draft-ietf-cat-gssv2-javabind-03.txt   draft-ietf-cat-gssv2-javabind-04.txt 
Internet-Draft Jack Kabat Internet-Draft Jack Kabat
IETF CAT Working Group ValiCert, Inc. IETF CAT Working Group ValiCert, Inc.
Document: <draft-ietf-cat-gssv2-javabind-03.txt> Mayank Upadhyay Document: <draft-ietf-cat-gssv2-javabind-04.txt> Mayank Upadhyay
Sun Microsystems, Inc. Sun Microsystems, Inc.
October 1999 December 1999
Generic Security Service API Version 2 : Java bindings Generic Security Service API Version 2 : Java bindings
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 2, line 5 skipping to change at page 2, line 5
specifies the Java bindings for GSS-API which is described at a specifies the Java bindings for GSS-API which is described at a
language independent conceptual level in RFC 2078 [GSSAPIv2]. language independent conceptual level in RFC 2078 [GSSAPIv2].
The GSS-API allows a caller application to authenticate a principal The GSS-API allows a caller application to authenticate a principal
identity, to delegate rights to a peer, and to apply security identity, to delegate rights to a peer, and to apply security
services such as confidentiality and integrity on a per-message services such as confidentiality and integrity on a per-message
basis. Examples of security mechanisms defined for GSS-API are The basis. Examples of security mechanisms defined for GSS-API are The
Simple Public-Key GSS-API Mechanism [SPKM] and The Kerberos Version 5 Simple Public-Key GSS-API Mechanism [SPKM] and The Kerberos Version 5
GSS-API Mechanism [KERBV5]. GSS-API Mechanism [KERBV5].
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 6
2. GSS-API Operational Paradigm . . . . . . . . . . . . . . . . 7 2. GSS-API Operational Paradigm . . . . . . . . . . . . . . . . 7
3. Additional Controls . . . . . . . . . . . . . . . . . . . . 8 3. Additional Controls . . . . . . . . . . . . . . . . . . . . 8
3.1. Delegation . . . . . . . . . . . . . . . . . . . . . . . . 9 3.1. Delegation . . . . . . . . . . . . . . . . . . . . . . . . 9
3.2. Mutual Authentication . . . . . . . . . . . . . . . . . 10 3.2. Mutual Authentication . . . . . . . . . . . . . . . . . 10
3.3. Replay and Out-of-Sequence Detection . . . . . . . . . . 11 3.3. Replay and Out-of-Sequence Detection . . . . . . . . . . 11
3.4. Anonymous Authentication . . . . . . . . . . . . . . . . 11 3.4. Anonymous Authentication . . . . . . . . . . . . . . . . 11
skipping to change at page 2, line 49 skipping to change at page 2, line 49
5. Introduction to GSS-API Classes and Interfaces . . . . . . 27 5. Introduction to GSS-API Classes and Interfaces . . . . . . 27
5.1. GSSManager class . . . . . . . . . . . . . . . . . . . . 28 5.1. GSSManager class . . . . . . . . . . . . . . . . . . . . 28
5.2. GSSName interface . . . . . . . . . . . . . . . . . . . 28 5.2. GSSName interface . . . . . . . . . . . . . . . . . . . 28
5.3. GSSCredential interface . . . . . . . . . . . . . . . . 29 5.3. GSSCredential interface . . . . . . . . . . . . . . . . 29
5.4. GSSContext interface . . . . . . . . . . . . . . . . . . 30 5.4. GSSContext interface . . . . . . . . . . . . . . . . . . 30
5.5. MessageProp class . . . . . . . . . . . . . . . . . . . 31 5.5. MessageProp class . . . . . . . . . . . . . . . . . . . 31
5.6. GSSException class . . . . . . . . . . . . . . . . . . . 31 5.6. GSSException class . . . . . . . . . . . . . . . . . . . 31
5.7. Oid class . . . . . . . . . . . . . . . . . . . . . . . 32 5.7. Oid class . . . . . . . . . . . . . . . . . . . . . . . 32
5.8. ChannelBinding class . . . . . . . . . . . . . . . . . . 32 5.8. ChannelBinding class . . . . . . . . . . . . . . . . . . 32
6. Detailed GSS-API Class Description . . . . . . . . . . . . 32 6. Detailed GSS-API Class Description . . . . . . . . . . . . 32
6.1. public class GSSManager . . . . . . . . . . . . . . . . 32 6.1. public abstract class GSSManager . . . . . . . . . . . . 32
6.1.1. Example Code . . . . . . . . . . . . . . . . . . . . . 33 6.1.1. Example Code . . . . . . . . . . . . . . . . . . . . . 34
6.1.2. Constructors . . . . . . . . . . . . . . . . . . . . . 33 6.1.2. getInstance . . . . . . . . . . . . . . . . . . . . . 34
6.1.3. setProvider . . . . . . . . . . . . . . . . . . . . . 34 6.1.3. getMechs . . . . . . . . . . . . . . . . . . . . . . . 34
6.1.4. setProvider . . . . . . . . . . . . . . . . . . . . . 34 6.1.4. getNamesForMech . . . . . . . . . . . . . . . . . . . 34
6.1.5. getProvider . . . . . . . . . . . . . . . . . . . . . 35 6.1.5. getMechsForName . . . . . . . . . . . . . . . . . . . 35
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
6.1.6. getMechs . . . . . . . . . . . . . . . . . . . . . . . 35 6.1.6. createName . . . . . . . . . . . . . . . . . . . . . . 35
6.1.7. getNamesForMech . . . . . . . . . . . . . . . . . . . 35 6.1.7. createName . . . . . . . . . . . . . . . . . . . . . . 36
6.1.8. getMechsForName . . . . . . . . . . . . . . . . . . . 36 6.1.8. createName . . . . . . . . . . . . . . . . . . . . . . 36
6.1.9. createName . . . . . . . . . . . . . . . . . . . . . . 36 6.1.9. createName . . . . . . . . . . . . . . . . . . . . . . 37
6.1.10. createName . . . . . . . . . . . . . . . . . . . . . 36 6.1.10. createCredential . . . . . . . . . . . . . . . . . . 37
6.1.11. createName . . . . . . . . . . . . . . . . . . . . . 37 6.1.11. createCredential . . . . . . . . . . . . . . . . . . 38
6.1.12. createName . . . . . . . . . . . . . . . . . . . . . 38 6.1.12. createCredential . . . . . . . . . . . . . . . . . . 38
6.1.13. createCredential . . . . . . . . . . . . . . . . . . 38 6.1.13. createContext . . . . . . . . . . . . . . . . . . . . 39
6.1.14. createCredential . . . . . . . . . . . . . . . . . . 38 6.1.14. createContext . . . . . . . . . . . . . . . . . . . . 39
6.1.15. createCredential . . . . . . . . . . . . . . . . . . 39 6.1.15. createContext . . . . . . . . . . . . . . . . . . . . 40
6.1.16. createContext . . . . . . . . . . . . . . . . . . . . 40 6.1.16. addProviderAtFront . . . . . . . . . . . . . . . . . 40
6.1.17. createContext . . . . . . . . . . . . . . . . . . . . 40 6.1.16.1. Example Code . . . . . . . . . . . . . . . . . . . 41
6.1.18. createContext . . . . . . . . . . . . . . . . . . . . 41 6.1.17. addProviderAtEnd . . . . . . . . . . . . . . . . . . 42
6.2. public interface GSSName . . . . . . . . . . . . . . . . 41 6.1.17.1. Example Code . . . . . . . . . . . . . . . . . . . 42
6.2.1. Example Code . . . . . . . . . . . . . . . . . . . . . 41 6.2. public interface GSSName . . . . . . . . . . . . . . . . 43
6.2.2. Static Constants . . . . . . . . . . . . . . . . . . . 42 6.2.1. Example Code . . . . . . . . . . . . . . . . . . . . . 43
6.2.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 43 6.2.2. Static Constants . . . . . . . . . . . . . . . . . . . 44
6.2.4. equals . . . . . . . . . . . . . . . . . . . . . . . . 43 6.2.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 45
6.2.5. canonicalize . . . . . . . . . . . . . . . . . . . . . 44 6.2.4. equals . . . . . . . . . . . . . . . . . . . . . . . . 45
6.2.6. export . . . . . . . . . . . . . . . . . . . . . . . . 44 6.2.5. canonicalize . . . . . . . . . . . . . . . . . . . . . 46
6.2.7. toString . . . . . . . . . . . . . . . . . . . . . . . 44 6.2.6. export . . . . . . . . . . . . . . . . . . . . . . . . 46
6.2.8. getStringNameType . . . . . . . . . . . . . . . . . . 44 6.2.7. toString . . . . . . . . . . . . . . . . . . . . . . . 46
6.2.9. isAnonymous . . . . . . . . . . . . . . . . . . . . . 45 6.2.8. getStringNameType . . . . . . . . . . . . . . . . . . 47
6.2.10. isMN . . . . . . . . . . . . . . . . . . . . . . . . 45 6.2.9. isAnonymous . . . . . . . . . . . . . . . . . . . . . 47
6.3. public interface GSSCredential implements Cloneable . . 45 6.2.10. isMN . . . . . . . . . . . . . . . . . . . . . . . . 47
6.3.1. Example Code . . . . . . . . . . . . . . . . . . . . . 46 6.3. public interface GSSCredential implements Cloneable . . 47
6.3.2. Static Constants . . . . . . . . . . . . . . . . . . . 47 6.3.1. Example Code . . . . . . . . . . . . . . . . . . . . . 48
6.3.3. dispose . . . . . . . . . . . . . . . . . . . . . . . 47 6.3.2. Static Constants . . . . . . . . . . . . . . . . . . . 49
6.3.4. getName . . . . . . . . . . . . . . . . . . . . . . . 47 6.3.3. dispose . . . . . . . . . . . . . . . . . . . . . . . 49
6.3.5. getName . . . . . . . . . . . . . . . . . . . . . . . 47 6.3.4. getName . . . . . . . . . . . . . . . . . . . . . . . 50
6.3.6. getRemainingLifetime . . . . . . . . . . . . . . . . . 48 6.3.5. getName . . . . . . . . . . . . . . . . . . . . . . . 50
6.3.7. getRemainingInitLifetime . . . . . . . . . . . . . . . 48 6.3.6. getRemainingLifetime . . . . . . . . . . . . . . . . . 50
6.3.8. getRemainingAcceptLifetime . . . . . . . . . . . . . . 48 6.3.7. getRemainingInitLifetime . . . . . . . . . . . . . . . 50
6.3.9. getUsage . . . . . . . . . . . . . . . . . . . . . . . 49 6.3.8. getRemainingAcceptLifetime . . . . . . . . . . . . . . 51
6.3.10. getUsage . . . . . . . . . . . . . . . . . . . . . . 49 6.3.9. getUsage . . . . . . . . . . . . . . . . . . . . . . . 51
6.3.11. getMechs . . . . . . . . . . . . . . . . . . . . . . 49 6.3.10. getUsage . . . . . . . . . . . . . . . . . . . . . . 51
6.3.12. add . . . . . . . . . . . . . . . . . . . . . . . . . 49 6.3.11. getMechs . . . . . . . . . . . . . . . . . . . . . . 51
6.3.13. equals . . . . . . . . . . . . . . . . . . . . . . . 50 6.3.12. add . . . . . . . . . . . . . . . . . . . . . . . . . 52
6.4. public interface GSSContext . . . . . . . . . . . . . . 51 6.3.13. equals . . . . . . . . . . . . . . . . . . . . . . . 52
6.4.1. Example Code . . . . . . . . . . . . . . . . . . . . . 52 6.4. public interface GSSContext . . . . . . . . . . . . . . 53
6.4.2. Static Constants . . . . . . . . . . . . . . . . . . . 53 6.4.1. Example Code . . . . . . . . . . . . . . . . . . . . . 54
6.4.3. initSecContext . . . . . . . . . . . . . . . . . . . . 54 6.4.2. Static Constants . . . . . . . . . . . . . . . . . . . 56
6.4.3.1. Example Code . . . . . . . . . . . . . . . . . . . . 54 6.4.3. initSecContext . . . . . . . . . . . . . . . . . . . . 56
6.4.4. initSecContext . . . . . . . . . . . . . . . . . . . . 55 6.4.3.1. Example Code . . . . . . . . . . . . . . . . . . . . 56
6.4.4.1. Example Code . . . . . . . . . . . . . . . . . . . . 56 6.4.4. initSecContext . . . . . . . . . . . . . . . . . . . . 57
6.4.5. acceptSecContext . . . . . . . . . . . . . . . . . . . 57 6.4.4.1. Example Code . . . . . . . . . . . . . . . . . . . . 58
6.4.5.1. Example Code . . . . . . . . . . . . . . . . . . . . 57 6.4.5. acceptSecContext . . . . . . . . . . . . . . . . . . . 59
6.4.6. acceptSecContext . . . . . . . . . . . . . . . . . . . 58 6.4.5.1. Example Code . . . . . . . . . . . . . . . . . . . . 59
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
6.4.6.1. Example Code . . . . . . . . . . . . . . . . . . . . 59 6.4.6. acceptSecContext . . . . . . . . . . . . . . . . . . . 60
6.4.7. isEstablished . . . . . . . . . . . . . . . . . . . . 59 6.4.6.1. Example Code . . . . . . . . . . . . . . . . . . . . 61
6.4.8. dispose . . . . . . . . . . . . . . . . . . . . . . . 60 6.4.7. isEstablished . . . . . . . . . . . . . . . . . . . . 62
6.4.9. getWrapSizeLimit . . . . . . . . . . . . . . . . . . . 60 6.4.8. dispose . . . . . . . . . . . . . . . . . . . . . . . 62
6.4.10. wrap . . . . . . . . . . . . . . . . . . . . . . . . 61 6.4.9. getWrapSizeLimit . . . . . . . . . . . . . . . . . . . 62
6.4.11. wrap . . . . . . . . . . . . . . . . . . . . . . . . 61 6.4.10. wrap . . . . . . . . . . . . . . . . . . . . . . . . 63
6.4.12. unwrap . . . . . . . . . . . . . . . . . . . . . . . 62 6.4.11. wrap . . . . . . . . . . . . . . . . . . . . . . . . 64
6.4.13. unwrap . . . . . . . . . . . . . . . . . . . . . . . 63 6.4.12. unwrap . . . . . . . . . . . . . . . . . . . . . . . 65
6.4.14. getMIC . . . . . . . . . . . . . . . . . . . . . . . 64 6.4.13. unwrap . . . . . . . . . . . . . . . . . . . . . . . 65
6.4.15. getMIC . . . . . . . . . . . . . . . . . . . . . . . 64 6.4.14. getMIC . . . . . . . . . . . . . . . . . . . . . . . 66
6.4.16. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 65 6.4.15. getMIC . . . . . . . . . . . . . . . . . . . . . . . 67
6.4.17. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 66 6.4.16. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 67
6.4.18. export . . . . . . . . . . . . . . . . . . . . . . . 67 6.4.17. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 68
6.4.19. requestMutualAuth . . . . . . . . . . . . . . . . . . 67 6.4.18. export . . . . . . . . . . . . . . . . . . . . . . . 69
6.4.20. requestReplayDet . . . . . . . . . . . . . . . . . . 68 6.4.19. requestMutualAuth . . . . . . . . . . . . . . . . . . 70
6.4.21. requestSequenceDet . . . . . . . . . . . . . . . . . 68 6.4.20. requestReplayDet . . . . . . . . . . . . . . . . . . 70
6.4.22. requestCredDeleg . . . . . . . . . . . . . . . . . . 68 6.4.21. requestSequenceDet . . . . . . . . . . . . . . . . . 70
6.4.23. requestAnonymity . . . . . . . . . . . . . . . . . . 69 6.4.22. requestCredDeleg . . . . . . . . . . . . . . . . . . 71
6.4.24. requestConf . . . . . . . . . . . . . . . . . . . . . 69 6.4.23. requestAnonymity . . . . . . . . . . . . . . . . . . 71
6.4.25. requestInteg . . . . . . . . . . . . . . . . . . . . 69 6.4.24. requestConf . . . . . . . . . . . . . . . . . . . . . 71
6.4.26. requestLifetime . . . . . . . . . . . . . . . . . . . 69 6.4.25. requestInteg . . . . . . . . . . . . . . . . . . . . 71
6.4.27. setChannelBinding . . . . . . . . . . . . . . . . . . 70 6.4.26. requestLifetime . . . . . . . . . . . . . . . . . . . 72
6.4.28. getCredDelegState . . . . . . . . . . . . . . . . . . 70 6.4.27. setChannelBinding . . . . . . . . . . . . . . . . . . 72
6.4.29. getMutualAuthState . . . . . . . . . . . . . . . . . 70 6.4.28. getCredDelegState . . . . . . . . . . . . . . . . . . 72
6.4.30. getReplayDetState . . . . . . . . . . . . . . . . . . 70 6.4.29. getMutualAuthState . . . . . . . . . . . . . . . . . 72
6.4.31. getSequenceDetState . . . . . . . . . . . . . . . . . 71 6.4.30. getReplayDetState . . . . . . . . . . . . . . . . . . 73
6.4.32. getAnonymityState . . . . . . . . . . . . . . . . . . 71 6.4.31. getSequenceDetState . . . . . . . . . . . . . . . . . 73
6.4.33. isTransferable . . . . . . . . . . . . . . . . . . . 71 6.4.32. getAnonymityState . . . . . . . . . . . . . . . . . . 73
6.4.34. isProtReady . . . . . . . . . . . . . . . . . . . . . 71 6.4.33. isTransferable . . . . . . . . . . . . . . . . . . . 73
6.4.35. getConfState . . . . . . . . . . . . . . . . . . . . 71 6.4.34. isProtReady . . . . . . . . . . . . . . . . . . . . . 74
6.4.36. getIntegState . . . . . . . . . . . . . . . . . . . . 72 6.4.35. getConfState . . . . . . . . . . . . . . . . . . . . 74
6.4.37. getLifetime . . . . . . . . . . . . . . . . . . . . . 72 6.4.36. getIntegState . . . . . . . . . . . . . . . . . . . . 74
6.4.38. getSrcName . . . . . . . . . . . . . . . . . . . . . 72 6.4.37. getLifetime . . . . . . . . . . . . . . . . . . . . . 74
6.4.39. getTargName . . . . . . . . . . . . . . . . . . . . . 72 6.4.38. getSrcName . . . . . . . . . . . . . . . . . . . . . 74
6.4.40. getMech . . . . . . . . . . . . . . . . . . . . . . . 72 6.4.39. getTargName . . . . . . . . . . . . . . . . . . . . . 75
6.4.41. getDelegCred . . . . . . . . . . . . . . . . . . . . 73 6.4.40. getMech . . . . . . . . . . . . . . . . . . . . . . . 75
6.4.42. isInitiator . . . . . . . . . . . . . . . . . . . . . 73 6.4.41. getDelegCred . . . . . . . . . . . . . . . . . . . . 75
6.5. public class MessageProp . . . . . . . . . . . . . . . . 73 6.4.42. isInitiator . . . . . . . . . . . . . . . . . . . . . 75
6.5.1. Constructors . . . . . . . . . . . . . . . . . . . . . 73 6.5. public class MessageProp . . . . . . . . . . . . . . . . 75
6.5.2. getQOP . . . . . . . . . . . . . . . . . . . . . . . . 74 6.5.1. Constructors . . . . . . . . . . . . . . . . . . . . . 76
6.5.3. getPrivacy . . . . . . . . . . . . . . . . . . . . . . 74 6.5.2. getQOP . . . . . . . . . . . . . . . . . . . . . . . . 76
6.5.4. getMinorStatus . . . . . . . . . . . . . . . . . . . . 74 6.5.3. getPrivacy . . . . . . . . . . . . . . . . . . . . . . 76
6.5.5. getMinorString . . . . . . . . . . . . . . . . . . . . 74 6.5.4. getMinorStatus . . . . . . . . . . . . . . . . . . . . 77
6.5.6. setQOP . . . . . . . . . . . . . . . . . . . . . . . . 75 6.5.5. getMinorString . . . . . . . . . . . . . . . . . . . . 77
6.5.7. setPrivacy . . . . . . . . . . . . . . . . . . . . . . 75 6.5.6. setQOP . . . . . . . . . . . . . . . . . . . . . . . . 77
6.5.8. isDuplicateToken . . . . . . . . . . . . . . . . . . . 75 6.5.7. setPrivacy . . . . . . . . . . . . . . . . . . . . . . 77
6.5.9. isOldToken . . . . . . . . . . . . . . . . . . . . . . 75 6.5.8. isDuplicateToken . . . . . . . . . . . . . . . . . . . 77
6.5.10. isUnseqToken . . . . . . . . . . . . . . . . . . . . 75 6.5.9. isOldToken . . . . . . . . . . . . . . . . . . . . . . 78
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
6.5.11. isGapToken . . . . . . . . . . . . . . . . . . . . . 75 6.5.10. isUnseqToken . . . . . . . . . . . . . . . . . . . . 78
6.5.12. setSupplementaryStates . . . . . . . . . . . . . . . 76 6.5.11. isGapToken . . . . . . . . . . . . . . . . . . . . . 78
6.6. public class ChannelBinding . . . . . . . . . . . . . . 76 6.5.12. setSupplementaryStates . . . . . . . . . . . . . . . 78
6.6.1. Constructors . . . . . . . . . . . . . . . . . . . . . 77 6.6. public class ChannelBinding . . . . . . . . . . . . . . 79
6.6.2. getInitiatorAddress . . . . . . . . . . . . . . . . . 77 6.6.1. Constructors . . . . . . . . . . . . . . . . . . . . . 79
6.6.3. getAcceptorAddress . . . . . . . . . . . . . . . . . . 78 6.6.2. getInitiatorAddress . . . . . . . . . . . . . . . . . 80
6.6.4. getApplicationData . . . . . . . . . . . . . . . . . . 78 6.6.3. getAcceptorAddress . . . . . . . . . . . . . . . . . . 80
6.6.5. equals . . . . . . . . . . . . . . . . . . . . . . . . 78 6.6.4. getApplicationData . . . . . . . . . . . . . . . . . . 80
6.7. public class Oid . . . . . . . . . . . . . . . . . . . . 78 6.6.5. equals . . . . . . . . . . . . . . . . . . . . . . . . 80
6.7.1. Constructors . . . . . . . . . . . . . . . . . . . . . 79 6.7. public class Oid . . . . . . . . . . . . . . . . . . . . 81
6.7.2. toString . . . . . . . . . . . . . . . . . . . . . . . 79 6.7.1. Constructors . . . . . . . . . . . . . . . . . . . . . 81
6.7.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 80 6.7.2. toString . . . . . . . . . . . . . . . . . . . . . . . 82
6.7.4. getDER . . . . . . . . . . . . . . . . . . . . . . . . 80 6.7.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 82
6.7.5. containedIn . . . . . . . . . . . . . . . . . . . . . 80 6.7.4. getDER . . . . . . . . . . . . . . . . . . . . . . . . 82
6.8. public class GSSException extends Exception . . . . . . 80 6.7.5. containedIn . . . . . . . . . . . . . . . . . . . . . 82
6.8.1. Static Constants . . . . . . . . . . . . . . . . . . . 81 6.8. public class GSSException extends Exception . . . . . . 83
6.8.2. Constructors . . . . . . . . . . . . . . . . . . . . . 83 6.8.1. Static Constants . . . . . . . . . . . . . . . . . . . 83
6.8.3. getMajor . . . . . . . . . . . . . . . . . . . . . . . 84 6.8.2. Constructors . . . . . . . . . . . . . . . . . . . . . 86
6.8.4. getMinor . . . . . . . . . . . . . . . . . . . . . . . 84 6.8.3. getMajor . . . . . . . . . . . . . . . . . . . . . . . 86
6.8.5. getMajorString . . . . . . . . . . . . . . . . . . . . 84 6.8.4. getMinor . . . . . . . . . . . . . . . . . . . . . . . 86
6.8.6. getMinorString . . . . . . . . . . . . . . . . . . . . 84 6.8.5. getMajorString . . . . . . . . . . . . . . . . . . . . 87
6.8.7. setMinor . . . . . . . . . . . . . . . . . . . . . . . 85 6.8.6. getMinorString . . . . . . . . . . . . . . . . . . . . 87
6.8.8. toString . . . . . . . . . . . . . . . . . . . . . . . 85 6.8.7. setMinor . . . . . . . . . . . . . . . . . . . . . . . 87
6.8.9. getMessage . . . . . . . . . . . . . . . . . . . . . . 85 6.8.8. toString . . . . . . . . . . . . . . . . . . . . . . . 87
7. Sample Applications . . . . . . . . . . . . . . . . . . . 85 6.8.9. getMessage . . . . . . . . . . . . . . . . . . . . . . 87
7.1. Simple GSS Context Initiator . . . . . . . . . . . . . . 86 7. Sample Applications . . . . . . . . . . . . . . . . . . . 88
7.2. Simple GSS Context Acceptor . . . . . . . . . . . . . . 90 7.1. Simple GSS Context Initiator . . . . . . . . . . . . . . 88
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 94 7.2. Simple GSS Context Acceptor . . . . . . . . . . . . . . 92
9. Bibliography . . . . . . . . . . . . . . . . . . . . . . . 95 8. Security Considerations . . . . . . . . . . . . . . . . . 96
10. Author's Address . . . . . . . . . . . . . . . . . . . . 96 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 97
10. Bibliography . . . . . . . . . . . . . . . . . . . . . . 98
11. Author's Address . . . . . . . . . . . . . . . . . . . . 99
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
1. Introduction 1. Introduction
This document specifies Java language bindings for the Generic This document specifies Java language bindings for the Generic
Security Services Application Programming Interface (GSS-API) Version Security Services Application Programming Interface (GSS-API) Version
2. GSS-API Version 2 is described in a language independent format in 2. GSS-API Version 2 is described in a language independent format in
RFC 2078 [GSSAPIv2]. The GSS-API allows a caller application to RFC 2078 [GSSAPIv2]. The GSS-API allows a caller application to
authenticate a principal identity, to delegate rights to a peer, and authenticate a principal identity, to delegate rights to a peer, and
to apply security services such as confidentiality and integrity on a to apply security services such as confidentiality and integrity on a
per-message basis. per-message basis.
