Frames | No Frames |
1: /* GSSContext.java -- The GSS context interface. 2: Copyright (C) 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package org.ietf.jgss; 40: 41: import java.io.InputStream; 42: import java.io.OutputStream; 43: 44: /** 45: * <p>This interface encapsulates the GSS-API security context and provides 46: * the security services ({@link #wrap(byte[],int,int,org.ietf.jgss.MessageProp)}, 47: * {@link #unwrap(byte[],int,int,org.ietf.jgss.MessageProp)}, {@link 48: * #getMIC(byte[],int,int,org.ietf.jgss.MessageProp)}, {@link 49: * #verifyMIC(byte[],int,int,byte[],int,int,org.ietf.jgss.MessageProp)}) that 50: * are available over the context. Security contexts are established 51: * between peers using locally acquired credentials. Multiple contexts 52: * may exist simultaneously between a pair of peers, using the same or 53: * different set of credentials. GSS-API functions in a manner 54: * independent of the underlying transport protocol and depends on its 55: * calling application to transport its tokens between peers.</p> 56: * 57: * <p>Before the context establishment phase is initiated, the context 58: * initiator may request specific characteristics desired of the 59: * established context. These can be set using the set methods. After 60: * the context is established, the caller can check the actual 61: * characteristic and services offered by the context using the query 62: * methods.</p> 63: * 64: * <p>The context establishment phase begins with the first call to the 65: * init method by the context initiator. During this phase the 66: * {@link #initSecContext(byte[],int,int)} and {@link 67: * #acceptSecContext(byte[],int,int)} methods will produce GSS-API 68: * authentication tokens which the calling application needs to send to 69: * its peer. If an error occurs at any point, an exception will get 70: * thrown and the code will start executing in a catch block. If not, 71: * the normal flow of code continues and the application can make a call 72: * to the {@link #isEstablished()} method. If this method returns false it 73: * indicates that a token is needed from its peer in order to continue 74: * the context establishment phase. A return value of true signals that 75: * the local end of the context is established. This may still require 76: * that a token be sent to the peer, if one is produced by GSS-API. 77: * During the context establishment phase, the {@link #isProtReady()} 78: * method may be called to determine if the context can be used for the 79: * per-message operations. This allows applications to use per-message 80: * operations on contexts which aren't fully established.</p> 81: * 82: * <p>After the context has been established or the {@link #isProtReady()} 83: * method returns <code>true</code>, the query routines can be invoked to 84: * determine the actual characteristics and services of the established 85: * context. The application can also start using the per-message methods 86: * of {@link #wrap(byte[],int,int,org.ietf.jgss.MessageProp)} and 87: * {@link #getMIC(byte[],int,int,org.ietf.jgss.MessageProp)} to obtain 88: * cryptographic operations on application supplied data.</p> 89: * 90: * <p>When the context is no longer needed, the application should call 91: * {@link dispose()} to release any system resources the context may be 92: * using.</p> 93: * 94: * <h3>Example Code</h3> 95: * 96: * <pre> 97: GSSManager mgr = GSSManager.getInstance(); 98: 99: // start by creating the name for a service entity 100: GSSName targetName = mgr.createName("service@host", 101: GSSName.NT_HOSTBASED_SERVICE); 102: 103: // create a context using default credentials for the above entity 104: // and the implementation specific default mechanism 105: GSSContext context = mgr.createContext(targetName, 106: null, // default mechanism 107: null, // default credentials 108: GSSContext.INDEFINITE_LIFETIME); 109: 110: // set desired context options - all others are false by default 111: context.requestConf(true); 112: context.requestMutualAuth(true); 113: context.requestReplayDet(true); 114: context.requestSequenceDet(true); 115: 116: // establish a context between peers - using byte arrays 117: byte []inTok = new byte[0]; 118: 119: try 120: { 121: do 122: { 123: byte[] outTok = context.initSecContext(inTok, 0, 124: inTok.length); 125: 126: // send the token if present 127: if (outTok != null) 128: sendToken(outTok); 129: 130: // check if we should expect more tokens 131: if (context.isEstablished()) 132: break; 133: 134: // another token expected from peer 135: inTok = readToken(); 136: 137: } 138: while (true); 139: } 140: catch (GSSException e) 141: { 142: print("GSSAPI error: " + e.getMessage()); 143: } 144: 145: // display context information 146: print("Remaining lifetime in seconds = " + context.getLifetime()); 147: print("Context mechanism = " + context.getMech().toString()); 148: print("Initiator = " + context.getSrcName().toString()); 149: print("Acceptor = " + context.getTargName().toString()); 150: 151: if (context.getConfState()) 152: print("Confidentiality security service available"); 153: 154: if (context.getIntegState()) 155: print("Integrity security service available"); 156: 157: // perform wrap on an application supplied message, appMsg, 158: // using QOP = 0, and requesting privacy service 159: byte[] appMsg ... 