draft-ietf-kitten-rfc2853bis-02.txt   draft-ietf-kitten-rfc2853bis-03.txt 
Network Working Group M. Upadhyay Network Working Group M. Upadhyay
Internet-Draft Google Internet-Draft Google
Expires: February 17, 2007 S. Malkani Intended status: Standards Track S. Malkani
Sun Microsystems Expires: February 3, 2008 Sun Microsystems
August 16, 2006 August 2, 2007
Generic Security Service API Version 2 : Java Bindings Update Generic Security Service API Version 2 : Java Bindings Update
draft-ietf-kitten-rfc2853bis-02.txt draft-ietf-kitten-rfc2853bis-03.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 35 skipping to change at page 1, line 35
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on February 17, 2007. This Internet-Draft will expire on February 3, 2008.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The IETF Trust (2007).
Abstract Abstract
The Generic Security Services Application Program Interface (GSS-API) The Generic Security Services Application Program Interface (GSS-API)
offers application programmers uniform access to security services offers application programmers uniform access to security services
atop a variety of underlying cryptographic mechanisms. This document atop a variety of underlying cryptographic mechanisms. This document
updates the Java bindings for the GSS-API that are specified in updates the Java bindings for the GSS-API that are specified in
"Generic Security Service API version 2 : Java Bindings" (RFC2853). "Generic Security Service API version 2 : Java Bindings" (RFC2853).
This document obsoletes RFC2853 by making specific and incremental This document obsoletes RFC2853 by making specific and incremental
clarifications and corrections to it in response to identification of clarifications and corrections to it in response to identification of
transcription errors and implementation experience. The note-worthy transcription errors and implementation experience.
changes are in sections 4.12.1, 6.2.2, 6.3.2, and 6.8.1 of RFC2853,
which are replaced by the sections 5.12.1, 7.2.2, 7.3.2, and 7.8.1 of
this document, where numerical constants were either added or
modified.
The GSS-API is described at a language independent conceptual level The GSS-API is described at a language independent conceptual level
in "Generic Security Service Application Program Interface Version 2, in "Generic Security Service Application Program Interface Version 2,
Update 1" (RFC2743). The GSS-API allows a caller application to Update 1" (RFC2743). The GSS-API allows a caller application to
authenticate a principal identity, to delegate rights to a peer, and authenticate a principal identity, to delegate rights to a peer, and
to apply security services such as confidentiality and integrity on a to apply security services such as confidentiality and integrity on a
per-message basis. Examples of security mechanisms defined for GSS- per-message basis. Examples of security mechanisms defined for GSS-
API are "The Simple Public-Key GSS-API Mechanism" (RFC2025) and "The API are "The Simple Public-Key GSS-API Mechanism" (RFC2025) and "The
Kerberos Version 5 GSS-API Mechanism (RFC4121). Kerberos Version 5 GSS-API Mechanism (RFC4121).
Table of Contents Table of Contents
1. Conventions Used in This Document . . . . . . . . . . . . . 7 1. Conventions Used in This Document . . . . . . . . . . 7
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 8 2. Introduction . . . . . . . . . . . . . . . . . . . . . 7
3. GSS-API Operational Paradigm . . . . . . . . . . . . . . . . 9 3. GSS-API Operational Paradigm . . . . . . . . . . . . . 8
4. Additional Controls . . . . . . . . . . . . . . . . . . . . 11 4. Additional Controls . . . . . . . . . . . . . . . . . 9
4.1 Delegation . . . . . . . . . . . . . . . . . . . . . . . . 12 4.1. Delegation . . . . . . . . . . . . . . . . . . . . . . 10
4.2 Mutual Authentication . . . . . . . . . . . . . . . . . . 13 4.2. Mutual Authentication . . . . . . . . . . . . . . . . 11
4.3 Replay and Out-of-Sequence Detection . . . . . . . . . . . 13 4.3. Replay and Out-of-Sequence Detection . . . . . . . . . 11
4.4 Anonymous Authentication . . . . . . . . . . . . . . . . . 14 4.4. Anonymous Authentication . . . . . . . . . . . . . . . 12
4.5 Confidentiality . . . . . . . . . . . . . . . . . . . . . 15 4.5. Confidentiality . . . . . . . . . . . . . . . . . . . 13
4.6 Inter-process Context Transfer . . . . . . . . . . . . . . 15 4.6. Inter-process Context Transfer . . . . . . . . . . . . 13
4.7 The Use of Incomplete Contexts . . . . . . . . . . . . . . 16 4.7. The Use of Incomplete Contexts . . . . . . . . . . . . 14
5. Calling Conventions . . . . . . . . . . . . . . . . . . . . 17 5. Calling Conventions . . . . . . . . . . . . . . . . . 14
5.1 Package Name . . . . . . . . . . . . . . . . . . . . . . . 17 5.1. Package Name . . . . . . . . . . . . . . . . . . . . . 15
5.2 Provider Framework . . . . . . . . . . . . . . . . . . . . 17 5.2. Provider Framework . . . . . . . . . . . . . . . . . . 15
5.3 Integer Types . . . . . . . . . . . . . . . . . . . . . . 18 5.3. Integer Types . . . . . . . . . . . . . . . . . . . . 16
5.4 Opaque Data Types . . . . . . . . . . . . . . . . . . . . 18 5.4. Opaque Data Types . . . . . . . . . . . . . . . . . . 16
5.5 Strings . . . . . . . . . . . . . . . . . . . . . . . . . 18 5.5. Strings . . . . . . . . . . . . . . . . . . . . . . . 16
5.6 Object Identifiers . . . . . . . . . . . . . . . . . . . . 18 5.6. Object Identifiers . . . . . . . . . . . . . . . . . . 16
5.7 Object Identifier Sets . . . . . . . . . . . . . . . . . . 19 5.7. Object Identifier Sets . . . . . . . . . . . . . . . . 16
5.8 Credentials . . . . . . . . . . . . . . . . . . . . . . . 19 5.8. Credentials . . . . . . . . . . . . . . . . . . . . . 17
5.9 Contexts . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.9. Contexts . . . . . . . . . . . . . . . . . . . . . . . 19
5.10 Authentication Tokens . . . . . . . . . . . . . . . . . 21 5.10. Authentication Tokens . . . . . . . . . . . . . . . . 19
5.11 Interprocess Tokens . . . . . . . . . . . . . . . . . . 22 5.11. Interprocess Tokens . . . . . . . . . . . . . . . . . 19
5.12 Error Reporting . . . . . . . . . . . . . . . . . . . . 22 5.12. Error Reporting . . . . . . . . . . . . . . . . . . . 20
5.12.1 GSS Status Codes . . . . . . . . . . . . . . . . . . 22 5.12.1. GSS Status Codes . . . . . . . . . . . . . . . . . . . 20
5.12.2 Mechanism-Specific Status Codes . . . . . . . . . . 25 5.12.2. Mechanism-Specific Status Codes . . . . . . . . . . . 23
5.12.3 Supplementary Status Codes . . . . . . . . . . . . . 25 5.12.3. Supplementary Status Codes . . . . . . . . . . . . . . 23
5.13 Names . . . . . . . . . . . . . . . . . . . . . . . . . 26 5.13. Names . . . . . . . . . . . . . . . . . . . . . . . . 23
5.14 Channel Bindings . . . . . . . . . . . . . . . . . . . . 28 5.14. Channel Bindings . . . . . . . . . . . . . . . . . . . 26
5.15 Stream Objects . . . . . . . . . . . . . . . . . . . . . 29 5.15. Stream Objects . . . . . . . . . . . . . . . . . . . . 27
5.16 Optional Parameters . . . . . . . . . . . . . . . . . . 29 5.16. Optional Parameters . . . . . . . . . . . . . . . . . 27
6. Introduction to GSS-API Classes and Interfaces . . . . . . . 31 6. Introduction to GSS-API Classes and Interfaces . . . . 27
6.1 GSSManager class . . . . . . . . . . . . . . . . . . . . . 31 6.1. GSSManager class . . . . . . . . . . . . . . . . . . . 28
6.2 GSSName interface . . . . . . . . . . . . . . . . . . . . 32 6.2. GSSName interface . . . . . . . . . . . . . . . . . . 29
6.3 GSSCredential interface . . . . . . . . . . . . . . . . . 32 6.3. GSSCredential interface . . . . . . . . . . . . . . . 29
6.4 GSSContext interface . . . . . . . . . . . . . . . . . . . 33 6.4. GSSContext interface . . . . . . . . . . . . . . . . . 30
6.5 MessageProp class . . . . . . . . . . . . . . . . . . . . 35 6.5. MessageProp class . . . . . . . . . . . . . . . . . . 31
6.6 GSSException class . . . . . . . . . . . . . . . . . . . . 35 6.6. GSSException class . . . . . . . . . . . . . . . . . . 31
6.7 Oid class . . . . . . . . . . . . . . . . . . . . . . . . 35 6.7. Oid class . . . . . . . . . . . . . . . . . . . . . . 32
6.8 ChannelBinding class . . . . . . . . . . . . . . . . . . . 36 6.8. ChannelBinding class . . . . . . . . . . . . . . . . . 32
7. Detailed GSS-API Class Description . . . . . . . . . . . . . 37 7. Detailed GSS-API Class Description . . . . . . . . . . 32
7.1 public abstract class GSSManager . . . . . . . . . . . . . 37 7.1. public abstract class GSSManager . . . . . . . . . . . 32
7.1.1 Example Code . . . . . . . . . . . . . . . . . . . . . 38 7.1.1. Example Code . . . . . . . . . . . . . . . . . . . . . 33
7.1.2 getInstance . . . . . . . . . . . . . . . . . . . . . 38 7.1.2. getInstance . . . . . . . . . . . . . . . . . . . . . 34
7.1.3 getMechs . . . . . . . . . . . . . . . . . . . . . . . 38 7.1.3. getMechs . . . . . . . . . . . . . . . . . . . . . . . 34
7.1.4 getNamesForMech . . . . . . . . . . . . . . . . . . . 39 7.1.4. getNamesForMech . . . . . . . . . . . . . . . . . . . 34
7.1.5 getMechsForName . . . . . . . . . . . . . . . . . . . 39 7.1.5. getMechsForName . . . . . . . . . . . . . . . . . . . 34
7.1.6 createName . . . . . . . . . . . . . . . . . . . . . . 39 7.1.6. createName . . . . . . . . . . . . . . . . . . . . . . 35
7.1.7 createName . . . . . . . . . . . . . . . . . . . . . . 40 7.1.7. createName . . . . . . . . . . . . . . . . . . . . . . 35
7.1.8 createName . . . . . . . . . . . . . . . . . . . . . . 40 7.1.8. createName . . . . . . . . . . . . . . . . . . . . . . 36
7.1.9 createName . . . . . . . . . . . . . . . . . . . . . . 41 7.1.9. createName . . . . . . . . . . . . . . . . . . . . . . 36
7.1.10 createCredential . . . . . . . . . . . . . . . . . . 41 7.1.10. createCredential . . . . . . . . . . . . . . . . . . . 37
7.1.11 createCredential . . . . . . . . . . . . . . . . . . 42 7.1.11. createCredential . . . . . . . . . . . . . . . . . . . 37
7.1.12 createCredential . . . . . . . . . . . . . . . . . . 42 7.1.12. createCredential . . . . . . . . . . . . . . . . . . . 38
7.1.13 createContext . . . . . . . . . . . . . . . . . . . 43 7.1.13. createContext . . . . . . . . . . . . . . . . . . . . 38
7.1.14 createContext . . . . . . . . . . . . . . . . . . . 43 7.1.14. createContext . . . . . . . . . . . . . . . . . . . . 39
7.1.15 createContext . . . . . . . . . . . . . . . . . . . 44 7.1.15. createContext . . . . . . . . . . . . . . . . . . . . 39
7.1.16 addProviderAtFront . . . . . . . . . . . . . . . . . 44 7.1.16. addProviderAtFront . . . . . . . . . . . . . . . . . . 39
7.1.17 Example Code . . . . . . . . . . . . . . . . . . . . 45 7.1.17. Example Code . . . . . . . . . . . . . . . . . . . . . 40
7.1.18 addProviderAtEnd . . . . . . . . . . . . . . . . . . 46 7.1.18. addProviderAtEnd . . . . . . . . . . . . . . . . . . . 41
7.1.19 Example Code . . . . . . . . . . . . . . . . . . . . 46 7.1.19. Example Code . . . . . . . . . . . . . . . . . . . . . 42
7.2 public interface GSSName . . . . . . . . . . . . . . . . . 47 7.2. public interface GSSName . . . . . . . . . . . . . . . 42
7.2.1 Example Code . . . . . . . . . . . . . . . . . . . . . 47 7.2.1. Example Code . . . . . . . . . . . . . . . . . . . . . 43
7.2.2 Static Constants . . . . . . . . . . . . . . . . . . . 48 7.2.2. Static Constants . . . . . . . . . . . . . . . . . . . 43
7.2.3 equals . . . . . . . . . . . . . . . . . . . . . . . . 49 7.2.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 44
7.2.4 equals . . . . . . . . . . . . . . . . . . . . . . . . 49 7.2.4. equals . . . . . . . . . . . . . . . . . . . . . . . . 45
7.2.5 canonicalize . . . . . . . . . . . . . . . . . . . . . 50 7.2.5. canonicalize . . . . . . . . . . . . . . . . . . . . . 45
7.2.6 export . . . . . . . . . . . . . . . . . . . . . . . . 50 7.2.6. export . . . . . . . . . . . . . . . . . . . . . . . . 45
7.2.7 toString . . . . . . . . . . . . . . . . . . . . . . . 50 7.2.7. toString . . . . . . . . . . . . . . . . . . . . . . . 45
7.2.8 getStringNameType . . . . . . . . . . . . . . . . . . 51 7.2.8. getStringNameType . . . . . . . . . . . . . . . . . . 46
7.2.9 isAnonymous . . . . . . . . . . . . . . . . . . . . . 51 7.2.9. isAnonymous . . . . . . . . . . . . . . . . . . . . . 46
7.2.10 isMN . . . . . . . . . . . . . . . . . . . . . . . . 51 7.2.10. isMN . . . . . . . . . . . . . . . . . . . . . . . . . 46
7.3 public interface GSSCredential implements Cloneable . . . 51 7.3. public interface GSSCredential implements Cloneable . 46
7.3.1 Example Code . . . . . . . . . . . . . . . . . . . . . 52 7.3.1. Example Code . . . . . . . . . . . . . . . . . . . . . 47
7.3.2 Static Constants . . . . . . . . . . . . . . . . . . . 53 7.3.2. Static Constants . . . . . . . . . . . . . . . . . . . 48
7.3.3 dispose . . . . . . . . . . . . . . . . . . . . . . . 53 7.3.3. dispose . . . . . . . . . . . . . . . . . . . . . . . 48
7.3.4 getName . . . . . . . . . . . . . . . . . . . . . . . 53 7.3.4. getName . . . . . . . . . . . . . . . . . . . . . . . 48
7.3.5 getName . . . . . . . . . . . . . . . . . . . . . . . 53 7.3.5. getName . . . . . . . . . . . . . . . . . . . . . . . 48
7.3.6 getRemainingLifetime . . . . . . . . . . . . . . . . . 54 7.3.6. getRemainingLifetime . . . . . . . . . . . . . . . . . 49
7.3.7 getRemainingInitLifetime . . . . . . . . . . . . . . . 54 7.3.7. getRemainingInitLifetime . . . . . . . . . . . . . . . 49
7.3.8 getRemainingAcceptLifetime . . . . . . . . . . . . . . 54 7.3.8. getRemainingAcceptLifetime . . . . . . . . . . . . . . 49
7.3.9 getUsage . . . . . . . . . . . . . . . . . . . . . . . 55 7.3.9. getUsage . . . . . . . . . . . . . . . . . . . . . . . 50
7.3.10 getUsage . . . . . . . . . . . . . . . . . . . . . . 55 7.3.10. getUsage . . . . . . . . . . . . . . . . . . . . . . . 50
7.3.11 getMechs . . . . . . . . . . . . . . . . . . . . . . 55 7.3.11. getMechs . . . . . . . . . . . . . . . . . . . . . . . 50
7.3.12 add . . . . . . . . . . . . . . . . . . . . . . . . 55 7.3.12. add . . . . . . . . . . . . . . . . . . . . . . . . . 50
7.3.13 equals . . . . . . . . . . . . . . . . . . . . . . . 56 7.3.13. equals . . . . . . . . . . . . . . . . . . . . . . . . 51
7.4 public interface GSSContext . . . . . . . . . . . . . . . 56 7.4. public interface GSSContext . . . . . . . . . . . . . 51
7.4.1 Example Code . . . . . . . . . . . . . . . . . . . . . 57 7.4.1. Example Code . . . . . . . . . . . . . . . . . . . . . 52
7.4.2 Static Constants . . . . . . . . . . . . . . . . . . . 59 7.4.2. Static Constants . . . . . . . . . . . . . . . . . . . 54
7.4.3 initSecContext . . . . . . . . . . . . . . . . . . . . 59 7.4.3. initSecContext . . . . . . . . . . . . . . . . . . . . 54
7.4.4 Example Code . . . . . . . . . . . . . . . . . . . . . 61 7.4.4. Example Code . . . . . . . . . . . . . . . . . . . . . 55
7.4.5 initSecContext . . . . . . . . . . . . . . . . . . . . 61 7.4.5. initSecContext . . . . . . . . . . . . . . . . . . . . 55
7.4.6 Example Code . . . . . . . . . . . . . . . . . . . . . 62 7.4.6. Example Code . . . . . . . . . . . . . . . . . . . . . 56
7.4.7 acceptSecContext . . . . . . . . . . . . . . . . . . . 63 7.4.7. acceptSecContext . . . . . . . . . . . . . . . . . . . 57
7.4.8 Example Code . . . . . . . . . . . . . . . . . . . . . 64 7.4.8. Example Code . . . . . . . . . . . . . . . . . . . . . 58
7.4.9 acceptSecContext . . . . . . . . . . . . . . . . . . . 65 7.4.9. acceptSecContext . . . . . . . . . . . . . . . . . . . 58
7.4.10 Example Code . . . . . . . . . . . . . . . . . . . . 65 7.4.10. Example Code . . . . . . . . . . . . . . . . . . . . . 59
7.4.11 isEstablished . . . . . . . . . . . . . . . . . . . 66 7.4.11. isEstablished . . . . . . . . . . . . . . . . . . . . 60
7.4.12 dispose . . . . . . . . . . . . . . . . . . . . . . 66 7.4.12. dispose . . . . . . . . . . . . . . . . . . . . . . . 60
7.4.13 getWrapSizeLimit . . . . . . . . . . . . . . . . . . 67 7.4.13. getWrapSizeLimit . . . . . . . . . . . . . . . . . . . 60
7.4.14 wrap . . . . . . . . . . . . . . . . . . . . . . . . 67 7.4.14. wrap . . . . . . . . . . . . . . . . . . . . . . . . . 61
7.4.15 wrap . . . . . . . . . . . . . . . . . . . . . . . . 68 7.4.15. wrap . . . . . . . . . . . . . . . . . . . . . . . . . 62
7.4.16 unwrap . . . . . . . . . . . . . . . . . . . . . . . 69 7.4.16. unwrap . . . . . . . . . . . . . . . . . . . . . . . . 63
7.4.17 unwrap . . . . . . . . . . . . . . . . . . . . . . . 70 7.4.17. unwrap . . . . . . . . . . . . . . . . . . . . . . . . 63
7.4.18 getMIC . . . . . . . . . . . . . . . . . . . . . . . 71 7.4.18. getMIC . . . . . . . . . . . . . . . . . . . . . . . . 64
7.4.19 getMIC . . . . . . . . . . . . . . . . . . . . . . . 71 7.4.19. getMIC . . . . . . . . . . . . . . . . . . . . . . . . 65
7.4.20 verifyMIC . . . . . . . . . . . . . . . . . . . . . 72 7.4.20. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 65
7.4.21 verifyMIC . . . . . . . . . . . . . . . . . . . . . 73 7.4.21. verifyMIC . . . . . . . . . . . . . . . . . . . . . . 66
7.4.22 export . . . . . . . . . . . . . . . . . . . . . . . 73 7.4.22. export . . . . . . . . . . . . . . . . . . . . . . . . 67
7.4.23 requestMutualAuth . . . . . . . . . . . . . . . . . 74 7.4.23. requestMutualAuth . . . . . . . . . . . . . . . . . . 68
7.4.24 requestReplayDet . . . . . . . . . . . . . . . . . . 74 7.4.24. requestReplayDet . . . . . . . . . . . . . . . . . . . 68
7.4.25 requestSequenceDet . . . . . . . . . . . . . . . . . 75 7.4.25. requestSequenceDet . . . . . . . . . . . . . . . . . . 68
7.4.26 requestCredDeleg . . . . . . . . . . . . . . . . . . 75 7.4.26. requestCredDeleg . . . . . . . . . . . . . . . . . . . 68
7.4.27 requestAnonymity . . . . . . . . . . . . . . . . . . 75 7.4.27. requestAnonymity . . . . . . . . . . . . . . . . . . . 69
7.4.28 requestConf . . . . . . . . . . . . . . . . . . . . 76 7.4.28. requestConf . . . . . . . . . . . . . . . . . . . . . 69
7.4.29 requestInteg . . . . . . . . . . . . . . . . . . . . 76 7.4.29. requestInteg . . . . . . . . . . . . . . . . . . . . . 69
7.4.30 requestLifetime . . . . . . . . . . . . . . . . . . 76 7.4.30. requestLifetime . . . . . . . . . . . . . . . . . . . 69
7.4.31 setChannelBinding . . . . . . . . . . . . . . . . . 76 7.4.31. setChannelBinding . . . . . . . . . . . . . . . . . . 70
7.4.32 getCredDelegState . . . . . . . . . . . . . . . . . 77 7.4.32. getCredDelegState . . . . . . . . . . . . . . . . . . 70
7.4.33 getMutualAuthState . . . . . . . . . . . . . . . . . 77 7.4.33. getMutualAuthState . . . . . . . . . . . . . . . . . . 70
7.4.34 getReplayDetState . . . . . . . . . . . . . . . . . 77 7.4.34. getReplayDetState . . . . . . . . . . . . . . . . . . 70
7.4.35 getSequenceDetState . . . . . . . . . . . . . . . . 77 7.4.35. getSequenceDetState . . . . . . . . . . . . . . . . . 71
7.4.36 getAnonymityState . . . . . . . . . . . . . . . . . 78 7.4.36. getAnonymityState . . . . . . . . . . . . . . . . . . 71
7.4.37 isTransferable . . . . . . . . . . . . . . . . . . . 78 7.4.37. isTransferable . . . . . . . . . . . . . . . . . . . . 71
7.4.38 isProtReady . . . . . . . . . . . . . . . . . . . . 78 7.4.38. isProtReady . . . . . . . . . . . . . . . . . . . . . 71
7.4.39 getConfState . . . . . . . . . . . . . . . . . . . . 78 7.4.39. getConfState . . . . . . . . . . . . . . . . . . . . . 71
7.4.40 getIntegState . . . . . . . . . . . . . . . . . . . 78 7.4.40. getIntegState . . . . . . . . . . . . . . . . . . . . 72
7.4.41 getLifetime . . . . . . . . . . . . . . . . . . . . 78 7.4.41. getLifetime . . . . . . . . . . . . . . . . . . . . . 72
7.4.42 getSrcName . . . . . . . . . . . . . . . . . . . . . 79 7.4.42. getSrcName . . . . . . . . . . . . . . . . . . . . . . 72
7.4.43 getTargName . . . . . . . . . . . . . . . . . . . . 79 7.4.43. getTargName . . . . . . . . . . . . . . . . . . . . . 72
7.4.44 getMech . . . . . . . . . . . . . . . . . . . . . . 79 7.4.44. getMech . . . . . . . . . . . . . . . . . . . . . . . 72
7.4.45 getDelegCred . . . . . . . . . . . . . . . . . . . . 79 7.4.45. getDelegCred . . . . . . . . . . . . . . . . . . . . . 72
7.4.46 isInitiator . . . . . . . . . . . . . . . . . . . . 79 7.4.46. isInitiator . . . . . . . . . . . . . . . . . . . . . 73
7.5 public class MessageProp . . . . . . . . . . . . . . . . . 79 7.5. public class MessageProp . . . . . . . . . . . . . . . 73
7.5.1 Constructors . . . . . . . . . . . . . . . . . . . . . 80 7.5.1. Constructors . . . . . . . . . . . . . . . . . . . . . 73
7.5.2 getQOP . . . . . . . . . . . . . . . . . . . . . . . . 80 7.5.2. getQOP . . . . . . . . . . . . . . . . . . . . . . . . 74
7.5.3 getPrivacy . . . . . . . . . . . . . . . . . . . . . . 81 7.5.3. getPrivacy . . . . . . . . . . . . . . . . . . . . . . 74
7.5.4 getMinorStatus . . . . . . . . . . . . . . . . . . . . 81 7.5.4. getMinorStatus . . . . . . . . . . . . . . . . . . . . 74
7.5.5 getMinorString . . . . . . . . . . . . . . . . . . . . 81 7.5.5. getMinorString . . . . . . . . . . . . . . . . . . . . 74
7.5.6 setQOP . . . . . . . . . . . . . . . . . . . . . . . . 81 7.5.6. setQOP . . . . . . . . . . . . . . . . . . . . . . . . 74
7.5.7 setPrivacy . . . . . . . . . . . . . . . . . . . . . . 81 7.5.7. setPrivacy . . . . . . . . . . . . . . . . . . . . . . 74
7.5.8 isDuplicateToken . . . . . . . . . . . . . . . . . . . 81 7.5.8. isDuplicateToken . . . . . . . . . . . . . . . . . . . 75
7.5.9 isOldToken . . . . . . . . . . . . . . . . . . . . . . 82 7.5.9. isOldToken . . . . . . . . . . . . . . . . . . . . . . 75
7.5.10 isUnseqToken . . . . . . . . . . . . . . . . . . . . 82 7.5.10. isUnseqToken . . . . . . . . . . . . . . . . . . . . . 75
7.5.11 isGapToken . . . . . . . . . . . . . . . . . . . . . 82 7.5.11. isGapToken . . . . . . . . . . . . . . . . . . . . . . 75
7.5.12 setSupplementaryStates . . . . . . . . . . . . . . . 82 7.5.12. setSupplementaryStates . . . . . . . . . . . . . . . . 75
7.6 public class ChannelBinding . . . . . . . . . . . . . . . 83 7.6. public class ChannelBinding . . . . . . . . . . . . . 76
7.6.1 Constructors . . . . . . . . . . . . . . . . . . . . . 83 7.6.1. Constructors . . . . . . . . . . . . . . . . . . . . . 76
7.6.2 getInitiatorAddress . . . . . . . . . . . . . . . . . 84 7.6.2. getInitiatorAddress . . . . . . . . . . . . . . . . . 77
7.6.3 getAcceptorAddress . . . . . . . . . . . . . . . . . . 84 7.6.3. getAcceptorAddress . . . . . . . . . . . . . . . . . . 77
7.6.4 getApplicationData . . . . . . . . . . . . . . . . . . 84 7.6.4. getApplicationData . . . . . . . . . . . . . . . . . . 77
7.6.5 equals . . . . . . . . . . . . . . . . . . . . . . . . 84 7.6.5. equals . . . . . . . . . . . . . . . . . . . . . . . . 77
7.7 public class Oid . . . . . . . . . . . . . . . . . . . . . 84 7.7. public class Oid . . . . . . . . . . . . . . . . . . . 78
7.7.1 Constructors . . . . . . . . . . . . . . . . . . . . . 85 7.7.1. Constructors . . . . . . . . . . . . . . . . . . . . . 78
7.7.2 toString . . . . . . . . . . . . . . . . . . . . . . . 85 7.7.2. toString . . . . . . . . . . . . . . . . . . . . . . . 79
7.7.3 equals . . . . . . . . . . . . . . . . . . . . . . . . 86 7.7.3. equals . . . . . . . . . . . . . . . . . . . . . . . . 79
