public class GlobusGSSContextImpl extends java.lang.Object implements ExtendedGSSContext
Modifier and Type | Field and Description |
---|---|
private static int |
ACCEPT |
protected java.lang.Boolean |
acceptNoClientCerts |
protected boolean |
anonymity |
private java.lang.String[] |
bannedCiphers |
protected BouncyCastleCertProcessingFactory |
certFactory |
protected java.lang.Boolean |
checkContextExpiration |
private static int |
CLIENT_END_DEL |
private static int |
CLIENT_START_DEL |
protected boolean |
conn |
protected boolean |
credentialDelegation |
protected GlobusGSSCredentialImpl |
ctxCred
Credential of this context.
|
protected ExtendedGSSCredential |
delegatedCred
Credential delegated using delegation API
|
private static int |
DELEGATION_COMPLETE_CRED |
private static int |
DELEGATION_SIGN_CERT |
private static int |
DELEGATION_START |
private static byte[] |
DELEGATION_TOKEN |
protected boolean |
delegationFinished
Delegation finished indicator
|
protected int |
delegationState
Delegation state
|
protected GSIConstants.DelegationType |
delegationType |
protected ExtendedGSSCredential |
delegCred
Credential delegated during context establishment
|
private static java.lang.String[] |
ENABLED_PROTOCOLS |
protected boolean |
encryption |
protected boolean |
established |
protected org.ietf.jgss.GSSName |
expectedTargetName
Expected target name.
|
protected java.lang.Boolean |
forceSSLv3AndConstrainCipherSuitesForGram |
protected java.util.Date |
goodUntil
Context expiration date.
|
private static java.lang.String[] |
GRAM_ENCRYPTION_CIPHER_SUITES |
private static java.lang.String[] |
GRAM_NO_ENCRYPTION_CIPHER_SUITES |
private static java.lang.String[] |
GRAM_PROTOCOLS |
private static int |
GSI_MESSAGE_DIGEST_PADDING |
private static int |
GSI_SEQUENCE_SIZE
SSL3_RT_GSSAPI_OPENSSL
|
static int |
GSI_WRAP
Used to distinguish between a token created by
wrap with GSSConstants.GSI_BIG
QoP and a regular token created by wrap . |
protected java.lang.Integer |
gssMode |
private static int |
HANDSHAKE |
private static I18n |
i18n |
private static int |
INITIATE |
protected java.security.KeyPair |
keyPair
Used during delegation
|
private KeyPairCache |
keyPairCache
KeyPair generation with cache of keypairs if configured
|
private static org.apache.commons.logging.Log |
logger |
private static java.lang.String[] |
NO_ENCRYPTION |
private java.nio.ByteBuffer |
outByteBuff |
protected java.lang.Boolean |
peerLimited
Limited peer credentials
|
protected java.util.Map |
proxyPolicyHandlers |
protected java.lang.Boolean |
rejectLimitedProxy |
protected java.lang.Boolean |
requireAuthzWithDelegation |
protected java.lang.Boolean |
requireClientAuth |
protected int |
role
Context role
|
private byte[] |
savedInBytes |
private static int |
SERVER_END_DEL |
private static int |
SERVER_START_DEL |
protected org.ietf.jgss.GSSName |
sourceName
The name of the context initiator
|
protected SSLConfigurator |
sslConfigurator |
protected javax.net.ssl.SSLContext |
sslContext |
protected javax.net.ssl.SSLEngine |
sslEngine |
protected int |
state
Handshake state
|
protected org.ietf.jgss.GSSName |
targetName
The name of the context acceptor
|
protected TrustedCertificates |
tc |
private static int |
UNDEFINED |
Constructor and Description |
---|
GlobusGSSContextImpl(org.ietf.jgss.GSSName target,
GlobusGSSCredentialImpl cred) |
Modifier and Type | Method and Description |
---|---|
byte[] |
acceptDelegation(int lifetime,
byte[] buf,
int off,
int len)
Accept a delegated credential.
|
byte[] |
acceptSecContext(byte[] inBuff,
int off,
int len)
This function drives the accepting side of the context establishment
process.