160: MessageProp mProp = new MessageProp(0, true); 161: byte[] tok = context.wrap(appMsg, 0, appMsg.length, mProp); 162: 163: if (mProp.getPrivacy()) 164: print("Message protected with privacy."); 165: 166: sendToken(tok); 167: 168: 169: // release the local-end of the context 170: context.dispose(); 171: * </pre> 172: */ 173: public interface GSSContext 174: { 175: 176: // Constants. 177: // ------------------------------------------------------------------------- 178: 179: /** 180: * A lifetime constant representing the default context lifetime. 181: */ 182: int DEFAULT_LIFETIME = 0; 183: 184: /** 185: * A lifetime constant representing indefinite context lifetime. 186: */ 187: int INDEFINITE_LIFETIME = Integer.MAX_VALUE; 188: 189: // Methods. 190: // ------------------------------------------------------------------------- 191: 192: /** 193: * <p>Called by the context initiator to start the context creation 194: * process. This is equivalent to the stream based method except that 195: * the token buffers are handled as byte arrays instead of using stream 196: * objects. This method may return an output token which the 197: * application will need to send to the peer for processing by the 198: * accept call. Typically, the application would do so by calling the 199: * {@link OutputStream#flush()} method on an OutputStream that 200: * encapsulates the connection between the two peers. The application 201: * can call {@link #isEstablished()} to determine if the context 202: * establishment phase is complete for this peer. A return value of 203: * <code>false</code> from {@link #isEstablished()} indicates that more 204: * tokens are expected to be supplied to the initSecContext() method. Note 205: * that it is possible that the initSecContext() method return a token for 206: * the peer, and {@link #isEstablished()} to return <code>true</code> also. 207: * This indicates that the token needs to be sent to the peer, but the local 208: * end of the context is now fully established.</p> 209: * 210: * <p>Upon completion of the context establishment, the available context 211: * options may be queried through the get methods.</p> 212: * 213: * @param inputBuf Token generated by the peer. This parameter is ignored 214: * on the first call. 215: * @param offset The offset within the <i>inputBuf</i> where the token 216: * begins. 217: * @param len The length of the token within the <i>inputBuf</i> 218: * (starting at the offset). 219: * @return The output token, if any. 220: * @throws GSSException If this operation fails. 221: */ 222: byte[] initSecContext(byte[] inputBuf, int offset, int len) 223: throws GSSException; 224: 225: /** 226: * <p>Called by the context initiator to start the context creation 227: * process. This is equivalent to the byte array based method. This 228: * method may write an output token to the <i>outStream</i>, which the 229: * application will need to send to the peer for processing by the 230: * accept call. Typically, the application would do so by calling the 231: * {@link OutputStream#flush()} method on an OutputStream that encapsulates 232: * the connection between the two peers. The application can call {@link 233: * #isEstablished()} to determine if the context establishment phase is 234: * complete for this peer. A return value of <code>false</code> from 235: * isEstablished indicates that more tokens are expected to be supplied 236: * to the initSecContext() method. Note that it is possible that the 237: * initSecContext() method return a token for the peer, and {@link 238: * #isEstablished() return <code>true</code> also. This indicates that 239: * the token needs to be sent to the peer, but the local end of the context 240: * is now fully established.</p> 241: * 242: * <p>The GSS-API authentication tokens contain a definitive start and end. 243: * This method will attempt to read one of these tokens per invocation, 244: * and may block on the stream if only part of the token is available.</p> 245: * 246: * <p>Upon completion of the context establishment, the available context 247: * options may be queried through the get methods.</p> 248: * 249: * @param inStream Contains the token generated by the peer. This 250: * parameter is ignored on the first call. 251: * @param outStream Output stream where the output token will be written. 252: * During the final stage of context establishment, there 253: * may be no bytes written. 254: * @return The number of bytes written to <i>outStream</i>, or 0 if no 255: * token is written. 256: * @throws GSSException If this operation fails. 257: */ 258: int initSecContext(InputStream inStream, OutputStream outStream) 259: throws GSSException; 260: 261: /** 262: * <p>Called by the context acceptor upon receiving a token from the peer. 263: * This call is equivalent to the stream based method except that the 264: * token buffers are handled as byte arrays instead of using stream 265: * objects.