Path: blob/master/src/java.security.jgss/share/classes/sun/security/jgss/GSSManagerImpl.java
41159 views
/*1* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.jgss;2627import org.ietf.jgss.*;28import sun.security.action.GetBooleanAction;29import sun.security.jgss.spi.*;30import java.security.Provider;3132/**33* This class provides the default implementation of the GSSManager34* interface.35*/36public class GSSManagerImpl extends GSSManager {3738// Undocumented property39private static final Boolean USE_NATIVE = GetBooleanAction40.privilegedGetProperty("sun.security.jgss.native");4142private ProviderList list;4344// Used by java SPNEGO impl to make sure native is disabled45public GSSManagerImpl(GSSCaller caller, boolean useNative) {46list = new ProviderList(caller, useNative);47}4849// Used by HTTP/SPNEGO NegotiatorImpl50public GSSManagerImpl(GSSCaller caller) {51list = new ProviderList(caller, USE_NATIVE);52}5354public GSSManagerImpl() {55list = new ProviderList(GSSCaller.CALLER_UNKNOWN, USE_NATIVE);56}5758public Oid[] getMechs(){59return list.getMechs();60}6162public Oid[] getNamesForMech(Oid mech)63throws GSSException {64MechanismFactory factory = list.getMechFactory(mech);65return factory.getNameTypes().clone();66}6768public Oid[] getMechsForName(Oid nameType){69Oid[] mechs = list.getMechs();70Oid[] retVal = new Oid[mechs.length];71int pos = 0;7273// Compatibility with RFC 2853 old NT_HOSTBASED_SERVICE value.74if (nameType.equals(GSSNameImpl.oldHostbasedServiceName)) {75nameType = GSSName.NT_HOSTBASED_SERVICE;76}7778// Iterate thru all mechs in GSS79for (int i = 0; i < mechs.length; i++) {80// what nametypes does this mech support?81Oid mech = mechs[i];82try {83Oid[] namesForMech = getNamesForMech(mech);84// Is the desired Oid present in that list?85if (nameType.containedIn(namesForMech)) {86retVal[pos++] = mech;87}88} catch (GSSException e) {89// Squelch it and just skip over this mechanism90GSSUtil.debug("Skip " + mech +91": error retrieving supported name types");92}93}9495// Trim the list if needed96if (pos < retVal.length) {97Oid[] temp = new Oid[pos];98for (int i = 0; i < pos; i++)99temp[i] = retVal[i];100retVal = temp;101}102103return retVal;104}105106public GSSName createName(String nameStr, Oid nameType)107throws GSSException {108return new GSSNameImpl(this, nameStr, nameType);109}110111public GSSName createName(byte[] name, Oid nameType)112throws GSSException {113return new GSSNameImpl(this, name, nameType);114}115116public GSSName createName(String nameStr, Oid nameType,117Oid mech) throws GSSException {118return new GSSNameImpl(this, nameStr, nameType, mech);119}120121public GSSName createName(byte[] name, Oid nameType, Oid mech)122throws GSSException {123return new GSSNameImpl(this, name, nameType, mech);124}125126public GSSCredential createCredential(int usage)127throws GSSException {128return wrap(new GSSCredentialImpl(this, usage));129}130131public GSSCredential createCredential(GSSName aName,132int lifetime, Oid mech, int usage)133throws GSSException {134return wrap(new GSSCredentialImpl(this, aName, lifetime, mech, usage));135}136137public GSSCredential createCredential(GSSName aName,138int lifetime, Oid[] mechs, int usage)139throws GSSException {140return wrap(new GSSCredentialImpl(this, aName, lifetime, mechs, usage));141}142143public GSSContext createContext(GSSName peer, Oid mech,144GSSCredential myCred, int lifetime)145throws GSSException {146return wrap(new GSSContextImpl(this, peer, mech, myCred, lifetime));147}148149public GSSContext createContext(GSSCredential myCred)150throws GSSException {151return wrap(new GSSContextImpl(this, myCred));152}153154public GSSContext createContext(byte[] interProcessToken)155throws GSSException {156return wrap(new GSSContextImpl(this, interProcessToken));157}158159public void addProviderAtFront(Provider p, Oid mech)160throws GSSException {161list.addProviderAtFront(p, mech);162}163164public void addProviderAtEnd(Provider p, Oid mech)165throws GSSException {166list.addProviderAtEnd(p, mech);167}168169public GSSCredentialSpi getCredentialElement(GSSNameSpi name, int initLifetime,170int acceptLifetime, Oid mech, int usage)171throws GSSException {172MechanismFactory factory = list.getMechFactory(mech);173return factory.getCredentialElement(name, initLifetime,174acceptLifetime, usage);175}176177// Used by java SPNEGO impl178public GSSNameSpi getNameElement(String name, Oid nameType, Oid mech)179throws GSSException {180// Just use the most preferred MF impl assuming GSSNameSpi181// objects are interoperable among providers182MechanismFactory factory = list.getMechFactory(mech);183return factory.getNameElement(name, nameType);184}185186// Used by java SPNEGO impl187public GSSNameSpi getNameElement(byte[] name, Oid nameType, Oid mech)188throws GSSException {189// Just use the most preferred MF impl assuming GSSNameSpi190// objects are interoperable among providers191MechanismFactory factory = list.getMechFactory(mech);192return factory.getNameElement(name, nameType);193}194195GSSContextSpi getMechanismContext(GSSNameSpi peer,196GSSCredentialSpi myInitiatorCred,197int lifetime, Oid mech)198throws GSSException {199Provider p = null;200if (myInitiatorCred != null) {201p = myInitiatorCred.getProvider();202}203MechanismFactory factory = list.getMechFactory(mech, p);204return factory.getMechanismContext(peer, myInitiatorCred, lifetime);205}206207GSSContextSpi getMechanismContext(GSSCredentialSpi myAcceptorCred,208Oid mech)209throws GSSException {210Provider p = null;211if (myAcceptorCred != null) {212p = myAcceptorCred.getProvider();213}214MechanismFactory factory = list.getMechFactory(mech, p);215return factory.getMechanismContext(myAcceptorCred);216}217218GSSContextSpi getMechanismContext(byte[] exportedContext)219throws GSSException {220if ((exportedContext == null) || (exportedContext.length == 0)) {221throw new GSSException(GSSException.NO_CONTEXT);222}223GSSContextSpi result = null;224225// Only allow context import with native provider since JGSS226// still has not defined its own interprocess token format227Oid[] mechs = list.getMechs();228for (int i = 0; i < mechs.length; i++) {229MechanismFactory factory = list.getMechFactory(mechs[i]);230if (factory.getProvider().getName().equals("SunNativeGSS")) {231result = factory.getMechanismContext(exportedContext);232if (result != null) break;233}234}235if (result == null) {236throw new GSSException(GSSException.UNAVAILABLE);237}238return result;239}240241static {242// Load the extended JGSS interfaces if exist243try {244Class.forName("com.sun.security.jgss.Extender");245} catch (Exception e) {246}247}248249static GSSCredential wrap(GSSCredentialImpl cred) {250return sun.security.jgss.JgssExtender.getExtender().wrap(cred);251}252253static GSSContext wrap(GSSContextImpl ctxt) {254return sun.security.jgss.JgssExtender.getExtender().wrap(ctxt);255}256}257258259