Path: blob/master/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java
41155 views
/*1* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package org.ietf.jgss;2627import java.io.InputStream;28import java.io.OutputStream;2930/**31* This interface encapsulates the GSS-API security context and provides32* the security services that are available over the context. Security33* contexts are established between peers using locally acquired34* credentials. Multiple contexts may exist simultaneously between a pair35* of peers, using the same or different set of credentials. GSS-API36* functions in a manner independent of the underlying transport protocol37* and depends on its calling application to transport the tokens that are38* generated by the security context between the peers.<p>39*40* If the caller instantiates the context using the default41* <code>GSSManager</code> instance, then the Kerberos v5 GSS-API mechanism42* is guaranteed to be available for context establishment. This mechanism43* is identified by the Oid "1.2.840.113554.1.2.2" and is defined in RFC44* 1964.<p>45*46* Before the context establishment phase is initiated, the context47* initiator may request specific characteristics desired of the48* established context. Not all underlying mechanisms support all49* characteristics that a caller might desire. After the context is50* established, the caller can check the actual characteristics and services51* offered by that context by means of various query methods. When using52* the Kerberos v5 GSS-API mechanism offered by the default53* <code>GSSManager</code> instance, all optional services will be54* available locally. They are mutual authentication, credential55* delegation, confidentiality and integrity protection, and per-message56* replay detection and sequencing. Note that in the GSS-API, message integrity57* is a prerequisite for message confidentiality.<p>58*59* The context establishment occurs in a loop where the60* initiator calls {@link #initSecContext(byte[], int, int) initSecContext}61* and the acceptor calls {@link #acceptSecContext(byte[], int, int)62* acceptSecContext} until the context is established. While in this loop63* the <code>initSecContext</code> and <code>acceptSecContext</code>64* methods produce tokens that the application sends over to the peer. The65* peer passes any such token as input to its <code>acceptSecContext</code>66* or <code>initSecContext</code> as the case may be.<p>67*68* During the context establishment phase, the {@link69* #isProtReady() isProtReady} method may be called to determine if the70* context can be used for the per-message operations of {@link71* #wrap(byte[], int, int, MessageProp) wrap} and {@link #getMIC(byte[],72* int, int, MessageProp) getMIC}. This allows applications to use73* per-message operations on contexts which aren't yet fully74* established.<p>75*76* After the context has been established or the <code>isProtReady</code>77* method returns <code>true</code>, the query routines can be invoked to78* determine the actual characteristics and services of the established79* context. The application can also start using the per-message methods80* of {@link #wrap(byte[], int, int, MessageProp) wrap} and81* {@link #getMIC(byte[], int, int, MessageProp) getMIC} to obtain82* cryptographic operations on application supplied data.<p>83*84* When the context is no longer needed, the application should call85* {@link #dispose() dispose} to release any system resources the context86* may be using.<p>87*88* A security context typically maintains sequencing and replay detection89* information about the tokens it processes. Therefore, the sequence in90* which any tokens are presented to this context for processing can be91* important. Also note that none of the methods in this interface are92* synchronized. Therefore, it is not advisable to share a93* <code>GSSContext</code> among several threads unless some application94* level synchronization is in place.<p>95*96* Finally, different mechanism providers might place different security97* restrictions on using GSS-API contexts. These will be documented by the98* mechanism provider. The application will need to ensure that it has the99* appropriate permissions if such checks are made in the mechanism layer.<p>100*101* The stream-based methods of {@code GSSContext} have been deprecated in102* Java SE 11. These methods have also been removed from103* <a href="http://tools.ietf.org/html/rfc8353">104* RFC 8353: Generic Security Service API Version 2: Java Bindings Update</a>105* for the following reasons (see section 11): "The overloaded methods of106* GSSContext that use input and output streams as the means to convey107* authentication and per-message GSS-API tokens as described in Section 5.15108* of RFC 5653 are removed in this update as the wire protocol109* should be defined by an application and not a library. It's also impossible110* to implement these methods correctly when the token has no self-framing111* (where the end cannot be determined), or the library has no knowledge of112* the token format (for example, as a bridge talking to another GSS library)".113* These methods include {@link #initSecContext(InputStream, OutputStream)},114* {@link #acceptSecContext(InputStream, OutputStream)},115* {@link #wrap(InputStream, OutputStream, MessageProp)},116* {@link #unwrap(InputStream, OutputStream, MessageProp)},117* {@link #getMIC(InputStream, OutputStream, MessageProp)},118* and {@link #verifyMIC(InputStream, InputStream, MessageProp)}.<p>119*120* The example code presented below demonstrates the usage of the121* <code>GSSContext</code> interface for the initiating peer. Different122* operations on the <code>GSSContext</code> object are presented,123* including: object instantiation, setting of desired flags, context124* establishment, query of actual context flags, per-message operations on125* application data, and finally context deletion.126*127* <pre>128* // Create a context using default credentials129* // and the implementation specific default mechanism130* GSSManager manager = ...131* GSSName targetName = ...132* GSSContext context = manager.createContext(targetName, null, null,133* GSSContext.INDEFINITE_LIFETIME);134*135* // set desired context options prior to context establishment136* context.requestConf(true);137* context.requestMutualAuth(true);138* context.requestReplayDet(true);139* context.requestSequenceDet(true);140*141* // establish a context between peers142*143* byte[] inToken = new byte[0];144* byte[] outToken;145*146* // Loop while there still is a token to be processed147*148* while (!context.isEstablished()) {149*150* outToken = context.initSecContext(inToken, 0, inToken.length);151*152* // send the output token if generated153* if (outToken != null) {154* sendToken(outToken);155* }156*157* if (!context.isEstablished()) {158* inToken = readToken();159* }160* }161*162* // display context information163* System.out.println("Remaining lifetime in seconds = "164* + context.getLifetime());165* System.out.println("Context mechanism = " + context.getMech());166* System.out.println("Initiator = " + context.getSrcName());167* System.out.println("Acceptor = " + context.getTargName());168*169* if (context.getConfState()) {170* System.out.println("Confidentiality (i.e., privacy) is available");171* }172*173* if (context.getIntegState()) {174* System.out.println("Integrity is available");175* }176*177* // perform wrap on an application supplied message, appMsg,178* // using QOP = 0, and requesting privacy service179* byte[] appMsg = ...180*181* MessageProp mProp = new MessageProp(0, true);182*183* outToken = context.wrap(appMsg, 