</p> 266: * 267: * <p>This method may return an output token which the application will 268: * need to send to the peer for further processing by the init call.</p> 269: * 270: * <p><code>null</code> return value indicates that no token needs to be 271: * sent to the peer. The application can call {@link #isEstablished()} 272: * to determine if the context establishment phase is complete for this 273: * peer. A return value of <code>false</code> from {@link #isEstablished()} 274: * indicates that more tokens are expected to be supplied to this 275: * method.</p> 276: * 277: * <p>Note that it is possible that acceptSecContext() return a token for 278: * the peer, and isEstablished() return <code>true</code> also. This 279: * indicates that the token needs to be sent to the peer, but the local 280: * end of the context is now fully established.</p> 281: * 282: * <p>Upon completion of the context establishment, the available context 283: * options may be queried through the get methods.</p> 284: * 285: * @param inTok Token generated by the peer. 286: * @param offset The offset within the <i>inTok</i> where the token begins. 287: * @param len The length of the token within the <i>inTok</i> (starting 288: * at the offset). 289: * @return The output token, if any. 290: * @throws GSSException If this operation fails. 291: */ 292: byte[] acceptSecContext(byte[] inTok, int offset, int len) 293: throws GSSException; 294: 295: /** 296: * <p>Called by the context acceptor upon receiving a token from the peer. 297: * This call is equivalent to the byte array method. It may write an 298: * output token to the outStream, which the application will need to 299: * send to the peer for processing by its initSecContext method. 300: * Typically, the application would do so by calling the {@link 301: * OutputStream#flush()} method on an OutputStream that encapsulates the 302: * connection between the two peers. The application can call {@link 303: * #isEstablished()} to determine if the context establishment phase is 304: * complete for this peer. A return value of <code>false</code> from 305: * {@link #isEstablished()} indicates that more tokens are expected to be 306: * supplied to this method.</p> 307: * 308: * <p>Note that it is possible that acceptSecContext() return a token for 309: * the peer, and isEstablished() return <code>true</code> also. This 310: * indicates that the token needs to be sent to the peer, but the local 311: * end of the context is now fully established.</p> 312: * 313: * <p>The GSS-API authentication tokens contain a definitive start and end. 314: * This method will attempt to read one of these tokens per invocation, 315: * and may block on the stream if only part of the token is available.</p> 316: * 317: * <p>Upon completion of the context establishment, the available context 318: * options may be queried through the get methods.</p> 319: * 320: * @param inStream Contains the token generated by the peer. 321: * @param outStream Output stream where the output token will be written. 322: * During the final stage of context establishment, there 323: * may be no bytes written. 324: * @return The number of bytes written, or 0 if no token is written. 325: * @throws GSSException If this operation fails. 326: */ 327: void acceptSecContext(InputStream inStream, OutputStream outStream) 328: throws GSSException; 329: 330: /** 331: * Used during context establishment to determine the state of the 332: * context. Returns <code>true</code> if this is a fully established 333: * context on the caller's side and no more tokens are needed from the 334: * peer. Should be called after a call to {@link 335: * #initSecContext(byte[],int,int)} or {@link 336: * #acceptSecContext(byte[],int,int)} when no {@link GSSException} 337: * is thrown. 338: * 339: * @return True of this context is fully established on this side. 340: */ 341: boolean isEstablished(); 342: 343: /** 344: * Releases any system resources and cryptographic information stored in 345: * the context object. This will invalidate the context. 346: * 347: * @throws GSSException If this operation fails. 348: */ 349: void dispose() throws GSSException; 350: 351: /** 352: * <p>Returns the maximum message size that, if presented to the 353: * {@link #wrap(byte[],int,int,org.ietf.jgss.MessageProp)} method with 354: * the same <i>confReq</i> and <i>qop</i> parameters, will result in an 355: * output token containing no more than the <i>maxTokenSize</i> bytes.</p> 356: * 357: * <p>This call is intended for use by applications that communicate over 358: * protocols that impose a maximum message size. It enables the 359: * application to fragment messages prior to applying protection.</p> 360: * 361: * <p>GSS-API implementations are recommended but not required to detect 362: * invalid QOP values when getWrapSizeLimit is called. This routine 363: * guarantees only a maximum message size, not the availability of 364: * specific QOP values for message protection.