7.7.4 getDER . . . . . . . . . . . . . . . . . . . . . . . . 86 7.7.4. getDER . . . . . . . . . . . . . . . . . . . . . . . . 79
7.7.5 containedIn . . . . . . . . . . . . . . . . . . . . . 86 7.7.5. containedIn . . . . . . . . . . . . . . . . . . . . . 79
7.8 public class GSSException extends Exception . . . . . . . 86 7.8. public class GSSException extends Exception . . . . . 79
7.8.1 Static Constants . . . . . . . . . . . . . . . . . . . 87 7.8.1. Static Constants . . . . . . . . . . . . . . . . . . . 80
7.8.2 Constructors . . . . . . . . . . . . . . . . . . . . . 89 7.8.2. Constructors . . . . . . . . . . . . . . . . . . . . . 82
7.8.3 getMajor . . . . . . . . . . . . . . . . . . . . . . . 90 7.8.3. getMajor . . . . . . . . . . . . . . . . . . . . . . . 83
7.8.4 getMinor . . . . . . . . . . . . . . . . . . . . . . . 90 7.8.4. getMinor . . . . . . . . . . . . . . . . . . . . . . . 83
7.8.5 getMajorString . . . . . . . . . . . . . . . . . . . . 90 7.8.5. getMajorString . . . . . . . . . . . . . . . . . . . . 83
7.8.6 getMinorString . . . . . . . . . . . . . . . . . . . . 90 7.8.6. getMinorString . . . . . . . . . . . . . . . . . . . . 83
7.8.7 setMinor . . . . . . . . . . . . . . . . . . . . . . . 90 7.8.7. setMinor . . . . . . . . . . . . . . . . . . . . . . . 83
7.8.8 toString . . . . . . . . . . . . . . . . . . . . . . . 90 7.8.8. toString . . . . . . . . . . . . . . . . . . . . . . . 84
7.8.9 getMessage . . . . . . . . . . . . . . . . . . . . . . 91 7.8.9. getMessage . . . . . . . . . . . . . . . . . . . . . . 84
8. Sample Applications . . . . . . . . . . . . . . . . . . . . 92 8. Sample Applications . . . . . . . . . . . . . . . . . 84
8.1 Simple GSS Context Initiator . . . . . . . . . . . . . . . 92 8.1. Simple GSS Context Initiator . . . . . . . . . . . . . 84
8.2 Simple GSS Context Acceptor . . . . . . . . . . . . . . . 95 8.2. Simple GSS Context Acceptor . . . . . . . . . . . . . 88
9. Security Considerations . . . . . . . . . . . . . . . . . . 100 9. Security Considerations . . . . . . . . . . . . . . . 92
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 101 10. IANA Considerations . . . . . . . . . . . . . . . . . 92
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 102 11. Acknowledgments . . . . . . . . . . . . . . . . . . . 93
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 103 Appendix A. Changes since RFC 2853 . . . . . . . . . . . . . . . . 93
12.1 Normative References . . . . . . . . . . . . . . . . . . 103 12. References . . . . . . . . . . . . . . . . . . . . . . 94
12.2 Informative References . . . . . . . . . . . . . . . . . 103 12.1. Normative References . . . . . . . . . . . . . . . . . 94
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 103 12.2. Informative References . . . . . . . . . . . . . . . . 94
Intellectual Property and Copyright Statements . . . . . . . 105 Authors' Addresses . . . . . . . . . . . . . . . . . . 94
Intellectual Property and Copyright Statements . . . . 96
1. Conventions Used in This Document 1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
2. Introduction 2. Introduction
This document specifies Java language bindings for the Generic This document specifies Java language bindings for the Generic
skipping to change at page 8, line 22 skipping to change at page 7, line 28
to a peer, and to apply security services such as confidentiality and to a peer, and to apply security services such as confidentiality and
integrity on a per-message basis. integrity on a per-message basis.
This document and its predecessor RFC 2853 [RFC2853] leverage the This document and its predecessor RFC 2853 [RFC2853] leverage the
work done by the WG in the area of RFC 2743 [GSSAPIv2-UPDATE] and the work done by the WG in the area of RFC 2743 [GSSAPIv2-UPDATE] and the
C-bindings RFC 2744 [GSSAPI-Cbind]. Whenever appropriate, text has C-bindings RFC 2744 [GSSAPI-Cbind]. Whenever appropriate, text has
been used from the C-bindings RFC 2744 to explain generic concepts been used from the C-bindings RFC 2744 to explain generic concepts
and provide direction to the implementors. and provide direction to the implementors.
The design goals of this API have been to satisfy all the The design goals of this API have been to satisfy all the
functionality defined in RFC 2743 and to provide these services in an functionality defined in RFC 2743 [GSSAPIv2-UPDATE] and to provide
object oriented method. The specification also aims to satisfy the these services in an object oriented method. The specification also
needs of both types of Java application developers, those who would aims to satisfy the needs of both types of Java application
like access to a "system-wide" GSS-API implementation, as well as developers, those who would like access to a "system-wide" GSS-API
those who would want to provide their own "custom" implementation. implementation, as well as those who would want to provide their own
"custom" implementation.
A "system-wide" implementation is one that is available to all A "system-wide" implementation is one that is available to all
applications in the form of a library package. It may be the applications in the form of a library package. It may be the
standard package in the Java runtime environment (JRE) being used or standard package in the Java runtime environment (JRE) being used or
it may be additionally installed and accessible to any application it may be additionally installed and accessible to any application
via the CLASSPATH. via the CLASSPATH.
A "custom" implementation of the GSS-API, on the other hand, is one A "custom" implementation of the GSS-API, on the other hand, is one
that would, in most cases, be bundled with the application during that would, in most cases, be bundled with the application during
distribution. It is expected that such an implementation would be distribution. It is expected that such an implementation would be
skipping to change at page 12, line 4 skipping to change at page 10, line 30
In general, if the security mechanism is capable of providing a In general, if the security mechanism is capable of providing a
requested service, it should do so even if additional services must requested service, it should do so even if additional services must
be enabled in order to provide the requested service. If the be enabled in order to provide the requested service. If the
mechanism is incapable of providing a requested service, it should mechanism is incapable of providing a requested service, it should
proceed without the service leaving the application to abort the proceed without the service leaving the application to abort the
context establishment process if it considers the requested service context establishment process if it considers the requested service
to be mandatory. to be mandatory.
Some mechanisms may specify that support for some services is Some mechanisms may specify that support for some services is
optional, and that implementors of the mechanism need not provide it. optional, and that implementors of the mechanism need not provide it.
This is most commonly true of the confidentiality service, often This is most commonly true of the confidentiality service, often
because of legal restrictions on the use of data-encryption, but may because of legal restrictions on the use of data-encryption, but may
apply to any of the services. Such mechanisms are required to send apply to any of the services. Such mechanisms are required to send
at least one token from acceptor to initiator during context at least one token from acceptor to initiator during context
establishment when the initiator indicates a desire to use such a establishment when the initiator indicates a desire to use such a
service, so that the initiating GSS-API can correctly indicate service, so that the initiating GSS-API can correctly indicate
whether the service is supported by the acceptor's GSS-API. whether the service is supported by the acceptor's GSS-API.
4.1 Delegation 4.1. Delegation
The GSS-API allows delegation to be controlled by the initiating The GSS-API allows delegation to be controlled by the initiating
application via the requestCredDeleg method before the first call to application via the requestCredDeleg method before the first call to
init has been issued. Some mechanisms do not support delegation, and init has been issued. Some mechanisms do not support delegation, and
for such mechanisms attempts by an application to enable delegation for such mechanisms attempts by an application to enable delegation
are ignored. are ignored.
The acceptor of a security context, for which the initiator enabled The acceptor of a security context, for which the initiator enabled
delegation, can check if delegation was enabled by using the delegation, can check if delegation was enabled by using the
getCredDelegState method of the GSSContext interface. In cases when getCredDelegState method of the GSSContext interface. In cases when
skipping to change at page 13, line 5 skipping to change at page 11, line 27
GSS-API credential object prior to its use in establishing a GSS-API credential object prior to its use in establishing a
context). However, the simple delegation control provided by GSS-API context). However, the simple delegation control provided by GSS-API
should always be able to over-ride other mechanism-specific should always be able to over-ride other mechanism-specific
delegation controls. If the application instructs the GSSContext delegation controls. If the application instructs the GSSContext
object that delegation is not desired, then the implementation must object that delegation is not desired, then the implementation must
not permit delegation to occur. This is an exception to the general not permit delegation to occur. This is an exception to the general
rule that a mechanism may enable services even if they are not rule that a mechanism may enable services even if they are not
requested - delegation may only be provided at the explicit request requested - delegation may only be provided at the explicit request
of the application. of the application.
4.2 Mutual Authentication 4.2. Mutual Authentication
Usually, a context acceptor will require that a context initiator Usually, a context acceptor will require that a context initiator
authenticate itself so that the acceptor may make an access-control authenticate itself so that the acceptor may make an access-control
decision prior to performing a service for the initiator. In some decision prior to performing a service for the initiator. In some
cases, the initiator may also request that the acceptor authenticate cases, the initiator may also request that the acceptor authenticate
itself. GSS-API allows the initiating application to request this itself. GSS-API allows the initiating application to request this
mutual authentication service by calling the requestMutualAuth method mutual authentication service by calling the requestMutualAuth method
of the GSSContext interface with a "true" parameter before making the of the GSSContext interface with a "true" parameter before making the
first call to init. The initiating application is informed as to first call to init. The initiating application is informed as to
whether or not the context acceptor has authenticated itself. Note whether or not the context acceptor has authenticated itself. Note
that some mechanisms may not support mutual authentication, and other that some mechanisms may not support mutual authentication, and other
mechanisms may always perform mutual authentication, whether or not mechanisms may always perform mutual authentication, whether or not
the initiating application requests it. In particular, mutual the initiating application requests it. In particular, mutual
authentication may be required by some mechanisms in order to support authentication may be required by some mechanisms in order to support
replay or out-of-sequence message detection, and for such mechanisms replay or out-of-sequence message detection, and for such mechanisms
a request for either of these services will automatically enable a request for either of these services will automatically enable
mutual authentication. mutual authentication.
4.3 Replay and Out-of-Sequence Detection 4.3. Replay and Out-of-Sequence Detection
The GSS-API may provide detection of mis-ordered messages once a The GSS-API may provide detection of mis-ordered messages once a
security context has been established. Protection may be applied to security context has been established. Protection may be applied to
messages by either application, by calling either getMIC or wrap messages by either application, by calling either getMIC or wrap
methods of the GSSContext interface, and verified by the peer methods of the GSSContext interface, and verified by the peer
application by calling verifyMIC or unwrap for the peer's GSSContext application by calling verifyMIC or unwrap for the peer's GSSContext
object. object.
The getMIC method calculates a cryptographic checksum of an The getMIC method calculates a cryptographic checksum of an
application message, and returns that checksum in a token. The application message, and returns that checksum in a token. The
skipping to change at page 14, line 9 skipping to change at page 12, line 32
the MessageProp object that is filled in by each of these routines. the MessageProp object that is filled in by each of these routines.
A mechanism need not maintain a list of all tokens that have been A mechanism need not maintain a list of all tokens that have been
processed in order to support these status codes. A typical processed in order to support these status codes. A typical
mechanism might retain information about only the most recent "N" mechanism might retain information about only the most recent "N"
tokens processed, allowing it to distinguish duplicates and missing tokens processed, allowing it to distinguish duplicates and missing
tokens within the most recent "N" messages; the receipt of a token tokens within the most recent "N" messages; the receipt of a token
older than the most recent "N" would result in the isOldToken method older than the most recent "N" would result in the isOldToken method
of the instance of MessageProp to return "true". of the instance of MessageProp to return "true".
4.4 Anonymous Authentication 4.4. Anonymous Authentication
In certain situations, an application may wish to initiate the In certain situations, an application may wish to initiate the
authentication process to authenticate a peer, without revealing its authentication process to authenticate a peer, without revealing its
own identity. As an example, consider an application providing own identity. As an example, consider an application providing
access to a database containing medical information, and offering access to a database containing medical information, and offering
unrestricted access to the service. A client of such a service might unrestricted access to the service. A client of such a service might
wish to authenticate the service (in order to establish trust in any wish to authenticate the service (in order to establish trust in any
information retrieved from it), but might not wish the service to be information retrieved from it), but might not wish the service to be
able to obtain the client's identity (perhaps due to privacy concerns able to obtain the client's identity (perhaps due to privacy concerns
about the specific inquiries, or perhaps simply to avoid being placed about the specific inquiries, or perhaps simply to avoid being placed
skipping to change at page 15, line 7 skipping to change at page 13, line 30
GSSName class. The printable form of an anonymous name should be GSSName class. The printable form of an anonymous name should be
chosen such that it implies anonymity, since this name may appear in, chosen such that it implies anonymity, since this name may appear in,
for example, audit logs. For example, the string "<anonymous>" might for example, audit logs. For example, the string "<anonymous>" might
be a good choice, if no valid printable names supported by the be a good choice, if no valid printable names supported by the
implementation can begin with "<" and end with ">". implementation can begin with "<" and end with ">".
When using the equal method of the GSSName interface, and one of the When using the equal method of the GSSName interface, and one of the
operands is a GSSName instance representing an anonymous entity, the operands is a GSSName instance representing an anonymous entity, the
method must return "false". method must return "false".
4.5 Confidentiality 4.5. Confidentiality
If a GSSContext supports the confidentiality service, wrap method may If a GSSContext supports the confidentiality service, wrap method may
be used to encrypt application messages. Messages are selectively be used to encrypt application messages. Messages are selectively
encrypted, under the control of the setPrivacy method of the encrypted, under the control of the setPrivacy method of the
MessageProp object used in the wrap method. MessageProp object used in the wrap method.
4.6 Inter-process Context Transfer 4.6. Inter-process Context Transfer
GSS-API V2 provides functionality which allows a security context to GSS-API V2 provides functionality which allows a security context to
be transferred between processes on a single machine. These are be transferred between processes on a single machine. These are
implemented using the export method of GSSContext and a byte array implemented using the export method of GSSContext and a byte array
constructor of the same class. The most common use for such a constructor of the same class. The most common use for such a
feature is a client-server design where the server is implemented as feature is a client-server design where the server is implemented as
a single process that accepts incoming security contexts, which then a single process that accepts incoming security contexts, which then
launches child processes to deal with the data on these contexts. In launches child processes to deal with the data on these contexts. In
such a design, the child processes must have access to the security such a design, the child processes must have access to the security
context object created within the parent so that they can use per- context object created within the parent so that they can use per-
skipping to change at page 16, line 5 skipping to change at page 14, line 28
The inter-process token may contain sensitive data from the original The inter-process token may contain sensitive data from the original
security context (including cryptographic keys). Applications using security context (including cryptographic keys). Applications using
inter-process tokens to transfer security contexts must take inter-process tokens to transfer security contexts must take
appropriate steps to protect these tokens in transit. appropriate steps to protect these tokens in transit.
Implementations are not required to support the inter-process Implementations are not required to support the inter-process
transfer of security contexts. Calling the isTransferable method of transfer of security contexts. Calling the isTransferable method of
the GSSContext interface will indicate if the context object is the GSSContext interface will indicate if the context object is
transferable. transferable.
4.7 The Use of Incomplete Contexts 4.7. The Use of Incomplete Contexts
Some mechanisms may allow the per-message services to be used before Some mechanisms may allow the per-message services to be used before
the context establishment process is complete. For example, a the context establishment process is complete. For example, a
mechanism may include sufficient information in its initial context- mechanism may include sufficient information in its initial context-
level tokens for the context acceptor to immediately decode messages level tokens for the context acceptor to immediately decode messages
protected with wrap or getMIC. For such a mechanism, the initiating protected with wrap or getMIC. For such a mechanism, the initiating
application need not wait until subsequent context-level tokens have application need not wait until subsequent context-level tokens have
been sent and received before invoking the per-message protection been sent and received before invoking the per-message protection
services. services.
skipping to change at page 17, line 20 skipping to change at page 15, line 13
intervention. These language features have allowed for a simpler API intervention. These language features have allowed for a simpler API
and have led to the elimination of certain GSS-API functions. and have led to the elimination of certain GSS-API functions.
Moreover, the JCA defines a provider model which allows for Moreover, the JCA defines a provider model which allows for
implementation independent access to security services. Using this implementation independent access to security services. Using this
model, applications can seamlessly switch between different model, applications can seamlessly switch between different
implementations and dynamically add new services. The GSS-API implementations and dynamically add new services. The GSS-API
specification leverages these concepts by the usage of providers for specification leverages these concepts by the usage of providers for
the mechanism implementations. the mechanism implementations.
5.1 Package Name 5.1. Package Name
The classes and interfaces defined in this document reside in the The classes and interfaces defined in this document reside in the
package called "org.ietf.jgss". Applications that wish to make use package called "org.ietf.jgss". Applications that wish to make use
of this API should import this package name as shown in section 8. of this API should import this package name as shown in section 8.
5.2 Provider Framework 5.2. Provider Framework
The Java security API's use a provider architecture that allows The Java security API's use a provider architecture that allows
applications to be implementation independent and security API applications to be implementation independent and security API
implementations to be modular and extensible. The implementations to be modular and extensible. The
java.security.Provider class is an abstract class that a vendor java.security.Provider class is an abstract class that a vendor
extends. This class maps various properties that represent different extends. This class maps various properties that represent different
security services that are available to the names of the actual security services that are available to the names of the actual
vendor classes that implement those services. When requesting a vendor classes that implement those services. When requesting a
service, an application simply specifies the desired provider and the service, an application simply specifies the desired provider and the
API delegates the request to service classes available from that API delegates the request to service classes available from that
provider. provider.