0, appMsg.length, mProp);184*185* sendToken(outToken);186*187* // perform unwrap on an incoming application message, and check188* // its privacy state and supplementary information189* inToken = readToken();190*191* mProp = new MessageProp(0, true);192*193* appMsg = context.unwrap(inToken, 0, inToken.length, mProp);194*195* System.out.println("Was it encrypted? " + mProp.getPrivacy());196* System.out.println("Duplicate Token? " + mProp.isDuplicateToken());197* System.out.println("Old Token? " + mProp.isOldToken());198* System.out.println("Unsequenced Token? " + mProp.isUnseqToken());199* System.out.println("Gap Token? " + mProp.isGapToken());200*201* // the application determines if the privacy state and supplementary202* // information are acceptable203*204* // release the local-end of the context205* context.dispose();206*207* </pre>208*209* @author Mayank Upadhyay210* @since 1.4211*/212public interface GSSContext {213214/**215* A lifetime constant representing the default context lifetime. This216* value is set to 0.217*/218public static final int DEFAULT_LIFETIME = 0;219220/**221* A lifetime constant representing indefinite context lifetime.222* This value must is set to the maximum integer value in Java -223* {@link java.lang.Integer#MAX_VALUE Integer.MAX_VALUE}.224*/225public static final int INDEFINITE_LIFETIME = Integer.MAX_VALUE;226227/**228* Called by the context initiator to start the context creation229* phase and process any tokens generated230* by the peer's <code>acceptSecContext</code> method.231* This method may return an output token which the application will need232* to send to the peer for processing by its <code>acceptSecContext</code>233* method. The application can call {@link #isEstablished()234* isEstablished} to determine if the context establishment phase is235* complete on this side of the context. A return value of236* <code>false</code> from <code>isEstablished</code> indicates that237* more tokens are expected to be supplied to238* <code>initSecContext</code>. Upon completion of the context239* establishment, the available context options may be queried through240* the get methods.<p>241*242* Note that it is possible that the <code>initSecContext</code> method243* return a token for the peer, and <code>isEstablished</code> return244* <code>true</code> also. This indicates that the token needs to be sent245* to the peer, but the local end of the context is now fully246* established.<p>247*248* Some mechanism providers might require that the caller be granted249* permission to initiate a security context. A failed permission check250* might cause a {@link java.lang.SecurityException SecurityException}251* to be thrown from this method.252*253* @return a byte[] containing the token to be sent to the254* peer. <code>null</code> indicates that no token is generated.255* @param inputBuf token generated by the peer. This parameter is ignored256* on the first call since no token has been received from the peer.257* @param offset the offset within the inputBuf where the token begins.258* @param len the length of the token.259*260* @throws GSSException containing the following261* major error codes:262* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},263* {@link GSSException#BAD_MIC GSSException.BAD_MIC},264* {@link GSSException#NO_CRED GSSException.NO_CRED},265* {@link GSSException#CREDENTIALS_EXPIRED266* GSSException.CREDENTIALS_EXPIRED},267* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},268* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},269* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},270* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},271* {@link GSSException#BAD_MECH GSSException.BAD_MECH},272* {@link GSSException#FAILURE GSSException.FAILURE}273*/274public byte[] initSecContext(byte inputBuf[], int offset, int len)275throws GSSException;276277/**278* Called by the context initiator to start the context creation279* phase and process any tokens generated280* by the peer's <code>acceptSecContext</code> method using281* streams. This method may write an output token to the282* <code>OutpuStream</code>, which the application will283* need to send to the peer for processing by its284* <code>acceptSecContext</code> call. Typically, the application would285* ensure this by calling the {@link java.io.OutputStream#flush() flush}286* method on an <code>OutputStream</code> that encapsulates the287* connection between the two peers. The application can288* determine if a token is written to the OutputStream from the return289* value of this method. A return value of <code>0</code> indicates that290* no token was written. The application can call291* {@link #isEstablished() isEstablished} to determine if the context292* establishment phase is complete on this side of the context. A293* return value of <code>false</code> from <code>isEstablished</code>294* indicates that more tokens are expected to be supplied to295* <code>initSecContext</code>.296* Upon completion of the context establishment, the available context297* options may be queried through the get methods.<p>298*299* Note that it is possible that the <code>initSecContext</code> method300* return a token for the peer, and <code>isEstablished</code> return301* <code>true</code> also. This indicates that the token needs to be sent302* to the peer, but the local end of the context is now fully303* established.<p>304*305* The GSS-API authentication tokens contain a definitive start and306* end. This method will attempt to read one of these tokens per307* invocation, and may block on the stream if only part of the token is308* available. In all other respects this method is equivalent to the309* byte array based {@link #initSecContext(byte[], int, int)310* initSecContext}.<p>311*312* Some mechanism providers might require that the caller be granted313* permission to initiate a security context. A failed permission check314* might cause a {@link java.lang.SecurityException SecurityException}315* to be thrown from this method.<p>316*317* The following example code demonstrates how this method might be318* used:319* <pre>320* InputStream is ...321* OutputStream os ...322* GSSContext context ...323*324* // Loop while there is still a token to be processed325*326* while (!context.isEstablished()) {327*328* context.initSecContext(is, os);329*330* // send output token if generated331* os.flush();332* }333* </pre>334*335*336* @return the number of bytes written to the OutputStream as part of the337* token to be sent to the peer. A value of 0 indicates that no token338* needs to be sent.339* @param inStream an InputStream that contains the token generated by340* the peer. This parameter is ignored on the first call since no token341* has been or will be received from the peer at that point.342* @param outStream an OutputStream where the output token will be343* written. During the final stage of context establishment, there may be344* no bytes written.345*346* @throws GSSException containing the following347* major error codes:348* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},349* {@link GSSException#BAD_MIC GSSException.BAD_MIC},350* {@link GSSException#NO_CRED GSSException.NO_CRED},351* {@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED},352* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},353* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},354* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},355* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},356* {@link GSSException#BAD_MECH GSSException.BAD_MECH},357* {@link GSSException#FAILURE GSSException.FAILURE}358* @deprecated The stream-based methods have been removed from RFC 8353.359* Use {@link #initSecContext(byte[], int, int)} instead.360*/361@Deprecated(since="11")362public int initSecContext(InputStream inStream,363OutputStream outStream) throws GSSException;364365/**366* Called by the context acceptor upon receiving a token from the367* peer. This method may return an output token which the application368* will need to send to the peer for further processing by its369* <code>initSecContext</code> call.