skipping to change at page 7, line 5 skipping to change at page 7, line 5
add and manage GSS-API mechanisms. GSS-API leverages the JCA provider add and manage GSS-API mechanisms. GSS-API leverages the JCA provider
concept to support the plugability of mechanisms. Mechanisms can be concept to support the plugability of mechanisms. Mechanisms can be
added on a "system-wide" basis, where all users of the framework will added on a "system-wide" basis, where all users of the framework will
have them available. The specification also allows for the addition have them available. The specification also allows for the addition
of mechanisms per-instance the GSS-API. of mechanisms per-instance the GSS-API.
Lastly, this specification presents an API that will naturally fit Lastly, this specification presents an API that will naturally fit
within the operation environment of the Java platform. Readers are within the operation environment of the Java platform. Readers are
assumed to be familiar with both the GSS-API and the Java platform. assumed to be familiar with both the GSS-API and the Java platform.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
2. GSS-API Operational Paradigm 2. GSS-API Operational Paradigm
The Generic Security Service Application Programming Interface The Generic Security Service Application Programming Interface
[GSSAPIv2] defines a generic security API to calling applications. [GSSAPIv2] defines a generic security API to calling applications.
It allows a communicating application to authenticate the user It allows a communicating application to authenticate the user
associated with another application, to delegate rights to another associated with another application, to delegate rights to another
application, and to apply security services such as confidentiality application, and to apply security services such as confidentiality
and integrity on a per-message basis. and integrity on a per-message basis.
skipping to change at page 8, line 5 skipping to change at page 8, line 5
Certain GSSContext methods will generate a token, which Certain GSSContext methods will generate a token, which
applications treat as cryptographically protected, opaque applications treat as cryptographically protected, opaque
data. The caller of such GSSContext method is responsible data. The caller of such GSSContext method is responsible
for transferring the token to the peer application, for transferring the token to the peer application,
encapsulated if necessary in an application-to-application encapsulated if necessary in an application-to-application
protocol. On receipt of such a token, the peer application protocol. On receipt of such a token, the peer application
should pass it to a corresponding GSSContext method which should pass it to a corresponding GSSContext method which
will decode the token and extract the information, updating will decode the token and extract the information, updating
the security context state information accordingly. the security context state information accordingly.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
3) Per-message services are invoked on a GSSContext object to 3) Per-message services are invoked on a GSSContext object to
apply either: apply either:
integrity and data origin authentication, or integrity and data origin authentication, or
confidentiality, integrity and data origin confidentiality, integrity and data origin
authentication authentication
to application data, which are treated by GSS-API as to application data, which are treated by GSS-API as
skipping to change at page 9, line 5 skipping to change at page 9, line 5
The optional services defined are: The optional services defined are:
Delegation Delegation
The (usually temporary) transfer of rights from initiator to The (usually temporary) transfer of rights from initiator to
acceptor, enabling the acceptor to authenticate itself as an acceptor, enabling the acceptor to authenticate itself as an
agent of the initiator. agent of the initiator.
Mutual Authentication Mutual Authentication
In addition to the initiator authenticating its identity to the In addition to the initiator authenticating its identity to the
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
context acceptor, the context acceptor should also authenticate context acceptor, the context acceptor should also authenticate
itself to the initiator. itself to the initiator.
Replay Detection Replay Detection
In addition to providing message integrity services, GSSContext In addition to providing message integrity services, GSSContext
per-message operations of getMIC and wrap should include message per-message operations of getMIC and wrap should include message
numbering information to enable verifyMIC and unwrap to detect numbering information to enable verifyMIC and unwrap to detect
if a message has been duplicated. if a message has been duplicated.
skipping to change at page 10, line 5 skipping to change at page 10, line 5
establishment when the initiator indicates a desire to use such a establishment when the initiator indicates a desire to use such a
service, so that the initiating GSS-API can correctly indicate service, so that the initiating GSS-API can correctly indicate
whether the service is supported by the acceptor's GSS-API. whether the service is supported by the acceptor's GSS-API.
3.1. Delegation 3.1. Delegation
The GSS-API allows delegation to be controlled by the initiating The GSS-API allows delegation to be controlled by the initiating
application via the requestCredDeleg method before the first call to application via the requestCredDeleg method before the first call to
init has been issued. Some mechanisms do not support delegation, and init has been issued. Some mechanisms do not support delegation, and
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
for such mechanisms attempts by an application to enable delegation for such mechanisms attempts by an application to enable delegation
are ignored. are ignored.
The acceptor of a security context, for which the initiator enabled The acceptor of a security context, for which the initiator enabled
delegation, can check if delegation was enabled by using the delegation, can check if delegation was enabled by using the
getCredDelegState method of the GSSContext interface. In cases when getCredDelegState method of the GSSContext interface. In cases when
it is, the delegated credential object can be obtained by calling the it is, the delegated credential object can be obtained by calling the
getDelegCred method. The obtained GSSCredential object may then be getDelegCred method. The obtained GSSCredential object may then be
used to initiate subsequent GSS-API security contexts as an agent or used to initiate subsequent GSS-API security contexts as an agent or
skipping to change at page 11, line 5 skipping to change at page 11, line 5
cases, the initiator may also request that the acceptor authenticate cases, the initiator may also request that the acceptor authenticate
itself. GSS-API allows the initiating application to request this itself. GSS-API allows the initiating application to request this
mutual authentication service by calling the requestMutualAuth method mutual authentication service by calling the requestMutualAuth method
of the GSSContext interface with a "true" parameter before making the of the GSSContext interface with a "true" parameter before making the
first call to init. The initiating application is informed as to first call to init. The initiating application is informed as to
whether or not the context acceptor has authenticated itself. Note whether or not the context acceptor has authenticated itself. Note
that some mechanisms may not support mutual authentication, and other that some mechanisms may not support mutual authentication, and other
mechanisms may always perform mutual authentication, whether or not mechanisms may always perform mutual authentication, whether or not
the initiating application requests it. In particular, mutual the initiating application requests it. In particular, mutual
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
authentication may be required by some mechanisms in order to support authentication may be required by some mechanisms in order to support
replay or out-of-sequence message detection, and for such mechanisms replay or out-of-sequence message detection, and for such mechanisms
a request for either of these services will automatically enable a request for either of these services will automatically enable
mutual authentication. mutual authentication.
3.3. Replay and Out-of-Sequence Detection 3.3. Replay and Out-of-Sequence Detection
The GSS-API may provide detection of mis-ordered messages once a The GSS-API may provide detection of mis-ordered messages once a
security context has been established. Protection may be applied to security context has been established. Protection may be applied to
skipping to change at page 12, line 5 skipping to change at page 12, line 5
of the instance of MessageProp to return "true". of the instance of MessageProp to return "true".
3.4. Anonymous Authentication 3.4. Anonymous Authentication
In certain situations, an application may wish to initiate the In certain situations, an application may wish to initiate the
authentication process to authenticate a peer, without revealing its authentication process to authenticate a peer, without revealing its
own identity. As an example, consider an application providing own identity. As an example, consider an application providing
access to a database containing medical information, and offering access to a database containing medical information, and offering
unrestricted access to the service. A client of such a service might unrestricted access to the service. A client of such a service might
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
wish to authenticate the service (in order to establish trust in any wish to authenticate the service (in order to establish trust in any
information retrieved from it), but might not wish the service to be information retrieved from it), but might not wish the service to be
able to obtain the client's identity (perhaps due to privacy concerns able to obtain the client's identity (perhaps due to privacy concerns
about the specific inquiries, or perhaps simply to avoid being placed about the specific inquiries, or perhaps simply to avoid being placed
on mailing-lists). on mailing-lists).
In normal use of the GSS-API, the initiator's identity is made In normal use of the GSS-API, the initiator's identity is made
available to the acceptor as a result of the context establishment available to the acceptor as a result of the context establishment
process. However, context initiators may request that their identity process. However, context initiators may request that their identity
skipping to change at page 13, line 5 skipping to change at page 13, line 5
operands is a GSSName instance representing an anonymous entity, the operands is a GSSName instance representing an anonymous entity, the
method must return "false". method must return "false".
3.5. Confidentiality 3.5. Confidentiality
If a GSSContext supports the confidentiality service, wrap method may If a GSSContext supports the confidentiality service, wrap method may
be used to encrypt application messages. Messages are selectively be used to encrypt application messages. Messages are selectively
encrypted, under the control of the setPrivacy method of the encrypted, under the control of the setPrivacy method of the
MessageProp object used in the wrap method. MessageProp object used in the wrap method.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
3.6. Inter-process Context Transfer 3.6. Inter-process Context Transfer
GSS-API V2 provides functionality which allows a security context to GSS-API V2 provides functionality which allows a security context to
be transferred between processes on a single machine. These are be transferred between processes on a single machine. These are
implemented using the export method of GSSContext and a byte array implemented using the export method of GSSContext and a byte array
constructor of the same class. The most common use for such a constructor of the same class. The most common use for such a
feature is a client-server design where the server is implemented as feature is a client-server design where the server is implemented as
a single process that accepts incoming security contexts, which then a single process that accepts incoming security contexts, which then
launches child processes to deal with the data on these contexts. In launches child processes to deal with the data on these contexts. In
skipping to change at page 14, line 5 skipping to change at page 14, line 5
3.7. The Use of Incomplete Contexts 3.7. The Use of Incomplete Contexts
Some mechanisms may allow the per-message services to be used before Some mechanisms may allow the per-message services to be used before
the context establishment process is complete. For example, a the context establishment process is complete. For example, a
mechanism may include sufficient information in its initial context- mechanism may include sufficient information in its initial context-
level tokens for the context acceptor to immediately decode messages level tokens for the context acceptor to immediately decode messages
protected with wrap or getMIC. For such a mechanism, the initiating protected with wrap or getMIC. For such a mechanism, the initiating
application need not wait until subsequent context-level tokens have application need not wait until subsequent context-level tokens have
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
been sent and received before invoking the per-message protection been sent and received before invoking the per-message protection
services. services.
An application can invoke the isProtReady method of the GSSContext An application can invoke the isProtReady method of the GSSContext
class to determine if the per-message services are available in class to determine if the per-message services are available in
advance of complete context establishment. Applications wishing to advance of complete context establishment. Applications wishing to
use per-message protection services on partially-established contexts use per-message protection services on partially-established contexts
should query this method before attempting to invoke wrap or getMIC. should query this method before attempting to invoke wrap or getMIC.
skipping to change at page 15, line 5 skipping to change at page 15, line 5
applications to be implementation independent and security API applications to be implementation independent and security API
implementations to be modular and extensible. The implementations to be modular and extensible. The
java.security.Provider class is an abstract class that a vendor java.security.Provider class is an abstract class that a vendor
extends. This class maps various properties that represent different extends. This class maps various properties that represent different
security services that are available to the names of the actual security services that are available to the names of the actual
vendor classes that implement those services. When requesting a vendor classes that implement those services. When requesting a
service, an application simply specifies the desired provider and the service, an application simply specifies the desired provider and the
API delegates the request to service classes available from that API delegates the request to service classes available from that
provider. provider.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
Using the Java security provider model insulates applications from Using the Java security provider model insulates applications from
implementation details of the services they wish to use. implementation details of the services they wish to use.
Applications can switch between providers easily and new providers Applications can switch between providers easily and new providers
can be added as needed, even at runtime. can be added as needed, even at runtime.
The GSS-API may use providers to find components for specific The GSS-API may use providers to find components for specific
underlying security mechanisms. For instance, a particular provider underlying security mechanisms. For instance, a particular provider
might contain components that will allow the GSS-API to support the might contain components that will allow the GSS-API to support the
Kerberos v5 mechanism and another might contain components to support Kerberos v5 mechanism and another might contain components to support
skipping to change at page 16, line 5 skipping to change at page 16, line 5
determine their size. The language has automatic garbage collection determine their size. The language has automatic garbage collection
which alleviates the need by developers to release memory and which alleviates the need by developers to release memory and
simplifies buffer ownership issues. simplifies buffer ownership issues.
4.5. Strings 4.5. Strings
The String object will be used to represent all textual data. The The String object will be used to represent all textual data. The
Java String object, transparently treats all characters as two-byte Java String object, transparently treats all characters as two-byte
Unicode characters which allows support for many locals. All Unicode characters which allows support for many locals. All
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
routines returning or accepting textual data will use the String routines returning or accepting textual data will use the String
object. object.
4.6. Object Identifiers 4.6. Object Identifiers
An Oid object will be used to represent Universal Object Identifiers An Oid object will be used to represent Universal Object Identifiers
(Oids). Oids are ISO-defined, hierarchically globally-interpretable (Oids). Oids are ISO-defined, hierarchically globally-interpretable
identifiers used within the GSS-API framework to identify security identifiers used within the GSS-API framework to identify security
mechanisms and name formats. The Oid object can be created from a mechanisms and name formats. The Oid object can be created from a
skipping to change at page 17, line 5 skipping to change at page 17, line 5
management issues of the C counterpart. management issues of the C counterpart.
When ever a default value for an Object Identifier Set is required, a When ever a default value for an Object Identifier Set is required, a
"null" value can be used. Please consult the detailed method "null" value can be used. Please consult the detailed method
description for details. description for details.
4.8. Credentials 4.8. Credentials
GSS-API credentials are represented by the GSSCredential interface. GSS-API credentials are represented by the GSSCredential interface.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
The interface contains several constructs to allow for the creation The interface contains several constructs to allow for the creation
of most common credential objects for the initiator and the acceptor. of most common credential objects for the initiator and the acceptor.
Comparisons are performed using the interface's "equals" method. The Comparisons are performed using the interface's "equals" method. The
following general description of GSS-API credentials is included from following general description of GSS-API credentials is included from
the C-bindings specification: the C-bindings specification:
GSS-API credentials can contain mechanism-specific principal GSS-API credentials can contain mechanism-specific principal
authentication data for multiple mechanisms. A GSS-API credential is authentication data for multiple mechanisms. A GSS-API credential is
composed of a set of credential-elements, each of which is applicable composed of a set of credential-elements, each of which is applicable
skipping to change at page 18, line 5 skipping to change at page 18, line 5
principal shall be used, otherwise principal shall be used, otherwise
2) If the platform maintains a concept of a default network- 2) If the platform maintains a concept of a default network-
identity for the chosen mechanism, and if the application identity for the chosen mechanism, and if the application
is authorized to act on behalf of that identity for the is authorized to act on behalf of that identity for the
purpose of initiating security contexts, then the principal purpose of initiating security contexts, then the principal
corresponding to that identity shall be used, otherwise corresponding to that identity shall be used, otherwise
3) If the platform maintains a concept of a default local 3) If the platform maintains a concept of a default local
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
identity, and provides a means to map local identities into identity, and provides a means to map local identities into
network-identities for the chosen mechanism, and if the network-identities for the chosen mechanism, and if the
application is authorized to act on behalf of the network- application is authorized to act on behalf of the network-
identity image of the default local identity for the identity image of the default local identity for the
purpose of initiating security contexts using the chosen purpose of initiating security contexts using the chosen
mechanism, then the principal corresponding to that mechanism, then the principal corresponding to that
identity shall be used, otherwise identity shall be used, otherwise
4) A user-configurable default identity should be used. 4) A user-configurable default identity should be used.
skipping to change at page 19, line 5 skipping to change at page 19, line 5
likely to be more portable across mechanisms and implementations than likely to be more portable across mechanisms and implementations than
ones that instantiate an GSSCredential object representing a specific ones that instantiate an GSSCredential object representing a specific
identity. identity.
4.9. Contexts 4.9. Contexts
The GSSContext interface is used to represent one end of a GSS-API The GSSContext interface is used to represent one end of a GSS-API
security context, storing state information appropriate to that end security context, storing state information appropriate to that end
of the peer communication, including cryptographic state information. of the peer communication, including cryptographic state information.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
The instantiation of the context object is done differently by the The instantiation of the context object is done differently by the
initiator and the acceptor. After the context has been instantiated, initiator and the acceptor. After the context has been instantiated,
the initiator may choose to set various context options which will the initiator may choose to set various context options which will
determine the characteristics of the desired security context. When determine the characteristics of the desired security context. When
all the application desired characteristics have been set, the all the application desired characteristics have been set, the
initiator will call the initSecContext method which will produce a initiator will call the initSecContext method which will produce a
token for consumption by the peer's acceptSecContext method. It is token for consumption by the peer's acceptSecContext method. It is
the responsibility of the application to deliver the authentication the responsibility of the application to deliver the authentication
token(s) between the peer applications for processing. Upon token(s) between the peer applications for processing. Upon
skipping to change at page 20, line 5 skipping to change at page 20, line 5
that, while GSS-API implementors are encouraged to avoid placing that, while GSS-API implementors are encouraged to avoid placing
sensitive information within interprocess tokens, or to sensitive information within interprocess tokens, or to
cryptographically protect them, many implementations will be unable cryptographically protect them, many implementations will be unable
to avoid placing key material or other sensitive data within them. to avoid placing key material or other sensitive data within them.
It is the application's responsibility to ensure that interprocess It is the application's responsibility to ensure that interprocess
tokens are protected in transit, and transferred only to processes tokens are protected in transit, and transferred only to processes
that are trustworthy. An interprocess token is represented using a that are trustworthy. An interprocess token is represented using a
byte array emitted from the export method of the GSSContext byte array emitted from the export method of the GSSContext
interface. The receiver of the interprocess token would initialize interface. The receiver of the interprocess token would initialize
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
an GSSContext object with this token to create a new context. Once a an GSSContext object with this token to create a new context. Once a
context has been exported, the GSSContext object is invalidated and context has been exported, the GSSContext object is invalidated and
is no longer available. is no longer available.
4.12. Error Reporting 4.12. Error Reporting
RFC 2078 defined the usage of major and minor status values for RFC 2078 defined the usage of major and minor status values for
signaling of GSS-API errors. The major code, also called GSS status signaling of GSS-API errors. The major code, also called GSS status
code, is used to signal errors at the GSS-API level independent of code, is used to signal errors at the GSS-API level independent of
skipping to change at page 21, line 5 skipping to change at page 21, line 5
appropriate for informatory or warning-like information. The methods appropriate for informatory or warning-like information. The methods
that are capable of producing supplementary information are the two that are capable of producing supplementary information are the two
per-message methods GSSContext.verifyMIC() and GSSContext.unwrap(). per-message methods GSSContext.verifyMIC() and GSSContext.unwrap().