Using the Java security provider model insulates applications from Using the Java security provider model insulates applications from
implementation details of the services they wish to use. implementation details of the services they wish to use.
Applications can switch between providers easily and new providers Applications can switch between providers easily and new providers
can be added as needed, even at runtime. can be added as needed, even at runtime.
The GSS-API may use providers to find components for specific The GSS-API may use providers to find components for specific
underlying security mechanisms. For instance, a particular provider underlying security mechanisms. For instance, a particular provider
might contain components that will allow the GSS-API to support the might contain components that will allow the GSS-API to support the
Kerberos v5 mechanism and another might contain components to support Kerberos v5 mechanism [RFC4121] and another might contain components
the SPKM [RFC2025] mechanism. By delegating mechanism specific to support the SPKM [RFC2025] mechanism. By delegating mechanism
functionality to the components obtained from providers the GSS-API specific functionality to the components obtained from providers, the
can be extended to support an arbitrary list of mechanism. GSS-API can be extended to support an arbitrary list of mechanism.
How the GSS-API locates and queries these providers is beyond the How the GSS-API locates and queries these providers is beyond the
scope of this document and is being deferred to a Service Provider scope of this document and is being deferred to a Service Provider
Interface (SPI) specification. The availability of such a SPI Interface (SPI) specification. The availability of such a SPI
specification is not mandatory for the adoption of this API specification is not mandatory for the adoption of this API
specification nor is it mandatory to use providers in the specification nor is it mandatory to use providers in the
implementation of a GSS-API framework. However, by using the implementation of a GSS-API framework. However, by using the
provider framework together with an SPI specification one can create provider framework together with an SPI specification one can create
an extensible and implementation independent GSS-API framework. an extensible and implementation independent GSS-API framework.
5.3 Integer Types 5.3. Integer Types
All numeric values are declared as "int" primitive Java type. The All numeric values are declared as "int" primitive Java type. The
Java specification guarantees that this will be a 32 bit two's Java specification guarantees that this will be a 32 bit two's
complement signed number. complement signed number.
Throughout this API, the "boolean" primitive Java type is used Throughout this API, the "boolean" primitive Java type is used
wherever a boolean value is required or returned. wherever a boolean value is required or returned.
5.4 Opaque Data Types 5.4. Opaque Data Types
Java byte arrays are used to represent opaque data types which are Java byte arrays are used to represent opaque data types which are
consumed and produced by the GSS-API in the forms of tokens. Java consumed and produced by the GSS-API in the forms of tokens. Java
arrays contain a length field which enables the users to easily arrays contain a length field which enables the users to easily
determine their size. The language has automatic garbage collection determine their size. The language has automatic garbage collection
which alleviates the need by developers to release memory and which alleviates the need by developers to release memory and
simplifies buffer ownership issues. simplifies buffer ownership issues.
5.5 Strings 5.5. Strings
The String object will be used to represent all textual data. The The String object will be used to represent all textual data. The
Java String object, transparently treats all characters as two-byte Java String object, transparently treats all characters as two-byte
Unicode characters which allows support for many locals. All Unicode characters which allows support for many locals. All
routines returning or accepting textual data will use the String routines returning or accepting textual data will use the String
object. object.
5.6 Object Identifiers 5.6. Object Identifiers
An Oid object will be used to represent Universal Object Identifiers An Oid object will be used to represent Universal Object Identifiers
(Oids). Oids are ISO-defined, hierarchically globally-interpretable (Oids). Oids are ISO-defined, hierarchically globally-interpretable
identifiers used within the GSS-API framework to identify security identifiers used within the GSS-API framework to identify security
mechanisms and name formats. The Oid object can be created from a mechanisms and name formats. The Oid object can be created from a
string representation of its dot notation (e.g. "1.3.6.1.5.6.2") as string representation of its dot notation (e.g. "1.3.6.1.5.6.2") as
well as from its ASN.1 DER encoding. Methods are also provided to well as from its ASN.1 DER encoding. Methods are also provided to
test equality and provide the DER representation for the object. test equality and provide the DER representation for the object.
An important feature of the Oid class is that its instances are An important feature of the Oid class is that its instances are
immutable - i.e. there are no methods defined that allow one to immutable - i.e. there are no methods defined that allow one to
change the contents of an Oid. This property allows one to treat change the contents of an Oid. This property allows one to treat
these objects as "statics" without the need to perform copies. these objects as "statics" without the need to perform copies.
Certain routines allow the usage of a default oid. A "null" value Certain routines allow the usage of a default oid. A "null" value
can be used in those cases. can be used in those cases.
5.7 Object Identifier Sets 5.7. Object Identifier Sets
The Java bindings represents object identifiers sets as arrays of Oid The Java bindings represents object identifiers sets as arrays of Oid
objects. All Java arrays contain a length field which allows for objects. All Java arrays contain a length field which allows for
easy manipulation and reference. easy manipulation and reference.
In order to support the full functionality of RFC 2743, the Oid class In order to support the full functionality of RFC 2743
includes a method which checks for existence of an Oid object within [GSSAPIv2-UPDATE], the Oid class includes a method which checks for
a specified array. This is equivalent in functionality to existence of an Oid object within a specified array. This is
gss_test_oid_set_member. The use of Java arrays and Java's automatic equivalent in functionality to gss_test_oid_set_member. The use of
garbage collection has eliminated the need for the following Java arrays and Java's automatic garbage collection has eliminated
routines: gss_create_empty_oid_set, gss_release_oid_set, and the need for the following routines: gss_create_empty_oid_set,
gss_add_oid_set_member. Java GSS-API implementations will not gss_release_oid_set, and gss_add_oid_set_member. Java GSS-API
contain them. Java's automatic garbage collection and the immutable implementations will not contain them. Java's automatic garbage
property of the Oid object eliminates the complicated memory collection and the immutable property of the Oid object eliminates
management issues of the C counterpart. the memory management issues of the C counterpart.
When ever a default value for an Object Identifier Set is required, a When ever a default value for an Object Identifier Set is required, a
"null" value can be used. Please consult the detailed method "null" value can be used. Please consult the detailed method
description for details. description for details.
5.8 Credentials 5.8. Credentials
GSS-API credentials are represented by the GSSCredential interface. GSS-API credentials are represented by the GSSCredential interface.
The interface contains several constructs to allow for the creation The interface contains several constructs to allow for the creation
of most common credential objects for the initiator and the acceptor. of most common credential objects for the initiator and the acceptor.
Comparisons are performed using the interface's "equals" method. The Comparisons are performed using the interface's "equals" method. The
following general description of GSS-API credentials is included from following general description of GSS-API credentials is included from
the C-bindings specification: the C-bindings specification:
GSS-API credentials can contain mechanism-specific principal GSS-API credentials can contain mechanism-specific principal
authentication data for multiple mechanisms. A GSS-API credential is authentication data for multiple mechanisms. A GSS-API credential is
skipping to change at page 21, line 18 skipping to change at page 19, line 12
4) A user-configurable default identity shall be used. 4) A user-configurable default identity shall be used.
The purpose of the above rules is to allow security contexts to be The purpose of the above rules is to allow security contexts to be
established by both initiator and acceptor using the default behavior established by both initiator and acceptor using the default behavior
whenever possible. Applications requesting default behavior are whenever possible. Applications requesting default behavior are
likely to be more portable across mechanisms and implementations than likely to be more portable across mechanisms and implementations than
ones that instantiate an GSSCredential object representing a specific ones that instantiate an GSSCredential object representing a specific
identity. identity.
5.9 Contexts 5.9. Contexts
The GSSContext interface is used to represent one end of a GSS-API The GSSContext interface is used to represent one end of a GSS-API
security context, storing state information appropriate to that end security context, storing state information appropriate to that end
of the peer communication, including cryptographic state information. of the peer communication, including cryptographic state information.
The instantiation of the context object is done differently by the The instantiation of the context object is done differently by the
initiator and the acceptor. After the context has been instantiated, initiator and the acceptor. After the context has been instantiated,
the initiator may choose to set various context options which will the initiator may choose to set various context options which will
determine the characteristics of the desired security context. When determine the characteristics of the desired security context. When
all the application desired characteristics have been set, the all the application desired characteristics have been set, the
initiator will call the initSecContext method which will produce a initiator will call the initSecContext method which will produce a
token for consumption by the peer's acceptSecContext method. It is token for consumption by the peer's acceptSecContext method. It is
the responsibility of the application to deliver the authentication the responsibility of the application to deliver the authentication
token(s) between the peer applications for processing. Upon token(s) between the peer applications for processing. Upon
completion of the context establishment phase, context attributes can completion of the context establishment phase, context attributes can
be retrieved, by both the initiator and acceptor, using the accessor be retrieved, by both the initiator and acceptor, using the accessor
methods. These will reflect the actual attributes of the established methods. These will reflect the actual attributes of the established
context. At this point the context can be used by the application to context. At this point the context can be used by the application to
apply cryptographic services to its data. apply cryptographic services to its data.
5.10 Authentication Tokens 5.10. Authentication Tokens
A token is a caller-opaque type that GSS-API uses to maintain A token is a caller-opaque type that GSS-API uses to maintain
synchronization between each end of the GSS-API security context. synchronization between each end of the GSS-API security context.
The token is a cryptographically protected octet-string, generated by The token is a cryptographically protected octet-string, generated by
the underlying mechanism at one end of a GSS-API security context for the underlying mechanism at one end of a GSS-API security context for
use by the peer mechanism at the other end. Encapsulation (if use by the peer mechanism at the other end. Encapsulation (if
required) within the application protocol and transfer of the token required) within the application protocol and transfer of the token
are the responsibility of the peer applications. are the responsibility of the peer applications.
Java GSS-API uses byte arrays to represent authentication tokens. Java GSS-API uses byte arrays to represent authentication tokens.
Overloaded methods exist which allow the caller to supply input and Overloaded methods exist which allow the caller to supply input and
output streams which will be used for the reading and writing of the output streams which will be used for the reading and writing of the
token data. token data.
5.11 Interprocess Tokens 5.11. Interprocess Tokens
Certain GSS-API routines are intended to transfer data between Certain GSS-API routines are intended to transfer data between
processes in multi-process programs. These routines use a caller- processes in multi-process programs. These routines use a caller-
opaque octet-string, generated by the GSS-API in one process for use opaque octet-string, generated by the GSS-API in one process for use
by the GSS-API in another process. The calling application is by the GSS-API in another process. The calling application is
responsible for transferring such tokens between processes. Note responsible for transferring such tokens between processes. Note
that, while GSS-API implementors are encouraged to avoid placing that, while GSS-API implementors are encouraged to avoid placing
sensitive information within interprocess tokens, or to sensitive information within interprocess tokens, or to
cryptographically protect them, many implementations will be unable cryptographically protect them, many implementations will be unable
to avoid placing key material or other sensitive data within them. to avoid placing key material or other sensitive data within them.
It is the application's responsibility to ensure that interprocess It is the application's responsibility to ensure that interprocess
tokens are protected in transit, and transferred only to processes tokens are protected in transit, and transferred only to processes
that are trustworthy. An interprocess token is represented using a that are trustworthy. An interprocess token is represented using a
byte array emitted from the export method of the GSSContext byte array emitted from the export method of the GSSContext
interface. The receiver of the interprocess token would initialize interface. The receiver of the interprocess token would initialize
an GSSContext object with this token to create a new context. Once a an GSSContext object with this token to create a new context. Once a
context has been exported, the GSSContext object is invalidated and context has been exported, the GSSContext object is invalidated and
is no longer available. is no longer available.
5.12 Error Reporting 5.12. Error Reporting
RFC 2743 defined the usage of major and minor status values for RFC 2743 [GSSAPIv2-UPDATE] defined the usage of major and minor
signaling of GSS-API errors. The major code, also called GSS status status values for signaling of GSS-API errors. The major code, also
code, is used to signal errors at the GSS-API level independent of called GSS status code, is used to signal errors at the GSS-API level
the underlying mechanism(s). The minor status value or Mechanism independent of the underlying mechanism(s). The minor status value
status code, is a mechanism defined error value indicating a or Mechanism status code, is a mechanism defined error value
mechanism specific error code. indicating a mechanism specific error code.
Java GSS-API uses exceptions implemented by the GSSException class to Java GSS-API uses exceptions implemented by the GSSException class to
signal both minor and major error values. Both mechanism specific signal both minor and major error values. Both mechanism specific
errors and GSS-API level errors are signaled through instances of errors and GSS-API level errors are signaled through instances of
this class. The usage of exceptions replaces the need for major and this class. The usage of exceptions replaces the need for major and
minor codes to be used within the API calls. GSSException class also minor codes to be used within the API calls. GSSException class also
contains methods to obtain textual representations for both the major contains methods to obtain textual representations for both the major
and minor values, which is equivalent to the functionality of and minor values, which is equivalent to the functionality of
gss_display_status. gss_display_status.
5.12.1 GSS Status Codes 5.12.1. GSS Status Codes
GSS status codes indicate errors that are independent of the GSS status codes indicate errors that are independent of the
underlying mechanism(s) used to provide the security service. The underlying mechanism(s) used to provide the security service. The
errors that can be indicated via a GSS status code are generic API errors that can be indicated via a GSS status code are generic API
routine errors (errors that are defined in the GSS-API routine errors (errors that are defined in the GSS-API
specification). These bindings take advantage of the Java exceptions specification). These bindings take advantage of the Java exceptions
mechanism, thus eliminating the need for calling errors. mechanism, thus eliminating the need for calling errors.
A GSS status code indicates a single fatal generic API error from the A GSS status code indicates a single fatal generic API error from the
routine that has thrown the GSSException. Using exceptions announces routine that has thrown the GSSException. Using exceptions announces
skipping to change at page 25, line 11 skipping to change at page 23, line 5
The GSS major status code of FAILURE is used to indicate that the The GSS major status code of FAILURE is used to indicate that the
underlying mechanism detected an error for which no specific GSS underlying mechanism detected an error for which no specific GSS
status code is defined. The mechanism-specific status code can status code is defined. The mechanism-specific status code can
provide more details about the error. provide more details about the error.
The different major status codes that can be contained in the The different major status codes that can be contained in the
GSSException object thrown by the methods in this specification are GSSException object thrown by the methods in this specification are
the same as the major status codes returned by the corresponding the same as the major status codes returned by the corresponding
calls in RFC 2743 [GSSAPIv2-UPDATE]. calls in RFC 2743 [GSSAPIv2-UPDATE].
5.12.2 Mechanism-Specific Status Codes 5.12.2. Mechanism-Specific Status Codes
Mechanism-specific status codes are communicated in two ways, they Mechanism-specific status codes are communicated in two ways, they
are part of any GSSException thrown from the mechanism specific layer are part of any GSSException thrown from the mechanism specific layer
to signal a fatal error, or they are part of the MessageProp object to signal a fatal error, or they are part of the MessageProp object
that the per-message calls use to signal non-fatal errors. that the per-message calls use to signal non-fatal errors.
A default value of 0 in either the GSSException object or the A default value of 0 in either the GSSException object or the
MessageProp object will be used to represent the absence of any MessageProp object will be used to represent the absence of any
mechanism specific status code. mechanism specific status code.
5.12.3 Supplementary Status Codes 5.12.3. Supplementary Status Codes
Supplementary status codes are confined to the per-message methods of Supplementary status codes are confined to the per-message methods of
the GSSContext interface. Because of the informative nature of these the GSSContext interface. Because of the informative nature of these
errors it is not appropriate to use exceptions to signal them. errors it is not appropriate to use exceptions to signal them.
Instead, the per-message operations of the GSSContext interface Instead, the per-message operations of the GSSContext interface
return these values in a MessageProp object. return these values in a MessageProp object.
The MessageProp class defines query methods which return boolean The MessageProp class defines query methods which return boolean
values indicating the following supplementary states: values indicating the following supplementary states:
skipping to change at page 26, line 6 skipping to change at page 23, line 48
processed. processed.
isGapToken An expected per-message token was isGapToken An expected per-message token was
not received. not received.
"true" return value for any of the above methods indicates that the "true" return value for any of the above methods indicates that the
token exhibited the specified property. The application must token exhibited the specified property. The application must
determine the appropriate course of action for these supplementary determine the appropriate course of action for these supplementary
values. They are not treated as errors by the GSS-API. values. They are not treated as errors by the GSS-API.
5.13 Names 5.13. Names
A name is used to identify a person or entity. GSS-API authenticates A name is used to identify a person or entity. GSS-API authenticates
the relationship between a name and the entity claiming the name. the relationship between a name and the entity claiming the name.
Since different authentication mechanisms may employ different Since different authentication mechanisms may employ different
namespaces for identifying their principals, GSS-API's naming support namespaces for identifying their principals, GSS-API's naming support
is necessarily complex in multi-mechanism environments (or even in is necessarily complex in multi-mechanism environments (or even in
some single-mechanism environments where the underlying mechanism some single-mechanism environments where the underlying mechanism
supports multiple namespaces). supports multiple namespaces).
skipping to change at page 28, line 35 skipping to change at page 26, line 29
authenticate them as the same principal. These two operations will authenticate them as the same principal. These two operations will
in general give the same results only for MNs. in general give the same results only for MNs.
It is important to note that the above are guidelines as how GSSName It is important to note that the above are guidelines as how GSSName
implementations should behave, and are not intended to be specific implementations should behave, and are not intended to be specific
requirements of how names objects must be implemented. The mechanism requirements of how names objects must be implemented. The mechanism
designers are free to decide on the details of their implementations designers are free to decide on the details of their implementations
of the GSSName interface as long as the behavior satisfies the above of the GSSName interface as long as the behavior satisfies the above
guidelines. guidelines.
5.14 Channel Bindings 5.14. Channel Bindings
GSS-API supports the use of user-specified tags to identify a given GSS-API supports the use of user-specified tags to identify a given
context to the peer application. These tags are intended to be used context to the peer application. These tags are intended to be used
to identify the particular communications channel that carries the to identify the particular communications channel that carries the
context. Channel bindings are communicated to the GSS-API using the context. Channel bindings are communicated to the GSS-API using the
ChannelBinding object. The application may use byte arrays to ChannelBinding object. The application may use byte arrays to
specify the application data to be used in the channel binding as specify the application data to be used in the channel binding as
well as using instances of the InetAddress. The InetAddress for the well as using instances of the InetAddress. The InetAddress for the
initiator and/or acceptor can be used within an instance of a initiator and/or acceptor can be used within an instance of a
ChannelBinding. ChannelBinding can be set for the GSSContext object ChannelBinding. ChannelBinding can be set for the GSSContext object
skipping to change at page 29, line 29 skipping to change at page 27, line 22
confidential data as channel-binding components. confidential data as channel-binding components.
Individual mechanisms may impose additional constraints on addresses Individual mechanisms may impose additional constraints on addresses
that may appear in channel bindings. For example, a mechanism may that may appear in channel bindings. For example, a mechanism may
verify that the initiator address field of the channel binding verify that the initiator address field of the channel binding
contains the correct network address of the host system. Portable contains the correct network address of the host system. Portable
applications should therefore ensure that they either provide correct applications should therefore ensure that they either provide correct
information for the address fields, or omit setting of the addressing information for the address fields, or omit setting of the addressing
information. information.
5.15 Stream Objects 5.15. Stream Objects
The context object provides overloaded methods which use input and The context object provides overloaded methods which use input and
output streams as the means to convey authentication and per-message output streams as the means to convey authentication and per-message
GSS-API tokens. It is important to note that the streams are GSS-API tokens. It is important to note that the streams are
expected to contain the usual GSS-API tokens which would otherwise be expected to contain the usual GSS-API tokens which would otherwise be
handled through the usage of byte arrays. The tokens are expected to handled through the usage of byte arrays. The tokens are expected to
have a definite start and an end. The callers are responsible for have a definite start and an end. The callers are responsible for
ensuring that the supplied streams will not block, or expect to block ensuring that the supplied streams will not block, or expect to block
until a full token is processed by the GSS-API method. Only a single until a full token is processed by the GSS-API method. Only a single
GSS-API token will be processed per invocation of the stream based GSS-API token will be processed per invocation of the stream based
method. method.
The usage of streams allows the callers to have control and The usage of streams allows the callers to have control and
management of the supplied buffers. Because streams are non- management of the supplied buffers. Because streams are non-
primitive objects, the callers can make the streams as complicated or primitive objects, the callers can make the streams as complicated or
as simple as desired simply by using the streams defined in the as simple as desired simply by using the streams defined in the
java.io package or creating their own through the use of inheritance. java.io package or creating their own through the use of inheritance.
This will allow for the application's greatest flexibility. This will allow for the application's greatest flexibility.
5.16 Optional Parameters 5.16. Optional Parameters
Whenever the application wishes to omit an optional parameter the Whenever the application wishes to omit an optional parameter the
"null" value shall be used. The detailed method descriptions "null" value shall be used. The detailed method descriptions
indicate which parameters are optional. Methods overloading has also indicate which parameters are optional. Methods overloading has also
been used as a technique to indicate default parameters. been used as a technique to indicate default parameters.
6. Introduction to GSS-API Classes and Interfaces 6. Introduction to GSS-API Classes and Interfaces
This section presents a brief description of the classes and This section presents a brief description of the classes and
interfaces that constitute the GSS-API. The implementations of these interfaces that constitute the GSS-API. The implementations of these
are obtained from the CLASSPATH defined by the application. If Java are obtained from the CLASSPATH defined by the application. If Java
GSS becomes part of the standard Java API's then these classes will GSS becomes part of the standard Java API's then these classes will
be available by default on all systems as part of the JRE's system be available by default on all systems as part of the JRE's system
classes. classes.
This section also shows the corresponding RFC 2743 functionality This section also shows the corresponding RFC 2743 [GSSAPIv2-UPDATE]
implemented by each of the classes. Detailed description of these functionality implemented by each of the classes. Detailed
classes and their methods is presented in section 7. description of these classes and their methods is presented in
section 7.
6.1 GSSManager class 6.1. GSSManager class
This abstract class serves as a factory to instantiate This abstract class serves as a factory to instantiate
implementations of the GSS-API interfaces and also provides methods implementations of the GSS-API interfaces and also provides methods
to make queries about underlying security mechanisms. to make queries about underlying security mechanisms.
A default implementation can be obtained using the static method A default implementation can be obtained using the static method
getInstance(). Applications that desire to provide their own getInstance(). Applications that desire to provide their own
implementation of the GSSManager class can simply extend the abstract implementation of the GSSManager class can simply extend the abstract
class themselves. class themselves.
