Path: blob/master/src/java.security.jgss/share/classes/sun/security/jgss/spnego/SpNegoToken.java
41161 views
/*1* Copyright (c) 2005, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.jgss.spnego;2627import java.io.*;28import java.util.*;29import org.ietf.jgss.*;30import sun.security.util.*;31import sun.security.jgss.*;3233/**34* Astract class for SPNEGO tokens.35* Implementation is based on RFC 247836*37* NegotiationToken ::= CHOICE {38* negTokenInit [0] NegTokenInit,39* negTokenTarg [1] NegTokenTarg }40*41*42* @author Seema Malkani43* @since 1.644*/4546abstract class SpNegoToken extends GSSToken {4748static final int NEG_TOKEN_INIT_ID = 0x00;49static final int NEG_TOKEN_TARG_ID = 0x01;5051static enum NegoResult {52ACCEPT_COMPLETE,53ACCEPT_INCOMPLETE,54REJECT,55};5657private int tokenType;5859// property60static final boolean DEBUG = SpNegoContext.DEBUG;6162/**63* The object identifier corresponding to the SPNEGO GSS-API64* mechanism.65*/66public static ObjectIdentifier OID;6768static {69try {70OID = ObjectIdentifier.of(SpNegoMechFactory.71GSS_SPNEGO_MECH_OID.toString());72} catch (IOException ioe) {73// should not happen74}75}7677/**78* Creates SPNEGO token of the specified type.79*/80protected SpNegoToken(int tokenType) {81this.tokenType = tokenType;82}8384/**85* Returns the individual encoded SPNEGO token86*87* @return the encoded token88* @exception GSSException89*/90abstract byte[] encode() throws GSSException;9192/**93* Returns the encoded SPNEGO token94* Note: inserts the required CHOICE tags95*96* @return the encoded token97* @exception GSSException98*/99byte[] getEncoded() throws IOException, GSSException {100101// get the token encoded value102DerOutputStream token = new DerOutputStream();103token.write(encode());104105// now insert the CHOICE106switch (tokenType) {107case NEG_TOKEN_INIT_ID:108// Insert CHOICE of Negotiation Token109DerOutputStream initToken = new DerOutputStream();110initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT,111true, (byte) NEG_TOKEN_INIT_ID), token);112return initToken.toByteArray();113114case NEG_TOKEN_TARG_ID:115// Insert CHOICE of Negotiation Token116DerOutputStream targToken = new DerOutputStream();117targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT,118true, (byte) NEG_TOKEN_TARG_ID), token);119return targToken.toByteArray();120default:121return token.toByteArray();122}123}124125/**126* Returns the SPNEGO token type127*128* @return the token type129*/130final int getType() {131return tokenType;132}133134/**135* Returns a string representing the token type.136*137* @param tokenType the token type for which a string name is desired138* @return the String name of this token type139*/140static String getTokenName(int type) {141switch (type) {142case NEG_TOKEN_INIT_ID:143return "SPNEGO NegTokenInit";144case NEG_TOKEN_TARG_ID:145return "SPNEGO NegTokenTarg";146default:147return "SPNEGO Mechanism Token";148}149}150151/**152* Returns the enumerated type of the Negotiation result.153*154* @param result the negotiated result represented by integer155* @return the enumerated type of Negotiated result156*/157static NegoResult getNegoResultType(int result) {158switch (result) {159case 0:160return NegoResult.ACCEPT_COMPLETE;161case 1:162return NegoResult.ACCEPT_INCOMPLETE;163case 2:164return NegoResult.REJECT;165default:166// unknown - return optimistic result167return NegoResult.ACCEPT_COMPLETE;168}169}170171/**172* Returns a string representing the negotiation result.173*174* @param result the negotiated result175* @return the String message of this negotiated result176*/177static String getNegoResultString(int result) {178switch (result) {179case 0:180return "Accept Complete";181case 1:182return "Accept InComplete";183case 2:184return "Reject";185default:186return ("Unknown Negotiated Result: " + result);187}188}189190/**191* Checks if the context tag in a sequence is in correct order. The "last"192* value must be smaller than "current".193* @param last the last tag seen194* @param current the current tag195* @return the current tag, used as the next value for last196* @throws GSSException if there's a wrong order197*/198static int checkNextField(int last, int current) throws GSSException {199if (last < current) {200return current;201} else {202throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1,203"Invalid SpNegoToken token : wrong order");204}205}206}207208209