<p>370*371* The application can call {@link #isEstablished() isEstablished} to372* determine if the context establishment phase is complete for this373* peer. A return value of <code>false</code> from374* <code>isEstablished</code> indicates that more tokens are expected to375* be supplied to this method. Upon completion of the context376* establishment, the available context options may be queried through377* the get methods.<p>378*379* Note that it is possible that <code>acceptSecContext</code> return a380* token for the peer, and <code>isEstablished</code> return381* <code>true</code> also. This indicates that the token needs to be382* sent to the peer, but the local end of the context is now fully383* established.<p>384*385* Some mechanism providers might require that the caller be granted386* permission to accept a security context. A failed permission check387* might cause a {@link java.lang.SecurityException SecurityException}388* to be thrown from this method.<p>389*390* The following example code demonstrates how this method might be391* used:392* <pre>393* byte[] inToken;394* byte[] outToken;395* GSSContext context ...396*397* // Loop while there is still a token to be processed398*399* while (!context.isEstablished()) {400* inToken = readToken();401* outToken = context.acceptSecContext(inToken, 0,402* inToken.length);403* // send output token if generated404* if (outToken != null)405* sendToken(outToken);406* }407* </pre>408*409*410* @return a byte[] containing the token to be sent to the411* peer. <code>null</code> indicates that no token is generated.412* @param inToken token generated by the peer.413* @param offset the offset within the inToken where the token begins.414* @param len the length of the token.415*416* @throws GSSException containing the following417* major error codes:418* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},419* {@link GSSException#BAD_MIC GSSException.BAD_MIC},420* {@link GSSException#NO_CRED GSSException.NO_CRED},421* {@link GSSException#CREDENTIALS_EXPIRED422* GSSException.CREDENTIALS_EXPIRED},423* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},424* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},425* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},426* {@link GSSException#BAD_MECH GSSException.BAD_MECH},427* {@link GSSException#FAILURE GSSException.FAILURE}428*/429public byte[] acceptSecContext(byte inToken[], int offset, int len)430throws GSSException;431432/**433* Called by the context acceptor to process a token from the peer using434* streams. It may write an output token to the435* <code>OutputStream</code>, which the application436* will need to send to the peer for processing by its437* <code>initSecContext</code> method. Typically, the application would438* ensure this by calling the {@link java.io.OutputStream#flush() flush}439* method on an <code>OutputStream</code> that encapsulates the440* connection between the two peers. The application can call441* {@link #isEstablished() isEstablished} to determine if the context442* establishment phase is complete on this side of the context. A443* return value of <code>false</code> from <code>isEstablished</code>444* indicates that more tokens are expected to be supplied to445* <code>acceptSecContext</code>.446* Upon completion of the context establishment, the available context447* options may be queried through the get methods.<p>448*449* Note that it is possible that <code>acceptSecContext</code> return a450* token for the peer, and <code>isEstablished</code> return451* <code>true</code> also. This indicates that the token needs to be452* sent to the peer, but the local end of the context is now fully453* established.<p>454*455* The GSS-API authentication tokens contain a definitive start and456* end. This method will attempt to read one of these tokens per457* invocation, and may block on the stream if only part of the token is458* available. In all other respects this method is equivalent to the byte459* array based {@link #acceptSecContext(byte[], int, int)460* acceptSecContext}.<p>461*462* Some mechanism providers might require that the caller be granted463* permission to accept a security context. A failed permission check464* might cause a {@link java.lang.SecurityException SecurityException}465* to be thrown from this method.<p>466*467* The following example code demonstrates how this method might be468* used:469* <pre>470* InputStream is ...471* OutputStream os ...472* GSSContext context ...473*474* // Loop while there is still a token to be processed475*476* while (!context.isEstablished()) {477*478* context.acceptSecContext(is, os);479*480* // send output token if generated481* os.flush();482* }483* </pre>484*485*486* @param inStream an InputStream that contains the token generated by487* the peer.488* @param outStream an OutputStream where the output token will be489* written. During the final stage of context establishment, there may be490* no bytes written.491*492* @throws GSSException containing the following493* major error codes:494* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},495* {@link GSSException#BAD_MIC GSSException.BAD_MIC},496* {@link GSSException#NO_CRED GSSException.NO_CRED},497* {@link GSSException#CREDENTIALS_EXPIRED498* GSSException.CREDENTIALS_EXPIRED},499* {@link GSSException#BAD_BINDINGS GSSException.BAD_BINDINGS},500* {@link GSSException#OLD_TOKEN GSSException.OLD_TOKEN},501* {@link GSSException#DUPLICATE_TOKEN GSSException.DUPLICATE_TOKEN},502* {@link GSSException#BAD_MECH GSSException.BAD_MECH},503* {@link GSSException#FAILURE GSSException.FAILURE}504*505* @deprecated The stream-based methods have been removed from RFC 8353.506* Use {@link #acceptSecContext(byte[], int, int)} instead.507*/508/* Missing return value in RFC. int should have been returned.509* -----------------------------------------------------------510*511* The application can determine if a token is written to the512* OutputStream from the return value of this method. A return value of513* <code>0</code> indicates that no token was written.514*515* @return <strong>the number of bytes written to the516* OutputStream as part of the token to be sent to the peer. A value of517* 0 indicates that no token needs to be518* sent.</strong>519*/520@Deprecated(since="11")521public void acceptSecContext(InputStream inStream,522OutputStream outStream) throws GSSException;523524/**525* Used during context establishment to determine the state of the526* context.527*528* @return <code>true</code> if this is a fully established context on529* the caller's side and no more tokens are needed from the peer.530*/531public boolean isEstablished();532533/**534* Releases any system resources and cryptographic information stored in535* the context object and invalidates the context.536*537*538* @throws GSSException containing the following539* major error codes:540* {@link GSSException#FAILURE GSSException.FAILURE}541*/542public void dispose() throws GSSException;543544/**545* Used to determine limits on the size of the message546* that can be passed to <code>wrap</code>. Returns the maximum547* message size that, if presented to the <code>wrap</code> method with548* the same <code>confReq</code> and <code>qop</code> parameters, will549* result in an output token containing no more550* than <code>maxTokenSize</code> bytes.