This class contains equivalents of the following RFC 2743 routines: This class contains equivalents of the following RFC 2743
[GSSAPIv2-UPDATE] routines:
gss_import_name Create an internal name from 7.1.6- gss_import_name Create an internal name from 7.1.6-
the supplied information. 7.1.9 the supplied information. 7.1.9
gss_acquire_cred Acquire credential 7.1.10- gss_acquire_cred Acquire credential 7.1.10-
for use. 7.1.12 for use. 7.1.12
gss_import_sec_context Create a previously exported 7.1.15 gss_import_sec_context Create a previously exported 7.1.15
context. context.
skipping to change at page 32, line 5 skipping to change at page 29, line 5
implementation. implementation.
gss_inquire_mechs_for_name List the mechanisms 7.1.5 gss_inquire_mechs_for_name List the mechanisms 7.1.5
supporting the supporting the
specified name type. specified name type.
gss_inquire_names_for_mech List the name types 7.1.4 gss_inquire_names_for_mech List the name types 7.1.4
supported by the supported by the
specified mechanism. specified mechanism.
Figure 3 6.2. GSSName interface
6.2 GSSName interface
GSS-API names are represented in the Java bindings through the GSS-API names are represented in the Java bindings through the
GSSName interface. Different name formats and their definitions are GSSName interface. Different name formats and their definitions are
identified with universal Object Identifiers (oids). The format of identified with universal Object Identifiers (oids). The format of
the names can be derived based on the unique oid of each name type. the names can be derived based on the unique oid of each name type.
The following GSS-API routines are provided by the GSSName interface: The following GSS-API routines are provided by the GSSName interface:
RFC 2743 Routine Function Section(s) RFC 2743 Routine Function Section(s)
gss_display_name Covert internal name 7.2.7 gss_display_name Covert internal name 7.2.7
skipping to change at page 32, line 35 skipping to change at page 29, line 33
gss_canonicalize_name Convert an internal name to a 7.2.5 gss_canonicalize_name Convert an internal name to a 7.2.5
mechanism name. mechanism name.
gss_export_name Convert a mechanism name to 7.2.6 gss_export_name Convert a mechanism name to 7.2.6
export format. export format.
gss_duplicate_name Create a copy of the internal N/A gss_duplicate_name Create a copy of the internal N/A
name. name.
Figure 4
The gss_release_name call is not provided as Java does its own The gss_release_name call is not provided as Java does its own
garbage collection. The gss_duplicate_name call is also redundant; garbage collection. The gss_duplicate_name call is also redundant;
the GSSName interface has no mutator methods that can change the the GSSName interface has no mutator methods that can change the
state of the object so it is safe for sharing. state of the object so it is safe for sharing across threads.
6.3 GSSCredential interface 6.3. GSSCredential interface
The GSSCredential interface is responsible for the encapsulation of The GSSCredential interface is responsible for the encapsulation of
GSS-API credentials. Credentials identify a single entity and GSS-API credentials. Credentials identify a single entity and
provide the necessary cryptographic information to enable the provide the necessary cryptographic information to enable the
creation of a context on behalf of that entity. A single credential creation of a context on behalf of that entity. A single credential
may contain multiple mechanism specific credentials, each referred to may contain multiple mechanism specific credentials, each referred to
as a credential element. The GSSCredential interface provides the as a credential element. The GSSCredential interface provides the
functionality of the following GSS-API routines: functionality of the following GSS-API routines:
RFC 2743 Routine Function Section(s) RFC 2743 Routine Function Section(s)
skipping to change at page 33, line 20 skipping to change at page 30, line 16
gss_inquire_cred Obtain information about 7.3.4- gss_inquire_cred Obtain information about 7.3.4-
credential. 7.3.11 credential. 7.3.11
gss_inquire_cred_by_mech Obtain per-mechanism 7.3.5- gss_inquire_cred_by_mech Obtain per-mechanism 7.3.5-
information about 7.3.10 information about 7.3.10
a credential. a credential.
gss_release_cred Disposes of credentials 7.3.3 gss_release_cred Disposes of credentials 7.3.3
after use. after use.
Figure 5 6.4. GSSContext interface
6.4 GSSContext interface
This interface encapsulates the functionality of context-level calls This interface encapsulates the functionality of context-level calls
required for security context establishment and management between required for security context establishment and management between
peers as well as the per-message services offered to applications. A peers as well as the per-message services offered to applications. A
context is established between a pair of peers and allows the usage context is established between a pair of peers and allows the usage
of security services on a per-message basis on application data. It of security services on a per-message basis on application data. It
is created over a single security mechanism. The GSSContext is created over a single security mechanism. The GSSContext
interface provides the functionality of the following GSS-API interface provides the functionality of the following GSS-API
routines: routines:
skipping to change at page 34, line 43 skipping to change at page 31, line 19
gss_wrap Attach a MIC to a message and 7.4.14, gss_wrap Attach a MIC to a message and 7.4.14,
optionally encrypt the message 7.4.15 optionally encrypt the message 7.4.15
content. content.
gss_unwrap Obtain a previously wrapped 7.4.16, gss_unwrap Obtain a previously wrapped 7.4.16,
application message verifying 7.4.17 application message verifying 7.4.17
its integrity and optionally its integrity and optionally
decrypting it. decrypting it.
Figure 6
The functionality offered by the gss_process_context_token routine The functionality offered by the gss_process_context_token routine
has not been included in the Java bindings specification. The has not been included in the Java bindings specification. The
corresponding functionality of gss_delete_sec_context has also been corresponding functionality of gss_delete_sec_context has also been
modified to not return any peer tokens. This has been proposed in modified to not return any peer tokens. This has been proposed in
accordance to the recommendations stated in RFC 2743. GSSContext accordance to the recommendations stated in RFC 2743
does offer the functionality of destroying the locally-stored context [GSSAPIv2-UPDATE]. GSSContext does offer the functionality of
information. destroying the locally-stored context information.
6.5 MessageProp class 6.5. MessageProp class
This helper class is used in the per-message operations on the This helper class is used in the per-message operations on the
context. An instance of this class is created by the application and context. An instance of this class is created by the application and
then passed into the per-message calls. In some cases, the then passed into the per-message calls. In some cases, the
application conveys information to the GSS-API implementation through application conveys information to the GSS-API implementation through
this object and in other cases the GSS-API returns information to the this object and in other cases the GSS-API returns information to the
application by setting it in this object. See the description of the application by setting it in this object. See the description of the
per-message operations wrap, unwrap, getMIC, and verifyMIC in the per-message operations wrap, unwrap, getMIC, and verifyMIC in the
GSSContext interfaces for details. GSSContext interfaces for details.
6.6 GSSException class 6.6. GSSException class
Exceptions are used in the Java bindings to signal fatal errors to Exceptions are used in the Java bindings to signal fatal errors to
the calling applications. This replaces the major and minor codes the calling applications. This replaces the major and minor codes
used in the C-bindings specification as a method of signaling used in the C-bindings specification as a method of signaling
failures. The GSSException class handles both minor and major codes, failures. The GSSException class handles both minor and major codes,
as well as their translation into textual representation. All GSS- as well as their translation into textual representation. All GSS-
API methods are declared as throwing this exception. API methods are declared as throwing this exception.
RFC 2743 Routine Function Section RFC 2743 Routine Function Section
gss_display_status Retrieve textual 7.8.5, 7.8.6, gss_display_status Retrieve textual 7.8.5, 7.8.6,
representation of error 7.8.8, 7.8.9 representation of error 7.8.8, 7.8.9
codes. codes.
Figure 7 6.7. Oid class
6.7 Oid class
This utility class is used to represent Universal Object Identifiers This utility class is used to represent Universal Object Identifiers
and their associated operations. GSS-API uses object identifiers to and their associated operations. GSS-API uses object identifiers to
distinguish between security mechanisms and name types. This class, distinguish between security mechanisms and name types. This class,
aside from being used whenever an object identifier is needed, aside from being used whenever an object identifier is needed,
implements the following GSS-API functionality: implements the following GSS-API functionality:
RFC 2743 Routine Function Section RFC 2743 Routine Function Section
gss_test_oid_set_member Determine if the specified oid 7.7.5 gss_test_oid_set_member Determine if the specified oid 7.7.5
is part of a set of oids. is part of a set of oids.
Figure 8 6.8. ChannelBinding class
6.8 ChannelBinding class
An instance of this class is used to specify channel binding An instance of this class is used to specify channel binding
information to the GSSContext object before the start of a security information to the GSSContext object before the start of a security
context establishment. The application may use a byte array to context establishment. The application may use a byte array to
specify application data to be used in the channel binding as well as specify application data to be used in the channel binding as well as
use instances of the InetAddress. InetAddress is currently the only use instances of the InetAddress. InetAddress is currently the only
address type defined within the Java platform and as such, it is the address type defined within the Java platform and as such, it is the
only one supported within the ChannelBinding class. Applications only one supported within the ChannelBinding class. Applications
that use other types of addresses can include them as part of the that use other types of addresses can include them as part of the
application data. application data.
7. Detailed GSS-API Class Description 7. Detailed GSS-API Class Description
This section lists a detailed description of all the public methods This section lists a detailed description of all the public methods
that each of the GSS-API classes and interfaces must provide. that each of the GSS-API classes and interfaces must provide.
7.1 public abstract class GSSManager 7.1. public abstract class GSSManager
The GSSManager class is an abstract class that serves as a factory The GSSManager class is an abstract class that serves as a factory
for three GSS interfaces: GSSName, GSSCredential, and GSSContext. It for three GSS interfaces: GSSName, GSSCredential, and GSSContext. It
also provides methods for applications to determine what mechanisms also provides methods for applications to determine what mechanisms
are available from the GSS implementation and what nametypes these are available from the GSS implementation and what nametypes these
mechanisms support. An instance of the default GSSManager subclass mechanisms support. An instance of the default GSSManager subclass
may be obtained through the static method getInstance(), but may be obtained through the static method getInstance(), but
applications are free to instantiate other subclasses of GSSManager. applications are free to instantiate other subclasses of GSSManager.
All but one method in this class are declared abstract. This means All but one method in this class are declared abstract. This means
skipping to change at page 38, line 17 skipping to change at page 33, line 47
have the effect of creating an ordered list of <provider, oid> pairs have the effect of creating an ordered list of <provider, oid> pairs
where each pair indicates a preference of provider for a given oid. where each pair indicates a preference of provider for a given oid.
The use of these methods does not require any knowledge of whatever The use of these methods does not require any knowledge of whatever
service provider specification the GSSManager subclass follows. It service provider specification the GSSManager subclass follows. It
is hoped that these methods will serve the needs of most is hoped that these methods will serve the needs of most
applications. Additional methods may be added to an extended applications. Additional methods may be added to an extended
GSSManager that could be part of a service provider specification GSSManager that could be part of a service provider specification
that is standardized later. that is standardized later.
7.1.1 Example Code 7.1.1. Example Code
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
// What mechs are available to us? // What mechs are available to us?
Oid[] supportedMechs = mgr.getMechs(); Oid[] supportedMechs = mgr.getMechs();
// Set a preference for the provider to be used when support // Set a preference for the provider to be used when support
// is needed for the mechanisms: // is needed for the mechanisms:
// "1.2.840.113554.1.2.2" and "1.3.6.1.5.5.1.1". // "1.2.840.113554.1.2.2" and "1.3.6.1.5.5.1.1".
skipping to change at page 38, line 39 skipping to change at page 34, line 21
Oid spkm1 = new Oid("1.3.6.1.5.5.1.1"); Oid spkm1 = new Oid("1.3.6.1.5.5.1.1");
Provider p = (Provider) (new com.foo.security.Provider()); Provider p = (Provider) (new com.foo.security.Provider());
mgr.addProviderAtFront(p, krb); mgr.addProviderAtFront(p, krb);
mgr.addProviderAtFront(p, spkm1); mgr.addProviderAtFront(p, spkm1);
// What name types does this spkm implementation support? // What name types does this spkm implementation support?
Oid[] nameTypes = mgr.getNamesForMech(spkm1); Oid[] nameTypes = mgr.getNamesForMech(spkm1);
Figure 9 7.1.2. getInstance
7.1.2 getInstance
public static GSSManager getInstance() public static GSSManager getInstance()
Returns the default GSSManager implementation. Returns the default GSSManager implementation.
7.1.3 getMechs 7.1.3. getMechs
public abstract Oid[] getMechs() public abstract Oid[] getMechs()
Returns an array of Oid objects indicating the mechanisms available Returns an array of Oid objects indicating the mechanisms available
to GSS-API callers. A "null" value is returned when no mechanism are to GSS-API callers. A "null" value is returned when no mechanism are
available (an example of this would be when mechanism are dynamically available (an example of this would be when mechanism are dynamically
configured, and currently no mechanisms are installed). configured, and currently no mechanisms are installed).
7.1.4 getNamesForMech 7.1.4. getNamesForMech
public abstract Oid[] getNamesForMech(Oid mech) public abstract Oid[] getNamesForMech(Oid mech)
throws GSSException throws GSSException
Returns name type Oid's supported by the specified mechanism. Returns name type Oid's supported by the specified mechanism.
Parameters: Parameters:
mech The Oid object for the mechanism to query. mech The Oid object for the mechanism to query.
7.1.5 getMechsForName 7.1.5. getMechsForName
public abstract Oid[] getMechsForName(Oid nameType) public abstract Oid[] getMechsForName(Oid nameType)
Returns an array of Oid objects corresponding to the mechanisms that Returns an array of Oid objects corresponding to the mechanisms that
support the specific name type. "null" is returned when no mechanisms support the specific name type. "null" is returned when no mechanisms
are found to support the specified name type. are found to support the specified name type.
Parameters: Parameters:
nameType The Oid object for the name type. nameType The Oid object for the name type.
7.1.6 createName 7.1.6. createName
public abstract GSSName createName(String nameStr, Oid nameType) public abstract GSSName createName(String nameStr, Oid nameType)
throws GSSException throws GSSException
Factory method to convert a contiguous string name from the specified Factory method to convert a contiguous string name from the specified
namespace to a GSSName object. In general, the GSSName object namespace to a GSSName object. In general, the GSSName object
created will not be an MN; two examples that are exceptions to this created will not be an MN; two examples that are exceptions to this
are when the namespace type parameter indicates NT_EXPORT_NAME or are when the namespace type parameter indicates NT_EXPORT_NAME or
when the GSS-API implementation is not multi-mechanism. when the GSS-API implementation is not multi-mechanism.
skipping to change at page 40, line 8 skipping to change at page 35, line 34
nameStr The string representing a printable form of the name to nameStr The string representing a printable form of the name to
create. create.
nameType The Oid specifying the namespace of the printable name nameType The Oid specifying the namespace of the printable name
supplied. Note that nameType serves to describe and qualify the supplied. Note that nameType serves to describe and qualify the
interpretation of the input nameStr, it does not necessarily imply interpretation of the input nameStr, it does not necessarily imply
a type for the output GSSName implementation. "null" value can be a type for the output GSSName implementation. "null" value can be
used to specify that a mechanism specific default printable syntax used to specify that a mechanism specific default printable syntax
should be assumed by each mechanism that examines nameStr. should be assumed by each mechanism that examines nameStr.
7.1.7 createName 7.1.7. createName
public abstract GSSName createName(byte[] name, Oid nameType) public abstract GSSName createName(byte[] name, Oid nameType)
throws GSSException throws GSSException
Factory method to convert a contiguous byte array containing a name Factory method to convert a contiguous byte array containing a name
from the specified namespace to a GSSName object. In general, the from the specified namespace to a GSSName object. In general, the
GSSName object created will not be an MN; two examples that are GSSName object created will not be an MN; two examples that are
exceptions to this are when the namespace type parameter indicates exceptions to this are when the namespace type parameter indicates
NT_EXPORT_NAME or when the GSS-API implementation is not multi- NT_EXPORT_NAME or when the GSS-API implementation is not multi-
mechanism. mechanism.
Parameters: Parameters:
name The byte array containing the name to create. name The byte array containing the name to create.
nameType The Oid specifying the namespace of the name supplied nameType The Oid specifying the namespace of the name supplied in
in the byte array. Note that nameType serves to describe and the byte array. Note that nameType serves to describe and qualify
qualify the interpretation of the input name byte array, it does the interpretation of the input name byte array, it does not
not necessarily imply a type for the output GSSName necessarily imply a type for the output GSSName implementation.
implementation. "null" value can be used to specify that a "null" value can be used to specify that a mechanism specific
mechanism specific default syntax should be assumed by each default syntax should be assumed by each mechanism that examines
mechanism that examines the byte array. the byte array.
7.1.8 createName 7.1.8. createName
public abstract GSSName createName(String nameStr, Oid nameType, public abstract GSSName createName(String nameStr, Oid nameType,
Oid mech) throws GSSException Oid mech) throws GSSException
Factory method to convert a contiguous string name from the specified Factory method to convert a contiguous string name from the specified
namespace to an GSSName object that is a mechanism name (MN). In namespace to an GSSName object that is a mechanism name (MN). In
other words, this method is a utility that does the equivalent of two other words, this method is a utility that does the equivalent of two
steps: the createName described in 7.1.6 and then also the steps: the createName described in 7.1.6 and then also the
GSSName.canonicalize() described in 7.2.5. GSSName.canonicalize() described in 7.2.5.
skipping to change at page 41, line 9 skipping to change at page 36, line 33
nameStr The string representing a printable form of the name to nameStr The string representing a printable form of the name to
create. create.
nameType The Oid specifying the namespace of the printable name nameType The Oid specifying the namespace of the printable name
supplied. Note that nameType serves to describe and qualify the supplied. Note that nameType serves to describe and qualify the
interpretation of the input nameStr, it does not necessarily imply interpretation of the input nameStr, it does not necessarily imply
a type for the output GSSName implementation. "null" value can be a type for the output GSSName implementation. "null" value can be
used to specify that a mechanism specific default printable syntax used to specify that a mechanism specific default printable syntax
should be assumed when the mechanism examines nameStr. should be assumed when the mechanism examines nameStr.
mech Oid specifying the mechanism for which this name should mech Oid specifying the mechanism for which this name should be
be created. created.
7.1.9 createName 7.1.9. createName
public abstract GSSName createName(byte[] name, Oid nameType, public abstract GSSName createName(byte[] name, Oid nameType,
Oid mech) throws GSSException Oid mech) throws GSSException
Factory method to convert a contiguous byte array containing a name Factory method to convert a contiguous byte array containing a name
from the specified namespace to a GSSName object that is an MN. In from the specified namespace to a GSSName object that is an MN. In
other words, this method is a utility that does the equivalent of two other words, this method is a utility that does the equivalent of two
steps: the createName described in 7.1.7 and then also the steps: the createName described in 7.1.7 and then also the
GSSName.canonicalize() described in 7.2.5. GSSName.canonicalize() described in 7.2.5.
skipping to change at page 41, line 35 skipping to change at page 37, line 11
name The byte array representing the name to create. name The byte array representing the name to create.
nameType The Oid specifying the namespace of the name supplied in nameType The Oid specifying the namespace of the name supplied in
the byte array. Note that nameType serves to describe and qualify the byte array. Note that nameType serves to describe and qualify
the interpretation of the input name byte array, it does not the interpretation of the input name byte array, it does not
necessarily imply a type for the output GSSName implementation. necessarily imply a type for the output GSSName implementation.
"null" value can be used to specify that a mechanism specific "null" value can be used to specify that a mechanism specific
default syntax should be assumed by each mechanism that examines default syntax should be assumed by each mechanism that examines
the byte array. the byte array.
mech Oid specifying the mechanism for which this name should mech Oid specifying the mechanism for which this name should be
be created. created.
7.1.10 createCredential 7.1.10. createCredential
public abstract GSSCredential createCredential(int usage) public abstract GSSCredential createCredential(int usage)
throws GSSException throws GSSException
Factory method for acquiring default credentials. This will cause Factory method for acquiring default credentials. This will cause
the GSS-API to use system specific defaults for the set of the GSS-API to use system specific defaults for the set of
mechanisms, name, and a DEFAULT lifetime. mechanisms, name, and a DEFAULT lifetime.
Parameters: Parameters:
usage The intended usage for this credential object.The value usage The intended usage for this credential object.The value of
of this parameter must be one of: this parameter must be one of:
GSSCredential.INITIATE_AND_ACCEPT(0), GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2) GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2)
7.1.11 createCredential 7.1.11. createCredential
public abstract GSSCredential createCredential(GSSName aName, public abstract GSSCredential createCredential(GSSName aName,
int lifetime, Oid mech, int usage) int lifetime, Oid mech, int usage)
throws GSSException throws GSSException
Factory method for acquiring a single mechanism credential. Factory method for acquiring a single mechanism credential.
Parameters: Parameters:
aName Name of the principal for whom this credential is to be aName Name of the principal for whom this credential is to be
skipping to change at page 42, line 32 skipping to change at page 38, line 5
lifetime The number of seconds that credentials should remain lifetime The number of seconds that credentials should remain
valid. Use GSSCredential.INDEFINITE_LIFETIME to request that the valid. Use GSSCredential.INDEFINITE_LIFETIME to request that the
credentials have the maximum permitted lifetime. Use credentials have the maximum permitted lifetime. Use
GSSCredential.DEFAULT_LIFETIME to request default credential GSSCredential.DEFAULT_LIFETIME to request default credential
lifetime. lifetime.
mech The oid of the desired mechanism. Use "(Oid) null" to mech The oid of the desired mechanism. Use "(Oid) null" to
request the default mechanism(s). request the default mechanism(s).
usage The intended usage for this credential object. The usage The intended usage for this credential object. The value of
value of this parameter must be one of: this parameter must be one of:
GSSCredential.INITIATE_AND_ACCEPT(0), GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2) GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2)
7.1.12 createCredential 7.1.12. createCredential
public abstract GSSCredential createCredential(GSSName aName, public abstract GSSCredential createCredential(GSSName aName,
int lifetime, Oid[] mechs, int usage) int lifetime, Oid[] mechs, int usage)
throws GSSException throws GSSException
Factory method for acquiring credentials over a set of mechanisms. Factory method for acquiring credentials over a set of mechanisms.
Acquires credentials for each of the mechanisms specified in the Acquires credentials for each of the mechanisms specified in the
array called mechs. To determine the list of mechanisms' for which array called mechs. To determine the list of mechanisms' for which
the acquisition of credentials succeeded, the caller should use the the acquisition of credentials succeeded, the caller should use the
GSSCredential.getMechs() method. GSSCredential.getMechs() method.
skipping to change at page 43, line 14 skipping to change at page 38, line 33
aName Name of the principal for whom this credential is to be aName Name of the principal for whom this credential is to be
acquired. Use "null" to specify the default principal. acquired. Use "null" to specify the default principal.
lifetime The number of seconds that credentials should remain lifetime The number of seconds that credentials should remain
valid. Use GSSCredential.INDEFINITE_LIFETIME to request that the valid. Use GSSCredential.INDEFINITE_LIFETIME to request that the
credentials have the maximum permitted lifetime. Use credentials have the maximum permitted lifetime. Use
GSSCredential.DEFAULT_LIFETIME to request default credential GSSCredential.DEFAULT_LIFETIME to request default credential
lifetime. lifetime.
mechs The array of mechanisms over which the credential is to mechs The array of mechanisms over which the credential is to be
be acquired. Use "(Oid[]) null" for requesting a system specific acquired. Use "(Oid[]) null" for requesting a system specific
default set of mechanisms. default set of mechanisms.
usage The intended usage for this credential object. The usage The intended usage for this credential object. The value of
value of this parameter must be one of: this parameter must be one of:
GSSCredential.INITIATE_AND_ACCEPT(0), GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2) GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2)
7.1.13 createContext 7.1.13. createContext
public abstract GSSContext createContext(GSSName peer, Oid mech, public abstract GSSContext createContext(GSSName peer, Oid mech,
GSSCredential myCred, int lifetime) GSSCredential myCred, int lifetime)
throws GSSException throws GSSException
Factory method for creating a context on the initiator's side. Factory method for creating a context on the initiator's side.