These methods fill the supplementary status codes in the MessageProp These methods fill the supplementary status codes in the MessageProp
object that was passed in. object that was passed in.
GSSException object, along with providing the functionality for GSSException object, along with providing the functionality for
setting of the various error codes and translating them into textual setting of the various error codes and translating them into textual
representation, also contains the definitions of all the numeric representation, also contains the definitions of all the numeric
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
error values. The following table lists the definitions of error error values. The following table lists the definitions of error
codes: codes:
Table: GSS Status Codes Table: GSS Status Codes
Name Value Meaning Name Value Meaning
BAD_MECH 1 An unsupported mechanism BAD_MECH 1 An unsupported mechanism
was requested. was requested.
skipping to change at page 22, line 5 skipping to change at page 22, line 5
CONTEXT_EXPIRED 12 The context has expired. CONTEXT_EXPIRED 12 The context has expired.
FAILURE 13 Miscellaneous failure, FAILURE 13 Miscellaneous failure,
unspecified at the GSS-API level. unspecified at the GSS-API level.
BAD_QOP 14 The quality-of-protection BAD_QOP 14 The quality-of-protection
requested could not be provided. requested could not be provided.
UNAUTHORIZED 15 The operation is forbidden by UNAUTHORIZED 15 The operation is forbidden by
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
local security policy. local security policy.
UNAVAILABLE 16 The operation or option is UNAVAILABLE 16 The operation or option is
unavailable. unavailable.
DUPLICATE_ELEMENT 17 The requested credential DUPLICATE_ELEMENT 17 The requested credential
element already exists. element already exists.
NAME_NOT_MN 18 The provided name was not a NAME_NOT_MN 18 The provided name was not a
skipping to change at page 22, line 29 skipping to change at page 22, line 29
expired. expired.
DUPLICATE_TOKEN 20 The token was a duplicate of an DUPLICATE_TOKEN 20 The token was a duplicate of an
earlier version. earlier version.
The GSS major status code of FAILURE is used to indicate that the The GSS major status code of FAILURE is used to indicate that the
underlying mechanism detected an error for which no specific GSS underlying mechanism detected an error for which no specific GSS
status code is defined. The mechanism-specific status code can status code is defined. The mechanism-specific status code can
provide more details about the error. provide more details about the error.
The different major status codes that can be contained in the
GSSException object thrown by the methods in this specification are
the same as the major status codes returned by the corresponding
calls in RFC 2078 [GSSAPIv2].
4.12.2. Mechanism-specific status codes 4.12.2. Mechanism-specific status codes
Mechanism-specific status codes are communicated in two ways, they Mechanism-specific status codes are communicated in two ways, they
are part of any GSSException thrown from the mechanism specific layer are part of any GSSException thrown from the mechanism specific layer
to signal a fatal error, or they are part of the MessageProp object to signal a fatal error, or they are part of the MessageProp object
that the per-message calls use to signal non-fatal errors. that the per-message calls use to signal non-fatal errors.
A default value of 0 in either the GSSException object or the A default value of 0 in either the GSSException object or the
MessageProp object will be used to represent the absence of any MessageProp object will be used to represent the absence of any
mechanism specific status code. mechanism specific status code.
4.12.3. Supplementary status codes 4.12.3. Supplementary status codes
Supplementary status codes are confined to the per-message methods of Supplementary status codes are confined to the per-message methods of
the GSSContext interface. Because of the informative nature of these the GSSContext interface. Because of the informative nature of these
errors it is not appropriate to use exceptions to signal them. errors it is not appropriate to use exceptions to signal them.
Instead, the per-message operations of the GSSContext interface Instead, the per-message operations of the GSSContext interface
return these values in a MessageProp object. return these values in a MessageProp object.
GSS-API Java Bindings December 1999
The MessageProp class defines query methods which return boolean The MessageProp class defines query methods which return boolean
values indicating the following supplementary states: values indicating the following supplementary states:
GSS-API Java Bindings October 1999
Table: Supplementary Status Methods Table: Supplementary Status Methods
Method Name Meaning when "true" is returned Method Name Meaning when "true" is returned
isDuplicateToken The token was a duplicate of an isDuplicateToken The token was a duplicate of an
earlier token. earlier token.
isOldToken The token's validity period has isOldToken The token's validity period has
expired. expired.
skipping to change at page 23, line 49 skipping to change at page 24, line 4
Two distinct conceptual representations are defined for names: Two distinct conceptual representations are defined for names:
1) A GSS-API form represented by implementations of the GSSName 1) A GSS-API form represented by implementations of the GSSName
interface: A single GSSName object may contain multiple names interface: A single GSSName object may contain multiple names
from different namespaces, but all names should refer to the from different namespaces, but all names should refer to the
same entity. An example of such an internal name would be the same entity. An example of such an internal name would be the
name returned from a call to the getName method of the name returned from a call to the getName method of the
GSSCredential interface, when applied to a credential containing GSSCredential interface, when applied to a credential containing
credential elements for multiple authentication mechanisms credential elements for multiple authentication mechanisms
employing different namespaces. This GSSName object will employing different namespaces. This GSSName object will
GSS-API Java Bindings December 1999
contain a distinct name for the entity for each authentication contain a distinct name for the entity for each authentication
mechanism. mechanism.
GSS-API Java Bindings October 1999
For GSS-API implementations supporting multiple namespaces, For GSS-API implementations supporting multiple namespaces,
GSSName implementations must contain sufficient information to GSSName implementations must contain sufficient information to
determine the namespace to which each primitive name belongs. determine the namespace to which each primitive name belongs.
2) Mechanism-specific contiguous byte array and string forms: 2) Mechanism-specific contiguous byte array and string forms:
Different GSSName initialization methods are provided to handle Different GSSName initialization methods are provided to handle
both byte array and string formats and to accommodate various both byte array and string formats and to accommodate various
calling applications and name types. These formats are capable calling applications and name types. These formats are capable
of containing only a single name (from a single namespace). of containing only a single name (from a single namespace).
Contiguous string names are always accompanied by an object Contiguous string names are always accompanied by an object
skipping to change at page 24, line 52 skipping to change at page 25, line 4
algorithmic mapping of Internet DNS names into X.500. That algorithmic mapping of Internet DNS names into X.500. That
mechanism's implementation of GSSName might, when presented with a mechanism's implementation of GSSName might, when presented with a
DNS name, generate an internal name that contained both the original DNS name, generate an internal name that contained both the original
DNS name and the equivalent X.500 name. Alternatively, it might only DNS name and the equivalent X.500 name. Alternatively, it might only
store the X.500 name. In the latter case, the toString method of store the X.500 name. In the latter case, the toString method of
GSSName would most likely generate a printable X.500 name, rather GSSName would most likely generate a printable X.500 name, rather
than the original DNS name. than the original DNS name.
The context acceptor can obtain an GSSName object representing the The context acceptor can obtain an GSSName object representing the
entity performing the context initiation (through the usage of entity performing the context initiation (through the usage of
GSS-API Java Bindings December 1999
getSrcName method). Since this name has been authenticated by a getSrcName method). Since this name has been authenticated by a
single mechanism, it contains only a single name (even if the single mechanism, it contains only a single name (even if the
internal name presented by the context initiator to the GSSContext internal name presented by the context initiator to the GSSContext
GSS-API Java Bindings October 1999
object had multiple components). Such names are termed internal object had multiple components). Such names are termed internal
mechanism names, or "MN"s and the names emitted by GSSContext mechanism names, or "MN"s and the names emitted by GSSContext
interface in the getSrcName and getTargName are always of this type. interface in the getSrcName and getTargName are always of this type.
Since some applications may require MNs without wanting to incur the Since some applications may require MNs without wanting to incur the
overhead of an authentication operation, creation methods are overhead of an authentication operation, creation methods are
provided that take not only the name buffer and name type, but also provided that take not only the name buffer and name type, but also
the mechanism oid for which this name should be created. When the mechanism oid for which this name should be created. When
dealing with an existing GSSName object, the canonicalize method may dealing with an existing GSSName object, the canonicalize method may
be invoked to convert a general internal name into an MN. be invoked to convert a general internal name into an MN.
skipping to change at page 25, line 52 skipping to change at page 26, line 4
where the syntax of the trailer is defined by the individual where the syntax of the trailer is defined by the individual
mechanism specification. Detailed description of the format is mechanism specification. Detailed description of the format is
specified in the language-independent GSS-API specification specified in the language-independent GSS-API specification
[GSSAPIv2]. [GSSAPIv2].
Note that the results obtained by using the equals method will in Note that the results obtained by using the equals method will in
general be different from those obtained by invoking canonicalize and general be different from those obtained by invoking canonicalize and
export, and then comparing the byte array output. The first series export, and then comparing the byte array output. The first series
of operation determines whether two (unauthenticated) names identify of operation determines whether two (unauthenticated) names identify
the same principal; the second whether a particular mechanism would the same principal; the second whether a particular mechanism would
GSS-API Java Bindings December 1999
authenticate them as the same principal. These two operations will authenticate them as the same principal. These two operations will
in general give the same results only for MNs. in general give the same results only for MNs.
GSS-API Java Bindings October 1999
It is important to note that the above are guidelines as how GSSName It is important to note that the above are guidelines as how GSSName
implementations should behave, and are not intended to be specific implementations should behave, and are not intended to be specific
requirements of how names objects must be implemented. The mechanism requirements of how names objects must be implemented. The mechanism
designers are free to decide on the details of their implementations designers are free to decide on the details of their implementations
of the GSSName interface as long as the behavior satisfies the above of the GSSName interface as long as the behavior satisfies the above
guidelines. guidelines.
4.14. Channel Bindings 4.14. Channel Bindings
GSS-API supports the use of user-specified tags to identify a given GSS-API supports the use of user-specified tags to identify a given
skipping to change at page 26, line 51 skipping to change at page 27, line 4
The calculated MIC is compared with that found in the token, and if The calculated MIC is compared with that found in the token, and if
the MICs differ, accept will throw a GSSException with the major the MICs differ, accept will throw a GSSException with the major
code set to BAD_BINDINGS, and the context will not be established. code set to BAD_BINDINGS, and the context will not be established.
Some mechanisms may include the actual channel binding data in the Some mechanisms may include the actual channel binding data in the
token (rather than just a MIC); applications should therefore not use token (rather than just a MIC); applications should therefore not use
confidential data as channel-binding components. confidential data as channel-binding components.
Individual mechanisms may impose additional constraints on addresses Individual mechanisms may impose additional constraints on addresses
that may appear in channel bindings. For example, a mechanism may that may appear in channel bindings. For example, a mechanism may
verify that the initiator address field of the channel binding verify that the initiator address field of the channel binding
GSS-API Java Bindings December 1999
contains the correct network address of the host system. Portable contains the correct network address of the host system. Portable
applications should therefore ensure that they either provide correct applications should therefore ensure that they either provide correct
information for the address fields, or omit setting of the addressing information for the address fields, or omit setting of the addressing
GSS-API Java Bindings October 1999
information. information.
4.15. Stream Objects 4.15. Stream Objects
The context object provides overloaded methods which use input and The context object provides overloaded methods which use input and
output streams as the means to convey authentication and per-message output streams as the means to convey authentication and per-message
GSS-API tokens. It is important to note that the streams are GSS-API tokens. It is important to note that the streams are
expected to contain the usual GSS-API tokens which would otherwise be expected to contain the usual GSS-API tokens which would otherwise be
handled through the usage of byte arrays. The tokens are expected to handled through the usage of byte arrays. The tokens are expected to
have a definite start and an end. The callers are responsible for have a definite start and an end. The callers are responsible for
skipping to change at page 27, line 47 skipping to change at page 28, line 4
This section presents a brief description of the classes and This section presents a brief description of the classes and
interfaces that constitute the GSS-API. The implementations of these interfaces that constitute the GSS-API. The implementations of these
are obtained from the CLASSPATH defined by the application. If Java are obtained from the CLASSPATH defined by the application. If Java
GSS becomes part of the standard Java API's then these classes will GSS becomes part of the standard Java API's then these classes will
be available by default on all systems as part of the JRE's system be available by default on all systems as part of the JRE's system
classes. classes.
This section also shows the corresponding RFC 2078 functionality This section also shows the corresponding RFC 2078 functionality
implemented by each of the classes. Detailed description of these implemented by each of the classes. Detailed description of these
classes and their methods is presented in section 6.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
classes and their methods is presented in section 6.
5.1. GSSManager class 5.1. GSSManager class
This class serves as a factory to instantiate implementations of the This abstract class serves as a factory to instantiate
GSS-API interfaces and also provides methods to make queries about implementations of the GSS-API interfaces and also provides methods
underlying security mechanisms. How this class locates and to make queries about underlying security mechanisms.
communicates with components from the underlying security mechanisms
is outside the scope of this document, but may be specified in
whatever SPI the GSSManager implementation follows.
Applications that desire to provide their own implementation of the A default implementation can be obtained using the static method
GSSManager class can simply extend the standard GSSManager class and getInstance(). Applications that desire to provide their own
instantiate the new subclass. However, it is recommended that rather implementation of the GSSManager class can simply extend the abstract
than replacing the implementation, they enable the existing class themselves.
implementation to support their needs by providing the necessary
components via the SPI that it follows.
This class contains equivalents of the following RFC 2078 routines: This class contains equivalents of the following RFC 2078 routines:
RFC 2078 Routine Function Section RFC 2078 Routine Function Section
gss_import_name Create an internal name from 6.1.9- gss_import_name Create an internal name from 6.1.9-
the supplied information. 6.1.12 the supplied information. 6.1.12
gss_acquire_cred Acquire credential 6.1.13- gss_acquire_cred Acquire credential 6.1.13-
for use. 6.1.15 for use. 6.1.15
skipping to change at page 29, line 4 skipping to change at page 28, line 48
supporting the supporting the
specified name type. specified name type.
gss_inquire_names_for_mech List the name types 6.1.7 gss_inquire_names_for_mech List the name types 6.1.7
supported by the supported by the
specified mechanism. specified mechanism.
5.2. GSSName interface 5.2. GSSName interface
GSS-API names are represented in the Java bindings through the GSS-API names are represented in the Java bindings through the
GSS-API Java Bindings October 1999
GSSName interface. Different name formats and their definitions are GSSName interface. Different name formats and their definitions are
identified with universal Object Identifiers (oids). The format of identified with universal Object Identifiers (oids). The format of
GSS-API Java Bindings December 1999
the names can be derived based on the unique oid of each name type. the names can be derived based on the unique oid of each name type.
The following GSS-API routines are provided by the GSSName interface: The following GSS-API routines are provided by the GSSName interface:
RFC 2078 Routine Function Section(s) RFC 2078 Routine Function Section(s)
gss_display_name Covert internal name 6.2.7 gss_display_name Covert internal name 6.2.7
representation to text format. representation to text format.
gss_compare_name Compare two internal names. 6.2.3, 6.2.4 gss_compare_name Compare two internal names. 6.2.3, 6.2.4
skipping to change at page 30, line 5 skipping to change at page 29, line 49
creation of a context on behalf of that entity. A single credential creation of a context on behalf of that entity. A single credential
may contain multiple mechanism specific credentials, each referred to may contain multiple mechanism specific credentials, each referred to
as a credential element. The GSSCredential interface provides the as a credential element. The GSSCredential interface provides the
functionality of the following GSS-API routines: functionality of the following GSS-API routines:
RFC 2078 Routine Function Section(s) RFC 2078 Routine Function Section(s)
gss_add_cred Constructs credentials 6.3.12 gss_add_cred Constructs credentials 6.3.12
incrementally. incrementally.
GSS-API Java Bindings October 1999
gss_inquire_cred Obtain information about 6.3.4,6.3.5 gss_inquire_cred Obtain information about 6.3.4,6.3.5
GSS-API Java Bindings December 1999
credential. credential.
gss_inquire_cred_by_mech Obtain per-mechanism 6.3.5-6.3.10 gss_inquire_cred_by_mech Obtain per-mechanism 6.3.5-6.3.10
information about information about
a credential. a credential.
gss_release_cred Disposes of credentials 6.3.3 gss_release_cred Disposes of credentials 6.3.3
after use. after use.
5.4. GSSContext interface 5.4. GSSContext interface
skipping to change at page 31, line 5 skipping to change at page 30, line 49
gss_inquire_context Obtain context 6.4.29 to gss_inquire_context Obtain context 6.4.29 to
characteristics. 6.3.42 characteristics. 6.3.42
gss_wrap_size_limit Determine token-size limit 6.4.9 gss_wrap_size_limit Determine token-size limit 6.4.9
for gss_wrap. for gss_wrap.
gss_export_sec_context Transfer security context 6.4.18 gss_export_sec_context Transfer security context 6.4.18
to another process. to another process.
GSS-API Java Bindings October 1999
gss_get_mic Calculate a cryptographic 6.4.14, gss_get_mic Calculate a cryptographic 6.4.14,
Message Integrity Code (MIC) 6.4.15 Message Integrity Code (MIC) 6.4.15
GSS-API Java Bindings December 1999
for a message. for a message.
gss_verify_mic Verify integrity on a received 6.4.16, gss_verify_mic Verify integrity on a received 6.4.16,
message. 6.4.17 message. 6.4.17
gss_wrap Attach a MIC to a message and 6.4.10, gss_wrap Attach a MIC to a message and 6.4.10,
optionally encrypt the message 6.4.11 optionally encrypt the message 6.4.11
content. content.
gss_unwrap Obtain a previously wrapped 6.4.12, gss_unwrap Obtain a previously wrapped 6.4.12,
skipping to change at page 32, line 5 skipping to change at page 31, line 49
5.6. GSSException class 5.6. GSSException class
Exceptions are used in the Java bindings to signal fatal errors to Exceptions are used in the Java bindings to signal fatal errors to
the calling applications. This replaces the major and minor codes the calling applications. This replaces the major and minor codes
used in the C-bindings specification as a method of signaling used in the C-bindings specification as a method of signaling
failures. The GSSException class handles both minor and major codes, failures. The GSSException class handles both minor and major codes,
as well as their translation into textual representation. All GSS- as well as their translation into textual representation. All GSS-
API methods are declared as throwing this exception. API methods are declared as throwing this exception.
GSS-API Java Bindings October 1999
RFC 2078 Routine Function Section RFC 2078 Routine Function Section
GSS-API Java Bindings December 1999
gss_display_status Retrieve textual 6.8.5, 6.8.6, gss_display_status Retrieve textual 6.8.5, 6.8.6,
representation of error 6.8.8, 6.8.9 representation of error 6.8.8, 6.8.9
codes. codes.
5.7. Oid class 5.7. Oid class
This utility class is used to represent Universal Object Identifiers This utility class is used to represent Universal Object Identifiers
and their associated operations. GSS-API uses object identifiers to and their associated operations. GSS-API uses object identifiers to
distinguish between security mechanisms and name types. This class, distinguish between security mechanisms and name types. This class,
aside from being used whenever an object identifier is needed, aside from being used whenever an object identifier is needed,
skipping to change at page 32, line 43 skipping to change at page 32, line 41
address type defined within the Java platform and as such, it is the address type defined within the Java platform and as such, it is the
only one supported within the ChannelBinding class. Applications that only one supported within the ChannelBinding class. Applications that
use other types of addresses can include them as part of the use other types of addresses can include them as part of the
application data. application data.
6. Detailed GSS-API Class Description 6. Detailed GSS-API Class Description
This section lists a detailed description of all the public methods This section lists a detailed description of all the public methods
that each of the GSS-API classes and interfaces must provide. that each of the GSS-API classes and interfaces must provide.
6.1. public class GSSManager 6.1. public abstract class GSSManager
The GSSManager is a concrete class that serves as a factory for three
GSS interfaces: GSSName, GSSCredential, and GSSContext. It also
GSS-API Java Bindings October 1999
provides methods for applications to determine what mechanisms are
available on the system and what nametypes these mechanisms support.
The GSSManager class may be internally implemented as a modular
provider based layer that follows some service provider specification
to lookup underlying mechanism components. It provides the
application with a method to set a preferred provider for any given
mechanism.
6.1.1. Example Code
GSSManager mgr = new GSSManager();
// What mechs are available to us?
Oid[] supportedMechs = mgr.getMechs();
// Set a preference for the provider to be used when support is need
// for the mechanisms "1.2.840.113554.1.2.2" and "1.3.6.1.5.5.2".
// Assume this provider (called "Sun") has already been installed on
// the system.
Oid krb = new Oid("1.2.840.113554.1.2.2");
Oid spnego = new Oid("1.3.6.1.5.5.2");
mgr.setProvider(krb, "Sun");
mgr.setProvider(spnego, "Sun");
// Add support for a new mechanism "1.3.6.1.5.5.1.1" that is
// available from a specific provider being bundled with the
// application.
Oid spkm1 = new Oid("1.3.6.1.5.5.1.1");
Provider prov = (Provider) (new com.foo.security.Provider());
mgr.setProvider(spkm1, prov);
// What name types does this spkm implementation support? The GSSManager class is an abstract class that serves as a factory
Oid[] nameTypes = mgr.getNamesForMech(spkm1); for three GSS interfaces: GSSName, GSSCredential, and GSSContext. It
also provides methods for applications to determine what mechanisms
are available from the GSS implementation and what nametypes these
mechanisms support. An instance of the default GSSManager subclass
6.1.2. Constructors GSS-API Java Bindings December 1999
public GSSManager() may be obtained through the static method getInstance(), but
applications are free to instantiate other subclasses of GSSManager.
GSS-API Java Bindings October 1999 All but one method in this class are declared abstract. This means
that subclasses have to provide the complete implementation for those
methods. The only exception to this is the static method
getInstance() which will have platform specific code to return an
instance of the default subclass.
Constructor which instantiates a GSSManager for the application. Platform providers of GSS are required not to add any constructors to
this class, private, public, or protected. This will ensure that all
subclasses invoke only the default constructor provided to the base
class by the compiler.