<p>551*552* This call is intended for use by applications that communicate over553* protocols that impose a maximum message size. It enables the554* application to fragment messages prior to applying protection.<p>555*556* GSS-API implementations are recommended but not required to detect557* invalid QOP values when <code>getWrapSizeLimit</code> is called.558* This routine guarantees only a maximum message size, not the559* availability of specific QOP values for message protection.560*561* @param qop the level of protection wrap will be asked to provide.562* @param confReq <code>true</code> if wrap will be asked to provide563* privacy, <code>false</code> otherwise.564* @param maxTokenSize the desired maximum size of the token emitted by565* wrap.566* @return the maximum size of the input token for the given output567* token size568*569* @throws GSSException containing the following570* major error codes:571* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},572* {@link GSSException#BAD_QOP GSSException.BAD_QOP},573* {@link GSSException#FAILURE GSSException.FAILURE}574*/575public int getWrapSizeLimit(int qop, boolean confReq,576int maxTokenSize) throws GSSException;577578/**579* Applies per-message security services over the established security580* context. The method will return a token with the581* application supplied data and a cryptographic MIC over it.582* The data may be encrypted if confidentiality (privacy) was583* requested.<p>584*585* The MessageProp object is instantiated by the application and used586* to specify a QOP value which selects cryptographic algorithms, and a587* privacy service to optionally encrypt the message. The underlying588* mechanism that is used in the call may not be able to provide the589* privacy service. It sets the actual privacy service that it does590* provide in this MessageProp object which the caller should then591* query upon return. If the mechanism is not able to provide the592* requested QOP, it throws a GSSException with the BAD_QOP code.<p>593*594* Since some application-level protocols may wish to use tokens595* emitted by wrap to provide "secure framing", implementations should596* support the wrapping of zero-length messages.<p>597*598* The application will be responsible for sending the token to the599* peer.600*601* @param inBuf application data to be protected.602* @param offset the offset within the inBuf where the data begins.603* @param len the length of the data604* @param msgProp instance of MessageProp that is used by the605* application to set the desired QOP and privacy state. Set the606* desired QOP to 0 to request the default QOP. Upon return from this607* method, this object will contain the actual privacy state that608* was applied to the message by the underlying mechanism.609* @return a byte[] containing the token to be sent to the peer.610*611* @throws GSSException containing the following major error codes:612* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},613* {@link GSSException#BAD_QOP GSSException.BAD_QOP},614* {@link GSSException#FAILURE GSSException.FAILURE}615*/616public byte[] wrap(byte inBuf[], int offset, int len,617MessageProp msgProp) throws GSSException;618619/**620* Applies per-message security services over the established security621* context using streams. The method will return a622* token with the application supplied data and a cryptographic MIC over it.623* The data may be encrypted if confidentiality624* (privacy) was requested. This method is equivalent to the byte array625* based {@link #wrap(byte[], int, int, MessageProp) wrap} method.<p>626*627* The application will be responsible for sending the token to the628* peer. Typically, the application would629* ensure this by calling the {@link java.io.OutputStream#flush() flush}630* method on an <code>OutputStream</code> that encapsulates the631* connection between the two peers.<p>632*633* The MessageProp object is instantiated by the application and used634* to specify a QOP value which selects cryptographic algorithms, and a635* privacy service to optionally encrypt the message. The underlying636* mechanism that is used in the call may not be able to provide the637* privacy service. It sets the actual privacy service that it does638* provide in this MessageProp object which the caller should then639* query upon return. If the mechanism is not able to provide the640* requested QOP, it throws a GSSException with the BAD_QOP code.<p>641*642* Since some application-level protocols may wish to use tokens643* emitted by wrap to provide "secure framing", implementations should644* support the wrapping of zero-length messages.645*646* @param inStream an InputStream containing the application data to be647* protected. All of the data that is available in648* inStream is used.649* @param outStream an OutputStream to write the protected message650* to.651* @param msgProp instance of MessageProp that is used by the652* application to set the desired QOP and privacy state. Set the653* desired QOP to 0 to request the default QOP. Upon return from this654* method, this object will contain the actual privacy state that655* was applied to the message by the underlying mechanism.656*657* @throws GSSException containing the following658* major error codes:659* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},660* {@link GSSException#BAD_QOP GSSException.BAD_QOP},661* {@link GSSException#FAILURE GSSException.FAILURE}662*663* @deprecated The stream-based methods have been removed from RFC 8353.664* Use {@link #wrap(byte[], int, int, MessageProp)} instead.665*/666@Deprecated(since="11")667public void wrap(InputStream inStream, OutputStream outStream,668MessageProp msgProp) throws GSSException;669670/**671* Used to process tokens generated by the <code>wrap</code> method on672* the other side of the context. The method will return the message673* supplied by the peer application to its wrap call, while at the same674* time verifying the embedded MIC for that message.<p>675*676* The MessageProp object is instantiated by the application and is677* used by the underlying mechanism to return information to the caller678* such as the QOP, whether confidentiality was applied to the message,679* and other supplementary message state information.<p>680*681* Since some application-level protocols may wish to use tokens682* emitted by wrap to provide "secure framing", implementations should683* support the wrapping and unwrapping of zero-length messages.684*685* @param inBuf a byte array containing the wrap token received from686* peer.687* @param offset the offset where the token begins.688* @param len the length of the token689* @param msgProp upon return from the method, this object will contain690* the applied QOP, the privacy state of the message, and supplementary691* information stating if the token was a duplicate, old, out of692* sequence or arriving after a gap.693* @return a byte[] containing the message unwrapped from the input694* token.695*696* @throws GSSException containing the following697* major error codes:698* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},699* {@link GSSException#BAD_MIC GSSException.BAD_MIC},700* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},701* {@link GSSException#FAILURE GSSException.FAILURE}702*/703public byte [] unwrap(byte[] inBuf, int offset, int len,704MessageProp msgProp) throws GSSException;705706/**707* Uses streams to process tokens generated by the <code>wrap</code>708* method on the other side of the context. The method will return the709* message supplied by the peer application to its wrap call, while at710* the same time verifying the embedded MIC for that message.