Context flags may be modified through the mutator methods prior to Context flags may be modified through the mutator methods prior to
calling GSSContext.initSecContext(). calling GSSContext.initSecContext().
Parameters: Parameters:
peer Name of the target peer. peer Name of the target peer.
mech Oid of the desired mechanism. Use "(Oid) null" to mech Oid of the desired mechanism. Use "(Oid) null" to request
request the default mechanism. the default mechanism.
myCred Credentials of the initiator. Use "null" to act as a myCred Credentials of the initiator. Use "null" to act as a
default initiator principal. default initiator principal.
lifetime The request lifetime, in seconds, for the context. Use lifetime The request lifetime, in seconds, for the context. Use
GSSContext.INDEFINITE_LIFETIME and GSSContext.DEFAULT_LIFETIME to GSSContext.INDEFINITE_LIFETIME and GSSContext.DEFAULT_LIFETIME to
request indefinite or default context lifetime. request indefinite or default context lifetime.
7.1.14 createContext 7.1.14. createContext
public abstract GSSContext createContext(GSSCredential myCred) public abstract GSSContext createContext(GSSCredential myCred)
throws GSSException throws GSSException
Factory method for creating a context on the acceptor' side. The Factory method for creating a context on the acceptor' side. The
context's properties will be determined from the input token supplied context's properties will be determined from the input token supplied
to the accept method. to the accept method.
Parameters: Parameters:
myCred Credentials for the acceptor. Use "null" to act as a myCred Credentials for the acceptor. Use "null" to act as a
default acceptor principal. default acceptor principal.
7.1.15 createContext 7.1.15. createContext
public abstract GSSContext createContext(byte[] interProcessToken) public abstract GSSContext createContext(byte[] interProcessToken)
throws GSSException throws GSSException
Factory method for creating a previously exported context. The Factory method for creating a previously exported context. The
context properties will be determined from the input token and can't context properties will be determined from the input token and can't
be modified through the set methods. be modified through the set methods.
Parameters: Parameters:
interProcessToken The token previously emitted from the export interProcessToken The token previously emitted from the export
method. method.
7.1.16 addProviderAtFront 7.1.16. addProviderAtFront
public abstract void addProviderAtFront(Provider p, Oid mech) public abstract void addProviderAtFront(Provider p, Oid mech)
throws GSSException throws GSSException
This method is used to indicate to the GSSManager that the This method is used to indicate to the GSSManager that the
application would like a particular provider to be used ahead of all application would like a particular provider to be used ahead of all
others when support is desired for the given mechanism. When a value others when support is desired for the given mechanism. When a value
of null is used instead of an Oid for the mechanism, the GSSManager of null is used instead of an Oid for the mechanism, the GSSManager
must use the indicated provider ahead of all others no matter what must use the indicated provider ahead of all others no matter what
the mechanism is. Only when the indicated provider does not support the mechanism is. Only when the indicated provider does not support
skipping to change at page 45, line 12 skipping to change at page 40, line 27
any previous preference that was set using this mechanism and this any previous preference that was set using this mechanism and this
provider together. provider together.
If the GSSManager implementation does not support an SPI with a If the GSSManager implementation does not support an SPI with a
pluggable provider architecture it should throw a GSSException with pluggable provider architecture it should throw a GSSException with
the status code GSSException.UNAVAILABLE to indicate that the the status code GSSException.UNAVAILABLE to indicate that the
operation is unavailable. operation is unavailable.
Parameters: Parameters:
p The provider instance that should be used whenever p The provider instance that should be used whenever support is
support is needed for mech. needed for mech.
mech The mechanism for which the provider is being set mech The mechanism for which the provider is being set
7.1.17 Example Code 7.1.17. Example Code
Suppose an application desired that the provider A always be checked Suppose an application desired that the provider A always be checked
first when any mechanism is needed, it would call: first when any mechanism is needed, it would call:
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
// mgr may at this point have its own pre-configured list // mgr may at this point have its own pre-configured list
// of provider preferences. The following will prepend to // of provider preferences. The following will prepend to
// any such list: // any such list:
mgr.addProviderAtFront(A, null); mgr.addProviderAtFront(A, null);
skipping to change at page 46, line 10 skipping to change at page 41, line 25
becomes {(B, null), (A, null), ... //followed by the pre-configured becomes {(B, null), (A, null), ... //followed by the pre-configured
list. list.
Please note, however, that the following call: Please note, however, that the following call:
mgr.addProviderAtFront(A, m3) mgr.addProviderAtFront(A, m3)
does not subsume the previous setting of (A, null) and the list will does not subsume the previous setting of (A, null) and the list will
effectively become {(A, m3), (B, null), (A, null), ...} effectively become {(A, m3), (B, null), (A, null), ...}
7.1.18 addProviderAtEnd 7.1.18. addProviderAtEnd
public abstract void addProviderAtEnd(Provider p, Oid mech) public abstract void addProviderAtEnd(Provider p, Oid mech)
throws GSSException throws GSSException
This method is used to indicate to the GSSManager that the This method is used to indicate to the GSSManager that the
application would like a particular provider to be used if no other application would like a particular provider to be used if no other
provider can be found that supports the given mechanism. When a provider can be found that supports the given mechanism. When a
value of null is used instead of an Oid for the mechanism, the value of null is used instead of an Oid for the mechanism, the
GSSManager must use the indicated provider for any mechanism. GSSManager must use the indicated provider for any mechanism.
skipping to change at page 46, line 37 skipping to change at page 42, line 5
the preference being set here, then the GSSManager should ignore this the preference being set here, then the GSSManager should ignore this
request. request.
If the GSSManager implementation does not support an SPI with a If the GSSManager implementation does not support an SPI with a
pluggable provider architecture it should throw a GSSException with pluggable provider architecture it should throw a GSSException with
the status code GSSException.UNAVAILABLE to indicate that the the status code GSSException.UNAVAILABLE to indicate that the
operation is unavailable. operation is unavailable.
Parameters: Parameters:
p The provider instance that should be used whenever p The provider instance that should be used whenever support is
support is needed for mech. needed for mech.
mech The mechanism for which the provider is being set mech The mechanism for which the provider is being set
7.1.19 Example Code 7.1.19. Example Code
Suppose an application desired that when a mechanism of Oid m1 is Suppose an application desired that when a mechanism of Oid m1 is
needed the system default providers always be checked first, and only needed the system default providers always be checked first, and only
when they do not support m1 should a provider A be checked. It would when they do not support m1 should a provider A be checked. It would
then make the call: then make the call:
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
mgr.addProviderAtEnd(A, m1); mgr.addProviderAtEnd(A, m1);
Now, if it also desired that for all mechanisms the provider B be Now, if it also desired that for all mechanisms the provider B be
checked after all configured providers have been checked, it would checked after all configured providers have been checked, it would
then call: then call:
mgr.addProviderAtEnd(B, null); mgr.addProviderAtEnd(B, null);
Effectively the list of preferences now becomes {..., (A, m1), (B, Effectively the list of preferences now becomes {..., (A, m1), (B,
null)}. null)}.
Suppose at a later time the following call is made to the same Suppose at a later time the following call is made to the same
skipping to change at page 47, line 30 skipping to change at page 42, line 47
request is made for the already existing pairs of (A, m1) or (B, request is made for the already existing pairs of (A, m1) or (B,
null). null).
Please note, however, that the following call: Please note, however, that the following call:
mgr.addProviderAtEnd(A, null) mgr.addProviderAtEnd(A, null)
is not subsumed by the previous setting of (A, m1) and the list will is not subsumed by the previous setting of (A, m1) and the list will
effectively become {..., (A, m1), (B, null), (A, null)} effectively become {..., (A, m1), (B, null), (A, null)}
7.2 public interface GSSName 7.2. public interface GSSName
This interface encapsulates a single GSS-API principal entity. This interface encapsulates a single GSS-API principal entity.
Different name formats and their definitions are identified with Different name formats and their definitions are identified with
universal Object Identifiers (Oids). The format of the names can be universal Object Identifiers (Oids). The format of the names can be
derived based on the unique oid of its namespace type. derived based on the unique oid of its namespace type.
7.2.1 Example Code 7.2.1. Example Code
Included below are code examples utilizing the GSSName interface. Included below are code examples utilizing the GSSName interface.
The code below creates a GSSName, converts it to a mechanism name The code below creates a GSSName, converts it to a mechanism name
(MN), performs a comparison, obtains a printable representation of (MN), performs a comparison, obtains a printable representation of
the name, exports it and then re-imports to obtain a new GSSName. the name, exports it and then re-imports to obtain a new GSSName.
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
// create a host based service name // create a host based service name
GSSName name = mgr.createName("service@host", GSSName name = mgr.createName("service@host",
skipping to change at page 48, line 35 skipping to change at page 43, line 42
print(mechName.toString() + print(mechName.toString() +
mechName.getStringNameType().toString()); mechName.getStringNameType().toString());
// export and re-import the name // export and re-import the name
byte[] exportName = mechName.export(); byte[] exportName = mechName.export();
// create a new name object from the exported buffer // create a new name object from the exported buffer
GSSName newName = mgr.createName(exportName, GSSName newName = mgr.createName(exportName,
GSSName.NT_EXPORT_NAME); GSSName.NT_EXPORT_NAME);
7.2.2 Static Constants 7.2.2. Static Constants
public static final Oid NT_HOSTBASED_SERVICE public static final Oid NT_HOSTBASED_SERVICE
Oid indicating a host-based service name form. It is used to Oid indicating a host-based service name form. It is used to
represent services associated with host computers. This name form is represent services associated with host computers. This name form is
constructed using two elements, "service" and "hostname", as follows: constructed using two elements, "service" and "hostname", as follows:
service@hostname service@hostname
Values for the "service" element are registered with the IANA. It Values for the "service" element are registered with the IANA. It
skipping to change at page 49, line 25 skipping to change at page 44, line 31
public static final Oid NT_STRING_UID_NAME public static final Oid NT_STRING_UID_NAME
Name type to indicate a string of digits representing the numeric Name type to indicate a string of digits representing the numeric
user identifier of a user on a local system. It represents the user identifier of a user on a local system. It represents the
following value: { iso(1) member-body(2) United States(840) following value: { iso(1) member-body(2) United States(840)
mit(113554) infosys(1) gssapi(2) generic(1) string_uid_name(3) } mit(113554) infosys(1) gssapi(2) generic(1) string_uid_name(3) }
public static final Oid NT_ANONYMOUS public static final Oid NT_ANONYMOUS
Name type for representing an anonymous entity. It represents the Name type for representing an anonymous entity. It represents the
following value: { 1(iso), 3(org), 6(dod), 1(internet), 5(security), following value: { iso(1), org(3), dod(6), internet(1), security(5),
6(nametypes), 3(gss-anonymous-name) } nametypes(6), gss-anonymous-name(3) }
public static final Oid NT_EXPORT_NAME public static final Oid NT_EXPORT_NAME
Name type used to indicate an exported name produced by the export Name type used to indicate an exported name produced by the export
method. It represents the following value: { 1(iso), 3(org), 6(dod), method. It represents the following value: { iso(1), org(3), dod(6),
1(internet), 5(security), 6(nametypes), 4(gss-api-exported-name) } internet(1), security(5), nametypes(6), gss-api-exported-name(4) }
7.2.3 equals 7.2.3. equals
public boolean equals(GSSName another) throws GSSException public boolean equals(GSSName another) throws GSSException
Compares two GSSName objects to determine whether they refer to the Compares two GSSName objects to determine whether they refer to the
same entity. This method may throw a GSSException when the names same entity. This method may throw a GSSException when the names
cannot be compared. If either of the names represents an anonymous cannot be compared. If either of the names represents an anonymous
entity, the method will return "false". entity, the method will return "false".
Parameters: Parameters:
another GSSName object to compare with. another GSSName object to compare with.
7.2.4 equals 7.2.4. equals
public boolean equals(Object another) public boolean equals(Object another)
A variation of the equals method described in 7.2.3 that is provided A variation of the equals method described in 7.2.3 that is provided
to override the Object.equals() method that the implementing class to override the Object.equals() method that the implementing class
will inherit. The behavior is exactly the same as that in 7.2.3 will inherit. The behavior is exactly the same as that in 7.2.3
except that no GSSException is thrown; instead, false will be except that no GSSException is thrown; instead, false will be
returned in the situation where an error occurs. (Note that the Java returned in the situation where an error occurs. (Note that the Java
language specification requires that two objects that are equal language specification requires that two objects that are equal
according to the equals(Object) method must return the same integer according to the equals(Object) method must return the same integer
result when the hashCode() method is called on them.) result when the hashCode() method is called on them.)
Parameters: Parameters:
skipping to change at page 50, line 17 skipping to change at page 45, line 22
except that no GSSException is thrown; instead, false will be except that no GSSException is thrown; instead, false will be
returned in the situation where an error occurs. (Note that the Java returned in the situation where an error occurs. (Note that the Java
language specification requires that two objects that are equal language specification requires that two objects that are equal
according to the equals(Object) method must return the same integer according to the equals(Object) method must return the same integer
result when the hashCode() method is called on them.) result when the hashCode() method is called on them.)
Parameters: Parameters:
another GSSName object to compare with. another GSSName object to compare with.
7.2.5 canonicalize 7.2.5. canonicalize
public GSSName canonicalize(Oid mech) throws GSSException public GSSName canonicalize(Oid mech) throws GSSException
Creates a mechanism name (MN) from an arbitrary internal name. This Creates a mechanism name (MN) from an arbitrary internal name. This
is equivalent to using the factory methods described in 7.1.8 or is equivalent to using the factory methods described in 7.1.8 or
7.1.9 that take the mechanism name as one of their parameters. 7.1.9 that take the mechanism name as one of their parameters.
Parameters: Parameters:
mech The oid for the mechanism for which the canonical form mech The oid for the mechanism for which the canonical form of the
of the name is requested. name is requested.
7.2.6 export 7.2.6. export
public byte[] export() throws GSSException public byte[] export() throws GSSException
Returns a canonical contiguous byte representation of a mechanism Returns a canonical contiguous byte representation of a mechanism
name (MN), suitable for direct, byte by byte comparison by name (MN), suitable for direct, byte by byte comparison by
authorization functions. If the name is not an MN, implementations authorization functions. If the name is not an MN, implementations
may throw a GSSException with the NAME_NOT_MN status code. If an may throw a GSSException with the NAME_NOT_MN status code. If an
implementation chooses not to throw an exception, it should use some implementation chooses not to throw an exception, it should use some
system specific default mechanism to canonicalize the name and then system specific default mechanism to canonicalize the name and then
export it. The format of the header of the output buffer is export it. The format of the header of the output buffer is
specified in RFC 2743. specified in RFC 2743 [GSSAPIv2-UPDATE].
7.2.7 toString 7.2.7. toString
public String toString() public String toString()
Returns a textual representation of the GSSName object. To retrieve Returns a textual representation of the GSSName object. To retrieve
the printed name format, which determines the syntax of the returned the printed name format, which determines the syntax of the returned
string, the getStringNameType method can be used. string, the getStringNameType method can be used.
7.2.8 getStringNameType 7.2.8. getStringNameType
public Oid getStringNameType() throws GSSException public Oid getStringNameType() throws GSSException
Returns the oid representing the type of name returned through the Returns the oid representing the type of name returned through the
toString method. Using this oid, the syntax of the printable name toString method. Using this oid, the syntax of the printable name
can be determined. can be determined.
7.2.9 isAnonymous 7.2.9. isAnonymous
public boolean isAnonymous() public boolean isAnonymous()
Tests if this name object represents an anonymous entity. Returns Tests if this name object represents an anonymous entity. Returns
"true" if this is an anonymous name. "true" if this is an anonymous name.
7.2.10 isMN 7.2.10. isMN
public boolean isMN() public boolean isMN()
Tests if this name object contains only one mechanism element and is Tests if this name object contains only one mechanism element and is
thus a mechanism name as defined by RFC 2743. thus a mechanism name as defined by RFC 2743 [GSSAPIv2-UPDATE].
7.3 public interface GSSCredential implements Cloneable 7.3. public interface GSSCredential implements Cloneable
This interface encapsulates the GSS-API credentials for an entity. A This interface encapsulates the GSS-API credentials for an entity. A
credential contains all the necessary cryptographic information to credential contains all the necessary cryptographic information to
enable the creation of a context on behalf of the entity that it enable the creation of a context on behalf of the entity that it
represents. It may contain multiple, distinct, mechanism specific represents. It may contain multiple, distinct, mechanism specific
credential elements, each containing information for a specific credential elements, each containing information for a specific
security mechanism, but all referring to the same entity. security mechanism, but all referring to the same entity.
A credential may be used to perform context initiation, acceptance, A credential may be used to perform context initiation, acceptance,
or both. or both.
skipping to change at page 52, line 23 skipping to change at page 47, line 26
gss_release_cred) method to release any resources held by the gss_release_cred) method to release any resources held by the
credential object and to destroy any cryptographically sensitive credential object and to destroy any cryptographically sensitive
information. information.
Classes implementing this interface also implement the Cloneable Classes implementing this interface also implement the Cloneable
interface. This indicates the the class will support the clone() interface. This indicates the the class will support the clone()
method that will allow the creation of duplicate credentials. This method that will allow the creation of duplicate credentials. This
is useful when called just before the add() call to retain a copy of is useful when called just before the add() call to retain a copy of
the original credential. the original credential.
7.3.1 Example Code 7.3.1. Example Code
This example code demonstrates the creation of a GSSCredential This example code demonstrates the creation of a GSSCredential
implementation for a specific entity, querying of its fields, and its implementation for a specific entity, querying of its fields, and its
release when it is no longer needed. release when it is no longer needed.
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
// start by creating a name object for the entity // start by creating a name object for the entity
GSSName name = mgr.createName("userName", GSSName.NT_USER_NAME); GSSName name = mgr.createName("userName", GSSName.NT_USER_NAME);
skipping to change at page 52, line 48 skipping to change at page 48, line 4
// display credential information - name, remaining lifetime, // display credential information - name, remaining lifetime,
// and the mechanisms it has been acquired over // and the mechanisms it has been acquired over
print(cred.getName().toString()); print(cred.getName().toString());
print(cred.getRemainingLifetime()); print(cred.getRemainingLifetime());
Oid[] mechs = cred.getMechs(); Oid[] mechs = cred.getMechs();
if (mechs != null) { if (mechs != null) {
for (int i = 0; i < mechs.length; i++) for (int i = 0; i < mechs.length; i++)
print(mechs[i].toString()); print(mechs[i].toString());
} }
// release system resources held by the credential // release system resources held by the credential
cred.dispose(); cred.dispose();
7.3.2 Static Constants 7.3.2. Static Constants
public static final int INITIATE_AND_ACCEPT public static final int INITIATE_AND_ACCEPT
Credential usage flag requesting that it be able to be used for both Credential usage flag requesting that it be able to be used for both
context initiation and acceptance. The value of this constant is 0. context initiation and acceptance. The value of this constant is 0.
public static final int INITIATE_ONLY public static final int INITIATE_ONLY
Credential usage flag requesting that it be able to be used for Credential usage flag requesting that it be able to be used for
context initiation only. The value of this constant is 1. context initiation only. The value of this constant is 1.
skipping to change at page 53, line 33 skipping to change at page 48, line 35
A lifetime constant representing the default credential lifetime. A lifetime constant representing the default credential lifetime.
The value of this constant is 0. The value of this constant is 0.
public static final int INDEFINITE_LIFETIME public static final int INDEFINITE_LIFETIME
A lifetime constant representing indefinite credential lifetime. The A lifetime constant representing indefinite credential lifetime. The
value of this constant is the maximum integer value in Java - value of this constant is the maximum integer value in Java -
Integer.MAX_VALUE. Integer.MAX_VALUE.
7.3.3 dispose 7.3.3. dispose
public void dispose() throws GSSException public void dispose() throws GSSException
Releases any sensitive information that the GSSCredential object may Releases any sensitive information that the GSSCredential object may
be containing. Applications should call this method as soon as the be containing. Applications should call this method as soon as the
credential is no longer needed to minimize the time any sensitive credential is no longer needed to minimize the time any sensitive
information is maintained. information is maintained.
7.3.4 getName 7.3.4. getName
public GSSName getName() throws GSSException public GSSName getName() throws GSSException
Retrieves the name of the entity that the credential asserts. Retrieves the name of the entity that the credential asserts.
7.3.5 getName 7.3.5. getName
public GSSName getName(Oid mechOID) throws GSSException public GSSName getName(Oid mechOID) throws GSSException
Retrieves a mechanism name of the entity that the credential asserts. Retrieves a mechanism name of the entity that the credential asserts.
Equivalent to calling canonicalize() on the name returned by 7.3.4. Equivalent to calling canonicalize() on the name returned by 7.3.4.
Parameters: Parameters:
mechOID The mechanism for which information should be returned. mechOID The mechanism for which information should be returned.
7.3.6 getRemainingLifetime 7.3.6. getRemainingLifetime
public int getRemainingLifetime() throws GSSException public int getRemainingLifetime() throws GSSException
Returns the remaining lifetime in seconds for a credential. The Returns the remaining lifetime in seconds for a credential. The
remaining lifetime is the minimum lifetime for any of the underlying remaining lifetime is the minimum lifetime for any of the underlying
credential mechanisms. A return value of credential mechanisms. A return value of
GSSCredential.INDEFINITE_LIFETIME indicates that the credential does GSSCredential.INDEFINITE_LIFETIME indicates that the credential does
not expire. A return value of 0 indicates that the credential is not expire. A return value of 0 indicates that the credential is
already expired. already expired.
7.3.7 getRemainingInitLifetime 7.3.7. getRemainingInitLifetime
public int getRemainingInitLifetime(Oid mech) throws GSSException public int getRemainingInitLifetime(Oid mech) throws GSSException
Returns the remaining lifetime is seconds for the credential to Returns the remaining lifetime is seconds for the credential to
remain capable of initiating security contexts under the specified remain capable of initiating security contexts under the specified
mechanism. A return value of GSSCredential.INDEFINITE_LIFETIME mechanism. A return value of GSSCredential.INDEFINITE_LIFETIME
indicates that the credential does not expire for context initiation. indicates that the credential does not expire for context initiation.