6.1.3. setProvider A subclass extending the GSSManager abstract class may be implemented
as a modular provider based layer that utilizes some well known
service provider specification. The GSSManager API provides the
application with methods to set provider preferences on such an
implementation. These methods also allow the implementation to throw
a well-defined exception in case provider based configuration is not
supported. Applications that expect to be portable should be aware of
this and recover cleanly by catching the exception.
public void setProvider(Oid mech, String provName) It is envisioned that there will be three most common ways in which
throws GSSException, java.security.NoSuchProviderException providers will be used:
Sets the provider for the GSS-API to use internally when it needs 1) The application does not care about what provider is used
components to support the indicated mechanism. (the default case).
If the GSSManager implementation does not support an SPI with a 2) The application wants a particular provider to be used
pluggable provider architecture it should throw a GSSException with preferentially, either for a particular mechanism or all
the status code GSSException.UNAVAILABLE to indicate that the the time, irrespective of mechanism.
operation is unavailable. If the requested provider does not support
the indicated mech then it should throw a GSSException with the
status code GSSException.BAD_MECH.
This call assumes that the provider defined by the string provName is 3) The application wants to use the locally configured
already installed on the system either statically or dynamically providers as far as possible but if support is missing for
using the Java Cryptography Architecture (JCA) specification. If it one or more mechanisms then it wants to fall back on its
does not find the provider it should throw a NoSuchProviderException. own provider.
Parameters: The GSSManager class has two methods that enable these modes of
usage: addProviderAtFront() and addProviderAtEnd(). These methods
have the effect of creating an ordered list of <provider, oid> pairs
where each pair indicates a preference of provider for a given oid.
mech The mechanism for which the provider is being set The use of these methods does not require any knowledge of whatever
service provider specification the GSSManager subclass follows. It is
hoped that these methods will serve the needs of most applications.
Additional methods may be added to an extended GSSManager that could
be part of a service provider specification that is standardized
provName The name of the provider that should be used whenever GSS-API Java Bindings December 1999
support is needed for mech. A value of null will
remove any previous preference set by the application.
6.1.4. setProvider later.
public void setProvider(Oid mech, java.security.Provider p) 6.1.1. Example Code
throws GSSException
Sets the provider for the GSS-API to use internally when it needs GSSManager mgr = GSSManager.getInstance();
components to support the indicated mechanism.
If the GSSManager implementation does not support an SPI with a // What mechs are available to us?
pluggable provider architecture it should throw a GSSException with Oid[] supportedMechs = mgr.getMechs();
the status code GSSException.UNAVAILABLE to indicate that the
operation is unavailable. If the requested provider does not support
the indicated mech then it should throw a GSSException with the
status code GSSException.BAD_MECH.
GSS-API Java Bindings October 1999 // Set a preference for the provider to be used when support is need
// for the mechanisms "1.2.840.113554.1.2.2" and "1.3.6.1.5.5.1.1".
This provider need not be installed globally on the system at all. Oid krb = new Oid("1.2.840.113554.1.2.2");
The application instantiates the provider and passes it to the Oid spkm1 = new Oid("1.3.6.1.5.5.1.1");
instance of GSSManager through this method.
Parameters: Provider p = (Provider) (new com.foo.security.Provider());
mech The mechanism for which the provider is being set mgr.addProviderAtFront(p, krb);
mgr.addProviderAtFront(p, spkm1);
p The provider instance to be used to implement the // What name types does this spkm implementation support?
services for the specified mechanism. A value of null Oid[] nameTypes = mgr.getNamesForMech(spkm1);
will remove any previous preference set by the
application.
6.1.5. getProvider 6.1.2. getInstance
public Provider getProvider(Oid mech) public static GSSManager getInstance()
Returns the preferred Provider instance that the GSS-API would use Returns the default GSSManager implemenation.
when trying to instantiate elements for the indicated mechanism.
6.1.6. getMechs 6.1.3. getMechs
public Oid[] getMechs() public abstract Oid[] getMechs()
Returns an array of Oid objects indicating mechanisms available to Returns an array of Oid objects indicating mechanisms available to
GSS-API callers. A "null" value is returned when no mechanism are GSS-API callers. A "null" value is returned when no mechanism are
available (an example of this would be when mechanism are dynamically available (an example of this would be when mechanism are dynamically
configured, and currently no mechanisms are installed). configured, and currently no mechanisms are installed).
6.1.7. getNamesForMech 6.1.4. getNamesForMech
public abstract Oid[] getNamesForMech(Oid mech)
GSS-API Java Bindings December 1999
public Oid[] getNamesForMech(Oid mech)
throws GSSException throws GSSException
Returns name type Oid's supported by the specified mechanism. Returns name type Oid's supported by the specified mechanism.
Parameters: Parameters:
mech The Oid object for the mechanism to query. mech The Oid object for the mechanism to query.
GSS-API Java Bindings October 1999 6.1.5. getMechsForName
6.1.8. getMechsForName
public Oid[] getMechsForName(Oid nameType) public abstract Oid[] getMechsForName(Oid nameType)
Returns an array of Oid objects corresponding to the mechanisms that Returns an array of Oid objects corresponding to the mechanisms that
support the specific name type. "null" is returned when no support the specific name type. "null" is returned when no
mechanisms are found to support the specified name type. mechanisms are found to support the specified name type.
Parameters: Parameters:
nameType The Oid object for the name type. nameType The Oid object for the name type.
6.1.9. createName 6.1.6. createName
public GSSName createName(String nameStr, Oid nameSpace) public abstract GSSName createName(String nameStr, Oid nameSpace)
throws GSSException throws GSSException
Factory method to convert a contiguous string name from the specified Factory method to convert a contiguous string name from the specified
namespace to an GSSName object. In general, the GSSName object namespace to an GSSName object. In general, the GSSName object
created will not be an MN; two examples that are exceptions to this created will not be an MN; two examples that are exceptions to this
are when the namespace type parameter indicates NT_EXPORT_NAME or are when the namespace type parameter indicates NT_EXPORT_NAME or
when the GSS-API implementation is not multi-mechanism. when the GSS-API implementation is not multi-mechanism.
Parameters: Parameters:
skipping to change at page 36, line 44 skipping to change at page 36, line 5
nameType The Oid specifying the namespace of the printable name nameType The Oid specifying the namespace of the printable name
supplied. Note that nameType serves to describe and supplied. Note that nameType serves to describe and
qualify the interpretation of the input nameStr, it qualify the interpretation of the input nameStr, it
does not necessarily imply a type for the output does not necessarily imply a type for the output
GSSName implementation. "null" value can be used to GSSName implementation. "null" value can be used to
specify that a mechanism specific default printable specify that a mechanism specific default printable
syntax should be assumed by each mechanism that syntax should be assumed by each mechanism that
examines nameStr. examines nameStr.
6.1.10. createName GSS-API Java Bindings December 1999
public GSSName createName(byte name[], Oid nameType) 6.1.7. createName
public abstract GSSName createName(byte name[], Oid nameType)
throws GSSException throws GSSException
Factory method to convert a contiguous byte array containing a name Factory method to convert a contiguous byte array containing a name
GSS-API Java Bindings October 1999
from the specified namespace to an GSSName object. In general, the from the specified namespace to an GSSName object. In general, the
GSSName object created will not be an MN; two examples that are GSSName object created will not be an MN; two examples that are
exceptions to this are when the namespace type parameter indicates exceptions to this are when the namespace type parameter indicates
NT_EXPORT_NAME or when the GSS-API implementation is not multi- NT_EXPORT_NAME or when the GSS-API implementation is not multi-
mechanism. mechanism.
Parameters: Parameters:
name The byte array containing the name to create. name The byte array containing the name to create.
nameType The Oid specifying the namespace of the name supplied nameType The Oid specifying the namespace of the name supplied
in the byte array. Note that nameType serves to in the byte array. Note that nameType serves to
describe and qualify the interpretation of the input describe and qualify the interpretation of the input
name byte array, it does not necessarily imply a type name byte array, it does not necessarily imply a type
for the output GSSName implementation. "null" value for the output GSSName implementation. "null" value
can be used to specify that a mechanism specific can be used to specify that a mechanism specific
default syntax should be assumed by each mechanism default syntax should be assumed by each mechanism
that examines the byte array. that examines the byte array.
6.1.11. createName 6.1.8. createName
public GSSName createName(String nameStr, Oid nameType, public abstract GSSName createName(String nameStr, Oid nameType,
Oid mechType) throws GSSException Oid mechType) throws GSSException
Factory method to convert a contiguous string name from the specified Factory method to convert a contiguous string name from the specified
namespace to an GSSName object that is a mechanism name (MN). In namespace to an GSSName object that is a mechanism name (MN). In
other words, this method is a utility that does the equivalent of two other words, this method is a utility that does the equivalent of two
steps: the createName described in 6.1.7 and then also the steps: the createName described in 6.1.7 and then also the
GSSName.canonicalize() described in 6.2.5. GSSName.canonicalize() described in 6.2.5.
Parameters: Parameters:
nameStr The string representing a printable form of the name nameStr The string representing a printable form of the name
to create. to create.
nameType The Oid specifying the namespace of the printable name nameType The Oid specifying the namespace of the printable name
supplied. Note that nameType serves to describe and supplied. Note that nameType serves to describe and
qualify the interpretation of the input nameStr, it qualify the interpretation of the input nameStr, it
does not necessarily imply a type for the output does not necessarily imply a type for the output
GSSName implementation. "null" value can be used to GSSName implementation. "null" value can be used to
GSS-API Java Bindings December 1999
specify that a mechanism specific default printable specify that a mechanism specific default printable
syntax should be assumed when the mechanism examines syntax should be assumed when the mechanism examines
nameStr. nameStr.
mechType Oid specifying the mechanism for which this name mechType Oid specifying the mechanism for which this name
should be created. should be created.
GSS-API Java Bindings October 1999 6.1.9. createName
6.1.12. createName
public createName(byte name[], Oid nameType, Oid mechType) public abstract createName(byte name[], Oid nameType, Oid mechType)
throws GSSException throws GSSException
Factory method to convert a contiguous byte array containing a name Factory method to convert a contiguous byte array containing a name
from the specified namespace to an GSSName object that is an MN. In from the specified namespace to an GSSName object that is an MN. In
other words, this method is a utility that does the equivalent of two other words, this method is a utility that does the equivalent of two
steps: the createName described in 6.1.8 and then also the steps: the createName described in 6.1.8 and then also the
GSSName.canonicalize() described in 6.2.5. GSSName.canonicalize() described in 6.2.5.
Parameters: Parameters:
skipping to change at page 38, line 34 skipping to change at page 37, line 41
describe and qualify the interpretation of the input describe and qualify the interpretation of the input
name byte array, it does not necessarily imply a type name byte array, it does not necessarily imply a type
for the output GSSName implementation. "null" value for the output GSSName implementation. "null" value
can be used to specify that a mechanism specific can be used to specify that a mechanism specific
default syntax should be assumed by each mechanism default syntax should be assumed by each mechanism
that examines the byte array. that examines the byte array.
mechType Oid specifying the mechanism for which this name mechType Oid specifying the mechanism for which this name
should be created. should be created.
6.1.13. createCredential 6.1.10. createCredential
public GSSCredential createCredential (int usage) public abstract GSSCredential createCredential (int usage)
throws GSSException throws GSSException
Factory method for acquiring default credentials. This will cause Factory method for acquiring default credentials. This will cause
the GSS-API to use system specific defaults for the set of the GSS-API to use system specific defaults for the set of
mechanisms, name, and an INDEFINITE lifetime. mechanisms, name, and an INDEFINITE lifetime.
Parameters: Parameters:
usage The intended usage for this credential object. The usage The intended usage for this credential object. The
GSS-API Java Bindings December 1999
value of this parameter must be one of: value of this parameter must be one of:
GSSCredential.ACCEPT_AND_INITIATE, GSSCredential.ACCEPT_AND_INITIATE,
GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY
6.1.14. createCredential 6.1.11. createCredential
public GSSCredential createCredential (GSSName aName,
GSS-API Java Bindings October 1999
public abstract GSSCredential createCredential (GSSName aName,
int lifetime, Oid mechOid, int usage) int lifetime, Oid mechOid, int usage)
throws GSSException throws GSSException
Factory method for acquiring a single mechanism credential. Factory method for acquiring a single mechanism credential.
Parameters: Parameters:
aName Name of the principal for whom this credential is to aName Name of the principal for whom this credential is to
be acquired. Use "null" to specify the default be acquired. Use "null" to specify the default
principal. principal.
skipping to change at page 39, line 30 skipping to change at page 38, line 37
the credentials have the maximum permitted lifetime. the credentials have the maximum permitted lifetime.
mechOid The oid of the desired mechanism. Use "(Oid) null" to mechOid The oid of the desired mechanism. Use "(Oid) null" to
request the default mechanism(s). request the default mechanism(s).
usage The intended usage for this credential object. The usage The intended usage for this credential object. The
value of this parameter must be one of: value of this parameter must be one of:
GSSCredential.ACCEPT_AND_INITIATE, GSSCredential.ACCEPT_AND_INITIATE,
GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY
6.1.15. createCredential 6.1.12. createCredential
public GSSCredential createCredential(GSSName aName, public abstract GSSCredential createCredential(GSSName aName,
int lifetime, Oid mechs[], int usage) int lifetime, Oid mechs[], int usage)
throws GSSException throws GSSException
Factory method for acquiring credentials over a set of mechanisms. Factory method for acquiring credentials over a set of mechanisms.
Acquires credentials for each of the mechanisms specified in the Acquires credentials for each of the mechanisms specified in the
array called mechs. To determine the list of mechanisms' for which array called mechs. To determine the list of mechanisms' for which
the acquisition of credentials succeeded, the caller should use the the acquisition of credentials succeeded, the caller should use the
GSSCredential.getMechs() method. GSSCredential.getMechs() method.
Parameters: Parameters:
aName Name of the principal for whom this credential is to aName Name of the principal for whom this credential is to
be acquired. Use "null" to specify the default be acquired. Use "null" to specify the default
GSS-API Java Bindings December 1999
principal. principal.
lifetime The number of seconds that credentials should remain lifetime The number of seconds that credentials should remain
valid. Use GSSCredential.INDEFINITE to request that valid. Use GSSCredential.INDEFINITE to request that
the credentials have the maximum permitted lifetime. the credentials have the maximum permitted lifetime.
mechOid The array of mechanisms over which the credential is mechOid The array of mechanisms over which the credential is
to be acquired. Use "(Oid[]) null" for requesting a to be acquired. Use "(Oid[]) null" for requesting a
GSS-API Java Bindings October 1999
system specific default set of mechanisms. system specific default set of mechanisms.
usage The intended usage for this credential object. The usage The intended usage for this credential object. The
value of this parameter must be one of: value of this parameter must be one of:
GSSCredential.ACCEPT_AND_INITIATE, GSSCredential.ACCEPT_AND_INITIATE,
GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY
6.1.16. createContext 6.1.13. createContext
public GSSContext createContext(GSSName peer, Oid mechOid, public abstract GSSContext createContext(GSSName peer, Oid mechOid,
GSSCredential myCred, int lifetime) GSSCredential myCred, int lifetime)
throws GSSException throws GSSException
Factory method for creating a context on the initiator's side. Factory method for creating a context on the initiator's side.
Context flags may be modified through the mutator methods prior to Context flags may be modified through the mutator methods prior to
calling GSSContext.initSecContext(). calling GSSContext.initSecContext().
Parameters: Parameters:
peer Name of the target peer. peer Name of the target peer.
mechOid Oid of the desired mechanism. Use "(Oid) null" to mechOid Oid of the desired mechanism. Use "(Oid) null" to
request default mechanism. request default mechanism.
myCred Credentials of the initiator. Use "null" to act as a myCred Credentials of the initiator. Use "null" to act as a
default initiator principal. default initiator principal.
lifetime The request lifetime, in seconds, for the credential. lifetime The request lifetime, in seconds, for the credential.
6.1.17. createContext 6.1.14. createContext
public GSSContext createContext(GSSCredential myCred) public abstract GSSContext createContext(GSSCredential myCred)
throws GSSException throws GSSException
Factory method for creating a context on the acceptor' side. The Factory method for creating a context on the acceptor' side. The
context's properties will be determined from the input token supplied context's properties will be determined from the input token supplied
to the accept method. to the accept method.
GSS-API Java Bindings December 1999
Parameters: Parameters:
myCred Credentials for the acceptor. Use "null" to act as a myCred Credentials for the acceptor. Use "null" to act as a
default acceptor principal. default acceptor principal.
GSS-API Java Bindings October 1999 6.1.15. createContext
6.1.18. createContext
public GSSContext createContext(byte [] interProcessToken) public abstract GSSContext createContext(byte [] interProcessToken)
throws GSSException throws GSSException
Factory method for creating a previously exported context. The Factory method for creating a previously exported context. The
context properties will be determined from the input token and can't context properties will be determined from the input token and can't
be modified through the set methods. be modified through the set methods.
Parameters: Parameters:
interProcessToken interProcessToken
The token previously emitted from the export method. The token previously emitted from the export method.
6.1.16. addProviderAtFront
public abstract void addProviderAtFront(Provider p, Oid mech)
throws GSSException
This method is used to indicate to the GSSManager that the
application would like a particular provider to be used ahead of all
others when support is desired for the given mechanism. When a value
of null is used instead of an Oid for the mechanism, the GSSManager
must use the indicated provider ahead of all others no matter what
the mechanism is. Only when the indicated provider does not support
the needed mechanism should the GSSManager move on to a different
provider.
Calling this method repeatedly preserves the older settings but
lowers them in preference thus forming an ordered list of provider
and Oid pairs that grows at the top.
Calling addProviderAtFront with a null Oid will remove all previous
preferences that were set for this provider in the GSSManager
instance. Calling addProviderAtFront with a non-null Oid will remove
any previous preference that was set using this mechanism and this
provider together.
If the GSSManager implementation does not support an SPI with a
pluggable provider architecture it should throw a GSSException with
the status code GSSException.UNAVAILABLE to indicate that the
GSS-API Java Bindings December 1999
operation is unavailable.
Parameters:
p The provider instance that should be used whenever
support is needed for mech.
mech The mechanism for which the provider is being set
6.1.16.1. Example Code
Suppose an application desired that the provider A always be checked
first when any mechanism is needed, it would call:
GSSManager mgr = GSSManager.getInstance();
// mgr may at this point have its own pre-configured list
// of provider preferences. The following will prepend to
// any such list:
mgr.addProviderAtFront(A, null);
Now if it also desired that the mechanism of Oid m1 always be
obtained from the provider B before the previously set A was checked,
it would call:
mgr.addProviderAtFront(B, m1);
The GSSManager would then first check with B if m1 was needed. In
case B did not provide support for m1, the GSSManager would continue
on to check with A. If any mechanism m2 is needed where m2 is
different from m1 then the GSSManager would skip B and check with A
directly.
Suppose at a later time the following call is made to the same
GSSManager instance:
mgr.addProviderAtFront(B, null)
then the previous setting with the pair (B, m1) is subsumed by this
and should be removed. Effectively the list of preferences now
becomes {(B, null), (A, null),
... //followed by the pre-configured list.
Please note, however, that the following call:
mgr.addProviderAtFront(A, m3)
GSS-API Java Bindings December 1999
does not subsume the previous setting of (A, null) and the list will
effectively become {(A, m3), (B, null), (A, null), ...}
6.1.17. addProviderAtEnd
public abstract addProviderAtEnd(Provider p, Oid mech)
throws GSSException
This method is used to indicate to the GSSManager that the
application would like a particular provider to be used if no other
provider can be found that supports the given mechanism. When a value
of null is used instead of an Oid for the mechanism, the GSSManager
must use the indicated provider for any mechanism.
Calling this method repeatedly preserves the older settings but
raises them above newer ones in preference thus forming an ordered
list of providers and Oid pairs that grows at the bottom. Thus the
older provider settings will be utilized first before this one is.
If there are any previously existing preferences that conflict with
the preference being set here, then the GSSManager should ignore this
request.
If the GSSManager implementation does not support an SPI with a
pluggable provider architecture it should throw a GSSException with
the status code GSSException.UNAVAILABLE to indicate that the
operation is unavailable.
Parameters:
p The provider instance that should be used whenever
support is needed for mech.
mech The mechanism for which the provider is being set
6.1.17.1. Example Code
Suppose an application desired that when a mechanism of Oid m1 is
needed the system default providers always be checked first, and only
when they do not support m1 should a provider A be checked. It would
then make the call:
GSSManager mgr = GSSManager.getInstance();
mgr.addProviderAtEnd(A, m1);
GSS-API Java Bindings December 1999
Now, if it also desired that for all mechanisms the provider B be
checked after all configured providers have been checked, it would
then call:
mgr.addProviderAtEnd(B, null);
Effectively the list of preferences now becomes {..., (A, m1), (B,
null)}.
Suppose at a later time the following call is made to the same
GSSManager instance:
mgr.addProviderAtEnd(B, m2)
then the previous setting with the pair (B, null) subsumes this and
therefore this request should be ignored. The same would happen if a
request is made for the already existing pairs of (A, m1) or (B,
null).
Please note, however, that the following call:
mgr.addProviderAtEnd(A, null)
is not subsumed by the previous setting of (A, m1) and the list will
effectively become {..., (A, m1), (B, null), (A, null)}
6.2. public interface GSSName 6.2. public interface GSSName
This interface encapsulates a single GSS-API principal entity. This interface encapsulates a single GSS-API principal entity.
Different name formats and their definitions are identified with Different name formats and their definitions are identified with
universal Object Identifiers (Oids). The format of the names can be universal Object Identifiers (Oids). The format of the names can be
derived based on the unique oid of its namespace type. derived based on the unique oid of its namespace type.
6.2.1. Example Code 6.2.1. Example Code
Included below are code examples utilizing the GSSName interface. Included below are code examples utilizing the GSSName interface.
The code below creates a GSSName, converts it to a mechanism name The code below creates a GSSName, converts it to a mechanism name
(MN), performs a comparison, obtains a printable representation of (MN), performs a comparison, obtains a printable representation of
the name, exports it and then re-imports to obtain a new GSSName. the name, exports it and then re-imports to obtain a new GSSName.
