mutual authentication is enabled, false otherwise. * @see #requestMutualAuth(boolean) */ public boolean getMutualAuthState() { return mutualAuth_; } /** * Determines if replay detection is enabled for the * per-message security services from this context. It can be called by * both the context initiator and the context acceptor. For a * definitive answer this method must be called only after context * establishment is complete. An initiator that requests replay * detection can call this method after context completion and * dispose the context if its request was not honored.<p> * * @return true if replay detection is enabled, false otherwise. * @see #requestReplayDet(boolean) */ public boolean getReplayDetState() { return replayDetection_; } /** * Determines if sequence checking is enabled for the * per-message security services from this context. It can be called by * both the context initiator and the context acceptor. For a * definitive answer this method must be called only after context * establishment is complete. An initiator that requests sequence * checking can call this method after context completion and * dispose the context if its request was not honored.<p> * * @return true if sequence checking is enabled, false otherwise. * @see #requestSequenceDet(boolean) */ public boolean getSequenceDetState() { return sequenceChecking_; } /** * Determines if the context initiator is * anonymously authenticated to the context acceptor. It can be called by * both the context initiator and the context acceptor, and at any * time. <strong>On the initiator side, a call to this method determines * if the identity of the initiator has been disclosed in any of the * context establishment tokens that might have been generated thus far * by <code>initSecContext</code>. An initiator that absolutely must be * authenticated anonymously should call this method after each call to * <code>initSecContext</code> to determine if the generated token * should be sent to the peer or the context aborted.</strong> On the * acceptor side, a call to this method determines if any of the tokens * processed by <code>acceptSecContext</code> thus far have divulged * the identity of the initiator.<p> * * @return true if the context initiator is still anonymous, false * otherwise. * @see #requestAnonymity(boolean) */ public boolean getAnonymityState() { return anonymity_; } /** * Determines if the context is transferable to other processes * through the use of the {@link #export() export} method. This call * is only valid on fully established contexts. * * @return true if this context can be exported, false otherwise. * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public boolean isTransferable() throws GSSException { throw new JCCSimpleGSSException(0,"isTransferable() is not implmented."); } /** * Determines if the context is ready for per message operations to be * used over it. Some mechanisms may allow the usage of the * per-message operations before the context is fully established. * * @return true if methods like <code>wrap</code>, <code>unwrap</code>, * <code>getMIC</code>, and <code>verifyMIC</code> can be used with * this context at the current stage of context establishment, false * otherwise. */ public boolean isProtReady() { return false; } /** * Determines if data confidentiality is available * over the context. This method can be called by both the context * initiator and the context acceptor, but only after one of {@link * #isProtReady() isProtReady} or {@link #isEstablished() * isEstablished} return <code>true</code>. If this method returns * <code>true</code>, so will {@link #getIntegState() * getIntegState}<p> * * @return true if confidentiality services are available, false * otherwise. * @see #requestConf(boolean) */ public boolean getConfState() { return dataConfidentiality_; } /** * Determines if data integrity is available * over the context. This method can be called by both the context * initiator and the context acceptor, but only after one of {@link * #isProtReady() isProtReady} or {@link #isEstablished() * isEstablished} return <code>true</code>. This method will always * return <code>true</code> if {@link #getConfState() getConfState} * returns true.<p> * * @return true if integrity services are available, false otherwise. * @see #requestInteg(boolean) */ public boolean getIntegState() { return dataIntegrity_; } /** * Determines what the remaining lifetime for this * context is. It can be called by both the context initiator and the * context acceptor, but for a definitive answer it should be called * only after {@link #isEstablished() isEstablished} returns * true.<p> * * @return the remaining lifetime in seconds * @see #requestLifetime(int) */ public int getLifetime() { return lifetime_; } /** * Returns the name of the context initiator. This call is valid only * after one of {@link #isProtReady() isProtReady} or {@link * #isEstablished() isEstablished} return <code>true</code>. * * @return a GSSName that is an MN containing the name of the context * initiator. * @see GSSName * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public GSSName getSrcName() throws GSSException { return new JCCSimpleGSSName(source_.getUserid()); } /** * Returns the name of the context acceptor. This call is valid only * after one of {@link #isProtReady() isProtReady} or {@link * #isEstablished() isEstablished} return <code>true</code>. * * @return a GSSName that is an MN containing the name of the context * acceptor. * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public GSSName getTargName() throws GSSException { return target_; } /** * Determines what mechanism is being used for this * context. This method may be called before the context is fully * established, but the mechanism returned may change on successive * calls in the negotiated mechanism case. * * @return the Oid of the mechanism being used * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public Oid getMech() throws GSSException { throw new JCCSimpleGSSException(0,"getMech() is not implmented."); } /** * Obtains the credentials delegated by the context * initiator to the context acceptor. It should be called only on the * context acceptor's side, and once the context is fully * established. The caller can use the method {@link * #getCredDelegState() getCredDelegState} to determine if there are * any delegated credentials. * * @return a GSSCredential containing the initiator's delegated * credentials, or <code>null</code> is no credentials * were delegated. * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public GSSCredential getDelegCred() throws GSSException { throw new JCCSimpleGSSException(0,"getDelegCred() is not implmented."); } /** * Determines if this is the context initiator. This * can be called on both the context initiator's and context acceptor's * side. * * @return true if this is the context initiator, false if it is the * context acceptor. * * @throws GSSException containing the following * major error codes: * {@link GSSException#FAILURE GSSException.FAILURE} */ public boolean isInitiator() throws GSSException { throw new JCCSimpleGSSException(0,"isInitiator() is not implmented."); } }