|
void |
acceptSecContext(java.io.InputStream in,
java.io.OutputStream out)
It works just like
acceptSecContext
method. |
private java.security.cert.X509Certificate |
bcConvert(java.security.cert.X509Certificate cert) |
protected void |
checkContext() |
void |
dispose() |
byte[] |
export()
Currently not implemented.
|
protected byte[] |
generateCertRequest(java.security.cert.X509Certificate cert) |
boolean |
getAnonymityState() |
boolean |
getConfState() |
boolean |
getCredDelegState() |
org.ietf.jgss.GSSCredential |
getDelegatedCredential()
Returns the delegated credential that was delegated using
the
initDelegation and acceptDelegation
functions. |
org.ietf.jgss.GSSCredential |
getDelegCred() |
boolean |
getIntegState() |
int |
getLifetime() |
org.ietf.jgss.Oid |
getMech() |
byte[] |
getMIC(byte[] inBuf,
int off,
int len,
org.ietf.jgss.MessageProp prop)
Returns a cryptographic MIC (message integrity check)
of a specified message.
|
void |
getMIC(java.io.InputStream inStream,
java.io.OutputStream outStream,
org.ietf.jgss.MessageProp msgProp)
Currently not implemented.
|
boolean |
getMutualAuthState() |
java.lang.Object |
getOption(org.ietf.jgss.Oid option)
Gets a context option.
|
boolean |
getReplayDetState() |
boolean |
getSequenceDetState() |
org.ietf.jgss.GSSName |
getSrcName() |
org.ietf.jgss.GSSName |
getTargName() |
int |
getWrapSizeLimit(int qop,
boolean confReq,
int maxTokenSize)
Currently not implemented.
|
private void |
handshakeFinished() |
private void |
init(int how) |
byte[] |
initDelegation(org.ietf.jgss.GSSCredential credential,
org.ietf.jgss.Oid mechanism,
int lifetime,
byte[] buf,
int off,
int len)
Initiate the delegation of a credential.
|
byte[] |
initSecContext(byte[] inBuff,
int off,
int len)
This function drives the initiating side of the context establishment
process.
|
int |
initSecContext(java.io.InputStream in,
java.io.OutputStream out)
It works just like
initSecContext method. |
java.lang.Object |
inquireByOid(org.ietf.jgss.Oid oid)
Retrieves arbitrary data about this context.
|
boolean |
isDelegationFinished()
Used during delegation to determine the state of the delegation.
|
boolean |
isEstablished() |
boolean |
isInitiator() |
boolean |
isProtReady() |
boolean |
isTransferable()
Currently not implemented.
|
void |
requestAnonymity(boolean state) |
void |
requestConf(boolean state) |
void |
requestCredDeleg(boolean state) |
void |
requestInteg(boolean state) |
void |
requestLifetime(int lifetime) |
void |
requestMutualAuth(boolean state) |
void |
requestReplayDet(boolean state) |
void |
requestSequenceDet(boolean state) |
private void |
runDelegatedTasks(javax.net.ssl.SSLEngine engine) |
protected void |
setAcceptNoClientCerts(java.lang.Object value) |
void |
setBannedCiphers(java.lang.String[] ciphers)
Specifies a list of ciphers that will not be used.
|
void |
setChannelBinding(org.ietf.jgss.ChannelBinding cb)
Currently not implemented.
|
protected void |
setCheckContextExpired(java.lang.Object value) |
private void |
setCredential() |
protected void |
setDelegationType(java.lang.Object value) |
private void |
setDone() |
protected void |
setForceSslV3AndConstrainCipherSuitesForGram(java.lang.Object value) |
private void |
setGoodUntil(java.util.Date date) |
protected void |
setGssMode(java.lang.Object value) |
void |
setOption(org.ietf.jgss.Oid option,
java.lang.Object value)
Sets a context option.