GSSManager mgr = new GSSManager(); GSSManager mgr = new GSSManager();
// create a host based service name // create a host based service name
GSSName name = mgr.createName("service@host", GSSName name = mgr.createName("service@host",
GSS-API Java Bindings December 1999
GSSName.NT_HOSTBASED_SERVICE); GSSName.NT_HOSTBASED_SERVICE);
Oid krb5 = new Oid("1.2.840.113554.1.2.2"); Oid krb5 = new Oid("1.2.840.113554.1.2.2");
GSSName mechName = name.canonicalize(krb5); GSSName mechName = name.canonicalize(krb5);
// the above two steps are equivalent to the following // the above two steps are equivalent to the following
GSSName mechName = mgr.createName("service@host", GSSName mechName = mgr.createName("service@host",
GSSName.NT_HOSTBASED_SERVICE, krb5); GSSName.NT_HOSTBASED_SERVICE, krb5);
// perform name comparison // perform name comparison
if (name.equals(mechName)) if (name.equals(mechName))
GSS-API Java Bindings October 1999
print("Names are equals."); print("Names are equals.");
// obtain textual representation of name and its printable // obtain textual representation of name and its printable
// name type // name type
print(mechName.toString() + print(mechName.toString() +
mechName.getStringNameType().toString()); mechName.getStringNameType().toString());
// export and re-import the name // export and re-import the name
byte [] exportName = mechName.export(); byte [] exportName = mechName.export();
skipping to change at page 42, line 41 skipping to change at page 45, line 5
Values for the "service" element are registered with the IANA. It Values for the "service" element are registered with the IANA. It
represents the following value: { 1(iso), 3(org), 6(dod), represents the following value: { 1(iso), 3(org), 6(dod),
1(internet), 5(security), 6(nametypes), 2(gss-host-based-services) } 1(internet), 5(security), 6(nametypes), 2(gss-host-based-services) }
public static final Oid NT_USER_NAME public static final Oid NT_USER_NAME
Name type to indicate a named user on a local system. It represents Name type to indicate a named user on a local system. It represents
the following value: { iso(1) member-body(2) United States(840) the following value: { iso(1) member-body(2) United States(840)
mit(113554) infosys(1) gssapi(2) generic(1) user_name(1) } mit(113554) infosys(1) gssapi(2) generic(1) user_name(1) }
GSS-API Java Bindings December 1999
public static final Oid NT_MACHINE_UID_NAME public static final Oid NT_MACHINE_UID_NAME
Name type to indicate a numeric user identifier corresponding to a Name type to indicate a numeric user identifier corresponding to a
user on a local system. (e.g. Uid). It represents the following user on a local system. (e.g. Uid). It represents the following
value: { iso(1) member-body(2) United States(840) mit(113554) value: { iso(1) member-body(2) United States(840) mit(113554)
infosys(1) gssapi(2) generic(1) machine_uid_name(2) } infosys(1) gssapi(2) generic(1) machine_uid_name(2) }
public static final Oid NT_STRING_UID_NAME public static final Oid NT_STRING_UID_NAME
GSS-API Java Bindings October 1999
Name type to indicate a string of digits representing the numeric Name type to indicate a string of digits representing the numeric
user identifier of a user on a local system. It represents the user identifier of a user on a local system. It represents the
following value: { iso(1) member-body(2) United States(840) following value: { iso(1) member-body(2) United States(840)
mit(113554) infosys(1) gssapi(2) generic(1) string_uid_name(3) } mit(113554) infosys(1) gssapi(2) generic(1) string_uid_name(3) }
public static final Oid NT_ANONYMOUS public static final Oid NT_ANONYMOUS
Name type for representing an anonymous entity. It represents the Name type for representing an anonymous entity. It represents the
following value: { 1(iso), 3(org), 6(dod), 1(internet), 5(security), following value: { 1(iso), 3(org), 6(dod), 1(internet), 5(security),
6(nametypes), 3(gss-anonymous-name) } 6(nametypes), 3(gss-anonymous-name) }
skipping to change at page 43, line 41 skipping to change at page 46, line 5
entity, the method will return "false". entity, the method will return "false".
Parameters: Parameters:
another GSSName object to compare with. another GSSName object to compare with.
6.2.4. equals 6.2.4. equals
public boolean equals(Object another) public boolean equals(Object another)
GSS-API Java Bindings December 1999
A variation of the equals method described in 6.2.3 that is provided A variation of the equals method described in 6.2.3 that is provided
to override the Object.equals() method that the implementing class to override the Object.equals() method that the implementing class
will inherit. The behaviour is exactly the same as that in 6.2.3 will inherit. The behaviour is exactly the same as that in 6.2.3
except that no GSSException is thrown; instead, false will be except that no GSSException is thrown; instead, false will be
returned in the situation where an error occurs. returned in the situation where an error occurs. (Note that the Java
language specification requires that two objects that are equal
according to the equals(Object) method must return the same integer
result when the hashCode() method is called on them.)
Parameters: Parameters:
another GSSName object to compare with. another GSSName object to compare with.
GSS-API Java Bindings October 1999
6.2.5. canonicalize 6.2.5. canonicalize
public GSSName canonicalize(Oid mechOid) throws GSSException public GSSName canonicalize(Oid mechOid) throws GSSException
Creates a mechanism name (MN) from an arbitrary internal name. This Creates a mechanism name (MN) from an arbitrary internal name. This
is equivalent to using the factory methods described in 6.1.9 or is equivalent to using the factory methods described in 6.1.9 or
6.1.10 that take the mechanism name as one of their parameters. 6.1.10 that take the mechanism name as one of their parameters.
Parameters: Parameters:
skipping to change at page 44, line 39 skipping to change at page 47, line 4
system specific default mechanism to canonicalize the name and then system specific default mechanism to canonicalize the name and then
export it. The format of the header of the output buffer is export it. The format of the header of the output buffer is
specified in RFC 2078. specified in RFC 2078.
6.2.7. toString 6.2.7. toString
public String toString() public String toString()
Returns a textual representation of the GSSName object. To retrieve Returns a textual representation of the GSSName object. To retrieve
the printed name format, which determines the syntax of the returned the printed name format, which determines the syntax of the returned
GSS-API Java Bindings December 1999
string, the getStringNameType method can be used. string, the getStringNameType method can be used.
6.2.8. getStringNameType 6.2.8. getStringNameType
public Oid getStringNameType() throws GSSException public Oid getStringNameType() throws GSSException
Returns the oid representing the type of name returned through the Returns the oid representing the type of name returned through the
toString method. Using this oid, the syntax of the printable name toString method. Using this oid, the syntax of the printable name
can be determined. can be determined.
GSS-API Java Bindings October 1999
6.2.9. isAnonymous 6.2.9. isAnonymous
public boolean isAnonymous() public boolean isAnonymous()
Tests if this name object represents an anonymous entity. Returns Tests if this name object represents an anonymous entity. Returns
"true" if this is an anonymous name. "true" if this is an anonymous name.
6.2.10. isMN 6.2.10. isMN
public boolean isMN() public boolean isMN()
skipping to change at page 45, line 40 skipping to change at page 48, line 4
A credential may be used to perform context initiation, acceptance, A credential may be used to perform context initiation, acceptance,
or both. or both.
GSS-API implementations must impose a local access-control policy on GSS-API implementations must impose a local access-control policy on
callers to prevent unauthorized callers from acquiring credentials to callers to prevent unauthorized callers from acquiring credentials to
which they are not entitled. GSS-API credential creation is not which they are not entitled. GSS-API credential creation is not
intended to provide a "login to the network" function, as such a intended to provide a "login to the network" function, as such a
function would involve the creation of new credentials rather than function would involve the creation of new credentials rather than
merely acquiring a handle to existing credentials. Such functions, merely acquiring a handle to existing credentials. Such functions,
if required, should be defined in implementation-specific extensions if required, should be defined in implementation-specific extensions
GSS-API Java Bindings December 1999
to the API. to the API.
If credential acquisition is time-consuming for a mechanism, the If credential acquisition is time-consuming for a mechanism, the
mechanism may choose to delay the actual acquisition until the mechanism may choose to delay the actual acquisition until the
credential is required (e.g. by GSSContext). Such mechanism- credential is required (e.g. by GSSContext). Such mechanism-
specific implementation decisions should be invisible to the calling specific implementation decisions should be invisible to the calling
application; thus the query methods immediately following the application; thus the query methods immediately following the
creation of a credential object must return valid credential data, creation of a credential object must return valid credential data,
and may therefore incur the overhead of a deferred credential and may therefore incur the overhead of a deferred credential
acquisition. acquisition.
Applications will create a credential object passing the desired Applications will create a credential object passing the desired
GSS-API Java Bindings October 1999
parameters. The application can then use the query methods to obtain parameters. The application can then use the query methods to obtain
specific information about the instantiated credential object specific information about the instantiated credential object
(equivalent to the gss_inquire routines). When the credential is no (equivalent to the gss_inquire routines). When the credential is no
longer needed, the application should call the dispose (equivalent to longer needed, the application should call the dispose (equivalent to
gss_release_cred) method to release any resources held by the gss_release_cred) method to release any resources held by the
credential object and to destroy any cryptographically sensitive credential object and to destroy any cryptographically sensitive
information. information.
Classes implementing this interface also implement the Cloneable Classes implementing this interface also implement the Cloneable
interface. This indicates the the class will support the clone() interface. This indicates the the class will support the clone()
skipping to change at page 46, line 41 skipping to change at page 49, line 5
// now acquire credentials for the entity // now acquire credentials for the entity
GSSCredential cred = mgr.createCredential(name, GSSCredential cred = mgr.createCredential(name,
GSSCredential.ACCEPT_ONLY); GSSCredential.ACCEPT_ONLY);
// display credential information - name, remaining lifetime, // display credential information - name, remaining lifetime,
// and the mechanisms it has been acquired over // and the mechanisms it has been acquired over
print(cred.getName().toString()); print(cred.getName().toString());
print(cred.getRemainingLifetime()); print(cred.getRemainingLifetime());
GSS-API Java Bindings December 1999
Oid [] mechs = cred.getMechs(); Oid [] mechs = cred.getMechs();
if (mechs != null) { if (mechs != null) {
for (int i = 0; i < mechs.length; i++) for (int i = 0; i < mechs.length; i++)
print(mechs[i].toString()); print(mechs[i].toString());
} }
// release system resources held by the credential // release system resources held by the credential
cred.dispose(); cred.dispose();
GSS-API Java Bindings October 1999
6.3.2. Static Constants 6.3.2. Static Constants
public static final int INITIATE_AND_ACCEPT public static final int INITIATE_AND_ACCEPT
Credential usage flag requesting that it be able to be used for both Credential usage flag requesting that it be able to be used for both
context initiation and acceptance. context initiation and acceptance.
public static final int INITIATE_ONLY public static final int INITIATE_ONLY
Credential usage flag requesting that it be able to be used for Credential usage flag requesting that it be able to be used for
skipping to change at page 47, line 39 skipping to change at page 50, line 5
6.3.3. dispose 6.3.3. dispose
public void dispose() throws GSSException public void dispose() throws GSSException
Releases any sensitive information that the GSSCredential object may Releases any sensitive information that the GSSCredential object may
be containing. Applications should call this method as soon as the be containing. Applications should call this method as soon as the
credential is no longer needed to minimize the time any sensitive credential is no longer needed to minimize the time any sensitive
information is maintained. information is maintained.
GSS-API Java Bindings December 1999
6.3.4. getName 6.3.4. getName
public GSSName getName() throws GSSException public GSSName getName() throws GSSException
Retrieves the name of the entity that the credential asserts. Retrieves the name of the entity that the credential asserts.
6.3.5. getName 6.3.5. getName
public GSSName getName(Oid mechOID) throws GSSException public GSSName getName(Oid mechOID) throws GSSException
GSS-API Java Bindings October 1999
Retrieves a mechanism name of the entity that the credential asserts. Retrieves a mechanism name of the entity that the credential asserts.
Equivalent to calling canonicalize() on the name returned by 7.3.3. Equivalent to calling canonicalize() on the name returned by 7.3.3.
Parameters: Parameters:
mechOID The mechanism for which information should be mechOID The mechanism for which information should be
returned. returned.
6.3.6. getRemainingLifetime 6.3.6. getRemainingLifetime
skipping to change at page 48, line 40 skipping to change at page 51, line 5
remain capable of initiating security contexts under the specified remain capable of initiating security contexts under the specified
mechanism. A return value of GSSCredential.INDEFINITE indicates that mechanism. A return value of GSSCredential.INDEFINITE indicates that
the credential does not expire for context initiation. A return the credential does not expire for context initiation. A return
value of 0 indicates that the credential is already expired. value of 0 indicates that the credential is already expired.
Parameters: Parameters:
mechOID The mechanism for which information should be mechOID The mechanism for which information should be
returned. returned.
GSS-API Java Bindings December 1999
6.3.8. getRemainingAcceptLifetime 6.3.8. getRemainingAcceptLifetime
public int getRemainingAcceptLifetime(Oid mech) throws GSSException public int getRemainingAcceptLifetime(Oid mech) throws GSSException
Returns the remaining lifetime is seconds for the credential to Returns the remaining lifetime is seconds for the credential to
remain capable of accepting security contexts under the specified remain capable of accepting security contexts under the specified
mechanism. A return value of GSSCredential.INDEFINITE indicates that mechanism. A return value of GSSCredential.INDEFINITE indicates that
the credential does not expire for context acceptance. A return the credential does not expire for context acceptance. A return
value of 0 indicates that the credential is already expired. value of 0 indicates that the credential is already expired.
Parameters: Parameters:
GSS-API Java Bindings October 1999
mechOID The mechanism for which information should be mechOID The mechanism for which information should be
returned. returned.
6.3.9. getUsage 6.3.9. getUsage
public int getUsage() throws GSSException public int getUsage() throws GSSException
Returns the credential usage flag. The return value will be one of Returns the credential usage flag. The return value will be one of
GSSCredential.INITIATE_ONLY, GSSCredential.ACCEPT_ONLY, or GSSCredential.INITIATE_ONLY, GSSCredential.ACCEPT_ONLY, or
GSSCredential.INITIATE_AND_ACCEPT. GSSCredential.INITIATE_AND_ACCEPT.
skipping to change at page 49, line 38 skipping to change at page 52, line 5
mechOID The mechanism for which information should be mechOID The mechanism for which information should be
returned. returned.
6.3.11. getMechs 6.3.11. getMechs
public Oid[] getMechs() throws GSSException public Oid[] getMechs() throws GSSException
Returns an array of mechanisms supported by this credential. Returns an array of mechanisms supported by this credential.
GSS-API Java Bindings December 1999
6.3.12. add 6.3.12. add
public void add(GSSName aName, int initLifetime, int acceptLifetime, public void add(GSSName aName, int initLifetime, int acceptLifetime,
Oid mech, int usage) throws GSSException Oid mech, int usage) throws GSSException
Adds a mechanism specific credential-element to an existing Adds a mechanism specific credential-element to an existing
credential. This method allows the construction of credentials one credential. This method allows the construction of credentials one
mechanism at a time. mechanism at a time.
This routine is envisioned to be used mainly by context acceptors This routine is envisioned to be used mainly by context acceptors
during the creation of acceptance credentials which are to be used during the creation of acceptance credentials which are to be used
with a variety of clients using different security mechanisms. with a variety of clients using different security mechanisms.
GSS-API Java Bindings October 1999
This routine adds the new credential element "in-place". To add the This routine adds the new credential element "in-place". To add the
element in a new credential, first call clone() to obtain a copy of element in a new credential, first call clone() to obtain a copy of
this credential, then call its add() method. this credential, then call its add() method.
Parameters: Parameters:
aName Name of the principal for whom this credential is to aName Name of the principal for whom this credential is to
be acquired. Use "null" to specify the default be acquired. Use "null" to specify the default
principal. principal.
skipping to change at page 50, line 41 skipping to change at page 53, line 5
usage The intended usage for this credential object. The usage The intended usage for this credential object. The
value of this parameter must be one of: value of this parameter must be one of:
GSSCredential.ACCEPT_AND_INITIATE, GSSCredential.ACCEPT_AND_INITIATE,
GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY GSSCredential.ACCEPT_ONLY, GSSCredential.INITIATE_ONLY
6.3.13. equals 6.3.13. equals
public boolean equals(Object another) public boolean equals(Object another)
GSS-API Java Bindings December 1999
Tests if this GSSCredential refers to the same entity as the supplied Tests if this GSSCredential refers to the same entity as the supplied
object. The two credentials must be acquired over the same object. The two credentials must be acquired over the same
mechanisms and must refer to the same principal. Returns "true" if mechanisms and must refer to the same principal. Returns "true" if
the two GSSCredentials refer to the same entity; "false" otherwise. the two GSSCredentials refer to the same entity; "false" otherwise.
(Note that the Java language specification requires that two objects
that are equal according to the equals(Object) method must return the
same integer result when the hashCode() method is called on them.)
Parameters: Parameters:
another Another GSSCredential object for comparison. another Another GSSCredential object for comparison.
GSS-API Java Bindings October 1999
6.4. public interface GSSContext 6.4. public interface GSSContext
This interface encapsulates the GSS-API security context and provides This interface encapsulates the GSS-API security context and provides
the security services (wrap, unwrap, getMIC, verifyMIC) that are the security services (wrap, unwrap, getMIC, verifyMIC) that are
available over the context. Security contexts are established available over the context. Security contexts are established
between peers using locally acquired credentials. Multiple contexts between peers using locally acquired credentials. Multiple contexts
may exist simultaneously between a pair of peers, using the same or may exist simultaneously between a pair of peers, using the same or
different set of credentials. GSS-API functions in a manner different set of credentials. GSS-API functions in a manner
independent of the underlying transport protocol and depends on its independent of the underlying transport protocol and depends on its
calling application to transport its tokens between peers. calling application to transport its tokens between peers.
skipping to change at page 51, line 40 skipping to change at page 54, line 4
thrown and the code will start executing in a catch block. If not, thrown and the code will start executing in a catch block. If not,
the normal flow of code continues and the application can make a call the normal flow of code continues and the application can make a call
to the isEstablished() method. If this method returns false it to the isEstablished() method. If this method returns false it
indicates that a token is needed from its peer in order to continue indicates that a token is needed from its peer in order to continue
the context establishment phase. A return value of true signals that the context establishment phase. A return value of true signals that
the local end of the context is established. This may still require the local end of the context is established. This may still require
that a token be sent to the peer, if one is produced by GSS-API. that a token be sent to the peer, if one is produced by GSS-API.
During the context establishment phase, the isProtReady() method may During the context establishment phase, the isProtReady() method may
be called to determine if the context can be used for the per-message be called to determine if the context can be used for the per-message
operations. This allows applications to use per-message operations operations. This allows applications to use per-message operations
GSS-API Java Bindings December 1999
on contexts which aren't fully established. on contexts which aren't fully established.
After the context has been established or the isProtReady() method After the context has been established or the isProtReady() method
returns "true", the query routines can be invoked to determine the returns "true", the query routines can be invoked to determine the
actual characteristics and services of the established context. The actual characteristics and services of the established context. The
application can also start using the per-message methods of wrap and application can also start using the per-message methods of wrap and
getMIC to obtain cryptographic operations on application supplied getMIC to obtain cryptographic operations on application supplied
data. data.
When the context is no longer needed, the application should call When the context is no longer needed, the application should call
dispose to release any system resources the context may be using. dispose to release any system resources the context may be using.
GSS-API Java Bindings October 1999
6.4.1. Example Code 6.4.1. Example Code
The example code presented below demonstrates the usage of the The example code presented below demonstrates the usage of the
GSSContext interface for the initiating peer. Different operations GSSContext interface for the initiating peer. Different operations
on the GSSContext object are presented, including: object on the GSSContext object are presented, including: object
instantiation, setting of desired flags, context establishment, query instantiation, setting of desired flags, context establishment, query
of actual context flags, per-message operations on application data, of actual context flags, per-message operations on application data,
and finally context deletion. and finally context deletion.
GSSManager mgr = new GSSManager(); GSSManager mgr = new GSSManager();
skipping to change at page 52, line 41 skipping to change at page 55, line 4
context.requestMutualAuth(true); context.requestMutualAuth(true);
context.requestReplayDet(true); context.requestReplayDet(true);
context.requestSequenceDet(true); context.requestSequenceDet(true);
// establish a context between peers - using byte arrays // establish a context between peers - using byte arrays
byte []inTok = new byte[0]; byte []inTok = new byte[0];
try { try {
do { do {
byte[] outTok = context.initSecContext(inTok, 0, byte[] outTok = context.initSecContext(inTok, 0,
GSS-API Java Bindings December 1999
inTok.length); inTok.length);
// send the token if present // send the token if present
if (outTok != null) if (outTok != null)
sendToken(outTok); sendToken(outTok);
// check if we should expect more tokens // check if we should expect more tokens
if (context.isEstablished()) if (context.isEstablished())
break; break;
// another token expected from peer // another token expected from peer
inTok = readToken(); inTok = readToken();
GSS-API Java Bindings October 1999
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSSAPI error: " + e.getMessage()); print("GSSAPI error: " + e.getMessage());
} }
// display context information // display context information
print("Remaining lifetime in seconds = " + context.getLifetime()); print("Remaining lifetime in seconds = " + context.getLifetime());
print("Context mechanism = " + context.getMech().toString()); print("Context mechanism = " + context.getMech().toString());
print("Initiator = " + context.getSrcName().toString()); print("Initiator = " + context.getSrcName().toString());
skipping to change at page 53, line 41 skipping to change at page 56, line 5
byte []tok = context.wrap(appMsg, 0, appMsg.length, mProp); byte []tok = context.wrap(appMsg, 0, appMsg.length, mProp);
if (mProp.getPrivacy()) if (mProp.getPrivacy())
print("Message protected with privacy."); print("Message protected with privacy.");
sendToken(tok); sendToken(tok);
// release the local-end of the context // release the local-end of the context
context.dispose(); context.dispose();
GSS-API Java Bindings December 1999
6.4.2. Static Constants 6.4.2. Static Constants
public static final int INDEFINITE public static final int INDEFINITE
A lifetime constant representing indefinite context lifetime. This A lifetime constant representing indefinite context lifetime. This
value must be set to the maximum integer value in Java - value must be set to the maximum integer value in Java -
Integer.MAX_VALUE. Integer.MAX_VALUE.