<p>711*712* The MessageProp object is instantiated by the application and is713* used by the underlying mechanism to return information to the caller714* such as the QOP, whether confidentiality was applied to the message,715* and other supplementary message state information.<p>716*717* Since some application-level protocols may wish to use tokens718* emitted by wrap to provide "secure framing", implementations should719* support the wrapping and unwrapping of zero-length messages.<p>720*721* The format of the input token that this method722* reads is defined in the specification for the underlying mechanism that723* will be used. This method will attempt to read one of these tokens per724* invocation. If the mechanism token contains a definitive start and725* end this method may block on the <code>InputStream</code> if only726* part of the token is available. If the start and end of the token727* are not definitive then the method will attempt to treat all728* available bytes as part of the token.<p>729*730* Other than the possible blocking behavior described above, this731* method is equivalent to the byte array based {@link #unwrap(byte[],732* int, int, MessageProp) unwrap} method.733*734* @param inStream an InputStream that contains the wrap token generated735* by the peer.736* @param outStream an OutputStream to write the application message737* to.738* @param msgProp upon return from the method, this object will contain739* the applied QOP, the privacy state of the message, and supplementary740* information stating if the token was a duplicate, old, out of741* sequence or arriving after a gap.742*743* @throws GSSException containing the following744* major error codes:745* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN},746* {@link GSSException#BAD_MIC GSSException.BAD_MIC},747* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},748* {@link GSSException#FAILURE GSSException.FAILURE}749*750* @deprecated The stream-based methods have been removed from RFC 8353.751* Use {@link #unwrap(byte[], int, int, MessageProp)} instead.752*/753@Deprecated(since="11")754public void unwrap(InputStream inStream, OutputStream outStream,755MessageProp msgProp) throws GSSException;756757/**758* Returns a token containing a cryptographic Message Integrity Code759* (MIC) for the supplied message, for transfer to the peer760* application. Unlike wrap, which encapsulates the user message in the761* returned token, only the message MIC is returned in the output762* token.<p>763*764* Note that privacy can only be applied through the wrap call.<p>765*766* Since some application-level protocols may wish to use tokens emitted767* by getMIC to provide "secure framing", implementations should support768* derivation of MICs from zero-length messages.769*770* @param inMsg the message to generate the MIC over.771* @param offset offset within the inMsg where the message begins.772* @param len the length of the message773* @param msgProp an instance of <code>MessageProp</code> that is used774* by the application to set the desired QOP. Set the desired QOP to775* <code>0</code> in <code>msgProp</code> to request the default776* QOP. Alternatively pass in <code>null</code> for <code>msgProp</code>777* to request the default QOP.778* @return a byte[] containing the token to be sent to the peer.779*780* @throws GSSException containing the following781* major error codes:782* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},783* {@link GSSException#BAD_QOP GSSException.BAD_QOP},784* {@link GSSException#FAILURE GSSException.FAILURE}785*/786public byte[] getMIC(byte []inMsg, int offset, int len,787MessageProp msgProp) throws GSSException;788789/**790* Uses streams to produce a token containing a cryptographic MIC for791* the supplied message, for transfer to the peer application.792* Unlike wrap, which encapsulates the user message in the returned793* token, only the message MIC is produced in the output token. This794* method is equivalent to the byte array based {@link #getMIC(byte[],795* int, int, MessageProp) getMIC} method.796*797* Note that privacy can only be applied through the wrap call.<p>798*799* Since some application-level protocols may wish to use tokens emitted800* by getMIC to provide "secure framing", implementations should support801* derivation of MICs from zero-length messages.802*803* @param inStream an InputStream containing the message to generate the804* MIC over. All of the data that is available in805* inStream is used.806* @param outStream an OutputStream to write the output token to.807* @param msgProp an instance of <code>MessageProp</code> that is used808* by the application to set the desired QOP. Set the desired QOP to809* <code>0</code> in <code>msgProp</code> to request the default810* QOP. Alternatively pass in <code>null</code> for <code>msgProp</code>811* to request the default QOP.812*813* @throws GSSException containing the following814* major error codes:815* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},816* {@link GSSException#BAD_QOP GSSException.BAD_QOP},817* {@link GSSException#FAILURE GSSException.FAILURE}818*819* @deprecated The stream-based methods have been removed from RFC 8353.820* Use {@link #getMIC(byte[], int, int, MessageProp)} instead.821*/822@Deprecated(since="11")823public void getMIC(InputStream inStream, OutputStream outStream,824MessageProp msgProp) throws GSSException;825826/**827* Verifies the cryptographic MIC, contained in the token parameter,828* over the supplied message.<p>829*830* The MessageProp object is instantiated by the application and is used831* by the underlying mechanism to return information to the caller such832* as the QOP indicating the strength of protection that was applied to833* the message and other supplementary message state information.<p>834*835* Since some application-level protocols may wish to use tokens emitted836* by getMIC to provide "secure framing", implementations should support837* the calculation and verification of MICs over zero-length messages.838*839* @param inToken the token generated by peer's getMIC method.840* @param tokOffset the offset within the inToken where the token841* begins.842* @param tokLen the length of the token.843* @param inMsg the application message to verify the cryptographic MIC844* over.845* @param msgOffset the offset in inMsg where the message begins.846* @param msgLen the length of the message.847* @param msgProp upon return from the method, this object will contain848* the applied QOP and supplementary information stating if the token849* was a duplicate, old, out of sequence or arriving after a gap.850*851* @throws GSSException containing the following852* major error codes:853* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}854* {@link GSSException#BAD_MIC GSSException.BAD_MIC}855* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}856* {@link GSSException#FAILURE GSSException.FAILURE}857*/858public void verifyMIC(byte[] inToken, int tokOffset, int tokLen,859byte[] inMsg, int msgOffset, int msgLen,860MessageProp msgProp) throws GSSException;861862/**863* Uses streams to verify the cryptographic MIC, contained in the token864* parameter, over the supplied message. This method is equivalent to865* the byte array based {@link #verifyMIC(byte[], int, int, byte[], int,866* int, MessageProp) verifyMIC} method.867*868* The MessageProp object is instantiated by the application and is used869* by the underlying mechanism to return information to the caller such870* as the QOP indicating the strength of protection that was applied to871* the message and other supplementary message state information.