|
protected void |
setProxyPolicyHandlers(java.lang.Object value) |
protected void |
setRejectLimitedProxy(java.lang.Object value) |
protected void |
setRequireAuthzWithDelegation(java.lang.Object value) |
protected void |
setRequireClientAuth(java.lang.Object value) |
protected void |
setTrustedCertificates(java.lang.Object value) |
private java.nio.ByteBuffer |
sslDataUnwrap(java.nio.ByteBuffer inBBuff,
java.nio.ByteBuffer outBBuff) |
private java.nio.ByteBuffer |
sslDataWrap(java.nio.ByteBuffer inBBuff,
java.nio.ByteBuffer outBBuff) |
private java.nio.ByteBuffer |
sslProcessHandshake(java.nio.ByteBuffer inBBuff,
java.nio.ByteBuffer outBBuff) |
private byte[] |
unwrap(byte[] inBuf,
int off,
int len) |
byte[] |
unwrap(byte[] inBuf,
int off,
int len,
org.ietf.jgss.MessageProp prop)
Unwraps a token generated by
wrap method on the other side of the context. |
void |
unwrap(java.io.InputStream inStream,
java.io.OutputStream outStream,
org.ietf.jgss.MessageProp msgProp)
Currently not implemented.
|
protected void |
verifyDelegatedCert(java.security.cert.X509Certificate certificate) |
void |
verifyMIC(byte[] inTok,
int tokOff,
int tokLen,
byte[] inMsg,
int msgOff,
int msgLen,
org.ietf.jgss.MessageProp prop)
Verifies a cryptographic MIC (message integrity check)
of a specified message.
|
void |
verifyMIC(java.io.InputStream tokStream,
java.io.InputStream msgStream,
org.ietf.jgss.MessageProp msgProp)
Currently not implemented.
|
private byte[] |
wrap(byte[] inBuf,
int off,
int len) |
byte[] |
wrap(byte[] inBuf,
int off,
int len,
org.ietf.jgss.MessageProp prop)
Wraps a message for integrity and protection.
|
void |
wrap(java.io.InputStream inStream,
java.io.OutputStream outStream,
org.ietf.jgss.MessageProp msgProp)
Currently not implemented.
|
private static org.apache.commons.logging.Log logger
private static I18n i18n
private KeyPairCache keyPairCache
public static final int GSI_WRAP
wrap
with GSSConstants.GSI_BIG
QoP and a regular token created by wrap
.private static final int GSI_SEQUENCE_SIZE
private static final int GSI_MESSAGE_DIGEST_PADDING
private static final java.lang.String[] ENABLED_PROTOCOLS
private static final java.lang.String[] GRAM_PROTOCOLS
private static final java.lang.String[] NO_ENCRYPTION
private static final java.lang.String[] GRAM_ENCRYPTION_CIPHER_SUITES
private static final java.lang.String[] GRAM_NO_ENCRYPTION_CIPHER_SUITES
private static final byte[] DELEGATION_TOKEN
private static final int UNDEFINED
private static final int INITIATE
private static final int ACCEPT
protected int state
private static final int HANDSHAKE
private static final int CLIENT_START_DEL
private static final int CLIENT_END_DEL
private static final int SERVER_START_DEL
private static final int SERVER_END_DEL
protected int delegationState
private static final int DELEGATION_START
private static final int DELEGATION_SIGN_CERT
private static final int DELEGATION_COMPLETE_CRED
protected ExtendedGSSCredential delegatedCred
protected boolean delegationFinished
protected boolean credentialDelegation
protected boolean anonymity
protected boolean encryption
protected boolean established
protected org.ietf.jgss.GSSName sourceName
protected org.ietf.jgss.GSSName targetName
protected int role
protected ExtendedGSSCredential delegCred
protected GSIConstants.DelegationType delegationType
protected java.lang.Integer gssMode
protected java.lang.Boolean checkContextExpiration
protected java.lang.Boolean rejectLimitedProxy
protected java.lang.Boolean requireClientAuth
protected java.lang.Boolean acceptNoClientCerts
protected java.lang.Boolean requireAuthzWithDelegation
protected java.lang.Boolean forceSSLv3AndConstrainCipherSuitesForGram
protected GlobusGSSCredentialImpl ctxCred
protected org.ietf.jgss.GSSName expectedTargetName
protected java.util.Date goodUntil
protected SSLConfigurator sslConfigurator
protected javax.net.ssl.SSLContext sslContext
protected javax.net.ssl.SSLEngine sslEngine
protected boolean conn
private byte[] savedInBytes
private java.nio.ByteBuffer outByteBuff
protected BouncyCastleCertProcessingFactory certFactory
protected java.security.KeyPair keyPair
protected TrustedCertificates tc
protected java.util.Map proxyPolicyHandlers
protected java.lang.Boolean peerLimited
private java.lang.String[] bannedCiphers
public GlobusGSSContextImpl(org.ietf.jgss.GSSName target, GlobusGSSCredentialImpl cred) throws org.ietf.jgss.GSSException
target
- expected target name. Can be null.cred
- credential. Cannot be null. Might be anonymous.org.ietf.jgss.GSSException
private void runDelegatedTasks(javax.net.ssl.SSLEngine engine) throws java.lang.Exception
java.lang.Exception
private java.security.cert.X509Certificate bcConvert(java.security.cert.X509Certificate cert) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public byte[] acceptSecContext(byte[] inBuff, int off, int len) throws org.ietf.jgss.GSSException
initSecContext
function.