GSS-API Java Bindings October 1999
6.4.3. initSecContext 6.4.3. initSecContext
public byte[] initSecContext(byte inputBuf[], int offset, int len) public byte[] initSecContext(byte inputBuf[], int offset, int len)
throws GSSException throws GSSException
Called by the context initiator to start the context creation Called by the context initiator to start the context creation
process. This is equivalent to the stream based method except that process. This is equivalent to the stream based method except that
the token buffers are handled as byte arrays instead of using stream the token buffers are handled as byte arrays instead of using stream
objects. This method may return an output token which the objects. This method may return an output token which the
application will need to send to the peer for processing by the application will need to send to the peer for processing by the
skipping to change at page 54, line 44 skipping to change at page 57, line 4
offset The offset within the inputBuf where the token begins. offset The offset within the inputBuf where the token begins.
len The length of the token within the inputBuf (starting len The length of the token within the inputBuf (starting
at the offset). at the offset).
6.4.3.1. Example Code 6.4.3.1. Example Code
// Create a new GSSContext implementation object. // Create a new GSSContext implementation object.
// GSSContext wrapper implements interface GSSContext. // GSSContext wrapper implements interface GSSContext.
GSS-API Java Bindings December 1999
GSSContext context = mgr.createContext(...); GSSContext context = mgr.createContext(...);
byte []inTok = new byte[0]; byte []inTok = new byte[0];
try { try {
do { do {
byte[] outTok = context.initSecContext(inTok, 0, byte[] outTok = context.initSecContext(inTok, 0,
GSS-API Java Bindings October 1999
inTok.length); inTok.length);
// send the token if present // send the token if present
if (outTok != null) if (outTok != null)
sendToken(outTok); sendToken(outTok);
// check if we should expect more tokens // check if we should expect more tokens
if (context.isEstablished()) if (context.isEstablished())
break; break;
skipping to change at page 55, line 43 skipping to change at page 58, line 4
application will need to send to the peer for processing by the application will need to send to the peer for processing by the
accept call. 0 bytes written to the output stream indicate that no accept call. 0 bytes written to the output stream indicate that no
token needs to be sent to the peer. The application can call token needs to be sent to the peer. The application can call
isEstablished() to determine if the context establishment phase is isEstablished() to determine if the context establishment phase is
complete for this peer. A return value of "false" from isEstablished complete for this peer. A return value of "false" from isEstablished
indicates that more tokens are expected to be supplied to the indicates that more tokens are expected to be supplied to the
initSecContext method. Note that it is possible that the initSecContext method. Note that it is possible that the
initSecContext() method return a token for the peer, and initSecContext() method return a token for the peer, and
isEstablished() return "true" also. This indicates that the token isEstablished() return "true" also. This indicates that the token
needs to be sent to the peer, but the local end of the context is now needs to be sent to the peer, but the local end of the context is now
GSS-API Java Bindings December 1999
fully established. fully established.
The GSS-API authentication tokens contain a definitive start and end. The GSS-API authentication tokens contain a definitive start and end.
This method will attempt to read one of these tokens per invocation, This method will attempt to read one of these tokens per invocation,
and may block on the stream if only part of the token is available. and may block on the stream if only part of the token is available.
Upon completion of the context establishment, the available context Upon completion of the context establishment, the available context
options may be queried through the get methods. options may be queried through the get methods.
GSS-API Java Bindings October 1999
Parameters: Parameters:
inStream Contains the token generated by the peer. This inStream Contains the token generated by the peer. This
parameter is ignored on the first call. parameter is ignored on the first call.
outStream Output stream where the output token will be written. outStream Output stream where the output token will be written.
During the final stage of context establishment, there During the final stage of context establishment, there
may be no bytes written. may be no bytes written.
6.4.4.1. Example Code 6.4.4.1. Example Code
skipping to change at page 56, line 44 skipping to change at page 59, line 5
// check if we should expect more tokens // check if we should expect more tokens
if (context.isEstablished()) if (context.isEstablished())
break; break;
// another token expected from peer // another token expected from peer
is = recvToken(); is = recvToken();
} while (true); } while (true);
GSS-API Java Bindings December 1999
} catch (GSSException e) { } catch (GSSException e) {
print("GSSAPI error: " + e.getMessage()); print("GSSAPI error: " + e.getMessage());
} }
GSS-API Java Bindings October 1999
6.4.5. acceptSecContext 6.4.5. acceptSecContext
public byte[] acceptSecContext(byte inTok[], int offset, int len) public byte[] acceptSecContext(byte inTok[], int offset, int len)
throws GSSException throws GSSException
Called by the context acceptor upon receiving a token from the peer. Called by the context acceptor upon receiving a token from the peer.
This call is equivalent to the stream based method except that the This call is equivalent to the stream based method except that the
token buffers are handled as byte arrays instead of using stream token buffers are handled as byte arrays instead of using stream
objects. objects.
skipping to change at page 57, line 47 skipping to change at page 60, line 5
offset The offset within the inTok where the token begins. offset The offset within the inTok where the token begins.
len The length of the token within the inTok (starting at len The length of the token within the inTok (starting at
the offset). the offset).
6.4.5.1. Example Code 6.4.5.1. Example Code
// acquire server credentials // acquire server credentials
GSSCredential server = mgr.createCredential(...); GSSCredential server = mgr.createCredential(...);
GSS-API Java Bindings December 1999
// create acceptor GSS-API context fromthe default provider // create acceptor GSS-API context fromthe default provider
GSSContext context = mgr.createContext(server, null); GSSContext context = mgr.createContext(server, null);
try { try {
do { do {
byte [] inTok = readToken(); byte [] inTok = readToken();
GSS-API Java Bindings October 1999
byte []outTok = context.acceptSecContext(inTok, 0, byte []outTok = context.acceptSecContext(inTok, 0,
inTok.length); inTok.length);
// possibly send token to peer // possibly send token to peer
if (outTok != null) if (outTok != null)
sendToken(outTok); sendToken(outTok);
// check if local context establishment is complete // check if local context establishment is complete
if (context.isEstablished()) if (context.isEstablished())
break; break;
skipping to change at page 58, line 47 skipping to change at page 61, line 5
Note that it is possible that acceptSecContext() return a token for Note that it is possible that acceptSecContext() return a token for
the peer, and isEstablished() return "true" also. This indicates the peer, and isEstablished() return "true" also. This indicates
that the token needs to be sent to the peer, but the local end of the that the token needs to be sent to the peer, but the local end of the
context is now fully established. context is now fully established.
The GSS-API authentication tokens contain a definitive start and end. The GSS-API authentication tokens contain a definitive start and end.
This method will attempt to read one of these tokens per invocation, This method will attempt to read one of these tokens per invocation,
and may block on the stream if only part of the token is available. and may block on the stream if only part of the token is available.
GSS-API Java Bindings December 1999
Upon completion of the context establishment, the available context Upon completion of the context establishment, the available context
options may be queried through the get methods. options may be queried through the get methods.
Parameters: Parameters:
inStream Contains the token generated by the peer. inStream Contains the token generated by the peer.
GSS-API Java Bindings October 1999
outStream Output stream where the output token will be written. outStream Output stream where the output token will be written.
During the final stage of context establishment, there During the final stage of context establishment, there
may be no bytes written. may be no bytes written.
6.4.6.1. Example Code 6.4.6.1. Example Code
// acquire server credentials // acquire server credentials
GSSCredential server = mgr.createCredential(...); GSSCredential server = mgr.createCredential(...);
// create acceptor GSS-API context fromthe default provider // create acceptor GSS-API context fromthe default provider
skipping to change at page 59, line 43 skipping to change at page 62, line 5
// check if local context establishment is complete // check if local context establishment is complete
if (context.isEstablished()) if (context.isEstablished())
break; break;
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API error: " + e.getMessage()); print("GSS-API error: " + e.getMessage());
} }
GSS-API Java Bindings December 1999
6.4.7. isEstablished 6.4.7. isEstablished
public boolean isEstablished() public boolean isEstablished()
Used during context establishment to determine the state of the Used during context establishment to determine the state of the
context. Returns "true" if this is a fully established context on context. Returns "true" if this is a fully established context on
the caller's side and no more tokens are needed from the peer. the caller's side and no more tokens are needed from the peer.
GSS-API Java Bindings October 1999
Should be called after a call to initSecContext() or Should be called after a call to initSecContext() or
acceptSecContext() when no GSSException is thrown. acceptSecContext() when no GSSException is thrown.
6.4.8. dispose 6.4.8. dispose
public void dispose() throws GSSException public void dispose() throws GSSException
Releases any system resources and cryptographic information stored in Releases any system resources and cryptographic information stored in
the context object. This will invalidate the context. the context object. This will invalidate the context.
skipping to change at page 60, line 46 skipping to change at page 63, line 4
be able to protect a message of the computed length, since this be able to protect a message of the computed length, since this
ability may depend on the availability of system resources at the ability may depend on the availability of system resources at the
time that wrap is called. However, if the implementation itself time that wrap is called. However, if the implementation itself
imposes an upper limit on the length of messages that may be imposes an upper limit on the length of messages that may be
processed by wrap, the implementation should not return a value that processed by wrap, the implementation should not return a value that
is greater than this length. is greater than this length.
Parameters: Parameters:
qop Indicates the level of protection wrap will be asked qop Indicates the level of protection wrap will be asked
GSS-API Java Bindings December 1999
to provide. to provide.
confReq Indicates if wrap will be asked to provide privacy confReq Indicates if wrap will be asked to provide privacy
service. service.
maxTokenSize maxTokenSize
The desired maximum size of the token emitted by wrap. The desired maximum size of the token emitted by wrap.
GSS-API Java Bindings October 1999
6.4.10. wrap 6.4.10. wrap
public byte[] wrap(byte inBuf[], int offset, int len, public byte[] wrap(byte inBuf[], int offset, int len,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Applies per-message security services over the established security Applies per-message security services over the established security
context. The method will return a token with a cryptographic MIC and context. The method will return a token with a cryptographic MIC and
may optionally encrypt the specified inBuf. This method is may optionally encrypt the specified inBuf. This method is
equivalent in functionality to its stream counterpart. The returned equivalent in functionality to its stream counterpart. The returned
byte array will contain both the MIC and the message. byte array will contain both the MIC and the message.
skipping to change at page 61, line 46 skipping to change at page 64, line 4
inBuf Application data to be protected. inBuf Application data to be protected.
offset The offset within the inBuf where the data begins. offset The offset within the inBuf where the data begins.
len The length of the data within the inBuf (starting at len The length of the data within the inBuf (starting at
the offset). the offset).
msgProp Instance of MessageProp that is used by the msgProp Instance of MessageProp that is used by the
application to set the desired QOP and privacy state. application to set the desired QOP and privacy state.
Set the desired QOP to 0 to request the default QOP. Set the desired QOP to 0 to request the default QOP.
GSS-API Java Bindings December 1999
Upon return from this method, this object will contain Upon return from this method, this object will contain
the the actual privacy state that was applied to the the the actual privacy state that was applied to the
message by the underlying mechanism. message by the underlying mechanism.
6.4.11. wrap 6.4.11. wrap
public void wrap(InputStream inStream, OutputStream outStream, public void wrap(InputStream inStream, OutputStream outStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
GSS-API Java Bindings October 1999
Allows to apply per-message security services over the established Allows to apply per-message security services over the established
security context. The method will produce a token with a security context. The method will produce a token with a
cryptographic MIC and may optionally encrypt the message in inStream. cryptographic MIC and may optionally encrypt the message in inStream.
The outStream will contain both the MIC and the message. The outStream will contain both the MIC and the message.
The MessageProp object is instantiated by the application and used to The MessageProp object is instantiated by the application and used to
specify a QOP value which selects cryptographic algorithms, and a specify a QOP value which selects cryptographic algorithms, and a
privacy service to optionally encrypt the message. The underlying privacy service to optionally encrypt the message. The underlying
mechanism that is used in the call may not be able to provide the mechanism that is used in the call may not be able to provide the
privacy service. It sets the actual privacy service that it does privacy service. It sets the actual privacy service that it does
skipping to change at page 62, line 44 skipping to change at page 65, line 5
The application is responsible for sending this to the The application is responsible for sending this to the
other peer for processing in its unwrap method. other peer for processing in its unwrap method.
msgProp Instance of MessageProp that is used by the msgProp Instance of MessageProp that is used by the
application to set the desired QOP and privacy state. application to set the desired QOP and privacy state.
Set the desired QOP to 0 to request the default QOP. Set the desired QOP to 0 to request the default QOP.
Upon return from this method, this object will contain Upon return from this method, this object will contain
the the actual privacy state that was applied to the the the actual privacy state that was applied to the
message by the underlying mechanism. message by the underlying mechanism.
GSS-API Java Bindings December 1999
6.4.12. unwrap 6.4.12. unwrap
public byte [] unwrap(byte[] inBuf, int offset, int len, public byte [] unwrap(byte[] inBuf, int offset, int len,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Used by the peer application to process tokens generated with the Used by the peer application to process tokens generated with the
wrap call. This call is equal in functionality to its stream wrap call. This call is equal in functionality to its stream
counterpart. The method will return the message supplied in the peer counterpart. The method will return the message supplied in the peer
application to the wrap call, verifying the embedded MIC. application to the wrap call, verifying the embedded MIC.
GSS-API Java Bindings October 1999
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
as the QOP, whether confidentiality was applied to the message, and as the QOP, whether confidentiality was applied to the message, and
other supplementary message state information. other supplementary message state information.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by wrap to provide "secure framing", implementations should support by wrap to provide "secure framing", implementations should support
the wrapping and unwrapping of zero-length messages. the wrapping and unwrapping of zero-length messages.
Parameters: Parameters:
skipping to change at page 63, line 44 skipping to change at page 66, line 4
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Used by the peer application to process tokens generated with the Used by the peer application to process tokens generated with the
wrap call. This call is equal in functionality to its byte array wrap call. This call is equal in functionality to its byte array
counterpart. It will produce the message supplied in the peer counterpart. It will produce the message supplied in the peer
application to the wrap call, verifying the embedded MIC. application to the wrap call, verifying the embedded MIC.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
as the QOP, whether confidentiality was applied to the message, and as the QOP, whether confidentiality was applied to the message, and
GSS-API Java Bindings December 1999
other supplementary message state information. other supplementary message state information.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by wrap to provide "secure framing", implementations should support by wrap to provide "secure framing", implementations should support
the wrapping and unwrapping of zero-length messages. the wrapping and unwrapping of zero-length messages.
Parameters: Parameters:
inStream Input stream containing the GSS-API wrap token inStream Input stream containing the GSS-API wrap token
received from the peer. received from the peer.
GSS-API Java Bindings October 1999
outStream The output stream to write the application message to. outStream The output stream to write the application message to.
msgProp Upon return from the method, this object will contain msgProp Upon return from the method, this object will contain
the applied QOP, the privacy state of the message, and the applied QOP, the privacy state of the message, and
supplementary information described in 4.12.3 stating supplementary information described in 4.12.3 stating
whether the token was a duplicate, old, out of whether the token was a duplicate, old, out of
sequence or arriving after a gap. sequence or arriving after a gap.
6.4.14. getMIC 6.4.14. getMIC
skipping to change at page 64, line 43 skipping to change at page 67, line 4
inMsg Message to generate MIC over. inMsg Message to generate MIC over.
offset The offset within the inMsg where the token begins. offset The offset within the inMsg where the token begins.
len The length of the token within the inMsg (starting at len The length of the token within the inMsg (starting at
the offset). the offset).
msgProp Instance of MessageProp that is used by the msgProp Instance of MessageProp that is used by the
application to set the desired QOP. Set the desired application to set the desired QOP. Set the desired
GSS-API Java Bindings December 1999
QOP to 0 in msgProp to request the default QOP. QOP to 0 in msgProp to request the default QOP.
Alternatively pass in "null" for msgProp to request Alternatively pass in "null" for msgProp to request
default QOP. default QOP.
6.4.15. getMIC 6.4.15. getMIC
public void getMIC(InputStream inStream, OutputStream outStream, public void getMIC(InputStream inStream, OutputStream outStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Produces a token containing a cryptographic MIC for the supplied Produces a token containing a cryptographic MIC for the supplied
GSS-API Java Bindings October 1999
message, for transfer to the peer application. Unlike wrap, which message, for transfer to the peer application. Unlike wrap, which
encapsulates the user message in the returned token, only the message encapsulates the user message in the returned token, only the message
MIC is produced in the output token. This method is identical in MIC is produced in the output token. This method is identical in
functionality to its byte array counterpart. functionality to its byte array counterpart.
Note that privacy can only be applied through the wrap call. Note that privacy can only be applied through the wrap call.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
derivation of MICs from zero-length messages. derivation of MICs from zero-length messages.
skipping to change at page 65, line 43 skipping to change at page 68, line 4
public void verifyMIC(byte []inTok, int tokOffset, int tokLen, public void verifyMIC(byte []inTok, int tokOffset, int tokLen,
byte[] inMsg, int msgOffset, int msgLen, byte[] inMsg, int msgOffset, int msgLen,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Verifies the cryptographic MIC, contained in the token parameter, Verifies the cryptographic MIC, contained in the token parameter,
over the supplied message. This method is equivalent in over the supplied message. This method is equivalent in
functionality to its stream counterpart. functionality to its stream counterpart.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
GSS-API Java Bindings December 1999
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
as the QOP indicating the strength of protection that was applied to as the QOP indicating the strength of protection that was applied to
the message and other supplementary message state information. the message and other supplementary message state information.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
the calculation and verification of MICs over zero-length messages. the calculation and verification of MICs over zero-length messages.
Parameters: Parameters:
inTok Token generated by peer's getMIC method. inTok Token generated by peer's getMIC method.
GSS-API Java Bindings October 1999
tokOffset The offset within the inTok where the token begins. tokOffset The offset within the inTok where the token begins.
tokLen The length of the token within the inTok (starting at tokLen The length of the token within the inTok (starting at
the offset). the offset).
inMsg Application message to verify the cryptographic MIC inMsg Application message to verify the cryptographic MIC
over. over.
msgOffset The offset within the inMsg where the message begins. msgOffset The offset within the inMsg where the message begins.
skipping to change at page 66, line 42 skipping to change at page 69, line 4
Verifies the cryptographic MIC, contained in the token parameter, Verifies the cryptographic MIC, contained in the token parameter,
over the supplied message. This method is equivalent in over the supplied message. This method is equivalent in
functionality to its byte array counterpart. functionality to its byte array counterpart.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
as the QOP indicating the strength of protection that was applied to as the QOP indicating the strength of protection that was applied to
the message and other supplementary message state information. the message and other supplementary message state information.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
GSS-API Java Bindings December 1999
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
the calculation and verification of MICs over zero-length messages. the calculation and verification of MICs over zero-length messages.
Parameters: Parameters:
tokStream Input stream containing the token generated by peer's tokStream Input stream containing the token generated by peer's
getMIC method. getMIC method.
msgStream Input stream containing the application message to msgStream Input stream containing the application message to
verify the cryptographic MIC over. verify the cryptographic MIC over.
msgProp Upon return from the method, this object will contain msgProp Upon return from the method, this object will contain
GSS-API Java Bindings October 1999
the applied QOP and supplementary information the applied QOP and supplementary information
described in 4.12.3 stating whether the token was a described in 4.12.3 stating whether the token was a
duplicate, old, out of sequence or arriving after a duplicate, old, out of sequence or arriving after a
gap. The confidentiality state will be set to gap. The confidentiality state will be set to
"false". "false".
6.4.18. export 6.4.18. export
public byte [] export() throws GSSException public byte [] export() throws GSSException
skipping to change at page 67, line 42 skipping to change at page 70, line 4
interprocess token may be imported, either as a function of local interprocess token may be imported, either as a function of local
security policy, or as a result of implementation decisions. For security policy, or as a result of implementation decisions. For
example, some implementations may constrain contexts to be passed example, some implementations may constrain contexts to be passed
only between processes that run under the same account, or which are only between processes that run under the same account, or which are
part of the same process group. part of the same process group.
The interprocess token may contain security-sensitive information The interprocess token may contain security-sensitive information
(for example cryptographic keys). While mechanisms are encouraged to (for example cryptographic keys). While mechanisms are encouraged to
either avoid placing such sensitive information within interprocess either avoid placing such sensitive information within interprocess
tokens, or to encrypt the token before returning it to the tokens, or to encrypt the token before returning it to the
GSS-API Java Bindings December 1999
application, in a typical GSS-API implementation this may not be application, in a typical GSS-API implementation this may not be
possible. Thus the application must take care to protect the possible. Thus the application must take care to protect the
interprocess token, and ensure that any process to which the token is interprocess token, and ensure that any process to which the token is
transferred is trustworthy. transferred is trustworthy.
6.4.19. requestMutualAuth 6.4.19. requestMutualAuth
public void requestMutualAuth(boolean state) throws GSSException public void requestMutualAuth(boolean state) throws GSSException
Sets the request state of the mutual authentication flag for the Sets the request state of the mutual authentication flag for the
context. This method is only valid before the context creation context. This method is only valid before the context creation
GSS-API Java Bindings October 1999
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if mutual authentication should state Boolean representing if mutual authentication should
be requested during context establishment. be requested during context establishment.
6.4.20. requestReplayDet 6.4.20. requestReplayDet
public void requestReplayDet(boolean state) throws GSSException public void requestReplayDet(boolean state) throws GSSException
skipping to change at page 68, line 40 skipping to change at page 71, line 5
Sets the request state for the sequence checking service of the Sets the request state for the sequence checking service of the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if sequence detection is desired state Boolean representing if sequence detection is desired
over the established context. over the established context.
GSS-API Java Bindings December 1999
6.4.22. requestCredDeleg 6.4.22. requestCredDeleg
public void requestCredDeleg(boolean state) throws GSSException public void requestCredDeleg(boolean state) throws GSSException
Sets the request state for the credential delegation flag for the Sets the request state for the credential delegation flag for the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if credential delegation is state Boolean representing if credential delegation is
desired. desired.
GSS-API Java Bindings October 1999
6.4.23. requestAnonymity 6.4.23. requestAnonymity
public void requestAnonymity(boolean state) throws GSSException public void requestAnonymity(boolean state) throws GSSException
Requests anonymous support over the context. This method is only Requests anonymous support over the context. This method is only
valid before the context creation process begins and only for the valid before the context creation process begins and only for the
initiator. initiator.
Parameters: Parameters:
skipping to change at page 69, line 39 skipping to change at page 72, line 4
state Boolean indicating if confidentiality services are to state Boolean indicating if confidentiality services are to
be requested for the context. be requested for the context.