<p>872*873* Since some application-level protocols may wish to use tokens emitted874* by getMIC to provide "secure framing", implementations should support875* the calculation and verification of MICs over zero-length messages.<p>876*877* The format of the input token that this method878* reads is defined in the specification for the underlying mechanism that879* will be used. This method will attempt to read one of these tokens per880* invocation. If the mechanism token contains a definitive start and881* end this method may block on the <code>InputStream</code> if only882* part of the token is available. If the start and end of the token883* are not definitive then the method will attempt to treat all884* available bytes as part of the token.<p>885*886* Other than the possible blocking behavior described above, this887* method is equivalent to the byte array based {@link #verifyMIC(byte[],888* int, int, byte[], int, int, MessageProp) verifyMIC} method.889*890* @param tokStream an InputStream containing the token generated by the891* peer's getMIC method.892* @param msgStream an InputStream containing the application message to893* verify the cryptographic MIC over. All of the data894* that is available in msgStream is used.895* @param msgProp upon return from the method, this object will contain896* the applied QOP and supplementary information stating if the token897* was a duplicate, old, out of sequence or arriving after a gap.898*899* @throws GSSException containing the following900* major error codes:901* {@link GSSException#DEFECTIVE_TOKEN GSSException.DEFECTIVE_TOKEN}902* {@link GSSException#BAD_MIC GSSException.BAD_MIC}903* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}904* {@link GSSException#FAILURE GSSException.FAILURE}905*906* @deprecated The stream-based methods have been removed from RFC 8353.907* Use {@link #verifyMIC(byte[], int, int, byte[], int, int, MessageProp)}908* instead.909*/910@Deprecated(since="11")911public void verifyMIC(InputStream tokStream, InputStream msgStream,912MessageProp msgProp) throws GSSException;913914/**915* Exports this context so that another process may916* import it.. Provided to support the sharing of work between917* multiple processes. This routine will typically be used by the918* context-acceptor, in an application where a single process receives919* incoming connection requests and accepts security contexts over920* them, then passes the established context to one or more other921* processes for message exchange.<p>922*923* This method deactivates the security context and creates an924* interprocess token which, when passed to {@link925* GSSManager#createContext(byte[]) GSSManager.createContext} in926* another process, will re-activate the context in the second process.927* Only a single instantiation of a given context may be active at any928* one time; a subsequent attempt by a context exporter to access the929* exported security context will fail.<p>930*931* The implementation may constrain the set of processes by which the932* interprocess token may be imported, either as a function of local933* security policy, or as a result of implementation decisions. For934* example, some implementations may constrain contexts to be passed935* only between processes that run under the same account, or which are936* part of the same process group.<p>937*938* The interprocess token may contain security-sensitive information939* (for example cryptographic keys). While mechanisms are encouraged940* to either avoid placing such sensitive information within941* interprocess tokens, or to encrypt the token before returning it to942* the application, in a typical GSS-API implementation this may not be943* possible. Thus the application must take care to protect the944* interprocess token, and ensure that any process to which the token945* is transferred is trustworthy. <p>946*947* Implementations are not required to support the inter-process948* transfer of security contexts. Calling the {@link #isTransferable()949* isTransferable} method will indicate if the context object is950* transferable.<p>951*952* Calling this method on a context that953* is not exportable will result in this exception being thrown with954* the error code {@link GSSException#UNAVAILABLE955* GSSException.UNAVAILABLE}.956*957* @return a byte[] containing the exported context958* @see GSSManager#createContext(byte[])959*960* @throws GSSException containing the following961* major error codes:962* {@link GSSException#UNAVAILABLE GSSException.UNAVAILABLE},963* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},964* {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT},965* {@link GSSException#FAILURE GSSException.FAILURE}966*/967public byte [] export() throws GSSException;968969/**970* Requests that mutual authentication be done during971* context establishment. This request can only be made on the context972* initiator's side and it has to be done prior to the first call to973* <code>initSecContext</code>.<p>974*975* Not all mechanisms support mutual authentication and some mechanisms976* might require mutual authentication even if the application977* doesn't. Therefore, the application should check to see if the978* request was honored with the {@link #getMutualAuthState()979* getMutualAuthState} method.980*981* @param state a boolean value indicating whether mutual982* authentication should be used or not.983* @see #getMutualAuthState()984*985* @throws GSSException containing the following986* major error codes:987* {@link GSSException#FAILURE GSSException.FAILURE}988*/989public void requestMutualAuth(boolean state) throws GSSException;990991/**992* Requests that replay detection be enabled for the993* per-message security services after context establishment. This994* request can only be made on the context initiator's side and it has995* to be done prior to the first call to996* <code>initSecContext</code>. During context establishment replay997* detection is not an option and is a function of the underlying998* mechanism's capabilities.<p>999*1000* Not all mechanisms support replay detection and some mechanisms1001* might require replay detection even if the application1002* doesn't. Therefore, the application should check to see if the1003* request was honored with the {@link #getReplayDetState()1004* getReplayDetState} method. If replay detection is enabled then the1005* {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken} and {@link1006* MessageProp#isOldToken() MessageProp.isOldToken} methods will return1007* valid results for the <code>MessageProp</code> object that is passed1008* in to the <code>unwrap</code> method or the <code>verifyMIC</code>1009* method.1010*1011* @param state a boolean value indicating whether replay detection1012* should be enabled over the established context or not.1013* @see #getReplayDetState()1014*1015* @throws GSSException containing the following1016* major error codes:1017* {@link GSSException#FAILURE GSSException.FAILURE}1018*/1019public void requestReplayDet(boolean state) throws GSSException;10201021/**1022* Requests that sequence checking be enabled for the1023* per-message security services after context establishment. This1024* request can only be made on the context initiator's side and it has1025* to be done prior to the first call to1026* <code>initSecContext</code>. During context establishment sequence1027* checking is not an option and is a function of the underlying1028* mechanism's capabilities.