A return value of 0 indicates that the credential is already expired. A return value of 0 indicates that the credential is already expired.
Parameters: Parameters:
mechOID The mechanism for which information should be returned. mechOID The mechanism for which information should be returned.
7.3.8 getRemainingAcceptLifetime 7.3.8. getRemainingAcceptLifetime
public int getRemainingAcceptLifetime(Oid mech) throws GSSException public int getRemainingAcceptLifetime(Oid mech) throws GSSException
Returns the remaining lifetime is seconds for the credential to Returns the remaining lifetime is seconds for the credential to
remain capable of accepting security contexts under the specified remain capable of accepting security contexts under the specified
mechanism. A return value of GSSCredential.INDEFINITE_LIFETIME mechanism. A return value of GSSCredential.INDEFINITE_LIFETIME
indicates that the credential does not expire for context acceptance. indicates that the credential does not expire for context acceptance.
A return value of 0 indicates that the credential is already expired. A return value of 0 indicates that the credential is already expired.
Parameters: Parameters:
mechOID The mechanism for which information should be returned. mechOID The mechanism for which information should be returned.
7.3.9 getUsage 7.3.9. getUsage
public int getUsage() throws GSSException public int getUsage() throws GSSException
Returns the credential usage flag as a union over all mechanisms. Returns the credential usage flag as a union over all mechanisms.
The return value will be one of GSSCredential.INITIATE_AND_ACCEPT(0), The return value will be one of GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), or GSSCredential.ACCEPT_ONLY(2). GSSCredential.INITIATE_ONLY(1), or GSSCredential.ACCEPT_ONLY(2).
7.3.10 getUsage 7.3.10. getUsage
public int getUsage(Oid mechOID) throws GSSException public int getUsage(Oid mechOID) throws GSSException
Returns the credential usage flag for the specified mechanism only. Returns the credential usage flag for the specified mechanism only.
The return value will be one of GSSCredential.INITIATE_AND_ACCEPT(0), The return value will be one of GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), or GSSCredential.ACCEPT_ONLY(2). GSSCredential.INITIATE_ONLY(1), or GSSCredential.ACCEPT_ONLY(2).
Parameters: Parameters:
mechOID The mechanism for which information should be returned. mechOID The mechanism for which information should be returned.
7.3.11 getMechs 7.3.11. getMechs
public Oid[] getMechs() throws GSSException public Oid[] getMechs() throws GSSException
Returns an array of mechanisms supported by this credential. Returns an array of mechanisms supported by this credential.
7.3.12 add 7.3.12. add
public void add(GSSName aName, int initLifetime, int acceptLifetime, public void add(GSSName aName, int initLifetime, int acceptLifetime,
Oid mech, int usage) throws GSSException Oid mech, int usage) throws GSSException
Adds a mechanism specific credential-element to an existing Adds a mechanism specific credential-element to an existing
credential. This method allows the construction of credentials one credential. This method allows the construction of credentials one
mechanism at a time. mechanism at a time.
This routine is envisioned to be used mainly by context acceptors This routine is envisioned to be used mainly by context acceptors
during the creation of acceptance credentials which are to be used during the creation of acceptance credentials which are to be used
skipping to change at page 56, line 19 skipping to change at page 51, line 19
GSSCredential.DEFAULT_LIFETIME to request default credential GSSCredential.DEFAULT_LIFETIME to request default credential
lifetime. lifetime.
acceptLifetime The number of seconds that credentials should acceptLifetime The number of seconds that credentials should
remain valid for accepting of security contexts. Use remain valid for accepting of security contexts. Use
GSSCredential.INDEFINITE_LIFETIME to request that the credentials GSSCredential.INDEFINITE_LIFETIME to request that the credentials
have the maximum permitted lifetime. Use have the maximum permitted lifetime. Use
GSSCredential.DEFAULT_LIFETIME to request default credential GSSCredential.DEFAULT_LIFETIME to request default credential
lifetime. lifetime.
mech The mechanisms over which the credential is to be mech The mechanisms over which the credential is to be acquired.
acquired.
usage The intended usage for this credential object. The usage The intended usage for this credential object. The value of
value of this parameter must be one of: this parameter must be one of:
GSSCredential.INITIATE_AND_ACCEPT(0), GSSCredential.INITIATE_AND_ACCEPT(0),
GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2) GSSCredential.INITIATE_ONLY(1), GSSCredential.ACCEPT_ONLY(2)
7.3.13 equals 7.3.13. equals
public boolean equals(Object another) public boolean equals(Object another)
Tests if this GSSCredential refers to the same entity as the supplied Tests if this GSSCredential refers to the same entity as the supplied
object. The two credentials must be acquired over the same object. The two credentials must be acquired over the same
mechanisms and must refer to the same principal. Returns "true" if mechanisms and must refer to the same principal. Returns "true" if
the two GSSCredentials refer to the same entity; "false" otherwise. the two GSSCredentials refer to the same entity; "false" otherwise.
(Note that the Java language specification [JLS] requires that two (Note that the Java language specification [JLS] requires that two
objects that are equal according to the equals(Object) method must objects that are equal according to the equals(Object) method must
return the same integer result when the hashCode() method is called return the same integer result when the hashCode() method is called
on them.) on them.)
Parameters: Parameters:
another Another GSSCredential object for comparison. another Another GSSCredential object for comparison.
7.4 public interface GSSContext 7.4. public interface GSSContext
This interface encapsulates the GSS-API security context and provides This interface encapsulates the GSS-API security context and provides
the security services (wrap, unwrap, getMIC, verifyMIC) that are the security services (wrap, unwrap, getMIC, verifyMIC) that are
available over the context. Security contexts are established available over the context. Security contexts are established
between peers using locally acquired credentials. Multiple contexts between peers using locally acquired credentials. Multiple contexts
may exist simultaneously between a pair of peers, using the same or may exist simultaneously between a pair of peers, using the same or
different set of credentials. GSS-API functions in a manner different set of credentials. GSS-API functions in a manner
independent of the underlying transport protocol and depends on its independent of the underlying transport protocol and depends on its
calling application to transport its tokens between peers. calling application to transport its tokens between peers.
skipping to change at page 57, line 42 skipping to change at page 52, line 39
After the context has been established or the isProtReady() method After the context has been established or the isProtReady() method
returns "true", the query routines can be invoked to determine the returns "true", the query routines can be invoked to determine the
actual characteristics and services of the established context. The actual characteristics and services of the established context. The
application can also start using the per-message methods of wrap and application can also start using the per-message methods of wrap and
getMIC to obtain cryptographic operations on application supplied getMIC to obtain cryptographic operations on application supplied
data. data.
When the context is no longer needed, the application should call When the context is no longer needed, the application should call
dispose to release any system resources the context may be using. dispose to release any system resources the context may be using.
7.4.1 Example Code 7.4.1. Example Code
The example code presented below demonstrates the usage of the The example code presented below demonstrates the usage of the
GSSContext interface for the initiating peer. Different operations GSSContext interface for the initiating peer. Different operations
on the GSSContext object are presented, including: object on the GSSContext object are presented, including: object
instantiation, setting of desired flags, context establishment, query instantiation, setting of desired flags, context establishment, query
of actual context flags, per-message operations on application data, of actual context flags, per-message operations on application data,
and finally context deletion. and finally context deletion.
GSSManager mgr = GSSManager.getInstance(); GSSManager mgr = GSSManager.getInstance();
// start by creating the name for a service entity // start by creating the name for a service entity
GSSName targetName = mgr.createName("service@host", GSSName targetName = mgr.createName("service@host",
GSSName.NT_HOSTBASED_SERVICE); GSSName.NT_HOSTBASED_SERVICE);
// create a context using default credentials for the above entity // create a context using default credentials for the above entity
// and the implementation specific default mechanism // and the implementation specific default mechanism
GSSContext context = mgr.createContext(targetName, GSSContext context = mgr.createContext(targetName,
null, /* default mechanism */ null, /* default mechanism */
null, /* default credentials */ null, /* default credentials */
GSSContext.INDEFINITE_LIFETIME); GSSContext.INDEFINITE_LIFETIME);
// set desired context options - all others are false by default // set desired context options - all others are false by default
context.requestConf(true); context.requestConf(true);
context.requestMutualAuth(true); context.requestMutualAuth(true);
skipping to change at page 59, line 26 skipping to change at page 54, line 22
byte[] tok = context.wrap(appMsg, 0, appMsg.length, mProp); byte[] tok = context.wrap(appMsg, 0, appMsg.length, mProp);
if (mProp.getPrivacy()) if (mProp.getPrivacy())
print("Message protected with privacy."); print("Message protected with privacy.");
sendToken(tok); sendToken(tok);
// release the local-end of the context // release the local-end of the context
context.dispose(); context.dispose();
7.4.2 Static Constants 7.4.2. Static Constants
public static final int DEFAULT_LIFETIME public static final int DEFAULT_LIFETIME
A lifetime constant representing the default context lifetime. The A lifetime constant representing the default context lifetime. The
value of this constant is 0. value of this constant is 0.
public static final int INDEFINITE_LIFETIME public static final int INDEFINITE_LIFETIME
A lifetime constant representing indefinite context lifetime. The A lifetime constant representing indefinite context lifetime. The
value of this constant is the maximum integer value in Java - value of this constant is the maximum integer value in Java -
Integer.MAX_VALUE. Integer.MAX_VALUE.
7.4.3 initSecContext 7.4.3. initSecContext
public byte[] initSecContext(byte[] inputBuf, int offset, int len) public byte[] initSecContext(byte[] inputBuf, int offset, int len)
throws GSSException throws GSSException
Called by the context initiator to start the context creation Called by the context initiator to start the context creation
process. This is equivalent to the stream based method except that process. This is equivalent to the stream based method except that
the token buffers are handled as byte arrays instead of using stream the token buffers are handled as byte arrays instead of using stream
objects. This method may return an output token which the objects. This method may return an output token which the
application will need to send to the peer for processing by the application will need to send to the peer for processing by the
accept call. Typically, the application would do so by calling the accept call. Typically, the application would do so by calling the
skipping to change at page 60, line 23 skipping to change at page 55, line 18
Upon completion of the context establishment, the available context Upon completion of the context establishment, the available context
options may be queried through the get methods. options may be queried through the get methods.
Parameters: Parameters:
inputBuf Token generated by the peer. This parameter is ignored inputBuf Token generated by the peer. This parameter is ignored
on the first call. on the first call.
offset The offset within the inputBuf where the token begins. offset The offset within the inputBuf where the token begins.
len The length of the token within the inputBuf (starting at len The length of the token within the inputBuf (starting at the
the offset). offset).
7.4.4 Example Code 7.4.4. Example Code
// Create a new GSSContext implementation object. // Create a new GSSContext implementation object.
// GSSContext wrapper implements interface GSSContext. // GSSContext wrapper implements interface GSSContext.
GSSContext context = mgr.createContext(...); GSSContext context = mgr.createContext(...);
byte[] inTok = new byte[0]; byte[] inTok = new byte[0];
try { try {
do { do {
byte[] outTok = context.initSecContext(inTok, 0, byte[] outTok = context.initSecContext(inTok, 0,
skipping to change at page 61, line 34 skipping to change at page 55, line 50
break; break;
// another token expected from peer // another token expected from peer
inTok = readToken(); inTok = readToken();
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSSAPI error: " + e.getMessage()); print("GSSAPI error: " + e.getMessage());
} }
7.4.5 initSecContext 7.4.5. initSecContext
public int initSecContext(InputStream inStream, public int initSecContext(InputStream inStream,
OutputStream outStream) throws GSSException OutputStream outStream) throws GSSException
Called by the context initiator to start the context creation Called by the context initiator to start the context creation
process. This is equivalent to the byte array based method. This process. This is equivalent to the byte array based method. This
method may write an output token to the outStream, which the method may write an output token to the outStream, which the
application will need to send to the peer for processing by the application will need to send to the peer for processing by the
accept call. Typically, the application would do so by calling the accept call. Typically, the application would do so by calling the
flush() method on an OutputStream that encapsulates the connection flush() method on an OutputStream that encapsulates the connection
between the two peers. The application can call isEstablished() to between the two peers. The application can call isEstablished() to
skipping to change at page 62, line 15 skipping to change at page 56, line 31
The GSS-API authentication tokens contain a definitive start and end. The GSS-API authentication tokens contain a definitive start and end.
This method will attempt to read one of these tokens per invocation, This method will attempt to read one of these tokens per invocation,
and may block on the stream if only part of the token is available. and may block on the stream if only part of the token is available.
Upon completion of the context establishment, the available context Upon completion of the context establishment, the available context
options may be queried through the get methods. options may be queried through the get methods.
Parameters: Parameters:
inStream Contains the token generated by the peer. This inStream Contains the token generated by the peer. This parameter
parameter is ignored on the first call. is ignored on the first call.
outStream Output stream where the output token will be written. outStream Output stream where the output token will be written.
During the final stage of context establishment, there may be no During the final stage of context establishment, there may be no
bytes written. bytes written.
7.4.6 Example Code 7.4.6. Example Code
This sample code merely demonstrates the token exchange during the This sample code merely demonstrates the token exchange during the
context establishment phase. It is expected that most Java context establishment phase. It is expected that most Java
applications will use custom implementations of the Input and Output applications will use custom implementations of the Input and Output
streams that encapsulate the communication routines. For instance, a streams that encapsulate the communication routines. For instance, a
simple read on the application InputStream, when called by the simple read on the application InputStream, when called by the
Context, might cause a token to be read from the peer, and a simple Context, might cause a token to be read from the peer, and a simple
flush() on the application OutputStream might cause a previously flush() on the application OutputStream might cause a previously
written token to be transmitted to the peer. written token to be transmitted to the peer.
skipping to change at page 63, line 34 skipping to change at page 57, line 29
// another token expected from peer // another token expected from peer
is = recvToken(); is = recvToken();
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSSAPI error: " + e.getMessage()); print("GSSAPI error: " + e.getMessage());
} }
7.4.7 acceptSecContext 7.4.7. acceptSecContext
public byte[] acceptSecContext(byte[] inTok, int offset, int len) public byte[] acceptSecContext(byte[] inTok, int offset, int len)
throws GSSException throws GSSException
Called by the context acceptor upon receiving a token from the peer. Called by the context acceptor upon receiving a token from the peer.
This call is equivalent to the stream based method except that the This call is equivalent to the stream based method except that the
token buffers are handled as byte arrays instead of using stream token buffers are handled as byte arrays instead of using stream
objects. objects.
This method may return an output token which the application will This method may return an output token which the application will
skipping to change at page 64, line 19 skipping to change at page 58, line 14
Upon completion of the context establishment, the available context Upon completion of the context establishment, the available context
options may be queried through the get methods. options may be queried through the get methods.
Parameters: Parameters:
inTok Token generated by the peer. inTok Token generated by the peer.
offset The offset within the inTok where the token begins. offset The offset within the inTok where the token begins.
len The length of the token within the inTok (starting at len The length of the token within the inTok (starting at the
the offset). offset).
7.4.8 Example Code 7.4.8. Example Code
// acquire server credentials // acquire server credentials
GSSCredential server = mgr.createCredential(...); GSSCredential server = mgr.createCredential(...);
// create acceptor GSS-API context from the default provider // create acceptor GSS-API context from the default provider
GSSContext context = mgr.createContext(server, null); GSSContext context = mgr.createContext(server, null);
try { try {
do { do {
byte[] inTok = readToken(); byte[] inTok = readToken();
skipping to change at page 65, line 5 skipping to change at page 58, line 45
// check if local context establishment is complete // check if local context establishment is complete
if (context.isEstablished()) if (context.isEstablished())
break; break;
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API error: " + e.getMessage()); print("GSS-API error: " + e.getMessage());
} }
7.4.9 acceptSecContext 7.4.9. acceptSecContext
public void acceptSecContext(InputStream inStream, public void acceptSecContext(InputStream inStream,
OutputStream outStream) throws GSSException OutputStream outStream) throws GSSException
Called by the context acceptor upon receiving a token from the peer. Called by the context acceptor upon receiving a token from the peer.
This call is equivalent to the byte array method. It may write an This call is equivalent to the byte array method. It may write an
output token to the outStream, which the application will need to output token to the outStream, which the application will need to
send to the peer for processing by its initSecContext method. send to the peer for processing by its initSecContext method.
Typically, the application would do so by calling the flush() method Typically, the application would do so by calling the flush() method
on an OutputStream that encapsulates the connection between the two on an OutputStream that encapsulates the connection between the two
skipping to change at page 65, line 41 skipping to change at page 59, line 32
options may be queried through the get methods. options may be queried through the get methods.
Parameters: Parameters:
inStream Contains the token generated by the peer. inStream Contains the token generated by the peer.
outStream Output stream where the output token will be written. outStream Output stream where the output token will be written.
During the final stage of context establishment, there may be no During the final stage of context establishment, there may be no
bytes written. bytes written.
7.4.10 Example Code 7.4.10. Example Code
This sample code merely demonstrates the token exchange during the This sample code merely demonstrates the token exchange during the
context establishment phase. It is expected that most Java context establishment phase. It is expected that most Java
applications will use custom implementations of the Input and Output applications will use custom implementations of the Input and Output
streams that encapsulate the communication routines. For instance, a streams that encapsulate the communication routines. For instance, a
simple read on the application InputStream, when called by the simple read on the application InputStream, when called by the
Context, might cause a token to be read from the peer, and a simple Context, might cause a token to be read from the peer, and a simple
flush() on the application OutputStream might cause a previously flush() on the application OutputStream might cause a previously
written token to be transmitted to the peer. written token to be transmitted to the peer.
skipping to change at page 66, line 35 skipping to change at page 60, line 24
// check if local context establishment is complete // check if local context establishment is complete
if (context.isEstablished()) if (context.isEstablished())
break; break;
} while (true); } while (true);
} catch (GSSException e) { } catch (GSSException e) {
print("GSS-API error: " + e.getMessage()); print("GSS-API error: " + e.getMessage());
} }
7.4.11 isEstablished 7.4.11. isEstablished
public boolean isEstablished() public boolean isEstablished()
Used during context establishment to determine the state of the Used during context establishment to determine the state of the
context. Returns "true" if this is a fully established context on context. Returns "true" if this is a fully established context on
the caller's side and no more tokens are needed from the peer. the caller's side and no more tokens are needed from the peer.
Should be called after a call to initSecContext() or Should be called after a call to initSecContext() or
acceptSecContext() when no GSSException is thrown. acceptSecContext() when no GSSException is thrown.
7.4.12 dispose 7.4.12. dispose
public void dispose() throws GSSException public void dispose() throws GSSException
Releases any system resources and cryptographic information stored in Releases any system resources and cryptographic information stored in
the context object. This will invalidate the context. the context object. This will invalidate the context.
7.4.13 getWrapSizeLimit 7.4.13. getWrapSizeLimit
public int getWrapSizeLimit(int qop, boolean confReq, public int getWrapSizeLimit(int qop, boolean confReq,
int maxTokenSize) throws GSSException int maxTokenSize) throws GSSException
Returns the maximum message size that, if presented to the wrap Returns the maximum message size that, if presented to the wrap
method with the same confReq and qop parameters, will result in an method with the same confReq and qop parameters, will result in an
output token containing no more than the maxTokenSize bytes. output token containing no more than the maxTokenSize bytes.
This call is intended for use by applications that communicate over This call is intended for use by applications that communicate over
protocols that impose a maximum message size. It enables the protocols that impose a maximum message size. It enables the
skipping to change at page 67, line 42 skipping to change at page 61, line 30
qop Indicates the level of protection wrap will be asked to qop Indicates the level of protection wrap will be asked to
provide. provide.
confReq Indicates if wrap will be asked to provide privacy confReq Indicates if wrap will be asked to provide privacy
service. service.
maxTokenSize The desired maximum size of the token emitted by maxTokenSize The desired maximum size of the token emitted by
wrap. wrap.
7.4.14 wrap 7.4.14. wrap
public byte[] wrap(byte[] inBuf, int offset, int len, public byte[] wrap(byte[] inBuf, int offset, int len,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Applies per-message security services over the established security Applies per-message security services over the established security
context. The method will return a token with a cryptographic MIC and context. The method will return a token with a cryptographic MIC and
may optionally encrypt the specified inBuf. This method is may optionally encrypt the specified inBuf. This method is
equivalent in functionality to its stream counterpart. The returned equivalent in functionality to its stream counterpart. The returned
byte array will contain both the MIC and the message. byte array will contain both the MIC and the message.
skipping to change at page 68, line 30 skipping to change at page 62, line 18
Parameters: Parameters:
inBuf Application data to be protected. inBuf Application data to be protected.
offset The offset within the inBuf where the data begins. offset The offset within the inBuf where the data begins.
len The length of the data within the inBuf (starting at the len The length of the data within the inBuf (starting at the
offset). offset).
msgProp Instance of MessageProp that is used by the application msgProp Instance of MessageProp that is used by the application to
to set the desired QOP and privacy state. Set the desired QOP to set the desired QOP and privacy state. Set the desired QOP to 0
0 to request the default QOP. Upon return from this method, this to request the default QOP. Upon return from this method, this
object will contain the the actual privacy state that was applied object will contain the the actual privacy state that was applied
to the message by the underlying mechanism. to the message by the underlying mechanism.
7.4.15 wrap 7.4.15. wrap
public void wrap(InputStream inStream, OutputStream outStream, public void wrap(InputStream inStream, OutputStream outStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Allows to apply per-message security services over the established Allows to apply per-message security services over the established
security context. The method will produce a token with a security context. The method will produce a token with a
cryptographic MIC and may optionally encrypt the message in inStream. cryptographic MIC and may optionally encrypt the message in inStream.
The outStream will contain both the MIC and the message. The outStream will contain both the MIC and the message.
The MessageProp object is instantiated by the application and used to The MessageProp object is instantiated by the application and used to
skipping to change at page 69, line 23 skipping to change at page 63, line 12
Parameters: Parameters:
inStream Input stream containing the application data to be inStream Input stream containing the application data to be
protected. protected.
outStream The output stream to write the protected message to. outStream The output stream to write the protected message to.
The application is responsible for sending this to the other peer The application is responsible for sending this to the other peer
for processing in its unwrap method. for processing in its unwrap method.
msgProp Instance of MessageProp that is used by the application msgProp Instance of MessageProp that is used by the application to
to set the desired QOP and privacy state. Set the desired QOP to set the desired QOP and privacy state. Set the desired QOP to 0
0 to request the default QOP. Upon return from this method, this to request the default QOP. Upon return from this method, this
object will contain the the actual privacy state that was applied object will contain the the actual privacy state that was applied
to the message by the underlying mechanism. to the message by the underlying mechanism.