6.4.25. requestInteg 6.4.25. requestInteg
public void requestInteg(boolean state) throws GSSException public void requestInteg(boolean state) throws GSSException
Requests that integrity services be available over the context. This Requests that integrity services be available over the context. This
method is only valid before the context creation process begins and method is only valid before the context creation process begins and
GSS-API Java Bindings December 1999
only for the initiator. only for the initiator.
Parameters: Parameters:
state Boolean indicating if integrity services are to be state Boolean indicating if integrity services are to be
requested for the context. requested for the context.
6.4.26. requestLifetime 6.4.26. requestLifetime
public void requestLifetime(int lifetime) throws GSSException public void requestLifetime(int lifetime) throws GSSException
Sets the desired lifetime for the context in seconds. This method is Sets the desired lifetime for the context in seconds. This method is
only valid before the context creation process begins and only for only valid before the context creation process begins and only for
GSS-API Java Bindings October 1999
the initiator. the initiator.
Parameters: Parameters:
lifetime The desired context lifetime in seconds. lifetime The desired context lifetime in seconds.
6.4.27. setChannelBinding 6.4.27. setChannelBinding
public void setChannelBinding(ChannelBinding cb) throws GSSException public void setChannelBinding(ChannelBinding cb) throws GSSException
skipping to change at page 70, line 38 skipping to change at page 73, line 5
Returns the state of the delegated credentials for the context. When Returns the state of the delegated credentials for the context. When
issued before context establishment is completed or when the issued before context establishment is completed or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
6.4.29. getMutualAuthState 6.4.29. getMutualAuthState
public boolean getMutualAuthState() public boolean getMutualAuthState()
GSS-API Java Bindings December 1999
Returns the state of the mutual authentication option for the Returns the state of the mutual authentication option for the
context. When issued before context establishment completes or when context. When issued before context establishment completes or when
the isProtReady method returns "false", it returns the desired state, the isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
6.4.30. getReplayDetState 6.4.30. getReplayDetState
public boolean getReplayDetState() public boolean getReplayDetState()
Returns the state of the replay detection option for the context. Returns the state of the replay detection option for the context.
When issued before context establishment completes or when the When issued before context establishment completes or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
GSS-API Java Bindings October 1999
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
6.4.31. getSequenceDetState 6.4.31. getSequenceDetState
public boolean getSequenceDetState() public boolean getSequenceDetState()
Returns the state of the sequence detection option for the context. Returns the state of the sequence detection option for the context.
When issued before context establishment completes or when the When issued before context establishment completes or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
skipping to change at page 71, line 37 skipping to change at page 74, line 5
indicate the actual state over the established context. indicate the actual state over the established context.
6.4.33. isTransferable 6.4.33. isTransferable
public boolean isTransferable() throws GSSException public boolean isTransferable() throws GSSException
Returns "true" if the context is transferable to other processes Returns "true" if the context is transferable to other processes
through the use of the export method. This call is only valid on through the use of the export method. This call is only valid on
fully established contexts. fully established contexts.
GSS-API Java Bindings December 1999
6.4.34. isProtReady 6.4.34. isProtReady
public boolean isProtReady() public boolean isProtReady()
Returns "true" if the per message operations can be applied over the Returns "true" if the per message operations can be applied over the
context. Some mechanisms may allow the usage of per-message context. Some mechanisms may allow the usage of per-message
operations before the context is fully established. This will also operations before the context is fully established. This will also
indicate that the get methods will return actual context state indicate that the get methods will return actual context state
characteristics instead of the desired ones. characteristics instead of the desired ones.
6.4.35. getConfState 6.4.35. getConfState
public boolean getConfState() public boolean getConfState()
GSS-API Java Bindings October 1999
Returns the confidentiality service state over the context. When Returns the confidentiality service state over the context. When
issued before context establishment completes or when the isProtReady issued before context establishment completes or when the isProtReady
method returns "false", it returns the desired state, otherwise it method returns "false", it returns the desired state, otherwise it
will indicate the actual state over the established context. will indicate the actual state over the established context.
6.4.36. getIntegState 6.4.36. getIntegState
public boolean getIntegState() public boolean getIntegState()
Returns the integrity service state over the context. When issued Returns the integrity service state over the context. When issued
skipping to change at page 72, line 38 skipping to change at page 75, line 5
the remaining lifetime for the context. the remaining lifetime for the context.
6.4.38. getSrcName 6.4.38. getSrcName
public GSSName getSrcName() throws GSSException public GSSName getSrcName() throws GSSException
Returns the name of the context initiator. This call is valid only Returns the name of the context initiator. This call is valid only
after the context is fully established or the isProtReady method after the context is fully established or the isProtReady method
returns "true". It is guaranteed to return an MN. returns "true". It is guaranteed to return an MN.
GSS-API Java Bindings December 1999
6.4.39. getTargName 6.4.39. getTargName
public GSSName getTargName() throws GSSException public GSSName getTargName() throws GSSException
Returns the name of the context target (acceptor). This call is Returns the name of the context target (acceptor). This call is
valid only after the context is fully established or the isProtReady valid only after the context is fully established or the isProtReady
method returns "true". It is guaranteed to return an MN. method returns "true". It is guaranteed to return an MN.
6.4.40. getMech 6.4.40. getMech
public Oid getMech() throws GSSException public Oid getMech() throws GSSException
GSS-API Java Bindings October 1999
Returns the mechanism oid for this context. Returns the mechanism oid for this context.
6.4.41. getDelegCred 6.4.41. getDelegCred
public GSSCredential getDelegCred() throws GSSException public GSSCredential getDelegCred() throws GSSException
Returns the delegated credential object on the acceptor's side. To Returns the delegated credential object on the acceptor's side. To
check for availability of delegated credentials call check for availability of delegated credentials call
getDelegCredState. This call is only valid on fully established getDelegCredState. This call is only valid on fully established
contexts. contexts.
skipping to change at page 73, line 38 skipping to change at page 76, line 4
methods to convey per-message properties. methods to convey per-message properties.
When used with the GSSContext interface's wrap and getMIC methods, an When used with the GSSContext interface's wrap and getMIC methods, an
instance of this class is used to indicate the desired QOP and to instance of this class is used to indicate the desired QOP and to
request if confidentiality services are to be applied to caller request if confidentiality services are to be applied to caller
supplied data (wrap only). To request default QOP, the value of 0 supplied data (wrap only). To request default QOP, the value of 0
should be used for QOP. should be used for QOP.
When used with the unwrap and verifyMIC methods of the GSSContext When used with the unwrap and verifyMIC methods of the GSSContext
interface, an instance of this class will be used to indicate the interface, an instance of this class will be used to indicate the
GSS-API Java Bindings December 1999
applied QOP and confidentiality services over the supplied message. applied QOP and confidentiality services over the supplied message.
In the case of verifyMIC, the confidentiality state will always be In the case of verifyMIC, the confidentiality state will always be
"false". Upon return from these methods, this object will also "false". Upon return from these methods, this object will also
contain any supplementary status values applicable to the processed contain any supplementary status values applicable to the processed
token. The supplementary status values can indicate old tokens, out token. The supplementary status values can indicate old tokens, out
of sequence tokens, gap tokens or duplicate tokens. of sequence tokens, gap tokens or duplicate tokens.
6.5.1. Constructors 6.5.1. Constructors
public MessageProp(boolean privState) public MessageProp(boolean privState)
Constructor which sets QOP to 0 indicating that the default QOP is Constructor which sets QOP to 0 indicating that the default QOP is
GSS-API Java Bindings October 1999
requested. requested.
Parameters: Parameters:
privState The desired privacy state. "true" for privacy and privState The desired privacy state. "true" for privacy and
"false" for integrity only. "false" for integrity only.
public MessageProp(int qop, boolean privState) public MessageProp(int qop, boolean privState)
Constructor which sets the values for the qop and privacy state. Constructor which sets the values for the qop and privacy state.
skipping to change at page 74, line 37 skipping to change at page 77, line 5
public int getQOP() public int getQOP()
Retrieves the QOP value. Retrieves the QOP value.
6.5.3. getPrivacy 6.5.3. getPrivacy
public boolean getPrivacy() public boolean getPrivacy()
Retrieves the privacy state. Retrieves the privacy state.
GSS-API Java Bindings December 1999
6.5.4. getMinorStatus 6.5.4. getMinorStatus
public int getMinorStatus() public int getMinorStatus()
Retrieves the minor status that the underlying mechanism might have Retrieves the minor status that the underlying mechanism might have
set. set.
6.5.5. getMinorString 6.5.5. getMinorString
public String getMinorString() public String getMinorString()
Returns a string explaining the mechanism specific error code. null Returns a string explaining the mechanism specific error code. null
will be returned when no mechanism error code has been set. will be returned when no mechanism error code has been set.
GSS-API Java Bindings October 1999
6.5.6. setQOP 6.5.6. setQOP
public void setQOP(int qopVal) public void setQOP(int qopVal)
Sets the QOP value. Sets the QOP value.
Parameters: Parameters:
qopVal The QOP value to be set. Use 0 to request a default qopVal The QOP value to be set. Use 0 to request a default
QOP value. QOP value.
skipping to change at page 75, line 34 skipping to change at page 78, line 5
Parameters: Parameters:
privState The privacy state to set. privState The privacy state to set.
6.5.8. isDuplicateToken 6.5.8. isDuplicateToken
public boolean isDuplicateToken() public boolean isDuplicateToken()
Returns "true" if this is a duplicate of an earlier token. Returns "true" if this is a duplicate of an earlier token.
GSS-API Java Bindings December 1999
6.5.9. isOldToken 6.5.9. isOldToken
public boolean isOldToken() public boolean isOldToken()
Returns "true" if the token's validity period has expired. Returns "true" if the token's validity period has expired.
6.5.10. isUnseqToken 6.5.10. isUnseqToken
public boolean isUnseqToken() public boolean isUnseqToken()
Returns "true" if a later token has already been processed. Returns "true" if a later token has already been processed.
6.5.11. isGapToken 6.5.11. isGapToken
public boolean isGapToken() public boolean isGapToken()
GSS-API Java Bindings October 1999
Returns "true" if an expected per-message token was not received. Returns "true" if an expected per-message token was not received.
6.5.12. setSupplementaryStates 6.5.12. setSupplementaryStates
public void setSupplementaryStates(boolean duplicate, public void setSupplementaryStates(boolean duplicate,
boolean old, boolean unseq, boolean gap, boolean old, boolean unseq, boolean gap,
int minorStatus, String minorString) int minorStatus, String minorString)
This method sets the state for the supplementary information flags This method sets the state for the supplementary information flags
and the minor status in MessageProp. It is not used by the and the minor status in MessageProp. It is not used by the
skipping to change at page 76, line 37 skipping to change at page 79, line 5
unseq true if a later token has already been processed, unseq true if a later token has already been processed,
false otherwise false otherwise
gap true if one or more predecessor tokens have not yet gap true if one or more predecessor tokens have not yet
been successfully processed, false otherwise been successfully processed, false otherwise
minorStatus the integer minor status code that the underlying minorStatus the integer minor status code that the underlying
mechanism wants to set mechanism wants to set
GSS-API Java Bindings December 1999
minorString the textual representation of the minorStatus minorString the textual representation of the minorStatus
value value
6.6. public class ChannelBinding 6.6. public class ChannelBinding
The GSS-API accommodates the concept of caller-provided channel The GSS-API accommodates the concept of caller-provided channel
binding information. Channel bindings are used to strengthen the binding information. Channel bindings are used to strengthen the
quality with which peer entity authentication is provided during quality with which peer entity authentication is provided during
context establishment. They enable the GSS-API callers to bind the context establishment. They enable the GSS-API callers to bind the
establishment of the security context to relevant characteristics establishment of the security context to relevant characteristics
like addresses or to application specific data. like addresses or to application specific data.
The caller initiating the security context must determine the The caller initiating the security context must determine the
appropriate channel binding values to set in the GSSContext object. appropriate channel binding values to set in the GSSContext object.
GSS-API Java Bindings October 1999
The acceptor must provide an identical binding in order to validate The acceptor must provide an identical binding in order to validate
that received tokens possess correct channel-related characteristics. that received tokens possess correct channel-related characteristics.
Use of channel bindings is optional in GSS-API. Since channel- Use of channel bindings is optional in GSS-API. Since channel-
binding information may be transmitted in context establishment binding information may be transmitted in context establishment
tokens, applications should therefore not use confidential data as tokens, applications should therefore not use confidential data as
channel-binding components. channel-binding components.
6.6.1. Constructors 6.6.1. Constructors
skipping to change at page 77, line 37 skipping to change at page 80, line 4
can be supplied to indicate that the application does can be supplied to indicate that the application does
not want to set this value. not want to set this value.
acceptAddrThe address of the context acceptor. "null" value can acceptAddrThe address of the context acceptor. "null" value can
be supplied to indicate that the application does not be supplied to indicate that the application does not
want to set this value. want to set this value.
appData Application supplied data to be used as part of the appData Application supplied data to be used as part of the
channel bindings. "null" value can be supplied to channel bindings. "null" value can be supplied to
indicate that the application does not want to set indicate that the application does not want to set
GSS-API Java Bindings December 1999
this value. this value.
public ChannelBinding(byte[] appData) public ChannelBinding(byte[] appData)
Creates a ChannelBinding object without any addressing information. Creates a ChannelBinding object without any addressing information.
Parameters: Parameters:
appData Application supplied data to be used as part of the appData Application supplied data to be used as part of the
channel bindings. channel bindings.
6.6.2. getInitiatorAddress 6.6.2. getInitiatorAddress
public InetAddress getInitiatorAddress() public InetAddress getInitiatorAddress()
GSS-API Java Bindings October 1999
Returns the initiator's address for this channel binding. "null" is Returns the initiator's address for this channel binding. "null" is
returned if the address has not been set. returned if the address has not been set.
6.6.3. getAcceptorAddress 6.6.3. getAcceptorAddress
public InetAddress getAcceptorAddress() public InetAddress getAcceptorAddress()
Returns the acceptor's address for this channel binding. "null" is Returns the acceptor's address for this channel binding. "null" is
returned if the address has not been set. returned if the address has not been set.
skipping to change at page 78, line 29 skipping to change at page 80, line 44
public byte[] getApplicationData() public byte[] getApplicationData()
Returns application data being used as part of the ChannelBinding. Returns application data being used as part of the ChannelBinding.
"null" is returned if no application data has been specified for the "null" is returned if no application data has been specified for the
channel binding. channel binding.
6.6.5. equals 6.6.5. equals
public boolean equals(Object obj) public boolean equals(Object obj)
Returns "true" if two channel bindings match. Returns "true" if two channel bindings match. (Note that the Java
language specification requires that two objects that are equal
according to the equals(Object) method must return the same integer
result when the hashCode() method is called on them.)
GSS-API Java Bindings December 1999
Parameters: Parameters:
obj Another channel binding to compare with. obj Another channel binding to compare with.
6.7. public class Oid 6.7. public class Oid
This class represents Universal Object Identifiers (Oids) and their This class represents Universal Object Identifiers (Oids) and their
associated operations. associated operations.
Oids are hierarchically globally-interpretable identifiers used Oids are hierarchically globally-interpretable identifiers used
within the GSS-API framework to identify mechanisms and name formats. within the GSS-API framework to identify mechanisms and name formats.
The structure and encoding of Oids is defined in ISOIEC-8824 and The structure and encoding of Oids is defined in ISOIEC-8824 and
ISOIEC-8825. For example the Oid representation of Kerberos V5 ISOIEC-8825. For example the Oid representation of Kerberos V5
mechanism is "1.2.840.113554.1.2.2" mechanism is "1.2.840.113554.1.2.2"
The GSSName name class contains public static Oid objects The GSSName name class contains public static Oid objects
GSS-API Java Bindings October 1999
representing the standard name types defined in GSS-API. representing the standard name types defined in GSS-API.
6.7.1. Constructors 6.7.1. Constructors
public Oid(String strOid) throws GSSException public Oid(String strOid) throws GSSException
Creates an Oid object from a string representation of its integer Creates an Oid object from a string representation of its integer
components (e.g. "1.2.840.113554.1.2.2"). components (e.g. "1.2.840.113554.1.2.2").
Parameters: Parameters:
skipping to change at page 79, line 33 skipping to change at page 82, line 5
encoding including tag and length. The structure and encoding of encoding including tag and length. The structure and encoding of
Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is
identical in functionality to its byte array counterpart. identical in functionality to its byte array counterpart.
Parameters: Parameters:
derOid Stream containing the DER encoded oid. derOid Stream containing the DER encoded oid.
public Oid(byte[] DEROid) throws GSSException public Oid(byte[] DEROid) throws GSSException
GSS-API Java Bindings December 1999
Creates an Oid object from its DER encoding. This refers to the full Creates an Oid object from its DER encoding. This refers to the full
encoding including tag and length. The structure and encoding of encoding including tag and length. The structure and encoding of
Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is
identical in functionality to its byte array counterpart. identical in functionality to its byte array counterpart.
Parameters: Parameters:
derOid Byte array storing a DER encoded oid. derOid Byte array storing a DER encoded oid.
6.7.2. toString 6.7.2. toString
public String toString() public String toString()
Returns a string representation of the oid's integer components in Returns a string representation of the oid's integer components in
dot separated notation (e.g. "1.2.840.113554.1.2.2"). dot separated notation (e.g. "1.2.840.113554.1.2.2").
GSS-API Java Bindings October 1999
6.7.3. equals 6.7.3. equals
public boolean equals(Object Obj) public boolean equals(Object Obj)
Returns "true" if the two Oid objects represent the same oid value. Returns "true" if the two Oid objects represent the same oid value.
(Note that the Java language specification requires that two objects
that are equal according to the equals(Object) method must return the
same integer result when the hashCode() method is called on them.)
Parameters: Parameters:
obj Another Oid object to compare with. obj Another Oid object to compare with.
6.7.4. getDER 6.7.4. getDER
public byte[] getDER() public byte[] getDER()
Returns the full ASN.1 DER encoding for this oid object, which Returns the full ASN.1 DER encoding for this oid object, which
skipping to change at page 80, line 33 skipping to change at page 83, line 5
6.7.5. containedIn 6.7.5. containedIn
public boolean containedIn(Oid[] oids) public boolean containedIn(Oid[] oids)
A utility method to test if an Oid object is contained within the A utility method to test if an Oid object is contained within the
supplied Oid object array. supplied Oid object array.
Parameters: Parameters:
GSS-API Java Bindings December 1999
oids An array of oids to search. oids An array of oids to search.
6.8. public class GSSException extends Exception 6.8. public class GSSException extends Exception
This exception is thrown whenever a fatal GSS-API error occurs This exception is thrown whenever a fatal GSS-API error occurs
including mechanism specific errors. It may contain both, the major including mechanism specific errors. It may contain both, the major
and minor, GSS-API status codes. The mechanism implementers are and minor, GSS-API status codes. The mechanism implementers are
responsible for setting appropriate minor status codes when throwing responsible for setting appropriate minor status codes when throwing
this exception. Aside from delivering the numeric error code(s) to this exception. Aside from delivering the numeric error code(s) to
the caller, this class performs the mapping from their numeric values the caller, this class performs the mapping from their numeric values
to textual representations. All Java GSS-API methods are declared to textual representations. All Java GSS-API methods are declared
throwing this exception. throwing this exception.
All implementations are encouraged to use the Java All implementations are encouraged to use the Java
internationalization techniques to provide local translations of the internationalization techniques to provide local translations of the
message strings. message strings.
GSS-API Java Bindings October 1999
6.8.1. Static Constants 6.8.1. Static Constants
All valid major GSS-API error code values are declared as constants All valid major GSS-API error code values are declared as constants
in this class. in this class.
public static final int BAD_BINDINGS public static final int BAD_BINDINGS
Channel bindings mismatch error. Channel bindings mismatch error.
public static final int BAD_MECH public static final int BAD_MECH
skipping to change at page 81, line 30 skipping to change at page 84, line 5
public static final int BAD_NAME public static final int BAD_NAME
Invalid name provided error. Invalid name provided error.
public static final int BAD_NAMETYPE public static final int BAD_NAMETYPE
Name of unsupported type provided error. Name of unsupported type provided error.
public static final int BAD_STATUS public static final int BAD_STATUS
GSS-API Java Bindings December 1999
Invalid status code error - this is the default status value. Invalid status code error - this is the default status value.
public static final int BAD_MIC public static final int BAD_MIC
Token had invalid integrity check error. Token had invalid integrity check error.
public static final int CONTEXT_EXPIRED public static final int CONTEXT_EXPIRED
Specified security context expired error. Specified security context expired error.
public static final int CREDENTIALS_EXPIRED public static final int CREDENTIALS_EXPIRED
Expired credentials detected error. Expired credentials detected error.
public static final int DEFECTIVE_CREDENTIAL public static final int DEFECTIVE_CREDENTIAL
GSS-API Java Bindings October 1999
Defective credential error. Defective credential error.
public static final int DEFECTIVE_TOKEN public static final int DEFECTIVE_TOKEN
Defective token error. Defective token error.
public static final int FAILURE public static final int FAILURE
General failure, unspecified at GSS-API level. General failure, unspecified at GSS-API level.
skipping to change at page 82, line 29 skipping to change at page 85, line 5
Invalid security context error. Invalid security context error.
public static final int NO_CRED public static final int NO_CRED
Invalid credentials error. Invalid credentials error.
public static final int BAD_QOP public static final int BAD_QOP
Unsupported QOP value error. Unsupported QOP value error.
GSS-API Java Bindings December 1999
public static final int UNAUTHORIZED public static final int UNAUTHORIZED
Operation unauthorized error. Operation unauthorized error.
public static final int UNAVAILABLE public static final int UNAVAILABLE
Operation unavailable error. Operation unavailable error.
public static final int DUPLICATE_ELEMENT public static final int DUPLICATE_ELEMENT
Duplicate credential element requested error. Duplicate credential element requested error.
public static final int NAME_NOT_MN public static final int NAME_NOT_MN
Name contains multi-mechanism elements error. Name contains multi-mechanism elements error.