<p>1029*1030* Not all mechanisms support sequence checking and some mechanisms1031* might require sequence checking even if the application1032* doesn't. Therefore, the application should check to see if the1033* request was honored with the {@link #getSequenceDetState()1034* getSequenceDetState} method. If sequence checking is enabled then the1035* {@link MessageProp#isDuplicateToken() MessageProp.isDuplicateToken},1036* {@link MessageProp#isOldToken() MessageProp.isOldToken},1037* {@link MessageProp#isUnseqToken() MessageProp.isUnseqToken}, and1038* {@link MessageProp#isGapToken() MessageProp.isGapToken} methods will return1039* valid results for the <code>MessageProp</code> object that is passed1040* in to the <code>unwrap</code> method or the <code>verifyMIC</code>1041* method.1042*1043* @param state a boolean value indicating whether sequence checking1044* should be enabled over the established context or not.1045* @see #getSequenceDetState()1046*1047* @throws GSSException containing the following1048* major error codes:1049* {@link GSSException#FAILURE GSSException.FAILURE}1050*/1051public void requestSequenceDet(boolean state) throws GSSException;10521053/**1054* Requests that the initiator's credentials be1055* delegated to the acceptor during context establishment. This1056* request can only be made on the context initiator's side and it has1057* to be done prior to the first call to1058* <code>initSecContext</code>.1059*1060* Not all mechanisms support credential delegation. Therefore, an1061* application that desires delegation should check to see if the1062* request was honored with the {@link #getCredDelegState()1063* getCredDelegState} method. If the application indicates that1064* delegation must not be used, then the mechanism will honor the1065* request and delegation will not occur. This is an exception1066* to the general rule that a mechanism may enable a service even if it1067* is not requested.1068*1069* @param state a boolean value indicating whether the credentials1070* should be delegated or not.1071* @see #getCredDelegState()1072*1073* @throws GSSException containing the following1074* major error codes:1075* {@link GSSException#FAILURE GSSException.FAILURE}1076*/1077public void requestCredDeleg(boolean state) throws GSSException;10781079/**1080* Requests that the initiator's identity not be1081* disclosed to the acceptor. This request can only be made on the1082* context initiator's side and it has to be done prior to the first1083* call to <code>initSecContext</code>.1084*1085* Not all mechanisms support anonymity for the initiator. Therefore, the1086* application should check to see if the request was honored with the1087* {@link #getAnonymityState() getAnonymityState} method.1088*1089* @param state a boolean value indicating if the initiator should1090* be authenticated to the acceptor as an anonymous principal.1091* @see #getAnonymityState1092*1093* @throws GSSException containing the following1094* major error codes:1095* {@link GSSException#FAILURE GSSException.FAILURE}1096*/1097public void requestAnonymity(boolean state) throws GSSException;10981099/**1100* Requests that data confidentiality be enabled1101* for the <code>wrap</code> method. This request can only be made on1102* the context initiator's side and it has to be done prior to the1103* first call to <code>initSecContext</code>.1104*1105* Not all mechanisms support confidentiality and other mechanisms1106* might enable it even if the application doesn't request1107* it. The application may check to see if the request was honored with1108* the {@link #getConfState() getConfState} method. If confidentiality1109* is enabled, only then will the mechanism honor a request for privacy1110* in the {@link MessageProp#MessageProp(int, boolean) MessageProp}1111* object that is passed in to the <code>wrap</code> method.<p>1112*1113* Enabling confidentiality will also automatically enable1114* integrity.1115*1116* @param state a boolean value indicating whether confidentiality1117* should be enabled or not.1118* @see #getConfState()1119* @see #getIntegState()1120* @see #requestInteg(boolean)1121* @see MessageProp1122*1123* @throws GSSException containing the following1124* major error codes:1125* {@link GSSException#FAILURE GSSException.FAILURE}1126*/1127public void requestConf(boolean state) throws GSSException;11281129/**1130* Requests that data integrity be enabled1131* for the <code>wrap</code> and <code>getMIC</code>methods. This1132* request can only be made on the context initiator's side and it has1133* to be done prior to the first call to <code>initSecContext</code>.1134*1135* Not all mechanisms support integrity and other mechanisms1136* might enable it even if the application doesn't request1137* it. The application may check to see if the request was honored with1138* the {@link #getIntegState() getIntegState} method.<p>1139*1140* Disabling integrity will also automatically disable1141* confidentiality.1142*1143* @param state a boolean value indicating whether integrity1144* should be enabled or not.1145* @see #getIntegState()1146*1147* @throws GSSException containing the following1148* major error codes:1149* {@link GSSException#FAILURE GSSException.FAILURE}1150*/1151public void requestInteg(boolean state) throws GSSException;11521153/**1154* Requests a lifetime in seconds for the1155* context. This method can only be called on the context initiator's1156* side and it has to be done prior to the first call to1157* <code>initSecContext</code>.<p>1158*1159* The actual lifetime of the context will depend on the capabilities of1160* the underlying mechanism and the application should call the {@link1161* #getLifetime() getLifetime} method to determine this.1162*1163* @param lifetime the desired context lifetime in seconds. Use1164* <code>INDEFINITE_LIFETIME</code> to request an indefinite lifetime1165* and <code>DEFAULT_LIFETIME</code> to request a default lifetime.1166* @see #getLifetime()1167*1168* @throws GSSException containing the following1169* major error codes:1170* {@link GSSException#FAILURE GSSException.FAILURE}1171*/1172public void requestLifetime(int lifetime) throws GSSException;11731174/**1175* Sets the channel bindings to be used during context1176* establishment. This method can be called on both1177* the context initiator's and the context acceptor's side, but it must1178* be called before context establishment begins. This means that an1179* initiator must call it before the first call to1180* <code>initSecContext</code> and the acceptor must call it before the1181* first call to <code>acceptSecContext</code>.1182*1183* @param cb the channel bindings to use.1184*1185* @throws GSSException containing the following1186* major error codes:1187* {@link GSSException#FAILURE GSSException.FAILURE}1188*/1189public void setChannelBinding(ChannelBinding cb) throws GSSException;11901191/**1192* Determines if credential delegation is enabled on1193* this context. It can be called by both the context initiator and the1194* context acceptor. For a definitive answer this method must be1195* called only after context establishment is complete. Note that if an1196* initiator requests that delegation not be allowed the {@link1197* #requestCredDeleg(boolean) requestCredDeleg} method will honor that1198* request and this method will return <code>false</code> on the1199* initiator's side from that point onwards.1200*1201* @return true if delegation is enabled, false otherwise.1202* @see #requestCredDeleg(boolean)1203*/1204public boolean getCredDelegState();12051206/**1207* Determines if mutual authentication is enabled on1208* this context. It can be called by both the context initiator and the1209* context acceptor. For a definitive answer this method must be1210* called only after context establishment is complete. An initiator1211* that requests mutual authentication can call