GSSConstants.GSS_MODE
and GSSConstants.REJECT_LIMITED_PROXY
context options. If the
GSSConstants.GSS_MODE
option is set to
GSIConstants.MODE_SSL
the context establishment process will be compatible with regular SSL
(no credential delegation support). If the option is set to
GSIConstants.MODE_GSI
credential delegation during context establishment process will be accepted.
If the GSSConstants.REJECT_LIMITED_PROXY
option is enabled, a peer
presenting limited proxy credential will be automatically
rejected and the context establishment process will be aborted.acceptSecContext
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
private java.nio.ByteBuffer sslDataWrap(java.nio.ByteBuffer inBBuff, java.nio.ByteBuffer outBBuff) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
private java.nio.ByteBuffer sslDataUnwrap(java.nio.ByteBuffer inBBuff, java.nio.ByteBuffer outBBuff) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
private java.nio.ByteBuffer sslProcessHandshake(java.nio.ByteBuffer inBBuff, java.nio.ByteBuffer outBBuff) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public byte[] initSecContext(byte[] inBuff, int off, int len) throws org.ietf.jgss.GSSException
acceptSecContext
function.
GSSConstants.GSS_MODE
,
GSSConstants.DELEGATION_TYPE
, and
GSSConstants.REJECT_LIMITED_PROXY
context options. If the GSSConstants.GSS_MODE
option is set to GSIConstants.MODE_SSL
the context establishment process will be compatible with regular SSL
(no credential delegation support). If the option is set to
GSIConstants.GSS_MODE_GSI
credential delegation during context establishment process will performed.
The delegation type to be performed can be set using the
GSSConstants.DELEGATION_TYPE
context option. If the GSSConstants.REJECT_LIMITED_PROXY
option is enabled,
a peer presenting limited proxy credential will be automatically
rejected and the context establishment process will be aborted.initSecContext
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
private void setDone()
private void setGoodUntil(java.util.Date date)
private void init(int how) throws org.ietf.jgss.GSSException, javax.net.ssl.SSLException
org.ietf.jgss.GSSException
javax.net.ssl.SSLException
private void handshakeFinished() throws java.io.IOException
java.io.IOException
private void setCredential() throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public byte[] wrap(byte[] inBuf, int off, int len, org.ietf.jgss.MessageProp prop) throws org.ietf.jgss.GSSException
wrap
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
private byte[] wrap(byte[] inBuf, int off, int len) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public byte[] unwrap(byte[] inBuf, int off, int len, org.ietf.jgss.MessageProp prop) throws org.ietf.jgss.GSSException
wrap
method on the other side of the context.unwrap
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
private byte[] unwrap(byte[] inBuf, int off, int len) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public void dispose() throws org.ietf.jgss.GSSException
dispose
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean isEstablished()
isEstablished
in interface org.ietf.jgss.GSSContext
public void requestCredDeleg(boolean state) throws org.ietf.jgss.GSSException
requestCredDeleg
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getCredDelegState()
getCredDelegState
in interface org.ietf.jgss.GSSContext
public boolean isInitiator() throws org.ietf.jgss.GSSException
isInitiator
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean isProtReady()
isProtReady
in interface org.ietf.jgss.GSSContext
public void requestLifetime(int lifetime) throws org.ietf.jgss.GSSException
requestLifetime
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public int getLifetime()
getLifetime
in interface org.ietf.jgss.GSSContext
public org.ietf.jgss.Oid getMech() throws org.ietf.jgss.GSSException
getMech
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public org.ietf.jgss.GSSCredential getDelegCred() throws org.ietf.jgss.GSSException
getDelegCred
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void requestConf(boolean state) throws org.ietf.jgss.GSSException
requestConf
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getConfState()
getConfState
in interface org.ietf.jgss.GSSContext
public byte[] getMIC(byte[] inBuf, int off, int len, org.ietf.jgss.MessageProp prop) throws org.ietf.jgss.GSSException