</p> 365: * 366: * <p>Successful completion of this call does not guarantee that wrap will 367: * be able to protect a message of the computed length, since this 368: * ability may depend on the availability of system resources at the 369: * time that wrap is called. However, if the implementation itself 370: * imposes an upper limit on the length of messages that may be 371: * processed by wrap, the implementation should not return a value that 372: * is greater than this length.</p> 373: * 374: * @param qop Indicates the level of protection wrap will be asked 375: * to provide. 376: * @param confReq Indicates if wrap will be asked to provide privacy 377: * service. 378: * @param maxTokenSize The desired maximum size of the token emitted 379: * by {@link #wrap(byte[],int,int,org.ietf.jgss.MessageProp)}. 380: * @return The maximum wrapped output size. 381: * @throws GSSException If this operation fails. 382: */ 383: int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) 384: throws GSSException; 385: 386: /** 387: * <p>Applies per-message security services over the established security 388: * context. The method will return a token with a cryptographic MIC and 389: * may optionally encrypt the specified <i>inBuf</i>. This method is 390: * equivalent in functionality to its stream counterpart. The returned 391: * byte array will contain both the MIC and the message.</p> 392: * 393: * <p>The {@link MessageProp} object is instantiated by the application 394: * and used to specify a QOP value which selects cryptographic algorithms, 395: * and a privacy service to optionally encrypt the message. The underlying 396: * mechanism that is used in the call may not be able to provide the 397: * privacy service. It sets the actual privacy service that it does 398: * provide in this {@link MessageProp} object which the caller should then 399: * query upon return. If the mechanism is not able to provide the 400: * requested QOP, it throws a {@link GSSException} with the {@link 401: * GSSException#BAD_QOP} code.</p> 402: * 403: * <p>Since some application-level protocols may wish to use tokens emitted 404: * by wrap to provide "secure framing", implementations should support 405: * the wrapping of zero-length messages.</p> 406: * 407: * <p>The application will be responsible for sending the token to the 408: * peer.</p> 409: * 410: * @param inBuf Application data to be protected. 411: * @param offset The offset within the inBuf where the data begins. 412: * @param len The length of the data within the inBuf (starting at 413: * the offset). 414: * @param msgProp Instance of {@link MessageProp} that is used by the 415: * application to set the desired QOP and privacy state. 416: * Set the desired QOP to 0 to request the default QOP. 417: * Upon return from this method, this object will contain 418: * the the actual privacy state that was applied to the 419: * message by the underlying mechanism. 420: * @return The wrapped data. 421: * @throws GSSException If this operation fails. 422: */ 423: byte[] wrap(byte[] inBuf, int offset, int len, MessageProp msgProp) 424: throws GSSException; 425: 426: /** 427: * <p>Allows to apply per-message security services over the established 428: * security context. The method will produce a token with a 429: * cryptographic MIC and may optionally encrypt the message in inStream. 430: * The outStream will contain both the MIC and the message.</p> 431: * 432: * <p>The {@link MessageProp} object is instantiated by the application and 433: * used to specify a QOP value which selects cryptographic algorithms, and 434: * a privacy service to optionally encrypt the message. The underlying 435: * mechanism that is used in the call may not be able to provide the 436: * privacy service. It sets the actual privacy service that it does 437: * provide in this MessageProp object which the caller should then query 438: * upon return. If the mechanism is not able to provide the requested 439: * QOP, it throws a {@link GSSException} with the {@link 440: * GSSException#BAD_QOP} code.</p> 441: * 442: * <p>Since some application-level protocols may wish to use tokens emitted 443: * by wrap to provide "secure framing", implementations should support 444: * the wrapping of zero-length messages.</p> 445: * 446: * <p>The application will be responsible for sending the token to the 447: * peer.</p> 448: * 449: * @param inStream Input stream containing the application data to be 450: * protected. 451: * @param outStream The output stream to write the protected message to. 452: * The application is responsible for sending this to the 453: * other peer for processing in its unwrap method. 454: * @param msgProp Instance of {@link MessageProp} that is used by the 455: * application to set the desired QOP and privacy state. 456: * Set the desired QOP to 0 to request the default QOP. 457: * Upon return from this method, this object will contain 458: * the the actual privacy state that was applied to the 459: * message by the underlying mechanism. 460: * @throws GSSException If this operation fails. 461: */ 462: void wrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) 463: throws GSSException; 464: 465: /** 466: * <p>Used by the peer application to process tokens generated with the 467: * wrap call. This call is equal in functionality to its stream 468: * counterpart. The method will return the message supplied in the peer 469: * application to the wrap call, verifying the embedded MIC.