this method after1212* context completion and dispose the context if its request was not1213* honored.1214*1215* @return true if mutual authentication is enabled, false otherwise.1216* @see #requestMutualAuth(boolean)1217*/1218public boolean getMutualAuthState();12191220/**1221* Determines if replay detection is enabled for the1222* per-message security services from this context. It can be called by1223* both the context initiator and the context acceptor. For a1224* definitive answer this method must be called only after context1225* establishment is complete. An initiator that requests replay1226* detection can call this method after context completion and1227* dispose the context if its request was not honored.1228*1229* @return true if replay detection is enabled, false otherwise.1230* @see #requestReplayDet(boolean)1231*/1232public boolean getReplayDetState();12331234/**1235* Determines if sequence checking is enabled for the1236* per-message security services from this context. It can be called by1237* both the context initiator and the context acceptor. For a1238* definitive answer this method must be called only after context1239* establishment is complete. An initiator that requests sequence1240* checking can call this method after context completion and1241* dispose the context if its request was not honored.1242*1243* @return true if sequence checking is enabled, false otherwise.1244* @see #requestSequenceDet(boolean)1245*/1246public boolean getSequenceDetState();12471248/**1249* Determines if the context initiator is1250* anonymously authenticated to the context acceptor. It can be called by1251* both the context initiator and the context acceptor, and at any1252* time. <strong>On the initiator side, a call to this method determines1253* if the identity of the initiator has been disclosed in any of the1254* context establishment tokens that might have been generated thus far1255* by <code>initSecContext</code>. An initiator that absolutely must be1256* authenticated anonymously should call this method after each call to1257* <code>initSecContext</code> to determine if the generated token1258* should be sent to the peer or the context aborted.</strong> On the1259* acceptor side, a call to this method determines if any of the tokens1260* processed by <code>acceptSecContext</code> thus far have divulged1261* the identity of the initiator.1262*1263* @return true if the context initiator is still anonymous, false1264* otherwise.1265* @see #requestAnonymity(boolean)1266*/1267public boolean getAnonymityState();12681269/**1270* Determines if the context is transferable to other processes1271* through the use of the {@link #export() export} method. This call1272* is only valid on fully established contexts.1273*1274* @return true if this context can be exported, false otherwise.1275*1276* @throws GSSException containing the following1277* major error codes:1278* {@link GSSException#FAILURE GSSException.FAILURE}1279*/1280public boolean isTransferable() throws GSSException;12811282/**1283* Determines if the context is ready for per message operations to be1284* used over it. Some mechanisms may allow the usage of the1285* per-message operations before the context is fully established.1286*1287* @return true if methods like <code>wrap</code>, <code>unwrap</code>,1288* <code>getMIC</code>, and <code>verifyMIC</code> can be used with1289* this context at the current stage of context establishment, false1290* otherwise.1291*/1292public boolean isProtReady();12931294/**1295* Determines if data confidentiality is available1296* over the context. This method can be called by both the context1297* initiator and the context acceptor, but only after one of {@link1298* #isProtReady() isProtReady} or {@link #isEstablished()1299* isEstablished} return <code>true</code>. If this method returns1300* <code>true</code>, so will {@link #getIntegState()1301* getIntegState}1302*1303* @return true if confidentiality services are available, false1304* otherwise.1305* @see #requestConf(boolean)1306*/1307public boolean getConfState();13081309/**1310* Determines if data integrity is available1311* over the context. This method can be called by both the context1312* initiator and the context acceptor, but only after one of {@link1313* #isProtReady() isProtReady} or {@link #isEstablished()1314* isEstablished} return <code>true</code>. This method will always1315* return <code>true</code> if {@link #getConfState() getConfState}1316* returns true.1317*1318* @return true if integrity services are available, false otherwise.1319* @see #requestInteg(boolean)1320*/1321public boolean getIntegState();13221323/**1324* Determines what the remaining lifetime for this1325* context is. It can be called by both the context initiator and the1326* context acceptor, but for a definitive answer it should be called1327* only after {@link #isEstablished() isEstablished} returns1328* true.1329*1330* @return the remaining lifetime in seconds1331* @see #requestLifetime(int)1332*/1333public int getLifetime();13341335/**1336* Returns the name of the context initiator. This call is valid only1337* after one of {@link #isProtReady() isProtReady} or {@link1338* #isEstablished() isEstablished} return <code>true</code>.1339*1340* @return a GSSName that is an MN containing the name of the context1341* initiator.1342* @see GSSName1343*1344* @throws GSSException containing the following1345* major error codes:1346* {@link GSSException#FAILURE GSSException.FAILURE}1347*/1348public GSSName getSrcName() throws GSSException;13491350/**1351* Returns the name of the context acceptor. This call is valid only1352* after one of {@link #isProtReady() isProtReady} or {@link1353* #isEstablished() isEstablished} return <code>true</code>.1354*1355* @return a GSSName that is an MN containing the name of the context1356* acceptor.1357*1358* @throws GSSException containing the following1359* major error codes:1360* {@link GSSException#FAILURE GSSException.FAILURE}1361*/1362public GSSName getTargName() throws GSSException;13631364/**1365* Determines what mechanism is being used for this1366* context. This method may be called before the context is fully1367* established, but the mechanism returned may change on successive1368* calls in the negotiated mechanism case.1369*1370* @return the Oid of the mechanism being used1371*1372* @throws GSSException containing the following1373* major error codes:1374* {@link GSSException#FAILURE GSSException.FAILURE}1375*/1376public Oid getMech() throws GSSException;13771378/**1379* Obtains the credentials delegated by the context1380* initiator to the context acceptor. It should be called only on the1381* context acceptor's side, and once the context is fully1382* established. The caller can use the method {@link1383* #getCredDelegState() getCredDelegState} to determine if there are1384* any delegated credentials.1385*1386* @return a GSSCredential containing the initiator's delegated1387* credentials, or <code>null</code> is no credentials1388* were delegated.1389*1390* @throws GSSException containing the following1391* major error codes:1392* {@link GSSException#FAILURE GSSException.FAILURE}1393*/1394public GSSCredential getDelegCred() throws GSSException;13951396/**1397* Determines if this is the context initiator. This1398* can be called on both the context initiator's and context acceptor's1399* side.1400*1401* @return true if this is the context initiator, false if it is the1402* context acceptor.1403*1404* @throws GSSException containing the following1405* major error codes:1406* {@link GSSException#FAILURE GSSException.FAILURE}1407*/1408public boolean isInitiator() throws GSSException;1409}141014111412