getMIC
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void verifyMIC(byte[] inTok, int tokOff, int tokLen, byte[] inMsg, int msgOff, int msgLen, org.ietf.jgss.MessageProp prop) throws org.ietf.jgss.GSSException
verifyMIC
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public int initSecContext(java.io.InputStream in, java.io.OutputStream out) throws org.ietf.jgss.GSSException
initSecContext
method.
It reads one SSL token from input stream, calls
initSecContext
method and
writes the output token to the output stream (if any)
SSL token is not read on the initial call.initSecContext
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void acceptSecContext(java.io.InputStream in, java.io.OutputStream out) throws org.ietf.jgss.GSSException
acceptSecContext
method. It reads one SSL token from input stream, calls
acceptSecContext
method and writes the output token to the output stream (if any)acceptSecContext
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public org.ietf.jgss.GSSName getSrcName() throws org.ietf.jgss.GSSException
getSrcName
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public org.ietf.jgss.GSSName getTargName() throws org.ietf.jgss.GSSException
getTargName
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void requestInteg(boolean state) throws org.ietf.jgss.GSSException
requestInteg
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getIntegState()
getIntegState
in interface org.ietf.jgss.GSSContext
public void requestSequenceDet(boolean state) throws org.ietf.jgss.GSSException
requestSequenceDet
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getSequenceDetState()
getSequenceDetState
in interface org.ietf.jgss.GSSContext
public void requestReplayDet(boolean state) throws org.ietf.jgss.GSSException
requestReplayDet
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getReplayDetState()
getReplayDetState
in interface org.ietf.jgss.GSSContext
public void requestAnonymity(boolean state) throws org.ietf.jgss.GSSException
requestAnonymity
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getAnonymityState()
getAnonymityState
in interface org.ietf.jgss.GSSContext
public void requestMutualAuth(boolean state) throws org.ietf.jgss.GSSException
requestMutualAuth
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean getMutualAuthState()
getMutualAuthState
in interface org.ietf.jgss.GSSContext
protected byte[] generateCertRequest(java.security.cert.X509Certificate cert) throws java.security.GeneralSecurityException
java.security.GeneralSecurityException
protected void verifyDelegatedCert(java.security.cert.X509Certificate certificate) throws java.security.GeneralSecurityException
java.security.GeneralSecurityException
protected void checkContext() throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setGssMode(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setDelegationType(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setCheckContextExpired(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setRejectLimitedProxy(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setRequireClientAuth(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setRequireAuthzWithDelegation(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setAcceptNoClientCerts(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setForceSslV3AndConstrainCipherSuitesForGram(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setProxyPolicyHandlers(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
protected void setTrustedCertificates(java.lang.Object value) throws org.ietf.jgss.GSSException
org.ietf.jgss.GSSException
public void setOption(org.ietf.jgss.Oid option, java.lang.Object value) throws org.ietf.jgss.GSSException
ExtendedGSSContext
setOption
in interface ExtendedGSSContext
option
- option type.value
- option value.org.ietf.jgss.GSSException
- containing the following major error codes:
GSSException.FAILURE
public java.lang.Object getOption(org.ietf.jgss.Oid option) throws org.ietf.jgss.GSSException
ExtendedGSSContext
getOption
in interface ExtendedGSSContext
option
- option type.org.ietf.jgss.GSSException
- containing the following major error codes:
GSSException.FAILURE
public byte[] initDelegation(org.ietf.jgss.GSSCredential credential, org.ietf.jgss.Oid mechanism, int lifetime, byte[] buf, int off, int len) throws org.ietf.jgss.GSSException
acceptDelegation
function.