</p> 470: * 471: * <p>The {@link MessageProp} object is instantiated by the application and 472: * is used by the underlying mechanism to return information to the caller 473: * such as the QOP, whether confidentiality was applied to the message, and 474: * other supplementary message state information.</p> 475: * 476: * <p>Since some application-level protocols may wish to use tokens emitted 477: * by wrap to provide "secure framing", implementations should support 478: * the wrapping and unwrapping of zero-length messages.</p> 479: * 480: * @param inBuf GSS-API wrap token received from peer. 481: * @param offset The offset within the inBuf where the token begins. 482: * @param len The length of the token within the inBuf (starting at 483: * the offset). 484: * @param msgProp Upon return from the method, this object will contain 485: * the applied QOP, the privacy state of the message, and 486: * supplementary information stating whether the token was 487: * a duplicate, old, out of sequence or arriving after a gap. 488: * @return The unwrapped token. 489: * @throws GSSException If this operation fails. 490: */ 491: byte[] unwrap(byte[] inBuf, int offset, int len, MessageProp msgProp) 492: throws GSSException; 493: 494: /** 495: * <p>Used by the peer application to process tokens generated with the 496: * wrap call. This call is equal in functionality to its byte array 497: * counterpart. It will produce the message supplied in the peer 498: * application to the wrap call, verifying the embedded MIC.</p> 499: * 500: * <p>The {@link MessageProp} object is instantiated by the application 501: * and is used by the underlying mechanism to return information to the 502: * caller such as the QOP, whether confidentiality was applied to the 503: * message, and other supplementary message state information.</p> 504: * 505: * <p>Since some application-level protocols may wish to use tokens emitted 506: * by wrap to provide "secure framing", implementations should support 507: * the wrapping and unwrapping of zero-length messages.</p> 508: * 509: * @param inStream Input stream containing the GSS-API wrap token 510: * received from the peer. 511: * @param outStream The output stream to write the application message to. 512: * @param msgProp Upon return from the method, this object will contain 513: * the applied QOP, the privacy state of the message, and 514: * supplementary information stating whether the token was 515: * a duplicate, old, out of sequence or arriving after a gap. 516: * @throws GSSException If this operation fails. 517: */ 518: void unwrap(InputStream inStream, OutputStream outStream, MessageProp msgProp) 519: throws GSSException; 520: 521: /** 522: * <p>Returns a token containing a cryptographic MIC for the supplied 523: * message, for transfer to the peer application. Unlike wrap, which 524: * encapsulates the user message in the returned token, only the message 525: * MIC is returned in the output token. This method is identical in 526: * functionality to its stream counterpart.</p> 527: * 528: * <p>Note that privacy can only be applied through the wrap call.</p> 529: * 530: * <p>Since some application-level protocols may wish to use tokens emitted 531: * by getMIC to provide "secure framing", implementations should support 532: * derivation of MICs from zero-length messages.</p> 533: * 534: * @param inMsg Message to generate MIC over. 535: * @param offset The offset within the inMsg where the token begins. 536: * @param len The length of the token within the inMsg (starting at 537: * the offset). 538: * @param msgProp Instance of MessageProp that is used by the 539: * application to set the desired QOP. Set the desired 540: * QOP to 0 in msgProp to request the default QOP. 541: * Alternatively pass in <code>null</code> for msgProp to 542: * request default QOP. 543: * @return The MIC. 544: * @throws GSSException If this operation fails. 545: */ 546: byte[] getMIC(byte[] inMsg, int offset, int len, MessageProp msgProp) 547: throws GSSException; 548: 549: /** 550: * <p>Produces a token containing a cryptographic MIC for the supplied 551: * message, for transfer to the peer application. Unlike wrap, which 552: * encapsulates the user message in the returned token, only the message 553: * MIC is produced in the output token. This method is identical in 554: * functionality to its byte array counterpart.</p> 555: * 556: * <p>Note that privacy can only be applied through the wrap call.</p> 557: * 558: * <p>Since some application-level protocols may wish to use tokens emitted 559: * by getMIC to provide "secure framing", implementations should support 560: * derivation of MICs from zero-length messages.</p> 561: * 562: * @param inStream Input stream containing the message to generate 563: * the MIC over. 564: * @param outStream Output stream to write the GSS-API output token to. 565: * @param mgProp Instance of MessageProp that is used by the 566: * application to set the desired QOP. Set the desired 567: * QOP to 0 in msgProp to request the default QOP. 568: * Alternatively pass in <code>null</code> for msgProp 569: * to request default QOP. 570: * @throws GSSException If this operation fails. 