GSS-API Java Bindings October 1999
public static final int DUPLICATE_TOKEN public static final int DUPLICATE_TOKEN
The token was a duplicate of an earlier token. This is a fatal error The token was a duplicate of an earlier token. This is a fatal error
code that may occur during context establishment. It is not used to code that may occur during context establishment. It is not used to
indicate supplementary status values. The MessageProp object is used indicate supplementary status values. The MessageProp object is used
for that purpose. for that purpose.
public static final int OLD_TOKEN public static final int OLD_TOKEN
The token's validity period has expired. This is a fatal error code The token's validity period has expired. This is a fatal error code
skipping to change at page 83, line 32 skipping to change at page 86, line 4
A later token has already been processed. This is a fatal error code A later token has already been processed. This is a fatal error code
that may occur during context establishment. It is not used to that may occur during context establishment. It is not used to
indicate supplementary status values. The MessageProp object is used indicate supplementary status values. The MessageProp object is used
for that purpose. for that purpose.
public static final int GAP_TOKEN public static final int GAP_TOKEN
An expected per-message token was not received. This is a fatal An expected per-message token was not received. This is a fatal
error code that may occur during context establishment. It is not error code that may occur during context establishment. It is not
GSS-API Java Bindings December 1999
used to indicate supplementary status values. The MessageProp object used to indicate supplementary status values. The MessageProp object
is used for that purpose. is used for that purpose.
6.8.2. Constructors 6.8.2. Constructors
public GSSException(int majorCode) public GSSException(int majorCode)
Creates a GSSException object with a specified major code. Creates a GSSException object with a specified major code.
Parameters: Parameters:
majorCode The GSS error code causing this exception to be majorCode The GSS error code causing this exception to be
thrown. thrown.
public GSSException(int majorCode, int minorCode, String minorString) public GSSException(int majorCode, int minorCode, String minorString)
Creates a GSSException object with the specified major code, minor Creates a GSSException object with the specified major code, minor
code, and minor code textual explanation. This constructor is to be code, and minor code textual explanation. This constructor is to be
GSS-API Java Bindings October 1999
used when the exception is originating from the security mechanism. used when the exception is originating from the security mechanism.
It allows to specify the GSS code and the mechanism code. It allows to specify the GSS code and the mechanism code.
Parameters: Parameters:
majorCode The GSS error code causing this exception to be majorCode The GSS error code causing this exception to be
thrown. thrown.
minorCode The mechanism error code causing this exception minorCode The mechanism error code causing this exception
to be thrown. to be thrown.
skipping to change at page 84, line 33 skipping to change at page 87, line 4
public int getMajor() public int getMajor()
Returns the major code representing the GSS error code that caused Returns the major code representing the GSS error code that caused
this exception to be thrown. this exception to be thrown.
6.8.4. getMinor 6.8.4. getMinor
public int getMinor() public int getMinor()
Returns the mechanism error code that caused this exception. The Returns the mechanism error code that caused this exception. The
GSS-API Java Bindings December 1999
minor code is set by the underlying mechanism. Value of 0 indicates minor code is set by the underlying mechanism. Value of 0 indicates
that mechanism error code is not set. that mechanism error code is not set.
6.8.5. getMajorString 6.8.5. getMajorString
public String getMajorString() public String getMajorString()
Returns a string explaining the GSS major error code causing this Returns a string explaining the GSS major error code causing this
exception to be thrown. exception to be thrown.
6.8.6. getMinorString 6.8.6. getMinorString
public String getMinorString() public String getMinorString()
Returns a string explaining the mechanism specific error code. null Returns a string explaining the mechanism specific error code. null
will be returned when no mechanism error code has been set. will be returned when no mechanism error code has been set.
GSS-API Java Bindings October 1999
6.8.7. setMinor 6.8.7. setMinor
public void setMinor(int minorCode, String message) public void setMinor(int minorCode, String message)
Used internally by the GSS-API implementation and the underlying Used internally by the GSS-API implementation and the underlying
mechanisms to set the minor code and its textual representation. mechanisms to set the minor code and its textual representation.
Parameters: Parameters:
minorCode The mechanism specific error code. minorCode The mechanism specific error code.
skipping to change at page 85, line 33 skipping to change at page 88, line 4
Returns a textual representation of both the major and minor status Returns a textual representation of both the major and minor status
codes. codes.
6.8.9. getMessage 6.8.9. getMessage
public String getMessage() public String getMessage()
Returns a detailed message of this exception. Overrides Returns a detailed message of this exception. Overrides
Throwable.getMessage. It is customary in Java to use this method to Throwable.getMessage. It is customary in Java to use this method to
GSS-API Java Bindings December 1999
obtain exception information. obtain exception information.
7. Sample Applications 7. Sample Applications
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (1999). All Rights Reserved. Copyright (C) The Internet Society (1999). All Rights Reserved.
This document and translations of it may be copied and furnished This document and translations of it may be copied and furnished
to others, and derivative works that comment on or otherwise explain to others, and derivative works that comment on or otherwise explain
it or assist in its implementation may be prepared, copied, published it or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for developing Internet standards in which case the procedures for
GSS-API Java Bindings October 1999
copyrights defined in the Internet Standards process must be copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than followed, or as required to translate it into languages other than
English. English.
The limited permissions granted above are perpetual and will not The limited permissions granted above are perpetual and will not
be revoked by the Internet Society or its successors or assigns. be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on This document and the information contained herein is provided on
an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
skipping to change at page 86, line 29 skipping to change at page 88, line 47
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
7.1. Simple GSS Context Initiator 7.1. Simple GSS Context Initiator
import org.ietf.jgss.*; import org.ietf.jgss.*;
/** /**
* This is a partial sketch for a simple client program that acts * This is a partial sketch for a simple client program that acts
* as a GSS context initiator. It illustrates how to use the Java * as a GSS context initiator. It illustrates how to use the Java
* bindings for the GSS-API specified in * bindings for the GSS-API specified in
* draft-ietf-cat-gssv2-javabind-03.txt. * draft-ietf-cat-gssv2-javabind-04.txt.
* *
* This code sketch assumes the existence of a GSS-API * This code sketch assumes the existence of a GSS-API
GSS-API Java Bindings December 1999
* implementation that supports the mechanism that it will need and * implementation that supports the mechanism that it will need and
* is present as a library package (org.ietf.jgss) either as part of * is present as a library package (org.ietf.jgss) either as part of
* the standard JRE or in the CLASSPATH the application specifies. * the standard JRE or in the CLASSPATH the application specifies.
*/ */
public class SimpleClient { public class SimpleClient {
private String serviceName; // name of peer (ie. server) private String serviceName; // name of peer (ie. server)
private GSSCredential clientCred = null; private GSSCredential clientCred = null;
private GSSContext context = null; private GSSContext context = null;
private Oid mech; // underlying mechanism to use private Oid mech; // underlying mechanism to use
private GSSManager mgr = new GSSManager(); private GSSManager mgr = GSSManager.getInstance();
... ...
... ...
private void clientActions() { private void clientActions() {
initializeGSS(); initializeGSS();
GSS-API Java Bindings October 1999
establishContext(); establishContext();
doCommunication(); doCommunication();
} }
/** /**
* Acquire credentials for the client. * Acquire credentials for the client.
*/ */
private void initializeGSS() { private void initializeGSS() {
try { try {
skipping to change at page 87, line 35 skipping to change at page 90, line 4
print("Credential lifetime (sec)=" + print("Credential lifetime (sec)=" +
cred.getRemainingLifetime()); cred.getRemainingLifetime());
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API error in credential acquisition: " print("GSS-API error in credential acquisition: "
+ e.getMessage()); + e.getMessage());
... ...
... ...
} }
... ...
GSS-API Java Bindings December 1999
... ...
} }
/** /**
* Does the security context establishment with the * Does the security context establishment with the
* server. * server.
*/ */
private void establishContext() { private void establishContext() {
byte[] inToken = new byte[0]; byte[] inToken = new byte[0];
byte[] outToken = null; byte[] outToken = null;
try { try {
GSSName peer = mgr.createName(serviceName, GSSName peer = mgr.createName(serviceName,
GSSName.NT_HOSTBASED_SERVICE); GSSName.NT_HOSTBASED_SERVICE);
context = mgr.createContext(peer, mech, gssCred, context = mgr.createContext(peer, mech, gssCred,
GSSContext.INDEFINITE/*lifetime*/); GSSContext.INDEFINITE/*lifetime*/);
GSS-API Java Bindings October 1999
// Will need to support confidentiality // Will need to support confidentiality
context.requestConf(true); context.requestConf(true);
while (!context.isEstablished()) { while (!context.isEstablished()) {
outToken = context.initSecContext(inToken, 0, outToken = context.initSecContext(inToken, 0,
inToken.length); inToken.length);
if (outToken != null) if (outToken != null)
writeGSSToken(outToken); writeGSSToken(outToken);
skipping to change at page 88, line 36 skipping to change at page 91, line 5
print("GSS-API error during context establishment: " print("GSS-API error during context establishment: "
+ e.getMessage()); + e.getMessage());
... ...
... ...
} }
... ...
... ...
} }
GSS-API Java Bindings December 1999
/** /**
* Sends some data to the server and reads back the * Sends some data to the server and reads back the
* response. * response.
*/ */
private void doCommunication() { private void doCommunication() {
byte[] inToken = null; byte[] inToken = null;
byte[] outToken = null; byte[] outToken = null;
byte[] buffer; byte[] buffer;
// Container for multiple input-output arguments to and // Container for multiple input-output arguments to and
// from the per-message routines (e.g., wrap/unwrap). // from the per-message routines (e.g., wrap/unwrap).
MessageProp messgInfo = new MessageProp(); MessageProp messgInfo = new MessageProp();
try { try {
/* /*
* Now send some bytes to the server to be * Now send some bytes to the server to be
* processed. They will be integrity protected but * processed. They will be integrity protected but
* not encrypted for privacy. * not encrypted for privacy.
GSS-API Java Bindings October 1999
*/ */
buffer = readFromFile(); buffer = readFromFile();
// Set privacy to false and use the default QOP // Set privacy to false and use the default QOP
messgInfo.setPrivacy(false); messgInfo.setPrivacy(false);
outToken = context.wrap(buffer, 0, buffer.length, outToken = context.wrap(buffer, 0, buffer.length,
messgInfo); messgInfo);
skipping to change at page 89, line 36 skipping to change at page 92, line 4
// All ok if no exception was thrown! // All ok if no exception was thrown!
GSSName peer = context.getSrcName(); GSSName peer = context.getSrcName();
print("Message from " + peer.toString() print("Message from " + peer.toString()
+ " arrived."); + " arrived.");
print("Was it encrypted? " + print("Was it encrypted? " +
messgInfo.getPrivacy()); messgInfo.getPrivacy());
print("Duplicate Token? " + print("Duplicate Token? " +
messgInfo.isDuplicateToken()); messgInfo.isDuplicateToken());
GSS-API Java Bindings December 1999
print("Old Token? " + print("Old Token? " +
messgInfo.isOldToken()); messgInfo.isOldToken());
print("Unsequenced Token? " + print("Unsequenced Token? " +
messgInfo.isUnseqToken()); messgInfo.isUnseqToken());
print("Gap Token? " + print("Gap Token? " +
messgInfo.isGapToken()); messgInfo.isGapToken());
... ...
... ...
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API error in per-message calls: " print("GSS-API error in per-message calls: "
+ e.getMessage()); + e.getMessage());
... ...
... ...
} }
... ...
... ...
GSS-API Java Bindings October 1999
} // end of doCommunication method } // end of doCommunication method
... ...
... ...
} // end of class SimpleClient } // end of class SimpleClient
7.2. Simple GSS Context Acceptor 7.2. Simple GSS Context Acceptor
import org.ietf.jgss.*; import org.ietf.jgss.*;
/** /**
* This is a partial sketch for a simple server program that acts * This is a partial sketch for a simple server program that acts
* as a GSS context acceptor. It illustrates how to use the Java * as a GSS context acceptor. It illustrates how to use the Java
* bindings for the GSS-API specified in * bindings for the GSS-API specified in
* draft-ietf-cat-gssv2-javabind-03.txt. * draft-ietf-cat-gssv2-javabind-04.txt.
* *
* This code sketch assumes the existence of a GSS-API * This code sketch assumes the existence of a GSS-API
* implementation that supports the mechanisms that it will need and * implementation that supports the mechanisms that it will need and
* is present as a library package (org.ietf.jgss) either as part of * is present as a library package (org.ietf.jgss) either as part of
* the standard JRE or in the CLASSPATH the application specifies. * the standard JRE or in the CLASSPATH the application specifies.
*/ */
GSS-API Java Bindings December 1999
import org.ietf.jgss.*; import org.ietf.jgss.*;
public class SimpleServer { public class SimpleServer {
private String serviceName; private String serviceName;
private GSSName name; private GSSName name;
private GSSCredential cred; private GSSCredential cred;
private GSSManager mgr; private GSSManager mgr;
... ...
... ...
/** /**
* Wait for client connections, establish security contexts and * Wait for client connections, establish security contexts and
* provide service. * provide service.
*/ */
private void loop() { private void loop() {
... ...
GSS-API Java Bindings October 1999
... ...
mgr = new GSSManager(); mgr = GSSManager.getInstance();
name = mgr.createName(serviceName, name = mgr.createName(serviceName,
GSSName.NT_HOSTBASED_SERVICE); GSSName.NT_HOSTBASED_SERVICE);
cred = mgr.createCredential(name, cred = mgr.createCredential(name,
GSSCredential.INDEFINITE, GSSCredential.INDEFINITE,
null, null,
GSSCredential.ACCEPT_ONLY); GSSCredential.ACCEPT_ONLY);
// Loop infinitely // Loop infinitely
skipping to change at page 91, line 34 skipping to change at page 94, line 4
// Start a new thread to serve this connection // Start a new thread to serve this connection
Thread serverThread = new ServerThread(s); Thread serverThread = new ServerThread(s);
serverThread.start(); serverThread.start();
} }
} }
/** /**
* Inner class ServerThread whose run() method provides the * Inner class ServerThread whose run() method provides the
* secure service to a connection. * secure service to a connection.
GSS-API Java Bindings December 1999
*/ */
private class ServerThread extends Thread { private class ServerThread extends Thread {
... ...
... ...
/** /**
* Deals with the connection from one client. It also * Deals with the connection from one client. It also
* handles all GSSException's thrown while talking to * handles all GSSException's thrown while talking to
* this client. * this client.
*/ */
public void run() { public void run() {
byte[] inToken = null; byte[] inToken = null;
byte[] outToken = null; byte[] outToken = null;
byte[] buffer; byte[] buffer;
GSSName peer; GSSName peer;
GSS-API Java Bindings October 1999
// Container for multiple input-output arguments to and // Container for multiple input-output arguments to and
// from the per-message routines (ie. wrap/unwrap). // from the per-message routines (ie. wrap/unwrap).
MessageProp supplInfo = new MessageProp(); MessageProp supplInfo = new MessageProp();
GSSContext secContext = null; GSSContext secContext = null;
try { try {
// Now do the context establishment loop // Now do the context establishment loop
skipping to change at page 92, line 33 skipping to change at page 95, line 4
outToken = context.acceptSecContext(inToken, 0, outToken = context.acceptSecContext(inToken, 0,
inToken.length); inToken.length);
if (outToken != null) if (outToken != null)
writeGSSToken(outToken); writeGSSToken(outToken);
} }
// SimpleServer wants confidentiality to be // SimpleServer wants confidentiality to be
// available. Check for it. // available. Check for it.
GSS-API Java Bindings December 1999
if (!context.getConfState()){ if (!context.getConfState()){
... ...
... ...
} }
GSSName peer = context.getSrcName(); GSSName peer = context.getSrcName();
Oid mech = context.getMech(); Oid mech = context.getMech();
print("Security context established with " + print("Security context established with " +
peer.toString() + peer.toString() +
" using underlying mechanism " + " using underlying mechanism " +
mech.toString() + mech.toString() +
" from Provider " + " from Provider " +
context.getProvider().getName()); context.getProvider().getName());
// Now read the bytes sent by the client to be // Now read the bytes sent by the client to be
// processed. // processed.
inToken = readGSSToken(); inToken = readGSSToken();
// Unwrap the message // Unwrap the message
GSS-API Java Bindings October 1999
buffer = context.unwrap(inToken, 0, inToken.length, buffer = context.unwrap(inToken, 0, inToken.length,
supplInfo); supplInfo);
// All ok if no exception was thrown! // All ok if no exception was thrown!
// Print other supplementary per-message status // Print other supplementary per-message status
// information // information
print("Message from " + print("Message from " +
peer.toString() + " arrived."); peer.toString() + " arrived.");
print("Was it encrypted? " + print("Was it encrypted? " +
skipping to change at page 93, line 35 skipping to change at page 96, line 4
/* /*
* Now process the bytes and send back an encrypted * Now process the bytes and send back an encrypted
* response. * response.
*/ */
buffer = serverProcess(buffer); buffer = serverProcess(buffer);
// Encipher it and send it across // Encipher it and send it across
supplInfo.setPrivacy(true); // privacy requested supplInfo.setPrivacy(true); // privacy requested
GSS-API Java Bindings December 1999
supplInfo.setQOP(0); // default QOP supplInfo.setQOP(0); // default QOP
outToken = context.wrap(buffer, 0, buffer.length, outToken = context.wrap(buffer, 0, buffer.length,
supplInfo); supplInfo);
writeGSSToken(outToken); writeGSSToken(outToken);
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API Error: " + e.getMessage()); print("GSS-API Error: " + e.getMessage());
// Alternatively, could call e.getMajorMessage() // Alternatively, could call e.getMajorMessage()
// and e.getMinorMessage() // and e.getMinorMessage()
print("Abandoning security context."); print("Abandoning security context.");
skipping to change at page 94, line 5 skipping to change at page 96, line 28
... ...
... ...
} }
... ...
... ...
} // end of run method in ServerThread } // end of run method in ServerThread
GSS-API Java Bindings October 1999
} // end of inner class ServerThread } // end of inner class ServerThread
... ...
... ...
} // end of class SimpleServer } // end of class SimpleServer
8. Acknowledgments 8. Security Considerations
The Java language security model allows platform providers to have
policy based fine-grained access control over any resource that an
application wants. When using a Java security manager (such as, but
not limited to, the the case of applets running in browsers) the
application code is in a sandbox by default.
Administrators of the platform JRE determine what permissions, if
any, are to be given to source from different codebases. Thus the
administrator has to be aware of any special requirements that the
GSS provider might have for system resources. For instance, a
Kerberos provider might wish to make a network connection to the KDC
to obtain initial credentials. This would not be allowed under the
sandbox unless the administrator had granted permissions for this.
Also note that this granting and checking of permissions happens
transparently to the application and is outside the scope of this
GSS-API Java Bindings December 1999
draft.
The Java language allows admininstrators to pre-configure a list of
security service providers in the <JRE>/lib/security/java.security
file. At runtime, the system approaches these providers in order of
preference when looking for security related services. Applications
have a means to modify this list through methods in the "Security"
class in the "java.security" package. However, since these
modifications would be visible in the entire JVM and thus affect all
code executing in it, this operation is not available in the sandbox
and requires special permissions to perform. Thus when a GSS
application has special needs that are met by a particular security
provider, it has two choices:
1) To install the provider on a JVM wide basis using the
java.security.Security class and then depend on the system
to find the right provider automatically when the need
arises. (This would require the application to be granted a
"insertProvider SecurityPermission".)
2) To pass an instance of the provider to the local instance
of GSSManager so that only factory calls going through that
GSSManager use the desired provider. (This would not
require any permissions.)
9. Acknowledgments
This proposed API leverages earlier work performed by the IETF's CAT This proposed API leverages earlier work performed by the IETF's CAT
WG as outlined in both RFC 2078 and J. Wray's C-bindings draft for WG as outlined in both RFC 2078 and J. Wray's C-bindings draft for
the GSS-API. Many conceptual definitions, implementation directions, the GSS-API. Many conceptual definitions, implementation directions,
and explanations have been included from the C-bindings draft. and explanations have been included from the C-bindings draft.
We would like to thank Mike Eisler, Lin Ling, Ram Marti, Michael We would like to thank Mike Eisler, Lin Ling, Ram Marti, Michael
Saltz and other members of Sun's development team for their helpful Saltz and other members of Sun's development team for their helpful
input, comments and suggestions. input, comments and suggestions.
We would also like to thank Joe Salowey, and Michael Smith for many We would also like to thank Joe Salowey, and Michael Smith for many
insightful ideas and suggestions that have contributed to this draft. insightful ideas and suggestions that have contributed to this draft.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
9. Bibliography 10. Bibliography
[GSSAPIv2] [GSSAPIv2]
J. Linn, "Generic Security Service Application Program Interface, J. Linn, "Generic Security Service Application Program Interface,
Version 2", RFC 2078, January 1997. Version 2", RFC 2078, January 1997.
[GSSAPIv2-UPDATE] [GSSAPIv2-UPDATE]
J. Linn, "Generic Security Service Application Program Interface, J. Linn, "Generic Security Service Application Program Interface,
Version 2, Update 1", IETF work in progress, Internet Draft, July Version 2, Update 1", IETF work in progress, Internet Draft, July
1998. 1998.
skipping to change at page 96, line 5 skipping to change at page 99, line 5
work in progress, Internet Draft, July 1998. work in progress, Internet Draft, July 1998.
[KERBEROS_V5] [KERBEROS_V5]
J. Linn, "The Kerberos Version 5 GSS-API Mechanism", RFC 1964, June J. Linn, "The Kerberos Version 5 GSS-API Mechanism", RFC 1964, June
1996. 1996.
[SPKM] [SPKM]
C. Adams, "The Simple Public-Key GSS-API Mechanism", RFC 2025, C. Adams, "The Simple Public-Key GSS-API Mechanism", RFC 2025,
October 1996. October 1996.
GSS-API Java Bindings October 1999 GSS-API Java Bindings December 1999
10. Author's Address 11. Author's Address
Address comments related to this memorandum to: Address comments related to this memorandum to:
<cat-ietf@mit.edu> <cat-ietf@mit.edu>
Jack Kabat Jack Kabat
ValiCert, Inc. ValiCert, Inc.
1215 Terra Bella Avenue 1215 Terra Bella Avenue
Mountain View, CA Mountain View, CA
94043, USA 94043, USA
 End of changes. 227 change blocks. 
460 lines changed or deleted 656 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/