GSSConstants.DELEGATION_TYPE
and
GSSConstants.GSS_MODE
context
options.
The GSSConstants.DELEGATION_TYPE
option controls delegation type to be performed. The
GSSConstants.GSS_MODE
option if set to
GSIConstants.MODE_SSL
results in tokens that are not wrapped.initDelegation
in interface ExtendedGSSContext
credential
- The credential to be delegated. May be null
in which case the credential associated with the security
context is used.mechanism
- The desired security mechanism. May be null.lifetime
- The requested period of validity (seconds) of the delegated
credential.acceptDelegation
if
isDelegationFinished
returns false. May be null.org.ietf.jgss.GSSException
- containing the following major error codes:
GSSException.FAILURE
public byte[] acceptDelegation(int lifetime, byte[] buf, int off, int len) throws org.ietf.jgss.GSSException
initDelegation
function.
GSSConstants.GSS_MODE
context
option. The
GSSConstants.GSS_MODE
option if set to
GSIConstants.MODE_SSL
results in tokens that are not wrapped.acceptDelegation
in interface ExtendedGSSContext
lifetime
- The requested period of validity (seconds) of the delegated
credential.initDelegation
if
isDelegationFinished
returns false. May be null.org.ietf.jgss.GSSException
- containing the following major error codes:
GSSException.FAILURE
public org.ietf.jgss.GSSCredential getDelegatedCredential()
ExtendedGSSContext
initDelegation
and acceptDelegation
functions. This is to be called on the delegation accepting
side once once isDelegationFinished
returns true.getDelegatedCredential
in interface ExtendedGSSContext
public boolean isDelegationFinished()
ExtendedGSSContext
isDelegationFinished
in interface ExtendedGSSContext
public java.lang.Object inquireByOid(org.ietf.jgss.Oid oid) throws org.ietf.jgss.GSSException
GSSConstants.X509_CERT_CHAIN
returns certificate chain of the peer (X509Certificate[]
).
inquireByOid
in interface ExtendedGSSContext
oid
- the oid of the information desired.org.ietf.jgss.GSSException
- containing the following major error codes:
GSSException.FAILURE
public void setBannedCiphers(java.lang.String[] ciphers)
ExtendedGSSContext
setBannedCiphers
in interface ExtendedGSSContext
ciphers
- The list of banned ciphers.public int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) throws org.ietf.jgss.GSSException
getWrapSizeLimit
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void wrap(java.io.InputStream inStream, java.io.OutputStream outStream, org.ietf.jgss.MessageProp msgProp) throws org.ietf.jgss.GSSException
wrap
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void unwrap(java.io.InputStream inStream, java.io.OutputStream outStream, org.ietf.jgss.MessageProp msgProp) throws org.ietf.jgss.GSSException
unwrap
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void getMIC(java.io.InputStream inStream, java.io.OutputStream outStream, org.ietf.jgss.MessageProp msgProp) throws org.ietf.jgss.GSSException
getMIC
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void verifyMIC(java.io.InputStream tokStream, java.io.InputStream msgStream, org.ietf.jgss.MessageProp msgProp) throws org.ietf.jgss.GSSException
verifyMIC
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public void setChannelBinding(org.ietf.jgss.ChannelBinding cb) throws org.ietf.jgss.GSSException
setChannelBinding
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public boolean isTransferable() throws org.ietf.jgss.GSSException
isTransferable
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException
public byte[] export() throws org.ietf.jgss.GSSException
export
in interface org.ietf.jgss.GSSContext
org.ietf.jgss.GSSException