571: */ 572: void getMIC(InputStream inStream, OutputStream outStream, MessageProp mgProp) 573: throws GSSException; 574: 575: /** 576: * <p>Verifies the cryptographic MIC, contained in the token parameter, 577: * over the supplied message. This method is equivalent in 578: * functionality to its stream counterpart.</p> 579: * 580: * <p>The MessageProp object is instantiated by the application and is used 581: * by the underlying mechanism to return information to the caller such 582: * as the QOP indicating the strength of protection that was applied to 583: * the message and other supplementary message state information.</p> 584: * 585: * <p>Since some application-level protocols may wish to use tokens emitted 586: * by getMIC to provide "secure framing", implementations should support 587: * the calculation and verification of MICs over zero-length messages.</p> 588: * 589: * @param inTok Token generated by peer's getMIC method. 590: * @param tokOffset The offset within the inTok where the token begins. 591: * @param tokLen The length of the token within the inTok (starting at 592: * the offset). 593: * @param inMsg Application message to verify the cryptographic MIC 594: * over. 595: * @param msgOffset The offset within the inMsg where the message begins. 596: * @param msgLen The length of the message within the inMsg (starting 597: * at the offset). 598: * @param msgProp Upon return from the method, this object will contain 599: * the applied QOP and supplementary information 600: * stating whether the token was a duplicate, old, out 601: * of sequence or arriving after a gap. The 602: * confidentiality state will be set to <code>false</code>. 603: * @throws GSSException If this operation fails. 604: */ 605: void verifyMIC(byte[] inTok, int tokOffset, int tokLen, byte[] inMsg, 606: int msgOffset, int msgLen, MessageProp msgProp) 607: throws GSSException; 608: 609: /** 610: * <p>Verifies the cryptographic MIC, contained in the token parameter, 611: * over the supplied message. This method is equivalent in 612: * functionality to its byte array counterpart.</p> 613: * 614: * <p>The MessageProp object is instantiated by the application and is used 615: * by the underlying mechanism to return information to the caller such 616: * as the QOP indicating the strength of protection that was applied to 617: * the message and other supplementary message state information.</p> 618: * 619: * <p>Since some application-level protocols may wish to use tokens emitted 620: * by getMIC to provide "secure framing", implementations should support 621: * the calculation and verification of MICs over zero-length messages.</p> 622: * 623: * @param tokStream Input stream containing the token generated by peer's 624: * getMIC method. 625: * @param msgStream Input stream containing the application message to 626: * verify the cryptographic MIC over. 627: * @param msgProp Upon return from the method, this object will contain 628: * the applied QOP and supplementary information 629: * stating whether the token was a duplicate, old, out of 630: * sequence or arriving after a gap. The confidentiality 631: * state will be set to <code>false</code>. 632: * @throws GSSException If this operation fails. 633: */ 634: void verifyMIC(InputStream tokStream, InputStream msgStream, MessageProp msgProp) 635: throws GSSException; 636: 637: /** 638: * <p>Provided to support the sharing of work between multiple processes. 639: * This routine will typically be used by the context-acceptor, in an 640: * application where a single process receives incoming connection 641: * requests and accepts security contexts over them, then passes the 642: * established context to one or more other processes for message 643: * exchange.</p> 644: * 645: * <p>This method deactivates the security context and creates an 646: * interprocess token which, when passed to the byte array constructor 647: * of the GSSContext interface in another process, will re-activate the 648: * context in the second process. Only a single instantiation of a 649: * given context may be active at any one time; a subsequent attempt by 650: * a context exporter to access the exported security context will fail.</p> 651: * 652: * <p>The implementation may constrain the set of processes by which the 653: * interprocess token may be imported, either as a function of local 654: * security policy, or as a result of implementation decisions. For 655: * example, some implementations may constrain contexts to be passed 656: * only between processes that run under the same account, or which are 657: * part of the same process group.</p> 658: * 659: * <p>The interprocess token may contain security-sensitive information 660: * (for example cryptographic keys). While mechanisms are encouraged to 661: * either avoid placing such sensitive information within interprocess 662: * tokens, or to encrypt the token before returning it to the 663: * application, in a typical GSS-API implementation this may not be 664: * possible. Thus the application must take care to protect the 665: * interprocess token, and ensure that any process to which the token is 666: * transferred is trustworthy.