7.4.16 unwrap 7.4.16. unwrap
public byte[] unwrap(byte[] inBuf, int offset, int len, public byte[] unwrap(byte[] inBuf, int offset, int len,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Used by the peer application to process tokens generated with the Used by the peer application to process tokens generated with the
wrap call. This call is equal in functionality to its stream wrap call. This call is equal in functionality to its stream
counterpart. The method will return the message supplied in the peer counterpart. The method will return the message supplied in the peer
application to the wrap call, verifying the embedded MIC. application to the wrap call, verifying the embedded MIC.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
skipping to change at page 70, line 9 skipping to change at page 63, line 43
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by wrap to provide "secure framing", implementations should support by wrap to provide "secure framing", implementations should support
the wrapping and unwrapping of zero-length messages. the wrapping and unwrapping of zero-length messages.
Parameters: Parameters:
inBuf GSS-API wrap token received from peer. inBuf GSS-API wrap token received from peer.
offset The offset within the inBuf where the token begins. offset The offset within the inBuf where the token begins.
len The length of the token within the inBuf (starting at len The length of the token within the inBuf (starting at the
the offset). offset).
msgProp Upon return from the method, this object will contain
the applied QOP, the privacy state of the message, and
supplementary information described in 5.12.3 stating whether the
token was a duplicate, old, out of sequence or arriving after a
gap.
7.4.17 unwrap msgProp Upon return from the method, this object will contain the
applied QOP, the privacy state of the message, and supplementary
information described in 5.12.3 stating whether the token was a
duplicate, old, out of sequence or arriving after a gap.
7.4.17. unwrap
public void unwrap(InputStream inStream, OutputStream outStream, public void unwrap(InputStream inStream, OutputStream outStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Used by the peer application to process tokens generated with the Used by the peer application to process tokens generated with the
wrap call. This call is equal in functionality to its byte array wrap call. This call is equal in functionality to its byte array
counterpart. It will produce the message supplied in the peer counterpart. It will produce the message supplied in the peer
application to the wrap call, verifying the embedded MIC. application to the wrap call, verifying the embedded MIC.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
skipping to change at page 70, line 44 skipping to change at page 64, line 28
by wrap to provide "secure framing", implementations should support by wrap to provide "secure framing", implementations should support
the wrapping and unwrapping of zero-length messages. the wrapping and unwrapping of zero-length messages.
Parameters: Parameters:
inStream Input stream containing the GSS-API wrap token received inStream Input stream containing the GSS-API wrap token received
from the peer. from the peer.
outStream The output stream to write the application message to. outStream The output stream to write the application message to.
msgProp Upon return from the method, this object will contain msgProp Upon return from the method, this object will contain the
the applied QOP, the privacy state of the message, and applied QOP, the privacy state of the message, and supplementary
supplementary information described in 5.12.3 stating whether the information described in 5.12.3 stating whether the token was a
token was a duplicate, old, out of sequence or arriving after a duplicate, old, out of sequence or arriving after a gap.
gap.
7.4.18 getMIC 7.4.18. getMIC
public byte[] getMIC(byte[] inMsg, int offset, int len, public byte[] getMIC(byte[] inMsg, int offset, int len,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Returns a token containing a cryptographic MIC for the supplied Returns a token containing a cryptographic MIC for the supplied
message, for transfer to the peer application. Unlike wrap, which message, for transfer to the peer application. Unlike wrap, which
encapsulates the user message in the returned token, only the message encapsulates the user message in the returned token, only the message
MIC is returned in the output token. This method is identical in MIC is returned in the output token. This method is identical in
functionality to its stream counterpart. functionality to its stream counterpart.
skipping to change at page 71, line 28 skipping to change at page 65, line 9
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
derivation of MICs from zero-length messages. derivation of MICs from zero-length messages.
Parameters: Parameters:
inMsg Message to generate MIC over. inMsg Message to generate MIC over.
offset The offset within the inMsg where the token begins. offset The offset within the inMsg where the token begins.
len The length of the token within the inMsg (starting at len The length of the token within the inMsg (starting at the
the offset). offset).
msgProp Instance of MessageProp that is used by the application msgProp Instance of MessageProp that is used by the application to
to set the desired QOP. Set the desired QOP to 0 in msgProp to set the desired QOP. Set the desired QOP to 0 in msgProp to
request the default QOP. Alternatively pass in "null" for msgProp request the default QOP. Alternatively pass in "null" for msgProp
to request default QOP. to request default QOP.
7.4.19 getMIC 7.4.19. getMIC
public void getMIC(InputStream inStream, OutputStream outStream, public void getMIC(InputStream inStream, OutputStream outStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Produces a token containing a cryptographic MIC for the supplied Produces a token containing a cryptographic MIC for the supplied
message, for transfer to the peer application. Unlike wrap, which message, for transfer to the peer application. Unlike wrap, which
encapsulates the user message in the returned token, only the message encapsulates the user message in the returned token, only the message
MIC is produced in the output token. This method is identical in MIC is produced in the output token. This method is identical in
functionality to its byte array counterpart. functionality to its byte array counterpart.
Note that privacy can only be applied through the wrap call. Note that privacy can only be applied through the wrap call.
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
derivation of MICs from zero-length messages. derivation of MICs from zero-length messages.
Parameters: Parameters:
inStream Input stream containing the message to generate MIC inStream Input stream containing the message to generate MIC over.
over.
outStream Output stream to write the GSS-API output token to. outStream Output stream to write the GSS-API output token to.
msgProp Instance of MessageProp that is used by the application msgProp Instance of MessageProp that is used by the application to
to set the desired QOP. Set the desired QOP to 0 in msgProp to set the desired QOP. Set the desired QOP to 0 in msgProp to
request the default QOP. Alternatively pass in "null" for msgProp request the default QOP. Alternatively pass in "null" for msgProp
to request default QOP. to request default QOP.
7.4.20 verifyMIC 7.4.20. verifyMIC
public void verifyMIC(byte[] inTok, int tokOffset, int tokLen, public void verifyMIC(byte[] inTok, int tokOffset, int tokLen,
byte[] inMsg, int msgOffset, int msgLen, byte[] inMsg, int msgOffset, int msgLen,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Verifies the cryptographic MIC, contained in the token parameter, Verifies the cryptographic MIC, contained in the token parameter,
over the supplied message. This method is equivalent in over the supplied message. This method is equivalent in
functionality to its stream counterpart. functionality to its stream counterpart.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
skipping to change at page 72, line 42 skipping to change at page 66, line 21
Since some application-level protocols may wish to use tokens emitted Since some application-level protocols may wish to use tokens emitted
by getMIC to provide "secure framing", implementations should support by getMIC to provide "secure framing", implementations should support
the calculation and verification of MICs over zero-length messages. the calculation and verification of MICs over zero-length messages.
Parameters: Parameters:
inTok Token generated by peer's getMIC method. inTok Token generated by peer's getMIC method.
tokOffset The offset within the inTok where the token begins. tokOffset The offset within the inTok where the token begins.
tokLen The length of the token within the inTok (starting at tokLen The length of the token within the inTok (starting at the
the offset). offset).
inMsg Application message to verify the cryptographic MIC inMsg Application message to verify the cryptographic MIC over.
over.
msgOffset The offset within the inMsg where the message begins. msgOffset The offset within the inMsg where the message begins.
msgLen The length of the message within the inMsg (starting at msgLen The length of the message within the inMsg (starting at the
the offset). offset).
msgProp Upon return from the method, this object will contain msgProp Upon return from the method, this object will contain the
the applied QOP and supplementary information described in 5.12.3 applied QOP and supplementary information described in 5.12.3
stating whether the token was a duplicate, old, out of sequence or stating whether the token was a duplicate, old, out of sequence or
arriving after a gap. The confidentiality state will be set to arriving after a gap. The confidentiality state will be set to
"false". "false".
7.4.21 verifyMIC 7.4.21. verifyMIC
public void verifyMIC(InputStream tokStream, InputStream msgStream, public void verifyMIC(InputStream tokStream, InputStream msgStream,
MessageProp msgProp) throws GSSException MessageProp msgProp) throws GSSException
Verifies the cryptographic MIC, contained in the token parameter, Verifies the cryptographic MIC, contained in the token parameter,
over the supplied message. This method is equivalent in over the supplied message. This method is equivalent in
functionality to its byte array counterpart. functionality to its byte array counterpart.
The MessageProp object is instantiated by the application and is used The MessageProp object is instantiated by the application and is used
by the underlying mechanism to return information to the caller such by the underlying mechanism to return information to the caller such
skipping to change at page 73, line 37 skipping to change at page 67, line 17
the calculation and verification of MICs over zero-length messages. the calculation and verification of MICs over zero-length messages.
Parameters: Parameters:
tokStream Input stream containing the token generated by peer's tokStream Input stream containing the token generated by peer's
getMIC method. getMIC method.
msgStream Input stream containing the application message to msgStream Input stream containing the application message to
verify the cryptographic MIC over. verify the cryptographic MIC over.
msgProp Upon return from the method, this object will contain msgProp Upon return from the method, this object will contain the
the applied QOP and supplementary information described in 5.12.3 applied QOP and supplementary information described in 5.12.3
stating whether the token was a duplicate, old, out of sequence or stating whether the token was a duplicate, old, out of sequence or
arriving after a gap. The confidentiality state will be set to arriving after a gap. The confidentiality state will be set to
"false". "false".
7.4.22 export 7.4.22. export
public byte[] export() throws GSSException public byte[] export() throws GSSException
Provided to support the sharing of work between multiple processes. Provided to support the sharing of work between multiple processes.
This routine will typically be used by the context-acceptor, in an This routine will typically be used by the context-acceptor, in an
application where a single process receives incoming connection application where a single process receives incoming connection
requests and accepts security contexts over them, then passes the requests and accepts security contexts over them, then passes the
established context to one or more other processes for message established context to one or more other processes for message
exchange. exchange.
skipping to change at page 74, line 31 skipping to change at page 68, line 8
The interprocess token may contain security-sensitive information The interprocess token may contain security-sensitive information
(for example cryptographic keys). While mechanisms are encouraged to (for example cryptographic keys). While mechanisms are encouraged to
either avoid placing such sensitive information within interprocess either avoid placing such sensitive information within interprocess
tokens, or to encrypt the token before returning it to the tokens, or to encrypt the token before returning it to the
application, in a typical GSS-API implementation this may not be application, in a typical GSS-API implementation this may not be
possible. Thus the application must take care to protect the possible. Thus the application must take care to protect the
interprocess token, and ensure that any process to which the token is interprocess token, and ensure that any process to which the token is
transferred is trustworthy. transferred is trustworthy.
7.4.23 requestMutualAuth 7.4.23. requestMutualAuth
public void requestMutualAuth(boolean state) throws GSSException public void requestMutualAuth(boolean state) throws GSSException
Sets the request state of the mutual authentication flag for the Sets the request state of the mutual authentication flag for the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if mutual authentication should be state Boolean representing if mutual authentication should be
requested during context establishment. requested during context establishment.
7.4.24 requestReplayDet 7.4.24. requestReplayDet
public void requestReplayDet(boolean state) throws GSSException public void requestReplayDet(boolean state) throws GSSException
Sets the request state of the replay detection service for the Sets the request state of the replay detection service for the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if replay detection is desired over state Boolean representing if replay detection is desired over the
the established context. established context.
7.4.25 requestSequenceDet 7.4.25. requestSequenceDet
public void requestSequenceDet(boolean state) throws GSSException public void requestSequenceDet(boolean state) throws GSSException
Sets the request state for the sequence checking service of the Sets the request state for the sequence checking service of the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if sequence detection is desired state Boolean representing if sequence detection is desired over
over the established context. the established context.
7.4.26 requestCredDeleg 7.4.26. requestCredDeleg
public void requestCredDeleg(boolean state) throws GSSException public void requestCredDeleg(boolean state) throws GSSException
Sets the request state for the credential delegation flag for the Sets the request state for the credential delegation flag for the
context. This method is only valid before the context creation context. This method is only valid before the context creation
process begins and only for the initiator. process begins and only for the initiator.
Parameters: Parameters:
state Boolean representing if credential delegation is state Boolean representing if credential delegation is desired.
desired.
7.4.27 requestAnonymity 7.4.27. requestAnonymity
public void requestAnonymity(boolean state) throws GSSException public void requestAnonymity(boolean state) throws GSSException
Requests anonymous support over the context. This method is only Requests anonymous support over the context. This method is only
valid before the context creation process begins and only for the valid before the context creation process begins and only for the
initiator. initiator.
Parameters: Parameters:
state Boolean representing if anonymity support is requested. state Boolean representing if anonymity support is requested.
7.4.28 requestConf 7.4.28. requestConf
public void requestConf(boolean state) throws GSSException public void requestConf(boolean state) throws GSSException
Requests that confidentiality service be available over the context. Requests that confidentiality service be available over the context.
This method is only valid before the context creation process begins This method is only valid before the context creation process begins
and only for the initiator. and only for the initiator.
Parameters: Parameters:
state Boolean indicating if confidentiality services are to be state Boolean indicating if confidentiality services are to be
requested for the context. requested for the context.
7.4.29 requestInteg 7.4.29. requestInteg
public void requestInteg(boolean state) throws GSSException public void requestInteg(boolean state) throws GSSException
Requests that integrity services be available over the context. This Requests that integrity services be available over the context. This
method is only valid before the context creation process begins and method is only valid before the context creation process begins and
only for the initiator. only for the initiator.
Parameters: Parameters:
state Boolean indicating if integrity services are to be state Boolean indicating if integrity services are to be requested
requested for the context. for the context.
7.4.30 requestLifetime 7.4.30. requestLifetime
public void requestLifetime(int lifetime) throws GSSException public void requestLifetime(int lifetime) throws GSSException
Sets the desired lifetime for the context in seconds. This method is Sets the desired lifetime for the context in seconds. This method is
only valid before the context creation process begins and only for only valid before the context creation process begins and only for
the initiator. Use GSSContext.INDEFINITE_LIFETIME and the initiator. Use GSSContext.INDEFINITE_LIFETIME and
GSSContext.DEFAULT_LIFETIME to request indefinite or default context GSSContext.DEFAULT_LIFETIME to request indefinite or default context
lifetime. lifetime.
Parameters: Parameters:
lifetime The desired context lifetime in seconds. lifetime The desired context lifetime in seconds.
skipping to change at page 76, line 45 skipping to change at page 70, line 14
Sets the desired lifetime for the context in seconds. This method is Sets the desired lifetime for the context in seconds. This method is
only valid before the context creation process begins and only for only valid before the context creation process begins and only for
the initiator. Use GSSContext.INDEFINITE_LIFETIME and the initiator. Use GSSContext.INDEFINITE_LIFETIME and
GSSContext.DEFAULT_LIFETIME to request indefinite or default context GSSContext.DEFAULT_LIFETIME to request indefinite or default context
lifetime. lifetime.
Parameters: Parameters:
lifetime The desired context lifetime in seconds. lifetime The desired context lifetime in seconds.
7.4.31 setChannelBinding 7.4.31. setChannelBinding
public void setChannelBinding(ChannelBinding cb) throws GSSException public void setChannelBinding(ChannelBinding cb) throws GSSException
Sets the channel bindings to be used during context establishment. Sets the channel bindings to be used during context establishment.
This method is only valid before the context creation process begins. This method is only valid before the context creation process begins.
Parameters: Parameters:
cb Channel bindings to be used. cb Channel bindings to be used.
7.4.32 getCredDelegState 7.4.32. getCredDelegState
public boolean getCredDelegState() public boolean getCredDelegState()
Returns the state of the delegated credentials for the context. When Returns the state of the delegated credentials for the context. When
issued before context establishment is completed or when the issued before context establishment is completed or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
7.4.33 getMutualAuthState 7.4.33. getMutualAuthState
public boolean getMutualAuthState() public boolean getMutualAuthState()
Returns the state of the mutual authentication option for the Returns the state of the mutual authentication option for the
context. When issued before context establishment completes or when context. When issued before context establishment completes or when
the isProtReady method returns "false", it returns the desired state, the isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
7.4.34 getReplayDetState 7.4.34. getReplayDetState
public boolean getReplayDetState() public boolean getReplayDetState()
Returns the state of the replay detection option for the context. Returns the state of the replay detection option for the context.
When issued before context establishment completes or when the When issued before context establishment completes or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
7.4.35 getSequenceDetState 7.4.35. getSequenceDetState
public boolean getSequenceDetState() public boolean getSequenceDetState()
Returns the state of the sequence detection option for the context. Returns the state of the sequence detection option for the context.
When issued before context establishment completes or when the When issued before context establishment completes or when the
isProtReady method returns "false", it returns the desired state, isProtReady method returns "false", it returns the desired state,
otherwise it will indicate the actual state over the established otherwise it will indicate the actual state over the established
context. context.
7.4.36 getAnonymityState 7.4.36. getAnonymityState
public boolean getAnonymityState() public boolean getAnonymityState()
Returns "true" if this is an anonymous context. When issued before Returns "true" if this is an anonymous context. When issued before
context establishment completes or when the isProtReady method context establishment completes or when the isProtReady method
returns "false", it returns the desired state, otherwise it will returns "false", it returns the desired state, otherwise it will
indicate the actual state over the established context. indicate the actual state over the established context.
7.4.37 isTransferable 7.4.37. isTransferable
public boolean isTransferable() throws GSSException public boolean isTransferable() throws GSSException
Returns "true" if the context is transferable to other processes Returns "true" if the context is transferable to other processes
through the use of the export method. This call is only valid on through the use of the export method. This call is only valid on
fully established contexts. fully established contexts.
7.4.38 isProtReady 7.4.38. isProtReady
public boolean isProtReady() public boolean isProtReady()
Returns "true" if the per message operations can be applied over the Returns "true" if the per message operations can be applied over the
context. Some mechanisms may allow the usage of per-message context. Some mechanisms may allow the usage of per-message
operations before the context is fully established. This will also operations before the context is fully established. This will also
indicate that the get methods will return actual context state indicate that the get methods will return actual context state
characteristics instead of the desired ones. characteristics instead of the desired ones.
7.4.39 getConfState 7.4.39. getConfState
public boolean getConfState() public boolean getConfState()
Returns the confidentiality service state over the context. When Returns the confidentiality service state over the context. When
issued before context establishment completes or when the isProtReady issued before context establishment completes or when the isProtReady
method returns "false", it returns the desired state, otherwise it method returns "false", it returns the desired state, otherwise it
will indicate the actual state over the established context. will indicate the actual state over the established context.
7.4.40 getIntegState 7.4.40. getIntegState
public boolean getIntegState() public boolean getIntegState()
Returns the integrity service state over the context. When issued Returns the integrity service state over the context. When issued
before context establishment completes or when the isProtReady method before context establishment completes or when the isProtReady method
returns "false", it returns the desired state, otherwise it will returns "false", it returns the desired state, otherwise it will
indicate the actual state over the established context. indicate the actual state over the established context.
7.4.41 getLifetime 7.4.41. getLifetime
public int getLifetime() public int getLifetime()
Returns the context lifetime in seconds. When issued before context Returns the context lifetime in seconds. When issued before context
establishment completes or when the isProtReady method returns establishment completes or when the isProtReady method returns
"false", it returns the desired lifetime, otherwise it will indicate "false", it returns the desired lifetime, otherwise it will indicate
the remaining lifetime for the context. the remaining lifetime for the context.
7.4.42 getSrcName 7.4.42. getSrcName
public GSSName getSrcName() throws GSSException public GSSName getSrcName() throws GSSException
Returns the name of the context initiator. This call is valid only Returns the name of the context initiator. This call is valid only
after the context is fully established or the isProtReady method after the context is fully established or the isProtReady method
returns "true". It is guaranteed to return an MN. returns "true". It is guaranteed to return an MN.
7.4.43 getTargName 7.4.43. getTargName
public GSSName getTargName() throws GSSException public GSSName getTargName() throws GSSException
Returns the name of the context target (acceptor). This call is Returns the name of the context target (acceptor). This call is
valid only after the context is fully established or the isProtReady valid only after the context is fully established or the isProtReady
method returns "true". It is guaranteed to return an MN. method returns "true". It is guaranteed to return an MN.
7.4.44 getMech 7.4.44. getMech
public Oid getMech() throws GSSException public Oid getMech() throws GSSException
Returns the mechanism oid for this context. This method may be Returns the mechanism oid for this context. This method may be
called before the context is fully established, but the mechanism called before the context is fully established, but the mechanism
returned may change on successive calls in negotiated mechanism case. returned may change on successive calls in negotiated mechanism case.
7.4.45 getDelegCred 7.4.45. getDelegCred
public GSSCredential getDelegCred() throws GSSException public GSSCredential getDelegCred() throws GSSException
Returns the delegated credential object on the acceptor's side. To Returns the delegated credential object on the acceptor's side. To
check for availability of delegated credentials call check for availability of delegated credentials call
getDelegCredState. This call is only valid on fully established getDelegCredState. This call is only valid on fully established
contexts. contexts.
7.4.46 isInitiator 7.4.46. isInitiator
public boolean isInitiator() throws GSSException public boolean isInitiator() throws GSSException
Returns "true" if this is the initiator of the context. This call is Returns "true" if this is the initiator of the context. This call is
only valid after the context creation process has started. only valid after the context creation process has started.
7.5 public class MessageProp 7.5. public class MessageProp
This is a utility class used within the per-message GSSContext This is a utility class used within the per-message GSSContext
methods to convey per-message properties. methods to convey per-message properties.
When used with the GSSContext interface's wrap and getMIC methods, an When used with the GSSContext interface's wrap and getMIC methods, an
instance of this class is used to indicate the desired QOP and to instance of this class is used to indicate the desired QOP and to
request if confidentiality services are to be applied to caller request if confidentiality services are to be applied to caller
supplied data (wrap only). To request default QOP, the value of 0 supplied data (wrap only). To request default QOP, the value of 0
should be used for QOP. should be used for QOP.
When used with the unwrap and verifyMIC methods of the GSSContext When used with the unwrap and verifyMIC methods of the GSSContext
interface, an instance of this class will be used to indicate the interface, an instance of this class will be used to indicate the
applied QOP and confidentiality services over the supplied message. applied QOP and confidentiality services over the supplied message.
In the case of verifyMIC, the confidentiality state will always be In the case of verifyMIC, the confidentiality state will always be
"false". Upon return from these methods, this object will also "false". Upon return from these methods, this object will also
contain any supplementary status values applicable to the processed contain any supplementary status values applicable to the processed
token. The supplementary status values can indicate old tokens, out token. The supplementary status values can indicate old tokens, out
of sequence tokens, gap tokens or duplicate tokens. of sequence tokens, gap tokens or duplicate tokens.
7.5.1 Constructors 7.5.1. Constructors
public MessageProp(boolean privState) public MessageProp(boolean privState)
Constructor which sets QOP to 0 indicating that the default QOP is Constructor which sets QOP to 0 indicating that the default QOP is
requested. requested.
Parameters: Parameters:
privState The desired privacy state. "true" for privacy and privState The desired privacy state. "true" for privacy and
"false" for integrity only. "false" for integrity only.
skipping to change at page 80, line 44 skipping to change at page 74, line 10
Constructor which sets the values for the qop and privacy state. Constructor which sets the values for the qop and privacy state.