</p> 667: * 668: * @return The exported context. 669: * @throws GSSException If this operation fails. 670: */ 671: byte[] export() throws GSSException; 672: 673: /** 674: * <p>Sets the request state of the mutual authentication flag for the 675: * context. This method is only valid before the context creation 676: * process begins and only for the initiator.</p> 677: * 678: * @param state Boolean representing if mutual authentication should 679: * be requested during context establishment. 680: * @throws GSSException If this operation fails. 681: */ 682: void requestMutualAuth(boolean state) throws GSSException; 683: 684: /** 685: * <p>Sets the request state of the replay detection service for the 686: * context. This method is only valid before the context creation 687: * process begins and only for the initiator.</p> 688: * 689: * @param state Boolean representing if replay detection is desired 690: * over the established context. 691: * @throws GSSException If this operation fails. 692: */ 693: void requestReplayDet(boolean state) throws GSSException; 694: 695: /** 696: * <p>Sets the request state for the sequence checking service of the 697: * context. This method is only valid before the context creation 698: * process begins and only for the initiator.</p> 699: * 700: * @param state Boolean representing if sequence detection is desired 701: * over the established context. 702: * @throws GSSException If this operation fails. 703: */ 704: void requestSequenceDet(boolean state) throws GSSException; 705: 706: /** 707: * <p>Sets the request state for the credential delegation flag for the 708: * context. This method is only valid before the context creation 709: * process begins and only for the initiator.</p> 710: * 711: * @param state Boolean representing if credential delegation is 712: * desired. 713: * @throws GSSException If this operation fails. 714: */ 715: void requestCredDeleg(boolean state) throws GSSException; 716: 717: /** 718: * <p>Requests anonymous support over the context. This method is only 719: * valid before the context creation process begins and only for the 720: * initiator.</p> 721: * 722: * @param state Boolean representing if anonymity support is requested. 723: * @throws GSSException If this operation fails. 724: */ 725: void requestAnonymity(boolean state) throws GSSException; 726: 727: /** 728: * <p>Requests that confidentiality service be available over the context. 729: * This method is only valid before the context creation process begins 730: * and only for the initiator.</p> 731: * 732: * @param state Boolean indicating if confidentiality services are to 733: * be requested for the context. 734: * @throws GSSException If this operation fails. 735: */ 736: void requestConf(boolean state) throws GSSException; 737: 738: /** 739: * <p>Requests that integrity services be available over the context. This 740: * method is only valid before the context creation process begins and 741: * only for the initiator.</p> 742: * 743: * @param state Boolean indicating if integrity services are to be 744: * requested for the context. 745: * @throws GSSException If this operation fails. 746: */ 747: void requestInteg(boolean state) throws GSSException; 748: 749: /** 750: * <p>Sets the desired lifetime for the context in seconds. This method is 751: * only valid before the context creation process begins and only for 752: * the initiator. Use {@link #INDEFINITE_LIFETIME} and {@link 753: * #DEFAULT_LIFETIME} to request indefinite or default context lifetime.</p> 754: * 755: * @param lifetime The desired context lifetime in seconds. 756: * @throws GSSException If this operation fails. 757: */ 758: void requestLifetime(int lifetime) throws GSSException; 759: 760: /** 761: * <p>Sets the channel bindings to be used during context establishment. 762: * This method is only valid before the context creation process begins.</p> 763: * 764: * @param cb Channel bindings to be used. 765: * @throws GSSException If this operation fails. 766: */ 767: void setChannelBinding(ChannelBinding cb) throws GSSException; 768: 769: /** 770: * <p>Returns the state of the delegated credentials for the context. 771: * When issued before context establishment is completed or when the 772: * isProtReady method returns "false", it returns the desired state, 773: * otherwise it will indicate the actual state over the established 774: * context.</p> 775: * 776: * @return The state of the delegated credentials for the context. 777: */ 778: boolean getCredDelegState(); 779: 780: /** 781: * <p>Returns the state of the mutual authentication option for the 782: * context. When issued before context establishment completes or when 783: * the isProtReady method returns "false", it returns the desired state, 784: * otherwise it will indicate the actual state over the established 785: * context.</p> 786: * 787: * @return The state of the mutual authentication option. 788: */ 789: boolean getMutualAuthState(); 790: 791: /** 792: * <p>Returns the state of the replay detection option for the context. 