Parameters: Parameters:
qop The desired QOP. Use 0 to request a default QOP. qop The desired QOP. Use 0 to request a default QOP.
privState The desired privacy state. "true" for privacy and privState The desired privacy state. "true" for privacy and
"false" for integrity only. "false" for integrity only.
7.5.2 getQOP 7.5.2. getQOP
public int getQOP() public int getQOP()
Retrieves the QOP value. Retrieves the QOP value.
7.5.3 getPrivacy 7.5.3. getPrivacy
public boolean getPrivacy() public boolean getPrivacy()
Retrieves the privacy state. Retrieves the privacy state.
7.5.4 getMinorStatus 7.5.4. getMinorStatus
public int getMinorStatus() public int getMinorStatus()
Retrieves the minor status that the underlying mechanism might have Retrieves the minor status that the underlying mechanism might have
set. set.
7.5.5 getMinorString 7.5.5. getMinorString
public String getMinorString() public String getMinorString()
Returns a string explaining the mechanism specific error code. null Returns a string explaining the mechanism specific error code. null
will be returned when no mechanism error code has been set. will be returned when no mechanism error code has been set.
7.5.6 setQOP 7.5.6. setQOP
public void setQOP(int qopVal) public void setQOP(int qopVal)
Sets the QOP value. Sets the QOP value.
Parameters: Parameters:
qopVal The QOP value to be set. Use 0 to request a default QOP qopVal The QOP value to be set. Use 0 to request a default QOP
value. value.
7.5.7 setPrivacy 7.5.7. setPrivacy
public void setPrivacy(boolean privState) public void setPrivacy(boolean privState)
Sets the privacy state. Sets the privacy state.
Parameters: Parameters:
privState The privacy state to set. privState The privacy state to set.
7.5.8 isDuplicateToken 7.5.8. isDuplicateToken
public boolean isDuplicateToken() public boolean isDuplicateToken()
Returns "true" if this is a duplicate of an earlier token. Returns "true" if this is a duplicate of an earlier token.
7.5.9 isOldToken 7.5.9. isOldToken
public boolean isOldToken() public boolean isOldToken()
Returns "true" if the token's validity period has expired. Returns "true" if the token's validity period has expired.
7.5.10 isUnseqToken 7.5.10. isUnseqToken
public boolean isUnseqToken() public boolean isUnseqToken()
Returns "true" if a later token has already been processed. Returns "true" if a later token has already been processed.
7.5.11 isGapToken 7.5.11. isGapToken
public boolean isGapToken() public boolean isGapToken()
Returns "true" if an expected per-message token was not received. Returns "true" if an expected per-message token was not received.
7.5.12 setSupplementaryStates 7.5.12. setSupplementaryStates
public void setSupplementaryStates(boolean duplicate, public void setSupplementaryStates(boolean duplicate,
boolean old, boolean unseq, boolean gap, boolean old, boolean unseq, boolean gap,
int minorStatus, String minorString) int minorStatus, String minorString)
This method sets the state for the supplementary information flags This method sets the state for the supplementary information flags
and the minor status in MessageProp. It is not used by the and the minor status in MessageProp. It is not used by the
application but by the GSS implementation to return this information application but by the GSS implementation to return this information
to the caller of a per-message context method. to the caller of a per-message context method.
skipping to change at page 83, line 5 skipping to change at page 76, line 14
otherwise otherwise
gap true if one or more predecessor tokens have not yet been gap true if one or more predecessor tokens have not yet been
successfully processed, false otherwise successfully processed, false otherwise
minorStatus the integer minor status code that the underlying minorStatus the integer minor status code that the underlying
mechanism wants to set mechanism wants to set
minorString the textual representation of the minorStatus value minorString the textual representation of the minorStatus value
7.6 public class ChannelBinding 7.6. public class ChannelBinding
The GSS-API accommodates the concept of caller-provided channel The GSS-API accommodates the concept of caller-provided channel
binding information. Channel bindings are used to strengthen the binding information. Channel bindings are used to strengthen the
quality with which peer entity authentication is provided during quality with which peer entity authentication is provided during
context establishment. They enable the GSS-API callers to bind the context establishment. They enable the GSS-API callers to bind the
establishment of the security context to relevant characteristics establishment of the security context to relevant characteristics
like addresses or to application specific data. like addresses or to application specific data.
The caller initiating the security context must determine the The caller initiating the security context must determine the
appropriate channel binding values to set in the GSSContext object. appropriate channel binding values to set in the GSSContext object.
The acceptor must provide an identical binding in order to validate The acceptor must provide an identical binding in order to validate
that received tokens possess correct channel-related characteristics. that received tokens possess correct channel-related characteristics.
Use of channel bindings is optional in GSS-API. Since channel- Use of channel bindings is optional in GSS-API. Since channel-
binding information may be transmitted in context establishment binding information may be transmitted in context establishment
tokens, applications should therefore not use confidential data as tokens, applications should therefore not use confidential data as
channel-binding components. channel-binding components.
7.6.1 Constructors 7.6.1. Constructors
public ChannelBinding(InetAddress initAddr, InetAddress acceptAddr, public ChannelBinding(InetAddress initAddr, InetAddress acceptAddr,
byte[] appData) byte[] appData)
Create a ChannelBinding object with user supplied address information Create a ChannelBinding object with user supplied address information
and data. "null" values can be used for any fields which the and data. "null" values can be used for any fields which the
application does not want to specify. application does not want to specify.
Parameters: Parameters:
initAddr The address of the context initiator. "null" value can initAddr The address of the context initiator. "null" value can be
be supplied to indicate that the application does not want to set supplied to indicate that the application does not want to set
this value. this value.
acceptAddr The address of the context acceptor. "null" value can acceptAddr The address of the context acceptor. "null" value can
be supplied to indicate that the application does not want to set be supplied to indicate that the application does not want to set
this value. this value.
appData Application supplied data to be used as part of the appData Application supplied data to be used as part of the
channel bindings. "null" value can be supplied to indicate that channel bindings. "null" value can be supplied to indicate that
the application does not want to set this value. the application does not want to set this value.
public ChannelBinding(byte[] appData) public ChannelBinding(byte[] appData)
Creates a ChannelBinding object without any addressing information. Creates a ChannelBinding object without any addressing information.
Parameters: Parameters:
appData Application supplied data to be used as part of the appData Application supplied data to be used as part of the
channel bindings. channel bindings.
7.6.2 getInitiatorAddress 7.6.2. getInitiatorAddress
public InetAddress getInitiatorAddress() public InetAddress getInitiatorAddress()
Returns the initiator's address for this channel binding. "null" is Returns the initiator's address for this channel binding. "null" is
returned if the address has not been set. returned if the address has not been set.
7.6.3 getAcceptorAddress 7.6.3. getAcceptorAddress
public InetAddress getAcceptorAddress() public InetAddress getAcceptorAddress()
Returns the acceptor's address for this channel binding. "null" is Returns the acceptor's address for this channel binding. "null" is
returned if the address has not been set. returned if the address has not been set.
7.6.4 getApplicationData 7.6.4. getApplicationData
public byte[] getApplicationData() public byte[] getApplicationData()
Returns application data being used as part of the ChannelBinding. Returns application data being used as part of the ChannelBinding.
"null" is returned if no application data has been specified for the "null" is returned if no application data has been specified for the
channel binding. channel binding.
7.6.5 equals 7.6.5. equals
public boolean equals(Object obj) public boolean equals(Object obj)
Returns "true" if two channel bindings match. (Note that the Java Returns "true" if two channel bindings match. (Note that the Java
language specification requires that two objects that are equal language specification requires that two objects that are equal
according to the equals(Object) method must return the same integer according to the equals(Object) method must return the same integer
result when the hashCode() method is called on them.) result when the hashCode() method is called on them.)
Parameters: Parameters:
obj Another channel binding to compare with. obj Another channel binding to compare with.
7.7 public class Oid 7.7. public class Oid
This class represents Universal Object Identifiers (Oids) and their This class represents Universal Object Identifiers (Oids) and their
associated operations. associated operations.
Oids are hierarchically globally-interpretable identifiers used Oids are hierarchically globally-interpretable identifiers used
within the GSS-API framework to identify mechanisms and name formats. within the GSS-API framework to identify mechanisms and name formats.
The structure and encoding of Oids is defined in ISOIEC-8824 and The structure and encoding of Oids is defined in ISOIEC-8824 and
ISOIEC-8825. For example the Oid representation of Kerberos V5 ISOIEC-8825. For example the Oid representation of Kerberos V5
mechanism is "1.2.840.113554.1.2.2" mechanism is "1.2.840.113554.1.2.2"
The GSSName name class contains public static Oid objects The GSSName name class contains public static Oid objects
representing the standard name types defined in GSS-API. representing the standard name types defined in GSS-API.
7.7.1 Constructors 7.7.1. Constructors
public Oid(String strOid) throws GSSException public Oid(String strOid) throws GSSException
Creates an Oid object from a string representation of its integer Creates an Oid object from a string representation of its integer
components (e.g. "1.2.840.113554.1.2.2"). components (e.g. "1.2.840.113554.1.2.2").
Parameters: Parameters:
strOid The string representation for the oid. strOid The string representation for the oid.
skipping to change at page 85, line 45 skipping to change at page 79, line 5
Creates an Oid object from its DER encoding. This refers to the full Creates an Oid object from its DER encoding. This refers to the full
encoding including tag and length. The structure and encoding of encoding including tag and length. The structure and encoding of
Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is Oids is defined in ISOIEC-8824 and ISOIEC-8825. This method is
identical in functionality to its byte array counterpart. identical in functionality to its byte array counterpart.
Parameters: Parameters:
derOid Byte array storing a DER encoded oid. derOid Byte array storing a DER encoded oid.
7.7.2 toString 7.7.2. toString
public String toString() public String toString()
Returns a string representation of the oid's integer components in Returns a string representation of the oid's integer components in
dot separated notation (e.g. "1.2.840.113554.1.2.2"). dot separated notation (e.g. "1.2.840.113554.1.2.2").
7.7.3 equals 7.7.3. equals
public boolean equals(Object Obj) public boolean equals(Object Obj)
Returns "true" if the two Oid objects represent the same oid value. Returns "true" if the two Oid objects represent the same oid value.
(Note that the Java language specification [JLS] requires that two (Note that the Java language specification [JLS] requires that two
objects that are equal according to the equals(Object) method must objects that are equal according to the equals(Object) method must
return the same integer result when the hashCode() method is called return the same integer result when the hashCode() method is called
on them.) on them.)
Parameters: Parameters:
obj Another Oid object to compare with. obj Another Oid object to compare with.
7.7.4 getDER 7.7.4. getDER
public byte[] getDER() public byte[] getDER()
Returns the full ASN.1 DER encoding for this oid object, which Returns the full ASN.1 DER encoding for this oid object, which
includes the tag and length. includes the tag and length.
7.7.5 containedIn 7.7.5. containedIn
public boolean containedIn(Oid[] oids) public boolean containedIn(Oid[] oids)
A utility method to test if an Oid object is contained within the A utility method to test if an Oid object is contained within the
supplied Oid object array. supplied Oid object array.
Parameters: Parameters:
oids An array of oids to search. oids An array of oids to search.
7.8 public class GSSException extends Exception 7.8. public class GSSException extends Exception
This exception is thrown whenever a fatal GSS-API error occurs This exception is thrown whenever a fatal GSS-API error occurs
including mechanism specific errors. It may contain both, the major including mechanism specific errors. It may contain both, the major
and minor, GSS-API status codes. The mechanism implementers are and minor, GSS-API status codes. The mechanism implementers are
responsible for setting appropriate minor status codes when throwing responsible for setting appropriate minor status codes when throwing
this exception. Aside from delivering the numeric error code(s) to this exception. Aside from delivering the numeric error code(s) to
the caller, this class performs the mapping from their numeric values the caller, this class performs the mapping from their numeric values
to textual representations. All Java GSS-API methods are declared to textual representations. All Java GSS-API methods are declared
throwing this exception. throwing this exception.
All implementations are encouraged to use the Java All implementations are encouraged to use the Java
internationalization techniques to provide local translations of the internationalization techniques to provide local translations of the
message strings. message strings.
7.8.1 Static Constants 7.8.1. Static Constants
All valid major GSS-API error code values are declared as constants All valid major GSS-API error code values are declared as constants
in this class. in this class.
public static final int BAD_BINDINGS public static final int BAD_BINDINGS
Channel bindings mismatch error. The value of this constant is 1. Channel bindings mismatch error. The value of this constant is 1.
public static final int BAD_MECH public static final int BAD_MECH
skipping to change at page 89, line 25 skipping to change at page 82, line 31
constant is 21. constant is 21.
public static final int GAP_TOKEN public static final int GAP_TOKEN
An expected per-message token was not received. This is contained in An expected per-message token was not received. This is contained in
an exception only when detected during context establishment, in an exception only when detected during context establishment, in
which case it is considered a fatal error. (Non-fatal supplementary which case it is considered a fatal error. (Non-fatal supplementary
codes are indicated via the MessageProp object.) The value of this codes are indicated via the MessageProp object.) The value of this
constant is 22. constant is 22.
7.8.2 Constructors 7.8.2. Constructors
public GSSException(int majorCode) public GSSException(int majorCode)
Creates a GSSException object with a specified major code. Creates a GSSException object with a specified major code.
Parameters: Parameters:
majorCode The GSS error code causing this exception to be thrown. majorCode The GSS error code causing this exception to be thrown.
public GSSException(int majorCode, int minorCode, String minorString) public GSSException(int majorCode, int minorCode, String minorString)
skipping to change at page 90, line 5 skipping to change at page 83, line 10
Parameters: Parameters:
majorCode The GSS error code causing this exception to be thrown. majorCode The GSS error code causing this exception to be thrown.
minorCode The mechanism error code causing this exception to be minorCode The mechanism error code causing this exception to be
thrown. thrown.
minorString The textual explanation of the mechanism error code. minorString The textual explanation of the mechanism error code.
7.8.3 getMajor 7.8.3. getMajor
public int getMajor() public int getMajor()
Returns the major code representing the GSS error code that caused Returns the major code representing the GSS error code that caused
this exception to be thrown. this exception to be thrown.
7.8.4 getMinor 7.8.4. getMinor
public int getMinor() public int getMinor()
Returns the mechanism error code that caused this exception. The Returns the mechanism error code that caused this exception. The
minor code is set by the underlying mechanism. Value of 0 indicates minor code is set by the underlying mechanism. Value of 0 indicates
that mechanism error code is not set. that mechanism error code is not set.
7.8.5 getMajorString 7.8.5. getMajorString
public String getMajorString() public String getMajorString()
Returns a string explaining the GSS major error code causing this Returns a string explaining the GSS major error code causing this
exception to be thrown. exception to be thrown.
7.8.6 getMinorString 7.8.6. getMinorString
public String getMinorString() public String getMinorString()
Returns a string explaining the mechanism specific error code. null Returns a string explaining the mechanism specific error code. null
will be returned when no mechanism error code has been set. will be returned when no mechanism error code has been set.
7.8.7 setMinor 7.8.7. setMinor
public void setMinor(int minorCode, String message) public void setMinor(int minorCode, String message)
Used internally by the GSS-API implementation and the underlying Used internally by the GSS-API implementation and the underlying
mechanisms to set the minor code and its textual representation. mechanisms to set the minor code and its textual representation.
Parameters: Parameters:
minorCode The mechanism specific error code. minorCode The mechanism specific error code.
message A textual explanation of the mechanism error code. message A textual explanation of the mechanism error code.
7.8.8 toString 7.8.8. toString
public String toString() public String toString()
Returns a textual representation of both the major and minor status Returns a textual representation of both the major and minor status
codes. codes.
7.8.9 getMessage 7.8.9. getMessage
public String getMessage() public String getMessage()
Returns a detailed message of this exception. Overrides Returns a detailed message of this exception. Overrides
Throwable.getMessage. It is customary in Java to use this method to Throwable.getMessage. It is customary in Java to use this method to
obtain exception information. obtain exception information.
8. Sample Applications 8. Sample Applications
8.1 Simple GSS Context Initiator 8.1. Simple GSS Context Initiator
import org.ietf.jgss.*; import org.ietf.jgss.*;
/** /**
* This is a partial sketch for a simple client program that acts * This is a partial sketch for a simple client program that acts
* as a GSS context initiator. It illustrates how to use the Java * as a GSS context initiator. It illustrates how to use the Java
* bindings for the GSS-API specified in * bindings for the GSS-API specified in
* Generic Security Service API Version 2 : Java bindings * Generic Security Service API Version 2 : Java bindings
* *
* *
skipping to change at page 95, line 46 skipping to change at page 88, line 12
... ...
} // end of doCommunication method } // end of doCommunication method
... ...
... ...
} // end of class SimpleClient } // end of class SimpleClient
8.2 Simple GSS Context Acceptor 8.2. Simple GSS Context Acceptor
import org.ietf.jgss.*; import org.ietf.jgss.*;
/** /**
* This is a partial sketch for a simple server program that acts * This is a partial sketch for a simple server program that acts
* as a GSS context acceptor. It illustrates how to use the Java * as a GSS context acceptor. It illustrates how to use the Java
* bindings for the GSS-API specified in * bindings for the GSS-API specified in
* Generic Security Service API Version 2 : Java bindings * Generic Security Service API Version 2 : Java bindings
* *
* This code sketch assumes the existence of a GSS-API * This code sketch assumes the existence of a GSS-API
skipping to change at page 102, line 8 skipping to change at page 93, line 8
GSSManager so that only factory calls going through that GSSManager GSSManager so that only factory calls going through that GSSManager
use the desired provider. (This would not require any permissions.) use the desired provider. (This would not require any permissions.)
10. IANA Considerations 10. IANA Considerations
This document has no IANA considerations currently. This document has no IANA considerations currently.
11. Acknowledgments 11. Acknowledgments
This proposed API leverages earlier work performed by the IETF's CAT This proposed API leverages earlier work performed by the IETF's CAT
WG as outlined in both RFC 2743 and RFC 2744. Many conceptual WG as outlined in both RFC 2743 [GSSAPIv2-UPDATE] and RFC 2744
definitions, implementation directions, and explanations have been [GSSAPI-Cbind]. Many conceptual definitions, implementation
included from these documents. directions, and explanations have been included from these documents.
We would like to thank Mike Eisler, Lin Ling, Ram Marti, Michael We would like to thank Mike Eisler, Lin Ling, Ram Marti, Michael
Saltz and other members of Sun's development team for their helpful Saltz and other members of Sun's development team for their helpful
input, comments and suggestions. input, comments and suggestions.
We would also like to thank Joe Salowey, and Michael Smith for many We would also like to thank Joe Salowey, and Michael Smith for many
insightful ideas and suggestions that have contributed to this insightful ideas and suggestions that have contributed to this
document. document.
Appendix A. Changes since RFC 2853
This document has following changes:
1) Major GSS Status Code Constant Values
RFC 2853 listed all the GSS status code values in two different
sections: section 4.12.1 defined numeric values for them, and section
6.8.1 defined them as static constants in the GSSException class
without assigning any values. Due to an inconsistent ordering
between these two sections, all of the GSS major status codes
resulted in misalignment, and a subsequent disagreement between
deployed implementations.
This document defines the numeric values of the GSS status codes in
both sections, while maintaining the original ordering from section
6.8.1 of RFC 2853 [RFC2853], and obsoletes the GSS status code values
defined in 4.12.1. The relevant sections in this document are
sections 5.12.1 and 7.8.1.
2) GSS Credential Usage Constant Values
RFC 2853 section 6.3.2 defines static constants for the GSSCredential
usage flags. However, the values of these constants were not defined
anywhere in RFC 2853 [RFC2853].
This document defines the credential usage values in section 7.3.2.
The original ordering of these values from section 6.3.2 of RFC 2853
[RFC2853] is maintained.
3) GSS Host-Based Service Name
RFC 2853 [RFC2853] section 6.2.2 defines the static constant for the
GSS host-based service OID NT_HOSTBASED_SERVICE, using a deprecated
OID value.
This document updates the NT_HOSTBASED_SERVICE OID value in section
7.2.2 to be consistent with the C-bindings in RFC 2744
[GSSAPI-Cbind].
12. References 12. References
12.1 Normative References 12.1. Normative References
[RFC2853] Kabat, J. and M. Upadhyay, "Generic Security Service [GSSAPI-Cbind]
Application Program Interface : Java Bindings", RFC 2853, Wray, J., "Generic Security Service API Version 2 :
June 2000. C-bindings", RFC 2744, January 2000.
[GSSAPIv2-UPDATE] [GSSAPIv2-UPDATE]
Linn, J., "Generic Security Service Application Program Linn, J., "Generic Security Service Application Program
Interface, Version 2, Update 1", RFC 2743, January 2000. Interface, Version 2, Update 1", RFC 2743, January 2000.
[GSSAPI-Cbind] [RFC2025] Adams, C., "The Simple Public-Key GSS-API Mechanism",
Wray, J., "Generic Security Service API Version 2 : RFC 2025, October 1996.
C-bindings", RFC 2744, January 2000.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2853] Kabat, J. and M. Upadhyay, "Generic Security Service
Application Program Interface : Java Bindings", RFC 2853,
June 2000.
[RFC4121] Zhu, L. and S. Hartman, "The Kerberos Version 5 Generic [RFC4121] Zhu, L. and S. Hartman, "The Kerberos Version 5 Generic
Security Service Application Program Interface (GSS-API) Security Service Application Program Interface (GSS-API)
Mechanism: Version 2", RFC 4121, July 2005. Mechanism: Version 2", RFC 4121, July 2005.
[RFC2025] Adams, C., "The Simple Public-Key GSS-API Mechanism", 12.2. Informative References
RFC 2025, October 1996.
12.2 Informative References
[JLS] Gosling, J., "The Java Language Specification", JLS langspec. [JLS] Gosling, J., "The Java Language Specification",
JLS langspec.
Authors' Addresses Authors' Addresses
Mayank D. Upadhyay Mayank D. Upadhyay
Google Inc. Google Inc.
1600 Amphitheatre Parkway 1600 Amphitheatre Parkway
Mountain View, CA 94043 Mountain View, CA 94043
USA USA
Email: mayank+ietf-2853@google.com Email: mayank+ietf-2853@google.com
Seema Malkani Seema Malkani
Sun Microsystems, Inc. Sun Microsystems, Inc.
4140 Network Circle 4140 Network Circle
Santa Clara, CA 95054 Santa Clara, CA 95054
USA USA
Email: Seema.Malkani@sun.com Email: Seema.Malkani@sun.com
Intellectual Property Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
skipping to change at page 105, line 29 skipping to change at page 96, line 45
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is provided by the IETF
Internet Society. Administrative Support Activity (IASA).
 End of changes. 243 change blocks. 
534 lines changed or deleted 547 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/