793: * When issued before context establishment completes or when the 794: * isProtReady method returns "false", it returns the desired state, 795: * otherwise it will indicate the actual state over the established 796: * context.</p> 797: * 798: * @return The state of the replay detection option. 799: */ 800: boolean getReplayDetState(); 801: 802: /** 803: * <p>Returns the state of the sequence detection option for the context. 804: * When issued before context establishment completes or when the 805: * isProtReady method returns "false", it returns the desired state, 806: * otherwise it will indicate the actual state over the established 807: * context.</p> 808: * 809: * @return The state of the sequence detection option. 810: */ 811: boolean getSequenceDetState(); 812: 813: /** 814: * <p>Returns "true" if this is an anonymous context. When issued before 815: * context establishment completes or when the isProtReady method 816: * returns "false", it returns the desired state, otherwise it will 817: * indicate the actual state over the established context.</p> 818: * 819: * @return True if this is an anonymous context. 820: */ 821: boolean getAnonymityState(); 822: 823: /** 824: * <p>Returns "true" if the context is transferable to other processes 825: * through the use of the {@link #export()} method. This call is only 826: * valid on fully established contexts.</p> 827: * 828: * @return True if the context is transferable. 829: * @throws GSSException If this operation fails. 830: */ 831: boolean isTransferable() throws GSSException; 832: 833: /** 834: * <p>Returns "true" if the per message operations can be applied over 835: * the context. Some mechanisms may allow the usage of per-message 836: * operations before the context is fully established. This will also 837: * indicate that the get methods will return actual context state 838: * characteristics instead of the desired ones.</p> 839: * 840: * @return True if the per message operations can be applied over 841: * the context. 842: */ 843: boolean isProtReady(); 844: 845: /** 846: * <p>Returns the confidentiality service state over the context. When 847: * issued before context establishment completes or when the isProtReady 848: * method returns "false", it returns the desired state, otherwise it 849: * will indicate the actual state over the established context.</p> 850: * 851: * @return True the confidentiality service state. 852: */ 853: boolean getConfState(); 854: 855: /** 856: * <p>Returns the integrity service state over the context. When issued 857: * before context establishment completes or when the isProtReady method 858: * returns "false", it returns the desired state, otherwise it will 859: * indicate the actual state over the established context.</p> 860: * 861: * @return The integrity service state. 862: */ 863: boolean getIntegState(); 864: 865: /** 866: * <p>Returns the context lifetime in seconds. When issued before context 867: * establishment completes or when the isProtReady method returns 868: * "false", it returns the desired lifetime, otherwise it will indicate 869: * the remaining lifetime for the context.</p> 870: * 871: * @return The lifetime. 872: */ 873: int getLifetime(); 874: 875: /** 876: * <p>Returns the name of the context initiator. This call is valid only 877: * after the context is fully established or the isProtReady method 878: * returns "true". It is guaranteed to return an MN.</p> 879: * 880: * @return The name of the context initiator. 881: * @throws GSSException If this operation fails. 882: */ 883: GSSName getSrcName() throws GSSException; 884: 885: /** 886: * <p>Returns the name of the context target (acceptor). This call is 887: * valid only after the context is fully established or the isProtReady 888: * method returns "true". It is guaranteed to return an MN.</p> 889: * 890: * @return The name of the context target. 891: * @throws GSSException If this operation fails. 892: */ 893: GSSName getTargName() throws GSSException; 894: 895: /** 896: * <p>Returns the mechanism oid for this context. This method may be called 897: * before the context is fully established, but the mechanism returned 898: * may change on successive calls in negotiated mechanism case.</p> 899: * 900: * @return The mechanism OID. 901: * @throws GSSException If this operation fails. 902: */ 903: Oid getMech() throws GSSException; 904: 905: /** 906: * <p>Returns the delegated credential object on the acceptor's side. 907: * To check for availability of delegated credentials call 908: * {@link #getDelegCredState()}. This call is only valid on fully 909: * established contexts.</p> 910: * 911: * @return The delegated credential object. 912: * @throws GSSException If this operation fails. 913: */ 914: GSSCredential getDelegCred() throws GSSException; 915: 916: /** 917: * <p>Returns "true" if this is the initiator of the context. This call is 918: * only valid after the context creation process has started.</p> 919: * 920: * @return True if this is the initiator. 921: * @throws GSSException If this operation fails. 922: */ 923: boolean isInitiator() throws GSSException; 924: }